dependabot-common 0.129.0 → 0.129.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2aad47f438d1d29c9df39dc471c2acac25431693903e4b433d4cad6e9bdbfcb9
-  data.tar.gz: fd64c94c99f99c8ee0d759f6987ab32aebeb76e299f9a82a50062d0b560ec46c
+  metadata.gz: a1d1cc2bd77777e93b8fca08afc74d928b5411d1fe7a0ecd3f49816af62a35de
+  data.tar.gz: 319321fda5a8194d1cd8901dff4e92ce6bf4658890b73adf4f433ad54dc8963e
 SHA512:
-  metadata.gz: fec4b20261eb3780f58719427892bd9b3a6b2105c5e51a7b99a949d07f23b6de942ea747da379cc03c30cf4a57d6bdcac2c0c3544edb713d022789672e2c9a47
-  data.tar.gz: 3c484b2152ef03bae5b890401a91bd3d3029ffdf145ad868405044f7db50a4ff56ccc4a12adbf614427b089a8b3aa60dcbab30bf8b08b5fdf64e72b1c8140ab0
+  metadata.gz: '028485e8e53d49096323a661e50331ba6f5a0775117e3b89732b873d5d77c7852151c58d3a43e6ca9bf731c9ef9826a2d5fe30e68116b60a335204ab5dfc6d29'
+  data.tar.gz: 4af2596e05a71ac35f8b0bbe331b485a3297ecf1ea16d5c970aacc0660cf45c5a07d665d96c641089ae10619899bc815b44b523156962a8db13bf1601ea307d5

data/lib/dependabot/clients/azure.rb

@@ -8,6 +8,14 @@ module Dependabot
     class Azure
       class NotFound < StandardError; end
 
+      class InternalServerError < StandardError; end
+
+      class ServiceNotAvailable < StandardError; end
+
+      class BadGateway < StandardError; end
+
+      RETRYABLE_ERRORS = [InternalServerError, BadGateway, ServiceNotAvailable].freeze
+
       MAX_PR_DESCRIPTION_LENGTH = 3999
 
       #######################
@@ -27,10 +35,11 @@ module Dependabot
       # Client #
       ##########
 
-      def initialize(source, credentials)
+      def initialize(source, credentials, max_retries: 3)
         @source = source
         @credentials = credentials
         @auth_header = auth_header_for(credentials&.fetch("token", nil))
+        @max_retries = max_retries || 3
       end
 
       def fetch_commit(_repo, branch)
@@ -175,15 +184,24 @@ module Dependabot
       # rubocop:enable Metrics/ParameterLists
 
       def get(url)
-        response = Excon.get(
-          url,
-          user: credentials&.fetch("username", nil),
-          password: credentials&.fetch("password", nil),
-          idempotent: true,
-          **SharedHelpers.excon_defaults(
-            headers: auth_header
+        response = nil
+
+        retry_connection_failures do
+          response = Excon.get(
+            url,
+            user: credentials&.fetch("username", nil),
+            password: credentials&.fetch("password", nil),
+            idempotent: true,
+            **SharedHelpers.excon_defaults(
+              headers: auth_header
+            )
           )
-        )
+
+          raise InternalServerError if response.status == 500
+          raise BadGateway if response.status == 502
+          raise ServiceNotAvailable if response.status == 503
+        end
+
         raise NotFound if response.status == 404
 
         response
@@ -211,6 +229,17 @@ module Dependabot
 
       private
 
+      def retry_connection_failures
+        retry_attempt = 0
+
+        begin
+          yield
+        rescue *RETRYABLE_ERRORS
+          retry_attempt += 1
+          retry_attempt <= @max_retries ? retry : raise
+        end
+      end
+
       def auth_header_for(token)
         return {} unless token
 

data/lib/dependabot/clients/bitbucket.rb

@@ -12,12 +12,26 @@ module Dependabot
 
       class Forbidden < StandardError; end
 
+      #######################
+      # Constructor methods #
+      #######################
+
+      def self.for_source(source:, credentials:)
+        credential =
+          credentials.
+          select { |cred| cred["type"] == "git_source" }.
+          find { |cred| cred["host"] == source.hostname }
+
+        new(credentials: credential)
+      end
+
       ##########
       # Client #
       ##########
 
       def initialize(credentials:)
         @credentials = credentials
+        @auth_header = auth_header_for(credentials&.fetch("token", nil))
       end
 
       def fetch_commit(repo, branch)
@@ -52,6 +66,81 @@ module Dependabot
         response.body
       end
 
+      def commits(repo, branch_name = nil)
+        commits_path = "#{repo}/commits/#{branch_name}?pagelen=100"
+        next_page_url = base_url + commits_path
+        paginate({ "next" => next_page_url })
+      end
+
+      def branch(repo, branch_name)
+        branch_path = "#{repo}/refs/branches/#{branch_name}"
+        response = get(base_url + branch_path)
+
+        JSON.parse(response.body)
+      end
+
+      def pull_requests(repo, source_branch, target_branch)
+        pr_path = "#{repo}/pullrequests"
+        # Get pull requests with any status
+        pr_path += "?status=OPEN&status=MERGED&status=DECLINED&status=SUPERSEDED"
+        next_page_url = base_url + pr_path
+        pull_requests = paginate({ "next" => next_page_url })
+
+        pull_requests unless source_branch && target_branch
+
+        pull_requests.select do |pr|
+          pr_source_branch = pr.fetch("source").fetch("branch").fetch("name")
+          pr_target_branch = pr.fetch("destination").fetch("branch").fetch("name")
+          pr_source_branch == source_branch && pr_target_branch == target_branch
+        end
+      end
+
+      # rubocop:disable Metrics/ParameterLists
+      def create_commit(repo, branch_name, base_commit, commit_message, files,
+                        author_details)
+        parameters = {
+          message: commit_message, # TODO: Format markup in commit message
+          author: "#{author_details.fetch(:name)} <#{author_details.fetch(:email)}>",
+          parents: base_commit,
+          branch: branch_name
+        }
+
+        files.each do |file|
+          absolute_path = file.name.start_with?("/") ? file.name : "/" + file.name
+          parameters[absolute_path] = file.content
+        end
+
+        body = encode_form_parameters(parameters)
+
+        commit_path = "#{repo}/src"
+        post(base_url + commit_path, body, "application/x-www-form-urlencoded")
+      end
+      # rubocop:enable Metrics/ParameterLists
+
+      # rubocop:disable Metrics/ParameterLists
+      def create_pull_request(repo, pr_name, source_branch, target_branch,
+                              pr_description, _labels, _work_item = nil)
+        content = {
+          title: pr_name,
+          source: {
+            branch: {
+              name: source_branch
+            }
+          },
+          destination: {
+            branch: {
+              name: target_branch
+            }
+          },
+          description: pr_description,
+          close_source_branch: true
+        }
+
+        pr_path = "#{repo}/pullrequests"
+        post(base_url + pr_path, content.to_json)
+      end
+      # rubocop:enable Metrics/ParameterLists
+
       def tags(repo)
         path = "#{repo}/refs/tags?pagelen=100"
         response = get(base_url + path)
@@ -72,7 +161,9 @@ module Dependabot
           user: credentials&.fetch("username", nil),
           password: credentials&.fetch("password", nil),
           idempotent: true,
-          **Dependabot::SharedHelpers.excon_defaults
+          **Dependabot::SharedHelpers.excon_defaults(
+            headers: auth_header
+          )
         )
         raise Unauthorized if response.status == 401
         raise Forbidden if response.status == 403
@@ -87,8 +178,68 @@ module Dependabot
         response
       end
 
+      def post(url, body, content_type = "application/json")
+        response = Excon.post(
+          url,
+          body: body,
+          user: credentials&.fetch("username", nil),
+          password: credentials&.fetch("password", nil),
+          idempotent: false,
+          **SharedHelpers.excon_defaults(
+            headers: auth_header.merge(
+              {
+                "Content-Type" => content_type
+              }
+            )
+          )
+        )
+        raise Unauthorized if response.status == 401
+        raise Forbidden if response.status == 403
+        raise NotFound if response.status == 404
+
+        response
+      end
+
       private
 
+      def auth_header_for(token)
+        return {} unless token
+
+        { "Authorization" => "Bearer #{token}" }
+      end
+
+      def encode_form_parameters(parameters)
+        parameters.map do |key, value|
+          URI.encode_www_form_component(key.to_s) + "=" + URI.encode_www_form_component(value.to_s)
+        end.join("&")
+      end
+
+      # Takes a hash with optional `values` and `next` fields
+      # Returns an enumerator.
+      #
+      # Can be used a few ways:
+      # With GET:
+      #     paginate ({"next" => url})
+      # or
+      #     paginate(JSON.parse(get(url).body))
+      #
+      # With POST (for endpoints that provide POST methods for long query parameters)
+      #     response = post(url, body)
+      #     first_page = JSON.parse(repsonse.body)
+      #     paginate(first_page)
+      def paginate(page)
+        Enumerator.new do |yielder|
+          loop do
+            page.fetch("values", []).each { |value| yielder << value }
+            break unless page.key?("next")
+
+            next_page_url = page.fetch("next")
+            page = JSON.parse(get(next_page_url).body)
+          end
+        end
+      end
+
+      attr_reader :auth_header
       attr_reader :credentials
 
       def base_url

data/lib/dependabot/errors.rb

@@ -1,24 +1,45 @@
 # frozen_string_literal: true
 
-require "dependabot/shared_helpers"
+require "dependabot/utils"
 
 module Dependabot
   class DependabotError < StandardError
-    def initialize(msg = nil)
-      msg = sanitize_message(msg)
-      super(msg)
+    BASIC_AUTH_REGEX = %r{://(?<auth>[^:]*:[^@%\s]+(@|%40))}.freeze
+    # Remove any path segment from fury.io sources
+    FURY_IO_PATH_REGEX = %r{fury\.io/(?<path>.+)}.freeze
+
+    def initialize(message = nil)
+      super(sanitize_message(message))
     end
 
     private
 
     def sanitize_message(message)
-      return unless message
+      return message unless message.is_a?(String)
 
       path_regex =
-        Regexp.escape(SharedHelpers::BUMP_TMP_DIR_PATH) + "\/" +
-        Regexp.escape(SharedHelpers::BUMP_TMP_FILE_PREFIX) + "[^/]*"
+        Regexp.escape(Utils::BUMP_TMP_DIR_PATH) + "\/" +
+        Regexp.escape(Utils::BUMP_TMP_FILE_PREFIX) + "[a-zA-Z0-9-]*"
+
+      message = message.gsub(/#{path_regex}/, "dependabot_tmp_dir").strip
+      filter_sensitive_data(message)
+    end
+
+    def filter_sensitive_data(message)
+      replace_capture_groups(message, BASIC_AUTH_REGEX, "")
+    end
+
+    def sanitize_source(source)
+      source = filter_sensitive_data(source)
+      replace_capture_groups(source, FURY_IO_PATH_REGEX, "<redacted>")
+    end
+
+    def replace_capture_groups(string, regex, replacement)
+      return string unless string.is_a?(String)
 
-      message.gsub(/#{path_regex}/, "dependabot_tmp_dir")
+      string.scan(regex).flatten.compact.reduce(string) do |original_msg, match|
+        original_msg.gsub(match, replacement)
+      end
     end
   end
 
@@ -35,7 +56,6 @@ module Dependabot
 
     def initialize(branch_name, msg = nil)
       @branch_name = branch_name
-      msg = sanitize_message(msg)
       super(msg)
     end
   end
@@ -101,10 +121,10 @@ module Dependabot
     attr_reader :source
 
     def initialize(source)
-      @source = source.gsub(%r{(?<=\.fury\.io)/[A-Za-z0-9]{20}(?=/)}, "")
+      @source = sanitize_source(source)
       msg = "The following source could not be reached as it requires "\
             "authentication (and any provided details were invalid or lacked "\
-            "the required permissions): #{source}"
+            "the required permissions): #{@source}"
       super(msg)
     end
   end
@@ -113,8 +133,8 @@ module Dependabot
     attr_reader :source
 
     def initialize(source)
-      @source = source.gsub(%r{(?<=\.fury\.io)/[A-Za-z0-9]{20}(?=/)}, "")
-      super("The following source timed out: #{source}")
+      @source = sanitize_source(source)
+      super("The following source timed out: #{@source}")
     end
   end
 
@@ -122,8 +142,8 @@ module Dependabot
     attr_reader :source
 
     def initialize(source)
-      @source = source.gsub(%r{(?<=\.fury\.io)/[A-Za-z0-9]{20}(?=/)}, "")
-      super("Could not verify the SSL certificate for #{source}")
+      @source = sanitize_source(source)
+      super("Could not verify the SSL certificate for #{@source}")
     end
   end
 
@@ -132,7 +152,7 @@ module Dependabot
 
     def initialize(environment_variable)
       @environment_variable = environment_variable
-      super("Missing environment variable #{environment_variable}")
+      super("Missing environment variable #{@environment_variable}")
     end
   end
 
@@ -149,10 +169,10 @@ module Dependabot
 
     def initialize(*dependency_urls)
       @dependency_urls =
-        dependency_urls.flatten.map { |uri| uri.gsub(/x-access-token.*?@/, "") }
+        dependency_urls.flatten.map { |uri| filter_sensitive_data(uri) }
 
       msg = "The following git URLs could not be retrieved: "\
-            "#{dependency_urls.join(', ')}"
+            "#{@dependency_urls.join(', ')}"
       super(msg)
     end
   end
@@ -163,7 +183,7 @@ module Dependabot
     def initialize(dependency)
       @dependency = dependency
 
-      msg = "The branch or reference specified for #{dependency} could not "\
+      msg = "The branch or reference specified for #{@dependency} could not "\
             "be retrieved"
       super(msg)
     end
@@ -175,7 +195,7 @@ module Dependabot
     def initialize(*dependencies)
       @dependencies = dependencies.flatten
       msg = "The following path based dependencies could not be retrieved: "\
-            "#{dependencies.join(', ')}"
+            "#{@dependencies.join(', ')}"
       super(msg)
     end
   end
@@ -188,8 +208,8 @@ module Dependabot
       @declared_path = declared_path
       @discovered_path = discovered_path
 
-      msg = "The module path '#{declared_path}' found in #{go_mod} doesn't "\
-            "match the actual path '#{discovered_path}' in the dependency's "\
+      msg = "The module path '#{@declared_path}' found in #{@go_mod} doesn't "\
+            "match the actual path '#{@discovered_path}' in the dependency's "\
             "go.mod"
       super(msg)
     end

data/lib/dependabot/pull_request_creator.rb

@@ -5,6 +5,7 @@ require "dependabot/metadata_finders"
 module Dependabot
   class PullRequestCreator
     require "dependabot/pull_request_creator/azure"
+    require "dependabot/pull_request_creator/bitbucket"
     require "dependabot/pull_request_creator/codecommit"
     require "dependabot/pull_request_creator/github"
     require "dependabot/pull_request_creator/gitlab"
@@ -88,6 +89,7 @@ module Dependabot
       when "github" then github_creator.create
       when "gitlab" then gitlab_creator.create
       when "azure" then azure_creator.create
+      when "bitbucket" then bitbucket_creator.create
       when "codecommit" then codecommit_creator.create
       else raise "Unsupported provider #{source.provider}"
       end
@@ -162,6 +164,22 @@ module Dependabot
       )
     end
 
+    def bitbucket_creator
+      Bitbucket.new(
+        source: source,
+        branch_name: branch_namer.new_branch_name,
+        base_commit: base_commit,
+        credentials: credentials,
+        files: files,
+        commit_message: message_builder.commit_message,
+        pr_description: message_builder.pr_message,
+        pr_name: message_builder.pr_name,
+        author_details: author_details,
+        labeler: labeler,
+        work_item: provider_metadata&.fetch(:work_item, nil)
+      )
+    end
+
     def codecommit_creator
       Codecommit.new(
         source: source,

data/lib/dependabot/pull_request_creator/bitbucket.rb

@@ -0,0 +1,96 @@
+# frozen_string_literal: true
+
+require "dependabot/clients/bitbucket"
+require "dependabot/pull_request_creator"
+
+module Dependabot
+  class PullRequestCreator
+    class Bitbucket
+      attr_reader :source, :branch_name, :base_commit, :credentials,
+                  :files, :commit_message, :pr_description, :pr_name,
+                  :author_details, :labeler, :work_item
+
+      def initialize(source:, branch_name:, base_commit:, credentials:,
+                     files:, commit_message:, pr_description:, pr_name:,
+                     author_details:, labeler: nil, work_item: nil)
+        @source         = source
+        @branch_name    = branch_name
+        @base_commit    = base_commit
+        @credentials    = credentials
+        @files          = files
+        @commit_message = commit_message
+        @pr_description = pr_description
+        @pr_name        = pr_name
+        @author_details = author_details
+        @labeler        = labeler
+        @work_item      = work_item
+      end
+
+      def create
+        return if branch_exists? && pull_request_exists?
+
+        # FIXME: Copied from Azure, but not verified whether this is true
+        # For Bitbucket we create or update a branch in the same request as creating
+        # a commit (so we don't need create or update branch logic here)
+        create_commit
+
+        create_pull_request
+      end
+
+      private
+
+      def bitbucket_client_for_source
+        @bitbucket_client_for_source ||=
+          Dependabot::Clients::Bitbucket.for_source(
+            source: source,
+            credentials: credentials
+          )
+      end
+
+      def branch_exists?
+        bitbucket_client_for_source.branch(source.repo, branch_name)
+      rescue Clients::Bitbucket::NotFound
+        false
+      end
+
+      def pull_request_exists?
+        bitbucket_client_for_source.pull_requests(
+          source.repo,
+          branch_name,
+          source.branch || default_branch
+        ).any?
+      end
+
+      def create_commit
+        author = author_details&.slice(:name, :email)
+        author = nil unless author&.any?
+
+        bitbucket_client_for_source.create_commit(
+          source.repo,
+          branch_name,
+          base_commit,
+          commit_message,
+          files,
+          author
+        )
+      end
+
+      def create_pull_request
+        bitbucket_client_for_source.create_pull_request(
+          source.repo,
+          pr_name,
+          branch_name,
+          source.branch || default_branch,
+          pr_description,
+          labeler&.labels_for_pr,
+          work_item
+        )
+      end
+
+      def default_branch
+        @default_branch ||=
+          bitbucket_client_for_source.fetch_default_branch(source.repo)
+      end
+    end
+  end
+end

data/lib/dependabot/pull_request_creator/pr_name_prefixer.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require "dependabot/clients/azure"
+require "dependabot/clients/bitbucket"
 require "dependabot/clients/codecommit"
 require "dependabot/clients/github_with_retries"
 require "dependabot/clients/gitlab_with_retries"
@@ -264,6 +265,7 @@ module Dependabot
         when "github" then recent_github_commit_messages
         when "gitlab" then recent_gitlab_commit_messages
         when "azure" then recent_azure_commit_messages
+        when "bitbucket" then recent_bitbucket_commit_messages
         when "codecommit" then recent_codecommit_commit_messages
         else raise "Unsupported provider: #{source.provider}"
         end
@@ -307,6 +309,18 @@ module Dependabot
           map(&:strip)
       end
 
+      def recent_bitbucket_commit_messages
+        @recent_bitbucket_commit_messages ||=
+          bitbucket_client_for_source.commits(source.repo)
+
+        @recent_bitbucket_commit_messages.
+          reject { |c| bitbucket_commit_author_email(c) == dependabot_email }.
+          map { |c| c.fetch("message", nil) }.
+          compact.
+          reject { |m| m.start_with?("Merge") }.
+          map(&:strip)
+      end
+
       def recent_codecommit_commit_messages
         @recent_codecommit_commit_messages ||=
           codecommit_client_for_source.commits
@@ -324,6 +338,7 @@ module Dependabot
           when "github" then last_github_dependabot_commit_message
           when "gitlab" then last_gitlab_dependabot_commit_message
           when "azure" then last_azure_dependabot_commit_message
+          when "bitbucket" then last_bitbucket_dependabot_commit_message
           when "codecommit" then last_codecommit_dependabot_commit_message
           else raise "Unsupported provider: #{source.provider}"
           end
@@ -365,6 +380,16 @@ module Dependabot
           strip
       end
 
+      def last_bitbucket_dependabot_commit_message
+        @recent_bitbucket_commit_messages ||=
+          bitbucket_client_for_source.commits(source.repo)
+
+        @recent_bitbucket_commit_messages.
+          find { |c| bitbucket_commit_author_email(c) == dependabot_email }&.
+          fetch("message", nil)&.
+          strip
+      end
+
       def last_codecommit_dependabot_commit_message
         @recent_codecommit_commit_messages ||=
           codecommit_client_for_source.commits(source.repo)
@@ -379,6 +404,11 @@ module Dependabot
         commit.fetch("author").fetch("email", "")
       end
 
+      def bitbucket_commit_author_email(commit)
+        matches = commit.fetch("author").fetch("raw").match(/<(.*)>/)
+        matches ? matches[1] : ""
+      end
+
       def github_client_for_source
         @github_client_for_source ||=
           Dependabot::Clients::GithubWithRetries.for_source(
@@ -403,6 +433,14 @@ module Dependabot
           )
       end
 
+      def bitbucket_client_for_source
+        @bitbucket_client_for_source ||=
+          Dependabot::Clients::Bitbucket.for_source(
+            source: source,
+            credentials: credentials
+          )
+      end
+
       def codecommit_client_for_source
         @codecommit_client_for_source ||=
           Dependabot::Clients::CodeCommit.for_source(

data/lib/dependabot/shared_helpers.rb

@@ -8,12 +8,12 @@ require "digest"
 require "open3"
 require "shellwords"
 
+require "dependabot/utils"
+require "dependabot/errors"
 require "dependabot/version"
 
 module Dependabot
   module SharedHelpers
-    BUMP_TMP_FILE_PREFIX = "dependabot_"
-    BUMP_TMP_DIR_PATH = "tmp"
     GIT_CONFIG_GLOBAL_PATH = File.expand_path("~/.gitconfig")
     USER_AGENT = "dependabot-core/#{Dependabot::VERSION} "\
                  "#{Excon::USER_AGENT} ruby/#{RUBY_VERSION} "\
@@ -21,21 +21,6 @@ module Dependabot
                  "(+https://github.com/dependabot/dependabot-core)"
     SIGKILL = 9
 
-    class ChildProcessFailed < StandardError
-      attr_reader :error_class, :error_message, :error_backtrace
-
-      def initialize(error_class:, error_message:, error_backtrace:)
-        @error_class = error_class
-        @error_message = error_message
-        @error_backtrace = error_backtrace
-
-        msg = "Child process raised #{error_class} with message: "\
-              "#{error_message}"
-        super(msg)
-        set_backtrace(error_backtrace)
-      end
-    end
-
     def self.in_a_temporary_repo_directory(directory = "/",
                                            repo_contents_path = nil,
                                            &block)
@@ -53,15 +38,15 @@ module Dependabot
     end
 
     def self.in_a_temporary_directory(directory = "/")
-      Dir.mkdir(BUMP_TMP_DIR_PATH) unless Dir.exist?(BUMP_TMP_DIR_PATH)
-      Dir.mktmpdir(BUMP_TMP_FILE_PREFIX, BUMP_TMP_DIR_PATH) do |dir|
+      Dir.mkdir(Utils::BUMP_TMP_DIR_PATH) unless Dir.exist?(Utils::BUMP_TMP_DIR_PATH)
+      Dir.mktmpdir(Utils::BUMP_TMP_FILE_PREFIX, Utils::BUMP_TMP_DIR_PATH) do |dir|
         path = Pathname.new(File.join(dir, directory)).expand_path
         FileUtils.mkpath(path)
         Dir.chdir(path) { yield(path) }
       end
     end
 
-    class HelperSubprocessFailed < StandardError
+    class HelperSubprocessFailed < Dependabot::DependabotError
       attr_reader :error_class, :error_context, :trace
 
       def initialize(message:, error_context:, error_class: nil, trace: nil)

data/lib/dependabot/utils.rb

@@ -4,6 +4,9 @@
 #       dependabot-core.
 module Dependabot
   module Utils
+    BUMP_TMP_FILE_PREFIX = "dependabot_"
+    BUMP_TMP_DIR_PATH = "tmp"
+
     @version_classes = {}
 
     def self.version_class_for_package_manager(package_manager)

data/lib/dependabot/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Dependabot
-  VERSION = "0.129.0"
+  VERSION = "0.129.5"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-common
 version: !ruby/object:Gem::Version
-  version: 0.129.0
+  version: 0.129.5
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-12-15 00:00:00.000000000 Z
+date: 2021-01-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-codecommit
@@ -168,34 +168,26 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '2.0'
-- !ruby/object:Gem::Dependency
-  name: parseconfig
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.0'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.0'
 - !ruby/object:Gem::Dependency
   name: parser
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '2.5'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '4.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '2.5'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '4.0'
 - !ruby/object:Gem::Dependency
   name: toml-rb
   requirement: !ruby/object:Gem::Requirement
@@ -292,28 +284,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.6.0
+        version: 1.7.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.6.0
+        version: 1.7.0
 - !ruby/object:Gem::Dependency
   name: simplecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.20.0
+        version: 0.21.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.20.0
+        version: 0.21.0
 - !ruby/object:Gem::Dependency
   name: simplecov-console
   requirement: !ruby/object:Gem::Requirement
@@ -396,6 +388,7 @@ files:
 - lib/dependabot/metadata_finders/base/release_finder.rb
 - lib/dependabot/pull_request_creator.rb
 - lib/dependabot/pull_request_creator/azure.rb
+- lib/dependabot/pull_request_creator/bitbucket.rb
 - lib/dependabot/pull_request_creator/branch_namer.rb
 - lib/dependabot/pull_request_creator/codecommit.rb
 - lib/dependabot/pull_request_creator/commit_signer.rb