dependabot-common 0.164.0 → 0.166.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/shared_helpers.rb +6 -2
- data/lib/dependabot/source.rb +42 -1
- data/lib/dependabot/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 61f19fa2ef3292f2a0cf46f25675deee06beacb629351e06dfe3178d2187c51e
|
|
4
|
+
data.tar.gz: ec099d3cf6b2839d0095cb13937366d1276488d96d73fdab0e461d52fa74e441
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c7e0cc953074f0428ca59ec66ba1b34eb2b7f82cd5b009d3865730e8d422bc57673d6d353c23cf69f5323080b855368c1c01db9459cd214fca11e462a173495e
|
|
7
|
+
data.tar.gz: 37a8babd52a43df9bcc2d9c65371677f42c81ae57b8e17f17253084687a157721e97ad6279fbe4b379baf56975bcd9c3b75cbca06bc06a46ffd844480ae1bdd5
|
|
@@ -40,10 +40,14 @@ module Dependabot
|
|
|
40
40
|
|
|
41
41
|
def self.in_a_temporary_directory(directory = "/")
|
|
42
42
|
Dir.mkdir(Utils::BUMP_TMP_DIR_PATH) unless Dir.exist?(Utils::BUMP_TMP_DIR_PATH)
|
|
43
|
-
Dir.mktmpdir(Utils::BUMP_TMP_FILE_PREFIX, Utils::BUMP_TMP_DIR_PATH)
|
|
44
|
-
|
|
43
|
+
tmp_dir = Dir.mktmpdir(Utils::BUMP_TMP_FILE_PREFIX, Utils::BUMP_TMP_DIR_PATH)
|
|
44
|
+
|
|
45
|
+
begin
|
|
46
|
+
path = Pathname.new(File.join(tmp_dir, directory)).expand_path
|
|
45
47
|
FileUtils.mkpath(path)
|
|
46
48
|
Dir.chdir(path) { yield(path) }
|
|
49
|
+
ensure
|
|
50
|
+
FileUtils.rm_rf(tmp_dir)
|
|
47
51
|
end
|
|
48
52
|
end
|
|
49
53
|
|
data/lib/dependabot/source.rb
CHANGED
|
@@ -9,6 +9,15 @@ module Dependabot
|
|
|
9
9
|
(?:(?:/tree|/blob)/(?<branch>[^/]+)/(?<directory>.*)[\#|/])?
|
|
10
10
|
}x.freeze
|
|
11
11
|
|
|
12
|
+
GITHUB_ENTERPRISE_SOURCE = %r{
|
|
13
|
+
(?<protocol>(http://|https://|git://|ssh://))*
|
|
14
|
+
(?<username>[^@]+@)*
|
|
15
|
+
(?<host>[^/]+)
|
|
16
|
+
[/:]
|
|
17
|
+
(?<repo>[\w.-]+/(?:(?!\.git|\.\s)[\w.-])+)
|
|
18
|
+
(?:(?:/tree|/blob)/(?<branch>[^/]+)/(?<directory>.*)[\#|/])?
|
|
19
|
+
}x.freeze
|
|
20
|
+
|
|
12
21
|
GITLAB_SOURCE = %r{
|
|
13
22
|
(?<provider>gitlab)
|
|
14
23
|
(?:\.com)[/:]
|
|
@@ -36,11 +45,13 @@ module Dependabot
|
|
|
36
45
|
(?:#{AZURE_SOURCE})
|
|
37
46
|
/x.freeze
|
|
38
47
|
|
|
48
|
+
IGNORED_PROVIDER_HOSTS = %w(gitbox.apache.org svn.apache.org fuchsia.googlesource.com).freeze
|
|
49
|
+
|
|
39
50
|
attr_accessor :provider, :repo, :directory, :branch, :commit,
|
|
40
51
|
:hostname, :api_endpoint
|
|
41
52
|
|
|
42
53
|
def self.from_url(url_string)
|
|
43
|
-
return unless url_string&.match?(SOURCE_REGEX)
|
|
54
|
+
return github_enterprise_from_url(url_string) unless url_string&.match?(SOURCE_REGEX)
|
|
44
55
|
|
|
45
56
|
captures = url_string.match(SOURCE_REGEX).named_captures
|
|
46
57
|
|
|
@@ -52,6 +63,36 @@ module Dependabot
|
|
|
52
63
|
)
|
|
53
64
|
end
|
|
54
65
|
|
|
66
|
+
def self.github_enterprise_from_url(url_string)
|
|
67
|
+
captures = url_string&.match(GITHUB_ENTERPRISE_SOURCE)&.named_captures
|
|
68
|
+
return unless captures
|
|
69
|
+
return if IGNORED_PROVIDER_HOSTS.include?(captures.fetch("host"))
|
|
70
|
+
|
|
71
|
+
base_url = "https://#{captures.fetch('host')}"
|
|
72
|
+
|
|
73
|
+
return unless github_enterprise?(base_url)
|
|
74
|
+
|
|
75
|
+
new(
|
|
76
|
+
provider: "github",
|
|
77
|
+
repo: captures.fetch("repo"),
|
|
78
|
+
directory: captures.fetch("directory"),
|
|
79
|
+
branch: captures.fetch("branch"),
|
|
80
|
+
hostname: captures.fetch("host"),
|
|
81
|
+
api_endpoint: File.join(base_url, "api", "v3")
|
|
82
|
+
)
|
|
83
|
+
end
|
|
84
|
+
|
|
85
|
+
def self.github_enterprise?(base_url)
|
|
86
|
+
resp = Excon.get(File.join(base_url, "status"))
|
|
87
|
+
resp.status == 200 &&
|
|
88
|
+
# Alternatively: resp.headers["Server"] == "GitHub.com", but this
|
|
89
|
+
# currently doesn't work with development environments
|
|
90
|
+
resp.headers["X-GitHub-Request-Id"] &&
|
|
91
|
+
!resp.headers["X-GitHub-Request-Id"].empty?
|
|
92
|
+
rescue Excon::Error
|
|
93
|
+
false
|
|
94
|
+
end
|
|
95
|
+
|
|
55
96
|
def initialize(provider:, repo:, directory: nil, branch: nil, commit: nil,
|
|
56
97
|
hostname: nil, api_endpoint: nil)
|
|
57
98
|
if (hostname.nil? ^ api_endpoint.nil?) && (provider != "codecommit")
|
data/lib/dependabot/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-common
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.166.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-
|
|
11
|
+
date: 2021-11-14 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|