dependabot-bundler 0.280.0 → 0.282.0

data/helpers/v1/lib/functions/force_updater.rb

@@ -1,173 +0,0 @@
-# typed: true
-# frozen_string_literal: true
-
-module Functions
-  class ForceUpdater
-    class TransitiveDependencyError < StandardError; end
-
-    def initialize(dependency_name:, target_version:, gemfile_name:,
-                   lockfile_name:, update_multiple_dependencies:)
-      @dependency_name = dependency_name
-      @target_version = target_version
-      @gemfile_name = gemfile_name
-      @lockfile_name = lockfile_name
-      @update_multiple_dependencies = update_multiple_dependencies
-    end
-
-    def run
-      # Only allow upgrades. Otherwise it's unlikely that this
-      # resolution will be found by the FileUpdater
-      Bundler.settings.set_command_option(
-        "only_update_to_newer_versions",
-        true
-      )
-
-      dependencies_to_unlock = []
-
-      begin
-        definition = build_definition(dependencies_to_unlock: dependencies_to_unlock)
-        definition.resolve_remotely!
-        specs = definition.resolve
-        updates = [{ name: dependency_name }] +
-                  dependencies_to_unlock.map { |dep| { name: dep.name } }
-        specs = specs.map do |dep|
-          {
-            name: dep.name,
-            version: dep.version
-          }
-        end
-        [updates, specs]
-      rescue Bundler::VersionConflict => e
-        raise unless update_multiple_dependencies?
-
-        # TODO: Not sure this won't unlock way too many things...
-        new_dependencies_to_unlock =
-          new_dependencies_to_unlock_from(
-            error: e,
-            already_unlocked: dependencies_to_unlock
-          )
-
-        raise if new_dependencies_to_unlock.none?
-
-        dependencies_to_unlock += new_dependencies_to_unlock
-        retry
-      end
-    end
-
-    private
-
-    attr_reader :dependency_name
-    attr_reader :target_version
-    attr_reader :gemfile_name
-    attr_reader :lockfile_name
-    attr_reader :credentials
-    attr_reader :update_multiple_dependencies
-    alias update_multiple_dependencies? update_multiple_dependencies
-
-    def new_dependencies_to_unlock_from(error:, already_unlocked:)
-      potentials_deps =
-        relevant_conflicts(error, already_unlocked)
-        .flat_map(&:requirement_trees)
-        .reject do |tree|
-          # If the final requirement wasn't specific, it can't be binding
-          next true if tree.last.requirement == Gem::Requirement.new(">= 0")
-
-          # If the conflict wasn't for the dependency we're updating then
-          # we don't have enough info to reject it
-          next false unless tree.last.name == dependency_name
-
-          # If the final requirement *was* for the dependency we're updating
-          # then we can ignore the tree if it permits the target version
-          tree.last.requirement.satisfied_by?(
-            Gem::Version.new(target_version)
-          )
-        end.map(&:first)
-
-      potentials_deps
-        .reject { |dep| already_unlocked.map(&:name).include?(dep.name) }
-        .reject { |dep| [dependency_name, "ruby\0"].include?(dep.name) }
-        .uniq
-    end
-
-    def relevant_conflicts(error, dependencies_being_unlocked)
-      names = [*dependencies_being_unlocked.map(&:name), dependency_name]
-
-      # For a conflict to be relevant to the updates we're making it must be
-      # 1) caused by a new requirement introduced by our unlocking, or
-      # 2) caused by an old requirement that prohibits the update.
-      # Hence, we look at the beginning and end of the requirement trees
-      error.cause.conflicts.values
-           .select do |conflict|
-        conflict.requirement_trees.any? do |t|
-          names.include?(t.last.name) || names.include?(t.first.name)
-        end
-      end
-    end
-
-    def build_definition(dependencies_to_unlock:)
-      gems_to_unlock = dependencies_to_unlock.map(&:name) + [dependency_name]
-      definition = Bundler::Definition.build(
-        gemfile_name,
-        lockfile_name,
-        gems: gems_to_unlock + subdependencies,
-        lock_shared_dependencies: true
-      )
-
-      # Remove the Gemfile / gemspec requirements on the gems we're
-      # unlocking (i.e., completely unlock them)
-      gems_to_unlock.each do |gem_name|
-        unlock_gem(definition: definition, gem_name: gem_name)
-      end
-
-      dep = definition.dependencies
-                      .find { |d| d.name == dependency_name }
-
-      # If the dependency is not found in the Gemfile it means this is a
-      # transitive dependency that we can't force update.
-      raise TransitiveDependencyError unless dep
-
-      # Set the requirement for the gem we're forcing an update of
-      new_req = Gem::Requirement.create("= #{target_version}")
-      dep.instance_variable_set(:@requirement, new_req)
-      dep.source = nil if dep.source.is_a?(Bundler::Source::Git)
-
-      definition
-    end
-
-    def lockfile
-      return @lockfile if defined?(@lockfile)
-
-      @lockfile =
-        begin
-          return unless lockfile_name && File.exist?(lockfile_name)
-
-          File.read(lockfile_name)
-        end
-    end
-
-    def subdependencies
-      # If there's no lockfile we don't need to worry about
-      # subdependencies
-      return [] unless lockfile
-
-      all_deps =  Bundler::LockfileParser.new(lockfile)
-                                         .specs.map { |x| x.name.to_s }
-      top_level = Bundler::Definition
-                  .build(gemfile_name, lockfile_name, {})
-                  .dependencies.map { |x| x.name.to_s }
-
-      all_deps - top_level
-    end
-
-    def unlock_gem(definition:, gem_name:)
-      dep = definition.dependencies.find { |d| d.name == gem_name }
-      version = definition.locked_gems.specs
-                          .find { |d| d.name == gem_name }.version
-
-      dep&.instance_variable_set(
-        :@requirement,
-        Gem::Requirement.create(">= #{version}")
-      )
-    end
-  end
-end

data/helpers/v1/lib/functions/lockfile_updater.rb

@@ -1,218 +0,0 @@
-# typed: true
-# frozen_string_literal: true
-
-require "fileutils"
-
-module Functions
-  class LockfileUpdater
-    RETRYABLE_ERRORS = [Bundler::HTTPError].freeze
-    GEM_NOT_FOUND_ERROR_REGEX =
-      /
-        locked\sto\s(?<name>[^\s]+)\s\(|
-        not\sfind\s(?<name>[^\s]+)-\d|
-        has\s(?<name>[^\s]+)\slocked\sat
-      /x
-
-    def initialize(gemfile_name:, lockfile_name:, dependencies:)
-      @gemfile_name = gemfile_name
-      @lockfile_name = lockfile_name
-      @dependencies = dependencies
-    end
-
-    def run
-      generate_lockfile
-    end
-
-    private
-
-    attr_reader :gemfile_name
-    attr_reader :lockfile_name
-    attr_reader :dependencies
-
-    def generate_lockfile # rubocop:disable Metrics/PerceivedComplexity
-      dependencies_to_unlock = dependencies.map { |d| d.fetch("name") }
-
-      begin
-        definition = build_definition(dependencies_to_unlock)
-
-        old_reqs = lock_deps_being_updated_to_exact_versions(definition)
-
-        definition.resolve_remotely!
-
-        old_reqs.each do |dep_name, old_req|
-          d_dep = definition.dependencies.find { |d| d.name == dep_name }
-          if old_req == :none then definition.dependencies.delete(d_dep)
-          else
-            d_dep.instance_variable_set(:@requirement, old_req)
-          end
-        end
-
-        cache_vendored_gems(definition) if Bundler.app_cache.exist?
-
-        definition.to_lock
-      rescue Bundler::GemNotFound => e
-        unlock_yanked_gem(dependencies_to_unlock, e) && retry
-      rescue Bundler::VersionConflict => e
-        unlock_blocking_subdeps(dependencies_to_unlock, e) && retry
-      rescue *RETRYABLE_ERRORS
-        raise if @retrying
-
-        @retrying = true
-        sleep(rand(1.0..5.0))
-        retry
-      end
-    end
-
-    def cache_vendored_gems(definition)
-      # Dependencies that have been unlocked for the update (including
-      # sub-dependencies)
-      unlocked_gems = definition.instance_variable_get(:@unlock)
-                                .fetch(:gems)
-      bundler_opts = {
-        cache_all: true,
-        cache_all_platforms: true,
-        no_prune: true
-      }
-
-      Bundler.settings.temporary(**bundler_opts) do
-        # Fetch and cache gems on all platforms without pruning
-        Bundler::Runtime.new(nil, definition).cache
-
-        # Only prune unlocked gems (the original implementation is in
-        # Bundler::Runtime)
-        cache_path = Bundler.app_cache
-        resolve = definition.resolve
-        prune_gem_cache(resolve, cache_path, unlocked_gems)
-        prune_git_and_path_cache(resolve, cache_path)
-      end
-    end
-
-    # Copied from Bundler::Runtime: Modified to only prune gems that have
-    # been unlocked
-    def prune_gem_cache(resolve, cache_path, unlocked_gems)
-      cached_gems = Dir["#{cache_path}/*.gem"]
-
-      outdated_gems = cached_gems.reject do |path|
-        spec = Bundler.rubygems.spec_from_gem path
-
-        !unlocked_gems.include?(spec.name) || resolve.any? do |s|
-          s.name == spec.name && s.version == spec.version &&
-            !s.source.is_a?(Bundler::Source::Git)
-        end
-      end
-
-      return unless outdated_gems.any?
