dependabot-common 0.270.0 → 0.272.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 8336bf850c0c749141b14ff8f2bb993879de06c84a14818653933bd4b4262f4b
4
- data.tar.gz: 2b6990991baa15d9c4a6b5054042d9e0b2923cf8462cdecaf5a5481db70912cb
3
+ metadata.gz: 317e2fbaa5340fe4a995a419da5ace365912a1a47de42ebc79adf23cc704b98c
4
+ data.tar.gz: 214d238bc3b6de57972e5676aac6e6b837187fb6fee5c050d673257ed751ef9c
5
5
  SHA512:
6
- metadata.gz: a723881c0963e1b4e828470fea6222cf02bbcdb09911ccefa14db7034edf37e5b8b294ef913f176f75046baa32b1817a492c5bee0a0a813c570bd918c78ab26f
7
- data.tar.gz: 1780bdea6b0a6a4d668289321940eed913ece2e0534b9c167a251f840b337ec8790668a375fbbeaadb259736c67ae2a9d98cb35cd6580369d1cf6ebe741efae8
6
+ metadata.gz: 64b49b8b1dec8d348b62090c5d67b5793f1ded64126b493fbc848aea8075ccaaa2c852cf14702bfd3bcea4c26b79a0e99cfe54f9d0a7f326af8a97aa2f53bd34
7
+ data.tar.gz: e1020c4794c5ca79434d4c488d20f565fbc6b0694f03def3e948700803aa46fa6ecfa19bdf740b83b68764bd9624c46496e51fe8dddecebeda6b1d6afe9370ad
@@ -226,6 +226,11 @@ module Dependabot
226
226
  "error-message": error.message
227
227
  }
228
228
  }
229
+ when Dependabot::OutOfDisk
230
+ {
231
+ "error-type": "out_of_disk",
232
+ "error-detail": {}
233
+ }
229
234
  when Dependabot::GoModulePathMismatch
230
235
  {
231
236
  "error-type": "go_module_path_mismatch",
@@ -235,6 +240,11 @@ module Dependabot
235
240
  "go-mod": error.go_mod
236
241
  }
237
242
  }
243
+ when BadRequirementError
244
+ {
245
+ "error-type": "illformed_requirement",
246
+ "error-detail": { message: error.message }
247
+ }
238
248
  when
239
249
  IncompatibleCPU,
240
250
  NetworkUnsafeHTTP
@@ -508,6 +518,8 @@ module Dependabot
508
518
 
509
519
  class DependencyFileNotResolvable < DependabotError; end
510
520
 
521
+ class BadRequirementError < Gem::Requirement::BadRequirementError; end
522
+
511
523
  #######################
512
524
  # Source level errors #
513
525
  #######################
@@ -3,6 +3,7 @@
3
3
 
4
4
  require "sorbet-runtime"
5
5
  require "dependabot/credential"
6
+ require "dependabot/package_manager"
6
7
 
7
8
  module Dependabot
8
9
  module FileParsers
@@ -53,6 +54,11 @@ module Dependabot
53
54
  sig { abstract.returns(T::Array[Dependabot::Dependency]) }
54
55
  def parse; end
55
56
 
57
+ sig { returns(T.nilable(PackageManagerBase)) }
58
+ def package_manager
59
+ nil
60
+ end
61
+
56
62
  private
57
63
 
58
64
  sig { abstract.void }
@@ -28,8 +28,8 @@ module Dependabot
28
28
  sig { returns(T::Hash[Symbol, T.untyped]) }
29
29
  attr_reader :options
30
30
 
31
- sig { overridable.params(allowlist_enabled: T::Boolean).returns(T::Array[Regexp]) }
32
- def self.updated_files_regex(allowlist_enabled = false)
31
+ sig { overridable.returns(T::Array[Regexp]) }
32
+ def self.updated_files_regex
33
33
  raise NotImplementedError
34
34
  end
35
35
 
@@ -0,0 +1,168 @@
1
+ # typed: strong
2
+ # frozen_string_literal: true
3
+
4
+ require "sorbet-runtime"
5
+ require "dependabot/package_manager"
6
+
7
+ module Dependabot
8
+ class Notice
9
+ extend T::Sig
10
+
11
+ sig { returns(String) }
12
+ attr_reader :mode, :type, :package_manager_name, :message, :markdown
13
+
14
+ # Initializes a new Notice object.
15
+ # @param mode [String] The mode of the notice (e.g., "WARN", "ERROR").
16
+ # @param type [String] The type of the notice (e.g., "bundler_deprecated_warn").
17
+ # @param package_manager_name [String] The name of the package manager (e.g., "bundler").
18
+ # @param message [String] The main message of the notice.
19
+ # @param markdown [String] The markdown formatted message.
20
+ sig do
21
+ params(
22
+ mode: String,
23
+ type: String,
24
+ package_manager_name: String,
25
+ message: String,
26
+ markdown: String
27
+ ).void
28
+ end
29
+ def initialize(mode:, type:, package_manager_name:, message: "", markdown: "")
30
+ @mode = mode
31
+ @type = type
32
+ @package_manager_name = package_manager_name
33
+ @message = message
34
+ @markdown = markdown
35
+ end
36
+
37
+ # Converts the Notice object to a hash.
38
+ # @return [Hash] The hash representation of the notice.
39
+ sig { returns(T::Hash[Symbol, T.untyped]) }
40
+ def to_hash
41
+ {
42
+ mode: @mode,
43
+ type: @type,
44
+ package_manager_name: @package_manager_name,
45
+ message: @message,
46
+ markdown: @markdown
47
+ }
48
+ end
49
+
50
+ # Generates a message for supported versions.
51
+ # @param supported_versions [Array<Dependabot::Version>, nil] The supported versions of the package manager.
52
+ # @param support_later_versions [Boolean] Whether later versions are supported.
53
+ # @return [String, nil] The generated message or nil if no supported versions are provided.
54
+ sig do
55
+ params(
56
+ supported_versions: T.nilable(T::Array[Dependabot::Version]),
57
+ support_later_versions: T::Boolean
58
+ ).returns(String)
59
+ end
60
+ def self.generate_supported_versions_message(supported_versions, support_later_versions)
61
+ return "" unless supported_versions&.any?
62
+
63
+ versions_string = supported_versions.map { |version| "`v#{version}`" }
64
+
65
+ versions_string[-1] = "or #{versions_string[-1]}" if versions_string.count > 1 && !support_later_versions
66
+
67
+ versions_string = versions_string.join(", ")
68
+
69
+ later_message = support_later_versions ? ", or later" : ""
70
+
71
+ return "Please upgrade to version #{versions_string}#{later_message}." if supported_versions.count == 1
72
+
73
+ "Please upgrade to one of the following versions: #{versions_string}#{later_message}."
74
+ end
75
+
76
+ # Generates a support notice for the given package manager.
77
+ # @param package_manager [PackageManagerBase] The package manager object.
78
+ # @return [Notice, nil] The generated notice or nil if no notice is applicable.
79
+ sig do
80
+ params(
81
+ package_manager: PackageManagerBase
82
+ ).returns(T.nilable(Notice))
83
+ end
84
+ def self.generate_support_notice(package_manager)
85
+ deprecation_notice = generate_pm_deprecation_notice(package_manager)
86
+
87
+ return deprecation_notice if deprecation_notice
88
+
89
+ generate_pm_unsupported_notice(package_manager)
90
+ end
91
+
92
+ # Generates a deprecation notice for the given package manager.
93
+ # @param package_manager [PackageManagerBase] The package manager object.
94
+ # @return [Notice, nil] The generated deprecation notice or nil if the package manager is not deprecated.
95
+ sig do
96
+ params(
97
+ package_manager: PackageManagerBase
98
+ ).returns(T.nilable(Notice))
99
+ end
100
+ def self.generate_pm_deprecation_notice(package_manager)
101
+ return nil unless package_manager.deprecated?
102
+
103
+ mode = "WARN"
104
+ supported_versions_message = generate_supported_versions_message(
105
+ package_manager.supported_versions,
106
+ package_manager.support_later_versions?
107
+ )
108
+ notice_type = "#{package_manager.name}_deprecated_#{mode.downcase}"
109
+ message = "Dependabot will stop supporting `#{package_manager.name} v#{package_manager.version}`!"
110
+ ## Create a warning markdown message
111
+ markdown = "> [!WARNING]\n"
112
+ ## Add the deprecation warning to the message
113
+ markdown += "> #{message}\n>\n"
114
+
115
+ ## Add the supported versions to the message
116
+ unless supported_versions_message.empty?
117
+ message += "\n#{supported_versions_message}\n"
118
+ markdown += "> #{supported_versions_message}\n>\n"
119
+ end
120
+
121
+ Notice.new(
122
+ mode: mode,
123
+ type: notice_type,
124
+ package_manager_name: package_manager.name,
125
+ message: message,
126
+ markdown: markdown
127
+ )
128
+ end
129
+
130
+ # Generates an unsupported notice for the given package manager.
131
+ # @param package_manager [PackageManagerBase] The package manager object.
132
+ # @return [Notice, nil] The generated unsupported notice or nil if the package manager is not unsupported.
133
+ sig do
134
+ params(
135
+ package_manager: PackageManagerBase
136
+ ).returns(T.nilable(Notice))
137
+ end
138
+ def self.generate_pm_unsupported_notice(package_manager)
139
+ return nil unless package_manager.unsupported?
140
+
141
+ mode = "ERROR"
142
+ supported_versions_message = generate_supported_versions_message(
143
+ package_manager.supported_versions,
144
+ package_manager.support_later_versions?
145
+ )
146
+ notice_type = "#{package_manager.name}_unsupported_#{mode.downcase}"
147
+ message = "Dependabot no longer supports `#{package_manager.name} v#{package_manager.version}`!"
148
+ ## Create an error markdown message
149
+ markdown = "> [!IMPORTANT]\n"
150
+ ## Add the error message to the message
151
+ markdown += "> #{message}\n>\n"
152
+
153
+ ## Add the supported versions to the message
154
+ unless supported_versions_message.empty?
155
+ message += "\n#{supported_versions_message}\n"
156
+ markdown += "> #{supported_versions_message}\n>\n"
157
+ end
158
+
159
+ Notice.new(
160
+ mode: mode,
161
+ type: notice_type,
162
+ package_manager_name: package_manager.name,
163
+ message: message,
164
+ markdown: markdown
165
+ )
166
+ end
167
+ end
168
+ end
@@ -0,0 +1,84 @@
1
+ # typed: strong
2
+ # frozen_string_literal: true
3
+
4
+ require "sorbet-runtime"
5
+
6
+ module Dependabot
7
+ class PackageManagerBase
8
+ extend T::Sig
9
+ extend T::Helpers
10
+
11
+ abstract!
12
+
13
+ # The name of the package manager (e.g., "bundler").
14
+ # @example
15
+ # package_manager.name #=> "bundler"
16
+ sig { abstract.returns(String) }
17
+ def name; end
18
+
19
+ # The version of the package manager (e.g., Dependabot::Version.new("2.1.4")).
20
+ # @example
21
+ # package_manager.version #=> Dependabot::Version.new("2.1.4")
22
+ sig { abstract.returns(Dependabot::Version) }
23
+ def version; end
24
+
25
+ # Returns an array of deprecated versions of the package manager.
26
+ # By default, returns an empty array if not overridden in the subclass.
27
+ # @example
28
+ # package_manager.deprecated_versions #=> [Dependabot::Version.new("1.0.0"), Dependabot::Version.new("1.1.0")]
29
+ sig { returns(T::Array[Dependabot::Version]) }
30
+ def deprecated_versions
31
+ []
32
+ end
33
+
34
+ # Returns an array of unsupported versions of the package manager.
35
+ # By default, returns an empty array if not overridden in the subclass.
36
+ # @example
37
+ # package_manager.unsupported_versions #=> [Dependabot::Version.new("0.9.0")]
38
+ sig { returns(T::Array[Dependabot::Version]) }
39
+ def unsupported_versions
40
+ []
41
+ end
42
+
43
+ # Returns an array of supported versions of the package manager.
44
+ # By default, returns an empty array if not overridden in the subclass.
45
+ # @example
46
+ # package_manager.supported_versions #=> [Dependabot::Version.new("2.0.0"), Dependabot::Version.new("2.1.0")]
47
+ sig { returns(T::Array[Dependabot::Version]) }
48
+ def supported_versions
49
+ []
50
+ end
51
+
52
+ # Checks if the current version is deprecated.
53
+ # Returns true if the version is in the deprecated_versions array; false otherwise.
54
+ # @example
55
+ # package_manager.deprecated? #=> true
56
+ sig { returns(T::Boolean) }
57
+ def deprecated?
58
+ deprecated_versions.include?(version)
59
+ end
60
+
61
+ # Checks if the current version is unsupported.
62
+ # Returns true if the version is in the unsupported_versions array; false otherwise.
63
+ # @example
64
+ # package_manager.unsupported? #=> false
65
+ sig { returns(T::Boolean) }
66
+ def unsupported?
67
+ return true if unsupported_versions.include?(version)
68
+
69
+ supported_versions = self.supported_versions
70
+ return version < supported_versions.first if supported_versions.any?
71
+
72
+ false
73
+ end
74
+
75
+ # Indicates if the package manager supports later versions beyond those listed in supported_versions.
76
+ # By default, returns false if not overridden in the subclass.
77
+ # @example
78
+ # package_manager.support_later_versions? #=> true
79
+ sig { returns(T::Boolean) }
80
+ def support_later_versions?
81
+ false
82
+ end
83
+ end
84
+ end
@@ -12,6 +12,7 @@ require "dependabot/logger"
12
12
  require "dependabot/metadata_finders"
13
13
  require "dependabot/pull_request_creator"
14
14
  require "dependabot/pull_request_creator/message"
15
+ require "dependabot/notices"
15
16
 
