RubyGems - dependabot-common - Versions diffs - 0.362.0 → 0.363.0 - Mend

dependabot-common 0.362.0 → 0.363.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

checksums.yaml +4 -4
data/lib/dependabot/clients/codecommit.rb +3 -3
data/lib/dependabot/config/ignore_condition.rb +2 -2
data/lib/dependabot/errors.rb +9 -0
data/lib/dependabot/file_fetchers/base.rb +14 -14
data/lib/dependabot/metadata_finders/base/changelog_finder.rb +2 -0
data/lib/dependabot/metadata_finders/base/commits_finder.rb +15 -15
data/lib/dependabot/package/package_latest_version_finder.rb +6 -6
data/lib/dependabot.rb +1 -1
metadata +6 -6

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e954f8150ee22e565d732b1d6144a2d6bb8ff66ea574264721f27d243ed5ab05
-  data.tar.gz: e6e93fd3f2acd820f9b8e2479dd60869ea2f4141d0a0cf5a05d6ef9262ac8951
+  metadata.gz: b04a10a34f26b5eb05c6a7e6c789fdda3bde3d118ab31eb1862e725f81aa930e
+  data.tar.gz: d8877825b52d5f928171490bf935afc2cf2b8272d39bb5d47244b57d3c4c62f8
 SHA512:
-  metadata.gz: 36a4b41db9cd89b1e82424525594e489992c8a58a56de02e2bfadc425a90abbe2610725c79f888e11bcb6a0d2ad9a1ce6260b6367f4d4679aac885fb53a2fa0c
-  data.tar.gz: 95dd669d3d28b2cc8edb23922eb59e580c561ed8021cd84cf067d8d74f1c22aa2b00fdcb299ba57b89e59d7d32528d3401cfb7f39e03806763f164074163019b
+  metadata.gz: 66c72eb2bc6a5890de1573e828b0bf6f5f8c826c4e80d5d8c1eae0f49ac5803a2b5e1c3e8273ce9be624e32f78f854f661c03a0cea3da5423b558f69329553f3
+  data.tar.gz: 9a8004bb292cebee846bc91ba9fe96d1e0ab632d8bb73522377ec1b98c88a2d99e6408f46792e3b19940d62bffbd109dbae34c7ca1e4b359b90df05bb198942a

data/lib/dependabot/clients/codecommit.rb CHANGED Viewed

@@ -296,9 +296,9 @@ module Dependabot
           title: pr_name,
           description: pr_description,
           targets: [
-            repository_name: source.unscoped_repo,
-            source_reference: target_branch,
-            destination_reference: source_branch
+            { repository_name: source.unscoped_repo,
+              source_reference: target_branch,
+              destination_reference: source_branch }
           ]
         )
       end

data/lib/dependabot/config/ignore_condition.rb CHANGED Viewed

@@ -27,8 +27,8 @@ module Dependabot
       sig do
         params(
           dependency_name: String,
-          versions: T.any(NilClass, T::Array[String]),
-          update_types: T.any(NilClass, T::Array[String])
+          versions: T.nilable(T::Array[String]),
+          update_types: T.nilable(T::Array[String])
         ).void
       end
       def initialize(dependency_name:, versions: nil, update_types: nil)

data/lib/dependabot/errors.rb CHANGED Viewed

@@ -52,6 +52,13 @@ module Dependabot
           message: error.message
         }
       }
+    when Dependabot::RefNamespaceConflictError
+      {
+        "error-type": "file_fetcher_error",
+        "error-detail": {
+          message: error.message
+        }
+      }
     when Dependabot::DirectoryNotFound
       {
         "error-type": "directory_not_found",
@@ -469,6 +476,8 @@ module Dependabot
   class InvalidGitAuthToken < DependabotError; end
+  class RefNamespaceConflictError < DependabotError; end
   #####################
   # Repo level errors #
   #####################

data/lib/dependabot/file_fetchers/base.rb CHANGED Viewed

@@ -641,20 +641,20 @@ module Dependabot
         T.unsafe(gitlab_client)
          .repo_tree(repo, path: path, ref: commit, per_page: 100)
          .map do |file|
-          # GitLab API essentially returns the output from `git ls-tree`
-          type = case file.type
-                 when "blob" then "file"
-                 when "tree" then "dir"
-                 when "commit" then "submodule"
-                 else file.fetch("type")
-                 end
-          RepositoryContent.new(
-            name: file.name,
-            path: file.path,
-            type: type,
-            size: 0 # GitLab doesn't return file size
-          )
+           # GitLab API essentially returns the output from `git ls-tree`
+           type = case file.type
+                  when "blob" then "file"
+                  when "tree" then "dir"
+                  when "commit" then "submodule"
+                  else file.fetch("type")
+                  end
+           RepositoryContent.new(
+             name: file.name,
+             path: file.path,
+             type: type,
+             size: 0 # GitLab doesn't return file size
+           )
         end
       end

data/lib/dependabot/metadata_finders/base/changelog_finder.rb CHANGED Viewed

@@ -210,6 +210,8 @@ module Dependabot
             dependency_file_list(ref)
             .select { |f| f.type == "file" }
             .reject { |f| f.name.end_with?(".sh") }
+            # JSON files are machine-readable, not useful as changelogs
+            .reject { |f| f.name.end_with?(".json") }
             .reject { |f| f.size > 1_000_000 }
             .reject { |f| f.size < 100 }

data/lib/dependabot/metadata_finders/base/commits_finder.rb CHANGED Viewed

@@ -309,11 +309,11 @@ module Dependabot
           T.unsafe(bitbucket_client)
            .compare(T.must(source).repo, previous_tag, new_tag)
            .map do |commit|
-            {
-              message: commit.dig("summary", "raw"),
-              sha: commit["hash"],
-              html_url: commit.dig("links", "html", "href")
-            }
+             {
+               message: commit.dig("summary", "raw"),
+               sha: commit["hash"],
+               html_url: commit.dig("links", "html", "href")
+             }
           end
         rescue Dependabot::Clients::Bitbucket::NotFound,
                Dependabot::Clients::Bitbucket::Unauthorized,
@@ -330,11 +330,11 @@ module Dependabot
            .compare(T.must(source).repo, previous_tag, new_tag)
            .commits
            .map do |commit|
-            {
-              message: commit["message"],
-              sha: commit["id"],
-              html_url: "#{T.must(source).url}/commit/#{commit['id']}"
-            }
+             {
+               message: commit["message"],
+               sha: commit["id"],
+               html_url: "#{T.must(source).url}/commit/#{commit['id']}"
+             }
           end
         rescue Gitlab::Error::NotFound
           []
@@ -346,11 +346,11 @@ module Dependabot
           azure_client
             .compare(previous_tag, new_tag, type)
             .map do |commit|
-            {
-              message: commit["comment"],
-              sha: commit["commitId"],
-              html_url: commit["remoteUrl"]
-            }
+              {
+                message: commit["comment"],
+                sha: commit["commitId"],
+                html_url: commit["remoteUrl"]
+              }
           end
         rescue Dependabot::Clients::Azure::NotFound,
                Dependabot::Clients::Azure::Unauthorized,

data/lib/dependabot/package/package_latest_version_finder.rb CHANGED Viewed

@@ -240,9 +240,9 @@ module Dependabot
       def filter_ignored_versions(releases)
         filtered = releases
                    .reject do |release|
-          ignore_requirements.any? do |r|
-            r.satisfied_by?(release.version)
-          end
+                     ignore_requirements.any? do |r|
+                       r.satisfied_by?(release.version)
+                     end
         end
         if @raise_on_ignored && filter_lower_versions(filtered).empty? && filter_lower_versions(releases).any?
           raise Dependabot::AllVersionsIgnored
@@ -277,9 +277,9 @@ module Dependabot
         releases
           .select do |release|
-          reqs.all? do |r|
-            r.any? { |o| o.satisfied_by?(release.version) }
-          end
+            reqs.all? do |r|
+              r.any? { |o| o.satisfied_by?(release.version) }
+            end
         end
       end

data/lib/dependabot.rb CHANGED Viewed

@@ -2,5 +2,5 @@
 # frozen_string_literal: true
 module Dependabot
-  VERSION = "0.362.0"
+  VERSION = "0.363.0"
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-common
 version: !ruby/object:Gem::Version
-  version: 0.362.0
+  version: 0.363.0
 platform: ruby
 authors:
 - Dependabot
@@ -147,14 +147,14 @@ dependencies:
     requirements:
     - - "<"
       - !ruby/object:Gem::Version
-        version: '2.12'
+        version: '2.19'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "<"
       - !ruby/object:Gem::Version
-        version: '2.12'
+        version: '2.19'
 - !ruby/object:Gem::Dependency
   name: nokogiri
   requirement: !ruby/object:Gem::Requirement
@@ -357,14 +357,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '2.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: rspec-sorbet
   requirement: !ruby/object:Gem::Requirement
@@ -615,7 +615,7 @@ licenses:
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.362.0
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.363.0
 rdoc_options: []
 require_paths:
 - lib