dependabot-common 0.162.2 → 0.165.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c5598558127057abb7ac51f18576548e5589c52c07f6974029f07b0927c90940
-  data.tar.gz: 05b6b1140a37903e10356ff60c0162ede9781a3ae7edbe32ab267ff46fe19542
+  metadata.gz: fded763414c9d5eec2fcdcbde94cc2f6feb6cc28218b4505ebd3a05250a02140
+  data.tar.gz: 405ae147644579eb70e84cb0dbf9a3bb9b27cfc5ed144597a08ad5286eb1925f
 SHA512:
-  metadata.gz: a6aceab2e96e3cfb0ea5a7ca04cd55078935d5e23fb5490b3d0d777c354e3729484d105ffe2991438b3a9a76611cd843eaa38897e725575f6c8706bed84c62a1
-  data.tar.gz: eb0e81e76203686073468c105bb67844f16a502814c12ff632e08c186b7a91b92f37247ed75e38e856492cb798fd9148af27eb6fcf975638548eca0470c07100
+  metadata.gz: 01aea5b71061b178a252555fa59f828d9f86a89d41d7d58e2a7d58c15cfae40a752eaf6f0858bb3b6e8dc5c224fc8b83c935e1dc3e7d264fab069d24244f6b64
+  data.tar.gz: 918375276fbc3ef7e735df189f1dfd9821f0473651959a0aad38a7932214f0fc02e0348139ae321c4944ea2ba6f0b7d013cb9ef7a054eb8373c0ab6a8f84cb9b

data/lib/dependabot/pull_request_creator/bitbucket.rb

@@ -82,7 +82,7 @@ module Dependabot
           branch_name,
           source.branch || default_branch,
           pr_description,
-          labeler&.labels_for_pr,
+          nil,
           work_item
         )
       end

data/lib/dependabot/pull_request_creator/gitlab.rb

@@ -10,25 +10,26 @@ module Dependabot
       attr_reader :source, :branch_name, :base_commit, :credentials,
                   :files, :pr_description, :pr_name, :commit_message,
                   :author_details, :labeler, :approvers, :assignees,
-                  :milestone
+                  :milestone, :target_project_id
 
       def initialize(source:, branch_name:, base_commit:, credentials:,
                      files:, commit_message:, pr_description:, pr_name:,
                      author_details:, labeler:, approvers:, assignees:,
-                     milestone:)
-        @source         = source
-        @branch_name    = branch_name
-        @base_commit    = base_commit
-        @credentials    = credentials
-        @files          = files
-        @commit_message = commit_message
-        @pr_description = pr_description
-        @pr_name        = pr_name
-        @author_details = author_details
-        @labeler        = labeler
-        @approvers      = approvers
-        @assignees      = assignees
-        @milestone      = milestone
+                     milestone:, target_project_id:)
+        @source            = source
+        @branch_name       = branch_name
+        @base_commit       = base_commit
+        @credentials       = credentials
+        @files             = files
+        @commit_message    = commit_message
+        @pr_description    = pr_description
+        @pr_name           = pr_name
+        @author_details    = author_details
+        @labeler           = labeler
+        @approvers         = approvers
+        @assignees         = assignees
+        @milestone         = milestone
+        @target_project_id = target_project_id
       end
 
       def create
@@ -76,7 +77,7 @@ module Dependabot
 
       def merge_request_exists?
         gitlab_client_for_source.merge_requests(
-          source.repo,
+          target_project_id || source.repo,
           source_branch: branch_name,
           target_branch: source.branch || default_branch,
           state: "all"
@@ -143,7 +144,8 @@ module Dependabot
           remove_source_branch: true,
           assignee_ids: assignees,
           labels: labeler.labels_for_pr.join(","),
-          milestone_id: milestone
+          milestone_id: milestone,
+          target_project_id: target_project_id
         )
       end
 
@@ -156,7 +158,7 @@ module Dependabot
           approvers.keys.map { |k| [k.to_sym, approvers[k]] }.to_h
 
         gitlab_client_for_source.edit_merge_request_approvers(
-          source.repo,
+          target_project_id || source.repo,
           merge_request.iid,
           approver_ids: approvers_hash[:approvers],
           approver_group_ids: approvers_hash[:group_approvers]

data/lib/dependabot/pull_request_creator.rb

@@ -157,7 +157,8 @@ module Dependabot
         labeler: labeler,
         approvers: reviewers,
         assignees: assignees,
-        milestone: milestone
+        milestone: milestone,
+        target_project_id: provider_metadata[:target_project_id]
       )
     end
 

data/lib/dependabot/pull_request_updater/gitlab.rb

@@ -8,16 +8,17 @@ module Dependabot
   class PullRequestUpdater
     class Gitlab
       attr_reader :source, :files, :base_commit, :old_commit, :credentials,
-                  :pull_request_number
+                  :pull_request_number, :target_project_id
 
       def initialize(source:, base_commit:, old_commit:, files:,
-                     credentials:, pull_request_number:)
+                     credentials:, pull_request_number:, target_project_id:)
         @source              = source
         @base_commit         = base_commit
         @old_commit          = old_commit
         @files               = files
         @credentials         = credentials
         @pull_request_number = pull_request_number
+        @target_project_id   = target_project_id
       end
 
       def update
@@ -39,7 +40,7 @@ module Dependabot
 
       def merge_request
         @merge_request ||= gitlab_client_for_source.merge_request(
-          source.repo,
+          target_project_id || source.repo,
           pull_request_number
         )
       end

data/lib/dependabot/pull_request_updater.rb

@@ -9,11 +9,12 @@ module Dependabot
     class BranchProtected < StandardError; end
 
     attr_reader :source, :files, :base_commit, :old_commit, :credentials,
-                :pull_request_number, :author_details, :signature_key
+                :pull_request_number, :author_details, :signature_key, :provider_metadata
 
     def initialize(source:, base_commit:, old_commit:, files:,
                    credentials:, pull_request_number:,
-                   author_details: nil, signature_key: nil)
+                   author_details: nil, signature_key: nil,
+                   provider_metadata: {})
       @source              = source
       @base_commit         = base_commit
       @old_commit          = old_commit
@@ -22,6 +23,7 @@ module Dependabot
       @pull_request_number = pull_request_number
       @author_details      = author_details
       @signature_key       = signature_key
+      @provider_metadata   = provider_metadata
     end
 
     def update
@@ -55,7 +57,8 @@ module Dependabot
         old_commit: old_commit,
         files: files,
         credentials: credentials,
-        pull_request_number: pull_request_number
+        pull_request_number: pull_request_number,
+        target_project_id: provider_metadata[:target_project_id]
       )
     end
 

data/lib/dependabot/shared_helpers.rb

@@ -40,10 +40,14 @@ module Dependabot
 
     def self.in_a_temporary_directory(directory = "/")
       Dir.mkdir(Utils::BUMP_TMP_DIR_PATH) unless Dir.exist?(Utils::BUMP_TMP_DIR_PATH)
-      Dir.mktmpdir(Utils::BUMP_TMP_FILE_PREFIX, Utils::BUMP_TMP_DIR_PATH) do |dir|
-        path = Pathname.new(File.join(dir, directory)).expand_path
+      tmp_dir = Dir.mktmpdir(Utils::BUMP_TMP_FILE_PREFIX, Utils::BUMP_TMP_DIR_PATH)
+
+      begin
+        path = Pathname.new(File.join(tmp_dir, directory)).expand_path
         FileUtils.mkpath(path)
         Dir.chdir(path) { yield(path) }
+      ensure
+        FileUtils.rm_rf(tmp_dir)
       end
     end
 

data/lib/dependabot/source.rb

@@ -9,6 +9,15 @@ module Dependabot
       (?:(?:/tree|/blob)/(?<branch>[^/]+)/(?<directory>.*)[\#|/])?
     }x.freeze
 
+    GITHUB_ENTERPRISE_SOURCE = %r{
+      (?<protocol>(http://|https://|git://|ssh://))*
+      (?<username>[^@]+@)*
+      (?<host>[^/]+)
+      [/:]
+      (?<repo>[\w.-]+/(?:(?!\.git|\.\s)[\w.-])+)
+      (?:(?:/tree|/blob)/(?<branch>[^/]+)/(?<directory>.*)[\#|/])?
+    }x.freeze
+
     GITLAB_SOURCE = %r{
       (?<provider>gitlab)
       (?:\.com)[/:]
@@ -40,7 +49,7 @@ module Dependabot
                   :hostname, :api_endpoint
 
     def self.from_url(url_string)
-      return unless url_string&.match?(SOURCE_REGEX)
+      return github_enterprise_from_url(url_string) unless url_string&.match?(SOURCE_REGEX)
 
       captures = url_string.match(SOURCE_REGEX).named_captures
 
@@ -52,6 +61,33 @@ module Dependabot
       )
     end
 
+    def self.github_enterprise_from_url(url_string)
+      captures = url_string&.match(GITHUB_ENTERPRISE_SOURCE)&.named_captures
+      return unless captures
+
+      base_url = "https://#{captures.fetch('host')}"
+
+      return unless github_enterprise?(base_url)
+
+      new(
+        provider: "github",
+        repo: captures.fetch("repo"),
+        directory: captures.fetch("directory"),
+        branch: captures.fetch("branch"),
+        hostname: captures.fetch("host"),
+        api_endpoint: File.join(base_url, "api", "v3")
+      )
+    end
+
+    def self.github_enterprise?(base_url)
+      resp = Excon.get(File.join(base_url, "status"))
+      resp.status == 200 &&
+        # Alternatively: resp.headers["Server"] == "GitHub.com", but this
+        # currently doesn't work with development environments
+        resp.headers["X-GitHub-Request-Id"] &&
+        !resp.headers["X-GitHub-Request-Id"].empty?
+    end
+
     def initialize(provider:, repo:, directory: nil, branch: nil, commit: nil,
                    hostname: nil, api_endpoint: nil)
       if (hostname.nil? ^ api_endpoint.nil?) && (provider != "codecommit")

data/lib/dependabot/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Dependabot
-  VERSION = "0.162.2"
+  VERSION = "0.165.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-common
 version: !ruby/object:Gem::Version
-  version: 0.162.2
+  version: 0.165.0
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-09-29 00:00:00.000000000 Z
+date: 2021-11-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport