dependabot-common 0.271.0 → 0.273.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 91359b653469a0560b360dea6e500c5f345856efeea5cc9b37efe6ff7a05c03e
4
- data.tar.gz: 3118159e7377979e45fb1d8da10a0b1b6892264ed84a1ba635d0fbaf98876bf4
3
+ metadata.gz: be0c28765d665424088cb737d933cf376c29d931e1d642f96562d362c406fcf0
4
+ data.tar.gz: de8f912ee099ed27b8d14811f7fb67f9b83119dc7db2483645947b2cd12b380d
5
5
  SHA512:
6
- metadata.gz: ec357ae2737555fe8a0558e7bb286fdc1b86f8cfec0a2f194ab7a36b9956f3ecbddcb3daa67e0e09756d5faca7c7e668c2de565b1e1bd6120c9c0fb294f6e900
7
- data.tar.gz: e6bcbed76ade501a2a17d3b800edb21827fedfc6351d952590e14f51ac7a1b83c84cc999ee715775d0fc7ff311ae3753b60680a9d1d7778ebfa86cded143d5fb
6
+ metadata.gz: e45c119606e121da9f919de9e40ff1ae63e22ad0167308bcb1e74b626296607fa8d05634ccb7ac922943d547c0f99820fab5c89fe105580146b5dc2224fbd97a
7
+ data.tar.gz: 2bc6a5d526316d9d81cbfb0e03d06699a28e03757ff36f07a46d870a1e55a89794ffd834f3c1c8e21c7ccf737ed325bc1af111a2e22234641c54e1bb9d8cd56b
@@ -226,6 +226,11 @@ module Dependabot
226
226
  "error-message": error.message
227
227
  }
228
228
  }
229
+ when Dependabot::OutOfDisk
230
+ {
231
+ "error-type": "out_of_disk",
232
+ "error-detail": {}
233
+ }
229
234
  when Dependabot::GoModulePathMismatch
230
235
  {
231
236
  "error-type": "go_module_path_mismatch",
@@ -235,6 +240,11 @@ module Dependabot
235
240
  "go-mod": error.go_mod
236
241
  }
237
242
  }
243
+ when BadRequirementError
244
+ {
245
+ "error-type": "illformed_requirement",
246
+ "error-detail": { message: error.message }
247
+ }
238
248
  when
239
249
  IncompatibleCPU,
240
250
  NetworkUnsafeHTTP
@@ -508,6 +518,8 @@ module Dependabot
508
518
 
509
519
  class DependencyFileNotResolvable < DependabotError; end
510
520
 
521
+ class BadRequirementError < Gem::Requirement::BadRequirementError; end
522
+
511
523
  #######################
512
524
  # Source level errors #
513
525
  #######################
@@ -3,6 +3,7 @@
3
3
 
4
4
  require "sorbet-runtime"
5
5
  require "dependabot/credential"
6
+ require "dependabot/package_manager"
6
7
 
7
8
  module Dependabot
8
9
  module FileParsers
@@ -53,6 +54,11 @@ module Dependabot
53
54
  sig { abstract.returns(T::Array[Dependabot::Dependency]) }
54
55
  def parse; end
55
56
 
57
+ sig { returns(T.nilable(PackageManagerBase)) }
58
+ def package_manager
59
+ nil
60
+ end
61
+
56
62
  private
57
63
 
58
64
  sig { abstract.void }
@@ -28,8 +28,8 @@ module Dependabot
28
28
  sig { returns(T::Hash[Symbol, T.untyped]) }
29
29
  attr_reader :options
30
30
 
31
- sig { overridable.params(allowlist_enabled: T::Boolean).returns(T::Array[Regexp]) }
32
- def self.updated_files_regex(allowlist_enabled = false)
31
+ sig { overridable.returns(T::Array[Regexp]) }
32
+ def self.updated_files_regex
33
33
  raise NotImplementedError
34
34
  end
35
35
 
@@ -0,0 +1,210 @@
1
+ # typed: strong
2
+ # frozen_string_literal: true
3
+
4
+ require "sorbet-runtime"
5
+ require "dependabot/package_manager"
6
+
7
+ module Dependabot
8
+ class Notice
9
+ module NoticeMode
10
+ INFO = "INFO"
11
+ WARN = "WARN"
12
+ ERROR = "ERROR"
13
+ end
14
+
15
+ extend T::Sig
16
+
17
+ sig { returns(String) }
18
+ attr_reader :mode, :type, :package_manager_name, :title, :description
19
+
20
+ sig { returns(T::Boolean) }
21
+ attr_reader :show_in_pr, :show_alert
22
+
23
+ # Initializes a new Notice object.
24
+ # @param mode [String] The mode of the notice (e.g., "WARN", "ERROR").
25
+ # @param type [String] The type of the notice (e.g., "bundler_deprecated_warn").
26
+ # @param package_manager_name [String] The name of the package manager (e.g., "bundler").
27
+ # @param title [String] The title of the notice.
28
+ # @param description [String] The main description of the notice.
29
+ # @param show_in_pr [Boolean] Whether the notice should be shown in a pull request.
30
+ # @param show_alert [Boolean] Whether the notice should be shown in alerts.
31
+ sig do
32
+ params(
33
+ mode: String,
34
+ type: String,
35
+ package_manager_name: String,
36
+ title: String,
37
+ description: String,
38
+ show_in_pr: T::Boolean,
39
+ show_alert: T::Boolean
40
+ ).void
41
+ end
42
+ def initialize(
43
+ mode:, type:, package_manager_name:,
44
+ title: "", description: "",
45
+ show_in_pr: false, show_alert: false
46
+ )
47
+ @mode = mode
48
+ @type = type
49
+ @package_manager_name = package_manager_name
50
+ @title = title
51
+ @description = description
52
+ @show_in_pr = show_in_pr
53
+ @show_alert = show_alert
54
+ end
55
+
56
+ # Converts the Notice object to a hash.
57
+ # @return [Hash] The hash representation of the notice.
58
+ sig { returns(T::Hash[Symbol, T.untyped]) }
59
+ def to_hash
60
+ {
61
+ mode: @mode,
62
+ type: @type,
63
+ package_manager_name: @package_manager_name,
64
+ title: @title,
65
+ description: @description,
66
+ show_in_pr: @show_in_pr,
67
+ show_alert: @show_alert
68
+ }
69
+ end
70
+
71
+ # Generates a description for supported versions.
72
+ # @param supported_versions [Array<Dependabot::Version>, nil] The supported versions of the package manager.
73
+ # @param support_later_versions [Boolean] Whether later versions are supported.
74
+ # @return [String, nil] The generated description or nil if no supported versions are provided.
75
+ sig do
76
+ params(
77
+ supported_versions: T.nilable(T::Array[Dependabot::Version]),
78
+ support_later_versions: T::Boolean
79
+ ).returns(String)
80
+ end
81
+ def self.generate_supported_versions_description(supported_versions, support_later_versions)
82
+ return "Please upgrade your package manager version" unless supported_versions&.any?
83
+
84
+ versions_string = supported_versions.map { |version| "`v#{version}`" }
85
+
86
+ versions_string[-1] = "or #{versions_string[-1]}" if versions_string.count > 1 && !support_later_versions
87
+
88
+ versions_string = versions_string.join(", ")
89
+
90
+ later_description = support_later_versions ? ", or later" : ""
91
+
92
+ return "Please upgrade to version #{versions_string}#{later_description}." if supported_versions.count == 1
93
+
94
+ "Please upgrade to one of the following versions: #{versions_string}#{later_description}."
95
+ end
96
+
97
+ # Generates a support notice for the given package manager.
98
+ # @param package_manager [PackageManagerBase] The package manager object.
99
+ # @return [Notice, nil] The generated notice or nil if no notice is applicable.
100
+ sig do
101
+ params(
102
+ package_manager: PackageManagerBase
103
+ ).returns(T.nilable(Notice))
104
+ end
105
+ def self.generate_support_notice(package_manager)
106
+ deprecation_notice = generate_pm_deprecation_notice(package_manager)
107
+
108
+ return deprecation_notice if deprecation_notice
109
+
110
+ generate_pm_unsupported_notice(package_manager)
111
+ end
112
+
113
+ # Generates a deprecation notice for the given package manager.
114
+ # @param package_manager [PackageManagerBase] The package manager object.
115
+ # @return [Notice, nil] The generated deprecation notice or nil if the package manager is not deprecated.
116
+ sig do
117
+ params(
118
+ package_manager: PackageManagerBase
119
+ ).returns(T.nilable(Notice))
120
+ end
121
+ def self.generate_pm_deprecation_notice(package_manager)
122
+ return nil unless package_manager.deprecated?
123
+
124
+ mode = NoticeMode::WARN
125
+ supported_versions_description = generate_supported_versions_description(
126
+ package_manager.supported_versions,
127
+ package_manager.support_later_versions?
128
+ )
129
+ notice_type = "#{package_manager.name}_deprecated_warn"
130
+ title = "Package manager deprecation notice"
131
+ description = "Dependabot will stop supporting `#{package_manager.name} v#{package_manager.version}`!"
132
+
133
+ ## Add the supported versions to the description
134
+ description += "\n\n#{supported_versions_description}\n" unless supported_versions_description.empty?
135
+
136
+ Notice.new(
137
+ mode: mode,
138
+ type: notice_type,
139
+ package_manager_name: package_manager.name,
140
+ title: title,
141
+ description: description,
142
+ show_in_pr: true,
143
+ show_alert: true
144
+ )
