dependabot-github_actions 0.237.0 → 0.238.0
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 417a5dc780b5653b184e1b85bf500acba5f75527d0c6533b2d18a137aad5a1a6
|
4
|
+
data.tar.gz: d6162c2c02bf9c61ece051e9cc9c7df0af9037b0c0b10499fce246a685b00407
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 11f0acafb4b769b2e808b5447de805cbc5c62a4bbfc57b3ca869886c83fdd1124607d1406b5071a85e36953734186f5596cf6997cb96d3a3adc020dd11a112c2
|
7
|
+
data.tar.gz: 3cfdc22db82f2c0317709ed293fbb8f7ce941f3e5b38b58ea43f7e23cd59ac8db462fe154e7802924071483801e72c7a0b63433b21f594c7fdd38fbf6970b9e8
|
@@ -55,19 +55,21 @@ module Dependabot
|
|
55
55
|
credentials: credentials,
|
56
56
|
consider_version_branches_pinned: true
|
57
57
|
)
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
58
|
+
if git_checker.git_repo_reachable?
|
59
|
+
next unless git_checker.pinned?
|
60
|
+
|
61
|
+
# If dep does not have an assigned (semver) version, look for a commit that references a semver tag
|
62
|
+
unless dep.version
|
63
|
+
resolved = git_checker.version_for_pinned_sha
|
64
|
+
|
65
|
+
if resolved
|
66
|
+
dep = Dependency.new(
|
67
|
+
name: dep.name,
|
68
|
+
version: resolved.to_s,
|
69
|
+
requirements: dep.requirements,
|
70
|
+
package_manager: dep.package_manager
|
71
|
+
)
|
72
|
+
end
|
71
73
|
end
|
72
74
|
end
|
73
75
|
|
@@ -153,8 +153,7 @@ module Dependabot
|
|
153
153
|
|
154
154
|
Dir.chdir(repo_contents_path) do
|
155
155
|
ref_branch = find_container_branch(git_commit_checker.dependency_source_details[:ref])
|
156
|
-
|
157
|
-
git_commit_checker.head_commit_for_local_branch(ref_branch)
|
156
|
+
git_commit_checker.head_commit_for_local_branch(ref_branch) if ref_branch
|
158
157
|
end
|
159
158
|
end
|
160
159
|
end
|
@@ -254,6 +253,7 @@ module Dependabot
|
|
254
253
|
"git branch --remotes --contains #{sha}",
|
255
254
|
fingerprint: "git branch --remotes --contains <sha>"
|
256
255
|
).split("\n").map { |branch| branch.strip.gsub("origin/", "") }
|
256
|
+
return if branches_including_ref.empty?
|
257
257
|
|
258
258
|
current_branch = branches_including_ref.find { |branch| branch.start_with?("HEAD -> ") }
|
259
259
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-github_actions
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.238.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-
|
11
|
+
date: 2023-12-07 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dependabot-common
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.
|
19
|
+
version: 0.238.0
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.
|
26
|
+
version: 0.238.0
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: debug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -227,7 +227,7 @@ licenses:
|
|
227
227
|
- Nonstandard
|
228
228
|
metadata:
|
229
229
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
230
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
230
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.238.0
|
231
231
|
post_install_message:
|
232
232
|
rdoc_options: []
|
233
233
|
require_paths:
|