dependabot-common 0.250.0 → 0.251.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/dependency.rb +3 -1
- data/lib/dependabot/metadata_finders/base/changelog_finder.rb +9 -0
- data/lib/dependabot/pull_request_creator/github.rb +1 -0
- data/lib/dependabot/pull_request_creator/message_builder.rb +27 -8
- data/lib/dependabot/pull_request_updater/github.rb +2 -1
- data/lib/dependabot.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7a434c5c00b5a51f18a1999a4a120d28c8e2cd8b52efb44146cb01e4165b2421
|
|
4
|
+
data.tar.gz: f4c755156b9f6d3b66e6ff57d7d7c0ba417627ab74cd9aab34c28a1f9c397bbf
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 53daea6535edab5620dc074b2563858b26c27defe804cb10d8e2cc39579affd42c1993998ee65c063ec375bae2a3211770a43f126589c96ce7c1b3d95f3e66db
|
|
7
|
+
data.tar.gz: a11371492f650794ec47e29f13db7a22b400c751d2bf6d00831f1c4c0efce11e66b3110fa38303c681570af6fc336a0510242fa20f8e5bf352fbae71b9e0ed16
|
|
@@ -214,7 +214,7 @@ module Dependabot
|
|
|
214
214
|
|
|
215
215
|
sig { returns(T.nilable(String)) }
|
|
216
216
|
def humanized_version
|
|
217
|
-
return if removed?
|
|
217
|
+
return "removed" if removed?
|
|
218
218
|
|
|
219
219
|
if T.must(version).match?(/^[0-9a-f]{40}/)
|
|
220
220
|
return new_ref if ref_changed? && new_ref
|
|
@@ -238,6 +238,8 @@ module Dependabot
|
|
|
238
238
|
|
|
239
239
|
sig { returns(T.nilable(String)) }
|
|
240
240
|
def previous_ref
|
|
241
|
+
return nil if previous_requirements.nil?
|
|
242
|
+
|
|
241
243
|
previous_refs = T.must(previous_requirements).filter_map do |r|
|
|
242
244
|
r.dig(:source, "ref") || r.dig(:source, :ref)
|
|
243
245
|
end.uniq
|
|
@@ -128,6 +128,15 @@ module Dependabot
|
|
|
128
128
|
tmp_files = T.unsafe(suggested_source_client).contents(suggested_source&.repo, opts)
|
|
129
129
|
|
|
130
130
|
filename = T.must(T.must(suggested_changelog_url).split("/").last).split("#").first
|
|
131
|
+
|
|
132
|
+
# If the suggested source points to a specific directory
|
|
133
|
+
# then we will receive a hash for just the changelog file
|
|
134
|
+
if suggested_source&.directory && tmp_files[:name] == filename
|
|
135
|
+
return @changelog_from_suggested_url = tmp_files
|
|
136
|
+
end
|
|
137
|
+
|
|
138
|
+
# Otherwise we will get back an array of hashes representing the files
|
|
139
|
+
# in the root directory and we need to find the changelog
|
|
131
140
|
@changelog_from_suggested_url =
|
|
132
141
|
tmp_files.find { |f| f.name == filename }
|
|
133
142
|
rescue Octokit::NotFound, Octokit::UnavailableForLegalReasons
|
|
@@ -396,6 +396,7 @@ module Dependabot
|
|
|
396
396
|
return true if message.include?("Could not resolve to a node")
|
|
397
397
|
return true if message.include?("not a collaborator")
|
|
398
398
|
return true if message.include?("Could not add requested reviewers")
|
|
399
|
+
return true if message.include?("Review cannot be requested from pull request author")
|
|
399
400
|
|
|
400
401
|
false
|
|
401
402
|
end
|
|
@@ -233,22 +233,41 @@ module Dependabot
|
|
|
233
233
|
|
|
234
234
|
sig { returns(String) }
|
|
235
235
|
def group_pr_name
|
|
236
|
+
if source.directories
|
|
237
|
+
grouped_directory_name
|
|
238
|
+
else
|
|
239
|
+
grouped_name
|
|
240
|
+
end
|
|
241
|
+
end
|
|
242
|
+
|
|
243
|
+
sig { returns(String) }
|
|
244
|
+
def grouped_name
|
|
245
|
+
updates = dependencies.map(&:name).uniq.count
|
|
246
|
+
if dependencies.count == 1
|
|
247
|
+
"#{solo_pr_name} in the #{T.must(dependency_group).name} group"
|
|
248
|
+
else
|
|
249
|
+
"bump the #{T.must(dependency_group).name} group#{pr_name_directory} " \
|
|
250
|
+
"with #{updates} update#{'s' if updates > 1}"
|
|
251
|
+
end
|
|
252
|
+
end
|
|
253
|
+
|
|
254
|
+
sig { returns(String) }
|
|
255
|
+
def grouped_directory_name
|
|
256
|
+
updates = dependencies.map(&:name).uniq.count
|
|
257
|
+
|
|
236
258
|
directories_from_dependencies = dependencies.to_set { |dep| dep.metadata[:directory] }
|
|
237
259
|
|
|
238
260
|
directories_with_updates = source.directories&.filter do |directory|
|
|
239
261
|
directories_from_dependencies.include?(directory)
|
|
240
262
|
end
|
|
241
263
|
|
|
242
|
-
|
|
243
|
-
|
|
244
|
-
|
|
264
|
+
if dependencies.count == 1
|
|
265
|
+
"#{solo_pr_name} in the #{T.must(dependency_group).name} group across " \
|
|
266
|
+
"#{T.must(directories_with_updates).count} directory"
|
|
267
|
+
else
|
|
245
268
|
"bump the #{T.must(dependency_group).name} group across #{T.must(directories_with_updates).count} " \
|
|
246
269
|
"#{T.must(directories_with_updates).count > 1 ? 'directories' : 'directory'} " \
|
|
247
270
|
"with #{updates} update#{'s' if updates > 1}"
|
|
248
|
-
else
|
|
249
|
-
"bump the #{T.must(dependency_group).name} group#{pr_name_directory} with #{updates} update#{if updates > 1
|
|
250
|
-
's'
|
|
251
|
-
end}"
|
|
252
271
|
end
|
|
253
272
|
end
|
|
254
273
|
|
|
@@ -478,7 +497,7 @@ module Dependabot
|
|
|
478
497
|
"`#{dep.humanized_version}`"
|
|
479
498
|
]
|
|
480
499
|
end
|
|
481
|
-
"\n\n#{table([header] + rows)}"
|
|
500
|
+
"\n\n#{table([header] + rows)}\n"
|
|
482
501
|
elsif update_count > 1
|
|
483
502
|
dependency_links_in_directory = dependency_links_for_directory(directory)
|
|
484
503
|
" #{T.must(T.must(dependency_links_in_directory)[0..-2]).join(', ')}" \
|
|
@@ -229,7 +229,8 @@ module Dependabot
|
|
|
229
229
|
if e.message.match?(/protected branch/i) ||
|
|
230
230
|
e.message.match?(/not authorized to push/i) ||
|
|
231
231
|
e.message.include?("must not contain merge commits") ||
|
|
232
|
-
e.message.match?(/required status check/i)
|
|
232
|
+
e.message.match?(/required status check/i) ||
|
|
233
|
+
e.message.match?(/cannot force-push to this branch/i)
|
|
233
234
|
raise BranchProtected
|
|
234
235
|
end
|
|
235
236
|
|
data/lib/dependabot.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-common
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.251.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-04-
|
|
11
|
+
date: 2024-04-05 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-codecommit
|
|
@@ -583,7 +583,7 @@ licenses:
|
|
|
583
583
|
- Nonstandard
|
|
584
584
|
metadata:
|
|
585
585
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
586
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
586
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.251.0
|
|
587
587
|
post_install_message:
|
|
588
588
|
rdoc_options: []
|
|
589
589
|
require_paths:
|