dependabot-common 0.350.0 → 0.352.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 92b9044de288db4045a52115b05b27eea9d915c5d9fc3b6cb9d564ff5dca5d4f
|
|
4
|
+
data.tar.gz: 59d891982e2d6ab76b873256e54d396f81bad88415d6b8b29050096dc3b924a2
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1a5e6edfd96bf68b1d7f17e7c5316f531519f1dfe45505bbf610f9da519a89b9f4a4f14bd22b1cd35ba3cbac346c41daa6e4a3c94b5be79ff2d761dc50d7f816
|
|
7
|
+
data.tar.gz: cad5ff917ee9f6d3d5aa327d9d1e201b699bf613a1357ead29d692d79e89f4b0b53610056f6a75fcc42b84597403a10d8c5f745defae2fb9117ae60de125b1aa
|
|
@@ -34,6 +34,9 @@ module Dependabot
|
|
|
34
34
|
sig { returns(T::Boolean) }
|
|
35
35
|
attr_reader :errored_fetching_subdependencies
|
|
36
36
|
|
|
37
|
+
sig { returns(T.nilable(StandardError)) }
|
|
38
|
+
attr_reader :subdependency_error
|
|
39
|
+
|
|
37
40
|
sig do
|
|
38
41
|
params(file_parser: Dependabot::FileParsers::Base).void
|
|
39
42
|
end
|
|
@@ -104,6 +107,7 @@ module Dependabot
|
|
|
104
107
|
end
|
|
105
108
|
rescue StandardError => e
|
|
106
109
|
@errored_fetching_subdependencies = true
|
|
110
|
+
@subdependency_error = T.let(e, T.nilable(StandardError))
|
|
107
111
|
Dependabot.logger.error("Error fetching subdependencies: #{e.message}")
|
|
108
112
|
[]
|
|
109
113
|
end
|
|
@@ -596,7 +596,47 @@ module Dependabot
|
|
|
596
596
|
|
|
597
597
|
sig { params(tag: Dependabot::GitRef).returns(T::Boolean) }
|
|
598
598
|
def tag_is_prerelease?(tag)
|
|
599
|
-
version_from_tag(tag).prerelease?
|
|
599
|
+
return true if version_from_tag(tag).prerelease?
|
|
600
|
+
|
|
601
|
+
# Check if the tag is marked as a pre-release on GitHub
|
|
602
|
+
github_release_prerelease?(tag.name)
|
|
603
|
+
end
|
|
604
|
+
|
|
605
|
+
sig { params(tag_name: String).returns(T::Boolean) }
|
|
606
|
+
def github_release_prerelease?(tag_name)
|
|
607
|
+
return false unless listing_source_url
|
|
608
|
+
|
|
609
|
+
source = Source.from_url(listing_source_url)
|
|
610
|
+
return false unless source&.provider == "github"
|
|
611
|
+
|
|
612
|
+
release = github_releases.find { |r| r.tag_name == tag_name }
|
|
613
|
+
return false unless release
|
|
614
|
+
|
|
615
|
+
release.prerelease
|
|
616
|
+
rescue StandardError => e
|
|
617
|
+
Dependabot.logger.debug("Error checking GitHub release prerelease status: #{e.message}")
|
|
618
|
+
false
|
|
619
|
+
end
|
|
620
|
+
|
|
621
|
+
sig { returns(T::Array[T.untyped]) }
|
|
622
|
+
def github_releases
|
|
623
|
+
@github_releases ||= T.let(
|
|
624
|
+
begin
|
|
625
|
+
return [] unless listing_source_url
|
|
626
|
+
|
|
627
|
+
source = Source.from_url(listing_source_url)
|
|
628
|
+
return [] unless source&.provider == "github"
|
|
629
|
+
|
|
630
|
+
client = Dependabot::Clients::GithubWithRetries.for_source(
|
|
631
|
+
source: T.must(source),
|
|
632
|
+
credentials: credentials
|
|
633
|
+
)
|
|
634
|
+
T.unsafe(client).releases(T.must(source).repo, per_page: 100)
|
|
635
|
+
rescue Octokit::Error
|
|
636
|
+
[]
|
|
637
|
+
end,
|
|
638
|
+
T.nilable(T::Array[T.untyped])
|
|
639
|
+
)
|
|
600
640
|
end
|
|
601
641
|
|
|
602
642
|
sig { params(tag: Dependabot::GitRef).returns(Gem::Version) }
|
|
@@ -113,14 +113,14 @@ module Dependabot
|
|
|
113
113
|
|
|
114
114
|
# rubocop:enable Metrics/PerceivedComplexity
|
|
115
115
|
|
|
116
|
-
sig { returns(String) }
|
|
116
|
+
sig { returns(T.nilable(String)) }
|
|
117
117
|
def lowest_tag_satisfying_previous_requirements
|
|
118
118
|
tags = dependency_tags
|
|
119
119
|
.select { |t| version_from_tag(t) }
|
|
120
120
|
.select { |t| satisfies_previous_reqs?(version_from_tag(t)) }
|
|
121
121
|
.sort_by { |t| [version_from_tag(t), t.length] }
|
|
122
122
|
|
|
123
|
-
tags.find { |t| t.include?(dependency.name) } ||
|
|
123
|
+
tags.find { |t| t.include?(dependency.name) } || tags.first
|
|
124
124
|
end
|
|
125
125
|
|
|
126
126
|
sig { params(tag: String).returns(T.nilable(Dependabot::Version)) }
|
data/lib/dependabot.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-common
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.352.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -629,7 +629,7 @@ licenses:
|
|
|
629
629
|
- MIT
|
|
630
630
|
metadata:
|
|
631
631
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
632
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
632
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.352.0
|
|
633
633
|
rdoc_options: []
|
|
634
634
|
require_paths:
|
|
635
635
|
- lib
|