dependabot-common 0.304.0 → 0.306.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/package/package_latest_version_finder.rb +6 -0
- data/lib/dependabot.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b40fc48efa5a7a782c3817f5c1bf9bebdff9baf60d546245f18c0747eed4ec6b
|
|
4
|
+
data.tar.gz: a9850885d117e93cca47900df61e6900c4aa5475ebd49ad68c512f57f4c6c6c8
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 96f3238aa188c4ee53aa3fc7c625f13c2828c9181cd8a165600b4b42799c688f00b7bc5c9778ae6495e54d6e92abc84a508487af3fdf55a87854ea31446492a8
|
|
7
|
+
data.tar.gz: 772caff8b8fd3b1f08c24bf19a3e6e4cd677a60f82521aba1a0f5d521d63a05dc908296917a114b7d7f658e1fe14f7755647090af428db031d783571a0a73fe5
|
|
@@ -174,10 +174,16 @@ module Dependabot
|
|
|
174
174
|
)
|
|
175
175
|
versions = filter_ignored_versions(versions)
|
|
176
176
|
versions = filter_lower_versions(versions)
|
|
177
|
+
versions = apply_post_fetch_lowest_security_fix_versions_filter(versions)
|
|
177
178
|
|
|
178
179
|
versions.min
|
|
179
180
|
end
|
|
180
181
|
|
|
182
|
+
sig { params(versions: T::Array[Dependabot::Version]).returns(T::Array[Dependabot::Version]) }
|
|
183
|
+
def apply_post_fetch_lowest_security_fix_versions_filter(versions)
|
|
184
|
+
versions
|
|
185
|
+
end
|
|
186
|
+
|
|
181
187
|
sig do
|
|
182
188
|
params(releases: T::Array[Dependabot::Package::PackageRelease])
|
|
183
189
|
.returns(T::Array[Dependabot::Package::PackageRelease])
|
data/lib/dependabot.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-common
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.306.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2025-04-
|
|
11
|
+
date: 2025-04-10 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-codecommit
|
|
@@ -628,7 +628,7 @@ licenses:
|
|
|
628
628
|
- MIT
|
|
629
629
|
metadata:
|
|
630
630
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
631
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
631
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.306.0
|
|
632
632
|
post_install_message:
|
|
633
633
|
rdoc_options: []
|
|
634
634
|
require_paths:
|