dependabot-bundler 0.112.19 → 0.112.20
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f606162773138c8e9eb453a392a6c7b50805a4934fff477434489e8c9d6f4ffc
|
4
|
+
data.tar.gz: 03cf1dd48d07b30da272e3abadbb08e3a043fc2e924751d157c342baf3e5aca6
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: daae91565ef2d5fdfb92b98e632d56dd3628514456181dedc9cce0385d096a02732e19c645173140cb9a8187f52526da67a676d6397f7d7abd43f94b466aac52
|
7
|
+
data.tar.gz: 3b68a388ab4686a17cd399936e5cf03159678ee3177a8d9bd7374b38a6965d82f48acc8742ba20855ca9a37bdffefd961ee44001509c3f74159db0f3d325d5f2
|
@@ -80,16 +80,8 @@ module Dependabot
|
|
80
80
|
::Gem::Specification.all =
|
81
81
|
::Gem::Specification.send(:default_stubs, "*.gemspec")
|
82
82
|
|
83
|
-
# Set
|
84
|
-
|
85
|
-
token = cred["token"] ||
|
86
|
-
"#{cred['username']}:#{cred['password']}"
|
87
|
-
|
88
|
-
::Bundler.settings.set_command_option(
|
89
|
-
cred.fetch("host"),
|
90
|
-
token.gsub("@", "%40F").gsub("?", "%3F")
|
91
|
-
)
|
92
|
-
end
|
83
|
+
# Set flags and credentials
|
84
|
+
set_bundler_flags_and_credentials
|
93
85
|
|
94
86
|
generate_lockfile
|
95
87
|
end
|
@@ -422,12 +414,39 @@ module Dependabot
|
|
422
414
|
dependency_files.select { |f| f.name.end_with?(".specification") }
|
423
415
|
end
|
424
416
|
|
417
|
+
def set_bundler_flags_and_credentials
|
418
|
+
# Set auth details
|
419
|
+
relevant_credentials.each do |cred|
|
420
|
+
token = cred["token"] ||
|
421
|
+
"#{cred['username']}:#{cred['password']}"
|
422
|
+
|
423
|
+
::Bundler.settings.set_command_option(
|
424
|
+
cred.fetch("host"),
|
425
|
+
token.gsub("@", "%40F").gsub("?", "%3F")
|
426
|
+
)
|
427
|
+
end
|
428
|
+
|
429
|
+
# Use HTTPS for GitHub if lockfile was generated by Bundler 2
|
430
|
+
set_bundler_2_flags if using_bundler_2?
|
431
|
+
end
|
432
|
+
|
433
|
+
def set_bundler_2_flags
|
434
|
+
::Bundler.settings.set_command_option("forget_cli_options", "true")
|
435
|
+
::Bundler.settings.set_command_option("github.https", "true")
|
436
|
+
end
|
437
|
+
|
425
438
|
def git_dependency?(dep)
|
426
439
|
GitCommitChecker.new(
|
427
440
|
dependency: dep,
|
428
441
|
credentials: credentials
|
429
442
|
).git_dependency?
|
430
443
|
end
|
444
|
+
|
445
|
+
def using_bundler_2?
|
446
|
+
return unless lockfile
|
447
|
+
|
448
|
+
lockfile.content.match?(/BUNDLED WITH\s+2/m)
|
449
|
+
end
|
431
450
|
end
|
432
451
|
end
|
433
452
|
end
|
@@ -82,23 +82,8 @@ module Dependabot
|
|
82
82
|
::Gem::Specification.all =
|
83
83
|
::Gem::Specification.send(:default_stubs, "*.gemspec")
|
84
84
|
|
85
|
-
# Set
|
86
|
-
|
87
|
-
token = cred["token"] ||
|
88
|
-
"#{cred['username']}:#{cred['password']}"
|
89
|
-
|
90
|
-
::Bundler.settings.set_command_option(
|
91
|
-
cred.fetch("host"),
|
92
|
-
token.gsub("@", "%40F").gsub("?", "%3F")
|
93
|
-
)
|
94
|
-
end
|
95
|
-
|
96
|
-
# Only allow upgrades. Othewise it's unlikely that this
|
97
|
-
# resolution will be found by the FileUpdater
|
98
|
-
::Bundler.settings.set_command_option(
|
99
|
-
"only_update_to_newer_versions",
|
100
|
-
true
|
101
|
-
)
|
85
|
+
# Set flags and credentials
|
86
|
+
set_bundler_flags_and_credentials
|
102
87
|
|
103
88
|
yield
|
104
89
|
end
|
@@ -279,6 +264,34 @@ module Dependabot
|
|
279
264
|
File.write(lockfile.name, sanitized_lockfile_body) if lockfile
|
280
265
|
end
|
281
266
|
|
267
|
+
def set_bundler_flags_and_credentials
|
268
|
+
# Set auth details
|
269
|
+
relevant_credentials.each do |cred|
|
270
|
+
token = cred["token"] ||
|
271
|
+
"#{cred['username']}:#{cred['password']}"
|
272
|
+
|
273
|
+
::Bundler.settings.set_command_option(
|
274
|
+
cred.fetch("host"),
|
275
|
+
token.gsub("@", "%40F").gsub("?", "%3F")
|
276
|
+
)
|
277
|
+
end
|
278
|
+
|
279
|
+
# Only allow upgrades. Othewise it's unlikely that this
|
280
|
+
# resolution will be found by the FileUpdater
|
281
|
+
::Bundler.settings.set_command_option(
|
282
|
+
"only_update_to_newer_versions",
|
283
|
+
true
|
284
|
+
)
|
285
|
+
|
286
|
+
# Use HTTPS for GitHub if lockfile was generated by Bundler 2
|
287
|
+
set_bundler_2_flags if using_bundler_2?
|
288
|
+
end
|
289
|
+
|
290
|
+
def set_bundler_2_flags
|
291
|
+
::Bundler.settings.set_command_option("forget_cli_options", "true")
|
292
|
+
::Bundler.settings.set_command_option("github.https", "true")
|
293
|
+
end
|
294
|
+
|
282
295
|
def relevant_credentials
|
283
296
|
credentials.
|
284
297
|
select { |cred| cred["password"] || cred["token"] }.
|
@@ -289,6 +302,12 @@ module Dependabot
|
|
289
302
|
false
|
290
303
|
end
|
291
304
|
end
|
305
|
+
|
306
|
+
def using_bundler_2?
|
307
|
+
return unless lockfile
|
308
|
+
|
309
|
+
lockfile.content.match?(/BUNDLED WITH\s+2/m)
|
310
|
+
end
|
292
311
|
end
|
293
312
|
end
|
294
313
|
end
|
@@ -47,16 +47,8 @@ module Dependabot
|
|
47
47
|
::Gem::Specification.all =
|
48
48
|
::Gem::Specification.send(:default_stubs, "*.gemspec")
|
49
49
|
|
50
|
-
# Set
|
51
|
-
|
52
|
-
token = cred["token"] ||
|
53
|
-
"#{cred['username']}:#{cred['password']}"
|
54
|
-
|
55
|
-
::Bundler.settings.set_command_option(
|
56
|
-
cred.fetch("host"),
|
57
|
-
token.gsub("@", "%40F").gsub("?", "%3F")
|
58
|
-
)
|
59
|
-
end
|
50
|
+
# Set flags and credentials
|
51
|
+
set_bundler_flags_and_credentials
|
60
52
|
|
61
53
|
yield
|
62
54
|
end
|
@@ -221,6 +213,27 @@ module Dependabot
|
|
221
213
|
File.write(lockfile.name, sanitized_lockfile_body) if lockfile
|
222
214
|
end
|
223
215
|
|
216
|
+
def set_bundler_flags_and_credentials
|
217
|
+
# Set auth details
|
218
|
+
relevant_credentials.each do |cred|
|
219
|
+
token = cred["token"] ||
|
220
|
+
"#{cred['username']}:#{cred['password']}"
|
221
|
+
|
222
|
+
::Bundler.settings.set_command_option(
|
223
|
+
cred.fetch("host"),
|
224
|
+
token.gsub("@", "%40F").gsub("?", "%3F")
|
225
|
+
)
|
226
|
+
end
|
227
|
+
|
228
|
+
# Use HTTPS for GitHub if lockfile was generated by Bundler 2
|
229
|
+
set_bundler_2_flags if using_bundler_2?
|
230
|
+
end
|
231
|
+
|
232
|
+
def set_bundler_2_flags
|
233
|
+
::Bundler.settings.set_command_option("forget_cli_options", "true")
|
234
|
+
::Bundler.settings.set_command_option("github.https", "true")
|
235
|
+
end
|
236
|
+
|
224
237
|
def relevant_credentials
|
225
238
|
[
|
226
239
|
*git_source_credentials,
|
@@ -253,6 +266,12 @@ module Dependabot
|
|
253
266
|
re = FileUpdater::LockfileUpdater::LOCKFILE_ENDING
|
254
267
|
lockfile.content.gsub(re, "")
|
255
268
|
end
|
269
|
+
|
270
|
+
def using_bundler_2?
|
271
|
+
return unless lockfile
|
272
|
+
|
273
|
+
lockfile.content.match?(/BUNDLED WITH\s+2/m)
|
274
|
+
end
|
256
275
|
end
|
257
276
|
end
|
258
277
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-bundler
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.112.
|
4
|
+
version: 0.112.20
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.112.
|
19
|
+
version: 0.112.20
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.112.
|
26
|
+
version: 0.112.20
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: byebug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|