Fix Dependabot logic for SNAPSHOTs

The Dependabot has a logic which we find as wrong.
It updates from the current `M/RC/SNAPSHOT` not to the GA of that version, but to the next version's `SNAPSHOT`

* Fix `spring-merge-dependabot-pr.yml` to compare `new-version` and `previous-version` metadata without suffixes.
For example, compare the current ` 1.0.0-RC1 ` with a new `1.0.1-SNAPSHOT`.
This means there is a GA we would expect an update to, but somehow Dependabot skips that for us.
* Close its PRs in this case.
Only allow update to a new `SNAPSHOT` if `new-version` and `previous-version` version bases are equal

Author: artembilan

.github/workflows/spring-merge-dependabot-pr.yml

@@ -61,26 +61,36 @@ jobs:
         with:
          github-token: ${{ env.GH_TOKEN }}
 
-      # Dependabot does not have ability to let us skip from '-SNAPSHOT' updates.
+      # Dependabot does not have the ability to let us skip from '-SNAPSHOT' updates.
       # The problem happens when there is a GA for snapshot we are using right now.
-      # For example, we have a '1.0.0-SNAPSHOT' after previous update from the '1.0.0-RC1'.
+      # For example, we have a '1.0.0-SNAPSHOT' after the previous update from the '1.0.0-RC1'.
       # Now that dependency has gone to '1.0.0' GA, so we would expect an update like '1.0.0-SNAPSHOT -> 1.0.0',
       # but Dependabot does '1.0.0-SNAPSHOT -> 1.0.1-SNAPSHOT'.
+      # Another example, if we have a '1.0.0-RC1' but Dependabot does upgrade to '1.0.1-SNAPSHOT' instead of '1.0.0'.
       # This is wrong and causes extra burden in manual changes and commit history.
       # Therefore, closing such a PR as invalid.
       # See more info in: https://stackoverflow.com/questions/79204574/how-to-make-dependabot-to-not-update-from-snapshot
-      - name: Close if SNAPSHOT to SNAPSHOT update
-        if: ${{ endsWith(steps.metadata.outputs.previous-version, '-SNAPSHOT') && endsWith(steps.metadata.outputs.new-version, '-SNAPSHOT') }}
+      - name: Close if to SNAPSHOT update skipping GA
+        if: endsWith(steps.metadata.outputs.new-version, '-SNAPSHOT')
         run: |
-          gh pr edit ${{ github.event.pull_request.number }} --add-label "status: invalid" --remove-milestone --remove-label "${{ inputs.dependenciesLabel }}"
+          NEW_VERSION="${{ steps.metadata.outputs.new-version }}"
+          NEW_VERSION=${NEW_VERSION/-SNAPSHOT}
           
-          CLOSE_COMMENT="Upgrade from ${{ steps.metadata.outputs.previous-version }} to ${{ steps.metadata.outputs.new-version }} is not allowed"
+          PREVIOUS_VERSION="${{ steps.metadata.outputs.previous-version }}"
+          PREVIOUS_VERSION=${PREVIOUS_VERSION/-*} 
           
-          gh pr close ${{ github.event.pull_request.number }} --comment "$CLOSE_COMMENT" 
+          if [ $NEW_VERSION != $PREVIOUS_VERSION ]
+          then
+            gh pr edit ${{ github.event.pull_request.number }} --add-label "status: invalid" --remove-milestone --remove-label "${{ inputs.dependenciesLabel }}"
+          
+            CLOSE_COMMENT="Upgrade from ${{ steps.metadata.outputs.previous-version }} to ${{ steps.metadata.outputs.new-version }} is not allowed"
+          
+            gh pr close ${{ github.event.pull_request.number }} --comment "$CLOSE_COMMENT" 
           
-          gh run cancel ${{ github.run_id }}
-          echo "::warning title=Cannot merge::$CLOSE_COMMENT"
-          gh run watch ${{ github.run_id }}
+            gh run cancel ${{ github.run_id }}
+            echo "::warning title=Cannot merge::$CLOSE_COMMENT"
+            gh run watch ${{ github.run_id }}    
+          fi
 
       - name: Add a label for development dependencies pull request
         if: ${{ steps.metadata.outputs.dependency-group == inputs.developmentGroup || endsWith(steps.metadata.outputs.new-version, '-SNAPSHOT') }}