RubyGems - dependabot-common - Versions diffs - 0.95.29 → 0.95.30 - Mend

dependabot-common 0.95.29 → 0.95.30

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

checksums.yaml +4 -4
data/lib/dependabot/metadata_finders/base/commits_finder.rb +30 -1
data/lib/dependabot/version.rb +1 -1
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 51ab8a1d3293589fe1477093a78ed847908cf3a3dfbb6e336c761dcf3cdcdcb4
-  data.tar.gz: ab73df799221419d36c6e26420c2015e60d69c1b62b43b10d70a7633d436a0c3
+  metadata.gz: 83386b9078fd248c7a66d8de4831b6bf49cb4d6af023b53ac5d24a86e7ba4e2e
+  data.tar.gz: b888dbda704067bfae6de99e70850bfcb4627e99c28cf2cc54fee80b18c6dcd9
 SHA512:
-  metadata.gz: be01459381d8a9990d03921f2952a5b2c2cac0c472b9dbaa3029f45886c083a7002625280936b21109aeff72c9340d7ec1b2a7b1e0218d70b0c4def82bff9819
-  data.tar.gz: 842019622a8b0c67d2a57af00bbb5df0edebeb40d0a3811200e3ae8586d625c496abafa34d8142965b6e2790983dfe90546e0cbba4399d5f82e119e8f9d8769c
+  metadata.gz: 72ec9342c004c6e5ee02f7ea882177bfdf0bec4a56a16347a58ff41d72ae2ef7a659bbd51890dede393a0cf2659366866ba601fe2885d52d1dea7adc32850b4b
+  data.tar.gz: 93ba37ea3dbe77939be424902c6e81e3564dc78c70b3130da5deee1720df2066f492d9f3c7cad92cc3865bdd62ed68a58416f48c15466e702ff48ebc4ea07278

data/lib/dependabot/metadata_finders/base/commits_finder.rb CHANGED Viewed

@@ -66,13 +66,32 @@ module Dependabot
           if git_source?(dependency.previous_requirements)
             previous_version || previous_ref
-          else
+          elsif previous_version
             tags = dependency_tags.
                    select { |t| t =~ version_regex(previous_version) }
             tags.find { |t| t.include?(dependency.name) } || tags.first
+          else
+            lowest_tag_satisfying_previous_requirements
           end
         end
+        def lowest_tag_satisfying_previous_requirements
+          tags = dependency_tags.
+                 select { |t| version_class.correct?(t.gsub(/^v/, "")) }.
+                 select do |t|
+                   version = version_class.new(t.gsub(/^v/, ""))
+                   dependency.previous_requirements.all? do |req|
+                     next true unless req.fetch(:requirement)
+                     requirement_class.
+                       requirements_array(req.fetch(:requirement)).
+                       all? { |r| r.satisfied_by?(version) }
+                   end
+                 end
+          tags.min_by { |t| version_class.new(t.gsub(/^v/, "")) }
+        end
         # TODO: Refactor me so that Composer doesn't need to be special cased
         def git_source?(requirements)
           # Special case Composer, which uses git as a source but handles tags
@@ -215,6 +234,16 @@ module Dependabot
           @bitbucket_client ||= Dependabot::Clients::Bitbucket.
                                 for_bitbucket_dot_org(credentials: credentials)
         end
+        def version_class
+          Utils.version_class_for_package_manager(dependency.package_manager)
+        end
+        def requirement_class
+          Utils.requirement_class_for_package_manager(
+            dependency.package_manager
+          )
+        end
       end
     end
   end

data/lib/dependabot/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Dependabot
-  VERSION = "0.95.29"
+  VERSION = "0.95.30"
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-common
 version: !ruby/object:Gem::Version
-  version: 0.95.29
+  version: 0.95.30
 platform: ruby
 authors:
 - Dependabot