dependabot-elm 0.97.4 → 0.97.5

Sign up to get free protection for your applications and to get access to all the features.
Files changed (3) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/elm/update_checker/elm_19_version_resolver.rb +3 -1
  3. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ef86230ac06375486db517a1ee3f401e6ca48161e7017054dd97e7b20e4509e3
4
- data.tar.gz: 74ddee7c4fdf474dfd1e6f6a5eeef391c5c0066e5213b3d09c190d50ce083431
3
+ metadata.gz: 9a357efa4d6a962c99efe71aa3b6086512ffd48171055256dc21cd848e73f63e
4
+ data.tar.gz: de0f2e0984582aad74302435eb7906734b2ebd45c73fd14a1aa8c98801b70c74
5
5
  SHA512:
6
- metadata.gz: 5df89c8408c495c6e0e3cde4ca03f5f15bdcfacc180baa2b7ab8d79dd69739558a54c76a332b657be495aeeec94b09eb2cc1b5ac807dcf2359874276b086f3e5
7
- data.tar.gz: ebad86ef260b0cabc2c7d93b416bd0839408d5afb06960c0464d3c77de2ae8066c1ddee674e549eda93d13ecbf88a8869c29a6fd5dae83f0bf44a988ad2ea355
6
+ metadata.gz: 3d34e22586f40f7666a75206f6157018208ccb3e5de4a69c8383d7510e219cf73cd5dbbd2e84f6fe086a86428df7f143659e9bd9315d9bbe9cd42ae2b7f57917
7
+ data.tar.gz: f3e80ea658bc8ddb42c6322625864c32af613075065452b64b89db2acb876c764d68c3eb5412fa9d0681b4781d3ac286eeabd0b7776323cc548e8584ff47bf29
data/lib/dependabot/elm/update_checker/elm_19_version_resolver.rb CHANGED
@@ -1,6 +1,7 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  require "open3"
4
+ require "shellwords"
4
5
  require "dependabot/shared_helpers"
5
6
  require "dependabot/errors"
6
7
  require "dependabot/elm/file_parser"
@@ -103,7 +104,8 @@ module Dependabot
103
104
  # Elm package install outputs a preview of the actions to be
104
105
  # performed. We can use this preview to calculate whether it
105
106
  # would do anything funny
106
- command = "yes n | elm19 install #{dependency.name}"
107
+ dependency_name = Shellwords.escape(dependency.name)
108
+ command = "yes n | elm19 install #{dependency_name}"
107
109
  response = run_shell_command(command)
108
110
 
109
111
  CliParser.decode_install_preview(response)
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-elm
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.97.4
4
+ version: 0.97.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.97.4
19
+ version: 0.97.5
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.97.4
26
+ version: 0.97.5
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement