dependabot-hex 0.145.3 → 0.147.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f8b9ddd90611eeb715844a4fc68a28f5357ed9f69055b20429d2faafa864b23f
|
|
4
|
+
data.tar.gz: cf218f5b7cfdb184e73f41f40bb960382e1b8abb66987f9dd96f9fb6f0b4a606
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 5b97ff9710a8e33190c920dbb6aef08f7a16e0481e3a4b08cf0e1460b8125b242d1fc611ed98f127bba70184bd8f17f273d195c4c56c25c420e7894d26804e4f
|
|
7
|
+
data.tar.gz: 88a318074fe68f8d402b2289987e314e66b4164d94e405b056eda90db64a58117ab344403e3f79bdb730524ec24042bf625a7d354d97412cd78d9b7cd9e4dea2
|
|
@@ -221,13 +221,23 @@ module Dependabot
|
|
|
221
221
|
ignore_requirements.any? { |r| r.satisfied_by?(v) }
|
|
222
222
|
end
|
|
223
223
|
|
|
224
|
-
|
|
224
|
+
if @raise_on_ignored && filter_lower_versions(filtered).empty? && filter_lower_versions(versions).any?
|
|
225
|
+
raise AllVersionsIgnored
|
|
226
|
+
end
|
|
225
227
|
|
|
226
228
|
filtered.max
|
|
227
229
|
end
|
|
228
230
|
end
|
|
229
231
|
# rubocop:enable Metrics/PerceivedComplexity
|
|
230
232
|
|
|
233
|
+
def filter_lower_versions(versions_array)
|
|
234
|
+
return versions_array unless current_version
|
|
235
|
+
|
|
236
|
+
versions_array.select do |version|
|
|
237
|
+
version > current_version
|
|
238
|
+
end
|
|
239
|
+
end
|
|
240
|
+
|
|
231
241
|
def hex_registry_response
|
|
232
242
|
return @hex_registry_response if @hex_registry_requested
|
|
233
243
|
|
|
@@ -246,13 +256,14 @@ module Dependabot
|
|
|
246
256
|
nil
|
|
247
257
|
end
|
|
248
258
|
|
|
259
|
+
def current_version
|
|
260
|
+
return unless dependency.version && version_class.correct?(dependency.version)
|
|
261
|
+
|
|
262
|
+
version_class.new(dependency.version)
|
|
263
|
+
end
|
|
264
|
+
|
|
249
265
|
def wants_prerelease?
|
|
250
|
-
|
|
251
|
-
if current_version &&
|
|
252
|
-
version_class.correct?(current_version) &&
|
|
253
|
-
version_class.new(current_version).prerelease?
|
|
254
|
-
return true
|
|
255
|
-
end
|
|
266
|
+
return true if current_version&.prerelease?
|
|
256
267
|
|
|
257
268
|
dependency.requirements.any? do |req|
|
|
258
269
|
req[:requirement]&.match?(/\d-[A-Za-z0-9]/)
|
|
@@ -74,8 +74,10 @@ module Dependabot
|
|
|
74
74
|
raise Dependabot::PrivateSourceAuthenticationFailure, org if org
|
|
75
75
|
end
|
|
76
76
|
|
|
77
|
-
# TODO:
|
|
78
|
-
#
|
|
77
|
+
# TODO: Catch the warnings as part of the Elixir module. This happens
|
|
78
|
+
# when elixir throws warnings from the manifest files that end up in
|
|
79
|
+
# stdout and cause run_helper_subprocess to fail parsing the result as
|
|
80
|
+
# JSON.
|
|
79
81
|
return error_result(error) if includes_result?(error)
|
|
80
82
|
|
|
81
83
|
# Ignore dependencies which don't resolve due to mis-matching
|
|
@@ -101,8 +103,7 @@ module Dependabot
|
|
|
101
103
|
result = error.message&.split("\n")&.last
|
|
102
104
|
return false unless result
|
|
103
105
|
|
|
104
|
-
JSON.parse(error.message&.split("\n")&.last)
|
|
105
|
-
true
|
|
106
|
+
JSON.parse(error.message&.split("\n")&.last).key?("result")
|
|
106
107
|
rescue JSON::ParserError
|
|
107
108
|
false
|
|
108
109
|
end
|
|
@@ -122,6 +123,12 @@ module Dependabot
|
|
|
122
123
|
|
|
123
124
|
true
|
|
124
125
|
rescue SharedHelpers::HelperSubprocessFailed => e
|
|
126
|
+
# TODO: Catch the warnings as part of the Elixir module. This happens
|
|
127
|
+
# when elixir throws warnings from the manifest files that end up in
|
|
128
|
+
# stdout and cause run_helper_subprocess to fail parsing the result as
|
|
129
|
+
# JSON.
|
|
130
|
+
return error_result(e) if includes_result?(e)
|
|
131
|
+
|
|
125
132
|
raise Dependabot::DependencyFileNotResolvable, e.message
|
|
126
133
|
end
|
|
127
134
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-hex
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.147.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-05-
|
|
11
|
+
date: 2021-05-19 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.147.1
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.147.1
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -100,14 +100,14 @@ dependencies:
|
|
|
100
100
|
requirements:
|
|
101
101
|
- - "~>"
|
|
102
102
|
- !ruby/object:Gem::Version
|
|
103
|
-
version: 1.
|
|
103
|
+
version: 1.15.0
|
|
104
104
|
type: :development
|
|
105
105
|
prerelease: false
|
|
106
106
|
version_requirements: !ruby/object:Gem::Requirement
|
|
107
107
|
requirements:
|
|
108
108
|
- - "~>"
|
|
109
109
|
- !ruby/object:Gem::Version
|
|
110
|
-
version: 1.
|
|
110
|
+
version: 1.15.0
|
|
111
111
|
- !ruby/object:Gem::Dependency
|
|
112
112
|
name: simplecov
|
|
113
113
|
requirement: !ruby/object:Gem::Requirement
|