dependabot-common 0.95.83 → 0.95.84
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/metadata_finders/base/commits_finder.rb +16 -4
- data/lib/dependabot/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4836a18015fba2c91062d6c8d1278971c87f483f4a71f68381cd24a14ac1f465
|
4
|
+
data.tar.gz: fbca7aec29accfcb382bfe97c75828cbd3f0e1fc28c3280175d7b4a0cafa34ea
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d8486edd176e849d1f6ad580e2fe497b721390d28d8ebde0439f9d378f3e72bbf1c115f0d1d5c5d56ace4ab7f64ccfce24f156e57589ace6f6258cd31e3c73a9
|
7
|
+
data.tar.gz: 551ce48f4232e1de2416a8e166b16139d76af49d2037c49463d70cc2a4f25e795b348a71a5202d75b32ac4a80a98a3b070f097824515890e3713bae10101e15f
|
@@ -5,6 +5,7 @@ require "dependabot/clients/gitlab_with_retries"
|
|
5
5
|
require "dependabot/clients/bitbucket"
|
6
6
|
require "dependabot/shared_helpers"
|
7
7
|
require "dependabot/git_metadata_fetcher"
|
8
|
+
require "dependabot/git_commit_checker"
|
8
9
|
require "dependabot/metadata_finders/base"
|
9
10
|
|
10
11
|
module Dependabot
|
@@ -59,7 +60,7 @@ module Dependabot
|
|
59
60
|
return new_ref if git_source?(dependency.requirements) && ref_changed?
|
60
61
|
|
61
62
|
tags = dependency_tags.
|
62
|
-
select { |
|
63
|
+
select { |tag| tag_matches_version?(tag, new_version) }.
|
63
64
|
sort_by(&:length)
|
64
65
|
|
65
66
|
tags.find { |t| t.include?(dependency.name) } || tags.first
|
@@ -79,7 +80,7 @@ module Dependabot
|
|
79
80
|
previous_ref
|
80
81
|
elsif previous_version
|
81
82
|
tags = dependency_tags.
|
82
|
-
select { |
|
83
|
+
select { |tag| tag_matches_version?(tag, previous_version) }.
|
83
84
|
sort_by(&:length)
|
84
85
|
|
85
86
|
tags.find { |t| t.include?(dependency.name) } || tags.first
|
@@ -156,8 +157,19 @@ module Dependabot
|
|
156
157
|
end.compact.first
|
157
158
|
end
|
158
159
|
|
159
|
-
def
|
160
|
-
|
160
|
+
def tag_matches_version?(tag, version)
|
161
|
+
return false unless version
|
162
|
+
|
163
|
+
unless version_class.correct?(version)
|
164
|
+
tag.match?(/(?:[^0-9\.]|\A)#{Regexp.escape(version)}\z/)
|
165
|
+
end
|
166
|
+
|
167
|
+
version_regex = GitCommitChecker::VERSION_REGEX
|
168
|
+
return false unless tag.match?(version_regex)
|
169
|
+
|
170
|
+
tag_version = tag.match(version_regex).named_captures.fetch("version")
|
171
|
+
|
172
|
+
version_class.new(tag_version) == version_class.new(version)
|
161
173
|
end
|
162
174
|
|
163
175
|
def dependency_tags
|
data/lib/dependabot/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-common
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.95.
|
4
|
+
version: 0.95.84
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-02
|
11
|
+
date: 2019-03-02 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-ecr
|