-
-      outdated_gems.each do |path|
-        File.delete(path)
-      end
-    end
-
-    # Copied from Bundler::Runtime
-    def prune_git_and_path_cache(resolve, cache_path)
-      cached_git_and_path = Dir["#{cache_path}/*/.bundlecache"]
-
-      outdated_git_and_path = cached_git_and_path.reject do |path|
-        name = File.basename(File.dirname(path))
-
-        resolve.any? do |s|
-          s.source.respond_to?(:app_cache_dirname) &&
-            s.source.app_cache_dirname == name
-        end
-      end
-
-      return unless outdated_git_and_path.any?
-
-      outdated_git_and_path.each do |path|
-        path = File.dirname(path)
-        FileUtils.rm_rf(path)
-      end
-    end
-
-    def unlock_yanked_gem(dependencies_to_unlock, error)
-      raise unless error.message.match?(GEM_NOT_FOUND_ERROR_REGEX)
-
-      gem_name = error.message.match(GEM_NOT_FOUND_ERROR_REGEX)
-                      .named_captures["name"]
-      raise if dependencies_to_unlock.include?(gem_name)
-
-      dependencies_to_unlock << gem_name
-    end
-
-    def unlock_blocking_subdeps(dependencies_to_unlock, error)
-      all_deps =  Bundler::LockfileParser.new(lockfile)
-                                         .specs.map { |x| x.name.to_s }
-      top_level = build_definition([]).dependencies
-                                      .map { |x| x.name.to_s }
-      allowed_new_unlocks = all_deps - top_level - dependencies_to_unlock
-
-      raise if allowed_new_unlocks.none?
-
-      # Unlock any sub-dependencies that Bundler reports caused the
-      # conflict
-      potentials_deps =
-        error.cause.conflicts.values
-             .flat_map(&:requirement_trees)
-             .filter_map do |tree|
-          tree.find { |req| allowed_new_unlocks.include?(req.name) }
-        end.map(&:name)
-
-      # If there are specific dependencies we can unlock, unlock them
-      return dependencies_to_unlock.append(*potentials_deps) if potentials_deps.any?
-
-      # Fall back to unlocking *all* sub-dependencies. This is required
-      # because Bundler's VersionConflict objects don't include enough
-      # information to chart the full path through all conflicts unwound
-      dependencies_to_unlock.append(*allowed_new_unlocks)
-    end
-
-    def build_definition(dependencies_to_unlock)
-      defn = Bundler::Definition.build(
-        gemfile_name,
-        lockfile_name,
-        gems: dependencies_to_unlock
-      )
-
-      # Bundler unlocks the sub-dependencies of gems it is passed even
-      # if those sub-deps are top-level dependencies. We only want true
-      # subdeps unlocked, like they were in the UpdateChecker, so we
-      # mutate the unlocked gems array.
-      unlocked = defn.instance_variable_get(:@unlock).fetch(:gems)
-      must_not_unlock = defn.dependencies.map { |x| x.name.to_s } -
-                        dependencies_to_unlock
-      unlocked.reject! { |n| must_not_unlock.include?(n) }
-
-      defn
-    end
-
-    def lock_deps_being_updated_to_exact_versions(definition)
-      dependencies.each_with_object({}) do |dep, old_reqs|
-        defn_dep = definition.dependencies.find do |d|
-          d.name == dep.fetch("name")
-        end
-
-        if defn_dep.nil?