145
+ end
146
+
147
+ # Generates an unsupported notice for the given package manager.
148
+ # @param package_manager [PackageManagerBase] The package manager object.
149
+ # @return [Notice, nil] The generated unsupported notice or nil if the package manager is not unsupported.
150
+ sig do
151
+ params(
152
+ package_manager: PackageManagerBase
153
+ ).returns(T.nilable(Notice))
154
+ end
155
+ def self.generate_pm_unsupported_notice(package_manager)
156
+ return nil unless package_manager.unsupported?
157
+
158
+ mode = NoticeMode::ERROR
159
+ supported_versions_description = generate_supported_versions_description(
160
+ package_manager.supported_versions,
161
+ package_manager.support_later_versions?
162
+ )
163
+ notice_type = "#{package_manager.name}_unsupported_error"
164
+ title = "Package manager unsupported notice"
165
+ description = "Dependabot no longer supports `#{package_manager.name} v#{package_manager.version}`!"
166
+
167
+ ## Add the supported versions to the description
168
+ description += "\n\n#{supported_versions_description}\n" unless supported_versions_description.empty?
169
+
170
+ Notice.new(
171
+ mode: mode,
172
+ type: notice_type,
173
+ package_manager_name: package_manager.name,
174
+ title: title,
175
+ description: description,
176
+ show_in_pr: true,
177
+ show_alert: true
178
+ )
179
+ end
180
+
181
+ sig { params(notice: Notice).returns(T.nilable(String)) }
182
+ def self.markdown_from_description(notice)
183
+ description = notice.description
184
+
185
+ return if description.empty?
186
+
187
+ markdown = "> [!#{markdown_mode(notice.mode)}]\n"
188
+ # Log each non-empty line of the deprecation notice description
189
+ description.each_line do |line|
190
+ line = line.strip
191
+ markdown += "> #{line}\n"
192
+ end
193
+ markdown
194
+ end
195
+
196
+ sig { params(mode: String).returns(String) }
197
+ def self.markdown_mode(mode)
198
+ case mode
199
+ when NoticeMode::INFO
200
+ "INFO"
201
+ when NoticeMode::WARN
202
+ "WARNING"
203
+ when NoticeMode::ERROR
204
+ "IMPORTANT"
205
+ else
206
+ "INFO"
207
+ end
208
+ end
209
+ end
210
+ end
@@ -0,0 +1,84 @@
1
+ # typed: strong
2
+ # frozen_string_literal: true
3
+
4
+ require "sorbet-runtime"
5
+
6
+ module Dependabot
7
+ class PackageManagerBase
8
+ extend T::Sig
9
+ extend T::Helpers
10
+
11
+ abstract!
12
+
13
+ # The name of the package manager (e.g., "bundler").
14
+ # @example
15
+ # package_manager.name #=> "bundler"
16
+ sig { abstract.returns(String) }
17
+ def name; end
18
+
19
+ # The version of the package manager (e.g., Dependabot::Version.new("2.1.4")).
20
+ # @example
21
+ # package_manager.version #=> Dependabot::Version.new("2.1.4")
22
+ sig { abstract.returns(Dependabot::Version) }
23
+ def version; end
24
+
25
+ # Returns an array of deprecated versions of the package manager.
26
+ # By default, returns an empty array if not overridden in the subclass.
27
+ # @example
28
+ # package_manager.deprecated_versions #=> [Dependabot::Version.new("1.0.0"), Dependabot::Version.new("1.1.0")]
29
+ sig { returns(T::Array[Dependabot::Version]) }
30
+ def deprecated_versions
31
+ []
32
+ end
33
+
34
+ # Returns an array of unsupported versions of the package manager.
35
+ # By default, returns an empty array if not overridden in the subclass.
36
+ # @example
37
+ # package_manager.unsupported_versions #=> [Dependabot::Version.new("0.9.0")]
38
+ sig { returns(T::Array[Dependabot::Version]) }
39
+ def unsupported_versions
40
+ []
41
+ end
42
+
43
+ # Returns an array of supported versions of the package manager.
44
+ # By default, returns an empty array if not overridden in the subclass.
45
+ # @example
46
+ # package_manager.supported_versions #=> [Dependabot::Version.new("2.0.0"), Dependabot::Version.new("2.1.0")]
47
+ sig { returns(T::Array[Dependabot::Version]) }
48
+ def supported_versions
49
+ []
50
+ end
51
+
52
+ # Checks if the current version is deprecated.
53
+ # Returns true if the version is in the deprecated_versions array; false otherwise.
54
+ # @example
55
+ # package_manager.deprecated? #=> true
56
+ sig { returns(T::Boolean) }
57
+ def deprecated?
58
+ deprecated_versions.include?(version)
59
+ end
60
+
61
+ # Checks if the current version is unsupported.
62
+ # Returns true if the version is in the unsupported_versions array; false otherwise.
63
+ # @example
64
+ # package_manager.unsupported? #=> false
65
+ sig { returns(T::Boolean) }
66
+ def unsupported?
67
+ return true if unsupported_versions.include?(version)
68
+
69
+ supported_versions = self.supported_versions
70
+ return version < supported_versions.first if supported_versions.any?
71
+
72
+ false
73
+ end
74
+
75
+ # Indicates if the package manager supports later versions beyond those listed in supported_versions.
76
+ # By default, returns false if not overridden in the subclass.
77
+ # @example
78
+ # package_manager.support_later_versions? #=> true
79
+ sig { returns(T::Boolean) }
80
+ def support_later_versions?
81
+ false
82
+ end
83
+ end
84
+ end
@@ -12,6 +12,7 @@ require "dependabot/logger"
12
12
  require "dependabot/metadata_finders"
13
13
  require "dependabot/pull_request_creator"
14
14
  require "dependabot/pull_request_creator/message"
15
+ require "dependabot/notices"
15
16
 
16
17
  # rubocop:disable Metrics/ClassLength
17
18
  module Dependabot
@@ -64,6 +65,9 @@ module Dependabot
64
65
  sig { returns(T::Array[T::Hash[String, String]]) }
65
66
  attr_reader :ignore_conditions
66
67
 
68
+ sig { returns(T.nilable(T::Array[Dependabot::Notice])) }
69
+ attr_reader :notices
70
+
67
71
  TRUNCATED_MSG = "...\n\n_Description has been truncated_"
68
72
 
69
73
  sig do
@@ -80,7 +84,8 @@ module Dependabot
80
84
  dependency_group: T.nilable(Dependabot::DependencyGroup),
81
85
  pr_message_max_length: T.nilable(Integer),
82
86
  pr_message_encoding: T.nilable(Encoding),
83
- ignore_conditions: T::Array[T::Hash[String, String]]
87
+ ignore_conditions: T::Array[T::Hash[String, String]],
88
+ notices: T.nilable(T::Array[Dependabot::Notice])
84
89
  )
85
90
  .void
86
91
  end
@@ -88,7 +93,8 @@ module Dependabot
88
93
  pr_message_header: nil, pr_message_footer: nil,
89
94
  commit_message_options: {}, vulnerabilities_fixed: {},
90
95
  github_redirection_service: DEFAULT_GITHUB_REDIRECTION_SERVICE,
91
- dependency_group: nil, pr_message_max_length: nil, pr_message_encoding: nil, ignore_conditions: [])
96
+ dependency_group: nil, pr_message_max_length: nil, pr_message_encoding: nil,
97
+ ignore_conditions: [], notices: nil)
92
98
  @dependencies = dependencies
93
99
  @files = files
94
100
  @source = source
@@ -102,6 +108,7 @@ module Dependabot
102
108
  @pr_message_max_length = pr_message_max_length
103
109
  @pr_message_encoding = pr_message_encoding
104
110
  @ignore_conditions = ignore_conditions
111
+ @notices = notices
105
112
  end
106
113
 
107
114
  sig { params(pr_message_max_length: Integer).returns(Integer) }
@@ -119,7 +126,8 @@ module Dependabot
119
126
 
120
127
  sig { returns(String) }
121
128
  def pr_message
122
- msg = "#{suffixed_pr_message_header}" \
129
+ msg = "#{pr_notices}" \
130
+ "#{suffixed_pr_message_header}" \
123
131
  "#{commit_message_intro}" \
124
132
  "#{metadata_cascades}" \
125
133
  "#{ignore_conditions_table}" \
@@ -131,6 +139,17 @@ module Dependabot
131
139
  suffixed_pr_message_header + prefixed_pr_message_footer
132
140
  end
133
141
 
142
+ sig { returns(T.nilable(String)) }
143
+ def pr_notices
144
+ notices = @notices || []
145
+ unique_messages = notices.filter_map do |notice|
146
+ Dependabot::Notice.markdown_from_description(notice) if notice.show_in_pr
147
+ end.uniq
148
+
149
+ message = unique_messages.join("\n\n")
150
+ message.empty? ? nil : message
151
+ end
152
+
134
153
  # Truncate PR message as determined by the pr_message_max_length and pr_message_encoding instance variables
135
154
  # The encoding is used when calculating length, all messages are returned as ruby UTF_8 encoded string
136
155
  sig { params(msg: String).returns(String) }
@@ -316,6 +335,8 @@ module Dependabot
316
335
  def suffixed_pr_message_header
317
336
  return "" unless pr_message_header
318
337
 
338
+ return "#{pr_message_header}\n\n" if notices
339
+
319
340
  "#{pr_message_header}\n\n"
320
341
  end
321
342
 
@@ -0,0 +1,131 @@
1
+ # typed: strong
2
+ # frozen_string_literal: true
3
+
4
+ require "sorbet-runtime"
5
+
6
+ # See https://semver.org/spec/v2.0.0.html for semver 2 details
7
+ #
8
+ module Dependabot
9
+ class SemVersion2
10
+ extend T::Sig
11
+ extend T::Helpers
12
+ include Comparable
13
+
14
+ SEMVER2_REGEX = /^
15
+ (0|[1-9]\d*)\. # major
16
+ (0|[1-9]\d*)\. # minor
17
+ (0|[1-9]\d*) # patch
18
+ (?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))? # pre release
19
+ (?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))? # build metadata
20
+ $/x
21
+
22
+ sig { returns(String) }
23
+ attr_accessor :major
24
+
25
+ sig { returns(String) }
26
+ attr_accessor :minor
27
+
28
+ sig { returns(String) }
29
+ attr_accessor :patch
30
+
31
+ sig { returns(T.nilable(String)) }
32
+ attr_accessor :build
33
+
34
+ sig { returns(T.nilable(String)) }
35
+ attr_accessor :prerelease
36
+
37
+ sig { params(version: String).void }
38
+ def initialize(version)
39
+ tokens = parse(version)
40
+ @major = T.let(T.must(tokens[:major]), String)
41
+ @minor = T.let(T.must(tokens[:minor]), String)
42
+ @patch = T.let(T.must(tokens[:patch]), String)
43
+ @build = T.let(tokens[:build], T.nilable(String))
44
+ @prerelease = T.let(tokens[:prerelease], T.nilable(String))
45
+ end
46
+
47
+ sig { returns(T::Boolean) }
48
+ def prerelease?
49
+ !!prerelease
50
+ end
51
+
52
+ sig { returns(String) }
53
+ def to_s
54
+ value = [major, minor, patch].join(".")
55
+ value += "-#{prerelease}" if prerelease
56
+ value += "+#{build}" if build
57
+ value
58
+ end
59
+
60
+ sig { returns(String) }
61
+ def inspect
62
+ "#<#{self.class} #{self}>"
63
+ end
64
+
65
+ sig { params(other: ::Dependabot::SemVersion2).returns(T::Boolean) }
66
+ def eql?(other)
67
+ other.is_a?(self.class) && to_s == other.to_s
68
+ end
69
+
70
+ sig { params(other: ::Dependabot::SemVersion2).returns(Integer) }
71
+ def <=>(other)
72
+ result = major.to_i <=> other.major.to_i
73
+ return result unless result.zero?
74
+
75
+ result = minor.to_i <=> other.minor.to_i
76
+ return result unless result.zero?
77
+
78
+ result = patch.to_i <=> other.patch.to_i
79
+ return result unless result.zero?
80
+
81
+ compare_prereleases(prerelease, other.prerelease)
82
+ end
83
+
84
+ sig { params(version: T.nilable(String)).returns(T::Boolean) }
85
+ def self.correct?(version)
86
+ return false if version.nil?
87
+
88
+ version.match?(SEMVER2_REGEX)
89
+ end
90
+
91
+ private
92
+
93
+ sig { params(version: String).returns(T::Hash[Symbol, T.nilable(String)]) }
94
+ def parse(version)
95
+ match = version.match(SEMVER2_REGEX)
96
+ raise ArgumentError, "Malformed version number string #{version}" unless match
97
+
98
+ major, minor, patch, prerelease, build = match.captures
99
+
100
+ { major: major, minor: minor, patch: patch, prerelease: prerelease, build: build }
101
+ end
102
+
103
+ sig { params(prerelease1: T.nilable(String), prerelease2: T.nilable(String)).returns(Integer) }
104
+ def compare_prereleases(prerelease1, prerelease2) # rubocop:disable Metrics/PerceivedComplexity
105
+ return 0 if prerelease1.nil? && prerelease2.nil?
106
+ return -1 if prerelease2.nil?
107
+ return 1 if prerelease1.nil?
108
+
109
+ prerelease1_tokens = prerelease1.split(".")
110
+ prerelease2_tokens = prerelease2.split(".")
111
+
112
+ prerelease1_tokens.zip(prerelease2_tokens) do |t1, t2|
113
+ return 1 if t2.nil? # t1 is more specific e.g. 1.0.0-rc1.1 vs 1.0.0-rc1
114
+
115
+ if t1 =~ /^\d+$/ && t2 =~ /^\d+$/
116
+ # t1 and t2 are both ints so compare them as such
117
+ a = t1.to_i
118
+ b = t2.to_i
119
+ compare = a <=> b
120
+ return compare unless compare.zero?
121
+ end
122
+
123
+ comp = t1 <=> t2
124
+ return T.must(comp) unless T.must(comp).zero?
125
+ end
126
+
127
+ # prereleases are equal or prerelease2 is more specific e.g. 1.0.0-rc1 vs 1.0.0-rc1.1
128
+ prerelease1_tokens.length == prerelease2_tokens.length ? 0 : -1
129
+ end
130
+ end
131
+ end
data/lib/dependabot.rb CHANGED
@@ -2,5 +2,5 @@
2
2
  # frozen_string_literal: true
3
3
 
4
4
  module Dependabot
5
- VERSION = "0.271.0"
5
+ VERSION = "0.273.0"
6
6
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.271.0
4
+ version: 0.273.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-08-15 00:00:00.000000000 Z
11
+ date: 2024-08-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-codecommit
@@ -551,6 +551,8 @@ files:
551
551
  - lib/dependabot/metadata_finders/base/changelog_pruner.rb
552
552
  - lib/dependabot/metadata_finders/base/commits_finder.rb
553
553
  - lib/dependabot/metadata_finders/base/release_finder.rb
554
+ - lib/dependabot/notices.rb
555
+ - lib/dependabot/package_manager.rb
554
556
  - lib/dependabot/pull_request_creator.rb
555
557
  - lib/dependabot/pull_request_creator/azure.rb
556
558
  - lib/dependabot/pull_request_creator/bitbucket.rb
@@ -578,6 +580,7 @@ files:
578
580
  - lib/dependabot/requirements_update_strategy.rb
579
581
  - lib/dependabot/requirements_updater/base.rb
580
582
  - lib/dependabot/security_advisory.rb
583
+ - lib/dependabot/sem_version2.rb
581
584
  - lib/dependabot/shared_helpers.rb
582
585
  - lib/dependabot/simple_instrumentor.rb
583
586
  - lib/dependabot/source.rb
@@ -597,7 +600,7 @@ licenses:
597
600
  - MIT
598
601
  metadata:
599
602
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
600
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.271.0
603
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.273.0
601
604
  post_install_message:
602
605
  rdoc_options: []
603
606
  require_paths: