dependabot-common 0.138.5 → 0.139.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 70a8b637aa9cd5c38c93bcdca2f8e26283e0bbb5bebc70f54bc1ce0f80a93e75
|
|
4
|
+
data.tar.gz: 1aebc5329c67b401cc630c815bf6abf5bf6a63748e326255ebf37e58db52d256
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 75e1080fcf2a30249c962597e7fd09916584f8e4488702050dd8bbd775d2a1447c07ac09e1502f832f7e463b7c760a25e348397072f1b5273faf0dea40a8a79f
|
|
7
|
+
data.tar.gz: 4e14c9377f28242dc67767004e210e30f1f1c185a6e3e5180222a0a80f2227c7995abbcd8b3b6232edb4fea3345e5a55a995a626df6dd05fdee672ac18258f26
|
|
@@ -15,6 +15,8 @@ module Dependabot
|
|
|
15
15
|
(?:issue|pull)s?/(?<number>\d+)
|
|
16
16
|
}x.freeze
|
|
17
17
|
MENTION_REGEX = %r{(?<![A-Za-z0-9`~])@#{GITHUB_USERNAME}/?}.freeze
|
|
18
|
+
# regex to match a team mention on github
|
|
19
|
+
TEAM_MENTION_REGEX = %r{(?<![A-Za-z0-9`~])@(?<org>#{GITHUB_USERNAME})/(?<team>#{GITHUB_USERNAME})/?}.freeze
|
|
18
20
|
# End of string
|
|
19
21
|
EOS_REGEX = /\z/.freeze
|
|
20
22
|
COMMONMARKER_OPTIONS = %i(
|
|
@@ -35,8 +37,10 @@ module Dependabot
|
|
|
35
37
|
text, :LIBERAL_HTML_TAG, COMMONMARKER_EXTENSIONS
|
|
36
38
|
)
|
|
37
39
|
|
|
40
|
+
sanitize_team_mentions(doc)
|
|
38
41
|
sanitize_mentions(doc)
|
|
39
42
|
sanitize_links(doc)
|
|
43
|
+
|
|
40
44
|
mode = unsafe ? :UNSAFE : :DEFAULT
|
|
41
45
|
doc.to_html(([mode] + COMMONMARKER_OPTIONS), COMMONMARKER_EXTENSIONS)
|
|
42
46
|
end
|
|
@@ -62,6 +66,26 @@ module Dependabot
|
|
|
62
66
|
end
|
|
63
67
|
end
|
|
64
68
|
|
|
69
|
+
# When we come across something that looks like a team mention (e.g. @dependabot/reviewers),
|
|
70
|
+
# we replace it with a text node.
|
|
71
|
+
# This is because there are ecosystems that have packages that follow the same pattern
|
|
72
|
+
# (e.g. @angular/angular-cli), and we don't want to create an invalid link, since
|
|
73
|
+
# team mentions link to `https://github.com/org/:organization_name/teams/:team_name`.
|
|
74
|
+
def sanitize_team_mentions(doc)
|
|
75
|
+
doc.walk do |node|
|
|
76
|
+
if node.type == :text &&
|
|
77
|
+
node.string_content.match?(TEAM_MENTION_REGEX)
|
|
78
|
+
|
|
79
|
+
nodes = build_team_mention_nodes(node.string_content)
|
|
80
|
+
|
|
81
|
+
nodes.each do |n|
|
|
82
|
+
node.insert_before(n)
|
|
83
|
+
end
|
|
84
|
+
node.delete
|
|
85
|
+
end
|
|
86
|
+
end
|
|
87
|
+
end
|
|
88
|
+
|
|
65
89
|
def sanitize_links(doc)
|
|
66
90
|
doc.walk do |node|
|
|
67
91
|
if node.type == :link && node.url.match?(GITHUB_REF_REGEX)
|
|
@@ -87,7 +111,7 @@ module Dependabot
|
|
|
87
111
|
|
|
88
112
|
def replace_github_host(text)
|
|
89
113
|
text.gsub(
|
|
90
|
-
|
|
114
|
+
/(www\.)?github.com/, github_redirection_service || "github.com"
|
|
91
115
|
)
|
|
92
116
|
end
|
|
93
117
|
|
|
@@ -117,6 +141,30 @@ module Dependabot
|
|
|
117
141
|
nodes
|
|
118
142
|
end
|
|
119
143
|
|
|
144
|
+
def build_team_mention_nodes(text)
|
|
145
|
+
nodes = []
|
|
146
|
+
|
|
147
|
+
scan = StringScanner.new(text)
|
|
148
|
+
until scan.eos?
|
|
149
|
+
line = scan.scan_until(TEAM_MENTION_REGEX) ||
|
|
150
|
+
scan.scan_until(EOS_REGEX)
|
|
151
|
+
line_match = line.match(TEAM_MENTION_REGEX)
|
|
152
|
+
mention = line_match&.to_s
|
|
153
|
+
text_node = CommonMarker::Node.new(:text)
|
|
154
|
+
|
|
155
|
+
if mention
|
|
156
|
+
text_node.string_content = line_match.pre_match
|
|
157
|
+
nodes << text_node
|
|
158
|
+
nodes += build_mention_link_text_nodes(mention.to_s)
|
|
159
|
+
else
|
|
160
|
+
text_node.string_content = line
|
|
161
|
+
nodes << text_node
|
|
162
|
+
end
|
|
163
|
+
end
|
|
164
|
+
|
|
165
|
+
nodes
|
|
166
|
+
end
|
|
167
|
+
|
|
120
168
|
def build_mention_link_text_nodes(text)
|
|
121
169
|
code_node = CommonMarker::Node.new(:code)
|
|
122
170
|
code_node.string_content = insert_zero_width_space_in_mention(text)
|
|
@@ -161,47 +161,21 @@ module Dependabot
|
|
|
161
161
|
reset_global_git_config(backup_git_config_path)
|
|
162
162
|
end
|
|
163
163
|
|
|
164
|
+
def self.credential_helper_path
|
|
165
|
+
File.join(__dir__, "../../bin/git-credential-store-immutable")
|
|
166
|
+
end
|
|
167
|
+
|
|
168
|
+
# rubocop:disable Metrics/AbcSize
|
|
169
|
+
# rubocop:disable Metrics/PerceivedComplexity
|
|
164
170
|
def self.configure_git_to_use_https_with_credentials(credentials)
|
|
165
171
|
File.open(GIT_CONFIG_GLOBAL_PATH, "w") do |file|
|
|
166
172
|
file << "# Generated by dependabot/dependabot-core"
|
|
167
173
|
end
|
|
168
|
-
configure_git_to_use_https
|
|
169
|
-
configure_git_credentials(credentials)
|
|
170
|
-
end
|
|
171
|
-
|
|
172
|
-
def self.configure_git_to_use_https
|
|
173
|
-
# NOTE: we use --global here (rather than --system) so that Dependabot
|
|
174
|
-
# can be run without privileged access
|
|
175
|
-
run_shell_command(
|
|
176
|
-
"git config --global --replace-all url.https://github.com/."\
|
|
177
|
-
"insteadOf ssh://git@github.com/"
|
|
178
|
-
)
|
|
179
|
-
run_shell_command(
|
|
180
|
-
"git config --global --add url.https://github.com/."\
|
|
181
|
-
"insteadOf ssh://git@github.com:"
|
|
182
|
-
)
|
|
183
|
-
run_shell_command(
|
|
184
|
-
"git config --global --add url.https://github.com/."\
|
|
185
|
-
"insteadOf git@github.com:"
|
|
186
|
-
)
|
|
187
|
-
run_shell_command(
|
|
188
|
-
"git config --global --add url.https://github.com/."\
|
|
189
|
-
"insteadOf git@github.com/"
|
|
190
|
-
)
|
|
191
|
-
run_shell_command(
|
|
192
|
-
"git config --global --add url.https://github.com/."\
|
|
193
|
-
"insteadOf git://github.com/"
|
|
194
|
-
)
|
|
195
|
-
end
|
|
196
174
|
|
|
197
|
-
# rubocop:disable Metrics/PerceivedComplexity
|
|
198
|
-
def self.configure_git_credentials(credentials)
|
|
199
175
|
# Then add a file-based credential store that loads a file in this repo.
|
|
200
176
|
# Under the hood this uses git credential-store, but it's invoked through
|
|
201
177
|
# a wrapper binary that only allows non-mutating commands. Without this,
|
|
202
178
|
# whenever the credentials are deemed to be invalid, they're erased.
|
|
203
|
-
credential_helper_path =
|
|
204
|
-
File.join(__dir__, "../../bin/git-credential-store-immutable")
|
|
205
179
|
run_shell_command(
|
|
206
180
|
"git config --global credential.helper "\
|
|
207
181
|
"'!#{credential_helper_path} --file #{Dir.pwd}/git.store'",
|
|
@@ -219,6 +193,9 @@ module Dependabot
|
|
|
219
193
|
github_credentials.find { |c| !c["password"]&.start_with?("v1.") } ||
|
|
220
194
|
github_credentials.first
|
|
221
195
|
|
|
196
|
+
# Make sure we always have https alternatives for github.com.
|
|
197
|
+
configure_git_to_use_https("github.com") if github_credential.nil?
|
|
198
|
+
|
|
222
199
|
deduped_credentials = credentials -
|
|
223
200
|
github_credentials +
|
|
224
201
|
[github_credential].compact
|
|
@@ -234,13 +211,40 @@ module Dependabot
|
|
|
234
211
|
"@#{cred.fetch('host')}"
|
|
235
212
|
|
|
236
213
|
git_store_content += authenticated_url + "\n"
|
|
214
|
+
configure_git_to_use_https(cred.fetch("host"))
|
|
237
215
|
end
|
|
238
216
|
|
|
239
217
|
# Save the file
|
|
240
218
|
File.write("git.store", git_store_content)
|
|
241
219
|
end
|
|
220
|
+
# rubocop:enable Metrics/AbcSize
|
|
242
221
|
# rubocop:enable Metrics/PerceivedComplexity
|
|
243
222
|
|
|
223
|
+
def self.configure_git_to_use_https(host)
|
|
224
|
+
# NOTE: we use --global here (rather than --system) so that Dependabot
|
|
225
|
+
# can be run without privileged access
|
|
226
|
+
run_shell_command(
|
|
227
|
+
"git config --global --replace-all url.https://#{host}/."\
|
|
228
|
+
"insteadOf ssh://git@#{host}/"
|
|
229
|
+
)
|
|
230
|
+
run_shell_command(
|
|
231
|
+
"git config --global --add url.https://#{host}/."\
|
|
232
|
+
"insteadOf ssh://git@#{host}:"
|
|
233
|
+
)
|
|
234
|
+
run_shell_command(
|
|
235
|
+
"git config --global --add url.https://#{host}/."\
|
|
236
|
+
"insteadOf git@#{host}:"
|
|
237
|
+
)
|
|
238
|
+
run_shell_command(
|
|
239
|
+
"git config --global --add url.https://#{host}/."\
|
|
240
|
+
"insteadOf git@#{host}/"
|
|
241
|
+
)
|
|
242
|
+
run_shell_command(
|
|
243
|
+
"git config --global --add url.https://#{host}/."\
|
|
244
|
+
"insteadOf git://#{host}/"
|
|
245
|
+
)
|
|
246
|
+
end
|
|
247
|
+
|
|
244
248
|
def self.reset_git_repo(path)
|
|
245
249
|
Dir.chdir(path) do
|
|
246
250
|
run_shell_command("git reset HEAD --hard")
|
data/lib/dependabot/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-common
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.139.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-
|
|
11
|
+
date: 2021-04-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|
|
@@ -298,14 +298,14 @@ dependencies:
|
|
|
298
298
|
requirements:
|
|
299
299
|
- - "~>"
|
|
300
300
|
- !ruby/object:Gem::Version
|
|
301
|
-
version: 1.
|
|
301
|
+
version: 1.12.0
|
|
302
302
|
type: :development
|
|
303
303
|
prerelease: false
|
|
304
304
|
version_requirements: !ruby/object:Gem::Requirement
|
|
305
305
|
requirements:
|
|
306
306
|
- - "~>"
|
|
307
307
|
- !ruby/object:Gem::Version
|
|
308
|
-
version: 1.
|
|
308
|
+
version: 1.12.0
|
|
309
309
|
- !ruby/object:Gem::Dependency
|
|
310
310
|
name: simplecov
|
|
311
311
|
requirement: !ruby/object:Gem::Requirement
|