dependabot-core 0.83.0 → 0.83.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +6 -0
  3. data/lib/dependabot/file_parsers/go/dep.rb +14 -1
  4. data/lib/dependabot/file_parsers/java_script/npm_and_yarn.rb +1 -0
  5. data/lib/dependabot/pull_request_creator/labeler.rb +6 -0
  6. data/lib/dependabot/version.rb +1 -1
  7. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 7f044cd502dc9fe5b01f50fe101f1867479ed62c87d47ca51b0d918b053565ca
4
- data.tar.gz: 2acdd09615374e63bba5d47d09af775a76337bd4f8e273c8795c713b391167ce
3
+ metadata.gz: 2650fb172ee98b05006a4ed21a800434d04f15357bd3a522b8a1a2c371ad3a45
4
+ data.tar.gz: '019415b7c529d4f07af5095dd23b1669ee59423f7fc95fb0e1c77fc0cecd4287'
5
5
  SHA512:
6
- metadata.gz: b587060d2ab20f7a81af26c040c8ad3663429830c2b98d60873d5a58a5105bf5224eeea7298bd9eb8611100d2d23eb09950ab0aa5f4604ee3148f18f9233b82e
7
- data.tar.gz: 53d2d65b7e83c9921f049bb64210e95a10fd0a9a750c45affb4e415be62520b83d0e34ed9d1006e0a8e61e0e26ff3eb9d69c62cdd0c47c9f9aad054e4e0eb7d3
6
+ metadata.gz: 67bc78b206f9c0225024fa0cd2c6bff53aa49a9938106a1b953223d9633643e0d9c4575e465bc8e60c54b93377e9b5db21c5187f2654916163172ea67572b4e1
7
+ data.tar.gz: '088375a9f620abfb22f80666fad29c3917f59e6038da3f26a7638ac2e5d44b64178a660a6b1b5f46094c4fd166a5545843f1d344d42247e0a9ffe12a31f62329'
data/CHANGELOG.md CHANGED
@@ -1,3 +1,9 @@
1
+ ## v0.83.1, 13 December 2018
2
+
3
+ - Retry GitHub errors when labeling a PR
4
+ - JS: Handle relative resolved paths in shrinkwrap.json
5
+ - Go: Better file parsing (prefer revision to version for git dependencies)
6
+
1
7
  ## v0.83.0, 13 December 2018
2
8
 
3
9
  - Elm: Rename elm-package to elm everywhere
data/lib/dependabot/file_parsers/go/dep.rb CHANGED
@@ -41,7 +41,7 @@ module Dependabot
41
41
 
42
42
  dependency_set << Dependency.new(
43
43
  name: details.fetch("name"),
44
- version: nil,
44
+ version: version_from_declaration(details),
45
45
  package_manager: "dep",
46
46
  requirements: [{
47
47
  requirement: requirement_from_declaration(details),
@@ -107,6 +107,19 @@ module Dependabot
107
107
  end
108
108
  end
109
109
 
110
+ def version_from_declaration(declaration)
111
+ lockfile_details =
112
+ parsed_file(lockfile).fetch("projects", []).
113
+ find { |details| details["name"] == declaration.fetch("name") }
114
+
115
+ if source_from_declaration(declaration).fetch(:type) == "git"
116
+ lockfile_details["revision"] ||
117
+ version_from_lockfile(lockfile_details)
118
+ else
119
+ version_from_lockfile(lockfile_details)
120
+ end
121
+ end
122
+
110
123
  def appears_in_lockfile?(dependency_name)
111
124
  parsed_file(lockfile).fetch("projects", []).
112
125
  any? { |details| details["name"] == dependency_name }
data/lib/dependabot/file_parsers/java_script/npm_and_yarn.rb CHANGED
@@ -237,6 +237,7 @@ module Dependabot
237
237
  fetch("resolved", nil)
238
238
 
239
239
  return unless resolved_url
240
+ return unless resolved_url.start_with?("http")
240
241
  return if CENTRAL_REGISTRIES.any? { |u| resolved_url.start_with?(u) }
241
242
  return if resolved_url.include?("github")
242
243
 
data/lib/dependabot/pull_request_creator/labeler.rb CHANGED
@@ -62,6 +62,12 @@ module Dependabot
62
62
  pull_request_number,
63
63
  labels_for_pr
64
64
  )
65
+ rescue Octokit::UnprocessableEntity
66
+ retrying ||= false
67
+ raise if retrying
68
+
69
+ retrying = true
70
+ retry
65
71
  end
66
72
 
67
73
  private
data/lib/dependabot/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Dependabot
4
- VERSION = "0.83.0"
4
+ VERSION = "0.83.1"
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-core
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.83.0
4
+ version: 0.83.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot