dependabot-common 0.138.0 → 0.138.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/errors.rb +2 -0
- data/lib/dependabot/file_parsers/base.rb +5 -2
- data/lib/dependabot/notifications.rb +17 -0
- data/lib/dependabot/pull_request_creator.rb +13 -1
- data/lib/dependabot/pull_request_creator/message_builder.rb +1 -1
- data/lib/dependabot/pull_request_updater.rb +1 -0
- data/lib/dependabot/update_checkers/base.rb +5 -2
- data/lib/dependabot/version.rb +1 -1
- metadata +17 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9eac032406ddbc7a70c0184c27656ae12b2df486c391b4feede160a361b15502
|
|
4
|
+
data.tar.gz: 437c85e8167561e207a1b759d452c5257e21f3ae7cbf6dec01b0239c905dcd80
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6c0063c13e650eb8916dc4a3d1b4cdd8b9ac539fcc92186344ce8babce46a2cd8d6363a705643808674ef78b08dda12a7c9e7a9aaf629ea7a14d73f7e8481f1a
|
|
7
|
+
data.tar.gz: b689dfb251ca0cec502925d26ffb2d541f52bde930362154622686096ded5e00eb7cc9c72e85cf4f82c496736ba5b4720d37670596e21d0100d737c538658b93
|
data/lib/dependabot/errors.rb
CHANGED
|
@@ -1,17 +1,20 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
+
require "dependabot/notifications"
|
|
4
|
+
|
|
3
5
|
module Dependabot
|
|
4
6
|
module FileParsers
|
|
5
7
|
class Base
|
|
6
|
-
attr_reader :dependency_files, :repo_contents_path, :credentials, :source
|
|
8
|
+
attr_reader :dependency_files, :repo_contents_path, :credentials, :source, :options
|
|
7
9
|
|
|
8
10
|
def initialize(dependency_files:, repo_contents_path: nil, source:,
|
|
9
|
-
credentials: [], reject_external_code: false)
|
|
11
|
+
credentials: [], reject_external_code: false, options: {})
|
|
10
12
|
@dependency_files = dependency_files
|
|
11
13
|
@repo_contents_path = repo_contents_path
|
|
12
14
|
@credentials = credentials
|
|
13
15
|
@source = source
|
|
14
16
|
@reject_external_code = reject_external_code
|
|
17
|
+
@options = options
|
|
15
18
|
|
|
16
19
|
check_required_files
|
|
17
20
|
end
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require "active_support/notifications"
|
|
4
|
+
|
|
5
|
+
module Dependabot
|
|
6
|
+
module Notifications
|
|
7
|
+
FILE_PARSER_PACKAGE_MANAGER_VERSION_PARSED = "dependabot.file_parser.package_manager_version_parsed"
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
def self.instrument(name, payload = {})
|
|
11
|
+
ActiveSupport::Notifications.instrument(name, payload)
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
def self.subscribe(pattern = nil, callback = nil, &block)
|
|
15
|
+
ActiveSupport::Notifications.subscribe(pattern, callback, &block)
|
|
16
|
+
end
|
|
17
|
+
end
|
|
@@ -13,6 +13,18 @@ module Dependabot
|
|
|
13
13
|
require "dependabot/pull_request_creator/branch_namer"
|
|
14
14
|
require "dependabot/pull_request_creator/labeler"
|
|
15
15
|
|
|
16
|
+
# Dependabot programmatically creates PRs which often include a large
|
|
17
|
+
# number of links to objects on `github.com`. GitHub hydrates these into
|
|
18
|
+
# rich links that leave a 'mention' on target Issues/Pull Requests.
|
|
19
|
+
#
|
|
20
|
+
# Due to the volume and nature of Dependabot PRs, these mentions are not
|
|
21
|
+
# useful and can overwhelm maintainers, so we use a redirection service
|
|
22
|
+
# to avoid enrichment.
|
|
23
|
+
#
|
|
24
|
+
# If you wish to disable this behaviour when using Dependabot Core directly,
|
|
25
|
+
# pass a nil value when initialising this class.
|
|
26
|
+
DEFAULT_GITHUB_REDIRECTION_SERVICE = "github-redirect.dependabot.com"
|
|
27
|
+
|
|
16
28
|
class RepoNotFound < StandardError; end
|
|
17
29
|
|
|
18
30
|
class RepoArchived < StandardError; end
|
|
@@ -46,7 +58,7 @@ module Dependabot
|
|
|
46
58
|
reviewers: nil, assignees: nil, milestone: nil,
|
|
47
59
|
branch_name_separator: "/", branch_name_prefix: "dependabot",
|
|
48
60
|
label_language: false, automerge_candidate: false,
|
|
49
|
-
github_redirection_service:
|
|
61
|
+
github_redirection_service: DEFAULT_GITHUB_REDIRECTION_SERVICE,
|
|
50
62
|
custom_headers: nil, require_up_to_date_base: false,
|
|
51
63
|
provider_metadata: {}, message: nil)
|
|
52
64
|
@dependencies = dependencies
|
|
@@ -25,7 +25,7 @@ module Dependabot
|
|
|
25
25
|
def initialize(source:, dependencies:, files:, credentials:,
|
|
26
26
|
pr_message_header: nil, pr_message_footer: nil,
|
|
27
27
|
commit_message_options: {}, vulnerabilities_fixed: {},
|
|
28
|
-
github_redirection_service:
|
|
28
|
+
github_redirection_service:)
|
|
29
29
|
@dependencies = dependencies
|
|
30
30
|
@files = files
|
|
31
31
|
@source = source
|
|
@@ -9,12 +9,14 @@ module Dependabot
|
|
|
9
9
|
class Base
|
|
10
10
|
attr_reader :dependency, :dependency_files, :repo_contents_path,
|
|
11
11
|
:credentials, :ignored_versions, :raise_on_ignored,
|
|
12
|
-
:security_advisories, :requirements_update_strategy
|
|
12
|
+
:security_advisories, :requirements_update_strategy,
|
|
13
|
+
:options
|
|
13
14
|
|
|
14
15
|
def initialize(dependency:, dependency_files:, repo_contents_path: nil,
|
|
15
16
|
credentials:, ignored_versions: [],
|
|
16
17
|
raise_on_ignored: false, security_advisories: [],
|
|
17
|
-
requirements_update_strategy: nil
|
|
18
|
+
requirements_update_strategy: nil,
|
|
19
|
+
options: {})
|
|
18
20
|
@dependency = dependency
|
|
19
21
|
@dependency_files = dependency_files
|
|
20
22
|
@repo_contents_path = repo_contents_path
|
|
@@ -23,6 +25,7 @@ module Dependabot
|
|
|
23
25
|
@ignored_versions = ignored_versions
|
|
24
26
|
@raise_on_ignored = raise_on_ignored
|
|
25
27
|
@security_advisories = security_advisories
|
|
28
|
+
@options = options
|
|
26
29
|
end
|
|
27
30
|
|
|
28
31
|
def up_to_date?
|
data/lib/dependabot/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,15 +1,29 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-common
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.138.
|
|
4
|
+
version: 0.138.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-03-
|
|
11
|
+
date: 2021-03-26 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
|
+
- !ruby/object:Gem::Dependency
|
|
14
|
+
name: activesupport
|
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
|
16
|
+
requirements:
|
|
17
|
+
- - ">="
|
|
18
|
+
- !ruby/object:Gem::Version
|
|
19
|
+
version: 6.0.0
|
|
20
|
+
type: :runtime
|
|
21
|
+
prerelease: false
|
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
23
|
+
requirements:
|
|
24
|
+
- - ">="
|
|
25
|
+
- !ruby/object:Gem::Version
|
|
26
|
+
version: 6.0.0
|
|
13
27
|
- !ruby/object:Gem::Dependency
|
|
14
28
|
name: aws-sdk-codecommit
|
|
15
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -401,6 +415,7 @@ files:
|
|
|
401
415
|
- lib/dependabot/metadata_finders/base/changelog_pruner.rb
|
|
402
416
|
- lib/dependabot/metadata_finders/base/commits_finder.rb
|
|
403
417
|
- lib/dependabot/metadata_finders/base/release_finder.rb
|
|
418
|
+
- lib/dependabot/notifications.rb
|
|
404
419
|
- lib/dependabot/pull_request_creator.rb
|
|
405
420
|
- lib/dependabot/pull_request_creator/azure.rb
|
|
406
421
|
- lib/dependabot/pull_request_creator/bitbucket.rb
|