dependabot-common 0.316.0 → 0.317.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/git_commit_checker.rb +17 -0
- data/lib/dependabot/git_metadata_fetcher.rb +18 -0
- data/lib/dependabot/git_tag_with_detail.rb +3 -3
- data/lib/dependabot.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a8d358807ceadc833ed82dcedc73266e3561d9b717ce53ae649ca51000c69312
|
|
4
|
+
data.tar.gz: d31ca9ca6aa26c1547bf9670a5addd1010d14731aa1f86cb42f58393aae945c7
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b2cac731eb951f4c7bf1f7756f8024593105964a0c09270415d5af834147807f979c8372a1b904f38e517c9725a76020e5f51d258bc21a2ac1a99459d2abc1ab
|
|
7
|
+
data.tar.gz: 0cadb251db30a331dead18251239b36862fa6c113f645e9300e4365903262f4fcf7816da49ba937aaf1552f0362879f9907c3e7c12fdd2e80b30efa73c5c85ac
|
|
@@ -100,6 +100,17 @@ module Dependabot
|
|
|
100
100
|
local_repo_git_metadata_fetcher.head_commit_for_ref_sha(T.must(ref))
|
|
101
101
|
end
|
|
102
102
|
|
|
103
|
+
sig { returns(Excon::Response) }
|
|
104
|
+
def ref_details_for_pinned_ref
|
|
105
|
+
T.must(T.let(
|
|
106
|
+
GitMetadataFetcher.new(
|
|
107
|
+
url: dependency.source_details&.fetch(:url, nil),
|
|
108
|
+
credentials: credentials
|
|
109
|
+
).ref_details_for_pinned_ref(ref_pinned),
|
|
110
|
+
T.nilable(Excon::Response)
|
|
111
|
+
))
|
|
112
|
+
end
|
|
113
|
+
|
|
103
114
|
sig { params(ref: String).returns(T::Boolean) }
|
|
104
115
|
def ref_looks_like_commit_sha?(ref)
|
|
105
116
|
ref.match?(/^[0-9a-f]{6,40}$/)
|
|
@@ -618,6 +629,12 @@ module Dependabot
|
|
|
618
629
|
T.nilable(Dependabot::GitMetadataFetcher)
|
|
619
630
|
)
|
|
620
631
|
end
|
|
632
|
+
|
|
633
|
+
sig { returns(String) }
|
|
634
|
+
def ref_pinned
|
|
635
|
+
dependency.source_details&.fetch(:ref, nil) ||
|
|
636
|
+
dependency.source_details&.fetch(:branch, nil) || "HEAD"
|
|
637
|
+
end
|
|
621
638
|
end
|
|
622
639
|
# rubocop:enable Metrics/ClassLength
|
|
623
640
|
end
|
|
@@ -144,6 +144,11 @@ module Dependabot
|
|
|
144
144
|
raise Dependabot::GitDependenciesNotReachable, [uri]
|
|
145
145
|
end
|
|
146
146
|
|
|
147
|
+
sig { params(ref: String).returns(Excon::Response) }
|
|
148
|
+
def ref_details_for_pinned_ref(ref)
|
|
149
|
+
Dependabot::RegistryClient.get(url: provider_url(ref))
|
|
150
|
+
end
|
|
151
|
+
|
|
147
152
|
private
|
|
148
153
|
|
|
149
154
|
sig { returns(String) }
|
|
@@ -358,5 +363,18 @@ module Dependabot
|
|
|
358
363
|
rescue Errno::ENOENT => e # Thrown when `git` isn't installed
|
|
359
364
|
OpenStruct.new(body: e.message, status: 500)
|
|
360
365
|
end
|
|
366
|
+
|
|
367
|
+
sig do
|
|
368
|
+
params(ref: String).returns(String)
|
|
369
|
+
end
|
|
370
|
+
def provider_url(ref)
|
|
371
|
+
provider_url = url.gsub(/\.git$/, "")
|
|
372
|
+
|
|
373
|
+
api_url = {
|
|
374
|
+
github: provider_url.gsub("github.com", "api.github.com/repos")
|
|
375
|
+
}.freeze
|
|
376
|
+
|
|
377
|
+
"#{api_url[:github]}/commits?per_page=100&sha=#{ref}"
|
|
378
|
+
end
|
|
361
379
|
end
|
|
362
380
|
end
|
|
@@ -10,16 +10,16 @@ module Dependabot
|
|
|
10
10
|
sig { returns(String) }
|
|
11
11
|
attr_accessor :tag
|
|
12
12
|
|
|
13
|
-
sig { returns(String) }
|
|
13
|
+
sig { returns(T.nilable(String)) }
|
|
14
14
|
attr_accessor :release_date
|
|
15
15
|
|
|
16
16
|
sig do
|
|
17
17
|
params(
|
|
18
18
|
tag: String,
|
|
19
|
-
release_date: String
|
|
19
|
+
release_date: T.nilable(String)
|
|
20
20
|
).void
|
|
21
21
|
end
|
|
22
|
-
def initialize(tag:, release_date:)
|
|
22
|
+
def initialize(tag:, release_date: nil)
|
|
23
23
|
@tag = tag
|
|
24
24
|
@release_date = release_date
|
|
25
25
|
end
|
data/lib/dependabot.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-common
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.317.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -625,7 +625,7 @@ licenses:
|
|
|
625
625
|
- MIT
|
|
626
626
|
metadata:
|
|
627
627
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
628
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
628
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.317.0
|
|
629
629
|
rdoc_options: []
|
|
630
630
|
require_paths:
|
|
631
631
|
- lib
|