dependabot-common 0.119.5 → 0.120.3

This diff has not been reviewed by any users.
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ac20c5d159264edb3113a4e495d02e6c32f5e6aadb5cda883587aeabae475dde
4
- data.tar.gz: d5086bb6a7669add859859632b19b2d4e8ddddc9d637f63a2fb101bcb30d92ef
3
+ metadata.gz: e86bdfc4f410dbf077edfcea229a0125e0e6f56f3f78c02e8a0dcd082cf50445
4
+ data.tar.gz: e2ec62b6b2d8e487286014b21e87a021d169a518639010d33ab80b3030f8d3af
5
5
  SHA512:
6
- metadata.gz: 5c1cfdfdba4439500593adc35ca3bca20f32d55c0cf4e7436f09caa1b443cca135eee7607ef8c7dc7e5d385b66556d8f1698b80568f2e6068888faa8a76acc79
7
- data.tar.gz: bb518e222b1fd04d0bccd69951ac5d7b58220ef1ed6ed8c7ad29825138f39632b4f605ec314776b14bce59e51025048cdd965aebf33445a9e0419f32b399d2d2
6
+ metadata.gz: 379aadb5ac467e6d8b31fc771f112a2d9590889ab2438326617e6f19f93c2fddc5b20a9fdff7454ef4c870ea849054b15672fb27fbbe99304f33a895bdd91357
7
+ data.tar.gz: 966790a0b7977b710db805c819b8952c85bad3d6fb87429a3aa8d300bdce13b2381ee3b9cfc184250f1735ee19281d01841fe7eefaad0fc7c40b2a8d33b1d4f5
@@ -153,8 +153,9 @@ module Dependabot
153
153
  "/pushes?api-version=5.0", content.to_json)
154
154
  end
155
155
 
156
+ # rubocop:disable Metrics/ParameterLists
156
157
  def create_pull_request(pr_name, source_branch, target_branch,
157
- pr_description, labels)
158
+ pr_description, labels, work_item = nil)
158
159
  # Azure DevOps only support descriptions up to 4000 characters
159
160
  # https://developercommunity.visualstudio.com/content/problem/608770/remove-4000-character-limit-on-pull-request-descri.html
160
161
  azure_max_length = 3999
@@ -163,13 +164,15 @@ module Dependabot
163
164
  truncate_length = azure_max_length - truncated_msg.length
164
165
  pr_description = pr_description[0..truncate_length] + truncated_msg
165
166
  end
167
+ # rubocop:enable Metrics/ParameterLists
166
168
 
167
169
  content = {
168
170
  sourceRefName: "refs/heads/" + source_branch,
169
171
  targetRefName: "refs/heads/" + target_branch,
170
172
  title: pr_name,
171
173
  description: pr_description,
172
- labels: labels.map { |label| { name: label } }
174
+ labels: labels.map { |label| { name: label } },
175
+ workItemRefs: [{ id: work_item }]
173
176
  }
174
177
 
175
178
  post(source.api_endpoint +
@@ -181,11 +184,12 @@ module Dependabot
181
184
  def get(url)
182
185
  response = Excon.get(
183
186
  url,
184
- headers: auth_header,
185
187
  user: credentials&.fetch("username", nil),
186
188
  password: credentials&.fetch("password", nil),
187
189
  idempotent: true,
188
- **SharedHelpers.excon_defaults
190
+ **SharedHelpers.excon_defaults(
191
+ headers: auth_header
192
+ )
189
193
  )
190
194
  raise NotFound if response.status == 404
191
195
 
@@ -195,16 +199,17 @@ module Dependabot
195
199
  def post(url, json)
196
200
  response = Excon.post(
197
201
  url,
198
- headers: auth_header.merge(
199
- {
200
- "Content-Type" => "application/json"
201
- }
202
- ),
203
202
  body: json,
204
203
  user: credentials&.fetch("username", nil),
205
204
  password: credentials&.fetch("password", nil),
206
205
  idempotent: true,
207
- **SharedHelpers.excon_defaults
206
+ **SharedHelpers.excon_defaults(
207
+ headers: auth_header.merge(
208
+ {
209
+ "Content-Type" => "application/json"
210
+ }
211
+ )
212
+ )
208
213
  )
209
214
  raise NotFound if response.status == 404
210
215
 
@@ -183,7 +183,7 @@ module Dependabot
183
183
 
184
184
  def excon_defaults
185
185
  # Some git hosts are slow when returning a large number of tags
186
- SharedHelpers.excon_defaults.merge(read_timeout: 20)
186
+ SharedHelpers.excon_defaults(read_timeout: 20)
187
187
  end
188
188
  end
189
189
  end
@@ -17,13 +17,23 @@ module Dependabot
17
17
  class RepoDisabled < StandardError; end
18
18
  class NoHistoryInCommon < StandardError; end
19
19
 
20
+ # AnnotationError is raised if a PR was created, but failed annotation
21
+ class AnnotationError < StandardError
22
+ attr_reader :cause, :pull_request
23
+ def initialize(cause, pull_request)
24
+ super(cause.message)
25
+ @cause = cause
26
+ @pull_request = pull_request
27
+ end
28
+ end
29
+
20
30
  attr_reader :source, :dependencies, :files, :base_commit,
21
31
  :credentials, :pr_message_header, :pr_message_footer,
22
32
  :custom_labels, :author_details, :signature_key,
23
33
  :commit_message_options, :vulnerabilities_fixed,
24
34
  :reviewers, :assignees, :milestone, :branch_name_separator,
25
35
  :branch_name_prefix, :github_redirection_service,
26
- :custom_headers
36
+ :custom_headers, :provider_metadata
27
37
 
28
38
  def initialize(source:, base_commit:, dependencies:, files:, credentials:,
29
39
  pr_message_header: nil, pr_message_footer: nil,
@@ -33,7 +43,8 @@ module Dependabot
33
43
  branch_name_separator: "/", branch_name_prefix: "dependabot",
34
44
  label_language: false, automerge_candidate: false,
35
45
  github_redirection_service: "github-redirect.dependabot.com",
36
- custom_headers: nil, require_up_to_date_base: false)
46
+ custom_headers: nil, require_up_to_date_base: false,
47
+ provider_metadata: {})
37
48
  @dependencies = dependencies
38
49
  @source = source
39
50
  @base_commit = base_commit
@@ -56,6 +67,7 @@ module Dependabot
56
67
  @github_redirection_service = github_redirection_service
57
68
  @custom_headers = custom_headers
58
69
  @require_up_to_date_base = require_up_to_date_base
70
+ @provider_metadata = provider_metadata
59
71
 
60
72
  check_dependencies_have_previous_version
61
73
  end
@@ -142,7 +154,8 @@ module Dependabot
142
154
  pr_description: message_builder.pr_message,
143
155
  pr_name: message_builder.pr_name,
144
156
  author_details: author_details,
145
- labeler: labeler
157
+ labeler: labeler,
158
+ work_item: provider_metadata&.fetch(:work_item, nil)
146
159
  )
147
160
  end
148
161
 
@@ -8,11 +8,11 @@ module Dependabot
8
8
  class Azure
9
9
  attr_reader :source, :branch_name, :base_commit, :credentials,
10
10
  :files, :commit_message, :pr_description, :pr_name,
11
- :author_details, :labeler
11
+ :author_details, :labeler, :work_item
12
12
 
13
13
  def initialize(source:, branch_name:, base_commit:, credentials:,
14
14
  files:, commit_message:, pr_description:, pr_name:,
15
- author_details:, labeler:)
15
+ author_details:, labeler:, work_item: nil)
16
16
  @source = source
17
17
  @branch_name = branch_name
18
18
  @base_commit = base_commit
@@ -23,6 +23,7 @@ module Dependabot
23
23
  @pr_name = pr_name
24
24
  @author_details = author_details
25
25
  @labeler = labeler
26
+ @work_item = work_item
26
27
  end
27
28
 
28
29
  def create
@@ -46,9 +47,7 @@ module Dependabot
46
47
  end
47
48
 
48
49
  def branch_exists?
49
- @branch_ref ||= azure_client_for_source.branch(branch_name)
50
-
51
- @branch_ref
50
+ azure_client_for_source.branch(branch_name)
52
51
  rescue ::Azure::Error::NotFound
53
52
  false
54
53
  end
@@ -79,7 +78,8 @@ module Dependabot
79
78
  branch_name,
80
79
  source.branch || default_branch,
81
80
  pr_description,
82
- labeler.labels_for_pr
81
+ labeler.labels_for_pr,
82
+ work_item
83
83
  )
84
84
  end
85
85
 
@@ -7,6 +7,7 @@ require "dependabot/pull_request_creator"
7
7
  require "dependabot/pull_request_creator/commit_signer"
8
8
  module Dependabot
9
9
  class PullRequestCreator
10
+ # rubocop:disable Metrics/ClassLength
10
11
  class Github
11
12
  attr_reader :source, :branch_name, :base_commit, :credentials,
12
13
  :files, :pr_description, :pr_name, :commit_message,
@@ -41,7 +42,7 @@ module Dependabot
41
42
  return if require_up_to_date_base? && !base_commit_is_up_to_date?
42
43
 
43
44
  create_annotated_pull_request
44
- rescue Octokit::Error => e
45
+ rescue AnnotationError, Octokit::Error => e
45
46
  handle_error(e)
46
47
  end
47
48
 
@@ -111,7 +112,11 @@ module Dependabot
111
112
  pull_request = create_pull_request
112
113
  return unless pull_request
113
114
 
114
- annotate_pull_request(pull_request)
115
+ begin
116
+ annotate_pull_request(pull_request)
117
+ rescue StandardError => e
118
+ raise AnnotationError.new(e, pull_request)
119
+ end
115
120
 
116
121
  pull_request
117
122
  end
@@ -417,24 +422,49 @@ module Dependabot
417
422
  end
418
423
 
419
424
  def handle_error(err)
420
- case err
425
+ cause = case err
426
+ when AnnotationError
427
+ err.cause
428
+ else
429
+ err
430
+ end
431
+
432
+ case cause
421
433
  when Octokit::Forbidden
422
- raise RepoDisabled, err.message if err.message.include?("disabled")
423
- raise RepoArchived, err.message if err.message.include?("archived")
434
+ if err.message.include?("disabled")
435
+ raise_custom_error err, RepoDisabled, err.message
436
+ elsif err.message.include?("archived")
437
+ raise_custom_error err, RepoArchived, err.message
438
+ end
424
439
 
425
440
  raise err
426
441
  when Octokit::NotFound
427
442
  raise err if repo_exists?
428
443
 
429
- raise RepoNotFound, err.message
444
+ raise_custom_error err, RepoNotFound, err.message
430
445
  when Octokit::UnprocessableEntity
431
- raise err unless err.message.include?("no history in common")
446
+ if err.message.include?("no history in common")
447
+ raise_custom_error err, NoHistoryInCommon, err.message
448
+ end
432
449
 
433
- raise NoHistoryInCommon, err.message
450
+ raise err
434
451
  else
435
452
  raise err
436
453
  end
437
454
  end
455
+
456
+ def raise_custom_error(base_err, type, message)
457
+ case base_err
458
+ when AnnotationError
459
+ raise AnnotationError.new(
460
+ type.new(message),
461
+ base_err.pull_request
462
+ )
463
+ else
464
+ raise type, message
465
+ end
466
+ end
438
467
  end
468
+ # rubocop:enable Metrics/ClassLength
439
469
  end
440
470
  end
@@ -323,10 +323,30 @@ module Dependabot
323
323
  ).to_s
324
324
  end
325
325
 
326
+ def changelog_url(dependency)
327
+ metadata_finder(dependency).changelog_url
328
+ end
329
+
330
+ def commits_url(dependency)
331
+ metadata_finder(dependency).commits_url
332
+ end
333
+
334
+ def homepage_url(dependency)
335
+ metadata_finder(dependency).homepage_url
336
+ end
337
+
338
+ def releases_url(dependency)
339
+ metadata_finder(dependency).releases_url
340
+ end
341
+
326
342
  def source_url(dependency)
327
343
  metadata_finder(dependency).source_url
328
344
  end
329
345
 
346
+ def upgrade_url(dependency)
347
+ metadata_finder(dependency).upgrade_guide_url
348
+ end
349
+
330
350
  def metadata_finder(dependency)
331
351
  @metadata_finder ||= {}
332
352
  @metadata_finder[dependency.name] ||=
@@ -65,16 +65,7 @@ module Dependabot
65
65
 
66
66
  msg = "*Sourced from [#{dependency.display_name}'s releases]"\
67
67
  "(#{releases_url}).*\n\n"
68
- msg +=
69
- begin
70
- release_note_lines = releases_text.split("\n").first(50)
71
- release_note_lines =
72
- release_note_lines.map { |line| "> #{line}\n" }
73
- if release_note_lines.count == 50
74
- release_note_lines << truncated_line
75
- end
76
- release_note_lines.join
77
- end
68
+ msg += quote_and_truncate(releases_text)
78
69
  msg = link_issues(text: msg)
79
70
  msg = fix_relative_links(
80
71
  text: msg,
@@ -92,13 +83,7 @@ module Dependabot
92
83
  msg = "*Sourced from "\
93
84
  "[#{dependency.display_name}'s changelog]"\
94
85
  "(#{changelog_url}).*\n\n"
95
- msg +=
96
- begin
97
- changelog_lines = changelog_text.split("\n").first(50)
98
- changelog_lines = changelog_lines.map { |line| "> #{line}\n" }
99
- changelog_lines << truncated_line if changelog_lines.count == 50
100
- changelog_lines.join
101
- end
86
+ msg += quote_and_truncate(changelog_text)
102
87
  msg = link_issues(text: msg)
103
88
  msg = fix_relative_links(text: msg, base_url: changelog_url)
104
89
  msg = sanitize_template_tags(msg)
@@ -113,13 +98,7 @@ module Dependabot
113
98
  msg = "*Sourced from "\
114
99
  "[#{dependency.display_name}'s upgrade guide]"\
115
100
  "(#{upgrade_guide_url}).*\n\n"
116
- msg +=
117
- begin
118
- upgrade_lines = upgrade_guide_text.split("\n").first(50)
119
- upgrade_lines = upgrade_lines.map { |line| "> #{line}\n" }
120
- upgrade_lines << truncated_line if upgrade_lines.count == 50
121
- upgrade_lines.join
122
- end
101
+ msg += quote_and_truncate(upgrade_guide_text)
123
102
  msg = link_issues(text: msg)
124
103
  msg = fix_relative_links(text: msg, base_url: upgrade_guide_url)
125
104
  msg = sanitize_template_tags(msg)
@@ -245,6 +224,14 @@ module Dependabot
245
224
  end
246
225
  end
247
226
 
227
+ def quote_and_truncate(text, limit: 50)
228
+ lines = text.split("\n")
229
+ lines.first(limit).tap do |limited_lines|
230
+ limited_lines.map! { |line| "> #{line}\n" }
231
+ limited_lines << truncated_line if lines.count > limit
232
+ end.join
233
+ end
234
+
248
235
  def truncated_line
249
236
  # Tables can spill out of truncated details, so we close them
250
237
  "></tr></table> \n ... (truncated)\n"
@@ -8,11 +8,17 @@ require "digest"
8
8
  require "open3"
9
9
  require "shellwords"
10
10
 
11
+ require "dependabot/version"
12
+
11
13
  module Dependabot
12
14
  module SharedHelpers
13
15
  BUMP_TMP_FILE_PREFIX = "dependabot_"
14
16
  BUMP_TMP_DIR_PATH = "tmp"
15
17
  GIT_CONFIG_GLOBAL_PATH = File.expand_path("~/.gitconfig")
18
+ USER_AGENT = "dependabot-core/#{Dependabot::VERSION} "\
19
+ "#{Excon::USER_AGENT} ruby/#{RUBY_VERSION} "\
20
+ "(#{RUBY_PLATFORM}) "\
21
+ "(+https://github.com/dependabot/dependabot-core)"
16
22
 
17
23
  class ChildProcessFailed < StandardError
18
24
  attr_reader :error_class, :error_message, :error_backtrace
@@ -138,14 +144,24 @@ module Dependabot
138
144
  [Excon::Middleware::RedirectFollower]
139
145
  end
140
146
 
141
- def self.excon_defaults
147
+ def self.excon_headers(headers = nil)
148
+ headers ||= {}
149
+ {
150
+ "User-Agent" => USER_AGENT
151
+ }.merge(headers)
152
+ end
153
+
154
+ def self.excon_defaults(options = nil)
155
+ options ||= {}
156
+ headers = options.delete(:headers)
142
157
  {
143
158
  connect_timeout: 5,
144
159
  write_timeout: 5,
145
160
  read_timeout: 20,
146
161
  omit_default_port: true,
147
- middlewares: excon_middleware
148
- }
162
+ middlewares: excon_middleware,
163
+ headers: excon_headers(headers)
164
+ }.merge(options)
149
165
  end
150
166
 
151
167
  def self.with_git_configured(credentials:)
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Dependabot
4
- VERSION = "0.119.5"
4
+ VERSION = "0.120.3"
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.119.5
4
+ version: 0.120.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-09-21 00:00:00.000000000 Z
11
+ date: 2020-09-28 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-codecommit
@@ -292,14 +292,14 @@ dependencies:
292
292
  requirements:
293
293
  - - "~>"
294
294
  - !ruby/object:Gem::Version
295
- version: 0.90.0
295
+ version: 0.91.0
296
296
  type: :development
297
297
  prerelease: false
298
298
  version_requirements: !ruby/object:Gem::Requirement
299
299
  requirements:
300
300
  - - "~>"
301
301
  - !ruby/object:Gem::Version
302
- version: 0.90.0
302
+ version: 0.91.0
303
303
  - !ruby/object:Gem::Dependency
304
304
  name: vcr
305
305
  requirement: !ruby/object:Gem::Requirement