dependabot-github_actions 0.238.0 → 0.239.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 417a5dc780b5653b184e1b85bf500acba5f75527d0c6533b2d18a137aad5a1a6
-  data.tar.gz: d6162c2c02bf9c61ece051e9cc9c7df0af9037b0c0b10499fce246a685b00407
+  metadata.gz: ff3ec4fa8f1b132227c557b6fa76217241bec1a0a75f53628f985a824a2be1f3
+  data.tar.gz: a02e8693737f12942663d1e4c5b7ffcb5f3955792a07b0f5fa0b4a829d925cbe
 SHA512:
-  metadata.gz: 11f0acafb4b769b2e808b5447de805cbc5c62a4bbfc57b3ca869886c83fdd1124607d1406b5071a85e36953734186f5596cf6997cb96d3a3adc020dd11a112c2
-  data.tar.gz: 3cfdc22db82f2c0317709ed293fbb8f7ce941f3e5b38b58ea43f7e23cd59ac8db462fe154e7802924071483801e72c7a0b63433b21f594c7fdd38fbf6970b9e8
+  metadata.gz: 1022e0293ced804a75245f3b1dd81c20393eb112ca7837f73426c88b37f4b9b182473ecc0f1f5a5f935e5119b914de3c17a269d43c1f98ece4198585f41630ab
+  data.tar.gz: 45f493d1f78fe2e01a3227d1e07b50ae53f5bf1ff345264a2e17745b8aa42f9490817e05d85d9cdbb5f83f7c942fd0fc2826dd5af59fd602b9a202a86aae680e

data/lib/dependabot/github_actions/file_updater.rb

@@ -100,6 +100,8 @@ module Dependabot
         return unless git_checker.ref_looks_like_commit_sha?(old_ref)
 
         previous_version_tag = git_checker.most_specific_version_tag_for_sha(old_ref)
+        return unless previous_version_tag # There's no tag for this commit
+
         previous_version = version_class.new(previous_version_tag).to_s
         return unless comment.end_with? previous_version
 

data/lib/dependabot/github_actions/requirement.rb

@@ -1,16 +1,20 @@
 # typed: true
 # frozen_string_literal: true
 
+require "sorbet-runtime"
+
+require "dependabot/requirement"
 require "dependabot/utils"
 require "dependabot/github_actions/version"
 
 module Dependabot
   module GithubActions
     # Lifted from the bundler package manager
-    class Requirement < Gem::Requirement
+    class Requirement < Dependabot::Requirement
       # For consistency with other languages, we define a requirements array.
       # Ruby doesn't have an `OR` separator for requirements, so it always
       # contains a single element.
+      sig { override.params(requirement_string: T.nilable(String)).returns(T::Array[Requirement]) }
       def self.requirements_array(requirement_string)
         [new(requirement_string)]
       end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-github_actions
 version: !ruby/object:Gem::Version
-  version: 0.238.0
+  version: 0.239.0
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-12-07 00:00:00.000000000 Z
+date: 2023-12-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.238.0
+        version: 0.239.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.238.0
+        version: 0.239.0
 - !ruby/object:Gem::Dependency
   name: debug
   requirement: !ruby/object:Gem::Requirement
@@ -114,14 +114,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.57.2
+        version: 1.58.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.57.2
+        version: 1.58.0
 - !ruby/object:Gem::Dependency
   name: rubocop-performance
   requirement: !ruby/object:Gem::Requirement
@@ -227,7 +227,7 @@ licenses:
 - Nonstandard
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.238.0
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.239.0
 post_install_message: 
 rdoc_options: []
 require_paths: