RubyGems - dependabot-github_actions - Versions diffs - 0.180.3 → 0.181.0 - Mend

dependabot-github_actions 0.180.3 → 0.181.0

Files changed (3) hide show

checksums.yaml +4 -4
data/lib/dependabot/github_actions/update_checker.rb +36 -5
metadata +34 -6

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a7381414c279a581fd9ba536c9755e018f4997fd08ba54a57dcc1723afe7dd7e
-  data.tar.gz: 583fdb288540b108d59060f6549b540346ebe8312c32b8f3b5aa5afa3b39322c
+  metadata.gz: cf45819807a321230e76bf84aa2e507adb6d3e0b7a302b2152fcada8d189f161
+  data.tar.gz: bfc5b56739eb334635f4c9e8d6802a387681c8b9a3002662f0f0dab68a1e2eda
 SHA512:
-  metadata.gz: d8cd3a10312329107662e2098f1d5bb59f66adba4acdfc568fc780ff02b2bbea40344eb1d116b70b1e2da4e2d3b2fc7180ac61659a42dee19be3515dd383a1b4
-  data.tar.gz: a7457a298c88a00d2a82eb056042145f50d54bf9de7d66fa5a72d285c56ff9432b35a9c1234ef621c756bde75262238f6ab73be5d37275e2279c4d8db3f414d4
+  metadata.gz: d4786e9eff67b85be2ad5e0785aaac4506ebf216a13443fd8faf622958fc000dd16c5f0a024ebce64e4a67c2c337769bcf65d9de0ab92ed48a0a679a558a9950
+  data.tar.gz: e908f0f3446d97d8c8951afe92b1d62172715e83cc568b72caca6285dd44c4242b30928b3f1eb854331c87cdc3792ce0bfcf1a83a0866f6f2bd16627f2d2dd6a

data/lib/dependabot/github_actions/update_checker.rb CHANGED Viewed

@@ -63,10 +63,8 @@ module Dependabot
         # If the dependency is pinned to a tag that looks like a version then
         # we want to update that tag.
-        if git_commit_checker.pinned_ref_looks_like_version? &&
-           git_commit_checker.local_tag_for_latest_version
-          latest_tag = git_commit_checker.local_tag_for_latest_version
-          latest_version = latest_tag.fetch(:version)
+        if git_commit_checker.pinned_ref_looks_like_version? && latest_version_tag
+          latest_version = latest_version_tag.fetch(:version)
           return version_class.new(dependency.version) if shortened_semver_eq?(dependency.version, latest_version.to_s)
           return latest_version
@@ -87,13 +85,39 @@ module Dependabot
         nil
       end
+      def latest_version_tag
+        @latest_version_tag ||= begin
+          return git_commit_checker.local_tag_for_latest_version if dependency.version.nil?
+          latest_tags = git_commit_checker.local_tags_for_latest_version_commit_sha
+          # Find the latest version with the same precision as the pinned version.
+          # Falls back to a version with the closest precision if no exact match.
+          current_dots = dependency.version.split(".").length
+          latest_tags.max do |a, b|
+            next a[:version] <=> b[:version] unless shortened_semver_version_eq?(a[:version], b[:version])
+            a_dots = a[:version].to_s.split(".").length
+            b_dots = b[:version].to_s.split(".").length
+            a_diff = (a_dots - current_dots).abs
+            b_diff = (b_dots - current_dots).abs
+            next -(a_diff <=> b_diff) unless a_diff == b_diff
+            # preference to a less specific version if we have a tie
+            next 1 if a_dots < current_dots
+            -1
+          end
+        end
+      end
       def updated_source
         # TODO: Support Docker sources
         return dependency_source_details unless git_dependency?
         # Update the git tag if updating a pinned version
         if git_commit_checker.pinned_ref_looks_like_version? &&
-           (new_tag = git_commit_checker.local_tag_for_latest_version) &&
+           (new_tag = latest_version_tag) &&
            new_tag.fetch(:commit_sha) != current_commit
           return dependency_source_details.merge(ref: new_tag.fetch(:tag))
         end
@@ -152,6 +176,13 @@ module Dependabot
         other_split[0..base_split.length - 1] == base_split
       end
+      def shortened_semver_version_eq?(base_version, other_version)
+        base = base_version.to_s
+        other = other_version.to_s
+        shortened_semver_eq?(base, other) || shortened_semver_eq?(other, base)
+      end
     end
   end
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-github_actions
 version: !ruby/object:Gem::Version
-  version: 0.180.3
+  version: 0.181.0
 platform: ruby
 authors:
 - Dependabot
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-04-04 00:00:00.000000000 Z
+date: 2022-04-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,28 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.180.3
+        version: 0.181.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.180.3
+        version: 0.181.0
+- !ruby/object:Gem::Dependency
+  name: debase
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.2.4.1
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.2.4.1
 - !ruby/object:Gem::Dependency
   name: debug
   requirement: !ruby/object:Gem::Requirement
@@ -100,14 +114,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.26.0
+        version: 1.27.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.27.0
+- !ruby/object:Gem::Dependency
+  name: ruby-debug-ide
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.7.3
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.26.0
+        version: 0.7.3
 - !ruby/object:Gem::Dependency
   name: simplecov
   requirement: !ruby/object:Gem::Requirement