dependabot-common 0.211.0 → 0.213.0

data/lib/dependabot/shared_helpers.rb

@@ -17,9 +17,9 @@ require "dependabot/version"
 module Dependabot
   module SharedHelpers
     GIT_CONFIG_GLOBAL_PATH = File.expand_path("~/.gitconfig")
-    USER_AGENT = "dependabot-core/#{Dependabot::VERSION} "\
-                 "#{Excon::USER_AGENT} ruby/#{RUBY_VERSION} "\
-                 "(#{RUBY_PLATFORM}) "\
+    USER_AGENT = "dependabot-core/#{Dependabot::VERSION} " \
+                 "#{Excon::USER_AGENT} ruby/#{RUBY_VERSION} " \
+                 "(#{RUBY_PLATFORM}) " \
                  "(+https://github.com/dependabot/dependabot-core)"
     SIGKILL = 9
 
@@ -32,7 +32,7 @@ module Dependabot
         reset_git_repo(repo_contents_path)
         # Handle missing directories by creating an empty one and relying on the
         # file fetcher to raise a DependencyFileNotFound error
-        FileUtils.mkdir_p(path) unless Dir.exist?(path)
+        FileUtils.mkdir_p(path)
         Dir.chdir(path) { yield(path) }
       else
         in_a_temporary_directory(directory, &block)
@@ -40,7 +40,7 @@ module Dependabot
     end
 
     def self.in_a_temporary_directory(directory = "/")
-      Dir.mkdir(Utils::BUMP_TMP_DIR_PATH) unless Dir.exist?(Utils::BUMP_TMP_DIR_PATH)
+      FileUtils.mkdir_p(Utils::BUMP_TMP_DIR_PATH)
       tmp_dir = Dir.mktmpdir(Utils::BUMP_TMP_FILE_PREFIX, Utils::BUMP_TMP_DIR_PATH)
 
       begin
@@ -188,7 +188,7 @@ module Dependabot
       # a wrapper binary that only allows non-mutating commands. Without this,
       # whenever the credentials are deemed to be invalid, they're erased.
       run_shell_command(
-        "git config --global credential.helper "\
+        "git config --global credential.helper " \
         "'!#{credential_helper_path} --file #{Dir.pwd}/git.store'",
         allow_unsafe_shell_command: true
       )
@@ -224,7 +224,7 @@ module Dependabot
         next unless cred["username"] && cred["password"]
 
         authenticated_url =
-          "https://#{cred.fetch('username')}:#{cred.fetch('password')}"\
+          "https://#{cred.fetch('username')}:#{cred.fetch('password')}" \
           "@#{cred.fetch('host')}"
 
         git_store_content += authenticated_url + "\n"
@@ -241,23 +241,23 @@ module Dependabot
       # NOTE: we use --global here (rather than --system) so that Dependabot
       # can be run without privileged access
       run_shell_command(
-        "git config --global --replace-all url.https://#{host}/."\
+        "git config --global --replace-all url.https://#{host}/." \
         "insteadOf ssh://git@#{host}/"
       )
       run_shell_command(
-        "git config --global --add url.https://#{host}/."\
+        "git config --global --add url.https://#{host}/." \
         "insteadOf ssh://git@#{host}:"
       )
       run_shell_command(
-        "git config --global --add url.https://#{host}/."\
+        "git config --global --add url.https://#{host}/." \
         "insteadOf git@#{host}:"
       )
       run_shell_command(
-        "git config --global --add url.https://#{host}/."\
+        "git config --global --add url.https://#{host}/." \
         "insteadOf git@#{host}/"
       )
       run_shell_command(
-        "git config --global --add url.https://#{host}/."\
+        "git config --global --add url.https://#{host}/." \
         "insteadOf git://#{host}/"
       )
     end

data/lib/dependabot/source.rb

@@ -7,7 +7,7 @@ module Dependabot
       (?:\.com)[/:]
       (?<repo>[\w.-]+/(?:(?!\.git|\.\s)[\w.-])+)
       (?:(?:/tree|/blob)/(?<branch>[^/]+)/(?<directory>.*)[\#|/])?
-    }x.freeze
+    }x
 
     GITHUB_ENTERPRISE_SOURCE = %r{
       (?<protocol>(http://|https://|git://|ssh://))*
@@ -16,27 +16,27 @@ module Dependabot
       [/:]
       (?<repo>[\w.-]+/(?:(?!\.git|\.\s)[\w.-])+)
       (?:(?:/tree|/blob)/(?<branch>[^/]+)/(?<directory>.*)[\#|/])?
-    }x.freeze
+    }x
 
     GITLAB_SOURCE = %r{
       (?<provider>gitlab)
       (?:\.com)[/:]
-      (?<repo>(?!\.git|/tree|/blob)[\w./-]+?)(?:\.git)?
-      (?:(?:/tree|/blob)/(?<branch>[^/]+)/(?<directory>.*)[\#|/].*)?$
-    }x.freeze
+      (?<repo>[^/]+/(?:(?!\.git)[^/])+((?!/tree|/blob/|/-)/[^/]+)?)
+      (?:(?:/tree|/blob)/(?<branch>[^/]+)/(?<directory>.*)[\#|/].*)?
+    }x
 
     BITBUCKET_SOURCE = %r{
       (?<provider>bitbucket)
       (?:\.org)[/:]
       (?<repo>[\w.-]+/(?:(?!\.git|\.\s)[\w.-])+)
       (?:(?:/src)/(?<branch>[^/]+)/(?<directory>.*)[\#|/])?
-    }x.freeze
+    }x
 
     AZURE_SOURCE = %r{
       (?<provider>azure)
       (?:\.com)[/:]
       (?<repo>[\w.-]+/([\w.-]+/)?(?:_git/)(?:(?!\.git|\.\s)[\w.-])+)
-    }x.freeze
+    }x
 
     CODECOMMIT_SOURCE = %r{
       (?<protocol>(http://|https://|git://|ssh://))
@@ -48,7 +48,7 @@ module Dependabot
       (?:/)?(?<directory>[^?]*)?
       [?]?
       (?<ref>.*)?
-    }x.freeze
+    }x
 
     SOURCE_REGEX = /
       (?:#{GITHUB_SOURCE})|
@@ -56,7 +56,7 @@ module Dependabot
       (?:#{BITBUCKET_SOURCE})|
       (?:#{AZURE_SOURCE})|
       (?:#{CODECOMMIT_SOURCE})
-    /x.freeze
+    /x
 
     IGNORED_PROVIDER_HOSTS = %w(gitbox.apache.org svn.apache.org fuchsia.googlesource.com).freeze
 
@@ -109,8 +109,8 @@ module Dependabot
     def initialize(provider:, repo:, directory: nil, branch: nil, commit: nil,
                    hostname: nil, api_endpoint: nil)
       if (hostname.nil? ^ api_endpoint.nil?) && (provider != "codecommit")
-        msg = "Both hostname and api_endpoint must be specified if either "\
-              "are. Alternatively, both may be left blank to use the "\
+        msg = "Both hostname and api_endpoint must be specified if either " \
+              "are. Alternatively, both may be left blank to use the " \
               "provider's defaults."
         raise msg
       end

data/lib/dependabot/update_checkers/base.rb

@@ -120,7 +120,7 @@ module Dependabot
         Utils.requirement_class_for_package_manager(dependency.package_manager)
       end
 
-      # For some langauges, the manifest file may be constructed such that
+      # For some languages, the manifest file may be constructed such that
       # Dependabot has no way to update it (e.g., if it fetches its versions
       # from a web API). This method is overridden in those cases.
       def requirements_unlocked_or_can_be?
@@ -287,7 +287,7 @@ module Dependabot
 
       def version_from_requirements
         @version_from_requirements ||=
-          dependency.requirements.map { |r| r.fetch(:requirement) }.compact.
+          dependency.requirements.filter_map { |r| r.fetch(:requirement) }.
           flat_map { |req_str| requirement_class.requirements_array(req_str) }.
           flat_map(&:requirements).
           reject { |req_array| req_array.first.start_with?("<") }.

data/lib/dependabot/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Dependabot
-  VERSION = "0.211.0"
+  VERSION = "0.213.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-common
 version: !ruby/object:Gem::Version
-  version: 0.211.0
+  version: 0.213.0
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-08-23 00:00:00.000000000 Z
+date: 2022-10-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -132,14 +132,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.3.0
+        version: 2.6.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.3.0
+        version: 2.6.0
 - !ruby/object:Gem::Dependency
   name: gitlab
   requirement: !ruby/object:Gem::Requirement
@@ -177,7 +177,7 @@ dependencies:
         version: '4.6'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '6.0'
+        version: '7.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -187,7 +187,7 @@ dependencies:
         version: '4.6'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '6.0'
+        version: '7.0'
 - !ruby/object:Gem::Dependency
   name: parser
   requirement: !ruby/object:Gem::Requirement
@@ -228,34 +228,6 @@ dependencies:
     - - "<"
       - !ruby/object:Gem::Version
         version: '3.0'
-- !ruby/object:Gem::Dependency
-  name: debase
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.2.3
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.2.3
-- !ruby/object:Gem::Dependency
-  name: debase-ruby_core_source
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.10.16
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.10.16
 - !ruby/object:Gem::Dependency
   name: debug
   requirement: !ruby/object:Gem::Requirement
@@ -290,14 +262,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.11.1
+        version: 3.13.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.11.1
+        version: 3.13.0
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -346,28 +318,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.35.1
+        version: 1.37.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.35.1
+        version: 1.37.1
 - !ruby/object:Gem::Dependency
-  name: ruby-debug-ide
+  name: rubocop-performance
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.7.3
+        version: 1.15.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.7.3
+        version: 1.15.0
 - !ruby/object:Gem::Dependency
   name: simplecov
   requirement: !ruby/object:Gem::Requirement
@@ -461,6 +433,7 @@ files:
 - lib/dependabot/dependency.rb
 - lib/dependabot/dependency_file.rb
 - lib/dependabot/errors.rb
+- lib/dependabot/experiments.rb
 - lib/dependabot/file_fetchers.rb
 - lib/dependabot/file_fetchers/README.md
 - lib/dependabot/file_fetchers/base.rb
@@ -525,14 +498,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.7.0
+      version: 3.1.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.7.3
+      version: 3.3.22
 requirements: []
-rubygems_version: 3.1.6
+rubygems_version: 3.3.7
 signing_key: 
 specification_version: 4
 summary: Shared code used between Dependabot package managers