diff --git a/common/lib/dependabot/git_commit_checker.rb b/common/lib/dependabot/git_commit_checker.rb index ea30f2b60c5..fc3f44a7ad0 100644 --- a/common/lib/dependabot/git_commit_checker.rb +++ b/common/lib/dependabot/git_commit_checker.rb @@ -24,12 +24,13 @@ class GitCommitChecker def initialize(dependency:, credentials:, ignored_versions: [], raise_on_ignored: false, - consider_version_branches_pinned: false) + consider_version_branches_pinned: false, dependency_source_details: nil) @dependency = dependency @credentials = credentials @ignored_versions = ignored_versions @raise_on_ignored = raise_on_ignored @consider_version_branches_pinned = consider_version_branches_pinned + @dependency_source_details = dependency_source_details end def git_dependency? @@ -160,7 +161,7 @@ def git_repo_reachable? end def dependency_source_details - dependency.source_details(allowed_types: ["git"]) + @dependency_source_details || dependency.source_details(allowed_types: ["git"]) end private diff --git a/github_actions/lib/dependabot/github_actions/update_checker.rb b/github_actions/lib/dependabot/github_actions/update_checker.rb index 4e3aa8696be..e1adb10bee2 100644 --- a/github_actions/lib/dependabot/github_actions/update_checker.rb +++ b/github_actions/lib/dependabot/github_actions/update_checker.rb @@ -35,12 +35,11 @@ def lowest_resolvable_security_fix_version end def updated_requirements - updated = updated_ref - dependency.requirements.map do |req| + source = req[:source] + updated = updated_ref(source) next req unless updated - source = req[:source] current = source[:ref] # Maintain a short git hash only if it matches the latest @@ -174,7 +173,7 @@ def filter_lower_tags(tags_array) .select { |tag| tag.fetch(:version) > current_version } end - def updated_ref + def updated_ref(source) # TODO: Support Docker sources return unless git_dependency? @@ -183,14 +182,16 @@ def updated_ref return new_tag.fetch(:tag) end + source_git_commit_checker = git_commit_checker_for(source) + # Return the git tag if updating a pinned version - if git_commit_checker.pinned_ref_looks_like_version? && + if source_git_commit_checker.pinned_ref_looks_like_version? && (new_tag = latest_version_tag) return new_tag.fetch(:tag) end # Return the pinned git commit if one is available - if git_commit_checker.pinned_ref_looks_like_commit_sha? && + if source_git_commit_checker.pinned_ref_looks_like_commit_sha? && (new_commit_sha = latest_commit_sha) return new_commit_sha end @@ -219,12 +220,19 @@ def git_dependency? end def git_commit_checker - @git_commit_checker ||= Dependabot::GitCommitChecker.new( + @git_commit_checker ||= git_commit_checker_for(nil) + end + + def git_commit_checker_for(source) + @git_commit_checkers ||= {} + + @git_commit_checkers[source] ||= Dependabot::GitCommitChecker.new( dependency: dependency, credentials: credentials, ignored_versions: ignored_versions, raise_on_ignored: raise_on_ignored, - consider_version_branches_pinned: true + consider_version_branches_pinned: true, + dependency_source_details: source ) end diff --git a/github_actions/spec/dependabot/github_actions/update_checker_spec.rb b/github_actions/spec/dependabot/github_actions/update_checker_spec.rb index a6355cde262..71ba0eaf15a 100644 --- a/github_actions/spec/dependabot/github_actions/update_checker_spec.rb +++ b/github_actions/spec/dependabot/github_actions/update_checker_spec.rb @@ -913,7 +913,7 @@ source: { type: "git", url: "https://github.com/actions/checkout", - ref: "v3.5.2", + ref: "master", branch: nil } }]