dependabot-common 0.138.3 → 0.138.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e641bd769bff02bada5d6ac15aae0f36db359f9927c307380518734a1c247bc4
-  data.tar.gz: 90f663cd6eb56dcf15293d7d2d1c024fbeaf81b3f655aeb331b533b8304431a0
+  metadata.gz: 14ae4d91b175345efcbfffe976cf9a20f2277473c583b07f19e6353e9d373300
+  data.tar.gz: be979b47ea466aac90dcb8a76700bc55de2bd7097164c8d3a42c22830a8289a0
 SHA512:
-  metadata.gz: 30cc3c8485549d51df81a3cceb9ad9518f2b8e565e756ff91088c8fc6cf344b275daa1b47e23fa626e4113cbefffa26883649072b1d3110260ffcf8a7fd351a5
-  data.tar.gz: 3117d469414de33432a4adce6ffdf980b7768bd32bfad5899f7a346a325ec4d3618563d1cf597f1ec73af7ecf5289a896380020062a122c862b1a5d6ecba15ae
+  metadata.gz: 791f65bf9e7f571729b689deecab539e90d7d4a37dc7a81d98efda97bd8133a0193bc5800155f5b93ecddd352a6ef70f0ab6899c65c5b31c136b62a8c40aded6
+  data.tar.gz: df3bb8557fee184c4a45fb53a096db04b3aa59d4cd697dd324d157a2dda983ef95f3d2d6504c439f0d43caafedddf4dd00ec2b17bcc9ca6600a691b149ec393c

data/lib/dependabot/pull_request_creator.rb

@@ -13,6 +13,18 @@ module Dependabot
     require "dependabot/pull_request_creator/branch_namer"
     require "dependabot/pull_request_creator/labeler"
 
+    # Dependabot programmatically creates PRs which often include a large
+    # number of links to objects on `github.com`. GitHub hydrates these into
+    # rich links that leave a 'mention' on target Issues/Pull Requests.
+    #
+    # Due to the volume and nature of Dependabot PRs, these mentions are not
+    # useful and can overwhelm maintainers, so we use a redirection service
+    # to avoid enrichment.
+    #
+    # If you wish to disable this behaviour when using Dependabot Core directly,
+    # pass a nil value when initialising this class.
+    DEFAULT_GITHUB_REDIRECTION_SERVICE = "github-redirect.dependabot.com"
+
     class RepoNotFound < StandardError; end
 
     class RepoArchived < StandardError; end
@@ -46,7 +58,7 @@ module Dependabot
                    reviewers: nil, assignees: nil, milestone: nil,
                    branch_name_separator: "/", branch_name_prefix: "dependabot",
                    label_language: false, automerge_candidate: false,
-                   github_redirection_service: "github-redirect.dependabot.com",
+                   github_redirection_service: DEFAULT_GITHUB_REDIRECTION_SERVICE,
                    custom_headers: nil, require_up_to_date_base: false,
                    provider_metadata: {}, message: nil)
       @dependencies               = dependencies

data/lib/dependabot/pull_request_creator/message_builder.rb

@@ -25,7 +25,7 @@ module Dependabot
       def initialize(source:, dependencies:, files:, credentials:,
                      pr_message_header: nil, pr_message_footer: nil,
                      commit_message_options: {}, vulnerabilities_fixed: {},
-                     github_redirection_service: nil)
+                     github_redirection_service:)
         @dependencies               = dependencies
         @files                      = files
         @source                     = source

data/lib/dependabot/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Dependabot
-  VERSION = "0.138.3"
+  VERSION = "0.138.4"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-common
 version: !ruby/object:Gem::Version
-  version: 0.138.3
+  version: 0.138.4
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-03-24 00:00:00.000000000 Z
+date: 2021-03-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport