dependabot-common 0.139.1 → 0.139.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/shared_helpers.rb +36 -32
- data/lib/dependabot/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 70a8b637aa9cd5c38c93bcdca2f8e26283e0bbb5bebc70f54bc1ce0f80a93e75
|
|
4
|
+
data.tar.gz: 1aebc5329c67b401cc630c815bf6abf5bf6a63748e326255ebf37e58db52d256
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 75e1080fcf2a30249c962597e7fd09916584f8e4488702050dd8bbd775d2a1447c07ac09e1502f832f7e463b7c760a25e348397072f1b5273faf0dea40a8a79f
|
|
7
|
+
data.tar.gz: 4e14c9377f28242dc67767004e210e30f1f1c185a6e3e5180222a0a80f2227c7995abbcd8b3b6232edb4fea3345e5a55a995a626df6dd05fdee672ac18258f26
|
|
@@ -161,47 +161,21 @@ module Dependabot
|
|
|
161
161
|
reset_global_git_config(backup_git_config_path)
|
|
162
162
|
end
|
|
163
163
|
|
|
164
|
+
def self.credential_helper_path
|
|
165
|
+
File.join(__dir__, "../../bin/git-credential-store-immutable")
|
|
166
|
+
end
|
|
167
|
+
|
|
168
|
+
# rubocop:disable Metrics/AbcSize
|
|
169
|
+
# rubocop:disable Metrics/PerceivedComplexity
|
|
164
170
|
def self.configure_git_to_use_https_with_credentials(credentials)
|
|
165
171
|
File.open(GIT_CONFIG_GLOBAL_PATH, "w") do |file|
|
|
166
172
|
file << "# Generated by dependabot/dependabot-core"
|
|
167
173
|
end
|
|
168
|
-
configure_git_to_use_https
|
|
169
|
-
configure_git_credentials(credentials)
|
|
170
|
-
end
|
|
171
|
-
|
|
172
|
-
def self.configure_git_to_use_https
|
|
173
|
-
# NOTE: we use --global here (rather than --system) so that Dependabot
|
|
174
|
-
# can be run without privileged access
|
|
175
|
-
run_shell_command(
|
|
176
|
-
"git config --global --replace-all url.https://github.com/."\
|
|
177
|
-
"insteadOf ssh://git@github.com/"
|
|
178
|
-
)
|
|
179
|
-
run_shell_command(
|
|
180
|
-
"git config --global --add url.https://github.com/."\
|
|
181
|
-
"insteadOf ssh://git@github.com:"
|
|
182
|
-
)
|
|
183
|
-
run_shell_command(
|
|
184
|
-
"git config --global --add url.https://github.com/."\
|
|
185
|
-
"insteadOf git@github.com:"
|
|
186
|
-
)
|
|
187
|
-
run_shell_command(
|
|
188
|
-
"git config --global --add url.https://github.com/."\
|
|
189
|
-
"insteadOf git@github.com/"
|
|
190
|
-
)
|
|
191
|
-
run_shell_command(
|
|
192
|
-
"git config --global --add url.https://github.com/."\
|
|
193
|
-
"insteadOf git://github.com/"
|
|
194
|
-
)
|
|
195
|
-
end
|
|
196
174
|
|
|
197
|
-
# rubocop:disable Metrics/PerceivedComplexity
|
|
198
|
-
def self.configure_git_credentials(credentials)
|
|
199
175
|
# Then add a file-based credential store that loads a file in this repo.
|
|
200
176
|
# Under the hood this uses git credential-store, but it's invoked through
|
|
201
177
|
# a wrapper binary that only allows non-mutating commands. Without this,
|
|
202
178
|
# whenever the credentials are deemed to be invalid, they're erased.
|
|
203
|
-
credential_helper_path =
|
|
204
|
-
File.join(__dir__, "../../bin/git-credential-store-immutable")
|
|
205
179
|
run_shell_command(
|
|
206
180
|
"git config --global credential.helper "\
|
|
207
181
|
"'!#{credential_helper_path} --file #{Dir.pwd}/git.store'",
|
|
@@ -219,6 +193,9 @@ module Dependabot
|
|
|
219
193
|
github_credentials.find { |c| !c["password"]&.start_with?("v1.") } ||
|
|
220
194
|
github_credentials.first
|
|
221
195
|
|
|
196
|
+
# Make sure we always have https alternatives for github.com.
|
|
197
|
+
configure_git_to_use_https("github.com") if github_credential.nil?
|
|
198
|
+
|
|
222
199
|
deduped_credentials = credentials -
|
|
223
200
|
github_credentials +
|
|
224
201
|
[github_credential].compact
|
|
@@ -234,13 +211,40 @@ module Dependabot
|
|
|
234
211
|
"@#{cred.fetch('host')}"
|
|
235
212
|
|
|
236
213
|
git_store_content += authenticated_url + "\n"
|
|
214
|
+
configure_git_to_use_https(cred.fetch("host"))
|
|
237
215
|
end
|
|
238
216
|
|
|
239
217
|
# Save the file
|
|
240
218
|
File.write("git.store", git_store_content)
|
|
241
219
|
end
|
|
220
|
+
# rubocop:enable Metrics/AbcSize
|
|
242
221
|
# rubocop:enable Metrics/PerceivedComplexity
|
|
243
222
|
|
|
223
|
+
def self.configure_git_to_use_https(host)
|
|
224
|
+
# NOTE: we use --global here (rather than --system) so that Dependabot
|
|
225
|
+
# can be run without privileged access
|
|
226
|
+
run_shell_command(
|
|
227
|
+
"git config --global --replace-all url.https://#{host}/."\
|
|
228
|
+
"insteadOf ssh://git@#{host}/"
|
|
229
|
+
)
|
|
230
|
+
run_shell_command(
|
|
231
|
+
"git config --global --add url.https://#{host}/."\
|
|
232
|
+
"insteadOf ssh://git@#{host}:"
|
|
233
|
+
)
|
|
234
|
+
run_shell_command(
|
|
235
|
+
"git config --global --add url.https://#{host}/."\
|
|
236
|
+
"insteadOf git@#{host}:"
|
|
237
|
+
)
|
|
238
|
+
run_shell_command(
|
|
239
|
+
"git config --global --add url.https://#{host}/."\
|
|
240
|
+
"insteadOf git@#{host}/"
|
|
241
|
+
)
|
|
242
|
+
run_shell_command(
|
|
243
|
+
"git config --global --add url.https://#{host}/."\
|
|
244
|
+
"insteadOf git://#{host}/"
|
|
245
|
+
)
|
|
246
|
+
end
|
|
247
|
+
|
|
244
248
|
def self.reset_git_repo(path)
|
|
245
249
|
Dir.chdir(path) do
|
|
246
250
|
run_shell_command("git reset HEAD --hard")
|
data/lib/dependabot/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-common
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.139.
|
|
4
|
+
version: 0.139.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-
|
|
11
|
+
date: 2021-04-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|