dependabot-common 0.111.23 → 0.111.24

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/pull_request_creator.rb +2 -3
  3. data/lib/dependabot/pull_request_creator/message_builder.rb +10 -4
  4. data/lib/dependabot/version.rb +1 -1
  5. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: dcce62b12ea3d24de56496ad0df71c3ac94b8dd22a17028dbdb6792f26666921
4
- data.tar.gz: 103eacacde9437828577a5b5c55f0491a0b8989307c715ea96010bbcfd6034a6
3
+ metadata.gz: 3d71c3c319631c3c3725d1b1fc4b0ee7176d2fe3412d4830f9d712626af2881f
4
+ data.tar.gz: 8525f0deaa7c990959e6e12e685eb7c69613fdc5a7c57f2c3be99f427e913b49
5
5
  SHA512:
6
- metadata.gz: e30c37c82bd22adbabff118475f7c2d88ebd55b3e783cb511ccba23555a2e299dbddbd1e56de721f3498ab6413fbddb325f7dcee7096340532a80c13f0271166
7
- data.tar.gz: faa8d9ffcb7d20e6c1175eb6412391961856a7c09f6ba488f1a36bfc8b7bdae471fcadbe3a524cf38ec35f104b49e11956ae3d818db19eda4ca2768a437c389b
6
+ metadata.gz: 1708d18b690a69ce8fafcef295baaed01433938e4103498f724f2620984622f398c3a01b71ebd2597c9a072630cd13eaae02a2fb0b2ac7602ddea505b229560e
7
+ data.tar.gz: 3a86a382415604639d19e11cb6bcb84d66ab7f68f8676eff428041ed364a86ec1be5e70daf1de57ca336297e07185a49ca052c58366bc9746cbf74e9e8075ca2
data/lib/dependabot/pull_request_creator.rb CHANGED
@@ -27,10 +27,9 @@ module Dependabot
27
27
  def initialize(source:, base_commit:, dependencies:, files:, credentials:,
28
28
  pr_message_footer: nil, custom_labels: nil,
29
29
  author_details: nil, signature_key: nil,
30
- commit_message_options: {},
30
+ commit_message_options: {}, vulnerabilities_fixed: {},
31
31
  reviewers: nil, assignees: nil, milestone: nil,
32
- vulnerabilities_fixed: {}, branch_name_separator: "/",
33
- branch_name_prefix: "dependabot",
32
+ branch_name_separator: "/", branch_name_prefix: "dependabot",
34
33
  label_language: false, automerge_candidate: false,
35
34
  github_redirection_service: "github-redirect.dependabot.com",
36
35
  custom_headers: nil)
data/lib/dependabot/pull_request_creator/message_builder.rb CHANGED
@@ -178,7 +178,9 @@ module Dependabot
178
178
  msg += " This release includes the previously tagged commit."
179
179
  end
180
180
 
181
- if vulnerabilities_fixed[dependency.name]&.any?
181
+ if vulnerabilities_fixed[dependency.name]&.one?
182
+ msg += " **This update includes a security fix.**"
183
+ elsif vulnerabilities_fixed[dependency.name]&.any?
182
184
  msg += " **This update includes security fixes.**"
183
185
  end
184
186
 
@@ -275,16 +277,20 @@ module Dependabot
275
277
  end
276
278
 
277
279
  def metadata_cascades
278
- if dependencies.count == 1
280
+ if dependencies.one?
279
281
  return metadata_cascades_for_dep(dependencies.first)
280
282
  end
281
283
 
282
284
  dependencies.map do |dep|
283
285
  msg = "\n\nUpdates `#{dep.display_name}` from "\
284
286
  "#{previous_version(dep)} to #{new_version(dep)}"
285
- if vulnerabilities_fixed[dep.name]&.any?
286
- msg += ". **This update includes security fixes.**"
287
+
288
+ if vulnerabilities_fixed[dep.name]&.one?
289
+ msg += " **This update includes a security fix.**"
290
+ elsif vulnerabilities_fixed[dep.name]&.any?
291
+ msg += " **This update includes security fixes.**"
287
292
  end
293
+
288
294
  msg + metadata_cascades_for_dep(dep)
289
295
  end.join
290
296
  end
data/lib/dependabot/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Dependabot
4
- VERSION = "0.111.23"
4
+ VERSION = "0.111.24"
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.111.23
4
+ version: 0.111.24
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot