dependabot-github_actions 0.206.0 → 0.209.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (3) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/github_actions/update_checker.rb +9 -12
  3. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 96291b44fd0565e6880a331fa79e02673ce68839bb8fe12f3c5b07407c38c3d0
4
- data.tar.gz: 36b2c1d6f4db798c5f7cbef2410c0f604ddd58082b7c5b4fc2a69135910a587b
3
+ metadata.gz: 95383a0b46d57e16120c3f9ca4b15b77d860fa6c24da4060e432fd9a268314fd
4
+ data.tar.gz: bad06cf26e78be9c5f35cad2533968bd427132d49a964bd83f05463ebd3c91fd
5
5
  SHA512:
6
- metadata.gz: 6c3ce5269cc237109573f91247af29c45f854e9d6706fea5b7081b0cba6669f86d72a5a800c58df2252e2a2b6cb212f3f863a5ff030a2b115deb0841feb4a7c8
7
- data.tar.gz: 33d427a50819f4cf6fd7fa7a3895fd779203caf691ba58ead06848ed26037b5afb526055194fe5ffc3f3e33222e18dcc5b047a1dc857f512ef41b1c20bab61b2
6
+ metadata.gz: 15ebf9cabe2fab309c9de7713941971acde38167c61f470cfd36b28de965039f43f97cea06d21638fe2bd118681ca8705ad61d3f650ce52469848e68dd5ee611
7
+ data.tar.gz: d310c382ed24f57f1bce4e75a8fafa94bd8eaf0207ecd55f9fe89a61cb735279db3ffb75fdb86c1ca27d6b72b880ded7cf7499879cbdcfd2a33c984a1561376c
data/lib/dependabot/github_actions/update_checker.rb CHANGED
@@ -70,13 +70,10 @@ module Dependabot
70
70
  return latest_version
71
71
  end
72
72
 
73
- # If the dependency is pinned to a commit SHA and the latest
74
- # version-like tag includes that commit then we want to update to that
75
- # version-like tag. We return a version (not a commit SHA) so that we
76
- # get nice behaviour in PullRequestCreator::MessageBuilder
77
- if git_commit_checker.pinned_ref_looks_like_commit_sha? &&
78
- (latest_tag = git_commit_checker.local_tag_for_latest_version) &&
79
- git_commit_checker.branch_or_ref_in_release?(latest_tag[:version])
73
+ # If the dependency is pinned to a commit SHA, we return a *version* so
74
+ # that we get nice behaviour in PullRequestCreator::MessageBuilder
75
+ if git_commit_checker.pinned_ref_looks_like_commit_sha?
76
+ latest_tag = git_commit_checker.local_tag_for_latest_version
80
77
  return latest_tag.fetch(:version)
81
78
  end
82
79
 
@@ -122,12 +119,12 @@ module Dependabot
122
119
  return dependency_source_details.merge(ref: new_tag.fetch(:tag))
123
120
  end
124
121
 
125
- # Update the git commit if updating a pinned commit
122
+ latest_tag = git_commit_checker.local_tag_for_latest_version
123
+
124
+ # Update the pinned git commit if one is available
126
125
  if git_commit_checker.pinned_ref_looks_like_commit_sha? &&
127
- (latest_tag = git_commit_checker.local_tag_for_latest_version) &&
128
- git_commit_checker.branch_or_ref_in_release?(latest_tag[:version]) &&
129
- (latest_commit = latest_tag.fetch(:commit_sha)) != current_commit
130
- return dependency_source_details.merge(ref: latest_commit)
126
+ latest_tag.fetch(:commit_sha) != current_commit
127
+ return dependency_source_details.merge(ref: latest_tag.fetch(:commit_sha))
131
128
  end
132
129
 
133
130
  # Otherwise return the original source
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-github_actions
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.206.0
4
+ version: 0.209.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-08-10 00:00:00.000000000 Z
11
+ date: 2022-08-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.206.0
19
+ version: 0.209.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.206.0
26
+ version: 0.209.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debase
29
29
  requirement: !ruby/object:Gem::Requirement