dependabot-common 0.299.1 → 0.301.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/dependency_file.rb +11 -8
- data/lib/dependabot/package/package_latest_version_finder.rb +70 -2
- data/lib/dependabot/package/release_cooldown_options.rb +61 -0
- data/lib/dependabot/shared_helpers.rb +13 -7
- data/lib/dependabot/update_checkers/base.rb +7 -1
- data/lib/dependabot/version.rb +13 -0
- data/lib/dependabot.rb +1 -1
- metadata +4 -9
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6e5ad8afb5c78de76b83fc7c242fbbe9a473c9648b71324b54d47aeb31e3a701
|
|
4
|
+
data.tar.gz: f608054fbeca4427bbe80ce83d71f8b30ec2e411704a9b465c21f82d0eb09529
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 45eebb6b045a77cb8c34a707e726de39193fc63b8f6f5d056717417b44fbdd308f319c610fc9675c745d856bb7797c5125863d9c88877a78785dd7964865262d
|
|
7
|
+
data.tar.gz: 7a04d8d2038ec11faaa0e3353b20e01b0d47cff8fbf8d7688a4540b08fc7904f113ffd55e0e3d4ea7eb36b69110902bd558d9e0d66a0897f97efafe81a30cce2
|
|
@@ -52,10 +52,17 @@ module Dependabot
|
|
|
52
52
|
end
|
|
53
53
|
|
|
54
54
|
class Mode
|
|
55
|
+
EXECUTABLE = "100755"
|
|
55
56
|
FILE = "100644"
|
|
57
|
+
TREE = "040000"
|
|
56
58
|
SUBMODULE = "160000"
|
|
59
|
+
SYMLINK = "120000"
|
|
57
60
|
end
|
|
58
61
|
|
|
62
|
+
# See https://github.com/git/git/blob/a36e024e989f4d35f35987a60e3af8022cac3420/object.h#L144-L153
|
|
63
|
+
VALID_MODES = T.let([Mode::FILE, Mode::EXECUTABLE, Mode::TREE, Mode::SUBMODULE, Mode::SYMLINK].freeze,
|
|
64
|
+
T::Array[String])
|
|
65
|
+
|
|
59
66
|
sig do
|
|
60
67
|
params(
|
|
61
68
|
name: String,
|
|
@@ -84,6 +91,8 @@ module Dependabot
|
|
|
84
91
|
@vendored_file = vendored_file
|
|
85
92
|
@content_encoding = content_encoding
|
|
86
93
|
@operation = operation
|
|
94
|
+
@mode = mode
|
|
95
|
+
raise ArgumentError, "Invalid Git mode: #{mode}" if mode && !VALID_MODES.include?(mode)
|
|
87
96
|
|
|
88
97
|
# Make deleted override the operation. Deleted is kept when operation
|
|
89
98
|
# was introduced to keep compatibility with downstream dependants.
|
|
@@ -96,12 +105,6 @@ module Dependabot
|
|
|
96
105
|
# support_file flag instead)
|
|
97
106
|
@type = type
|
|
98
107
|
|
|
99
|
-
begin
|
|
100
|
-
@mode = T.let(File.stat(realpath).mode.to_s(8), T.nilable(String))
|
|
101
|
-
rescue StandardError
|
|
102
|
-
@mode = mode
|
|
103
|
-
end
|
|
104
|
-
|
|
105
108
|
return unless (type == "symlink") ^ symlink_target
|
|
106
109
|
|
|
107
110
|
raise "Symlinks must specify a target!" unless symlink_target
|
|
@@ -118,9 +121,9 @@ module Dependabot
|
|
|
118
121
|
"support_file" => support_file,
|
|
119
122
|
"content_encoding" => content_encoding,
|
|
120
123
|
"deleted" => deleted,
|
|
121
|
-
"operation" => operation
|
|
122
|
-
"mode" => mode
|
|
124
|
+
"operation" => operation
|
|
123
125
|
}
|
|
126
|
+
details["mode"] = mode if mode
|
|
124
127
|
|
|
125
128
|
details["symlink_target"] = symlink_target if symlink_target
|
|
126
129
|
details
|
|
@@ -12,6 +12,7 @@ require "dependabot/update_checkers/version_filters"
|
|
|
12
12
|
require "dependabot/registry_client"
|
|
13
13
|
require "dependabot/bundler"
|
|
14
14
|
require "dependabot/package/package_details"
|
|
15
|
+
require "dependabot/package/release_cooldown_options"
|
|
15
16
|
|
|
16
17
|
module Dependabot
|
|
17
18
|
module Package
|
|
@@ -24,10 +25,10 @@ module Dependabot
|
|
|
24
25
|
sig { returns(Dependabot::Dependency) }
|
|
25
26
|
attr_reader :dependency
|
|
26
27
|
|
|
27
|
-
sig { returns(T::Array[
|
|
28
|
+
sig { returns(T::Array[Dependabot::DependencyFile]) }
|
|
28
29
|
attr_reader :dependency_files
|
|
29
30
|
|
|
30
|
-
sig { returns(T::Array[
|
|
31
|
+
sig { returns(T::Array[Dependabot::Credential]) }
|
|
31
32
|
attr_reader :credentials
|
|
32
33
|
|
|
33
34
|
sig { returns(T::Array[String]) }
|
|
@@ -36,6 +37,9 @@ module Dependabot
|
|
|
36
37
|
sig { returns(T::Array[SecurityAdvisory]) }
|
|
37
38
|
attr_reader :security_advisories
|
|
38
39
|
|
|
40
|
+
sig { returns(T.nilable(ReleaseCooldownOptions)) }
|
|
41
|
+
attr_reader :cooldown_options
|
|
42
|
+
|
|
39
43
|
sig { returns(T::Hash[Symbol, T.untyped]) }
|
|
40
44
|
attr_reader :options
|
|
41
45
|
|
|
@@ -46,6 +50,7 @@ module Dependabot
|
|
|
46
50
|
credentials: T::Array[Dependabot::Credential],
|
|
47
51
|
ignored_versions: T::Array[String],
|
|
48
52
|
security_advisories: T::Array[Dependabot::SecurityAdvisory],
|
|
53
|
+
cooldown_options: T.nilable(ReleaseCooldownOptions),
|
|
49
54
|
raise_on_ignored: T::Boolean,
|
|
50
55
|
options: T::Hash[Symbol, T.untyped]
|
|
51
56
|
).void
|
|
@@ -56,6 +61,7 @@ module Dependabot
|
|
|
56
61
|
credentials:,
|
|
57
62
|
ignored_versions:,
|
|
58
63
|
security_advisories:,
|
|
64
|
+
cooldown_options: nil,
|
|
59
65
|
raise_on_ignored: false,
|
|
60
66
|
options: {}
|
|
61
67
|
)
|
|
@@ -64,6 +70,7 @@ module Dependabot
|
|
|
64
70
|
@credentials = credentials
|
|
65
71
|
@ignored_versions = ignored_versions
|
|
66
72
|
@security_advisories = security_advisories
|
|
73
|
+
@cooldown_options = cooldown_options
|
|
67
74
|
@raise_on_ignored = raise_on_ignored
|
|
68
75
|
# It can be used by sub classes to pass options to the registry client
|
|
69
76
|
@options = options
|
|
@@ -119,6 +126,7 @@ module Dependabot
|
|
|
119
126
|
return unless version_hashes
|
|
120
127
|
|
|
121
128
|
version_hashes = filter_yanked_versions(version_hashes)
|
|
129
|
+
version_hashes = filter_by_cooldown(version_hashes)
|
|
122
130
|
versions = filter_unsupported_versions(version_hashes, language_version)
|
|
123
131
|
versions = filter_prerelease_versions(versions)
|
|
124
132
|
versions = filter_ignored_versions(versions)
|
|
@@ -135,6 +143,7 @@ module Dependabot
|
|
|
135
143
|
return unless version_hashes
|
|
136
144
|
|
|
137
145
|
version_hashes = filter_yanked_versions(version_hashes)
|
|
146
|
+
version_hashes = filter_by_cooldown(version_hashes)
|
|
138
147
|
versions = filter_unsupported_versions(version_hashes, language_version)
|
|
139
148
|
versions = filter_prerelease_versions(versions)
|
|
140
149
|
versions = filter_ignored_versions(versions)
|
|
@@ -152,6 +161,7 @@ module Dependabot
|
|
|
152
161
|
return unless version_hashes
|
|
153
162
|
|
|
154
163
|
version_hashes = filter_yanked_versions(version_hashes)
|
|
164
|
+
version_hashes = filter_by_cooldown(version_hashes)
|
|
155
165
|
versions = filter_unsupported_versions(version_hashes, language_version)
|
|
156
166
|
# versions = filter_prerelease_versions(versions)
|
|
157
167
|
versions = Dependabot::UpdateCheckers::VersionFilters.filter_vulnerable_versions(
|
|
@@ -176,6 +186,29 @@ module Dependabot
|
|
|
176
186
|
filtered
|
|
177
187
|
end
|
|
178
188
|
|
|
189
|
+
sig do
|
|
190
|
+
params(releases: T::Array[Dependabot::Package::PackageRelease])
|
|
191
|
+
.returns(T::Array[Dependabot::Package::PackageRelease])
|
|
192
|
+
end
|
|
193
|
+
def filter_by_cooldown(releases)
|
|
194
|
+
return releases unless cooldown_enabled?
|
|
195
|
+
return releases unless cooldown_options
|
|
196
|
+
|
|
197
|
+
current_version = dependency.version ? version_class.new(dependency.version) : nil
|
|
198
|
+
|
|
199
|
+
filtered = releases.reject do |release|
|
|
200
|
+
next false unless release.released_at
|
|
201
|
+
|
|
202
|
+
days = cooldown_days_for(current_version, release.version)
|
|
203
|
+
(Time.now.to_i - release.released_at.to_i) < (days * 24 * 60 * 60)
|
|
204
|
+
end
|
|
205
|
+
|
|
206
|
+
if releases.count > filtered.count
|
|
207
|
+
Dependabot.logger.info("Filtered out #{releases.count - filtered.count} versions due to cooldown")
|
|
208
|
+
end
|
|
209
|
+
filtered
|
|
210
|
+
end
|
|
211
|
+
|
|
179
212
|
sig do
|
|
180
213
|
params(
|
|
181
214
|
releases: T::Array[Dependabot::Package::PackageRelease],
|
|
@@ -257,6 +290,41 @@ module Dependabot
|
|
|
257
290
|
.select { |v| reqs.all? { |r| r.any? { |o| o.satisfied_by?(v) } } }
|
|
258
291
|
end
|
|
259
292
|
|
|
293
|
+
sig { returns(T::Boolean) }
|
|
294
|
+
def cooldown_enabled?
|
|
295
|
+
false
|
|
296
|
+
end
|
|
297
|
+
|
|
298
|
+
sig do
|
|
299
|
+
params(
|
|
300
|
+
current_version: T.nilable(Dependabot::Version),
|
|
301
|
+
new_version: Dependabot::Version
|
|
302
|
+
).returns(Integer)
|
|
303
|
+
end
|
|
304
|
+
def cooldown_days_for(current_version, new_version)
|
|
305
|
+
cooldown = @cooldown_options
|
|
306
|
+
return 0 if cooldown.nil?
|
|
307
|
+
return 0 unless cooldown_enabled?
|
|
308
|
+
return 0 unless cooldown.included?(dependency.name)
|
|
309
|
+
return cooldown.default_days if current_version.nil?
|
|
310
|
+
|
|
311
|
+
current_version_semver = current_version.semver_parts
|
|
312
|
+
new_version_semver = new_version.semver_parts
|
|
313
|
+
|
|
314
|
+
# If semver_parts is nil for either, return default cooldown
|
|
315
|
+
return cooldown.default_days if current_version_semver.nil? || new_version_semver.nil?
|
|
316
|
+
|
|
317
|
+
# Ensure values are always integers
|
|
318
|
+
current_major, current_minor, current_patch = current_version_semver
|
|
319
|
+
new_major, new_minor, new_patch = new_version_semver
|
|
320
|
+
|
|
321
|
+
# Determine cooldown based on version difference
|
|
322
|
+
return cooldown.semver_major_days if new_major > current_major
|
|
323
|
+
return cooldown.semver_minor_days if new_minor > current_minor
|
|
324
|
+
return cooldown.semver_patch_days if new_patch > current_patch
|
|
325
|
+
|
|
326
|
+
cooldown.default_days
|
|
327
|
+
end
|
|
260
328
|
sig { returns(T::Boolean) }
|
|
261
329
|
def wants_prerelease?
|
|
262
330
|
return version_class.new(dependency.version).prerelease? if dependency.version
|
|
@@ -0,0 +1,61 @@
|
|
|
1
|
+
# typed: strict
|
|
2
|
+
# frozen_string_literal: true
|
|
3
|
+
|
|
4
|
+
require "sorbet-runtime"
|
|
5
|
+
|
|
6
|
+
module Dependabot
|
|
7
|
+
module Package
|
|
8
|
+
class ReleaseCooldownOptions
|
|
9
|
+
extend T::Sig
|
|
10
|
+
|
|
11
|
+
sig do
|
|
12
|
+
params(
|
|
13
|
+
default_days: T.nilable(Integer),
|
|
14
|
+
semver_major_days: T.nilable(Integer),
|
|
15
|
+
semver_minor_days: T.nilable(Integer),
|
|
16
|
+
semver_patch_days: T.nilable(Integer),
|
|
17
|
+
include: T.nilable(T::Array[String]),
|
|
18
|
+
exclude: T.nilable(T::Array[String])
|
|
19
|
+
).void
|
|
20
|
+
end
|
|
21
|
+
def initialize(
|
|
22
|
+
default_days: 0, semver_major_days: 0, semver_minor_days: 0, semver_patch_days: 0,
|
|
23
|
+
include: [], exclude: []
|
|
24
|
+
)
|
|
25
|
+
default_days ||= 0
|
|
26
|
+
semver_major_days ||= 0
|
|
27
|
+
semver_minor_days ||= 0
|
|
28
|
+
semver_patch_days ||= 0
|
|
29
|
+
include ||= []
|
|
30
|
+
exclude ||= []
|
|
31
|
+
|
|
32
|
+
@default_days = T.let(default_days, Integer)
|
|
33
|
+
@semver_major_days = T.let(semver_major_days.positive? ? semver_major_days : default_days, Integer)
|
|
34
|
+
@semver_minor_days = T.let(semver_minor_days.positive? ? semver_minor_days : default_days, Integer)
|
|
35
|
+
@semver_patch_days = T.let(semver_patch_days.positive? ? semver_patch_days : default_days, Integer)
|
|
36
|
+
@include = T.let(include.to_set, T::Set[String])
|
|
37
|
+
@exclude = T.let(exclude.to_set, T::Set[String])
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
sig { returns(Integer) }
|
|
41
|
+
attr_reader :default_days, :semver_major_days, :semver_minor_days, :semver_patch_days
|
|
42
|
+
|
|
43
|
+
sig { returns(T::Set[String]) }
|
|
44
|
+
attr_reader :include, :exclude
|
|
45
|
+
|
|
46
|
+
sig { params(dependency_name: String).returns(T::Boolean) }
|
|
47
|
+
def included?(dependency_name)
|
|
48
|
+
return false if dependency_name.empty? || excluded?(dependency_name)
|
|
49
|
+
|
|
50
|
+
@include.empty? || @include.any? { |pattern| File.fnmatch?(pattern, dependency_name) }
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
private
|
|
54
|
+
|
|
55
|
+
sig { params(dependency_name: String).returns(T::Boolean) }
|
|
56
|
+
def excluded?(dependency_name)
|
|
57
|
+
@exclude.any? { |pattern| File.fnmatch?(pattern, dependency_name) }
|
|
58
|
+
end
|
|
59
|
+
end
|
|
60
|
+
end
|
|
61
|
+
end
|
|
@@ -9,6 +9,7 @@ require "json"
|
|
|
9
9
|
require "open3"
|
|
10
10
|
require "sorbet-runtime"
|
|
11
11
|
require "tmpdir"
|
|
12
|
+
require "securerandom"
|
|
12
13
|
|
|
13
14
|
require "dependabot/credential"
|
|
14
15
|
require "dependabot/simple_instrumentor"
|
|
@@ -22,7 +23,6 @@ module Dependabot
|
|
|
22
23
|
module SharedHelpers # rubocop:disable Metrics/ModuleLength
|
|
23
24
|
extend T::Sig
|
|
24
25
|
|
|
25
|
-
GIT_CONFIG_GLOBAL_PATH = T.let(File.expand_path(".gitconfig", Utils::BUMP_TMP_DIR_PATH), String)
|
|
26
26
|
USER_AGENT = T.let(
|
|
27
27
|
"dependabot-core/#{Dependabot::VERSION} " \
|
|
28
28
|
"#{Excon::USER_AGENT} ruby/#{RUBY_VERSION} " \
|
|
@@ -290,12 +290,15 @@ module Dependabot
|
|
|
290
290
|
FileUtils.mkdir_p(Utils::BUMP_TMP_DIR_PATH)
|
|
291
291
|
|
|
292
292
|
previous_config = ENV.fetch("GIT_CONFIG_GLOBAL", nil)
|
|
293
|
+
# adding a random suffix to avoid conflicts when running in parallel
|
|
294
|
+
# some package managers like bundler will modify the global git config
|
|
295
|
+
git_config_global_path = File.expand_path("#{SecureRandom.hex(16)}.gitconfig", Utils::BUMP_TMP_DIR_PATH)
|
|
293
296
|
previous_terminal_prompt = ENV.fetch("GIT_TERMINAL_PROMPT", nil)
|
|
294
297
|
|
|
295
298
|
begin
|
|
296
|
-
ENV["GIT_CONFIG_GLOBAL"] =
|
|
299
|
+
ENV["GIT_CONFIG_GLOBAL"] = git_config_global_path
|
|
297
300
|
ENV["GIT_TERMINAL_PROMPT"] = "false"
|
|
298
|
-
configure_git_to_use_https_with_credentials(credentials, safe_directories)
|
|
301
|
+
configure_git_to_use_https_with_credentials(credentials, safe_directories, git_config_global_path)
|
|
299
302
|
yield
|
|
300
303
|
ensure
|
|
301
304
|
ENV["GIT_CONFIG_GLOBAL"] = previous_config
|
|
@@ -304,7 +307,7 @@ module Dependabot
|
|
|
304
307
|
rescue Errno::ENOSPC => e
|
|
305
308
|
raise Dependabot::OutOfDisk, e.message
|
|
306
309
|
ensure
|
|
307
|
-
FileUtils.rm_f(
|
|
310
|
+
FileUtils.rm_f(T.must(git_config_global_path))
|
|
308
311
|
end
|
|
309
312
|
|
|
310
313
|
# Handle SCP-style git URIs
|
|
@@ -321,9 +324,12 @@ module Dependabot
|
|
|
321
324
|
end
|
|
322
325
|
|
|
323
326
|
# rubocop:disable Metrics/PerceivedComplexity
|
|
324
|
-
sig
|
|
325
|
-
|
|
326
|
-
|
|
327
|
+
sig do
|
|
328
|
+
params(credentials: T::Array[Dependabot::Credential], safe_directories: T::Array[String],
|
|
329
|
+
git_config_global_path: String).void
|
|
330
|
+
end
|
|
331
|
+
def self.configure_git_to_use_https_with_credentials(credentials, safe_directories, git_config_global_path)
|
|
332
|
+
File.open(git_config_global_path, "w") do |file|
|
|
327
333
|
file << "# Generated by dependabot/dependabot-core"
|
|
328
334
|
end
|
|
329
335
|
|
|
@@ -7,6 +7,7 @@ require "sorbet-runtime"
|
|
|
7
7
|
require "dependabot/requirements_update_strategy"
|
|
8
8
|
require "dependabot/security_advisory"
|
|
9
9
|
require "dependabot/utils"
|
|
10
|
+
require "dependabot/package/release_cooldown_options"
|
|
10
11
|
|
|
11
12
|
module Dependabot
|
|
12
13
|
module UpdateCheckers
|
|
@@ -41,6 +42,9 @@ module Dependabot
|
|
|
41
42
|
sig { returns(T.nilable(Dependabot::DependencyGroup)) }
|
|
42
43
|
attr_reader :dependency_group
|
|
43
44
|
|
|
45
|
+
sig { returns(T.nilable(Dependabot::Package::ReleaseCooldownOptions)) }
|
|
46
|
+
attr_reader :update_cooldown
|
|
47
|
+
|
|
44
48
|
sig { returns(T::Hash[Symbol, T.untyped]) }
|
|
45
49
|
attr_reader :options
|
|
46
50
|
|
|
@@ -55,6 +59,7 @@ module Dependabot
|
|
|
55
59
|
security_advisories: T::Array[Dependabot::SecurityAdvisory],
|
|
56
60
|
requirements_update_strategy: T.nilable(Dependabot::RequirementsUpdateStrategy),
|
|
57
61
|
dependency_group: T.nilable(Dependabot::DependencyGroup),
|
|
62
|
+
update_cooldown: T.nilable(Dependabot::Package::ReleaseCooldownOptions),
|
|
58
63
|
options: T::Hash[Symbol, T.untyped]
|
|
59
64
|
)
|
|
60
65
|
.void
|
|
@@ -63,7 +68,7 @@ module Dependabot
|
|
|
63
68
|
repo_contents_path: nil, ignored_versions: [],
|
|
64
69
|
raise_on_ignored: false, security_advisories: [],
|
|
65
70
|
requirements_update_strategy: nil, dependency_group: nil,
|
|
66
|
-
options: {})
|
|
71
|
+
update_cooldown: nil, options: {})
|
|
67
72
|
@dependency = dependency
|
|
68
73
|
@dependency_files = dependency_files
|
|
69
74
|
@repo_contents_path = repo_contents_path
|
|
@@ -73,6 +78,7 @@ module Dependabot
|
|
|
73
78
|
@raise_on_ignored = raise_on_ignored
|
|
74
79
|
@security_advisories = security_advisories
|
|
75
80
|
@dependency_group = dependency_group
|
|
81
|
+
@update_cooldown = update_cooldown
|
|
76
82
|
@options = options
|
|
77
83
|
end
|
|
78
84
|
|
data/lib/dependabot/version.rb
CHANGED
|
@@ -73,5 +73,18 @@ module Dependabot
|
|
|
73
73
|
def lowest_prerelease_suffix
|
|
74
74
|
"a"
|
|
75
75
|
end
|
|
76
|
+
|
|
77
|
+
sig { returns(T.nilable([Integer, Integer, Integer])) }
|
|
78
|
+
def semver_parts
|
|
79
|
+
# Extracts only the numeric major.minor.patch part of the version, ensuring it starts with a number
|
|
80
|
+
match = to_semver.match(/^\d+(?:\.\d+)?(?:\.\d+)?(?=[^\d]|$)/)
|
|
81
|
+
return nil unless match
|
|
82
|
+
|
|
83
|
+
first_match = match[0]
|
|
84
|
+
return nil unless first_match
|
|
85
|
+
|
|
86
|
+
major, minor, patch = first_match.split(".").map(&:to_i)
|
|
87
|
+
[major || 0, minor || 0, patch || 0]
|
|
88
|
+
end
|
|
76
89
|
end
|
|
77
90
|
end
|
data/lib/dependabot.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-common
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.301.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2025-
|
|
11
|
+
date: 2025-03-13 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-codecommit
|
|
@@ -293,9 +293,6 @@ dependencies:
|
|
|
293
293
|
- - ">="
|
|
294
294
|
- !ruby/object:Gem::Version
|
|
295
295
|
version: 1.1.2
|
|
296
|
-
- - "<"
|
|
297
|
-
- !ruby/object:Gem::Version
|
|
298
|
-
version: '4.0'
|
|
299
296
|
type: :runtime
|
|
300
297
|
prerelease: false
|
|
301
298
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -303,9 +300,6 @@ dependencies:
|
|
|
303
300
|
- - ">="
|
|
304
301
|
- !ruby/object:Gem::Version
|
|
305
302
|
version: 1.1.2
|
|
306
|
-
- - "<"
|
|
307
|
-
- !ruby/object:Gem::Version
|
|
308
|
-
version: '4.0'
|
|
309
303
|
- !ruby/object:Gem::Dependency
|
|
310
304
|
name: debug
|
|
311
305
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -572,6 +566,7 @@ files:
|
|
|
572
566
|
- lib/dependabot/package/package_language.rb
|
|
573
567
|
- lib/dependabot/package/package_latest_version_finder.rb
|
|
574
568
|
- lib/dependabot/package/package_release.rb
|
|
569
|
+
- lib/dependabot/package/release_cooldown_options.rb
|
|
575
570
|
- lib/dependabot/pull_request_creator.rb
|
|
576
571
|
- lib/dependabot/pull_request_creator/azure.rb
|
|
577
572
|
- lib/dependabot/pull_request_creator/bitbucket.rb
|
|
@@ -619,7 +614,7 @@ licenses:
|
|
|
619
614
|
- MIT
|
|
620
615
|
metadata:
|
|
621
616
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
622
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
617
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.301.0
|
|
623
618
|
post_install_message:
|
|
624
619
|
rdoc_options: []
|
|
625
620
|
require_paths:
|