dependabot-github_actions 0.112.4 → 0.112.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/github_actions/update_checker.rb +13 -4
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 8e9052844f46abcef42fc7daf26a33f0758af5cc20497e915a8cc76d60f45c03
|
|
4
|
+
data.tar.gz: 14e9930e13a41655a57db54d4ecb3a6f4e57b22c1d45618a3de6afdaf80395f6
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 14db58db4be4c809aa207b15a133930451c8a0d1b75d56e1d5b91119ad0309f365e59c609982fd438292aef09909e6eee4eee648eb4b67f328d6111e562c1e97
|
|
7
|
+
data.tar.gz: 2c09449ba87ecf7839db9c906aba1ab59ded7ba3562389b66e9f8b7f25c2f1efd148183c25f1f68e7996e88c81ef562235b9cd507fcb43a3fd13f2323f6d341e
|
|
@@ -24,6 +24,10 @@ module Dependabot
|
|
|
24
24
|
end
|
|
25
25
|
|
|
26
26
|
def updated_requirements
|
|
27
|
+
if updated_source == dependency_source_details
|
|
28
|
+
return dependency.requirements
|
|
29
|
+
end
|
|
30
|
+
|
|
27
31
|
dependency.requirements.map { |req| req.merge(source: updated_source) }
|
|
28
32
|
end
|
|
29
33
|
|
|
@@ -53,9 +57,10 @@ module Dependabot
|
|
|
53
57
|
# If the dependency is pinned to a tag that looks like a version then
|
|
54
58
|
# we want to update that tag. The latest version will then be the SHA
|
|
55
59
|
# of the latest tag that looks like a version.
|
|
56
|
-
if git_commit_checker.pinned_ref_looks_like_version?
|
|
60
|
+
if git_commit_checker.pinned_ref_looks_like_version? &&
|
|
61
|
+
git_commit_checker.local_tag_for_latest_version
|
|
57
62
|
latest_tag = git_commit_checker.local_tag_for_latest_version
|
|
58
|
-
return latest_tag
|
|
63
|
+
return latest_tag.fetch(:commit_sha)
|
|
59
64
|
end
|
|
60
65
|
|
|
61
66
|
# If the dependency is pinned to a tag that doesn't look like a
|
|
@@ -71,8 +76,8 @@ module Dependabot
|
|
|
71
76
|
|
|
72
77
|
# Update the git tag if updating a pinned version
|
|
73
78
|
if git_commit_checker.pinned_ref_looks_like_version? &&
|
|
74
|
-
git_commit_checker.local_tag_for_latest_version
|
|
75
|
-
|
|
79
|
+
(new_tag = git_commit_checker.local_tag_for_latest_version) &&
|
|
80
|
+
new_tag.fetch(:commit_sha) != current_commit
|
|
76
81
|
return dependency_source_details.merge(ref: new_tag.fetch(:tag))
|
|
77
82
|
end
|
|
78
83
|
|
|
@@ -98,6 +103,10 @@ module Dependabot
|
|
|
98
103
|
sources.first
|
|
99
104
|
end
|
|
100
105
|
|
|
106
|
+
def current_commit
|
|
107
|
+
git_commit_checker.head_commit_for_current_branch
|
|
108
|
+
end
|
|
109
|
+
|
|
101
110
|
def git_dependency?
|
|
102
111
|
git_commit_checker.git_dependency?
|
|
103
112
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-github_actions
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.112.
|
|
4
|
+
version: 0.112.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.112.
|
|
19
|
+
version: 0.112.5
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.112.
|
|
26
|
+
version: 0.112.5
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|