dependabot-common 0.95.51 → 0.95.52

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 700787a28f2466f1b00c36747a74fcaebae0861a1089396606dfe0b7b122c235
-  data.tar.gz: 9035a8fdc17ba23af71cad7e26cb8e697e15a6996041f5feddb77ce2177577f1
+  metadata.gz: 1fab3237bec44e5643017e17b8767bd2fd47ba430cd68a627d47846670d9d8b9
+  data.tar.gz: 84753b6d70170470b4067b8a7a8543b30d29179fb4d8ad2bdd4df3404e6eb0de
 SHA512:
-  metadata.gz: a65d87613012dc3224cae088305caf9706788adef178b0bb22f00915456353c8419bba75e42a4f7bcd058038c01cf02c43b03bd28f81b5d004bd002f22607bf1
-  data.tar.gz: dd23aa9af63046d4a6ab8df57b9a548715e7de11aad7fb23cfb4aa321b84a877aa8d73c4573b2525f745fa09773df5c6beefff589166c58fae9b6b7245172526
+  metadata.gz: 0e26a97a0af1b0c86ff23a803a56d2a8a9107b78c35d23b5e27faea4915bce04e334606a689306dccc94b5b502047dd69de205b6f164e33d31e478e155b4ead5
+  data.tar.gz: 62abec0f3efce369732b2c0f34dd3869ae939e4e43d9045ffc89da4f8cfcd7dc3b8d031fbb297b69d7d684985318c80c9cdaf0dc562b2677049f8b2bea19c31f

data/lib/dependabot/metadata_finders/base.rb

@@ -34,7 +34,8 @@ module Dependabot
         @changelog_finder ||= ChangelogFinder.new(
           dependency: dependency,
           source: source,
-          credentials: credentials
+          credentials: credentials,
+          suggested_changelog_url: suggested_changelog_url
         )
         @changelog_finder.changelog_url
       end
@@ -43,7 +44,8 @@ module Dependabot
         @changelog_finder ||= ChangelogFinder.new(
           dependency: dependency,
           source: source,
-          credentials: credentials
+          credentials: credentials,
+          suggested_changelog_url: suggested_changelog_url
         )
         @changelog_finder.changelog_text
       end
@@ -52,7 +54,8 @@ module Dependabot
         @changelog_finder ||= ChangelogFinder.new(
           dependency: dependency,
           source: source,
-          credentials: credentials
+          credentials: credentials,
+          suggested_changelog_url: suggested_changelog_url
         )
         @changelog_finder.upgrade_guide_url
       end
@@ -61,7 +64,8 @@ module Dependabot
         @changelog_finder ||= ChangelogFinder.new(
           dependency: dependency,
           source: source,
-          credentials: credentials
+          credentials: credentials,
+          suggested_changelog_url: suggested_changelog_url
         )
         @changelog_finder.upgrade_guide_text
       end
@@ -108,6 +112,10 @@ module Dependabot
 
       private
 
+      def suggested_changelog_url
+        nil
+      end
+
       def source
         return @source if @source_lookup_attempted
 

data/lib/dependabot/metadata_finders/base/changelog_finder.rb

@@ -9,6 +9,7 @@ require "dependabot/clients/bitbucket"
 require "dependabot/shared_helpers"
 require "dependabot/metadata_finders/base"
 
+# rubocop:disable Metrics/ClassLength
 module Dependabot
   module MetadataFinders
     class Base
@@ -19,12 +20,14 @@ module Dependabot
         # Earlier entries are preferred
         CHANGELOG_NAMES = %w(changelog history news changes release).freeze
 
-        attr_reader :source, :dependency, :credentials
+        attr_reader :source, :dependency, :credentials, :suggested_changelog_url
 
-        def initialize(source:, dependency:, credentials:)
+        def initialize(source:, dependency:, credentials:,
+                       suggested_changelog_url: nil)
           @source = source
           @dependency = dependency
           @credentials = credentials
+          @suggested_changelog_url = suggested_changelog_url
         end
 
         def changelog_url
@@ -71,6 +74,7 @@ module Dependabot
         # rubocop:disable Metrics/CyclomaticComplexity
         # rubocop:disable Metrics/PerceivedComplexity
         def changelog
+          return changelog_from_suggested_url if changelog_from_suggested_url
           return unless source
 
           # Changelog won't be relevant for a git commit bump
@@ -94,6 +98,26 @@ module Dependabot
         # rubocop:enable Metrics/CyclomaticComplexity
         # rubocop:enable Metrics/PerceivedComplexity
 
+        def changelog_from_suggested_url
+          if defined?(@changelog_from_suggested_url)
+            return @changelog_from_suggested_url
+          end
+          return unless suggested_changelog_url
+
+          # TODO: Support other providers
+          source = Source.from_url(suggested_changelog_url)
+          return unless source&.provider == "github"
+
+          opts = { path: source.directory, ref: source.branch }.compact
+          tmp_files = github_client.contents(source.repo, opts)
+
+          filename = suggested_changelog_url.split("/").last.split("#").first
+          @changelog_from_suggested_url =
+            tmp_files.find { |f| f.name == filename }
+        rescue Octokit::NotFound
+          @changelog_from_suggested_url = nil
+        end
+
         def default_branch_changelog
           return unless source
 
@@ -336,3 +360,4 @@ module Dependabot
     end
   end
 end
+# rubocop:enable Metrics/ClassLength

data/lib/dependabot/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Dependabot
-  VERSION = "0.95.51"
+  VERSION = "0.95.52"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-common
 version: !ruby/object:Gem::Version
-  version: 0.95.51
+  version: 0.95.52
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-02-20 00:00:00.000000000 Z
+date: 2019-02-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-ecr
@@ -266,14 +266,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.64.0
+        version: 0.65.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.64.0
+        version: 0.65.0
 - !ruby/object:Gem::Dependency
   name: vcr
   requirement: !ruby/object:Gem::Requirement