dependabot-common 0.303.0 → 0.304.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/package/package_latest_version_finder.rb +8 -4
  3. data/lib/dependabot/package/package_release.rb +9 -4
  4. data/lib/dependabot.rb +1 -1
  5. metadata +21 -7
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f75e7474b3a1d0d8b86c472e259a4b5a8f47b4c99dccdb25cdedc7913c119cac
4
- data.tar.gz: bca3c660b93c7b0e5d2d114ad15b5c06788ff312dfa299424727340cfe039fcb
3
+ metadata.gz: 6bbfade51beac4689cd6b9e1fc06da529c4559a682daf9665b1a8a30105e5f80
4
+ data.tar.gz: e5877835ffdd8f8bb7a6956b410f3928f8be6f96907f2db0f07f67b683d6ab22
5
5
  SHA512:
6
- metadata.gz: 966ee8cf04cd9e2f4e82ad24e817e22a7defc87d412671f5687577ea840e742695f0ca66e2dd1832c8d20cf039e2a5698d4ecd7c513b00b5347a0157e66a7da0
7
- data.tar.gz: 8bac029f2116ff7985f610a5b214a291d1b747283f7a69bdba158a2208f5a9df4d616fa1fdde5b877e1029107761806798a98ff0333fdef443fce4055caede56
6
+ metadata.gz: 72303ea39dfcf5f6497062bdac90a943b29ecc9406ba913bc47c981405ecfd0bd0d71b98a9d33cbec68d453634037c26c311de71162c138f472747482f7be7c7
7
+ data.tar.gz: a33afc379842f423ab4c6606b97e4ef141ba95a417f011f5b1f8530770400a2c0bdc163ac0e465ff00ffdf57963e6b4d304e7d10364cac09484a4968ce00dd4b
data/lib/dependabot/package/package_latest_version_finder.rb CHANGED
@@ -10,7 +10,6 @@ require "dependabot/security_advisory"
10
10
  require "dependabot/dependency"
11
11
  require "dependabot/update_checkers/version_filters"
12
12
  require "dependabot/registry_client"
13
- require "dependabot/bundler"
14
13
  require "dependabot/package/package_details"
15
14
  require "dependabot/package/release_cooldown_options"
16
15
 
@@ -121,7 +120,7 @@ module Dependabot
121
120
  params(language_version: T.nilable(T.any(String, Version)))
122
121
  .returns(T.nilable(Dependabot::Version))
123
122
  end
124
- def fetch_latest_version(language_version:)
123
+ def fetch_latest_version(language_version: nil)
125
124
  version_hashes = available_versions
126
125
  return unless version_hashes
127
126
 
@@ -130,10 +129,15 @@ module Dependabot
130
129
  versions = filter_unsupported_versions(version_hashes, language_version)
131
130
  versions = filter_prerelease_versions(versions)
132
131
  versions = filter_ignored_versions(versions)
133
-
132
+ versions = apply_post_fetch_latest_versions_filter(versions)
134
133
  versions.max
135
134
  end
136
135
 
136
+ sig { params(versions: T::Array[Dependabot::Version]).returns(T::Array[Dependabot::Version]) }
137
+ def apply_post_fetch_latest_versions_filter(versions)
138
+ versions
139
+ end
140
+
137
141
  sig do
138
142
  params(language_version: T.nilable(T.any(String, Version)))
139
143
  .returns(T.nilable(Dependabot::Version))
@@ -148,7 +152,7 @@ module Dependabot
148
152
  versions = filter_prerelease_versions(versions)
149
153
  versions = filter_ignored_versions(versions)
150
154
  versions = filter_out_of_range_versions(versions)
151
-
155
+ versions = apply_post_fetch_latest_versions_filter(versions)
152
156
  versions.max
153
157
  end
154
158
 
data/lib/dependabot/package/package_release.rb CHANGED
@@ -22,9 +22,9 @@ module Dependabot
22
22
  downloads: T.nilable(Integer),
23
23
  url: T.nilable(String),
24
24
  package_type: T.nilable(String),
25
- language: T.nilable(Dependabot::Package::PackageLanguage)
26
- )
27
- .void
25
+ language: T.nilable(Dependabot::Package::PackageLanguage),
26
+ details: T::Hash[String, T.untyped]
27
+ ).void
28
28
  end
29
29
  def initialize(
30
30
  version:,
@@ -35,7 +35,8 @@ module Dependabot
35
35
  downloads: nil,
36
36
  url: nil,
37
37
  package_type: nil,
38
- language: nil
38
+ language: nil,
39
+ details: {}
39
40
  )
40
41
  @version = T.let(version, Dependabot::Version)
41
42
  @released_at = T.let(released_at, T.nilable(Time))
@@ -46,6 +47,7 @@ module Dependabot
46
47
  @url = T.let(url, T.nilable(String))
47
48
  @package_type = T.let(package_type, T.nilable(String))
48
49
  @language = T.let(language, T.nilable(Dependabot::Package::PackageLanguage))
50
+ @details = T.let(details, T::Hash[String, T.untyped])
49
51
  end
50
52
 
51
53
  sig { returns(Dependabot::Version) }
@@ -75,6 +77,9 @@ module Dependabot
75
77
  sig { returns(T.nilable(Dependabot::Package::PackageLanguage)) }
76
78
  attr_reader :language
77
79
 
80
+ sig { returns(T::Hash[String, T.untyped]) }
81
+ attr_reader :details
82
+
78
83
  sig { returns(T::Boolean) }
79
84
  def yanked?
80
85
  @yanked
data/lib/dependabot.rb CHANGED
@@ -2,5 +2,5 @@
2
2
  # frozen_string_literal: true
3
3
 
4
4
  module Dependabot
5
- VERSION = "0.303.0"
5
+ VERSION = "0.304.0"
6
6
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.303.0
4
+ version: 0.304.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2025-03-27 00:00:00.000000000 Z
11
+ date: 2025-04-03 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-codecommit
@@ -202,28 +202,42 @@ dependencies:
202
202
  requirements:
203
203
  - - "~>"
204
204
  - !ruby/object:Gem::Version
205
- version: '1.4'
205
+ version: '1.5'
206
+ type: :runtime
207
+ prerelease: false
208
+ version_requirements: !ruby/object:Gem::Requirement
209
+ requirements:
210
+ - - "~>"
211
+ - !ruby/object:Gem::Version
212
+ version: '1.5'
213
+ - !ruby/object:Gem::Dependency
214
+ name: opentelemetry-logs-api
215
+ requirement: !ruby/object:Gem::Requirement
216
+ requirements:
217
+ - - "~>"
218
+ - !ruby/object:Gem::Version
219
+ version: '0.2'
206
220
  type: :runtime
207
221
  prerelease: false
208
222
  version_requirements: !ruby/object:Gem::Requirement
209
223
  requirements:
210
224
  - - "~>"
211
225
  - !ruby/object:Gem::Version
212
- version: '1.4'
226
+ version: '0.2'
213
227
  - !ruby/object:Gem::Dependency
214
228
  name: opentelemetry-metrics-api
215
229
  requirement: !ruby/object:Gem::Requirement
216
230
  requirements:
217
231
  - - "~>"
218
232
  - !ruby/object:Gem::Version
219
- version: '0.1'
233
+ version: '0.3'
220
234
  type: :runtime
221
235
  prerelease: false
222
236
  version_requirements: !ruby/object:Gem::Requirement
223
237
  requirements:
224
238
  - - "~>"
225
239
  - !ruby/object:Gem::Version
226
- version: '0.1'
240
+ version: '0.3'
227
241
  - !ruby/object:Gem::Dependency
228
242
  name: parser
229
243
  requirement: !ruby/object:Gem::Requirement
@@ -614,7 +628,7 @@ licenses:
614
628
  - MIT
615
629
  metadata:
616
630
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
617
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.303.0
631
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.304.0
618
632
  post_install_message:
619
633
  rdoc_options: []
620
634
  require_paths: