dependabot-github_actions 0.214.0 → 0.215.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/github_actions/file_parser.rb +0 -2
  3. data/lib/dependabot/github_actions/update_checker.rb +4 -3
  4. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b3804334c168c6ac968941c3fd695443875744a48e66825e0247a10089003b77
4
- data.tar.gz: 92571e11e014c22477a152c8035d77022df7faad94b303677788e937d31d6231
3
+ metadata.gz: 6fde4fe69c8cd2491cd14866ea06170f56ee5abbe938f4c87f8a7b44c0d5ba90
4
+ data.tar.gz: 49f7860bbf1b24d352abb47f2538683571ef11d5224b5dcdd5b4538152ba1459
5
5
  SHA512:
6
- metadata.gz: 6397641d12b9fb86fbc34fec837b05c3669f9ebb3a96dd27fa2912098ac1f158dcf6f39995065a417013ba22e169931a4886c2e15109bcf446a4f83191ec03a4
7
- data.tar.gz: d706bb33be9d40cd470c6977a6268887fddacbf799ea30b604a5569ac50347589b8acf25ad6f9d924ccd78c9ce31b515fe8564118dc1705825e6c73055265e6d
6
+ metadata.gz: 917071c7623f613199a71beea1a48656a010cb598f9868799fdecf6cf60d307b16bea35bb50bf2208c48a819e7ab9f95f1ee53994612a2f2922762797b6a3aac
7
+ data.tar.gz: 8e11c8d489fe57966dec1239730b7109477c9f3e5eeb3a629a2a5542b9ace4f6daa08677f52ae48203206f4bec43288939bd63c93f46b6fc28c8757aaedb97ca
data/lib/dependabot/github_actions/file_parser.rb CHANGED
@@ -92,8 +92,6 @@ module Dependabot
92
92
  next unless dep.version.nil?
93
93
 
94
94
  git_checker = Dependabot::GitCommitChecker.new(dependency: dep, credentials: credentials)
95
- next unless git_checker.pinned_ref_looks_like_commit_sha?
96
-
97
95
  resolved = git_checker.local_tag_for_pinned_sha
98
96
  next if resolved.nil? || !version_class.correct?(resolved)
99
97
 
data/lib/dependabot/github_actions/update_checker.rb CHANGED
@@ -88,7 +88,7 @@ module Dependabot
88
88
 
89
89
  if git_commit_checker.pinned_ref_looks_like_commit_sha? && latest_version_tag
90
90
  latest_version = latest_version_tag.fetch(:version)
91
- return latest_commit_for_pinned_ref unless git_commit_checker.branch_or_ref_in_release?(latest_version)
91
+ return latest_commit_for_pinned_ref unless git_commit_checker.local_tag_for_pinned_sha
92
92
 
93
93
  return latest_version
94
94
  end
@@ -199,7 +199,7 @@ module Dependabot
199
199
  new_tag = latest_version_tag
200
200
  return unless new_tag
201
201
 
202
- if git_commit_checker.branch_or_ref_in_release?(new_tag.fetch(:version))
202
+ if git_commit_checker.local_tag_for_pinned_sha
203
203
  new_tag.fetch(:commit_sha)
204
204
  else
205
205
  latest_commit_for_pinned_ref
@@ -252,7 +252,8 @@ module Dependabot
252
252
 
253
253
  def find_container_branch(sha)
254
254
  branches_including_ref = SharedHelpers.run_shell_command(
255
- "git branch --remotes --contains #{sha}"
255
+ "git branch --remotes --contains #{sha}",
256
+ fingerprint: "git branch --remotes --contains <sha>"
256
257
  ).split("\n").map { |branch| branch.strip.gsub("origin/", "") }
257
258
 
258
259
  current_branch = branches_including_ref.find { |branch| branch.start_with?("HEAD -> ") }
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-github_actions
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.214.0
4
+ version: 0.215.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-12-01 00:00:00.000000000 Z
11
+ date: 2022-12-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.214.0
19
+ version: 0.215.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.214.0
26
+ version: 0.215.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debug
29
29
  requirement: !ruby/object:Gem::Requirement