dependabot-common 0.133.3 → 0.133.4

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 621b8f1d1446707310d05dc4604ffd165647c854a798769238eb0fb559f5dfb7
4
- data.tar.gz: 1c51b9ad36e7505bf32bb602204496724066dba3faf31fb670b7455c21343654
3
+ metadata.gz: a3d5d721fc17d18d1d740404ae3ac0aacef9c28409fdf192b0e3c47269aa2e5f
4
+ data.tar.gz: 294156f77b61a3ec2a6665a07d76d1b8216e7ac179191ae5b83f49718c1b4fd9
5
5
  SHA512:
6
- metadata.gz: 645167b11e32b255b7adfccd5d4576a9ff75acc1831b4217fe2a576d7c986fa8420f969e2f625a37c149f9558244ec856f360c8cc778754248d7ec1c97c5aa2c
7
- data.tar.gz: 8ae340d2829359872470e09661e3e238b244b829c6bc374b58796addf0770c61bd3d2b5f98fb05731d6cba639f84204cda980d0c7d845dd8f4f3455e01b39ab7
6
+ metadata.gz: 7ac09f29ecd290398e38429b5564ff2612fdbab03f5ef45f1080797990fea477bf5a936df19fe5e80bff26c27d8c1da138041507c2cc86d84c2f33160fb4aee7
7
+ data.tar.gz: 59898124d1514cfd0a1c7e9bbb5e62831e1fef955c7aec0a9894048910f1da78d16868297dc72775a2516c66b155912070cfc7ba36af25127e131f7f3245b0c7
@@ -48,6 +48,8 @@ module Dependabot
48
48
  "/_apis/git/repositories/" + source.unscoped_repo +
49
49
  "/stats/branches?name=" + branch)
50
50
 
51
+ raise NotFound if response.status == 400
52
+
51
53
  JSON.parse(response.body).fetch("commit").fetch("commitId")
52
54
  end
53
55
 
@@ -119,7 +119,7 @@ module Dependabot
119
119
 
120
120
  def build_mention_link_text_nodes(text)
121
121
  code_node = CommonMarker::Node.new(:code)
122
- code_node.string_content = text
122
+ code_node.string_content = insert_zero_width_space_in_mention(text)
123
123
  [code_node]
124
124
  end
125
125
 
@@ -127,11 +127,19 @@ module Dependabot
127
127
  link_node = CommonMarker::Node.new(:link)
128
128
  code_node = CommonMarker::Node.new(:code)
129
129
  link_node.url = url
130
- code_node.string_content = text
130
+ code_node.string_content = insert_zero_width_space_in_mention(text)
131
131
  link_node.append_child(code_node)
132
132
  link_node
133
133
  end
134
134
 
135
+ # NOTE: Add a zero-width space between the @ and the username to prevent
136
+ # email replies on dependabot pull requests triggering notifications to
137
+ # users who've been mentioned in changelogs etc. PR email replies parse
138
+ # the content of the pull request body in plain text.
139
+ def insert_zero_width_space_in_mention(mention)
140
+ mention.sub("@", "@\u200B").encode("utf-8")
141
+ end
142
+
135
143
  def parent_node_link?(node)
136
144
  node.type == :link || node.parent && parent_node_link?(node.parent)
137
145
  end
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Dependabot
4
- VERSION = "0.133.3"
4
+ VERSION = "0.133.4"
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.133.3
4
+ version: 0.133.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-02-16 00:00:00.000000000 Z
11
+ date: 2021-02-18 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-codecommit
@@ -284,14 +284,14 @@ dependencies:
284
284
  requirements:
285
285
  - - "~>"
286
286
  - !ruby/object:Gem::Version
287
- version: 1.9.0
287
+ version: 1.10.0
288
288
  type: :development
289
289
  prerelease: false
290
290
  version_requirements: !ruby/object:Gem::Requirement
291
291
  requirements:
292
292
  - - "~>"
293
293
  - !ruby/object:Gem::Version
294
- version: 1.9.0
294
+ version: 1.10.0
295
295
  - !ruby/object:Gem::Dependency
296
296
  name: simplecov
297
297
  requirement: !ruby/object:Gem::Requirement