dependabot-common 0.222.0 → 0.223.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/dependency_group.rb +26 -4
- data/lib/dependabot.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 18ecca84ce32ec9c88e10c027588144887dcbec20f59878d30d8d3c26d0d41f4
|
|
4
|
+
data.tar.gz: 4a13a9d395adf5c8567523e6afb21ab4dc2d265b98d30f2c99bee1b19d8c5119
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9ce88a617e9e8d0952c76630f8f8c76956a38f66cedc06e2da6f360ceaf9b28a52fef49be84102213a4262d96abf56c7ec55c6d75fc53e6e6b6653d3c8f363b1
|
|
7
|
+
data.tar.gz: 4b58cd7780d8c2c4f8d18a0622a7a16d2f0ace2204098d5376b4077fef02a1b6629cea77c4b280f745b4e4946568d9be2014e6e38f31ac088696eb981d69019a
|
|
@@ -15,11 +15,9 @@ module Dependabot
|
|
|
15
15
|
|
|
16
16
|
def contains?(dependency)
|
|
17
17
|
return true if @dependencies.include?(dependency)
|
|
18
|
+
return false if matches_excluded_pattern?(dependency.name)
|
|
18
19
|
|
|
19
|
-
|
|
20
|
-
negative_match = rules["exclude-patterns"]&.any? { |rule| WildcardMatcher.match?(rule, dependency.name) }
|
|
21
|
-
|
|
22
|
-
positive_match && !negative_match
|
|
20
|
+
matches_pattern?(dependency.name) && matches_dependency_type?(dependency)
|
|
23
21
|
end
|
|
24
22
|
|
|
25
23
|
def to_h
|
|
@@ -32,5 +30,29 @@ module Dependabot
|
|
|
32
30
|
"groups" => { name => rules }
|
|
33
31
|
}.to_yaml.delete_prefix("---\n")
|
|
34
32
|
end
|
|
33
|
+
|
|
34
|
+
private
|
|
35
|
+
|
|
36
|
+
def matches_pattern?(dependency_name)
|
|
37
|
+
return true unless rules.key?("patterns") # If no patterns are defined, we pass this check by default
|
|
38
|
+
|
|
39
|
+
rules["patterns"].any? { |rule| WildcardMatcher.match?(rule, dependency_name) }
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
def matches_excluded_pattern?(dependency_name)
|
|
43
|
+
return false unless rules.key?("exclude-patterns") # If there are no exclusions, fail by default
|
|
44
|
+
|
|
45
|
+
rules["exclude-patterns"].any? { |rule| WildcardMatcher.match?(rule, dependency_name) }
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
def matches_dependency_type?(dependency)
|
|
49
|
+
return true unless rules.key?("dependency-type") # If no dependency-type is set, match by default
|
|
50
|
+
|
|
51
|
+
rules["dependency-type"] == if dependency.production?
|
|
52
|
+
"production"
|
|
53
|
+
else
|
|
54
|
+
"development"
|
|
55
|
+
end
|
|
56
|
+
end
|
|
35
57
|
end
|
|
36
58
|
end
|
data/lib/dependabot.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-common
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.223.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -486,7 +486,7 @@ licenses:
|
|
|
486
486
|
- Nonstandard
|
|
487
487
|
metadata:
|
|
488
488
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
489
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
489
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.223.0
|
|
490
490
|
post_install_message:
|
|
491
491
|
rdoc_options: []
|
|
492
492
|
require_paths:
|