dependabot-github_actions 0.208.0 → 0.209.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/github_actions/update_checker.rb +9 -12
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 95383a0b46d57e16120c3f9ca4b15b77d860fa6c24da4060e432fd9a268314fd
|
4
|
+
data.tar.gz: bad06cf26e78be9c5f35cad2533968bd427132d49a964bd83f05463ebd3c91fd
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 15ebf9cabe2fab309c9de7713941971acde38167c61f470cfd36b28de965039f43f97cea06d21638fe2bd118681ca8705ad61d3f650ce52469848e68dd5ee611
|
7
|
+
data.tar.gz: d310c382ed24f57f1bce4e75a8fafa94bd8eaf0207ecd55f9fe89a61cb735279db3ffb75fdb86c1ca27d6b72b880ded7cf7499879cbdcfd2a33c984a1561376c
|
@@ -70,13 +70,10 @@ module Dependabot
|
|
70
70
|
return latest_version
|
71
71
|
end
|
72
72
|
|
73
|
-
# If the dependency is pinned to a commit SHA
|
74
|
-
#
|
75
|
-
|
76
|
-
|
77
|
-
if git_commit_checker.pinned_ref_looks_like_commit_sha? &&
|
78
|
-
(latest_tag = git_commit_checker.local_tag_for_latest_version) &&
|
79
|
-
git_commit_checker.branch_or_ref_in_release?(latest_tag[:version])
|
73
|
+
# If the dependency is pinned to a commit SHA, we return a *version* so
|
74
|
+
# that we get nice behaviour in PullRequestCreator::MessageBuilder
|
75
|
+
if git_commit_checker.pinned_ref_looks_like_commit_sha?
|
76
|
+
latest_tag = git_commit_checker.local_tag_for_latest_version
|
80
77
|
return latest_tag.fetch(:version)
|
81
78
|
end
|
82
79
|
|
@@ -122,12 +119,12 @@ module Dependabot
|
|
122
119
|
return dependency_source_details.merge(ref: new_tag.fetch(:tag))
|
123
120
|
end
|
124
121
|
|
125
|
-
|
122
|
+
latest_tag = git_commit_checker.local_tag_for_latest_version
|
123
|
+
|
124
|
+
# Update the pinned git commit if one is available
|
126
125
|
if git_commit_checker.pinned_ref_looks_like_commit_sha? &&
|
127
|
-
|
128
|
-
|
129
|
-
(latest_commit = latest_tag.fetch(:commit_sha)) != current_commit
|
130
|
-
return dependency_source_details.merge(ref: latest_commit)
|
126
|
+
latest_tag.fetch(:commit_sha) != current_commit
|
127
|
+
return dependency_source_details.merge(ref: latest_tag.fetch(:commit_sha))
|
131
128
|
end
|
132
129
|
|
133
130
|
# Otherwise return the original source
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-github_actions
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.209.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-08-
|
11
|
+
date: 2022-08-17 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dependabot-common
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.
|
19
|
+
version: 0.209.0
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.
|
26
|
+
version: 0.209.0
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: debase
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|