16
17
  # rubocop:disable Metrics/ClassLength
17
18
  module Dependabot
@@ -64,6 +65,9 @@ module Dependabot
64
65
  sig { returns(T::Array[T::Hash[String, String]]) }
65
66
  attr_reader :ignore_conditions
66
67
 
68
+ sig { returns(T.nilable(T::Array[Dependabot::Notice])) }
69
+ attr_reader :notices
70
+
67
71
  TRUNCATED_MSG = "...\n\n_Description has been truncated_"
68
72
 
69
73
  sig do
@@ -80,7 +84,8 @@ module Dependabot
80
84
  dependency_group: T.nilable(Dependabot::DependencyGroup),
81
85
  pr_message_max_length: T.nilable(Integer),
82
86
  pr_message_encoding: T.nilable(Encoding),
83
- ignore_conditions: T::Array[T::Hash[String, String]]
87
+ ignore_conditions: T::Array[T::Hash[String, String]],
88
+ notices: T.nilable(T::Array[Dependabot::Notice])
84
89
  )
85
90
  .void
86
91
  end
@@ -88,7 +93,8 @@ module Dependabot
88
93
  pr_message_header: nil, pr_message_footer: nil,
89
94
  commit_message_options: {}, vulnerabilities_fixed: {},
90
95
  github_redirection_service: DEFAULT_GITHUB_REDIRECTION_SERVICE,
91
- dependency_group: nil, pr_message_max_length: nil, pr_message_encoding: nil, ignore_conditions: [])
96
+ dependency_group: nil, pr_message_max_length: nil, pr_message_encoding: nil,
97
+ ignore_conditions: [], notices: nil)
92
98
  @dependencies = dependencies
93
99
  @files = files
94
100
  @source = source
@@ -102,6 +108,7 @@ module Dependabot
102
108
  @pr_message_max_length = pr_message_max_length
103
109
  @pr_message_encoding = pr_message_encoding
104
110
  @ignore_conditions = ignore_conditions
111
+ @notices = notices
105
112
  end
106
113
 
107
114
  sig { params(pr_message_max_length: Integer).returns(Integer) }
@@ -119,7 +126,8 @@ module Dependabot
119
126
 
120
127
  sig { returns(String) }
121
128
  def pr_message
122
- msg = "#{suffixed_pr_message_header}" \
129
+ msg = "#{pr_notices}" \
130
+ "#{suffixed_pr_message_header}" \
123
131
  "#{commit_message_intro}" \
124
132
  "#{metadata_cascades}" \
125
133
  "#{ignore_conditions_table}" \
@@ -131,6 +139,18 @@ module Dependabot
131
139
  suffixed_pr_message_header + prefixed_pr_message_footer
132
140
  end
133
141
 
142
+ sig { returns(T.nilable(String)) }
143
+ def pr_notices
144
+ notices = @notices || []
145
+ unique_messages = notices.filter_map do |notice|
146
+ markdown = notice.markdown if notice
147
+ markdown unless markdown.empty?
148
+ end.uniq
149
+
150
+ message = unique_messages.join("\n\n")
151
+ message.empty? ? nil : message
152
+ end
153
+
134
154
  # Truncate PR message as determined by the pr_message_max_length and pr_message_encoding instance variables
135
155
  # The encoding is used when calculating length, all messages are returned as ruby UTF_8 encoded string
136
156
  sig { params(msg: String).returns(String) }
@@ -316,6 +336,8 @@ module Dependabot
316
336
  def suffixed_pr_message_header
317
337
  return "" unless pr_message_header
318
338
 
339
+ return "#{pr_message_header}\n\n" if notices
340
+
319
341
  "#{pr_message_header}\n\n"
320
342
  end
321
343
 
@@ -0,0 +1,131 @@
1
+ # typed: strong
2
+ # frozen_string_literal: true
3
+
4
+ require "sorbet-runtime"
5
+
6
+ # See https://semver.org/spec/v2.0.0.html for semver 2 details
7
+ #
8
+ module Dependabot
9
+ class SemVersion2
10
+ extend T::Sig
11
+ extend T::Helpers
12
+ include Comparable
13
+
14
+ SEMVER2_REGEX = /^
15
+ (0|[1-9]\d*)\. # major
16
+ (0|[1-9]\d*)\. # minor
17
+ (0|[1-9]\d*) # patch
18
+ (?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))? # pre release
19
+ (?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))? # build metadata
20
+ $/x
21
+
22
+ sig { returns(String) }
23
+ attr_accessor :major
24
+
25
+ sig { returns(String) }
26
+ attr_accessor :minor
27
+
28
+ sig { returns(String) }
29
+ attr_accessor :patch
30
+
31
+ sig { returns(T.nilable(String)) }
32
+ attr_accessor :build
33
+
34
+ sig { returns(T.nilable(String)) }
35
+ attr_accessor :prerelease
36
+
37
+ sig { params(version: String).void }
38
+ def initialize(version)
39
+ tokens = parse(version)
40
+ @major = T.let(T.must(tokens[:major]), String)
41
+ @minor = T.let(T.must(tokens[:minor]), String)
42
+ @patch = T.let(T.must(tokens[:patch]), String)
43
+ @build = T.let(tokens[:build], T.nilable(String))
44
+ @prerelease = T.let(tokens[:prerelease], T.nilable(String))
45
+ end
46
+
47
+ sig { returns(T::Boolean) }
48
+ def prerelease?
49
+ !!prerelease
50
+ end
51
+
52
+ sig { returns(String) }
53
+ def to_s
54
+ value = [major, minor, patch].join(".")
55
+ value += "-#{prerelease}" if prerelease
56
+ value += "+#{build}" if build
57
+ value
58
+ end
59
+
60
+ sig { returns(String) }
61
+ def inspect
62
+ "#<#{self.class} #{self}>"
63
+ end
64
+
65
+ sig { params(other: ::Dependabot::SemVersion2).returns(T::Boolean) }
66
+ def eql?(other)
67
+ other.is_a?(self.class) && to_s == other.to_s
68
+ end
69
+
70
+ sig { params(other: ::Dependabot::SemVersion2).returns(Integer) }
71
+ def <=>(other)
72
+ result = major.to_i <=> other.major.to_i
73
+ return result unless result.zero?
74
+
75
+ result = minor.to_i <=> other.minor.to_i
76
+ return result unless result.zero?
77
+
78
+ result = patch.to_i <=> other.patch.to_i
79
+ return result unless result.zero?
80
+
81
+ compare_prereleases(prerelease, other.prerelease)
82
+ end
83
+
84
+ sig { params(version: T.nilable(String)).returns(T::Boolean) }
85
+ def self.correct?(version)
86
+ return false if version.nil?
87
+
88
+ version.match?(SEMVER2_REGEX)
89
+ end
90
+
91
+ private
92
+
93
+ sig { params(version: String).returns(T::Hash[Symbol, T.nilable(String)]) }
94
+ def parse(version)
95
+ match = version.match(SEMVER2_REGEX)
96
+ raise ArgumentError, "Malformed version number string #{version}" unless match
97
+
98
+ major, minor, patch, prerelease, build = match.captures
99
+
100
+ { major: major, minor: minor, patch: patch, prerelease: prerelease, build: build }
101
+ end
102
+
103
+ sig { params(prerelease1: T.nilable(String), prerelease2: T.nilable(String)).returns(Integer) }
104
+ def compare_prereleases(prerelease1, prerelease2) # rubocop:disable Metrics/PerceivedComplexity
105
+ return 0 if prerelease1.nil? && prerelease2.nil?
106
+ return -1 if prerelease2.nil?
107
+ return 1 if prerelease1.nil?
108
+
109
+ prerelease1_tokens = prerelease1.split(".")
110
+ prerelease2_tokens = prerelease2.split(".")
111
+
112
+ prerelease1_tokens.zip(prerelease2_tokens) do |t1, t2|
113
+ return 1 if t2.nil? # t1 is more specific e.g. 1.0.0-rc1.1 vs 1.0.0-rc1
114
+
115
+ if t1 =~ /^\d+$/ && t2 =~ /^\d+$/
116
+ # t1 and t2 are both ints so compare them as such
117
+ a = t1.to_i
118
+ b = t2.to_i
119
+ compare = a <=> b
120
+ return compare unless compare.zero?
121
+ end
122
+
123
+ comp = t1 <=> t2
124
+ return T.must(comp) unless T.must(comp).zero?
125
+ end
126
+
127
+ # prereleases are equal or prerelease2 is more specific e.g. 1.0.0-rc1 vs 1.0.0-rc1.1
128
+ prerelease1_tokens.length == prerelease2_tokens.length ? 0 : -1
129
+ end
130
+ end
131
+ end
data/lib/dependabot.rb CHANGED
@@ -2,5 +2,5 @@
2
2
  # frozen_string_literal: true
3
3
 
4
4
  module Dependabot
5
- VERSION = "0.270.0"
5
+ VERSION = "0.272.0"
6
6
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.270.0
4
+ version: 0.272.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-08-15 00:00:00.000000000 Z
11
+ date: 2024-08-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-codecommit
@@ -551,6 +551,8 @@ files:
551
551
  - lib/dependabot/metadata_finders/base/changelog_pruner.rb
552
552
  - lib/dependabot/metadata_finders/base/commits_finder.rb
553
553
  - lib/dependabot/metadata_finders/base/release_finder.rb
554
+ - lib/dependabot/notices.rb
555
+ - lib/dependabot/package_manager.rb
554
556
  - lib/dependabot/pull_request_creator.rb
555
557
  - lib/dependabot/pull_request_creator/azure.rb
556
558
  - lib/dependabot/pull_request_creator/bitbucket.rb
@@ -578,6 +580,7 @@ files:
578
580
  - lib/dependabot/requirements_update_strategy.rb
579
581
  - lib/dependabot/requirements_updater/base.rb
580
582
  - lib/dependabot/security_advisory.rb
583
+ - lib/dependabot/sem_version2.rb
581
584
  - lib/dependabot/shared_helpers.rb
582
585
  - lib/dependabot/simple_instrumentor.rb
583
586
  - lib/dependabot/source.rb
@@ -597,7 +600,7 @@ licenses:
597
600
  - MIT
598
601
  metadata:
599
602
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
600
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.270.0
603
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.272.0
601
604
  post_install_message:
602
605
  rdoc_options: []
603
606
  require_paths: