dependabot-common 0.137.2 → 0.138.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/errors.rb +2 -0
  3. data/lib/dependabot/file_parsers/base.rb +5 -2
  4. data/lib/dependabot/notifications.rb +17 -0
  5. data/lib/dependabot/pull_request_creator.rb +13 -1
  6. data/lib/dependabot/pull_request_creator/message_builder.rb +1 -1
  7. data/lib/dependabot/update_checkers/base.rb +5 -2
  8. data/lib/dependabot/version.rb +1 -1
  9. metadata +17 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 3ec8ff3a39171dd6fd6758247321b09c5eb27fb06ca0404856d13c5440ad4c1e
4
- data.tar.gz: 1c9eb5eb76f3041a92372c239832ce50db8cec79d6b12bee31bf76cac0835b19
3
+ metadata.gz: 14ae4d91b175345efcbfffe976cf9a20f2277473c583b07f19e6353e9d373300
4
+ data.tar.gz: be979b47ea466aac90dcb8a76700bc55de2bd7097164c8d3a42c22830a8289a0
5
5
  SHA512:
6
- metadata.gz: 6fe9a23d72deef6833e7ab0e4ec0b5fc5200b8dc4906f9d0997df88d4467066cf7ca1c7f1ec9be9196c1c47ef159afa130b103d3bede3e59961a679a688dee50
7
- data.tar.gz: ae59b7253316d77b7b493b1759957eb120b7a45af5588b0944afa7cb70ff1b1b2010cddbc30642e4e1c2a7f24c67ebfc609ef795e3413fb918fd1857bff9bfa8
6
+ metadata.gz: 791f65bf9e7f571729b689deecab539e90d7d4a37dc7a81d98efda97bd8133a0193bc5800155f5b93ecddd352a6ef70f0ab6899c65c5b31c136b62a8c40aded6
7
+ data.tar.gz: df3bb8557fee184c4a45fb53a096db04b3aa59d4cd697dd324d157a2dda983ef95f3d2d6504c439f0d43caafedddf4dd00ec2b17bcc9ca6600a691b149ec393c
data/lib/dependabot/errors.rb CHANGED
@@ -47,6 +47,8 @@ module Dependabot
47
47
 
48
48
  class OutOfMemory < DependabotError; end
49
49
 
50
+ class NotImplemented < DependabotError; end
51
+
50
52
  #####################
51
53
  # Repo level errors #
52
54
  #####################
data/lib/dependabot/file_parsers/base.rb CHANGED
@@ -1,17 +1,20 @@
1
1
  # frozen_string_literal: true
2
2
 
3
+ require "dependabot/notifications"
4
+
3
5
  module Dependabot
4
6
  module FileParsers
5
7
  class Base
6
- attr_reader :dependency_files, :repo_contents_path, :credentials, :source
8
+ attr_reader :dependency_files, :repo_contents_path, :credentials, :source, :options
7
9
 
8
10
  def initialize(dependency_files:, repo_contents_path: nil, source:,
9
- credentials: [], reject_external_code: false)
11
+ credentials: [], reject_external_code: false, options: {})
10
12
  @dependency_files = dependency_files
11
13
  @repo_contents_path = repo_contents_path
12
14
  @credentials = credentials
13
15
  @source = source
14
16
  @reject_external_code = reject_external_code
17
+ @options = options
15
18
 
16
19
  check_required_files
17
20
  end
data/lib/dependabot/notifications.rb ADDED
@@ -0,0 +1,17 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "active_support/notifications"
4
+
5
+ module Dependabot
6
+ module Notifications
7
+ FILE_PARSER_PACKAGE_MANAGER_VERSION_PARSED = "dependabot.file_parser.package_manager_version_parsed"
8
+ end
9
+
10
+ def self.instrument(name, payload = {})
11
+ ActiveSupport::Notifications.instrument(name, payload)
12
+ end
13
+
14
+ def self.subscribe(pattern = nil, callback = nil, &block)
15
+ ActiveSupport::Notifications.subscribe(pattern, callback, &block)
16
+ end
17
+ end
data/lib/dependabot/pull_request_creator.rb CHANGED
@@ -13,6 +13,18 @@ module Dependabot
13
13
  require "dependabot/pull_request_creator/branch_namer"
14
14
  require "dependabot/pull_request_creator/labeler"
15
15
 
16
+ # Dependabot programmatically creates PRs which often include a large
17
+ # number of links to objects on `github.com`. GitHub hydrates these into
18
+ # rich links that leave a 'mention' on target Issues/Pull Requests.
19
+ #
20
+ # Due to the volume and nature of Dependabot PRs, these mentions are not
21
+ # useful and can overwhelm maintainers, so we use a redirection service
22
+ # to avoid enrichment.
23
+ #
24
+ # If you wish to disable this behaviour when using Dependabot Core directly,
25
+ # pass a nil value when initialising this class.
26
+ DEFAULT_GITHUB_REDIRECTION_SERVICE = "github-redirect.dependabot.com"
27
+
16
28
  class RepoNotFound < StandardError; end
17
29
 
18
30
  class RepoArchived < StandardError; end
@@ -46,7 +58,7 @@ module Dependabot
46
58
  reviewers: nil, assignees: nil, milestone: nil,
47
59
  branch_name_separator: "/", branch_name_prefix: "dependabot",
48
60
  label_language: false, automerge_candidate: false,
49
- github_redirection_service: "github-redirect.dependabot.com",
61
+ github_redirection_service: DEFAULT_GITHUB_REDIRECTION_SERVICE,
50
62
  custom_headers: nil, require_up_to_date_base: false,
51
63
  provider_metadata: {}, message: nil)
52
64
  @dependencies = dependencies
data/lib/dependabot/pull_request_creator/message_builder.rb CHANGED
@@ -25,7 +25,7 @@ module Dependabot
25
25
  def initialize(source:, dependencies:, files:, credentials:,
26
26
  pr_message_header: nil, pr_message_footer: nil,
27
27
  commit_message_options: {}, vulnerabilities_fixed: {},
28
- github_redirection_service: nil)
28
+ github_redirection_service:)
29
29
  @dependencies = dependencies
30
30
  @files = files
31
31
  @source = source
data/lib/dependabot/update_checkers/base.rb CHANGED
@@ -9,12 +9,14 @@ module Dependabot
9
9
  class Base
10
10
  attr_reader :dependency, :dependency_files, :repo_contents_path,
11
11
  :credentials, :ignored_versions, :raise_on_ignored,
12
- :security_advisories, :requirements_update_strategy
12
+ :security_advisories, :requirements_update_strategy,
13
+ :options
13
14
 
14
15
  def initialize(dependency:, dependency_files:, repo_contents_path: nil,
15
16
  credentials:, ignored_versions: [],
16
17
  raise_on_ignored: false, security_advisories: [],
17
- requirements_update_strategy: nil)
18
+ requirements_update_strategy: nil,
19
+ options: {})
18
20
  @dependency = dependency
19
21
  @dependency_files = dependency_files
20
22
  @repo_contents_path = repo_contents_path
@@ -23,6 +25,7 @@ module Dependabot
23
25
  @ignored_versions = ignored_versions
24
26
  @raise_on_ignored = raise_on_ignored
25
27
  @security_advisories = security_advisories
28
+ @options = options
26
29
  end
27
30
 
28
31
  def up_to_date?
data/lib/dependabot/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Dependabot
4
- VERSION = "0.137.2"
4
+ VERSION = "0.138.4"
5
5
  end
metadata CHANGED
@@ -1,15 +1,29 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.137.2
4
+ version: 0.138.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-03-16 00:00:00.000000000 Z
11
+ date: 2021-03-25 00:00:00.000000000 Z
12
12
  dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: activesupport
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: 6.0.0
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: 6.0.0
13
27
  - !ruby/object:Gem::Dependency
14
28
  name: aws-sdk-codecommit
15
29
  requirement: !ruby/object:Gem::Requirement
@@ -401,6 +415,7 @@ files:
401
415
  - lib/dependabot/metadata_finders/base/changelog_pruner.rb
402
416
  - lib/dependabot/metadata_finders/base/commits_finder.rb
403
417
  - lib/dependabot/metadata_finders/base/release_finder.rb
418
+ - lib/dependabot/notifications.rb
404
419
  - lib/dependabot/pull_request_creator.rb
405
420
  - lib/dependabot/pull_request_creator/azure.rb
406
421
  - lib/dependabot/pull_request_creator/bitbucket.rb