dependabot-common 0.98.73 → 0.98.74
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/pull_request_creator/message_builder.rb +25 -3
- data/lib/dependabot/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b11436c31256a8a130a8094aed97a5fded0ca57933b6bdb6ebecb59f798dea46
|
4
|
+
data.tar.gz: 785ae70fc9d0c4dffcc94fe9dfd5a30d3b7748cb376b00cbf884f16028947cdb
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d867b05b9702bb7491442f985de85d4890d9caa5bfd5a67b3929b0723843d558fa4ac35bde30f4ee13c62d7073f3ad51d2077e3a233489049514bf42d9dd38ff
|
7
|
+
data.tar.gz: bf1afc581e70fccdfde951145c9b018d447d2bd8faf3375ccf5fe341571836df1b2c8cb85e0163d743394e71094a631ee94cea320af7e408b77a377b8b2227a9
|
@@ -30,7 +30,11 @@ module Dependabot
|
|
30
30
|
ISSUE_TAG_REGEX =
|
31
31
|
/(?<=[^A-Za-z0-9\[\\]|^)\\*(?<tag>(?:\#|GH-)\d+)(?=[^A-Za-z0-9\-]|$)/.
|
32
32
|
freeze
|
33
|
-
GITHUB_REF_REGEX = %r{
|
33
|
+
GITHUB_REF_REGEX = %r{
|
34
|
+
(?:https?://)?
|
35
|
+
github\.com/[^/\s]+/[^/\s]+/
|
36
|
+
(?:issue|pull)s?/(?<number>\d+)
|
37
|
+
}x.freeze
|
34
38
|
|
35
39
|
attr_reader :source, :dependencies, :files, :credentials,
|
36
40
|
:pr_message_footer, :author_details, :vulnerabilities_fixed
|
@@ -699,7 +703,12 @@ module Dependabot
|
|
699
703
|
end
|
700
704
|
|
701
705
|
def sanitize_links_and_mentions(text)
|
702
|
-
text = text
|
706
|
+
text = sanitize_mentions(text)
|
707
|
+
sanitize_links(text)
|
708
|
+
end
|
709
|
+
|
710
|
+
def sanitize_mentions(text)
|
711
|
+
text.gsub(%r{(?<![A-Za-z0-9])@[\w][\w.-/]*}) do |mention|
|
703
712
|
next mention if mention.include?("/")
|
704
713
|
|
705
714
|
last_match = Regexp.last_match
|
@@ -712,9 +721,22 @@ module Dependabot
|
|
712
721
|
"[#{sanitized_mention}](https://github.com/#{mention.tr('@', '')})"
|
713
722
|
end
|
714
723
|
end
|
724
|
+
end
|
715
725
|
|
726
|
+
def sanitize_links(text)
|
716
727
|
text.gsub(GITHUB_REF_REGEX) do |ref|
|
717
|
-
|
728
|
+
last_match = Regexp.last_match
|
729
|
+
previous_char = last_match.pre_match.chars.last
|
730
|
+
next_char = last_match.post_match.chars.first
|
731
|
+
|
732
|
+
sanitized_url =
|
733
|
+
ref.gsub("github.com", "github-redirect.dependabot.com")
|
734
|
+
if (previous_char.nil? || previous_char.match?(/\s/)) &&
|
735
|
+
(next_char.nil? || next_char.match?(/\s/))
|
736
|
+
"[##{last_match.named_captures.fetch('number')}](#{sanitized_url})"
|
737
|
+
else
|
738
|
+
sanitized_url
|
739
|
+
end
|
718
740
|
end
|
719
741
|
end
|
720
742
|
|
data/lib/dependabot/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-common
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.98.
|
4
|
+
version: 0.98.74
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-04-
|
11
|
+
date: 2019-04-04 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-ecr
|