RubyGems - dependabot-common - Versions diffs - 0.145.4 → 0.146.0 - Mend

dependabot-common 0.145.4 → 0.146.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

checksums.yaml +4 -4
data/lib/dependabot/git_commit_checker.rb +25 -1
data/lib/dependabot/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ddf544db22f6cd0f186d30314a7f739c307fd39c6d6154ba3e3695707c940479
-  data.tar.gz: ea8f1f2404c68e01f90fa382b51994f9bc2d09ed31a01fe527a4acb69843406f
+  metadata.gz: c430c1ee8606e0ef67a7657c806dd1f0ae71e7a0275fd772a8fcc1f2e5b54fd5
+  data.tar.gz: 91566a14047344e54bab381aee4f30991ce0a6819a9860f3a1b0f0699501de86
 SHA512:
-  metadata.gz: 9467032f9bf7632a832e127f87755103b860725b05d18a6f6d198cd5b265e6f864e21c22d9aeab6bd1bab3328f44f94dfa2507b25a680beae7c3707968b5e0cf
-  data.tar.gz: 7f53c347a240b6a4a71bf645c96bd63e6ca5791e11a57eb944f544d8d70b192e679ded0e9e97fdf4b28f4883a2e1a58cd9de232a607222d038d0e13faf73c168
+  metadata.gz: d824e78a693db6f507603a3160b54e4808543307977acc99cfff5c93983ef08e1ea16ac6c2f381aa2db429587ffb59817703e5ef352ddea4ae94d034ed8a4d44
+  data.tar.gz: 00ffc4a86040393d70342f97654a25d75300166b4032950307b2183c56a08fa11880eafbe215259588fc106cf1d79f1c4721a6a73270210f2b6f197c5d34f222

data/lib/dependabot/git_commit_checker.rb CHANGED Viewed

@@ -87,13 +87,16 @@ module Dependabot
     end
     # rubocop:disable Metrics/PerceivedComplexity
+    # rubocop:disable Metrics/AbcSize
     def local_tag_for_latest_version
       tags =
         local_tags.
         select { |t| version_tag?(t.name) && matches_existing_prefix?(t.name) }
       filtered = tags.
                  reject { |t| tag_included_in_ignore_requirements?(t) }
-      raise Dependabot::AllVersionsIgnored if @raise_on_ignored && tags.any? && filtered.empty?
+      if @raise_on_ignored && filter_lower_versions(filtered).empty? && filter_lower_versions(tags).any?
+        raise Dependabot::AllVersionsIgnored
+      end
       tag = filtered.
             reject { |t| tag_is_prerelease?(t) && !wants_prerelease? }.
@@ -113,8 +116,29 @@ module Dependabot
         tag_sha: tag.tag_sha
       }
     end
+    # rubocop:enable Metrics/AbcSize
     # rubocop:enable Metrics/PerceivedComplexity
+    def current_version
+      return unless dependency.version && version_tag?(dependency.version)
+      version = dependency.version.match(VERSION_REGEX).named_captures.fetch("version")
+      version_class.new(version)
+    end
+    def filter_lower_versions(tags)
+      return tags unless current_version
+      versions = tags.map do |t|
+        version = t.name.match(VERSION_REGEX).named_captures.fetch("version")
+        version_class.new(version)
+      end
+      versions.select do |version|
+        version > current_version
+      end
+    end
     def local_tag_for_pinned_version
       return unless pinned?

data/lib/dependabot/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Dependabot
-  VERSION = "0.145.4"
+  VERSION = "0.146.0"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-common
 version: !ruby/object:Gem::Version
-  version: 0.145.4
+  version: 0.146.0
 platform: ruby
 authors:
 - Dependabot
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-05-10 00:00:00.000000000 Z
+date: 2021-05-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport