dependabot-common 0.180.3 → 0.180.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0b4c1b2ea482de6dfe3ed2f5d528b9d955af8b8003a6b2ee0a525e7684bffb74
-  data.tar.gz: 5b3965c5bbb71869e057f04a20e561ba4ccef3b985133dfefb0ed48654d62d41
+  metadata.gz: 69c13790844f3adc89fca6098d10347c8cbc3b107cba4fd5c79d97ae6f95da72
+  data.tar.gz: c1cf5f0b739777e8e32aea9fcf8ff94091855ef476d764d9c9e7e58b2f1630b9
 SHA512:
-  metadata.gz: ebc82fe32f383fea95e3ae56f56f6d49b3fef6d483e548db131a8a8f02a93bfbf804ab26121b38fe75384aad2d23f53ebefef510bd286c9a5433d88f37ef5522
-  data.tar.gz: 2a88f5f5c1c021e7607fbc43b9300ceba2b8f31a1126dfc2f15df60978190d532c7f14e5a615bf86b226e0f0bffd18d8d69903182a4807c5407c18550bbe9bcb
+  metadata.gz: 97ef272ff9eb8e81378a1b194bd6248fc24f4c583f76a2e18bd4c665d5509a9f373e7f68587b429cd38f384065d4ea27573bcbe077921d34a52f6d27bc87cc9d
+  data.tar.gz: 1419172a90084a996e486ad4a5269507ffa0bffa8b6bd38eed62f19f0916ba7e4a6ce834de00ae2e296f2ddca3fbaa4db67f6eef5846b6404a9a9eb03cd49704

data/lib/dependabot/git_commit_checker.rb

@@ -86,25 +86,27 @@ module Dependabot
       raise Dependabot::GitDependencyReferenceNotFound, dependency.name
     end
 
-    # rubocop:disable Metrics/PerceivedComplexity
-    # rubocop:disable Metrics/AbcSize
-    def local_tag_for_latest_version
-      tags =
-        local_tags.
-        select { |t| version_tag?(t.name) && matches_existing_prefix?(t.name) }
-      filtered = tags.
-                 reject { |t| tag_included_in_ignore_requirements?(t) }
-      if @raise_on_ignored && filter_lower_versions(filtered).empty? && filter_lower_versions(tags).any?
-        raise Dependabot::AllVersionsIgnored
-      end
+    def local_tags_for_latest_version_commit_sha
+      tags = allowed_version_tags
+      max_tag = max_version_tag(tags)
+
+      return [] unless max_tag
+
+      tags.
+        select { |t| t.commit_sha == max_tag.commit_sha }.
+        map do |t|
+          version = t.name.match(VERSION_REGEX).named_captures.fetch("version")
+          {
+            tag: t.name,
+            version: version_class.new(version),
+            commit_sha: t.commit_sha,
+            tag_sha: t.tag_sha
+          }
+        end
+    end
 
-      tag = filtered.
-            reject { |t| tag_is_prerelease?(t) && !wants_prerelease? }.
-            max_by do |t|
-              version = t.name.match(VERSION_REGEX).named_captures.
-                        fetch("version")
-              version_class.new(version)
-            end
+    def local_tag_for_latest_version
+      tag = max_version_tag(allowed_version_tags)
 
       return unless tag
 
@@ -116,8 +118,29 @@ module Dependabot
         tag_sha: tag.tag_sha
       }
     end
-    # rubocop:enable Metrics/AbcSize
-    # rubocop:enable Metrics/PerceivedComplexity
+
+    def max_version_tag(tags)
+      tags.
+        max_by do |t|
+        version = t.name.match(VERSION_REGEX).named_captures.
+                  fetch("version")
+        version_class.new(version)
+      end
+    end
+
+    def allowed_version_tags
+      tags =
+        local_tags.
+        select { |t| version_tag?(t.name) && matches_existing_prefix?(t.name) }
+      filtered = tags.
+                 reject { |t| tag_included_in_ignore_requirements?(t) }
+      if @raise_on_ignored && filter_lower_versions(filtered).empty? && filter_lower_versions(tags).any?
+        raise Dependabot::AllVersionsIgnored
+      end
+
+      filtered.
+        reject { |t| tag_is_prerelease?(t) && !wants_prerelease? }
+    end
 
     def current_version
       return unless dependency.version && version_tag?(dependency.version)

data/lib/dependabot/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Dependabot
-  VERSION = "0.180.3"
+  VERSION = "0.180.4"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-common
 version: !ruby/object:Gem::Version
-  version: 0.180.3
+  version: 0.180.4
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-04-04 00:00:00.000000000 Z
+date: 2022-04-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport