dependabot-common 0.118.16 → 0.119.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/clients/azure.rb +26 -7
- data/lib/dependabot/dependency_file.rb +6 -0
- data/lib/dependabot/file_fetchers/base.rb +21 -1
- data/lib/dependabot/shared_helpers.rb +20 -1
- data/lib/dependabot/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: fc5d5cb1d37e94e4754376b52e4bee46d02f13cf5de8d3d1aaadd58ad2f769ec
|
|
4
|
+
data.tar.gz: a22af65c9a48056ecc63e9def80bdbee8759b6b1271f048cc44e6c009d165910
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 22c4eb3b3ec19201955a5bbe241f1bd03056b92da606b5dd30bf6c88ce32576e63ed96c17fdf93eef9ee24cf6f8edcb1d69caf680bdcb7990d489aa1ff8945a3
|
|
7
|
+
data.tar.gz: 475f0be0471945e3e846f234c573b7c8c343ff868fa235f4e68a5a5194ac7ed09fcf3614d4df556bf45930c99925a4dd4b030cd15446d996c90d479527300f35
|
|
@@ -28,6 +28,7 @@ module Dependabot
|
|
|
28
28
|
def initialize(source, credentials)
|
|
29
29
|
@source = source
|
|
30
30
|
@credentials = credentials
|
|
31
|
+
@auth_header = auth_header_for(credentials&.fetch("token", nil))
|
|
31
32
|
end
|
|
32
33
|
|
|
33
34
|
def fetch_commit(_repo, branch)
|
|
@@ -180,8 +181,9 @@ module Dependabot
|
|
|
180
181
|
def get(url)
|
|
181
182
|
response = Excon.get(
|
|
182
183
|
url,
|
|
183
|
-
|
|
184
|
-
|
|
184
|
+
headers: auth_header,
|
|
185
|
+
user: credentials&.fetch("username", nil),
|
|
186
|
+
password: credentials&.fetch("password", nil),
|
|
185
187
|
idempotent: true,
|
|
186
188
|
**SharedHelpers.excon_defaults
|
|
187
189
|
)
|
|
@@ -193,12 +195,14 @@ module Dependabot
|
|
|
193
195
|
def post(url, json)
|
|
194
196
|
response = Excon.post(
|
|
195
197
|
url,
|
|
196
|
-
headers:
|
|
197
|
-
|
|
198
|
-
|
|
198
|
+
headers: auth_header.merge(
|
|
199
|
+
{
|
|
200
|
+
"Content-Type" => "application/json"
|
|
201
|
+
}
|
|
202
|
+
),
|
|
199
203
|
body: json,
|
|
200
|
-
user: credentials&.fetch("username"),
|
|
201
|
-
password: credentials&.fetch("password"),
|
|
204
|
+
user: credentials&.fetch("username", nil),
|
|
205
|
+
password: credentials&.fetch("password", nil),
|
|
202
206
|
idempotent: true,
|
|
203
207
|
**SharedHelpers.excon_defaults
|
|
204
208
|
)
|
|
@@ -209,6 +213,21 @@ module Dependabot
|
|
|
209
213
|
|
|
210
214
|
private
|
|
211
215
|
|
|
216
|
+
def auth_header_for(token)
|
|
217
|
+
return {} unless token
|
|
218
|
+
|
|
219
|
+
if token.include?(":")
|
|
220
|
+
encoded_token = Base64.encode64(token).delete("\n")
|
|
221
|
+
{ "Authorization" => "Basic #{encoded_token}" }
|
|
222
|
+
elsif Base64.decode64(token).ascii_only? &&
|
|
223
|
+
Base64.decode64(token).include?(":")
|
|
224
|
+
{ "Authorization" => "Basic #{token.delete("\n")}" }
|
|
225
|
+
else
|
|
226
|
+
{ "Authorization" => "Bearer #{token}" }
|
|
227
|
+
end
|
|
228
|
+
end
|
|
229
|
+
|
|
230
|
+
attr_reader :auth_header
|
|
212
231
|
attr_reader :credentials
|
|
213
232
|
attr_reader :source
|
|
214
233
|
end
|
|
@@ -67,8 +67,10 @@ module Dependabot
|
|
|
67
67
|
raise unless e.message.include?("Repository is empty")
|
|
68
68
|
end
|
|
69
69
|
|
|
70
|
+
# Returns the path to the cloned repo
|
|
70
71
|
def clone_repo_contents(target_directory: nil)
|
|
71
|
-
|
|
72
|
+
@clone_repo_contents ||=
|
|
73
|
+
_clone_repo_contents(target_directory: target_directory)
|
|
72
74
|
end
|
|
73
75
|
|
|
74
76
|
private
|
|
@@ -423,6 +425,24 @@ module Dependabot
|
|
|
423
425
|
max_by(&:length)
|
|
424
426
|
end
|
|
425
427
|
|
|
428
|
+
def _clone_repo_contents(target_directory:)
|
|
429
|
+
SharedHelpers.with_git_configured(credentials: credentials) do
|
|
430
|
+
path = target_directory || File.join("tmp", source.repo)
|
|
431
|
+
# Assume we're retrying the same branch, or that a `target_directory`
|
|
432
|
+
# is specified when retrying a different branch.
|
|
433
|
+
return path if Dir.exist?(File.join(path, ".git"))
|
|
434
|
+
|
|
435
|
+
FileUtils.mkdir_p(path)
|
|
436
|
+
br_opt = " --branch=#{source.branch} --single-branch" if source.branch
|
|
437
|
+
SharedHelpers.run_shell_command(
|
|
438
|
+
<<~CMD
|
|
439
|
+
git clone --no-tags --no-recurse-submodules --depth=1#{br_opt} #{source.url} #{path}
|
|
440
|
+
CMD
|
|
441
|
+
)
|
|
442
|
+
path
|
|
443
|
+
end
|
|
444
|
+
end
|
|
445
|
+
|
|
426
446
|
def client_for_provider
|
|
427
447
|
case source.provider
|
|
428
448
|
when "github" then github_client
|
|
@@ -29,6 +29,19 @@ module Dependabot
|
|
|
29
29
|
end
|
|
30
30
|
end
|
|
31
31
|
|
|
32
|
+
def self.in_a_temporary_repo_directory(directory = "/",
|
|
33
|
+
repo_contents_path = nil,
|
|
34
|
+
&block)
|
|
35
|
+
if repo_contents_path
|
|
36
|
+
path = Pathname.new(File.join(repo_contents_path, directory)).
|
|
37
|
+
expand_path
|
|
38
|
+
reset_git_repo(repo_contents_path)
|
|
39
|
+
Dir.chdir(path) { yield(path) }
|
|
40
|
+
else
|
|
41
|
+
in_a_temporary_directory(directory, &block)
|
|
42
|
+
end
|
|
43
|
+
end
|
|
44
|
+
|
|
32
45
|
def self.in_a_temporary_directory(directory = "/")
|
|
33
46
|
Dir.mkdir(BUMP_TMP_DIR_PATH) unless Dir.exist?(BUMP_TMP_DIR_PATH)
|
|
34
47
|
Dir.mktmpdir(BUMP_TMP_FILE_PREFIX, BUMP_TMP_DIR_PATH) do |dir|
|
|
@@ -209,6 +222,12 @@ module Dependabot
|
|
|
209
222
|
File.write("git.store", git_store_content)
|
|
210
223
|
end
|
|
211
224
|
|
|
225
|
+
def self.reset_git_repo(path)
|
|
226
|
+
Dir.chdir(path) do
|
|
227
|
+
run_shell_command("git reset HEAD --hard && git clean -fx")
|
|
228
|
+
end
|
|
229
|
+
end
|
|
230
|
+
|
|
212
231
|
def self.stash_global_git_config
|
|
213
232
|
return unless File.exist?(GIT_CONFIG_GLOBAL_PATH)
|
|
214
233
|
|
|
@@ -234,7 +253,7 @@ module Dependabot
|
|
|
234
253
|
|
|
235
254
|
# Raise an error with the output from the shell session if the
|
|
236
255
|
# command returns a non-zero status
|
|
237
|
-
return if process.success?
|
|
256
|
+
return stdout if process.success?
|
|
238
257
|
|
|
239
258
|
error_context = {
|
|
240
259
|
command: command,
|
data/lib/dependabot/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-common
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.119.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-
|
|
11
|
+
date: 2020-09-10 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-codecommit
|