dependabot-common 0.167.0 → 0.169.2

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 84544008a2a1d9bf20219eadc873bf5afe920f59c70dce70433238580a935194
4
- data.tar.gz: b11c970d8fb84093186d5a71183ad16fce888c45bf7bdb1cd611b7ab941ca98e
3
+ metadata.gz: 820c80bbb8523f135149038faf4d10975db0f176c65c503928ed60c265e04a1e
4
+ data.tar.gz: 8ea90759f8a49f8691b90e2735c43c355dc8e83a8f7487732aff8f8dff9db18b
5
5
  SHA512:
6
- metadata.gz: 1980802cc40d2812329f6367b83cb82e7f7721aa2a849ba4a2e31b0774494e62439652f62c619ff3d04b1b828984a48e19fca7f04f887f0e7d9576ddc41e8ebe
7
- data.tar.gz: 8db3ec73e21238eee90054598ffe143235fd37c3185349491e59f556e50dca47e743ec7d4dda43edd965dcc4b0b90632fac4b37d9d3640d38e48cd617879f69c
6
+ metadata.gz: 790673cefe994c1e897a18c89fb60e2e61d6345b82cc3b7ca5d6e004e71ab4df76f5c7de4e976aaf29c88e7838f397255cca60da464ed6ed46f7dd9b80ff1804
7
+ data.tar.gz: 4c1b9fca81be25ca51b7d9be524f991c23851cb38b40ec00a1b6b55c1e7ab6f5c43fef9ef1e929f929ae24145c15f1dfcadc757c54ed40642014c01d62d850c1
@@ -18,6 +18,8 @@ module Dependabot
18
18
 
19
19
  class Forbidden < StandardError; end
20
20
 
21
+ class TagsCreationForbidden < StandardError; end
22
+
21
23
  RETRYABLE_ERRORS = [InternalServerError, BadGateway, ServiceNotAvailable].freeze
22
24
 
23
25
  MAX_PR_DESCRIPTION_LENGTH = 3999
@@ -264,7 +266,12 @@ module Dependabot
264
266
  end
265
267
 
266
268
  raise Unauthorized if response.status == 401
267
- raise Forbidden if response.status == 403
269
+
270
+ if response.status == 403
271
+ raise TagsCreationForbidden if tags_creation_forbidden?(response)
272
+
273
+ raise Forbidden
274
+ end
268
275
  raise NotFound if response.status == 404
269
276
 
270
277
  response
@@ -310,6 +317,13 @@ module Dependabot
310
317
  pr_description.force_encoding(Encoding::UTF_8)
311
318
  end
312
319
 
320
+ def tags_creation_forbidden?(response)
321
+ return if response.body.empty?
322
+
323
+ message = JSON.parse(response.body).fetch("message", nil)
324
+ message&.include?("TF401289")
325
+ end
326
+
313
327
  attr_reader :auth_header
314
328
  attr_reader :credentials
315
329
  attr_reader :source
@@ -1,7 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  require "excon"
4
- require "pandoc-ruby"
5
4
 
6
5
  require "dependabot/clients/github_with_retries"
7
6
  require "dependabot/clients/gitlab_with_retries"
@@ -37,29 +36,10 @@ module Dependabot
37
36
  def changelog_text
38
37
  return unless full_changelog_text
39
38
 
40
- pruned_text = ChangelogPruner.new(
39
+ ChangelogPruner.new(
41
40
  dependency: dependency,
42
41
  changelog_text: full_changelog_text
43
42
  ).pruned_text
44
-
45
- return pruned_text unless changelog.name.end_with?(".rst")
46
-
47
- begin
48
- PandocRuby.convert(
49
- pruned_text,
50
- from: :rst,
51
- to: :markdown,
52
- wrap: :none,
53
- timeout: 10
54
- )
55
- rescue Errno::ENOENT => e
56
- raise unless e.message == "No such file or directory - pandoc"
57
-
58
- # If pandoc isn't installed just return the rst
59
- pruned_text
60
- rescue RuntimeError
61
- pruned_text
62
- end
63
43
  end
64
44
 
65
45
  def upgrade_guide_url
@@ -142,6 +142,20 @@ module Dependabot
142
142
  end
143
143
 
144
144
  def message_trailers
145
+ return unless signoff_trailers || custom_trailers
146
+
147
+ [signoff_trailers, custom_trailers].compact.join("\n")
148
+ end
149
+
150
+ def custom_trailers
151
+ trailers = commit_message_options[:trailers]
152
+ return if trailers.nil?
153
+ raise("Commit trailers must be a Hash object") unless trailers.is_a?(Hash)
154
+
155
+ trailers.compact.map { |k, v| "#{k}: #{v}" }.join("\n")
156
+ end
157
+
158
+ def signoff_trailers
145
159
  return unless on_behalf_of_message || signoff_message
146
160
 
147
161
  [on_behalf_of_message, signoff_message].compact.join("\n")
@@ -23,7 +23,7 @@ module Dependabot
23
23
  #
24
24
  # If you wish to disable this behaviour when using Dependabot Core directly,
25
25
  # pass a nil value when initialising this class.
26
- DEFAULT_GITHUB_REDIRECTION_SERVICE = "github-redirect.dependabot.com"
26
+ DEFAULT_GITHUB_REDIRECTION_SERVICE = "redirect.github.com"
27
27
 
28
28
  class RepoNotFound < StandardError; end
29
29
 
@@ -280,10 +280,10 @@ module Dependabot
280
280
  FileUtils.mv(backup_path, GIT_CONFIG_GLOBAL_PATH)
281
281
  end
282
282
 
283
- def self.run_shell_command(command, allow_unsafe_shell_command: false)
283
+ def self.run_shell_command(command, allow_unsafe_shell_command: false, env: {})
284
284
  start = Time.now
285
285
  cmd = allow_unsafe_shell_command ? command : escape_command(command)
286
- stdout, process = Open3.capture2e(cmd)
286
+ stdout, process = Open3.capture2e(env || {}, cmd)
287
287
  time_taken = Time.now - start
288
288
 
289
289
  # Raise an error with the output from the shell session if the
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Dependabot
4
- VERSION = "0.167.0"
4
+ VERSION = "0.169.2"
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.167.0
4
+ version: 0.169.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-11-16 00:00:00.000000000 Z
11
+ date: 2021-11-30 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -182,20 +182,6 @@ dependencies:
182
182
  - - "~>"
183
183
  - !ruby/object:Gem::Version
184
184
  version: '4.6'
185
- - !ruby/object:Gem::Dependency
186
- name: pandoc-ruby
187
- requirement: !ruby/object:Gem::Requirement
188
- requirements:
189
- - - "~>"
190
- - !ruby/object:Gem::Version
191
- version: '2.0'
192
- type: :runtime
193
- prerelease: false
194
- version_requirements: !ruby/object:Gem::Requirement
195
- requirements:
196
- - - "~>"
197
- - !ruby/object:Gem::Version
198
- version: '2.0'
199
185
  - !ruby/object:Gem::Dependency
200
186
  name: parser
201
187
  requirement: !ruby/object:Gem::Requirement