dependabot-common 0.162.1 → 0.164.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e317f507ca3fa9f526ef351aea69dc00a2f2f6da35b66c50fd653521a14f11ab
-  data.tar.gz: d0f8dc5f5c9de730c0a922023e6c0f1eaf8335ca56f8e3f5e1eb7cb81ef21d2c
+  metadata.gz: 7b3537e1c2ef5a4a5120217558ff023781a1bc2530da65e7a37e8f80c75ac710
+  data.tar.gz: 9c11fca086d103b58ff9a532dd342bba154dcd72918c8c3100a662f2bd98dfa0
 SHA512:
-  metadata.gz: c6574279837fdca0b1dd14bf3bcbe1c9eccac7bd6cdeda953094db897547a617686490f8ed6809ad626bfabac8843c80d53dd5e44f71ff6b96ee5a24047859b4
-  data.tar.gz: 3a26fafdd53908ae2d2bb993479d440e47e23b00ddfa05b5d7286e458317be3edd95c3368ac0e5ace37dee3f6f17159c9a6cefc47833833f0e836294d4ca9d10
+  metadata.gz: ff69bb062697827ad9ba6f583dbc6735419ccb1c9f9298dd523e11dcbdfcb134e8129998cb6f7b246356047b04b0ece0ff75c51234f39d9754c52c40139ad5ef
+  data.tar.gz: 83d50bf3ed74365bb964a237de1fa1a8620864890f703bc2619a1e5f0cbee80c039f475a8674cfc333a811c0a9b55b5cd758b8dd04f56d276f758bafc4577489

data/lib/dependabot/pull_request_creator/bitbucket.rb

@@ -82,7 +82,7 @@ module Dependabot
           branch_name,
           source.branch || default_branch,
           pr_description,
-          labeler&.labels_for_pr,
+          nil,
           work_item
         )
       end

data/lib/dependabot/pull_request_creator/gitlab.rb

@@ -10,25 +10,26 @@ module Dependabot
       attr_reader :source, :branch_name, :base_commit, :credentials,
                   :files, :pr_description, :pr_name, :commit_message,
                   :author_details, :labeler, :approvers, :assignees,
-                  :milestone
+                  :milestone, :target_project_id
 
       def initialize(source:, branch_name:, base_commit:, credentials:,
                      files:, commit_message:, pr_description:, pr_name:,
                      author_details:, labeler:, approvers:, assignees:,
-                     milestone:)
-        @source         = source
-        @branch_name    = branch_name
-        @base_commit    = base_commit
-        @credentials    = credentials
-        @files          = files
-        @commit_message = commit_message
-        @pr_description = pr_description
-        @pr_name        = pr_name
-        @author_details = author_details
-        @labeler        = labeler
-        @approvers      = approvers
-        @assignees      = assignees
-        @milestone      = milestone
+                     milestone:, target_project_id:)
+        @source            = source
+        @branch_name       = branch_name
+        @base_commit       = base_commit
+        @credentials       = credentials
+        @files             = files
+        @commit_message    = commit_message
+        @pr_description    = pr_description
+        @pr_name           = pr_name
+        @author_details    = author_details
+        @labeler           = labeler
+        @approvers         = approvers
+        @assignees         = assignees
+        @milestone         = milestone
+        @target_project_id = target_project_id
       end
 
       def create
@@ -76,7 +77,7 @@ module Dependabot
 
       def merge_request_exists?
         gitlab_client_for_source.merge_requests(
-          source.repo,
+          target_project_id || source.repo,
           source_branch: branch_name,
           target_branch: source.branch || default_branch,
           state: "all"
@@ -143,7 +144,8 @@ module Dependabot
           remove_source_branch: true,
           assignee_ids: assignees,
           labels: labeler.labels_for_pr.join(","),
-          milestone_id: milestone
+          milestone_id: milestone,
+          target_project_id: target_project_id
         )
       end
 
@@ -156,7 +158,7 @@ module Dependabot
           approvers.keys.map { |k| [k.to_sym, approvers[k]] }.to_h
 
         gitlab_client_for_source.edit_merge_request_approvers(
-          source.repo,
+          target_project_id || source.repo,
           merge_request.iid,
           approver_ids: approvers_hash[:approvers],
           approver_group_ids: approvers_hash[:group_approvers]

data/lib/dependabot/pull_request_creator.rb

@@ -157,7 +157,8 @@ module Dependabot
         labeler: labeler,
         approvers: reviewers,
         assignees: assignees,
-        milestone: milestone
+        milestone: milestone,
+        target_project_id: provider_metadata[:target_project_id]
       )
     end
 

data/lib/dependabot/pull_request_updater/gitlab.rb

@@ -8,16 +8,17 @@ module Dependabot
   class PullRequestUpdater
     class Gitlab
       attr_reader :source, :files, :base_commit, :old_commit, :credentials,
-                  :pull_request_number
+                  :pull_request_number, :target_project_id
 
       def initialize(source:, base_commit:, old_commit:, files:,
-                     credentials:, pull_request_number:)
+                     credentials:, pull_request_number:, target_project_id:)
         @source              = source
         @base_commit         = base_commit
         @old_commit          = old_commit
         @files               = files
         @credentials         = credentials
         @pull_request_number = pull_request_number
+        @target_project_id   = target_project_id
       end
 
       def update
@@ -39,7 +40,7 @@ module Dependabot
 
       def merge_request
         @merge_request ||= gitlab_client_for_source.merge_request(
-          source.repo,
+          target_project_id || source.repo,
           pull_request_number
         )
       end

data/lib/dependabot/pull_request_updater.rb

@@ -9,11 +9,12 @@ module Dependabot
     class BranchProtected < StandardError; end
 
     attr_reader :source, :files, :base_commit, :old_commit, :credentials,
-                :pull_request_number, :author_details, :signature_key
+                :pull_request_number, :author_details, :signature_key, :provider_metadata
 
     def initialize(source:, base_commit:, old_commit:, files:,
                    credentials:, pull_request_number:,
-                   author_details: nil, signature_key: nil)
+                   author_details: nil, signature_key: nil,
+                   provider_metadata: {})
       @source              = source
       @base_commit         = base_commit
       @old_commit          = old_commit
@@ -22,6 +23,7 @@ module Dependabot
       @pull_request_number = pull_request_number
       @author_details      = author_details
       @signature_key       = signature_key
+      @provider_metadata   = provider_metadata
     end
 
     def update
@@ -55,7 +57,8 @@ module Dependabot
         old_commit: old_commit,
         files: files,
         credentials: credentials,
-        pull_request_number: pull_request_number
+        pull_request_number: pull_request_number,
+        target_project_id: provider_metadata[:target_project_id]
       )
     end
 

data/lib/dependabot/shared_helpers.rb

@@ -40,10 +40,14 @@ module Dependabot
 
     def self.in_a_temporary_directory(directory = "/")
       Dir.mkdir(Utils::BUMP_TMP_DIR_PATH) unless Dir.exist?(Utils::BUMP_TMP_DIR_PATH)
-      Dir.mktmpdir(Utils::BUMP_TMP_FILE_PREFIX, Utils::BUMP_TMP_DIR_PATH) do |dir|
-        path = Pathname.new(File.join(dir, directory)).expand_path
+      tmp_dir = Dir.mktmpdir(Utils::BUMP_TMP_FILE_PREFIX, Utils::BUMP_TMP_DIR_PATH)
+
+      begin
+        path = Pathname.new(File.join(tmp_dir, directory)).expand_path
         FileUtils.mkpath(path)
         Dir.chdir(path) { yield(path) }
+      ensure
+        FileUtils.rm_rf(tmp_dir)
       end
     end
 

data/lib/dependabot/source.rb

@@ -9,6 +9,15 @@ module Dependabot
       (?:(?:/tree|/blob)/(?<branch>[^/]+)/(?<directory>.*)[\#|/])?
     }x.freeze
 
+    GITHUB_ENTERPRISE_SOURCE = %r{
+      (?<protocol>(http://|https://|git://|ssh://))*
+      (?<username>[^@]+@)*
+      (?<host>[^/]+)
+      [/:]
+      (?<repo>[\w.-]+/(?:(?!\.git|\.\s)[\w.-])+)
+      (?:(?:/tree|/blob)/(?<branch>[^/]+)/(?<directory>.*)[\#|/])?
+    }x.freeze
+
     GITLAB_SOURCE = %r{
       (?<provider>gitlab)
       (?:\.com)[/:]
@@ -40,7 +49,7 @@ module Dependabot
                   :hostname, :api_endpoint
 
     def self.from_url(url_string)
-      return unless url_string&.match?(SOURCE_REGEX)
+      return github_enterprise_from_url(url_string) unless url_string&.match?(SOURCE_REGEX)
 
       captures = url_string.match(SOURCE_REGEX).named_captures
 
@@ -52,6 +61,33 @@ module Dependabot
       )
     end
 
+    def self.github_enterprise_from_url(url_string)
+      captures = url_string&.match(GITHUB_ENTERPRISE_SOURCE)&.named_captures
+      return unless captures
+
+      base_url = "https://#{captures.fetch('host')}"
+
+      return unless github_enterprise?(base_url)
+
+      new(
+        provider: "github",
+        repo: captures.fetch("repo"),
+        directory: captures.fetch("directory"),
+        branch: captures.fetch("branch"),
+        hostname: captures.fetch("host"),
+        api_endpoint: File.join(base_url, "api", "v3")
+      )
+    end
+
+    def self.github_enterprise?(base_url)
+      resp = Excon.get(File.join(base_url, "status"))
+      resp.status == 200 &&
+        # Alternatively: resp.headers["Server"] == "GitHub.com", but this
+        # currently doesn't work with development environments
+        resp.headers["X-GitHub-Request-Id"] &&
+        !resp.headers["X-GitHub-Request-Id"].empty?
+    end
+
     def initialize(provider:, repo:, directory: nil, branch: nil, commit: nil,
                    hostname: nil, api_endpoint: nil)
       if (hostname.nil? ^ api_endpoint.nil?) && (provider != "codecommit")

data/lib/dependabot/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Dependabot
-  VERSION = "0.162.1"
+  VERSION = "0.164.1"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-common
 version: !ruby/object:Gem::Version
-  version: 0.162.1
+  version: 0.164.1
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-09-20 00:00:00.000000000 Z
+date: 2021-11-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport