dependabot-common 0.118.15 → 0.119.2

This diff has not been reviewed by any users.
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f20b7004c1f854933ff1bcdca6f7267777cf03f97ac71c5122923025d4408392
4
- data.tar.gz: 799ebfb484a33945c48375472d2fb5e3653cb7e370402474ac8a8f49199c2e42
3
+ metadata.gz: c81b0ca1f68eb6edaf9aba683e0537cf2acc69caccaf95bb777c531c25b936a1
4
+ data.tar.gz: 70e8b39a6f6f711b68e5033778c1063b3a91fe19f6f2b0377447ae2705e0603d
5
5
  SHA512:
6
- metadata.gz: 89dcf2894d833225bdbbbf03d99b0a86378487b0b1466a8e4f0f804c733926087eb38d6498c19a0b80bc02b20d41d12a7d9ebfbb3964a35c8d7f009bb098f3f0
7
- data.tar.gz: c53832d416fd357292c9dd38f55e1d78b0891064da510b51bc8c4230f3bba29442a24c6bfcb42992f4c14082c40d8680bd71d88fc6e8963da81f04a2f9b04f55
6
+ metadata.gz: afa8c8f3b5462009ea4b88df0d69bd87ac4c8cddb64419cd7817a1a01e302efac77774f1b093e7b4e92d143860f08f924b81504fb7f06b4149d99a258c3465fd
7
+ data.tar.gz: e8177d4e247a073d3bd30393c20b724bb342d6863fad8fcc26792556b1092096c533ccdd373dd9b1423308d7925d23741ea0e89f5841c604cd99bdc6f0feb923
@@ -83,6 +83,12 @@ module Dependabot
83
83
  content_encoding == ContentEncoding::BASE64
84
84
  end
85
85
 
86
+ def decoded_content
87
+ return Base64.decode64(content) if binary?
88
+
89
+ content
90
+ end
91
+
86
92
  private
87
93
 
88
94
  def clean_directory(directory)
@@ -67,6 +67,12 @@ module Dependabot
67
67
  raise unless e.message.include?("Repository is empty")
68
68
  end
69
69
 
70
+ # Returns the path to the cloned repo
71
+ def clone_repo_contents(target_directory: nil)
72
+ @clone_repo_contents ||=
73
+ _clone_repo_contents(target_directory: target_directory)
74
+ end
75
+
70
76
  private
71
77
 
72
78
  def fetch_file_if_present(filename, fetch_submodules: false)
@@ -419,6 +425,24 @@ module Dependabot
419
425
  max_by(&:length)
420
426
  end
421
427
 
428
+ def _clone_repo_contents(target_directory:)
429
+ SharedHelpers.with_git_configured(credentials: credentials) do
430
+ path = target_directory || File.join("tmp", source.repo)
431
+ # Assume we're retrying the same branch, or that a `target_directory`
432
+ # is specified when retrying a different branch.
433
+ return path if Dir.exist?(File.join(path, ".git"))
434
+
435
+ FileUtils.mkdir_p(path)
436
+ br_opt = " --branch=#{source.branch} --single-branch" if source.branch
437
+ SharedHelpers.run_shell_command(
438
+ <<~CMD
439
+ git clone --no-tags --no-recurse-submodules --depth=1#{br_opt} #{source.url} #{path}
440
+ CMD
441
+ )
442
+ path
443
+ end
444
+ end
445
+
422
446
  def client_for_provider
423
447
  case source.provider
424
448
  when "github" then github_client
@@ -3,10 +3,12 @@
3
3
  module Dependabot
4
4
  module FileParsers
5
5
  class Base
6
- attr_reader :dependency_files, :credentials, :source
6
+ attr_reader :dependency_files, :repo_contents_path, :credentials, :source
7
7
 
8
- def initialize(dependency_files:, source:, credentials: [])
8
+ def initialize(dependency_files:, repo_contents_path: nil, source:,
9
+ credentials: [])
9
10
  @dependency_files = dependency_files
11
+ @repo_contents_path = repo_contents_path
10
12
  @credentials = credentials
11
13
  @source = source
12
14
 
@@ -3,15 +3,18 @@
3
3
  module Dependabot
4
4
  module FileUpdaters
5
5
  class Base
6
- attr_reader :dependencies, :dependency_files, :credentials
6
+ attr_reader :dependencies, :dependency_files, :repo_contents_path,
7
+ :credentials
7
8
 
8
9
  def self.updated_files_regex
9
10
  raise NotImplementedError
10
11
  end
11
12
 
12
- def initialize(dependencies:, dependency_files:, credentials:)
13
+ def initialize(dependencies:, dependency_files:, repo_contents_path: nil,
14
+ credentials:)
13
15
  @dependencies = dependencies
14
16
  @dependency_files = dependency_files
17
+ @repo_contents_path = repo_contents_path
15
18
  @credentials = credentials
16
19
 
17
20
  check_required_files
@@ -29,6 +29,19 @@ module Dependabot
29
29
  end
30
30
  end
31
31
 
32
+ def self.in_a_temporary_repo_directory(directory = "/",
33
+ repo_contents_path = nil,
34
+ &block)
35
+ if repo_contents_path
36
+ path = Pathname.new(File.join(repo_contents_path, directory)).
37
+ expand_path
38
+ reset_git_repo(repo_contents_path)
39
+ Dir.chdir(path) { yield(path) }
40
+ else
41
+ in_a_temporary_directory(directory, &block)
42
+ end
43
+ end
44
+
32
45
  def self.in_a_temporary_directory(directory = "/")
33
46
  Dir.mkdir(BUMP_TMP_DIR_PATH) unless Dir.exist?(BUMP_TMP_DIR_PATH)
34
47
  Dir.mktmpdir(BUMP_TMP_FILE_PREFIX, BUMP_TMP_DIR_PATH) do |dir|
@@ -209,6 +222,12 @@ module Dependabot
209
222
  File.write("git.store", git_store_content)
210
223
  end
211
224
 
225
+ def self.reset_git_repo(path)
226
+ Dir.chdir(path) do
227
+ run_shell_command("git reset HEAD --hard && git clean -fx")
228
+ end
229
+ end
230
+
212
231
  def self.stash_global_git_config
213
232
  return unless File.exist?(GIT_CONFIG_GLOBAL_PATH)
214
233
 
@@ -234,7 +253,7 @@ module Dependabot
234
253
 
235
254
  # Raise an error with the output from the shell session if the
236
255
  # command returns a non-zero status
237
- return if process.success?
256
+ return stdout if process.success?
238
257
 
239
258
  error_context = {
240
259
  command: command,
@@ -7,16 +7,17 @@ require "dependabot/security_advisory"
7
7
  module Dependabot
8
8
  module UpdateCheckers
9
9
  class Base
10
- attr_reader :dependency, :dependency_files, :credentials,
11
- :ignored_versions, :raise_on_ignored,
10
+ attr_reader :dependency, :dependency_files, :repo_contents_path,
11
+ :credentials, :ignored_versions, :raise_on_ignored,
12
12
  :security_advisories, :requirements_update_strategy
13
13
 
14
- def initialize(dependency:, dependency_files:, credentials:,
15
- ignored_versions: [], raise_on_ignored: false,
16
- security_advisories: [],
14
+ def initialize(dependency:, dependency_files:, repo_contents_path: nil,
15
+ credentials:, ignored_versions: [],
16
+ raise_on_ignored: false, security_advisories: [],
17
17
  requirements_update_strategy: nil)
18
18
  @dependency = dependency
19
19
  @dependency_files = dependency_files
20
+ @repo_contents_path = repo_contents_path
20
21
  @credentials = credentials
21
22
  @requirements_update_strategy = requirements_update_strategy
22
23
  @ignored_versions = ignored_versions
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Dependabot
4
- VERSION = "0.118.15"
4
+ VERSION = "0.119.2"
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.118.15
4
+ version: 0.119.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-08-20 00:00:00.000000000 Z
11
+ date: 2020-09-02 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-codecommit