dependabot-common 0.120.5 → 0.123.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2ab02aa6eb8de11dcba65e1e52b1dc5e83517d61d3891d40b76fcc3b5cd54db6
-  data.tar.gz: 26a951f38732e3993fd2fc3f83c2463cf792ef51dd3a9895d8eb0b6c8abcda3d
+  metadata.gz: 103a0b99bbafd483f6b638fabd7aeb5276a4d59794869a42ee7e4d64381b592d
+  data.tar.gz: 419bfa957b475a720c7d469899f1f5ca473e15a2779534d9dc33f10b9d8dd90c
 SHA512:
-  metadata.gz: '09593dbc78bd211b718941c2c70455823d4038647084e5d3e4b56be7f036d8126af40b8a6900ee8193f8a865790615d111489466975c099d9297c66bc09c0cb6'
-  data.tar.gz: e1efed34b73df2126d997ec59ee92edf50fef5baa1313018aabd81b1f3c67f0cea1bc67a6b2507b24164862158e60b683b003f6df241ebde0da9797048e2f276
+  metadata.gz: 1385b30618626289217bebead094c165ca50bb62ff6e26d805fc52200a64e8e4b7f447cc2959a6d9aa6f863dae73a68b66a34d1f9ce82c8ab256c70c23126b72
+  data.tar.gz: 9d09fbff160f5301a4ea22cdcb6150dc1d87e3a01e8cc316a97ecfa629655a49e2d59b069196d5a923d1076de1992fd3dbb181bd27614835f3ebd787de9184c3

data/lib/dependabot/file_updaters/base.rb

@@ -4,18 +4,19 @@ module Dependabot
   module FileUpdaters
     class Base
       attr_reader :dependencies, :dependency_files, :repo_contents_path,
-                  :credentials
+                  :credentials, :options
 
       def self.updated_files_regex
         raise NotImplementedError
       end
 
       def initialize(dependencies:, dependency_files:, repo_contents_path: nil,
-                     credentials:)
+                     credentials:, options: {})
         @dependencies = dependencies
         @dependency_files = dependency_files
         @repo_contents_path = repo_contents_path
         @credentials = credentials
+        @options = options
 
         check_required_files
       end

data/lib/dependabot/file_updaters/vendor_updater.rb

@@ -0,0 +1,60 @@
+# frozen_string_literal: true
+
+require "dependabot/dependency_file"
+
+module Dependabot
+  module FileUpdaters
+    class VendorUpdater
+      def initialize(repo_contents_path:, vendor_dir:)
+        @repo_contents_path = repo_contents_path
+        @vendor_dir = vendor_dir
+      end
+
+      # Returns changed files in the vendor/cache folder
+      #
+      # @param base_directory [String] Update config base directory
+      # @return [Array<Dependabot::DependencyFile>]
+      def updated_vendor_cache_files(base_directory:)
+        return [] unless repo_contents_path && vendor_dir
+
+        Dir.chdir(repo_contents_path) do
+          relative_dir = vendor_dir.sub("#{repo_contents_path}/", "")
+          status = SharedHelpers.run_shell_command(
+            "git status --untracked-files=all --porcelain=v1 #{relative_dir}"
+          )
+          changed_paths = status.split("\n").map { |l| l.split(" ") }
+          changed_paths.map do |type, path|
+            deleted = type == "D"
+            encoding = ""
+            encoded_content = File.read(path) unless deleted
+            if binary_file?(path)
+              encoding = Dependabot::DependencyFile::ContentEncoding::BASE64
+              encoded_content = Base64.encode64(encoded_content) unless deleted
+            end
+            Dependabot::DependencyFile.new(
+              name: path,
+              content: encoded_content,
+              directory: base_directory,
+              deleted: deleted,
+              content_encoding: encoding
+            )
+          end
+        end
+      end
+
+      private
+
+      BINARY_ENCODINGS = %w(application/x-tarbinary binary).freeze
+
+      attr_reader :repo_contents_path, :vendor_dir
+
+      def binary_file?(path)
+        return false unless File.exist?(path)
+
+        encoding = `file -b --mime-encoding #{path}`.strip
+
+        BINARY_ENCODINGS.include?(encoding)
+      end
+    end
+  end
+end

data/lib/dependabot/shared_helpers.rb

@@ -57,34 +57,12 @@ module Dependabot
       end
     end
 
-    def self.in_a_forked_process
-      read, write = IO.pipe
-
-      pid = fork do
-        read.close
-        result = yield
-      rescue Exception => e # rubocop:disable Lint/RescueException
-        result = { _error_details: { error_class: e.class.to_s,
-                                     error_message: e.message,
-                                     error_backtrace: e.backtrace } }
-      ensure
-        Marshal.dump(result, write)
-        exit!(0)
-      end
-
-      write.close
-      result = read.read
-      Process.wait(pid)
-      result = Marshal.load(result) # rubocop:disable Security/MarshalLoad
-
-      return result unless result.is_a?(Hash) && result[:_error_details]
-
-      raise ChildProcessFailed, result[:_error_details]
-    end
-
     class HelperSubprocessFailed < StandardError
-      def initialize(message:, error_context:)
+      attr_reader :error_class, :error_context
+
+      def initialize(message:, error_context:, error_class: nil)
         super(message)
+        @error_class = error_class || ""
         @error_context = error_context
         @command = error_context[:command]
       end
@@ -110,6 +88,11 @@ module Dependabot
       stdout, stderr, process = Open3.capture3(*env_cmd, stdin_data: stdin_data)
       time_taken = Time.now - start
 
+      if ENV["DEBUG_HELPERS"] == "true"
+        puts stdout
+        puts stderr
+      end
+
       # Some package managers output useful stuff to stderr instead of stdout so
       # we want to parse this, most package manager will output garbage here so
       # would mess up json response from stdout
@@ -129,11 +112,13 @@ module Dependabot
 
       raise HelperSubprocessFailed.new(
         message: response["error"],
+        error_class: response["error_class"],
         error_context: error_context
       )
     rescue JSON::ParserError
       raise HelperSubprocessFailed.new(
         message: stdout || "No output from command",
+        error_class: "JSON::ParserError",
         error_context: error_context
       )
     end
@@ -173,6 +158,9 @@ module Dependabot
     end
 
     def self.configure_git_to_use_https_with_credentials(credentials)
+      File.open(GIT_CONFIG_GLOBAL_PATH, "w") do |file|
+        file << "# Generated by dependabot/dependabot-core"
+      end
       configure_git_to_use_https
       configure_git_credentials(credentials)
     end
@@ -258,7 +246,10 @@ module Dependabot
     end
 
     def self.reset_global_git_config(backup_path)
-      return if backup_path.nil?
+      if backup_path.nil?
+        FileUtils.rm(GIT_CONFIG_GLOBAL_PATH)
+        return
+      end
       return unless File.exist?(backup_path)
 
       FileUtils.mv(backup_path, GIT_CONFIG_GLOBAL_PATH)

data/lib/dependabot/utils.rb

@@ -29,5 +29,15 @@ module Dependabot
     def self.register_requirement_class(package_manager, requirement_class)
       @requirement_classes[package_manager] = requirement_class
     end
+
+    @cloning_package_managers = Set[]
+
+    def self.always_clone_for_package_manager?(package_manager)
+      @cloning_package_managers.include?(package_manager)
+    end
+
+    def self.register_always_clone(package_manager)
+      @cloning_package_managers << package_manager
+    end
   end
 end

data/lib/dependabot/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Dependabot
-  VERSION = "0.120.5"
+  VERSION = "0.123.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-common
 version: !ruby/object:Gem::Version
-  version: 0.120.5
+  version: 0.123.0
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-10-06 00:00:00.000000000 Z
+date: 2020-10-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-codecommit
@@ -292,14 +292,42 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.92.0
+        version: 0.93.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.92.0
+        version: 0.93.0
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.19.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.19.0
+- !ruby/object:Gem::Dependency
+  name: simplecov-console
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.7.2
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.7.2
 - !ruby/object:Gem::Dependency
   name: vcr
   requirement: !ruby/object:Gem::Requirement
@@ -356,6 +384,7 @@ files:
 - lib/dependabot/file_updaters.rb
 - lib/dependabot/file_updaters/README.md
 - lib/dependabot/file_updaters/base.rb
+- lib/dependabot/file_updaters/vendor_updater.rb
 - lib/dependabot/git_commit_checker.rb
 - lib/dependabot/git_metadata_fetcher.rb
 - lib/dependabot/metadata_finders.rb