dependabot-common 0.138.0 → 0.138.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/errors.rb +2 -0
- data/lib/dependabot/file_parsers/base.rb +5 -2
- data/lib/dependabot/notifications.rb +17 -0
- data/lib/dependabot/pull_request_creator.rb +13 -1
- data/lib/dependabot/pull_request_creator/message_builder.rb +1 -1
- data/lib/dependabot/pull_request_updater.rb +1 -0
- data/lib/dependabot/update_checkers/base.rb +5 -2
- data/lib/dependabot/version.rb +1 -1
- metadata +17 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9eac032406ddbc7a70c0184c27656ae12b2df486c391b4feede160a361b15502
|
|
4
|
+
data.tar.gz: 437c85e8167561e207a1b759d452c5257e21f3ae7cbf6dec01b0239c905dcd80
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6c0063c13e650eb8916dc4a3d1b4cdd8b9ac539fcc92186344ce8babce46a2cd8d6363a705643808674ef78b08dda12a7c9e7a9aaf629ea7a14d73f7e8481f1a
|
|
7
|
+
data.tar.gz: b689dfb251ca0cec502925d26ffb2d541f52bde930362154622686096ded5e00eb7cc9c72e85cf4f82c496736ba5b4720d37670596e21d0100d737c538658b93
|
data/lib/dependabot/errors.rb
CHANGED
|
@@ -1,17 +1,20 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
+
require "dependabot/notifications"
|
|
4
|
+
|
|
3
5
|
module Dependabot
|
|
4
6
|
module FileParsers
|
|
5
7
|
class Base
|
|
6
|
-
attr_reader :dependency_files, :repo_contents_path, :credentials, :source
|
|
8
|
+
attr_reader :dependency_files, :repo_contents_path, :credentials, :source, :options
|
|
7
9
|
|
|
8
10
|
def initialize(dependency_files:, repo_contents_path: nil, source:,
|
|
9
|
-
credentials: [], reject_external_code: false)
|
|
11
|
+
credentials: [], reject_external_code: false, options: {})
|
|
10
12
|
@dependency_files = dependency_files
|
|
11
13
|
@repo_contents_path = repo_contents_path
|
|
12
14
|
@credentials = credentials
|
|
13
15
|
@source = source
|
|
14
16
|
@reject_external_code = reject_external_code
|
|
17
|
+
@options = options
|
|
15
18
|
|
|
16
19
|
check_required_files
|
|
17
20
|
end
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require "active_support/notifications"
|
|
4
|
+
|
|
5
|
+
module Dependabot
|
|
6
|
+
module Notifications
|
|
7
|
+
FILE_PARSER_PACKAGE_MANAGER_VERSION_PARSED = "dependabot.file_parser.package_manager_version_parsed"
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
def self.instrument(name, payload = {})
|
|
11
|
+
ActiveSupport::Notifications.instrument(name, payload)
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
def self.subscribe(pattern = nil, callback = nil, &block)
|
|
15
|
+
ActiveSupport::Notifications.subscribe(pattern, callback, &block)
|
|
16
|
+
end
|
|
17
|
+
end
|
|
@@ -13,6 +13,18 @@ module Dependabot
|
|
|
13
13
|
require "dependabot/pull_request_creator/branch_namer"
|
|
14
14
|
require "dependabot/pull_request_creator/labeler"
|
|
15
15
|
|
|
16
|
+
# Dependabot programmatically creates PRs which often include a large
|
|
17
|
+
# number of links to objects on `github.com`. GitHub hydrates these into
|
|
18
|
+
# rich links that leave a 'mention' on target Issues/Pull Requests.
|
|
19
|
+
#
|
|
20
|
+
# Due to the volume and nature of Dependabot PRs, these mentions are not
|
|
21
|
+
# useful and can overwhelm maintainers, so we use a redirection service
|
|
22
|
+
# to avoid enrichment.
|
|
23
|
+
#
|
|
24
|
+
# If you wish to disable this behaviour when using Dependabot Core directly,
|
|
25
|
+
# pass a nil value when initialising this class.
|
|
26
|
+
DEFAULT_GITHUB_REDIRECTION_SERVICE = "github-redirect.dependabot.com"
|
|
27
|
+
|
|
16
28
|
class RepoNotFound < StandardError; end
|
|
17
29
|
|
|
18
30
|
class RepoArchived < StandardError; end
|
|
@@ -46,7 +58,7 @@ module Dependabot
|
|
|
46
58
|
reviewers: nil, assignees: nil, milestone: nil,
|
|
47
59
|
branch_name_separator: "/", branch_name_prefix: "dependabot",
|
|
48
60
|
label_language: false, automerge_candidate: false,
|
|
49
|
-
github_redirection_service:
|
|
61
|
+
github_redirection_service: DEFAULT_GITHUB_REDIRECTION_SERVICE,
|
|
50
62
|
custom_headers: nil, require_up_to_date_base: false,
|
|
51
63
|
provider_metadata: {}, message: nil)
|
|
52
64
|
@dependencies = dependencies
|
|
@@ -25,7 +25,7 @@ module Dependabot
|
|
|
25
25
|
def initialize(source:, dependencies:, files:, credentials:,
|
|
26
26
|
pr_message_header: nil, pr_message_footer: nil,
|
|
27
27
|
commit_message_options: {}, vulnerabilities_fixed: {},
|
|
28
|
-
github_redirection_service:
|
|
28
|
+
github_redirection_service:)
|
|
29
29
|
@dependencies = dependencies
|
|
30
30
|
@files = files
|
|
31
31
|
@source = source
|
|
@@ -9,12 +9,14 @@ module Dependabot
|
|
|
9
9
|
class Base
|
|
10
10
|
attr_reader :dependency, :dependency_files, :repo_contents_path,
|
|
11
11
|
:credentials, :ignored_versions, :raise_on_ignored,
|
|
12
|
-
:security_advisories, :requirements_update_strategy
|
|
12
|
+
:security_advisories, :requirements_update_strategy,
|
|
13
|
+
:options
|
|
13
14
|
|
|
14
15
|
def initialize(dependency:, dependency_files:, repo_contents_path: nil,
|
|
15
16
|
credentials:, ignored_versions: [],
|
|
16
17
|
raise_on_ignored: false, security_advisories: [],
|
|
17
|
-
requirements_update_strategy: nil
|
|
18
|
+
requirements_update_strategy: nil,
|
|
19
|
+
options: {})
|
|
18
20
|
@dependency = dependency
|
|
19
21
|
@dependency_files = dependency_files
|
|
20
22
|
@repo_contents_path = repo_contents_path
|
|
@@ -23,6 +25,7 @@ module Dependabot
|
|
|
23
25
|
@ignored_versions = ignored_versions
|
|
24
26
|
@raise_on_ignored = raise_on_ignored
|
|
25
27
|
@security_advisories = security_advisories
|
|
28
|
+
@options = options
|
|
26
29
|
end
|
|
27
30
|
|
|
28
31
|
def up_to_date?
|
data/lib/dependabot/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,15 +1,29 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-common
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.138.
|
|
4
|
+
version: 0.138.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-03-
|
|
11
|
+
date: 2021-03-26 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
|
+
- !ruby/object:Gem::Dependency
|
|
14
|
+
name: activesupport
|
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
|
16
|
+
requirements:
|
|
17
|
+
- - ">="
|
|
18
|
+
- !ruby/object:Gem::Version
|
|
19
|
+
version: 6.0.0
|
|
20
|
+
type: :runtime
|
|
21
|
+
prerelease: false
|
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
23
|
+
requirements:
|
|
24
|
+
- - ">="
|
|
25
|
+
- !ruby/object:Gem::Version
|
|
26
|
+
version: 6.0.0
|
|
13
27
|
- !ruby/object:Gem::Dependency
|
|
14
28
|
name: aws-sdk-codecommit
|
|
15
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -401,6 +415,7 @@ files:
|
|
|
401
415
|
- lib/dependabot/metadata_finders/base/changelog_pruner.rb
|
|
402
416
|
- lib/dependabot/metadata_finders/base/commits_finder.rb
|
|
403
417
|
- lib/dependabot/metadata_finders/base/release_finder.rb
|
|
418
|
+
- lib/dependabot/notifications.rb
|
|
404
419
|
- lib/dependabot/pull_request_creator.rb
|
|
405
420
|
- lib/dependabot/pull_request_creator/azure.rb
|
|
406
421
|
- lib/dependabot/pull_request_creator/bitbucket.rb
|