dependabot-common 0.367.0 → 0.368.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/git_commit_checker.rb +37 -5
- data/lib/dependabot/registry_client.rb +7 -5
- data/lib/dependabot.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 3c25acad8cb0f120b8d120817720c6ce88f8706d7f01a90d6866aa1040c0d7f6
|
|
4
|
+
data.tar.gz: 16f00b502775dcd9138151c7c897fd4515818606e2786a648e00fdb05514e3ad
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1898c4f3c9a12977bbfd56734074d4924db3b7d5e225784e4e159a9d1005fcd8fee8d285fb879709b2c26c1492d1541958bcbb730da338e6dcb57a5ca26d1542
|
|
7
|
+
data.tar.gz: ec18e45926c7d9a1e3fab40a4834de013d23dc7f43600c8060d44be6c50501d1e4d5b3f2d0cf6c9b0011140f378a569cc76171ec18bbe2536ea5141520751fb8
|
|
@@ -277,6 +277,11 @@ module Dependabot
|
|
|
277
277
|
to_local_tag(max_version_tag)
|
|
278
278
|
end
|
|
279
279
|
|
|
280
|
+
sig { returns(T::Array[Dependabot::GitRef]) }
|
|
281
|
+
def all_version_tags
|
|
282
|
+
allowed_versions(local_tags, filter_by_prefix: false)
|
|
283
|
+
end
|
|
284
|
+
|
|
280
285
|
private
|
|
281
286
|
|
|
282
287
|
sig { returns(Dependabot::Dependency) }
|
|
@@ -335,11 +340,16 @@ module Dependabot
|
|
|
335
340
|
version.split(".").length
|
|
336
341
|
end
|
|
337
342
|
|
|
338
|
-
sig
|
|
339
|
-
|
|
343
|
+
sig do
|
|
344
|
+
params(
|
|
345
|
+
local_tags: T::Array[Dependabot::GitRef],
|
|
346
|
+
filter_by_prefix: T::Boolean
|
|
347
|
+
).returns(T::Array[Dependabot::GitRef])
|
|
348
|
+
end
|
|
349
|
+
def allowed_versions(local_tags, filter_by_prefix: true)
|
|
340
350
|
tags =
|
|
341
351
|
local_tags
|
|
342
|
-
.select { |t| version_tag?(t.name) && matches_existing_prefix?(t.name) }
|
|
352
|
+
.select { |t| version_tag?(t.name) && (filter_by_prefix ? matches_existing_prefix?(t.name) : true) }
|
|
343
353
|
filtered = tags
|
|
344
354
|
.reject { |t| tag_included_in_ignore_requirements?(t) }
|
|
345
355
|
if @raise_on_ignored && filter_lower_versions(filtered).empty? && filter_lower_versions(tags).any?
|
|
@@ -515,8 +525,30 @@ module Dependabot
|
|
|
515
525
|
|
|
516
526
|
sig { params(tag: String, other_tag: String).returns(T::Boolean) }
|
|
517
527
|
def same_prefix?(tag, other_tag)
|
|
518
|
-
tag.gsub(VERSION_REGEX, "")
|
|
519
|
-
|
|
528
|
+
tag_prefix = tag.gsub(VERSION_REGEX, "")
|
|
529
|
+
other_tag_prefix = other_tag.gsub(VERSION_REGEX, "")
|
|
530
|
+
|
|
531
|
+
return true if tag_prefix == other_tag_prefix
|
|
532
|
+
|
|
533
|
+
if semver_like?(tag) && semver_like?(other_tag)
|
|
534
|
+
normalize_v_prefix(tag_prefix) == normalize_v_prefix(other_tag_prefix)
|
|
535
|
+
else
|
|
536
|
+
false
|
|
537
|
+
end
|
|
538
|
+
end
|
|
539
|
+
|
|
540
|
+
# Returns true if the tag's version has 3+ segments (standard semver like "1.2.3")
|
|
541
|
+
sig { params(tag: String).returns(T::Boolean) }
|
|
542
|
+
def semver_like?(tag)
|
|
543
|
+
version = scan_version(tag)
|
|
544
|
+
version.split(".").length >= 3
|
|
545
|
+
rescue StandardError
|
|
546
|
+
false
|
|
547
|
+
end
|
|
548
|
+
|
|
549
|
+
sig { params(prefix: String).returns(String) }
|
|
550
|
+
def normalize_v_prefix(prefix)
|
|
551
|
+
prefix.length > 1 ? prefix.gsub(/v$/i, "") : prefix.gsub(/^v$/i, "")
|
|
520
552
|
end
|
|
521
553
|
|
|
522
554
|
sig { params(tag: T.nilable(Dependabot::GitRef)).returns(T.nilable(T::Hash[Symbol, T.untyped])) }
|
|
@@ -14,7 +14,9 @@ module Dependabot
|
|
|
14
14
|
class RegistryClient
|
|
15
15
|
extend T::Sig
|
|
16
16
|
|
|
17
|
-
|
|
17
|
+
CachedErrorType = T.type_alias { T.any(Excon::Error::Timeout, Excon::Error::Socket) }
|
|
18
|
+
|
|
19
|
+
@cached_errors = T.let({}, T::Hash[T.nilable(String), CachedErrorType])
|
|
18
20
|
|
|
19
21
|
sig do
|
|
20
22
|
params(
|
|
@@ -33,7 +35,7 @@ module Dependabot
|
|
|
33
35
|
**SharedHelpers.excon_defaults({ headers: headers }.merge(options)),
|
|
34
36
|
retry_interval: 5
|
|
35
37
|
)
|
|
36
|
-
rescue Excon::Error::Timeout => e
|
|
38
|
+
rescue Excon::Error::Timeout, Excon::Error::Socket => e
|
|
37
39
|
cache_error(url, e)
|
|
38
40
|
raise e
|
|
39
41
|
end
|
|
@@ -54,7 +56,7 @@ module Dependabot
|
|
|
54
56
|
idempotent: true,
|
|
55
57
|
**SharedHelpers.excon_defaults({ headers: headers }.merge(options))
|
|
56
58
|
)
|
|
57
|
-
rescue Excon::Error::Timeout => e
|
|
59
|
+
rescue Excon::Error::Timeout, Excon::Error::Socket => e
|
|
58
60
|
cache_error(url, e)
|
|
59
61
|
raise e
|
|
60
62
|
end
|
|
@@ -64,13 +66,13 @@ module Dependabot
|
|
|
64
66
|
@cached_errors = {}
|
|
65
67
|
end
|
|
66
68
|
|
|
67
|
-
sig { params(url: String, error:
|
|
69
|
+
sig { params(url: String, error: CachedErrorType).void }
|
|
68
70
|
private_class_method def self.cache_error(url, error)
|
|
69
71
|
host = URI(url).host
|
|
70
72
|
@cached_errors[host] = error
|
|
71
73
|
end
|
|
72
74
|
|
|
73
|
-
sig { params(url: String).returns(T.nilable(
|
|
75
|
+
sig { params(url: String).returns(T.nilable(CachedErrorType)) }
|
|
74
76
|
private_class_method def self.cached_error_for(url)
|
|
75
77
|
host = URI(url).host
|
|
76
78
|
@cached_errors.fetch(host, nil)
|
data/lib/dependabot.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-common
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.368.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -616,7 +616,7 @@ licenses:
|
|
|
616
616
|
- MIT
|
|
617
617
|
metadata:
|
|
618
618
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
619
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
619
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.368.0
|
|
620
620
|
rdoc_options: []
|
|
621
621
|
require_paths:
|
|
622
622
|
- lib
|