dependabot-common 0.117.1 → 0.117.2
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 14cdb8046ea54f46ad93439ad3f67cd803f00b6905ecce3d8edf26fa0857c686
|
4
|
+
data.tar.gz: 5b9174ab20e524e54eddb09bc48151ea1a8fea0912bf0b5c47e3a7b50c25762b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0312a8c36d969f3936ec0bd938b310aaa736ee59bb8be3c3200c59f6bf4ec2a9fbf1da60f468143d46ef682ae1a2d7092b4523f26d51e4ba786db7196c6ac1a9
|
7
|
+
data.tar.gz: c303d8bc132a106dacbce6a77e9b473c0e3a08cb2f1cdd3b0c967ffa62720f404aa1e54e1e49e627c43e592f3c4971b729dc3c166a989e4cc7beb2f77c9fb932
|
@@ -303,6 +303,8 @@ module Dependabot
|
|
303
303
|
end
|
304
304
|
|
305
305
|
def metadata_cascades_for_dep(dep)
|
306
|
+
break_tag = source_provider_supports_html? ? "\n<br />" : "\n\n"
|
307
|
+
|
306
308
|
msg = ""
|
307
309
|
msg += vulnerabilities_cascade(dep)
|
308
310
|
msg += release_cascade(dep)
|
@@ -310,7 +312,7 @@ module Dependabot
|
|
310
312
|
msg += upgrade_guide_cascade(dep)
|
311
313
|
msg += commits_cascade(dep)
|
312
314
|
msg += maintainer_changes_cascade(dep)
|
313
|
-
msg +=
|
315
|
+
msg += break_tag unless msg == ""
|
314
316
|
"\n" + sanitize_links_and_mentions(msg)
|
315
317
|
end
|
316
318
|
|
@@ -432,15 +434,19 @@ module Dependabot
|
|
432
434
|
def build_details_tag(summary:, body:)
|
433
435
|
# Azure DevOps does not support <details> tag (https://developercommunity.visualstudio.com/content/problem/608769/add-support-for-in-markdown.html)
|
434
436
|
# CodeCommit does not support the <details> tag (no url available)
|
435
|
-
if
|
436
|
-
"\n\##{summary}\n\n#{body}"
|
437
|
-
else
|
437
|
+
if source_provider_supports_html?
|
438
438
|
msg = "<details>\n<summary>#{summary}</summary>\n\n"
|
439
439
|
msg += body
|
440
440
|
msg + "</details>\n"
|
441
|
+
else
|
442
|
+
"\n\##{summary}\n\n#{body}"
|
441
443
|
end
|
442
444
|
end
|
443
445
|
|
446
|
+
def source_provider_supports_html?
|
447
|
+
!%w(azure codecommit).include?(source.provider)
|
448
|
+
end
|
449
|
+
|
444
450
|
def serialized_vulnerability_details(details)
|
445
451
|
msg = vulnerability_source_line(details)
|
446
452
|
|
@@ -659,6 +665,8 @@ module Dependabot
|
|
659
665
|
end
|
660
666
|
|
661
667
|
def sanitize_links_and_mentions(text)
|
668
|
+
return text unless source.provider == "github"
|
669
|
+
|
662
670
|
LinkAndMentionSanitizer.
|
663
671
|
new(github_redirection_service: github_redirection_service).
|
664
672
|
sanitize_links_and_mentions(text: text)
|
@@ -243,12 +243,22 @@ module Dependabot
|
|
243
243
|
end
|
244
244
|
|
245
245
|
def requirements_up_to_date?
|
246
|
-
|
247
|
-
|
248
|
-
|
249
|
-
|
246
|
+
if can_compare_requirements?
|
247
|
+
return (version_from_requirements >=
|
248
|
+
version_class.new(latest_version.to_s))
|
249
|
+
end
|
250
|
+
|
251
|
+
changed_requirements.none?
|
252
|
+
end
|
250
253
|
|
251
|
-
|
254
|
+
def can_compare_requirements?
|
255
|
+
version_from_requirements &&
|
256
|
+
latest_version &&
|
257
|
+
version_class.correct?(latest_version.to_s)
|
258
|
+
end
|
259
|
+
|
260
|
+
def changed_requirements
|
261
|
+
(updated_requirements - dependency.requirements)
|
252
262
|
end
|
253
263
|
|
254
264
|
def version_from_requirements
|
@@ -262,11 +272,9 @@ module Dependabot
|
|
262
272
|
end
|
263
273
|
|
264
274
|
def requirements_can_update?
|
265
|
-
|
266
|
-
|
267
|
-
return false if changed_reqs.none?
|
275
|
+
return false if changed_requirements.none?
|
268
276
|
|
269
|
-
|
277
|
+
changed_requirements.none? { |r| r[:requirement] == :unfixable }
|
270
278
|
end
|
271
279
|
|
272
280
|
def ignore_reqs
|
data/lib/dependabot/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-common
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.117.
|
4
|
+
version: 0.117.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-03-
|
11
|
+
date: 2020-03-09 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-codecommit
|