RubyGems - dependabot-core - Versions diffs - 0.76.9 → 0.76.10 - Mend

dependabot-core 0.76.9 → 0.76.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +5 -0
data/lib/dependabot/metadata_finders/base/changelog_finder.rb +6 -5
data/lib/dependabot/pull_request_creator/message_builder.rb +5 -2
data/lib/dependabot/version.rb +1 -1
metadata +1 -1

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8263437314badd3211ef9b05a237001109779594a212dd43647aaa4a3540f024
-  data.tar.gz: dea9808860771764d44ecf99ad672a02534f35d1aab936bb80a7e6e46de180be
+  metadata.gz: ea5efa14e9bf750844ec81c5566726109c3300827886e530423cdb46dd163d76
+  data.tar.gz: 2649ba3489b8286fe121bb203f6afb012e4856e11911c758a0f6f6e70b066c99
 SHA512:
-  metadata.gz: 3dc45b44c8463d94a5cb93dd78ab74daa46edcaf4299f3b072e8c37ee62daec83eccd02b3d0eaa64d1d11df91f11405797e0c31b855dfeb7af96c7e508e25269
-  data.tar.gz: fa949117d4e16394d55b6027dfc72aa58321508ebf84828c946b810c273fe54a0321ee66552134c64bb3507a9a1199c92270b77b4335e833a88ea6fb6df861e2
+  metadata.gz: 3c15ebc60b7ed05e863cd331d8881473a3c8cd191c0e49b8837213231a122ff0fede2fe034b80d1ec16ef68d2baa31e15f2309bc1ff1b8e2c85c911f11797500
+  data.tar.gz: 4f04914e2406c1a48344e3b486c38b5c555eceb1406e5c99335b3961a600803d8d2ec71e2b812435fee08a4c33f3869d24d54cdcb12a94e9d0be445c03c5bbaa

data/CHANGELOG.md CHANGED

@@ -1,3 +1,8 @@
+## v0.76.10, 6 December 2018
+- Cache commit tag lookup in changelog finder
+- Sanitize relative links in release notes
 ## v0.76.9, 6 December 2018
 - Python: Handle bare version requirements in the RequirementUpdater

data/lib/dependabot/metadata_finders/base/changelog_finder.rb CHANGED

@@ -116,11 +116,12 @@ module Dependabot
         end
         def tag_for_new_version
-          CommitsFinder.new(
-            dependency: dependency,
-            source: source,
-            credentials: credentials
-          ).new_tag
+          @tag_for_new_version ||=
+            CommitsFinder.new(
+              dependency: dependency,
+              source: source,
+              credentials: credentials
+            ).new_tag
         end
         def full_changelog_text

data/lib/dependabot/pull_request_creator/message_builder.rb CHANGED

@@ -403,6 +403,7 @@ module Dependabot
           end
         msg += "</details>"
         msg = link_issues(text: msg, dependency: dep)
+        msg = fix_relative_links(text: msg, base_url: releases_url(dep))
         sanitize_template_tags(msg)
       end
@@ -653,8 +654,10 @@ module Dependabot
       end
       def fix_relative_links(text:, base_url:)
-        text.gsub(/\[.*?\]\(\..*?\)/) do |link|
-          relative_path = link.match(/\((\..*?)\)/).captures.last
+        text.gsub(/\[.*?\]\([^)]+\)/) do |link|
+          next link if link.include?("://")
+          relative_path = link.match(/\((.*?)\)/).captures.last
           base = base_url.split("://").last.gsub(%r{[^/]*$}, "")
           path = File.join(base, relative_path)
           absolute_path =

data/lib/dependabot/version.rb CHANGED

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Dependabot
-  VERSION = "0.76.9"
+  VERSION = "0.76.10"
 end

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-core
 version: !ruby/object:Gem::Version
-  version: 0.76.9
+  version: 0.76.10
 platform: ruby
 authors:
 - Dependabot