dependabot-common 0.118.11 → 0.118.16
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/dependency_file.rb +21 -3
- data/lib/dependabot/file_fetchers/base.rb +4 -0
- data/lib/dependabot/file_parsers/base.rb +4 -2
- data/lib/dependabot/file_updaters/base.rb +5 -2
- data/lib/dependabot/pull_request_creator/github.rb +15 -4
- data/lib/dependabot/pull_request_updater/github.rb +18 -9
- data/lib/dependabot/update_checkers/base.rb +6 -5
- data/lib/dependabot/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b4b213d9ba28b1b28d2b54f8839993546b4b6461f949df87dc803a2bbe979929
|
4
|
+
data.tar.gz: c2f3e3dad541c07fe606333d50269271cb55ac5cf47d457ba50611200c2d94dc
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 97cf295f272280ef1dfa3442f8029edf35f5b6f33e4dfcfd22ce25b44c1c9acdb2273a8ac037f54ad3b2c9410f6d8f8a15c703b390c0eb4f9d57c383da67ac85
|
7
|
+
data.tar.gz: 4b3379d899b4ab131f46f7b40561e62bb95c3f3041656c4ae68d8aeedf694e72e57eb5ca5dbcf9b5b48b82e3b9bef5cd6781cb93300ffdf4b46331bc89f75b7b
|
@@ -5,15 +5,23 @@ require "pathname"
|
|
5
5
|
module Dependabot
|
6
6
|
class DependencyFile
|
7
7
|
attr_accessor :name, :content, :directory, :type, :support_file,
|
8
|
-
:symlink_target
|
8
|
+
:symlink_target, :content_encoding, :deleted
|
9
|
+
|
10
|
+
class ContentEncoding
|
11
|
+
UTF_8 = "utf-8"
|
12
|
+
BASE64 = "base64"
|
13
|
+
end
|
9
14
|
|
10
15
|
def initialize(name:, content:, directory: "/", type: "file",
|
11
|
-
support_file: false, symlink_target: nil
|
16
|
+
support_file: false, symlink_target: nil,
|
17
|
+
content_encoding: ContentEncoding::UTF_8, deleted: false)
|
12
18
|
@name = name
|
13
19
|
@content = content
|
14
20
|
@directory = clean_directory(directory)
|
15
21
|
@symlink_target = symlink_target
|
16
22
|
@support_file = support_file
|
23
|
+
@content_encoding = content_encoding
|
24
|
+
@deleted = deleted
|
17
25
|
|
18
26
|
# Type is used *very* sparingly. It lets the git_modules updater know that
|
19
27
|
# a "file" is actually a submodule, and lets our Go updaters know which
|
@@ -34,7 +42,9 @@ module Dependabot
|
|
34
42
|
"content" => content,
|
35
43
|
"directory" => directory,
|
36
44
|
"type" => type,
|
37
|
-
"support_file" => support_file
|
45
|
+
"support_file" => support_file,
|
46
|
+
"content_encoding" => content_encoding,
|
47
|
+
"deleted" => deleted
|
38
48
|
}
|
39
49
|
|
40
50
|
details["symlink_target"] = symlink_target if symlink_target
|
@@ -65,6 +75,14 @@ module Dependabot
|
|
65
75
|
@support_file
|
66
76
|
end
|
67
77
|
|
78
|
+
def deleted?
|
79
|
+
@deleted
|
80
|
+
end
|
81
|
+
|
82
|
+
def binary?
|
83
|
+
content_encoding == ContentEncoding::BASE64
|
84
|
+
end
|
85
|
+
|
68
86
|
private
|
69
87
|
|
70
88
|
def clean_directory(directory)
|
@@ -3,10 +3,12 @@
|
|
3
3
|
module Dependabot
|
4
4
|
module FileParsers
|
5
5
|
class Base
|
6
|
-
attr_reader :dependency_files, :credentials, :source
|
6
|
+
attr_reader :dependency_files, :repo_contents_path, :credentials, :source
|
7
7
|
|
8
|
-
def initialize(dependency_files:, source:,
|
8
|
+
def initialize(dependency_files:, repo_contents_path: nil, source:,
|
9
|
+
credentials: [])
|
9
10
|
@dependency_files = dependency_files
|
11
|
+
@repo_contents_path = repo_contents_path
|
10
12
|
@credentials = credentials
|
11
13
|
@source = source
|
12
14
|
|
@@ -3,15 +3,18 @@
|
|
3
3
|
module Dependabot
|
4
4
|
module FileUpdaters
|
5
5
|
class Base
|
6
|
-
attr_reader :dependencies, :dependency_files, :
|
6
|
+
attr_reader :dependencies, :dependency_files, :repo_contents_path,
|
7
|
+
:credentials
|
7
8
|
|
8
9
|
def self.updated_files_regex
|
9
10
|
raise NotImplementedError
|
10
11
|
end
|
11
12
|
|
12
|
-
def initialize(dependencies:, dependency_files:,
|
13
|
+
def initialize(dependencies:, dependency_files:, repo_contents_path: nil,
|
14
|
+
credentials:)
|
13
15
|
@dependencies = dependencies
|
14
16
|
@dependency_files = dependency_files
|
17
|
+
@repo_contents_path = repo_contents_path
|
15
18
|
@credentials = credentials
|
16
19
|
|
17
20
|
check_required_files
|
@@ -170,12 +170,23 @@ module Dependabot
|
|
170
170
|
sha: file.content
|
171
171
|
}
|
172
172
|
else
|
173
|
+
content = if file.deleted?
|
174
|
+
{ sha: nil }
|
175
|
+
elsif file.binary?
|
176
|
+
sha = github_client_for_source.create_blob(
|
177
|
+
source.repo, file.content, "base64"
|
178
|
+
)
|
179
|
+
{ sha: sha }
|
180
|
+
else
|
181
|
+
{ content: file.content }
|
182
|
+
end
|
183
|
+
|
173
184
|
{
|
174
|
-
path: (file.symlink_target ||
|
185
|
+
path: (file.symlink_target ||
|
186
|
+
file.path).sub(%r{^/}, ""),
|
175
187
|
mode: "100644",
|
176
|
-
type: "blob"
|
177
|
-
|
178
|
-
}
|
188
|
+
type: "blob"
|
189
|
+
}.merge(content)
|
179
190
|
end
|
180
191
|
end
|
181
192
|
|
@@ -124,14 +124,7 @@ module Dependabot
|
|
124
124
|
|
125
125
|
def create_tree
|
126
126
|
file_trees = files.map do |file|
|
127
|
-
if
|
128
|
-
{
|
129
|
-
path: (file.symlink_target || file.path).sub(%r{^/}, ""),
|
130
|
-
mode: "100644",
|
131
|
-
type: "blob",
|
132
|
-
content: file.content
|
133
|
-
}
|
134
|
-
elsif file.type == "submodule"
|
127
|
+
if file.type == "submodule"
|
135
128
|
{
|
136
129
|
path: file.path.sub(%r{^/}, ""),
|
137
130
|
mode: "160000",
|
@@ -139,7 +132,23 @@ module Dependabot
|
|
139
132
|
sha: file.content
|
140
133
|
}
|
141
134
|
else
|
142
|
-
|
135
|
+
content = if file.deleted?
|
136
|
+
{ sha: nil }
|
137
|
+
elsif file.binary?
|
138
|
+
sha = github_client_for_source.create_blob(
|
139
|
+
source.repo, file.content, "base64"
|
140
|
+
)
|
141
|
+
{ sha: sha }
|
142
|
+
else
|
143
|
+
{ content: file.content }
|
144
|
+
end
|
145
|
+
|
146
|
+
{
|
147
|
+
path: (file.symlink_target ||
|
148
|
+
file.path).sub(%r{^/}, ""),
|
149
|
+
mode: "100644",
|
150
|
+
type: "blob"
|
151
|
+
}.merge(content)
|
143
152
|
end
|
144
153
|
end
|
145
154
|
|
@@ -7,16 +7,17 @@ require "dependabot/security_advisory"
|
|
7
7
|
module Dependabot
|
8
8
|
module UpdateCheckers
|
9
9
|
class Base
|
10
|
-
attr_reader :dependency, :dependency_files, :
|
11
|
-
:ignored_versions, :raise_on_ignored,
|
10
|
+
attr_reader :dependency, :dependency_files, :repo_contents_path,
|
11
|
+
:credentials, :ignored_versions, :raise_on_ignored,
|
12
12
|
:security_advisories, :requirements_update_strategy
|
13
13
|
|
14
|
-
def initialize(dependency:, dependency_files:,
|
15
|
-
ignored_versions: [],
|
16
|
-
security_advisories: [],
|
14
|
+
def initialize(dependency:, dependency_files:, repo_contents_path: nil,
|
15
|
+
credentials:, ignored_versions: [],
|
16
|
+
raise_on_ignored: false, security_advisories: [],
|
17
17
|
requirements_update_strategy: nil)
|
18
18
|
@dependency = dependency
|
19
19
|
@dependency_files = dependency_files
|
20
|
+
@repo_contents_path = repo_contents_path
|
20
21
|
@credentials = credentials
|
21
22
|
@requirements_update_strategy = requirements_update_strategy
|
22
23
|
@ignored_versions = ignored_versions
|
data/lib/dependabot/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-common
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.118.
|
4
|
+
version: 0.118.16
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-08-
|
11
|
+
date: 2020-08-20 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-codecommit
|