-          definition.dependencies <<
-            Bundler::Dependency.new(dep.fetch("name"), dep.fetch("version"))
-          old_reqs[dep.fetch("name")] = :none
-        elsif git_dependency?(dep) &&
-              defn_dep.source.is_a?(Bundler::Source::Git)
-          defn_dep.source.unlock!
-        elsif Gem::Version.correct?(dep.fetch("version"))
-          new_req = Gem::Requirement.create("= #{dep.fetch('version')}")
-          old_reqs[dep.fetch("name")] = defn_dep.requirement
-          defn_dep.instance_variable_set(:@requirement, new_req)
-        end
-      end
-    end
-
-    def git_dependency?(dep)
-      sources = dep.fetch("requirements").map { |r| r.fetch("source") }
-      sources.all? { |s| s&.fetch("type", nil) == "git" }
-    end
-
-    def lockfile
-      @lockfile ||= File.read(lockfile_name)
-    end
-  end
-end

data/helpers/v1/lib/functions/version_resolver.rb

@@ -1,141 +0,0 @@
-# typed: true
-# frozen_string_literal: true
-
-module Functions
-  class VersionResolver
-    GEM_NOT_FOUND_ERROR_REGEX = /locked to (?<name>[^\s]+) \(/
-
-    attr_reader :dependency_name
-    attr_reader :dependency_requirements
-    attr_reader :gemfile_name
-    attr_reader :lockfile_name
-
-    def initialize(dependency_name:, dependency_requirements:,
-                   gemfile_name:, lockfile_name:)
-      @dependency_name = dependency_name
-      @dependency_requirements = dependency_requirements
-      @gemfile_name = gemfile_name
-      @lockfile_name = lockfile_name
-    end
-
-    def version_details
-      dep = dependency_from_definition
-
-      # If the dependency wasn't found in the definition, but *is*
-      # included in a gemspec, it's because the Gemfile didn't import
-      # the gemspec. This is unusual, but the correct behaviour if/when
-      # it happens is to behave as if the repo was gemspec-only.
-      return "latest" if dep.nil? && dependency_requirements.any?
-
-      # Otherwise, if the dependency wasn't found it's because it is a
-      # subdependency that was removed when attempting to update it.
-      return nil if dep.nil?
-
-      # If the dependency is Bundler itself then we can't trust the
-      # version that has been returned (it's the version Dependabot is
-      # running on, rather than the true latest resolvable version).
-      return nil if dep.name == "bundler"
-
-      details = {
-        version: dep.version,
-        ruby_version: ruby_version,
-        fetcher: fetcher_class(dep)
-      }
-      details[:commit_sha] = dep.source.revision if dep.source.instance_of?(::Bundler::Source::Git)
-      details
-    end
-
-    private
-
-    # rubocop:disable Metrics/PerceivedComplexity
-    def dependency_from_definition(unlock_subdependencies: true)
-      dependencies_to_unlock = [dependency_name]
-      dependencies_to_unlock += subdependencies if unlock_subdependencies
-      begin
-        definition = build_definition(dependencies_to_unlock)
-        definition.resolve_remotely!
-      rescue ::Bundler::GemNotFound => e
-        unlock_yanked_gem(dependencies_to_unlock, e) && retry
-      rescue ::Bundler::HTTPError => e
-        # Retry network errors
-        # Note: in_a_native_bundler_context will also retry `Bundler::HTTPError` errors
-        # up to three times meaning we'll end up retrying this error up to six times
-        # TODO: Could we get rid of this retry logic and only rely on
-        # SharedBundlerHelpers.in_a_native_bundler_context
-        attempt ||= 1
-        attempt += 1
-        raise if attempt > 3 || !e.message.include?("Network error")
-
-        retry
-      end
-
-      dep = definition.resolve.find { |d| d.name == dependency_name }
-      return dep if dep
-      return if dependency_requirements.any? || !unlock_subdependencies
-
-      # If no definition was found and we're updating a sub-dependency,
-      # try again but without unlocking any other sub-dependencies
-      dependency_from_definition(unlock_subdependencies: false)
-    end
-    # rubocop:enable Metrics/PerceivedComplexity
-
-    def subdependencies
-      # If there's no lockfile we don't need to worry about
-      # subdependencies
-      return [] unless lockfile
-
-      all_deps =  ::Bundler::LockfileParser.new(lockfile)
-                                           .specs.map { |x| x.name.to_s }.uniq
-      top_level = build_definition([]).dependencies
-                                      .map { |x| x.name.to_s }
-
-      all_deps - top_level
-    end
-
-    def build_definition(dependencies_to_unlock)
-      # NOTE: we lock shared dependencies to avoid any top-level
-      # dependencies getting unlocked (which would happen if they were
-      # also subdependencies of the dependency being unlocked)
-      ::Bundler::Definition.build(
-        gemfile_name,
-        lockfile_name,
-        gems: dependencies_to_unlock,
-        lock_shared_dependencies: true
-      )
-    end
-
-    def unlock_yanked_gem(dependencies_to_unlock, error)
-      raise unless error.message.match?(GEM_NOT_FOUND_ERROR_REGEX)
-
-      gem_name = error.message.match(GEM_NOT_FOUND_ERROR_REGEX)
-                      .named_captures["name"]
-      raise if dependencies_to_unlock.include?(gem_name)
-
-      dependencies_to_unlock << gem_name
-    end
-
-    def lockfile
-      return @lockfile if defined?(@lockfile)
-
-      @lockfile =
-        begin
-          return unless lockfile_name
-          return unless File.exist?(lockfile_name)
-
-          File.read(lockfile_name)
-        end
-    end
-
-    def fetcher_class(dep)
-      return unless dep.source.is_a?(::Bundler::Source::Rubygems)
-
-      dep.source.fetchers.first.fetchers.first.class.to_s
-    end
-
-    def ruby_version
-      return nil unless gemfile_name
-
-      @ruby_version ||= build_definition([]).ruby_version&.gem_version
-    end
-  end
-end

data/helpers/v1/lib/functions.rb

@@ -1,172 +0,0 @@
-# typed: true
-# frozen_string_literal: true
-
-require "functions/file_parser"
-require "functions/force_updater"
-require "functions/lockfile_updater"
-require "functions/dependency_source"
-require "functions/version_resolver"
-require "functions/conflicting_dependency_resolver"
-
-module Functions
-  def self.parsed_gemfile(**args)
-    set_bundler_flags_and_credentials(dir: args.fetch(:dir), credentials: [])
-    FileParser.new(lockfile_name: args.fetch(:lockfile_name))
-              .parsed_gemfile(gemfile_name: args.fetch(:gemfile_name))
-  end
-
-  def self.parsed_gemspec(**args)
-    set_bundler_flags_and_credentials(dir: args.fetch(:dir), credentials: [])
-    FileParser.new(lockfile_name: args.fetch(:lockfile_name))
-              .parsed_gemspec(gemspec_name: args.fetch(:gemspec_name))
-  end
-
-  def self.vendor_cache_dir(**args)
-    set_bundler_flags_and_credentials(dir: args.fetch(:dir), credentials: [])
-    Bundler.settings.app_cache_path
-  end
-
-  def self.update_lockfile(**args)
-    set_bundler_flags_and_credentials(dir: args.fetch(:dir), credentials: args.fetch(:credentials))
-    LockfileUpdater.new(
-      gemfile_name: args.fetch(:gemfile_name),
-      lockfile_name: args.fetch(:lockfile_name),
-      dependencies: args.fetch(:dependencies)
-    ).run
-  end
-
-  def self.force_update(**args)
-    set_bundler_flags_and_credentials(dir: args.fetch(:dir), credentials: args.fetch(:credentials))
-    ForceUpdater.new(
-      dependency_name: args.fetch(:dependency_name),
-      target_version: args.fetch(:target_version),
-      gemfile_name: args.fetch(:gemfile_name),
-      lockfile_name: args.fetch(:lockfile_name),
-      update_multiple_dependencies: args.fetch(:update_multiple_dependencies)
-    ).run
-  end
-
-  def self.dependency_source_type(**args)
-    set_bundler_flags_and_credentials(dir: args.fetch(:dir), credentials: args.fetch(:credentials))
-
-    DependencySource.new(
-      gemfile_name: args.fetch(:gemfile_name),
-      dependency_name: args.fetch(:dependency_name)
-    ).type
-  end
-
-  def self.dependency_source_latest_git_version(**args)
-    set_bundler_flags_and_credentials(dir: args.fetch(:dir), credentials: args.fetch(:credentials))
-    DependencySource.new(
-      gemfile_name: args.fetch(:gemfile_name),
-      dependency_name: args.fetch(:dependency_name)
-    ).latest_git_version(
-      dependency_source_url: args.fetch(:dependency_source_url),
-      dependency_source_branch: args.fetch(:dependency_source_branch)
-    )
-  end
-
-  def self.private_registry_versions(**args)
-    set_bundler_flags_and_credentials(dir: args.fetch(:dir), credentials: args.fetch(:credentials))
-
-    DependencySource.new(
-      gemfile_name: args.fetch(:gemfile_name),
-      dependency_name: args.fetch(:dependency_name)
-    ).private_registry_versions
-  end
-
-  def self.resolve_version(**args)
-    set_bundler_flags_and_credentials(dir: args.fetch(:dir), credentials: args.fetch(:credentials))
-    VersionResolver.new(
-      dependency_name: args.fetch(:dependency_name),
-      dependency_requirements: args.fetch(:dependency_requirements),
-      gemfile_name: args.fetch(:gemfile_name),
-      lockfile_name: args.fetch(:lockfile_name)
-    ).version_details
-  end
-
-  def self.jfrog_source(**args)
-    # Set flags and credentials
-    set_bundler_flags_and_credentials(dir: args.fetch(:dir), credentials: args.fetch(:credentials))
-
-    Bundler::Definition.build(args.fetch(:gemfile_name), nil, {})
-                       .send(:sources)
-                       .rubygems_remotes
-                       .find { |uri| uri.host.include?("jfrog") }
-                       &.host
-  end
-
-  def self.git_specs(**args)
-    set_bundler_flags_and_credentials(dir: args.fetch(:dir), credentials: args.fetch(:credentials))
-
-    git_specs = Bundler::Definition.build(args.fetch(:gemfile_name), nil, {}).dependencies
-                                   .select do |spec|
-      spec.source.is_a?(Bundler::Source::Git)
-    end
-    git_specs.map do |spec|
-      # Piggy-back off some private Bundler methods to configure the
-      # URI with auth details in the same way Bundler does.
-      git_proxy = spec.source.send(:git_proxy)
-      auth_uri = spec.source.uri.gsub("git://", "https://")
-      auth_uri = git_proxy.send(:configured_uri_for, auth_uri)
-      auth_uri += ".git" unless auth_uri.end_with?(".git")
-      auth_uri += "/info/refs?service=git-upload-pack"
-      {
-        uri: spec.source.uri,
-        auth_uri: auth_uri
-      }
-    end
-  end
-
-  def self.conflicting_dependencies(**args)
-    set_bundler_flags_and_credentials(dir: args.fetch(:dir), credentials: args.fetch(:credentials))
-    ConflictingDependencyResolver.new(
-      dependency_name: args.fetch(:dependency_name),
-      target_version: args.fetch(:target_version),
-      lockfile_name: args.fetch(:lockfile_name)
-    ).conflicting_dependencies
-  end
-
-  def self.set_bundler_flags_and_credentials(dir:, credentials:)
-    dir = Pathname.new(dir) if dir
-    Bundler.instance_variable_set(:@root, dir)
-
-    # Remove installed gems from the default Rubygems index
-    Gem::Specification.all =
-      Gem::Specification.send(:default_stubs, "*.gemspec")
-
-    # Set auth details
-    relevant_credentials(credentials).each do |cred|
-      token = cred["token"] ||
-              "#{cred['username']}:#{cred['password']}"
-
-      Bundler.settings.set_command_option(
-        cred.fetch("host"),
-        token.gsub("@", "%40F").gsub("?", "%3F")
-      )
-    end
-
-    # Use HTTPS for GitHub if lockfile
-    Bundler.settings.set_command_option("github.https", "true")
-
-    # Native helpers rely on dependency unlocking, so Bundler should never be frozen
-    Bundler.settings.set_command_option("frozen", "false")
-  end
-
-  def self.relevant_credentials(credentials)
-    [
-      *git_source_credentials(credentials),
-      *private_registry_credentials(credentials)
-    ].select { |cred| cred["password"] || cred["token"] }
-  end
-
-  def self.private_registry_credentials(credentials)
-    credentials
-      .select { |cred| cred["type"] == "rubygems_server" }
-  end
-
-  def self.git_source_credentials(credentials)
-    credentials
-      .select { |cred| cred["type"] == "git_source" }
-  end
-end