dependabot-common 0.118.15 → 0.119.2
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of dependabot-common might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/lib/dependabot/dependency_file.rb +6 -0
- data/lib/dependabot/file_fetchers/base.rb +24 -0
- data/lib/dependabot/file_parsers/base.rb +4 -2
- data/lib/dependabot/file_updaters/base.rb +5 -2
- data/lib/dependabot/shared_helpers.rb +20 -1
- data/lib/dependabot/update_checkers/base.rb +6 -5
- data/lib/dependabot/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c81b0ca1f68eb6edaf9aba683e0537cf2acc69caccaf95bb777c531c25b936a1
|
|
4
|
+
data.tar.gz: 70e8b39a6f6f711b68e5033778c1063b3a91fe19f6f2b0377447ae2705e0603d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: afa8c8f3b5462009ea4b88df0d69bd87ac4c8cddb64419cd7817a1a01e302efac77774f1b093e7b4e92d143860f08f924b81504fb7f06b4149d99a258c3465fd
|
|
7
|
+
data.tar.gz: e8177d4e247a073d3bd30393c20b724bb342d6863fad8fcc26792556b1092096c533ccdd373dd9b1423308d7925d23741ea0e89f5841c604cd99bdc6f0feb923
|
|
@@ -67,6 +67,12 @@ module Dependabot
|
|
|
67
67
|
raise unless e.message.include?("Repository is empty")
|
|
68
68
|
end
|
|
69
69
|
|
|
70
|
+
# Returns the path to the cloned repo
|
|
71
|
+
def clone_repo_contents(target_directory: nil)
|
|
72
|
+
@clone_repo_contents ||=
|
|
73
|
+
_clone_repo_contents(target_directory: target_directory)
|
|
74
|
+
end
|
|
75
|
+
|
|
70
76
|
private
|
|
71
77
|
|
|
72
78
|
def fetch_file_if_present(filename, fetch_submodules: false)
|
|
@@ -419,6 +425,24 @@ module Dependabot
|
|
|
419
425
|
max_by(&:length)
|
|
420
426
|
end
|
|
421
427
|
|
|
428
|
+
def _clone_repo_contents(target_directory:)
|
|
429
|
+
SharedHelpers.with_git_configured(credentials: credentials) do
|
|
430
|
+
path = target_directory || File.join("tmp", source.repo)
|
|
431
|
+
# Assume we're retrying the same branch, or that a `target_directory`
|
|
432
|
+
# is specified when retrying a different branch.
|
|
433
|
+
return path if Dir.exist?(File.join(path, ".git"))
|
|
434
|
+
|
|
435
|
+
FileUtils.mkdir_p(path)
|
|
436
|
+
br_opt = " --branch=#{source.branch} --single-branch" if source.branch
|
|
437
|
+
SharedHelpers.run_shell_command(
|
|
438
|
+
<<~CMD
|
|
439
|
+
git clone --no-tags --no-recurse-submodules --depth=1#{br_opt} #{source.url} #{path}
|
|
440
|
+
CMD
|
|
441
|
+
)
|
|
442
|
+
path
|
|
443
|
+
end
|
|
444
|
+
end
|
|
445
|
+
|
|
422
446
|
def client_for_provider
|
|
423
447
|
case source.provider
|
|
424
448
|
when "github" then github_client
|
|
@@ -3,10 +3,12 @@
|
|
|
3
3
|
module Dependabot
|
|
4
4
|
module FileParsers
|
|
5
5
|
class Base
|
|
6
|
-
attr_reader :dependency_files, :credentials, :source
|
|
6
|
+
attr_reader :dependency_files, :repo_contents_path, :credentials, :source
|
|
7
7
|
|
|
8
|
-
def initialize(dependency_files:, source:,
|
|
8
|
+
def initialize(dependency_files:, repo_contents_path: nil, source:,
|
|
9
|
+
credentials: [])
|
|
9
10
|
@dependency_files = dependency_files
|
|
11
|
+
@repo_contents_path = repo_contents_path
|
|
10
12
|
@credentials = credentials
|
|
11
13
|
@source = source
|
|
12
14
|
|
|
@@ -3,15 +3,18 @@
|
|
|
3
3
|
module Dependabot
|
|
4
4
|
module FileUpdaters
|
|
5
5
|
class Base
|
|
6
|
-
attr_reader :dependencies, :dependency_files, :
|
|
6
|
+
attr_reader :dependencies, :dependency_files, :repo_contents_path,
|
|
7
|
+
:credentials
|
|
7
8
|
|
|
8
9
|
def self.updated_files_regex
|
|
9
10
|
raise NotImplementedError
|
|
10
11
|
end
|
|
11
12
|
|
|
12
|
-
def initialize(dependencies:, dependency_files:,
|
|
13
|
+
def initialize(dependencies:, dependency_files:, repo_contents_path: nil,
|
|
14
|
+
credentials:)
|
|
13
15
|
@dependencies = dependencies
|
|
14
16
|
@dependency_files = dependency_files
|
|
17
|
+
@repo_contents_path = repo_contents_path
|
|
15
18
|
@credentials = credentials
|
|
16
19
|
|
|
17
20
|
check_required_files
|
|
@@ -29,6 +29,19 @@ module Dependabot
|
|
|
29
29
|
end
|
|
30
30
|
end
|
|
31
31
|
|
|
32
|
+
def self.in_a_temporary_repo_directory(directory = "/",
|
|
33
|
+
repo_contents_path = nil,
|
|
34
|
+
&block)
|
|
35
|
+
if repo_contents_path
|
|
36
|
+
path = Pathname.new(File.join(repo_contents_path, directory)).
|
|
37
|
+
expand_path
|
|
38
|
+
reset_git_repo(repo_contents_path)
|
|
39
|
+
Dir.chdir(path) { yield(path) }
|
|
40
|
+
else
|
|
41
|
+
in_a_temporary_directory(directory, &block)
|
|
42
|
+
end
|
|
43
|
+
end
|
|
44
|
+
|
|
32
45
|
def self.in_a_temporary_directory(directory = "/")
|
|
33
46
|
Dir.mkdir(BUMP_TMP_DIR_PATH) unless Dir.exist?(BUMP_TMP_DIR_PATH)
|
|
34
47
|
Dir.mktmpdir(BUMP_TMP_FILE_PREFIX, BUMP_TMP_DIR_PATH) do |dir|
|
|
@@ -209,6 +222,12 @@ module Dependabot
|
|
|
209
222
|
File.write("git.store", git_store_content)
|
|
210
223
|
end
|
|
211
224
|
|
|
225
|
+
def self.reset_git_repo(path)
|
|
226
|
+
Dir.chdir(path) do
|
|
227
|
+
run_shell_command("git reset HEAD --hard && git clean -fx")
|
|
228
|
+
end
|
|
229
|
+
end
|
|
230
|
+
|
|
212
231
|
def self.stash_global_git_config
|
|
213
232
|
return unless File.exist?(GIT_CONFIG_GLOBAL_PATH)
|
|
214
233
|
|
|
@@ -234,7 +253,7 @@ module Dependabot
|
|
|
234
253
|
|
|
235
254
|
# Raise an error with the output from the shell session if the
|
|
236
255
|
# command returns a non-zero status
|
|
237
|
-
return if process.success?
|
|
256
|
+
return stdout if process.success?
|
|
238
257
|
|
|
239
258
|
error_context = {
|
|
240
259
|
command: command,
|
|
@@ -7,16 +7,17 @@ require "dependabot/security_advisory"
|
|
|
7
7
|
module Dependabot
|
|
8
8
|
module UpdateCheckers
|
|
9
9
|
class Base
|
|
10
|
-
attr_reader :dependency, :dependency_files, :
|
|
11
|
-
:ignored_versions, :raise_on_ignored,
|
|
10
|
+
attr_reader :dependency, :dependency_files, :repo_contents_path,
|
|
11
|
+
:credentials, :ignored_versions, :raise_on_ignored,
|
|
12
12
|
:security_advisories, :requirements_update_strategy
|
|
13
13
|
|
|
14
|
-
def initialize(dependency:, dependency_files:,
|
|
15
|
-
ignored_versions: [],
|
|
16
|
-
security_advisories: [],
|
|
14
|
+
def initialize(dependency:, dependency_files:, repo_contents_path: nil,
|
|
15
|
+
credentials:, ignored_versions: [],
|
|
16
|
+
raise_on_ignored: false, security_advisories: [],
|
|
17
17
|
requirements_update_strategy: nil)
|
|
18
18
|
@dependency = dependency
|
|
19
19
|
@dependency_files = dependency_files
|
|
20
|
+
@repo_contents_path = repo_contents_path
|
|
20
21
|
@credentials = credentials
|
|
21
22
|
@requirements_update_strategy = requirements_update_strategy
|
|
22
23
|
@ignored_versions = ignored_versions
|
data/lib/dependabot/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-common
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.119.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-
|
|
11
|
+
date: 2020-09-02 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-codecommit
|