dependabot-common 0.111.1 → 0.111.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/dependency_file.rb +13 -3
  3. data/lib/dependabot/file_fetchers/base.rb +4 -1
  4. data/lib/dependabot/metadata_finders/base/changelog_finder.rb +8 -2
  5. data/lib/dependabot/metadata_finders/base/changelog_pruner.rb +4 -0
  6. data/lib/dependabot/pull_request_creator/github.rb +1 -1
  7. data/lib/dependabot/pull_request_creator/gitlab.rb +13 -5
  8. data/lib/dependabot/pull_request_updater/github.rb +2 -2
  9. data/lib/dependabot/version.rb +1 -1
  10. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 5532abd75ca995f2f4815c6765e4a55ef067cd131722582a3d57917860680b7e
4
- data.tar.gz: 73c9de0fe2e5c26bf37e804584dd8f417b5f7c5548566235a335b0b64f967172
3
+ metadata.gz: 35b217009843be8eabe9ef89659ed34b10a10ede90b7fd5ee6805df4088773d5
4
+ data.tar.gz: af229198761bdfde61e9f2cdb3dff967c0923aa0f3d60731288410ccb69c176a
5
5
  SHA512:
6
- metadata.gz: 5275808780651bda3c209f9d755d9a2ce8eb4f6d1e3d0df3f549005c1f97881242b92491496a634943843d3261e81f4eff916e08033d7f924eb45654a272906d
7
- data.tar.gz: 6a0c1d64fe75cb7686469a14c81703182d941d5a95277da880e50b3effee808bb84bd99b9dd686ecbc2d3c0f2e3a0fb1589a367dabea42c41f79e301fb2e67c0
6
+ metadata.gz: ad0096f35e338d18c597c41f5db959ecbe34dfc66926e7f78a6394685129b34944c9c1514271eb04744d23b5411a97ceacf859193e7a3cdb82c6743fc5fe22f2
7
+ data.tar.gz: aa9c3b759369886280f9cc6c91d128897b47f1110d361e13ea3aa3817b3553fe5966e8a862734a4326a99fd61e3788cc90b69a86ce054a0a654a2f3f5d20f9b5
data/lib/dependabot/dependency_file.rb CHANGED
@@ -4,13 +4,15 @@ require "pathname"
4
4
 
5
5
  module Dependabot
6
6
  class DependencyFile
7
- attr_accessor :name, :content, :directory, :type, :support_file
7
+ attr_accessor :name, :content, :directory, :type, :support_file,
8
+ :symlink_target
8
9
 
9
10
  def initialize(name:, content:, directory: "/", type: "file",
10
- support_file: false)
11
+ support_file: false, symlink_target: nil)
11
12
  @name = name
12
13
  @content = content
13
14
  @directory = clean_directory(directory)
15
+ @symlink_target = symlink_target
14
16
  @support_file = support_file
15
17
 
16
18
  # Type is used *very* sparingly. It lets the git_modules updater know that
@@ -19,16 +21,24 @@ module Dependabot
19
21
  # New use cases should be avoided if at all possible (and use the
20
22
  # support_file flag instead)
21
23
  @type = type
24
+
25
+ return unless (type == "symlink") ^ symlink_target
26
+
27
+ raise "Symlinks must specify a target!" unless symlink_target
28
+ raise "Only symlinked files must specify a target!" if symlink_target
22
29
  end
23
30
 
24
31
  def to_h
25
- {
32
+ details = {
26
33
  "name" => name,
27
34
  "content" => content,
28
35
  "directory" => directory,
29
36
  "type" => type,
30
37
  "support_file" => support_file
31
38
  }
39
+
40
+ details["symlink_target"] = symlink_target if symlink_target
41
+ details
32
42
  end
33
43
 
34
44
  def path
data/lib/dependabot/file_fetchers/base.rb CHANGED
@@ -83,12 +83,14 @@ module Dependabot
83
83
 
84
84
  def fetch_file_from_host(filename, type: "file", fetch_submodules: false)
85
85
  path = Pathname.new(File.join(directory, filename)).cleanpath.to_path
86
+ content = _fetch_file_content(path, fetch_submodules: fetch_submodules)
87
+ type = @linked_paths.key?(path) ? "symlink" : type
86
88
 
87
89
  DependencyFile.new(
88
90
  name: Pathname.new(filename).cleanpath.to_path,
89
91
  directory: directory,
90
92
  type: type,
91
- content: _fetch_file_content(path, fetch_submodules: fetch_submodules)
93
+ content: content
92
94
  )
93
95
  rescue *CLIENT_NOT_FOUND_ERRORS
94
96
  raise Dependabot::DependencyFileNotFound, path
@@ -327,6 +329,7 @@ module Dependabot
327
329
  raise Octokit::NotFound if tmp.is_a?(Array)
328
330
 
329
331
  if tmp.type == "symlink"
332
+ @linked_paths[path] = tmp.target
330
333
  tmp = github_client.contents(
331
334
  repo,
332
335
  path: tmp.target,
data/lib/dependabot/metadata_finders/base/changelog_finder.rb CHANGED
@@ -137,16 +137,22 @@ module Dependabot
137
137
  reject { |f| f.size > 1_000_000 }.
138
138
  reject { |f| f.size < 100 }
139
139
 
140
+ select_best_changelog(files)
141
+ end
142
+
143
+ def select_best_changelog(files)
140
144
  CHANGELOG_NAMES.each do |name|
141
145
  candidates = files.select { |f| f.name =~ /#{name}/i }
142
146
  file = candidates.first if candidates.one?
143
147
  file ||=
144
148
  candidates.find do |f|
145
149
  candidates -= [f] && next if fetch_file_text(f).nil?
146
- ChangelogPruner.new(
150
+ pruner = ChangelogPruner.new(
147
151
  dependency: dependency,
148
152
  changelog_text: fetch_file_text(f)
149
- ).includes_new_version?
153
+ )
154
+ pruner.includes_new_version? ||
155
+ pruner.includes_previous_version?
150
156
  end
151
157
  file ||= candidates.max_by(&:size)
152
158
  return file if file
data/lib/dependabot/metadata_finders/base/changelog_pruner.rb CHANGED
@@ -17,6 +17,10 @@ module Dependabot
17
17
  !new_version_changelog_line.nil?
18
18
  end
19
19
 
20
+ def includes_previous_version?
21
+ !old_version_changelog_line.nil?
22
+ end
23
+
20
24
  # rubocop:disable Metrics/PerceivedComplexity
21
25
  # rubocop:disable Metrics/CyclomaticComplexity
22
26
  def pruned_text
data/lib/dependabot/pull_request_creator/github.rb CHANGED
@@ -149,7 +149,7 @@ module Dependabot
149
149
  }
150
150
  else
151
151
  {
152
- path: file.path.sub(%r{^/}, ""),
152
+ path: (file.symlink_target || file.path).sub(%r{^/}, ""),
153
153
  mode: "100644",
154
154
  type: "blob",
155
155
  content: file.content
data/lib/dependabot/pull_request_creator/gitlab.rb CHANGED
@@ -97,11 +97,19 @@ module Dependabot
97
97
  end
98
98
 
99
99
  actions = files.map do |file|
100
- {
101
- action: "update",
102
- file_path: file.path,
103
- content: file.content
104
- }
100
+ if file.type == "symlink"
101
+ {
102
+ action: "update",
103
+ file_path: file.symlink_target,
104
+ content: file.content
105
+ }
106
+ else
107
+ {
108
+ action: "update",
109
+ file_path: file.path,
110
+ content: file.content
111
+ }
112
+ end
105
113
  end
106
114
 
107
115
  gitlab_client_for_source.create_commit(
data/lib/dependabot/pull_request_updater/github.rb CHANGED
@@ -124,9 +124,9 @@ module Dependabot
124
124
 
125
125
  def create_tree
126
126
  file_trees = files.map do |file|
127
- if file.type == "file"
127
+ if %w(file symlink).include?(file.type)
128
128
  {
129
- path: file.path.sub(%r{^/}, ""),
129
+ path: (file.symlink_target || file.path).sub(%r{^/}, ""),
130
130
  mode: "100644",
131
131
  type: "blob",
132
132
  content: file.content
data/lib/dependabot/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Dependabot
4
- VERSION = "0.111.1"
4
+ VERSION = "0.111.2"
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.111.1
4
+ version: 0.111.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-07-07 00:00:00.000000000 Z
11
+ date: 2019-07-08 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-ecr