dependabot-common 0.98.73 → 0.98.74
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/pull_request_creator/message_builder.rb +25 -3
- data/lib/dependabot/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b11436c31256a8a130a8094aed97a5fded0ca57933b6bdb6ebecb59f798dea46
|
|
4
|
+
data.tar.gz: 785ae70fc9d0c4dffcc94fe9dfd5a30d3b7748cb376b00cbf884f16028947cdb
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d867b05b9702bb7491442f985de85d4890d9caa5bfd5a67b3929b0723843d558fa4ac35bde30f4ee13c62d7073f3ad51d2077e3a233489049514bf42d9dd38ff
|
|
7
|
+
data.tar.gz: bf1afc581e70fccdfde951145c9b018d447d2bd8faf3375ccf5fe341571836df1b2c8cb85e0163d743394e71094a631ee94cea320af7e408b77a377b8b2227a9
|
|
@@ -30,7 +30,11 @@ module Dependabot
|
|
|
30
30
|
ISSUE_TAG_REGEX =
|
|
31
31
|
/(?<=[^A-Za-z0-9\[\\]|^)\\*(?<tag>(?:\#|GH-)\d+)(?=[^A-Za-z0-9\-]|$)/.
|
|
32
32
|
freeze
|
|
33
|
-
GITHUB_REF_REGEX = %r{
|
|
33
|
+
GITHUB_REF_REGEX = %r{
|
|
34
|
+
(?:https?://)?
|
|
35
|
+
github\.com/[^/\s]+/[^/\s]+/
|
|
36
|
+
(?:issue|pull)s?/(?<number>\d+)
|
|
37
|
+
}x.freeze
|
|
34
38
|
|
|
35
39
|
attr_reader :source, :dependencies, :files, :credentials,
|
|
36
40
|
:pr_message_footer, :author_details, :vulnerabilities_fixed
|
|
@@ -699,7 +703,12 @@ module Dependabot
|
|
|
699
703
|
end
|
|
700
704
|
|
|
701
705
|
def sanitize_links_and_mentions(text)
|
|
702
|
-
text = text
|
|
706
|
+
text = sanitize_mentions(text)
|
|
707
|
+
sanitize_links(text)
|
|
708
|
+
end
|
|
709
|
+
|
|
710
|
+
def sanitize_mentions(text)
|
|
711
|
+
text.gsub(%r{(?<![A-Za-z0-9])@[\w][\w.-/]*}) do |mention|
|
|
703
712
|
next mention if mention.include?("/")
|
|
704
713
|
|
|
705
714
|
last_match = Regexp.last_match
|
|
@@ -712,9 +721,22 @@ module Dependabot
|
|
|
712
721
|
"[#{sanitized_mention}](https://github.com/#{mention.tr('@', '')})"
|
|
713
722
|
end
|
|
714
723
|
end
|
|
724
|
+
end
|
|
715
725
|
|
|
726
|
+
def sanitize_links(text)
|
|
716
727
|
text.gsub(GITHUB_REF_REGEX) do |ref|
|
|
717
|
-
|
|
728
|
+
last_match = Regexp.last_match
|
|
729
|
+
previous_char = last_match.pre_match.chars.last
|
|
730
|
+
next_char = last_match.post_match.chars.first
|
|
731
|
+
|
|
732
|
+
sanitized_url =
|
|
733
|
+
ref.gsub("github.com", "github-redirect.dependabot.com")
|
|
734
|
+
if (previous_char.nil? || previous_char.match?(/\s/)) &&
|
|
735
|
+
(next_char.nil? || next_char.match?(/\s/))
|
|
736
|
+
"[##{last_match.named_captures.fetch('number')}](#{sanitized_url})"
|
|
737
|
+
else
|
|
738
|
+
sanitized_url
|
|
739
|
+
end
|
|
718
740
|
end
|
|
719
741
|
end
|
|
720
742
|
|
data/lib/dependabot/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-common
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.98.
|
|
4
|
+
version: 0.98.74
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-04-
|
|
11
|
+
date: 2019-04-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-ecr
|