dependabot-common 0.95.29 → 0.95.30

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/metadata_finders/base/commits_finder.rb +30 -1
  3. data/lib/dependabot/version.rb +1 -1
  4. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 51ab8a1d3293589fe1477093a78ed847908cf3a3dfbb6e336c761dcf3cdcdcb4
4
- data.tar.gz: ab73df799221419d36c6e26420c2015e60d69c1b62b43b10d70a7633d436a0c3
3
+ metadata.gz: 83386b9078fd248c7a66d8de4831b6bf49cb4d6af023b53ac5d24a86e7ba4e2e
4
+ data.tar.gz: b888dbda704067bfae6de99e70850bfcb4627e99c28cf2cc54fee80b18c6dcd9
5
5
  SHA512:
6
- metadata.gz: be01459381d8a9990d03921f2952a5b2c2cac0c472b9dbaa3029f45886c083a7002625280936b21109aeff72c9340d7ec1b2a7b1e0218d70b0c4def82bff9819
7
- data.tar.gz: 842019622a8b0c67d2a57af00bbb5df0edebeb40d0a3811200e3ae8586d625c496abafa34d8142965b6e2790983dfe90546e0cbba4399d5f82e119e8f9d8769c
6
+ metadata.gz: 72ec9342c004c6e5ee02f7ea882177bfdf0bec4a56a16347a58ff41d72ae2ef7a659bbd51890dede393a0cf2659366866ba601fe2885d52d1dea7adc32850b4b
7
+ data.tar.gz: 93ba37ea3dbe77939be424902c6e81e3564dc78c70b3130da5deee1720df2066f492d9f3c7cad92cc3865bdd62ed68a58416f48c15466e702ff48ebc4ea07278
data/lib/dependabot/metadata_finders/base/commits_finder.rb CHANGED
@@ -66,13 +66,32 @@ module Dependabot
66
66
 
67
67
  if git_source?(dependency.previous_requirements)
68
68
  previous_version || previous_ref
69
- else
69
+ elsif previous_version
70
70
  tags = dependency_tags.
71
71
  select { |t| t =~ version_regex(previous_version) }
72
72
  tags.find { |t| t.include?(dependency.name) } || tags.first
73
+ else
74
+ lowest_tag_satisfying_previous_requirements
73
75
  end
74
76
  end
75
77
 
78
+ def lowest_tag_satisfying_previous_requirements
79
+ tags = dependency_tags.
80
+ select { |t| version_class.correct?(t.gsub(/^v/, "")) }.
81
+ select do |t|
82
+ version = version_class.new(t.gsub(/^v/, ""))
83
+ dependency.previous_requirements.all? do |req|
84
+ next true unless req.fetch(:requirement)
85
+
86
+ requirement_class.
87
+ requirements_array(req.fetch(:requirement)).
88
+ all? { |r| r.satisfied_by?(version) }
89
+ end
90
+ end
91
+
92
+ tags.min_by { |t| version_class.new(t.gsub(/^v/, "")) }
93
+ end
94
+
76
95
  # TODO: Refactor me so that Composer doesn't need to be special cased
77
96
  def git_source?(requirements)
78
97
  # Special case Composer, which uses git as a source but handles tags
@@ -215,6 +234,16 @@ module Dependabot
215
234
  @bitbucket_client ||= Dependabot::Clients::Bitbucket.
216
235
  for_bitbucket_dot_org(credentials: credentials)
217
236
  end
237
+
238
+ def version_class
239
+ Utils.version_class_for_package_manager(dependency.package_manager)
240
+ end
241
+
242
+ def requirement_class
243
+ Utils.requirement_class_for_package_manager(
244
+ dependency.package_manager
245
+ )
246
+ end
218
247
  end
219
248
  end
220
249
  end
data/lib/dependabot/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Dependabot
4
- VERSION = "0.95.29"
4
+ VERSION = "0.95.30"
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.95.29
4
+ version: 0.95.30
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot