dependabot-github_actions 0.146.0 → 0.146.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (3) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/github_actions/update_checker.rb +14 -2
  3. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 4b11317e1dad2358be56e6ef6a39a34b21203bb4892d8ede27b76bc1b9e26d2e
4
- data.tar.gz: f5d866295306e58ea08f5f3be97fc3e1686d55f805fec4bb9e6335641f92b079
3
+ metadata.gz: f18094461826b65eab69b655ca90e8cc7e143d3d2ac9cf15f2256bf0a6d47a29
4
+ data.tar.gz: 6bad99dfc7ffcb8a06eace7894fda46a7ceb4ab94980e2a8b656f5a281bcd324
5
5
  SHA512:
6
- metadata.gz: f468a43a7257f606736445fb21fc4a61869a6e0bd190940d09e9bee28bc631af8683aae0ad1c474764b23fe2394985f51bcc6067a0fe15d4bcd12de41b14b7bf
7
- data.tar.gz: 8190e538cda08496ceeda4a6a23e0f66274df683ff38b68318577f2d0622397877f3852d77cb9281f8fcec21d8da1d303fd13ddcf0fecfed796f39346203688d
6
+ metadata.gz: f1d187ecbeafaa181f64b90d2371c6f16fe308910bb129a708087021b3cf9ba58ea9f4622608421a3ea163e16d5ef8ce56b8edef913512d936240380d9cd28bf
7
+ data.tar.gz: 1f6a313a85b15056d563f0edfb08aedf6bcc9c507dccf2ebdd9bf18aba64c279983f3bd7121e7f86941cb53a7de0dc6b8ef11534da2630eb128fb059cbb8314a
data/lib/dependabot/github_actions/update_checker.rb CHANGED
@@ -63,11 +63,13 @@ module Dependabot
63
63
 
64
64
  # If the dependency is pinned to a tag that looks like a version then
65
65
  # we want to update that tag.
66
-
67
66
  if git_commit_checker.pinned_ref_looks_like_version? &&
68
67
  git_commit_checker.local_tag_for_latest_version
69
68
  latest_tag = git_commit_checker.local_tag_for_latest_version
70
- return latest_tag.fetch(:version)
69
+ latest_version = latest_tag.fetch(:version)
70
+ return version_class.new(dependency.version) if shortened_semver_eq?(dependency.version, latest_version.to_s)
71
+
72
+ return latest_version
71
73
  end
72
74
 
73
75
  # If the dependency is pinned to a commit SHA and the latest
@@ -140,6 +142,16 @@ module Dependabot
140
142
  raise_on_ignored: raise_on_ignored
141
143
  )
142
144
  end
145
+
146
+ def shortened_semver_eq?(base, other)
147
+ return false unless base
148
+
149
+ base_split = base.split(".")
150
+ other_split = other.split(".")
151
+ return false unless base_split.length <= other_split.length
152
+
153
+ other_split[0..base_split.length - 1] == base_split
154
+ end
143
155
  end
144
156
  end
145
157
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-github_actions
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.146.0
4
+ version: 0.146.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-05-11 00:00:00.000000000 Z
11
+ date: 2021-05-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.146.0
19
+ version: 0.146.1
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.146.0
26
+ version: 0.146.1
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement