dependabot-common 0.111.7 → 0.111.8

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/pull_request_creator/message_builder/link_and_mention_sanitizer.rb +4 -3
  3. data/lib/dependabot/version.rb +1 -1
  4. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ce86ca8da2147ad678284d744654e9e42e0615f20849b8ccf174add656152d10
4
- data.tar.gz: d4b57371efc6d0ced3aa75e81c77eb24ec11aa51ee9e20e55d47c735221c6a12
3
+ metadata.gz: ae9ed2a8c00e2bc0ffd58eca5a2888e2839acdb1343b7abac949706248ab0ef9
4
+ data.tar.gz: 1909a0f9f38c07f6363c67082e5c5dc6fdf58013e072c7835bdf2e37025fa025
5
5
  SHA512:
6
- metadata.gz: 7d2f7a722cc8c55afaab3e1f1a7fcc409174a854a418cc2422aefc4bd10632a640fb2848cde77ca150ac615a3a7882648a18958c135d6543c9d154942fde6af0
7
- data.tar.gz: 7ab9ecc2578c551aee6cc8b477afa4bb1bf9aa328d460189d429e6b94aaf421ab86648fe9090b59cec3ceb90873b3aeb865d2e89475c2a3e33b2144d72e5ee6b
6
+ metadata.gz: 828d1fdeb75149f654a256fdb33a6c182401e290ede80afe31f17ccf76a3a97322bb8982d39e29c4973f6446ab0f7d8b09b66b421671bc3a277e19eb19beabd7
7
+ data.tar.gz: 49f80611a1a04c834f30334d94ddc902fec59ec3dd90f2d1a46d1787f2f495e5c76b547d9e417ba3b54a470f65630e4abc5b7dbbfb6925aad544eaab3054b662
data/lib/dependabot/pull_request_creator/message_builder/link_and_mention_sanitizer.rb CHANGED
@@ -6,9 +6,10 @@ module Dependabot
6
6
  class PullRequestCreator
7
7
  class MessageBuilder
8
8
  class LinkAndMentionSanitizer
9
+ GITHUB_USERNAME = /[a-z0-9]+(-[a-z0-9]+)*/i.freeze
9
10
  GITHUB_REF_REGEX = %r{
10
11
  (?:https?://)?
11
- github\.com/[^/\s]+/[^/\s]+/
12
+ github\.com/#{GITHUB_USERNAME}/[^/\s]+/
12
13
  (?:issue|pull)s?/(?<number>\d+)
13
14
  }x.freeze
14
15
 
@@ -49,8 +50,8 @@ module Dependabot
49
50
  private
50
51
 
51
52
  def sanitize_mentions(text)
52
- text.gsub(%r{(?<![A-Za-z0-9`~])@[\w][\w.-/]*}) do |mention|
53
- next mention if mention.include?("/")
53
+ text.gsub(%r{(?<![A-Za-z0-9`~])@#{GITHUB_USERNAME}/?}) do |mention|
54
+ next mention if mention.end_with?("/")
54
55
 
55
56
  last_match = Regexp.last_match
56
57
 
data/lib/dependabot/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Dependabot
4
- VERSION = "0.111.7"
4
+ VERSION = "0.111.8"
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.111.7
4
+ version: 0.111.8
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-07-14 00:00:00.000000000 Z
11
+ date: 2019-07-15 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-ecr