RubyGems - dependabot-common - Versions diffs - 0.326.0 → 0.327.0 - Mend

dependabot-common 0.326.0 → 0.327.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

checksums.yaml +4 -4
data/lib/dependabot/dependency_file.rb +12 -2
data/lib/dependabot.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: af0660511361baf03f9ff425ee0bf50981ccc6cc31b352141b190d8aed14b3f1
-  data.tar.gz: d6ec33f6856d9e6bbcbada71e64b318f728485e8bdd9f1c9acb729eae6deb3ae
+  metadata.gz: 79a4252f6734f8bd1ff7e005d0ad1feb8454d67adc9aa606378e508db270da78
+  data.tar.gz: 312d95b14c8207368b6e3014ccbbc721260f15de2f7b8243ef80656aacd89df9
 SHA512:
-  metadata.gz: ad74d68c2cce87d57b0315c8b7d1dc4623b5756d47173b6ab96e7d3006423c48c11ed077ee690633138006f922e483dba29fc2abd7de9f30cfd8849f675fcab1
-  data.tar.gz: d821725eb6b9ffcb436c27761bcbdabc10279610bbb10e8479595397e8ec9c38ab7ea4d5aadb61d74eb7666ee004e4f1dc558809cb26a2117a7871f79e286dcd
+  metadata.gz: 6c1ac6235b527e8ca14df68b2d01a3518e86e7b4e85354c2009807ffa18d51380bac92232ea27dd116e0c1abdc0cfbd724b9eb3459989899df92618fdf92a768
+  data.tar.gz: 11ecbdf6ced6cecfc4fd9db8634037ecb7edcd2bba930a05b108b41a49920b97cee8834d1c6905b8e1c1526ef42e620f81591f1f794038280d1a5340be59e90e

data/lib/dependabot/dependency_file.rb CHANGED Viewed

@@ -28,6 +28,14 @@ module Dependabot
     sig { returns(T::Boolean) }
     attr_accessor :vendored_file
+    # Dependency file priority is used to determine which files are relevant when generating a dependency graph for the
+    # project - only the highest priority files will be graphed for each directory.
+    #
+    # This allows us to default to treating all dependency files as relevant unless the ecosystem's file parser tells
+    # us otherwise, for example indicating that a Gemfile.lock fully supersedes its peered Gemfile.
+    sig { returns(Integer) }
+    attr_accessor :priority
     sig { returns(T.nilable(String)) }
     attr_accessor :symlink_target
@@ -78,14 +86,15 @@ module Dependabot
         content_encoding: String,
         deleted: T::Boolean,
         operation: String,
-        mode: T.nilable(String)
+        mode: T.nilable(String),
+        priority: Integer
       )
         .void
     end
     def initialize(name:, content:, directory: "/", type: "file",
                    support_file: false, vendored_file: false, symlink_target: nil,
                    content_encoding: ContentEncoding::UTF_8, deleted: false,
-                   operation: Operation::UPDATE, mode: nil)
+                   operation: Operation::UPDATE, mode: nil, priority: 0)
       @name = name
       @content = content
       @directory = T.let(clean_directory(directory), String)
@@ -96,6 +105,7 @@ module Dependabot
       @operation = operation
       @mode = mode
       @dependencies = T.let(Set.new, T::Set[T.untyped])
+      @priority = priority
       raise ArgumentError, "Invalid Git mode: #{mode}" if mode && !VALID_MODES.include?(mode)
       # Make deleted override the operation. Deleted is kept when operation

data/lib/dependabot.rb CHANGED Viewed

@@ -2,5 +2,5 @@
 # frozen_string_literal: true
 module Dependabot
-  VERSION = "0.326.0"
+  VERSION = "0.327.0"
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-common
 version: !ruby/object:Gem::Version
-  version: 0.326.0
+  version: 0.327.0
 platform: ruby
 authors:
 - Dependabot
@@ -625,7 +625,7 @@ licenses:
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.326.0
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.327.0
 rdoc_options: []
 require_paths:
 - lib