dependabot-go_modules 0.213.0 → 0.214.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 5825bfefc09a4e3ef05bf5286f52f1de9825c0d7ffd3e34b3281c67847b67bc4
|
|
4
|
+
data.tar.gz: 2eedaaa966c5b7d76e09ee6dc2747a2f3e02b169391de945f3ea8a78a0dbd73b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 5bf996465ae67751493da4cb2fd27c9db2a128551e41328be4cdd5ee654f373d8b2938d9449dada9c7e5eae9c2f203a6d6367cb9de66d4c4c9e7cc21bdecb5af
|
|
7
|
+
data.tar.gz: 48873014f7eaf642d5010e449fa04081eca67e0d7dc039f1687476dddf152a514cbd21c0ff1b73ad720eecd0d9bca3012104657f6708f86c52391cdb0793bf74
|
|
@@ -135,6 +135,9 @@ module Dependabot
|
|
|
135
135
|
}
|
|
136
136
|
rescue Dependabot::SharedHelpers::HelperSubprocessFailed => e
|
|
137
137
|
if e.message == "Cannot detect VCS"
|
|
138
|
+
# if the dependency is locally replaced, this is not a fatal error
|
|
139
|
+
return { type: "default", source: dep["Path"] } if dependency_has_local_replacement(dep)
|
|
140
|
+
|
|
138
141
|
msg = e.message + " for #{dep['Path']}. Attempted to detect VCS " \
|
|
139
142
|
"because the version looks like a git revision: " \
|
|
140
143
|
"#{dep['Version']}"
|
|
@@ -179,6 +182,18 @@ module Dependabot
|
|
|
179
182
|
end
|
|
180
183
|
false
|
|
181
184
|
end
|
|
185
|
+
|
|
186
|
+
def dependency_has_local_replacement(details)
|
|
187
|
+
if manifest["Replace"]
|
|
188
|
+
has_local_replacement = manifest["Replace"].find do |replace|
|
|
189
|
+
replace["New"]["Path"].start_with?("./", "../") &&
|
|
190
|
+
replace["Old"]["Path"] == details["Path"]
|
|
191
|
+
end
|
|
192
|
+
|
|
193
|
+
return true if has_local_replacement
|
|
194
|
+
end
|
|
195
|
+
false
|
|
196
|
+
end
|
|
182
197
|
end
|
|
183
198
|
end
|
|
184
199
|
end
|
|
@@ -143,10 +143,10 @@ module Dependabot
|
|
|
143
143
|
end
|
|
144
144
|
|
|
145
145
|
def filter_lower_versions(versions_array)
|
|
146
|
-
return versions_array unless dependency.
|
|
146
|
+
return versions_array unless dependency.numeric_version
|
|
147
147
|
|
|
148
148
|
versions_array.
|
|
149
|
-
select { |version| version >
|
|
149
|
+
select { |version| version > dependency.numeric_version }
|
|
150
150
|
end
|
|
151
151
|
|
|
152
152
|
def filter_ignored_versions(versions_array)
|
|
@@ -162,9 +162,8 @@ module Dependabot
|
|
|
162
162
|
def wants_prerelease?
|
|
163
163
|
@wants_prerelease ||=
|
|
164
164
|
begin
|
|
165
|
-
current_version = dependency.
|
|
166
|
-
current_version
|
|
167
|
-
version_class.new(current_version).prerelease?
|
|
165
|
+
current_version = dependency.numeric_version
|
|
166
|
+
current_version&.prerelease?
|
|
168
167
|
end
|
|
169
168
|
end
|
|
170
169
|
|
|
@@ -21,7 +21,7 @@ module Dependabot
|
|
|
21
21
|
unless dependency.top_level?
|
|
22
22
|
return unless dependency.version
|
|
23
23
|
|
|
24
|
-
return
|
|
24
|
+
return current_version
|
|
25
25
|
end
|
|
26
26
|
|
|
27
27
|
latest_version_finder.latest_version
|
|
@@ -40,7 +40,7 @@ module Dependabot
|
|
|
40
40
|
unless dependency.top_level?
|
|
41
41
|
return unless dependency.version
|
|
42
42
|
|
|
43
|
-
return
|
|
43
|
+
return current_version
|
|
44
44
|
end
|
|
45
45
|
|
|
46
46
|
lowest_security_fix_version
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-go_modules
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.214.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-12-01 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.214.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.214.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -58,14 +58,14 @@ dependencies:
|
|
|
58
58
|
requirements:
|
|
59
59
|
- - "~>"
|
|
60
60
|
- !ruby/object:Gem::Version
|
|
61
|
-
version:
|
|
61
|
+
version: 4.0.0
|
|
62
62
|
type: :development
|
|
63
63
|
prerelease: false
|
|
64
64
|
version_requirements: !ruby/object:Gem::Requirement
|
|
65
65
|
requirements:
|
|
66
66
|
- - "~>"
|
|
67
67
|
- !ruby/object:Gem::Version
|
|
68
|
-
version:
|
|
68
|
+
version: 4.0.0
|
|
69
69
|
- !ruby/object:Gem::Dependency
|
|
70
70
|
name: rake
|
|
71
71
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -114,14 +114,14 @@ dependencies:
|
|
|
114
114
|
requirements:
|
|
115
115
|
- - "~>"
|
|
116
116
|
- !ruby/object:Gem::Version
|
|
117
|
-
version: 1.
|
|
117
|
+
version: 1.39.0
|
|
118
118
|
type: :development
|
|
119
119
|
prerelease: false
|
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
|
121
121
|
requirements:
|
|
122
122
|
- - "~>"
|
|
123
123
|
- !ruby/object:Gem::Version
|
|
124
|
-
version: 1.
|
|
124
|
+
version: 1.39.0
|
|
125
125
|
- !ruby/object:Gem::Dependency
|
|
126
126
|
name: rubocop-performance
|
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|