dependabot-common 0.119.2 → 0.119.3

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of dependabot-common might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: c81b0ca1f68eb6edaf9aba683e0537cf2acc69caccaf95bb777c531c25b936a1
4
- data.tar.gz: 70e8b39a6f6f711b68e5033778c1063b3a91fe19f6f2b0377447ae2705e0603d
3
+ metadata.gz: fc5d5cb1d37e94e4754376b52e4bee46d02f13cf5de8d3d1aaadd58ad2f769ec
4
+ data.tar.gz: a22af65c9a48056ecc63e9def80bdbee8759b6b1271f048cc44e6c009d165910
5
5
  SHA512:
6
- metadata.gz: afa8c8f3b5462009ea4b88df0d69bd87ac4c8cddb64419cd7817a1a01e302efac77774f1b093e7b4e92d143860f08f924b81504fb7f06b4149d99a258c3465fd
7
- data.tar.gz: e8177d4e247a073d3bd30393c20b724bb342d6863fad8fcc26792556b1092096c533ccdd373dd9b1423308d7925d23741ea0e89f5841c604cd99bdc6f0feb923
6
+ metadata.gz: 22c4eb3b3ec19201955a5bbe241f1bd03056b92da606b5dd30bf6c88ce32576e63ed96c17fdf93eef9ee24cf6f8edcb1d69caf680bdcb7990d489aa1ff8945a3
7
+ data.tar.gz: 475f0be0471945e3e846f234c573b7c8c343ff868fa235f4e68a5a5194ac7ed09fcf3614d4df556bf45930c99925a4dd4b030cd15446d996c90d479527300f35
@@ -28,6 +28,7 @@ module Dependabot
28
28
  def initialize(source, credentials)
29
29
  @source = source
30
30
  @credentials = credentials
31
+ @auth_header = auth_header_for(credentials&.fetch("token", nil))
31
32
  end
32
33
 
33
34
  def fetch_commit(_repo, branch)
@@ -180,8 +181,9 @@ module Dependabot
180
181
  def get(url)
181
182
  response = Excon.get(
182
183
  url,
183
- user: credentials&.fetch("username"),
184
- password: credentials&.fetch("password"),
184
+ headers: auth_header,
185
+ user: credentials&.fetch("username", nil),
186
+ password: credentials&.fetch("password", nil),
185
187
  idempotent: true,
186
188
  **SharedHelpers.excon_defaults
187
189
  )
@@ -193,12 +195,14 @@ module Dependabot
193
195
  def post(url, json)
194
196
  response = Excon.post(
195
197
  url,
196
- headers: {
197
- "Content-Type" => "application/json"
198
- },
198
+ headers: auth_header.merge(
199
+ {
200
+ "Content-Type" => "application/json"
201
+ }
202
+ ),
199
203
  body: json,
200
- user: credentials&.fetch("username"),
201
- password: credentials&.fetch("password"),
204
+ user: credentials&.fetch("username", nil),
205
+ password: credentials&.fetch("password", nil),
202
206
  idempotent: true,
203
207
  **SharedHelpers.excon_defaults
204
208
  )
@@ -209,6 +213,21 @@ module Dependabot
209
213
 
210
214
  private
211
215
 
216
+ def auth_header_for(token)
217
+ return {} unless token
218
+
219
+ if token.include?(":")
220
+ encoded_token = Base64.encode64(token).delete("\n")
221
+ { "Authorization" => "Basic #{encoded_token}" }
222
+ elsif Base64.decode64(token).ascii_only? &&
223
+ Base64.decode64(token).include?(":")
224
+ { "Authorization" => "Basic #{token.delete("\n")}" }
225
+ else
226
+ { "Authorization" => "Bearer #{token}" }
227
+ end
228
+ end
229
+
230
+ attr_reader :auth_header
212
231
  attr_reader :credentials
213
232
  attr_reader :source
214
233
  end
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Dependabot
4
- VERSION = "0.119.2"
4
+ VERSION = "0.119.3"
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.119.2
4
+ version: 0.119.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-09-02 00:00:00.000000000 Z
11
+ date: 2020-09-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-codecommit