dependabot-common 0.118.11 → 0.118.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/dependency_file.rb +21 -3
  3. data/lib/dependabot/file_fetchers/base.rb +4 -0
  4. data/lib/dependabot/file_parsers/base.rb +4 -2
  5. data/lib/dependabot/file_updaters/base.rb +5 -2
  6. data/lib/dependabot/pull_request_creator/github.rb +15 -4
  7. data/lib/dependabot/pull_request_updater/github.rb +18 -9
  8. data/lib/dependabot/update_checkers/base.rb +6 -5
  9. data/lib/dependabot/version.rb +1 -1
  10. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a058c4445932c8b7c18d279e1dda6647fe3759048ceb0ec3a2f83f42c8e39520
4
- data.tar.gz: 642b7b58ecbb8ad96e841c15ba030e50192f9a1fad9f5c9dfd335d7f19de9367
3
+ metadata.gz: b4b213d9ba28b1b28d2b54f8839993546b4b6461f949df87dc803a2bbe979929
4
+ data.tar.gz: c2f3e3dad541c07fe606333d50269271cb55ac5cf47d457ba50611200c2d94dc
5
5
  SHA512:
6
- metadata.gz: 7e854a810185d99dfb69fb916acabb0343a32010630bedd5ba44ae24c525f568f2958da3a3dc243d895e41af6b5c609dbb86b8c9732bcf8f7a31944f74231024
7
- data.tar.gz: c0c14e37f12acf849177cd1eda3f9a2efd7cb789dbb1fc6ef4e675cb74239fde712b1939fd560cee694ff3ecdc50d7a2b374a7400af48b6a61cb7cbfa516d380
6
+ metadata.gz: 97cf295f272280ef1dfa3442f8029edf35f5b6f33e4dfcfd22ce25b44c1c9acdb2273a8ac037f54ad3b2c9410f6d8f8a15c703b390c0eb4f9d57c383da67ac85
7
+ data.tar.gz: 4b3379d899b4ab131f46f7b40561e62bb95c3f3041656c4ae68d8aeedf694e72e57eb5ca5dbcf9b5b48b82e3b9bef5cd6781cb93300ffdf4b46331bc89f75b7b
data/lib/dependabot/dependency_file.rb CHANGED
@@ -5,15 +5,23 @@ require "pathname"
5
5
  module Dependabot
6
6
  class DependencyFile
7
7
  attr_accessor :name, :content, :directory, :type, :support_file,
8
- :symlink_target
8
+ :symlink_target, :content_encoding, :deleted
9
+
10
+ class ContentEncoding
11
+ UTF_8 = "utf-8"
12
+ BASE64 = "base64"
13
+ end
9
14
 
10
15
  def initialize(name:, content:, directory: "/", type: "file",
11
- support_file: false, symlink_target: nil)
16
+ support_file: false, symlink_target: nil,
17
+ content_encoding: ContentEncoding::UTF_8, deleted: false)
12
18
  @name = name
13
19
  @content = content
14
20
  @directory = clean_directory(directory)
15
21
  @symlink_target = symlink_target
16
22
  @support_file = support_file
23
+ @content_encoding = content_encoding
24
+ @deleted = deleted
17
25
 
18
26
  # Type is used *very* sparingly. It lets the git_modules updater know that
19
27
  # a "file" is actually a submodule, and lets our Go updaters know which
@@ -34,7 +42,9 @@ module Dependabot
34
42
  "content" => content,
35
43
  "directory" => directory,
36
44
  "type" => type,
37
- "support_file" => support_file
45
+ "support_file" => support_file,
46
+ "content_encoding" => content_encoding,
47
+ "deleted" => deleted
38
48
  }
39
49
 
40
50
  details["symlink_target"] = symlink_target if symlink_target
@@ -65,6 +75,14 @@ module Dependabot
65
75
  @support_file
66
76
  end
67
77
 
78
+ def deleted?
79
+ @deleted
80
+ end
81
+
82
+ def binary?
83
+ content_encoding == ContentEncoding::BASE64
84
+ end
85
+
68
86
  private
69
87
 
70
88
  def clean_directory(directory)
data/lib/dependabot/file_fetchers/base.rb CHANGED
@@ -67,6 +67,10 @@ module Dependabot
67
67
  raise unless e.message.include?("Repository is empty")
68
68
  end
69
69
 
70
+ def clone_repo_contents(target_directory: nil)
71
+ # TODO: add implementation
72
+ end
73
+
70
74
  private
71
75
 
72
76
  def fetch_file_if_present(filename, fetch_submodules: false)
data/lib/dependabot/file_parsers/base.rb CHANGED
@@ -3,10 +3,12 @@
3
3
  module Dependabot
4
4
  module FileParsers
5
5
  class Base
6
- attr_reader :dependency_files, :credentials, :source
6
+ attr_reader :dependency_files, :repo_contents_path, :credentials, :source
7
7
 
8
- def initialize(dependency_files:, source:, credentials: [])
8
+ def initialize(dependency_files:, repo_contents_path: nil, source:,
9
+ credentials: [])
9
10
  @dependency_files = dependency_files
11
+ @repo_contents_path = repo_contents_path
10
12
  @credentials = credentials
11
13
  @source = source
12
14
 
data/lib/dependabot/file_updaters/base.rb CHANGED
@@ -3,15 +3,18 @@
3
3
  module Dependabot
4
4
  module FileUpdaters
5
5
  class Base
6
- attr_reader :dependencies, :dependency_files, :credentials
6
+ attr_reader :dependencies, :dependency_files, :repo_contents_path,
7
+ :credentials
7
8
 
8
9
  def self.updated_files_regex
9
10
  raise NotImplementedError
10
11
  end
11
12
 
12
- def initialize(dependencies:, dependency_files:, credentials:)
13
+ def initialize(dependencies:, dependency_files:, repo_contents_path: nil,
14
+ credentials:)
13
15
  @dependencies = dependencies
14
16
  @dependency_files = dependency_files
17
+ @repo_contents_path = repo_contents_path
15
18
  @credentials = credentials
16
19
 
17
20
  check_required_files
data/lib/dependabot/pull_request_creator/github.rb CHANGED
@@ -170,12 +170,23 @@ module Dependabot
170
170
  sha: file.content
171
171
  }
172
172
  else
173
+ content = if file.deleted?
174
+ { sha: nil }
175
+ elsif file.binary?
176
+ sha = github_client_for_source.create_blob(
177
+ source.repo, file.content, "base64"
178
+ )
179
+ { sha: sha }
180
+ else
181
+ { content: file.content }
182
+ end
183
+
173
184
  {
174
- path: (file.symlink_target || file.path).sub(%r{^/}, ""),
185
+ path: (file.symlink_target ||
186
+ file.path).sub(%r{^/}, ""),
175
187
  mode: "100644",
176
- type: "blob",
177
- content: file.content
178
- }
188
+ type: "blob"
189
+ }.merge(content)
179
190
  end
180
191
  end
181
192
 
data/lib/dependabot/pull_request_updater/github.rb CHANGED
@@ -124,14 +124,7 @@ module Dependabot
124
124
 
125
125
  def create_tree
126
126
  file_trees = files.map do |file|
127
- if %w(file symlink).include?(file.type)
128
- {
129
- path: (file.symlink_target || file.path).sub(%r{^/}, ""),
130
- mode: "100644",
131
- type: "blob",
132
- content: file.content
133
- }
134
- elsif file.type == "submodule"
127
+ if file.type == "submodule"
135
128
  {
136
129
  path: file.path.sub(%r{^/}, ""),
137
130
  mode: "160000",
@@ -139,7 +132,23 @@ module Dependabot
139
132
  sha: file.content
140
133
  }
141
134
  else
142
- raise "Unknown file type #{file.type}"
135
+ content = if file.deleted?
136
+ { sha: nil }
137
+ elsif file.binary?
138
+ sha = github_client_for_source.create_blob(
139
+ source.repo, file.content, "base64"
140
+ )
141
+ { sha: sha }
142
+ else
143
+ { content: file.content }
144
+ end
145
+
146
+ {
147
+ path: (file.symlink_target ||
148
+ file.path).sub(%r{^/}, ""),
149
+ mode: "100644",
150
+ type: "blob"
151
+ }.merge(content)
143
152
  end
144
153
  end
145
154
 
data/lib/dependabot/update_checkers/base.rb CHANGED
@@ -7,16 +7,17 @@ require "dependabot/security_advisory"
7
7
  module Dependabot
8
8
  module UpdateCheckers
9
9
  class Base
10
- attr_reader :dependency, :dependency_files, :credentials,
11
- :ignored_versions, :raise_on_ignored,
10
+ attr_reader :dependency, :dependency_files, :repo_contents_path,
11
+ :credentials, :ignored_versions, :raise_on_ignored,
12
12
  :security_advisories, :requirements_update_strategy
13
13
 
14
- def initialize(dependency:, dependency_files:, credentials:,
15
- ignored_versions: [], raise_on_ignored: false,
16
- security_advisories: [],
14
+ def initialize(dependency:, dependency_files:, repo_contents_path: nil,
15
+ credentials:, ignored_versions: [],
16
+ raise_on_ignored: false, security_advisories: [],
17
17
  requirements_update_strategy: nil)
18
18
  @dependency = dependency
19
19
  @dependency_files = dependency_files
20
+ @repo_contents_path = repo_contents_path
20
21
  @credentials = credentials
21
22
  @requirements_update_strategy = requirements_update_strategy
22
23
  @ignored_versions = ignored_versions
data/lib/dependabot/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Dependabot
4
- VERSION = "0.118.11"
4
+ VERSION = "0.118.16"
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.118.11
4
+ version: 0.118.16
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-08-06 00:00:00.000000000 Z
11
+ date: 2020-08-20 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-codecommit