dependabot-devcontainers 0.384.0 → 0.385.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: fe10eda0b9f3a6e929ab5af2b974f22abdbf724a3e7c28ea72b9f940c811e90f
4
- data.tar.gz: 60157b701669ee55bc224bc526352ec10f4bf899d2c679eb41e4c250f9c3480d
3
+ metadata.gz: 67a0dd08afaeeef200839d662dde96e06ddc5470eac063ed2115e913b28117a8
4
+ data.tar.gz: 0f17eb94f5d61817f33843c9ab93a979716bc05f4420450640007983e82b6fb5
5
5
  SHA512:
6
- metadata.gz: 3c5c8f861bf7cd8d5780577b7e3d0a94e7df90ef3cbf3f8b515c3e8bc053540e82ebeff0eeb7766b8536b385243354dd6fbbec3dd7d6cc05a7e93a4ef75fb25c
7
- data.tar.gz: d489231eca1710b7fd361f7684e0f20bb09dc6a763f95a7021fe58f101749e784067db49cf257eae6d858df21f8a03c8b7207c20754648e297afd3e24063b906
6
+ metadata.gz: bea7b1f7fb6ab4cb8bb0cf65810c912f53283ebb6d3094154bbc7131c7b1d67ae4eadde4547f10644c9022dadb1f50e33eb8ea848145684d0bf1ec1b7431df68
7
+ data.tar.gz: 81c574f22679f84d4fa4d9ef94a6c93c7f2f630a13b539ff4f026e270579beefd7af12d4f5b411bc15d22a3a714ed69a6f433edab00e30fc02a6050284e94dd1
@@ -18,7 +18,7 @@ module Dependabot
18
18
  sig do
19
19
  params(
20
20
  feature: String,
21
- requirement: T.any(String, Dependabot::Devcontainers::Version),
21
+ requirement: T.nilable(T.any(String, Dependabot::Devcontainers::Version)),
22
22
  version: String,
23
23
  manifest: Dependabot::DependencyFile,
24
24
  repo_contents_path: String,
@@ -65,7 +65,7 @@ module Dependabot
65
65
 
66
66
  sig do
67
67
  params(
68
- target_requirement: T.any(String, Dependabot::Devcontainers::Version),
68
+ target_requirement: T.nilable(T.any(String, Dependabot::Devcontainers::Version)),
69
69
  target_version: String
70
70
  )
71
71
  .void
@@ -79,8 +79,16 @@ module Dependabot
79
79
  force_target_requirement(lockfile_path, from: target_version, to: target_requirement)
80
80
  end
81
81
 
82
- sig { params(file_name: String, from: String, to: T.any(String, Dependabot::Devcontainers::Version)).void }
82
+ sig do
83
+ params(
84
+ file_name: String,
85
+ from: String,
86
+ to: T.nilable(T.any(String, Dependabot::Devcontainers::Version))
87
+ ).void
88
+ end
83
89
  def force_target_requirement(file_name, from:, to:)
90
+ return if to.nil?
91
+
84
92
  File.write(file_name, File.read(file_name).gsub("#{feature}:#{from}", "#{feature}:#{to}"))
85
93
  end
86
94
 
@@ -100,7 +108,7 @@ module Dependabot
100
108
  sig { returns(String) }
101
109
  attr_reader :feature
102
110
 
103
- sig { returns(T.any(String, Dependabot::Devcontainers::Version)) }
111
+ sig { returns(T.nilable(T.any(String, Dependabot::Devcontainers::Version))) }
104
112
  attr_reader :requirement
105
113
 
106
114
  sig { returns(String) }
@@ -35,13 +35,21 @@ module Dependabot
35
35
  def updated_requirements
36
36
  updated_reqs = dependency.requirements.map do |requirement|
37
37
  required_version = T.cast(version_class.new(requirement[:requirement]), Dependabot::Devcontainers::Version)
38
- updated_requirement = remove_precision_changes(
39
- T.cast(release_versions, T::Array[Dependabot::Devcontainers::Version]),
40
- required_version
41
- ).last
38
+ versions = T.cast(release_versions, T::Array[Dependabot::Devcontainers::Version])
39
+ precision_matches = remove_precision_changes(versions, required_version)
40
+ # When the published tags don't include a precision-matching tag (e.g. a feature
41
+ # that only publishes full semver like "1.10.0" but the pin is the major-only ":1"),
42
+ # fall back to truncating the latest version to the required precision so that
43
+ # ":1" stays ":1" within the same major and becomes ":2" on a major bump.
44
+ updated_requirement =
45
+ if precision_matches.any?
46
+ precision_matches.last
47
+ else
48
+ versions.last&.truncate_to_precision_of(required_version)
49
+ end
42
50
  {
43
51
  file: requirement[:file],
44
- requirement: updated_requirement&.to_s,
52
+ requirement: updated_requirement&.to_s || requirement[:requirement],
45
53
  groups: requirement[:groups],
46
54
  source: requirement[:source]
47
55
  }
@@ -16,6 +16,16 @@ module Dependabot
16
16
  precision == other.precision
17
17
  end
18
18
 
19
+ sig { params(target_precision: Integer).returns(Dependabot::Devcontainers::Version) }
20
+ def truncate(target_precision)
21
+ T.cast(self.class.new(segments.first(target_precision).join(".")), Dependabot::Devcontainers::Version)
22
+ end
23
+
24
+ sig { params(other: Dependabot::Devcontainers::Version).returns(Dependabot::Devcontainers::Version) }
25
+ def truncate_to_precision_of(other)
26
+ truncate(other.precision)
27
+ end
28
+
19
29
  sig { params(requirement: Dependabot::Requirement).returns(T::Boolean) }
20
30
  def satisfies?(requirement)
21
31
  requirement.satisfied_by?(self)
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-devcontainers
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.384.0
4
+ version: 0.385.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
@@ -15,14 +15,14 @@ dependencies:
15
15
  requirements:
16
16
  - - '='
17
17
  - !ruby/object:Gem::Version
18
- version: 0.384.0
18
+ version: 0.385.0
19
19
  type: :runtime
20
20
  prerelease: false
21
21
  version_requirements: !ruby/object:Gem::Requirement
22
22
  requirements:
23
23
  - - '='
24
24
  - !ruby/object:Gem::Version
25
- version: 0.384.0
25
+ version: 0.385.0
26
26
  - !ruby/object:Gem::Dependency
27
27
  name: debug
28
28
  requirement: !ruby/object:Gem::Requirement
@@ -260,7 +260,7 @@ licenses:
260
260
  - MIT
261
261
  metadata:
262
262
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
263
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.384.0
263
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.385.0
264
264
  rdoc_options: []
265
265
  require_paths:
266
266
  - lib