RubyGems - dependabot-common - Versions diffs - 0.309.0 → 0.310.0 - Mend

dependabot-common 0.309.0 → 0.310.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/lib/dependabot/package/package_latest_version_finder.rb +16 -9
data/lib/dependabot/shared_helpers.rb +1 -1
data/lib/dependabot.rb +1 -1
metadata +3 -3

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 10f070d6c3b5e109381e3c56635049cc30bcebbdfec2958cf7f29121402a1ebd
-  data.tar.gz: 1973d67a820a16c8d3b645602ccc34ac852fc916aa618a4910c2c2d056aef67d
+  metadata.gz: 618d4098b2362e8af62f7c1c095ecdbd8a1ef607f2b9331fc89b955bbcd418ab
+  data.tar.gz: d879b882612d81c2d337ede1049a93d9e249cf52b2d2dd9ebc64396805ab548e
 SHA512:
-  metadata.gz: f4ba5d04950b7d0c9cf206a1f0e7f4922d6860cf4a60749a6559b74b2b96944785aa18c137592fe5e7cb1dd3bd2658f017966f7eb0c90e2deb9610a635dc4b32
-  data.tar.gz: 600b87611c5b30f1429a0bfa0de814b912579904d54f9d281659b41edc5d4abe03e8ff2c8b7971fb3aa46c259b62e8974fea16a6fa4fb7ce51fd0f62fbc547e6
+  metadata.gz: 02af645b7369f659fd475c4b09b218e24fde7aba983ef43965aaccc2f329265901b62d2ad15b62163e385a6cbfc450202ccfe29c32a23ca9c67c3430f63de474
+  data.tar.gz: f6ac8fedec46a75ec2c0416977824f3d8be509494b8a64ace5c51292015b13b4ea33411d5b35c4ad76fe94d57dd9f917629191f78d39dc56cd248c0f2aaf31b0

data/lib/dependabot/package/package_latest_version_finder.rb CHANGED Viewed

@@ -19,6 +19,8 @@ module Dependabot
       extend T::Sig
       extend T::Helpers
+      DAY_IN_SECONDS = T.let(24 * 60 * 60, Integer)
       abstract!
       sig { returns(Dependabot::Dependency) }
@@ -160,7 +162,6 @@ module Dependabot
         return unless releases
         releases = filter_yanked_versions(releases)
-        releases = filter_by_cooldown(releases)
         releases = filter_unsupported_versions(releases, language_version)
         # versions = filter_prerelease_versions(versions)
         releases = Dependabot::UpdateCheckers::VersionFilters
@@ -211,14 +212,7 @@ module Dependabot
         return releases unless cooldown_enabled?
         return releases unless cooldown_options
-        current_version = dependency.version ? version_class.new(dependency.version) : nil
-        filtered = releases.reject do |release|
-          next false unless release.released_at
-          days = cooldown_days_for(current_version, release.version)
-          (Time.now.to_i - release.released_at.to_i) < (days * 24 * 60 * 60)
-        end
+        filtered = releases.reject { |release| in_cooldown_period?(release) }
         if releases.count > filtered.count
           Dependabot.logger.info("Filtered out #{releases.count - filtered.count} versions due to cooldown")
@@ -226,6 +220,19 @@ module Dependabot
         filtered
       end
+      sig { params(release: Dependabot::Package::PackageRelease).returns(T::Boolean) }
+      def in_cooldown_period?(release)
+        return false unless release.released_at
+        current_version = version_class.correct?(dependency.version) ? version_class.new(dependency.version) : nil
+        days = cooldown_days_for(current_version, release.version)
+        # Calculate the number of seconds passed since the release
+        passed_seconds = Time.now.to_i - release.released_at.to_i
+        # Check if the release is within the cooldown period
+        passed_seconds < days * DAY_IN_SECONDS
+      end
       sig do
         params(
           releases: T::Array[Dependabot::Package::PackageRelease],

data/lib/dependabot/shared_helpers.rb CHANGED Viewed

@@ -90,7 +90,7 @@ module Dependabot
       sig { returns(String) }
       attr_reader :error_class
-      sig { returns(T::Hash[Symbol, String]) }
+      sig { returns(T::Hash[Symbol, T.untyped]) }
       attr_reader :error_context
       sig { returns(T.nilable(T::Array[String])) }

data/lib/dependabot.rb CHANGED Viewed

@@ -2,5 +2,5 @@
 # frozen_string_literal: true
 module Dependabot
-  VERSION = "0.309.0"
+  VERSION = "0.310.0"
 end

metadata CHANGED Viewed

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-common
 version: !ruby/object:Gem::Version
-  version: 0.309.0
+  version: 0.310.0
 platform: ruby
 authors:
 - Dependabot
 bindir: bin
 cert_chain: []
-date: 2025-04-17 00:00:00.000000000 Z
+date: 2025-04-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-codecommit
@@ -627,7 +627,7 @@ licenses:
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.309.0
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.310.0
 rdoc_options: []
 require_paths:
 - lib