dependabot-docker 0.300.0 → 0.301.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 37204785920957bb707141c90c50146ffcd40e4887f1f005929072af670a2598
|
|
4
|
+
data.tar.gz: 2a55642c227e765e435c6972b2091585382b4d006957a5c81b7b1b3be89f0851
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 0627f3112a1465b0350de6a93e9ed2870ed43f500789f95ee630cb77720167ace0a9c679b888a31bc7f8e70052040a4793ed89798459a458c31cd786fc648a03
|
|
7
|
+
data.tar.gz: 56d6d3b387a3acaa7db3c4121ccb89593c4fa230a4fa4a6dd587ad42ee848f3c1dc8093cdaf1015b64540709530d6dcb2204359587df761d32564d48c4ae761b
|
|
@@ -53,7 +53,6 @@ module Dependabot
|
|
|
53
53
|
end
|
|
54
54
|
|
|
55
55
|
manifest_files.each do |file|
|
|
56
|
-
check_manifest_file_encoding(file)
|
|
57
56
|
dependency_set += workfile_file_dependencies(file)
|
|
58
57
|
end
|
|
59
58
|
|
|
@@ -83,15 +82,6 @@ module Dependabot
|
|
|
83
82
|
dependency_files.select { |f| f.type == "file" && f.name.match?(YAML_REGEXP) }
|
|
84
83
|
end
|
|
85
84
|
|
|
86
|
-
sig { params(file: Dependabot::DependencyFile).void }
|
|
87
|
-
def check_manifest_file_encoding(file)
|
|
88
|
-
return unless file.content&.start_with?("\uFEFF")
|
|
89
|
-
|
|
90
|
-
file_path = Pathname.new(file.directory).join(file.name).cleanpath.to_path
|
|
91
|
-
msg = "The file appears to have been saved with a byte order mark (BOM). This will prevent proper parsing."
|
|
92
|
-
raise Dependabot::DependencyFileNotParseable.new(file_path, msg)
|
|
93
|
-
end
|
|
94
|
-
|
|
95
85
|
sig { params(file: Dependabot::DependencyFile).returns(DependencySet) }
|
|
96
86
|
def workfile_file_dependencies(file)
|
|
97
87
|
dependency_set = DependencySet.new
|
|
@@ -47,7 +47,9 @@ module Dependabot
|
|
|
47
47
|
return false if parsed_version.nil?
|
|
48
48
|
|
|
49
49
|
release_part, = T.must(parsed_version[:version]).split("_", 2)
|
|
50
|
-
release_part = Tag.new(T.must(release_part).chomp(".").chomp("-").chomp("_")).numeric_version
|
|
50
|
+
release_part = Tag.new(T.must(release_part).chomp(".").chomp("-").chomp("_")).numeric_version
|
|
51
|
+
return false unless release_part
|
|
52
|
+
|
|
51
53
|
super(release_part.to_s)
|
|
52
54
|
rescue ArgumentError
|
|
53
55
|
# if we can't instantiate a version, it can't be correct
|
|
@@ -76,7 +76,13 @@ module Dependabot
|
|
|
76
76
|
@yamlfiles ||= T.let(
|
|
77
77
|
repo_contents(raise_errors: false)
|
|
78
78
|
.select { |f| f.type == "file" && f.name.match?(YAML_REGEXP) }
|
|
79
|
-
.map
|
|
79
|
+
.map do |f|
|
|
80
|
+
fetched = fetch_file_from_host(f.name)
|
|
81
|
+
# The YAML parser used doesn't properly handle a byte-order-mark (BOM) and it can cause failures in
|
|
82
|
+
# unexpected ways. That BOM is removed here to allow regular updates to proceed.
|
|
83
|
+
fetched.content = T.must(fetched.content)[1..-1] if fetched.content&.start_with?("\uFEFF")
|
|
84
|
+
fetched
|
|
85
|
+
end,
|
|
80
86
|
T.nilable(T::Array[DependencyFile])
|
|
81
87
|
)
|
|
82
88
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-docker
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.301.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2025-03-
|
|
11
|
+
date: 2025-03-13 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.301.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.301.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -262,7 +262,7 @@ licenses:
|
|
|
262
262
|
- MIT
|
|
263
263
|
metadata:
|
|
264
264
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
265
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
265
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.301.0
|
|
266
266
|
post_install_message:
|
|
267
267
|
rdoc_options: []
|
|
268
268
|
require_paths:
|