dependabot-common 0.232.0 → 0.234.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/clients/azure.rb +32 -26
- data/lib/dependabot/clients/bitbucket.rb +1 -1
- data/lib/dependabot/clients/bitbucket_with_retries.rb +2 -2
- data/lib/dependabot/clients/codecommit.rb +3 -1
- data/lib/dependabot/clients/github_with_retries.rb +3 -3
- data/lib/dependabot/clients/gitlab_with_retries.rb +3 -3
- data/lib/dependabot/dependency_group.rb +1 -10
- data/lib/dependabot/errors.rb +14 -0
- data/lib/dependabot/file_fetchers.rb +9 -2
- data/lib/dependabot/file_parsers.rb +9 -2
- data/lib/dependabot/file_updaters.rb +9 -2
- data/lib/dependabot/git_commit_checker.rb +17 -16
- data/lib/dependabot/pull_request_creator/branch_namer/solo_strategy.rb +2 -2
- data/lib/dependabot/pull_request_creator/github.rb +1 -2
- data/lib/dependabot/pull_request_creator/message_builder.rb +2 -2
- data/lib/dependabot/pull_request_creator/pr_name_prefixer.rb +2 -2
- data/lib/dependabot/shared_helpers.rb +2 -2
- data/lib/dependabot/update_checkers.rb +9 -2
- data/lib/dependabot/utils.rb +15 -5
- data/lib/dependabot.rb +2 -2
- data/lib/wildcard_matcher.rb +4 -1
- metadata +19 -19
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 621688a92a0526cbe086c2fe30d824e0827ba4d98f7a7f4218560f80311579a2
|
|
4
|
+
data.tar.gz: 9643f1ea4eb456787c3b6db3962e0c5fe67cb793fff44415be1b4c6d1f6d79c0
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a3461d4923d3826280c52e4ddbb936e55ec13e2f1d448b8a99b66a2f0d6996a5db592f06810084b8f8a9795c1d4d7070d40f24bbe3e444b1563ac61cc58cd35f
|
|
7
|
+
data.tar.gz: 9903829aa7321ee5c3f7840a62bc32baa9c6be48d3b4ad682c939b65a78d965d7ff0c6eefbe683a868b4af945aeb204d12c8c4a908fe9f597346a4ff08a4d6ce
|
|
@@ -1,12 +1,15 @@
|
|
|
1
|
-
# typed:
|
|
1
|
+
# typed: true
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require "dependabot/shared_helpers"
|
|
5
5
|
require "excon"
|
|
6
|
+
require "sorbet-runtime"
|
|
6
7
|
|
|
7
8
|
module Dependabot
|
|
8
9
|
module Clients
|
|
9
10
|
class Azure
|
|
11
|
+
extend T::Sig
|
|
12
|
+
|
|
10
13
|
class NotFound < StandardError; end
|
|
11
14
|
|
|
12
15
|
class InternalServerError < StandardError; end
|
|
@@ -253,8 +256,9 @@ module Dependabot
|
|
|
253
256
|
JSON.parse(response.body).fetch("value")
|
|
254
257
|
end
|
|
255
258
|
|
|
259
|
+
sig { params(url: String).returns(Excon::Response) }
|
|
256
260
|
def get(url)
|
|
257
|
-
response = nil
|
|
261
|
+
response = T.let(nil, T.nilable(Excon::Response))
|
|
258
262
|
|
|
259
263
|
retry_connection_failures do
|
|
260
264
|
response = Excon.get(
|
|
@@ -267,20 +271,21 @@ module Dependabot
|
|
|
267
271
|
)
|
|
268
272
|
)
|
|
269
273
|
|
|
270
|
-
raise InternalServerError if response
|
|
271
|
-
raise BadGateway if response
|
|
272
|
-
raise ServiceNotAvailable if response
|
|
274
|
+
raise InternalServerError if response&.status == 500
|
|
275
|
+
raise BadGateway if response&.status == 502
|
|
276
|
+
raise ServiceNotAvailable if response&.status == 503
|
|
273
277
|
end
|
|
274
278
|
|
|
275
|
-
raise Unauthorized if response
|
|
276
|
-
raise Forbidden if response
|
|
277
|
-
raise NotFound if response
|
|
279
|
+
raise Unauthorized if response&.status == 401
|
|
280
|
+
raise Forbidden if response&.status == 403
|
|
281
|
+
raise NotFound if response&.status == 404
|
|
278
282
|
|
|
279
|
-
response
|
|
283
|
+
T.must(response)
|
|
280
284
|
end
|
|
281
285
|
|
|
282
|
-
|
|
283
|
-
|
|
286
|
+
sig { params(url: String, json: String).returns(Excon::Response) }
|
|
287
|
+
def post(url, json) # rubocop:disable Metrics/PerceivedComplexity
|
|
288
|
+
response = T.let(nil, T.nilable(Excon::Response))
|
|
284
289
|
|
|
285
290
|
retry_connection_failures do
|
|
286
291
|
response = Excon.post(
|
|
@@ -298,25 +303,26 @@ module Dependabot
|
|
|
298
303
|
)
|
|
299
304
|
)
|
|
300
305
|
|
|
301
|
-
raise InternalServerError if response
|
|
302
|
-
raise BadGateway if response
|
|
303
|
-
raise ServiceNotAvailable if response
|
|
306
|
+
raise InternalServerError if response&.status == 500
|
|
307
|
+
raise BadGateway if response&.status == 502
|
|
308
|
+
raise ServiceNotAvailable if response&.status == 503
|
|
304
309
|
end
|
|
305
310
|
|
|
306
|
-
raise Unauthorized if response
|
|
311
|
+
raise Unauthorized if response&.status == 401
|
|
307
312
|
|
|
308
|
-
if response
|
|
313
|
+
if response&.status == 403
|
|
309
314
|
raise TagsCreationForbidden if tags_creation_forbidden?(response)
|
|
310
315
|
|
|
311
316
|
raise Forbidden
|
|
312
317
|
end
|
|
313
|
-
raise NotFound if response
|
|
318
|
+
raise NotFound if response&.status == 404
|
|
314
319
|
|
|
315
|
-
response
|
|
320
|
+
T.must(response)
|
|
316
321
|
end
|
|
317
322
|
|
|
323
|
+
sig { params(url: String, json: String).returns(Excon::Response) }
|
|
318
324
|
def patch(url, json)
|
|
319
|
-
response = nil
|
|
325
|
+
response = T.let(nil, T.nilable(Excon::Response))
|
|
320
326
|
|
|
321
327
|
retry_connection_failures do
|
|
322
328
|
response = Excon.patch(
|
|
@@ -334,16 +340,16 @@ module Dependabot
|
|
|
334
340
|
)
|
|
335
341
|
)
|
|
336
342
|
|
|
337
|
-
raise InternalServerError if response
|
|
338
|
-
raise BadGateway if response
|
|
339
|
-
raise ServiceNotAvailable if response
|
|
343
|
+
raise InternalServerError if response&.status == 500
|
|
344
|
+
raise BadGateway if response&.status == 502
|
|
345
|
+
raise ServiceNotAvailable if response&.status == 503
|
|
340
346
|
end
|
|
341
347
|
|
|
342
|
-
raise Unauthorized if response
|
|
343
|
-
raise Forbidden if response
|
|
344
|
-
raise NotFound if response
|
|
348
|
+
raise Unauthorized if response&.status == 401
|
|
349
|
+
raise Forbidden if response&.status == 403
|
|
350
|
+
raise NotFound if response&.status == 404
|
|
345
351
|
|
|
346
|
-
response
|
|
352
|
+
T.must(response)
|
|
347
353
|
end
|
|
348
354
|
|
|
349
355
|
private
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# typed:
|
|
1
|
+
# typed: true
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require_relative "bitbucket"
|
|
@@ -30,7 +30,7 @@ module Dependabot
|
|
|
30
30
|
|
|
31
31
|
def initialize(max_retries: 3, **args)
|
|
32
32
|
@max_retries = max_retries || 3
|
|
33
|
-
@client = Bitbucket.new(**args)
|
|
33
|
+
@client = Bitbucket.new(**T.unsafe(args))
|
|
34
34
|
end
|
|
35
35
|
|
|
36
36
|
def method_missing(method_name, *args, &block)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# typed:
|
|
1
|
+
# typed: true
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require "dependabot/shared_helpers"
|
|
@@ -6,6 +6,8 @@ require "dependabot/shared_helpers"
|
|
|
6
6
|
module Dependabot
|
|
7
7
|
module Clients
|
|
8
8
|
class CodeCommit
|
|
9
|
+
extend T::Sig
|
|
10
|
+
|
|
9
11
|
class NotFound < StandardError; end
|
|
10
12
|
|
|
11
13
|
#######################
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# typed:
|
|
1
|
+
# typed: true
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require "octokit"
|
|
@@ -67,7 +67,7 @@ module Dependabot
|
|
|
67
67
|
#################
|
|
68
68
|
|
|
69
69
|
def fetch_commit(repo, branch)
|
|
70
|
-
response = ref(repo, "heads/#{branch}")
|
|
70
|
+
response = T.unsafe(self).ref(repo, "heads/#{branch}")
|
|
71
71
|
|
|
72
72
|
raise Octokit::NotFound if response.is_a?(Array)
|
|
73
73
|
|
|
@@ -75,7 +75,7 @@ module Dependabot
|
|
|
75
75
|
end
|
|
76
76
|
|
|
77
77
|
def fetch_default_branch(repo)
|
|
78
|
-
repository(repo).default_branch
|
|
78
|
+
T.unsafe(self).repository(repo).default_branch
|
|
79
79
|
end
|
|
80
80
|
|
|
81
81
|
############
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# typed:
|
|
1
|
+
# typed: true
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require "gitlab"
|
|
@@ -50,11 +50,11 @@ module Dependabot
|
|
|
50
50
|
#################
|
|
51
51
|
|
|
52
52
|
def fetch_commit(repo, branch)
|
|
53
|
-
branch(repo, branch).commit.id
|
|
53
|
+
T.unsafe(self).branch(repo, branch).commit.id
|
|
54
54
|
end
|
|
55
55
|
|
|
56
56
|
def fetch_default_branch(repo)
|
|
57
|
-
project(repo).default_branch
|
|
57
|
+
T.unsafe(self).project(repo).default_branch
|
|
58
58
|
end
|
|
59
59
|
|
|
60
60
|
############
|
|
@@ -10,21 +10,12 @@ require "yaml"
|
|
|
10
10
|
|
|
11
11
|
module Dependabot
|
|
12
12
|
class DependencyGroup
|
|
13
|
-
attr_reader :name, :rules, :dependencies
|
|
13
|
+
attr_reader :name, :rules, :dependencies
|
|
14
14
|
|
|
15
15
|
def initialize(name:, rules:)
|
|
16
16
|
@name = name
|
|
17
17
|
@rules = rules
|
|
18
18
|
@dependencies = []
|
|
19
|
-
@handled_dependencies = Set.new
|
|
20
|
-
end
|
|
21
|
-
|
|
22
|
-
def add_to_handled(*dependencies)
|
|
23
|
-
@handled_dependencies += dependencies.map(&:name)
|
|
24
|
-
end
|
|
25
|
-
|
|
26
|
-
def add_all_to_handled
|
|
27
|
-
@handled_dependencies += dependencies.map(&:name)
|
|
28
19
|
end
|
|
29
20
|
|
|
30
21
|
def contains?(dependency)
|
data/lib/dependabot/errors.rb
CHANGED
|
@@ -76,6 +76,20 @@ module Dependabot
|
|
|
76
76
|
# File level errors #
|
|
77
77
|
#####################
|
|
78
78
|
|
|
79
|
+
class ToolVersionNotSupported < DependabotError
|
|
80
|
+
attr_reader :tool_name, :detected_version, :supported_versions
|
|
81
|
+
|
|
82
|
+
def initialize(tool_name, detected_version, supported_versions)
|
|
83
|
+
@tool_name = tool_name
|
|
84
|
+
@detected_version = detected_version
|
|
85
|
+
@supported_versions = supported_versions
|
|
86
|
+
|
|
87
|
+
msg = "Dependabot detected the following #{tool_name} requirement for your project: '#{detected_version}'." \
|
|
88
|
+
"\n\nCurrently, the following #{tool_name} versions are supported in Dependabot: #{supported_versions}."
|
|
89
|
+
super(msg)
|
|
90
|
+
end
|
|
91
|
+
end
|
|
92
|
+
|
|
79
93
|
class DependencyFileNotFound < DependabotError
|
|
80
94
|
attr_reader :file_path
|
|
81
95
|
|
|
@@ -1,10 +1,16 @@
|
|
|
1
|
-
# typed:
|
|
1
|
+
# typed: strong
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
|
+
require "sorbet-runtime"
|
|
5
|
+
require "dependabot/file_fetchers/base"
|
|
6
|
+
|
|
4
7
|
module Dependabot
|
|
5
8
|
module FileFetchers
|
|
6
|
-
|
|
9
|
+
extend T::Sig
|
|
10
|
+
|
|
11
|
+
@file_fetchers = T.let({}, T::Hash[String, T.class_of(Dependabot::FileFetchers::Base)])
|
|
7
12
|
|
|
13
|
+
sig { params(package_manager: String).returns(T.class_of(Dependabot::FileFetchers::Base)) }
|
|
8
14
|
def self.for_package_manager(package_manager)
|
|
9
15
|
file_fetcher = @file_fetchers[package_manager]
|
|
10
16
|
return file_fetcher if file_fetcher
|
|
@@ -12,6 +18,7 @@ module Dependabot
|
|
|
12
18
|
raise "Unsupported package_manager #{package_manager}"
|
|
13
19
|
end
|
|
14
20
|
|
|
21
|
+
sig { params(package_manager: String, file_fetcher: T.class_of(Dependabot::FileFetchers::Base)).void }
|
|
15
22
|
def self.register(package_manager, file_fetcher)
|
|
16
23
|
@file_fetchers[package_manager] = file_fetcher
|
|
17
24
|
end
|
|
@@ -1,10 +1,16 @@
|
|
|
1
|
-
# typed:
|
|
1
|
+
# typed: strong
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
|
+
require "sorbet-runtime"
|
|
5
|
+
require "dependabot/file_parsers/base"
|
|
6
|
+
|
|
4
7
|
module Dependabot
|
|
5
8
|
module FileParsers
|
|
6
|
-
|
|
9
|
+
extend T::Sig
|
|
10
|
+
|
|
11
|
+
@file_parsers = T.let({}, T::Hash[String, T.class_of(Dependabot::FileParsers::Base)])
|
|
7
12
|
|
|
13
|
+
sig { params(package_manager: String).returns(T.class_of(Dependabot::FileParsers::Base)) }
|
|
8
14
|
def self.for_package_manager(package_manager)
|
|
9
15
|
file_parser = @file_parsers[package_manager]
|
|
10
16
|
return file_parser if file_parser
|
|
@@ -12,6 +18,7 @@ module Dependabot
|
|
|
12
18
|
raise "Unsupported package_manager #{package_manager}"
|
|
13
19
|
end
|
|
14
20
|
|
|
21
|
+
sig { params(package_manager: String, file_parser: T.class_of(Dependabot::FileParsers::Base)).void }
|
|
15
22
|
def self.register(package_manager, file_parser)
|
|
16
23
|
@file_parsers[package_manager] = file_parser
|
|
17
24
|
end
|
|
@@ -1,10 +1,16 @@
|
|
|
1
|
-
# typed:
|
|
1
|
+
# typed: strong
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
|
+
require "sorbet-runtime"
|
|
5
|
+
require "dependabot/file_updaters/base"
|
|
6
|
+
|
|
4
7
|
module Dependabot
|
|
5
8
|
module FileUpdaters
|
|
6
|
-
|
|
9
|
+
extend T::Sig
|
|
10
|
+
|
|
11
|
+
@file_updaters = T.let({}, T::Hash[String, T.class_of(Dependabot::FileUpdaters::Base)])
|
|
7
12
|
|
|
13
|
+
sig { params(package_manager: String).returns(T.class_of(Dependabot::FileUpdaters::Base)) }
|
|
8
14
|
def self.for_package_manager(package_manager)
|
|
9
15
|
file_updater = @file_updaters[package_manager]
|
|
10
16
|
return file_updater if file_updater
|
|
@@ -12,6 +18,7 @@ module Dependabot
|
|
|
12
18
|
raise "Unsupported package_manager #{package_manager}"
|
|
13
19
|
end
|
|
14
20
|
|
|
21
|
+
sig { params(package_manager: String, file_updater: T.class_of(Dependabot::FileUpdaters::Base)).void }
|
|
15
22
|
def self.register(package_manager, file_updater)
|
|
16
23
|
@file_updaters[package_manager] = file_updater
|
|
17
24
|
end
|
|
@@ -24,12 +24,13 @@ module Dependabot
|
|
|
24
24
|
|
|
25
25
|
def initialize(dependency:, credentials:,
|
|
26
26
|
ignored_versions: [], raise_on_ignored: false,
|
|
27
|
-
consider_version_branches_pinned: false)
|
|
27
|
+
consider_version_branches_pinned: false, dependency_source_details: nil)
|
|
28
28
|
@dependency = dependency
|
|
29
29
|
@credentials = credentials
|
|
30
30
|
@ignored_versions = ignored_versions
|
|
31
31
|
@raise_on_ignored = raise_on_ignored
|
|
32
32
|
@consider_version_branches_pinned = consider_version_branches_pinned
|
|
33
|
+
@dependency_source_details = dependency_source_details
|
|
33
34
|
end
|
|
34
35
|
|
|
35
36
|
def git_dependency?
|
|
@@ -65,7 +66,11 @@ module Dependabot
|
|
|
65
66
|
end
|
|
66
67
|
|
|
67
68
|
def pinned_ref_looks_like_commit_sha?
|
|
68
|
-
ref_looks_like_commit_sha?(ref)
|
|
69
|
+
return false unless ref && ref_looks_like_commit_sha?(ref)
|
|
70
|
+
|
|
71
|
+
return false unless pinned?
|
|
72
|
+
|
|
73
|
+
local_repo_git_metadata_fetcher.head_commit_for_ref(ref).nil?
|
|
69
74
|
end
|
|
70
75
|
|
|
71
76
|
def head_commit_for_pinned_ref
|
|
@@ -73,11 +78,7 @@ module Dependabot
|
|
|
73
78
|
end
|
|
74
79
|
|
|
75
80
|
def ref_looks_like_commit_sha?(ref)
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
return false unless pinned?
|
|
79
|
-
|
|
80
|
-
local_repo_git_metadata_fetcher.head_commit_for_ref(ref).nil?
|
|
81
|
+
ref.match?(/^[0-9a-f]{6,40}$/)
|
|
81
82
|
end
|
|
82
83
|
|
|
83
84
|
def branch_or_ref_in_release?(version)
|
|
@@ -160,7 +161,15 @@ module Dependabot
|
|
|
160
161
|
end
|
|
161
162
|
|
|
162
163
|
def dependency_source_details
|
|
163
|
-
dependency.source_details(allowed_types: ["git"])
|
|
164
|
+
@dependency_source_details || dependency.source_details(allowed_types: ["git"])
|
|
165
|
+
end
|
|
166
|
+
|
|
167
|
+
def most_specific_version_tag_for_sha(commit_sha)
|
|
168
|
+
tags = local_tags.select { |t| t.commit_sha == commit_sha && version_class.correct?(t.name) }
|
|
169
|
+
.sort_by { |t| version_class.new(t.name) }
|
|
170
|
+
return if tags.empty?
|
|
171
|
+
|
|
172
|
+
tags[-1].name
|
|
164
173
|
end
|
|
165
174
|
|
|
166
175
|
private
|
|
@@ -188,14 +197,6 @@ module Dependabot
|
|
|
188
197
|
version.split(".").length
|
|
189
198
|
end
|
|
190
199
|
|
|
191
|
-
def most_specific_version_tag_for_sha(commit_sha)
|
|
192
|
-
tags = local_tags.select { |t| t.commit_sha == commit_sha && version_class.correct?(t.name) }
|
|
193
|
-
.sort_by { |t| version_class.new(t.name) }
|
|
194
|
-
return if tags.empty?
|
|
195
|
-
|
|
196
|
-
tags[-1].name
|
|
197
|
-
end
|
|
198
|
-
|
|
199
200
|
def allowed_versions(local_tags)
|
|
200
201
|
tags =
|
|
201
202
|
local_tags
|
|
@@ -62,7 +62,7 @@ module Dependabot
|
|
|
62
62
|
def property_name
|
|
63
63
|
@property_name ||= dependencies.first.requirements
|
|
64
64
|
.find { |r| r.dig(:metadata, :property_name) }
|
|
65
|
-
|
|
65
|
+
&.dig(:metadata, :property_name)
|
|
66
66
|
|
|
67
67
|
raise "No property name!" unless @property_name
|
|
68
68
|
|
|
@@ -72,7 +72,7 @@ module Dependabot
|
|
|
72
72
|
def dependency_set
|
|
73
73
|
@dependency_set ||= dependencies.first.requirements
|
|
74
74
|
.find { |r| r.dig(:metadata, :dependency_set) }
|
|
75
|
-
|
|
75
|
+
&.dig(:metadata, :dependency_set)
|
|
76
76
|
|
|
77
77
|
raise "No dependency set!" unless @dependency_set
|
|
78
78
|
|
|
@@ -247,8 +247,7 @@ module Dependabot
|
|
|
247
247
|
@branch_name = ref.gsub(%r{^refs/heads/}, "")
|
|
248
248
|
branch
|
|
249
249
|
rescue Octokit::UnprocessableEntity => e
|
|
250
|
-
|
|
251
|
-
return nil if e.message.match?(/Reference already exists/i)
|
|
250
|
+
raise if e.message.match?(/Reference already exists/i)
|
|
252
251
|
|
|
253
252
|
retrying_branch_creation ||= false
|
|
254
253
|
raise if retrying_branch_creation
|
|
@@ -416,7 +416,7 @@ module Dependabot
|
|
|
416
416
|
def property_name
|
|
417
417
|
@property_name ||= dependencies.first.requirements
|
|
418
418
|
.find { |r| r.dig(:metadata, :property_name) }
|
|
419
|
-
|
|
419
|
+
&.dig(:metadata, :property_name)
|
|
420
420
|
|
|
421
421
|
raise "No property name!" unless @property_name
|
|
422
422
|
|
|
@@ -426,7 +426,7 @@ module Dependabot
|
|
|
426
426
|
def dependency_set
|
|
427
427
|
@dependency_set ||= dependencies.first.requirements
|
|
428
428
|
.find { |r| r.dig(:metadata, :dependency_set) }
|
|
429
|
-
|
|
429
|
+
&.dig(:metadata, :dependency_set)
|
|
430
430
|
|
|
431
431
|
raise "No dependency set!" unless @dependency_set
|
|
432
432
|
|
|
@@ -64,7 +64,7 @@ module Dependabot
|
|
|
64
64
|
|
|
65
65
|
def initialize(message:, error_context:, error_class: nil, trace: nil)
|
|
66
66
|
super(message)
|
|
67
|
-
@error_class = error_class || ""
|
|
67
|
+
@error_class = error_class || "HelperSubprocessFailed"
|
|
68
68
|
@error_context = error_context
|
|
69
69
|
@fingerprint = error_context[:fingerprint] || error_context[:command]
|
|
70
70
|
@trace = trace
|
|
@@ -142,8 +142,8 @@ module Dependabot
|
|
|
142
142
|
error_context: error_context
|
|
143
143
|
)
|
|
144
144
|
end
|
|
145
|
-
# rubocop:enable Metrics/MethodLength
|
|
146
145
|
|
|
146
|
+
# rubocop:enable Metrics/MethodLength
|
|
147
147
|
def self.check_out_of_memory_error(stderr, error_context)
|
|
148
148
|
return unless stderr&.include?("JavaScript heap out of memory")
|
|
149
149
|
|
|
@@ -1,10 +1,16 @@
|
|
|
1
|
-
# typed:
|
|
1
|
+
# typed: strong
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
|
+
require "sorbet-runtime"
|
|
5
|
+
require "dependabot/update_checkers/base"
|
|
6
|
+
|
|
4
7
|
module Dependabot
|
|
5
8
|
module UpdateCheckers
|
|
6
|
-
|
|
9
|
+
extend T::Sig
|
|
10
|
+
|
|
11
|
+
@update_checkers = T.let({}, T::Hash[String, T.class_of(Dependabot::UpdateCheckers::Base)])
|
|
7
12
|
|
|
13
|
+
sig { params(package_manager: String).returns(T.class_of(Dependabot::UpdateCheckers::Base)) }
|
|
8
14
|
def self.for_package_manager(package_manager)
|
|
9
15
|
update_checker = @update_checkers[package_manager]
|
|
10
16
|
return update_checker if update_checker
|
|
@@ -12,6 +18,7 @@ module Dependabot
|
|
|
12
18
|
raise "Unsupported package_manager #{package_manager}"
|
|
13
19
|
end
|
|
14
20
|
|
|
21
|
+
sig { params(package_manager: String, update_checker: T.class_of(Dependabot::UpdateCheckers::Base)).void }
|
|
15
22
|
def self.register(package_manager, update_checker)
|
|
16
23
|
@update_checkers[package_manager] = update_checker
|
|
17
24
|
end
|
data/lib/dependabot/utils.rb
CHANGED
|
@@ -1,18 +1,23 @@
|
|
|
1
|
-
# typed:
|
|
1
|
+
# typed: strong
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require "tmpdir"
|
|
5
5
|
require "set"
|
|
6
|
+
require "sorbet-runtime"
|
|
7
|
+
require "dependabot/version"
|
|
6
8
|
|
|
7
9
|
# TODO: in due course, these "registries" should live in a wrapper gem, not
|
|
8
10
|
# dependabot-core.
|
|
9
11
|
module Dependabot
|
|
10
12
|
module Utils
|
|
13
|
+
extend T::Sig
|
|
14
|
+
|
|
11
15
|
BUMP_TMP_FILE_PREFIX = "dependabot_"
|
|
12
|
-
BUMP_TMP_DIR_PATH = File.expand_path(Dir::Tmpname.create("", "tmp") { nil })
|
|
16
|
+
BUMP_TMP_DIR_PATH = T.let(File.expand_path(Dir::Tmpname.create("", "tmp") { nil }), String)
|
|
13
17
|
|
|
14
|
-
@version_classes = {}
|
|
18
|
+
@version_classes = T.let({}, T::Hash[String, T.class_of(Dependabot::Version)])
|
|
15
19
|
|
|
20
|
+
sig { params(package_manager: String).returns(T.class_of(Dependabot::Version)) }
|
|
16
21
|
def self.version_class_for_package_manager(package_manager)
|
|
17
22
|
version_class = @version_classes[package_manager]
|
|
18
23
|
return version_class if version_class
|
|
@@ -20,12 +25,14 @@ module Dependabot
|
|
|
20
25
|
raise "Unsupported package_manager #{package_manager}"
|
|
21
26
|
end
|
|
22
27
|
|
|
28
|
+
sig { params(package_manager: String, version_class: T.class_of(Dependabot::Version)).void }
|
|
23
29
|
def self.register_version_class(package_manager, version_class)
|
|
24
30
|
@version_classes[package_manager] = version_class
|
|
25
31
|
end
|
|
26
32
|
|
|
27
|
-
@requirement_classes = {}
|
|
33
|
+
@requirement_classes = T.let({}, T::Hash[String, T.class_of(Gem::Requirement)])
|
|
28
34
|
|
|
35
|
+
sig { params(package_manager: String).returns(T.class_of(Gem::Requirement)) }
|
|
29
36
|
def self.requirement_class_for_package_manager(package_manager)
|
|
30
37
|
requirement_class = @requirement_classes[package_manager]
|
|
31
38
|
return requirement_class if requirement_class
|
|
@@ -33,16 +40,19 @@ module Dependabot
|
|
|
33
40
|
raise "Unsupported package_manager #{package_manager}"
|
|
34
41
|
end
|
|
35
42
|
|
|
43
|
+
sig { params(package_manager: String, requirement_class: T.class_of(Gem::Requirement)).void }
|
|
36
44
|
def self.register_requirement_class(package_manager, requirement_class)
|
|
37
45
|
@requirement_classes[package_manager] = requirement_class
|
|
38
46
|
end
|
|
39
47
|
|
|
40
|
-
@cloning_package_managers = Set[]
|
|
48
|
+
@cloning_package_managers = T.let(Set[], T::Set[String])
|
|
41
49
|
|
|
50
|
+
sig { params(package_manager: String).returns(T::Boolean) }
|
|
42
51
|
def self.always_clone_for_package_manager?(package_manager)
|
|
43
52
|
@cloning_package_managers.include?(package_manager)
|
|
44
53
|
end
|
|
45
54
|
|
|
55
|
+
sig { params(package_manager: String).void }
|
|
46
56
|
def self.register_always_clone(package_manager)
|
|
47
57
|
@cloning_package_managers << package_manager
|
|
48
58
|
end
|
data/lib/dependabot.rb
CHANGED
data/lib/wildcard_matcher.rb
CHANGED
|
@@ -1,7 +1,10 @@
|
|
|
1
|
-
# typed:
|
|
1
|
+
# typed: strong
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
class WildcardMatcher
|
|
5
|
+
extend T::Sig
|
|
6
|
+
|
|
7
|
+
sig { params(wildcard_string: T.nilable(String), candidate_string: T.nilable(String)).returns(T::Boolean) }
|
|
5
8
|
def self.match?(wildcard_string, candidate_string)
|
|
6
9
|
return false unless wildcard_string && candidate_string
|
|
7
10
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-common
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.234.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-
|
|
11
|
+
date: 2023-10-12 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-codecommit
|
|
@@ -228,14 +228,14 @@ dependencies:
|
|
|
228
228
|
requirements:
|
|
229
229
|
- - "~>"
|
|
230
230
|
- !ruby/object:Gem::Version
|
|
231
|
-
version:
|
|
231
|
+
version: 0.5.11026
|
|
232
232
|
type: :runtime
|
|
233
233
|
prerelease: false
|
|
234
234
|
version_requirements: !ruby/object:Gem::Requirement
|
|
235
235
|
requirements:
|
|
236
236
|
- - "~>"
|
|
237
237
|
- !ruby/object:Gem::Version
|
|
238
|
-
version:
|
|
238
|
+
version: 0.5.11026
|
|
239
239
|
- !ruby/object:Gem::Dependency
|
|
240
240
|
name: toml-rb
|
|
241
241
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -284,20 +284,6 @@ dependencies:
|
|
|
284
284
|
- - "~>"
|
|
285
285
|
- !ruby/object:Gem::Version
|
|
286
286
|
version: '2.0'
|
|
287
|
-
- !ruby/object:Gem::Dependency
|
|
288
|
-
name: parallel_tests
|
|
289
|
-
requirement: !ruby/object:Gem::Requirement
|
|
290
|
-
requirements:
|
|
291
|
-
- - "~>"
|
|
292
|
-
- !ruby/object:Gem::Version
|
|
293
|
-
version: 4.2.0
|
|
294
|
-
type: :development
|
|
295
|
-
prerelease: false
|
|
296
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
297
|
-
requirements:
|
|
298
|
-
- - "~>"
|
|
299
|
-
- !ruby/object:Gem::Version
|
|
300
|
-
version: 4.2.0
|
|
301
287
|
- !ruby/object:Gem::Dependency
|
|
302
288
|
name: rake
|
|
303
289
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -396,6 +382,20 @@ dependencies:
|
|
|
396
382
|
- - "~>"
|
|
397
383
|
- !ruby/object:Gem::Version
|
|
398
384
|
version: 0.2.16
|
|
385
|
+
- !ruby/object:Gem::Dependency
|
|
386
|
+
name: turbo_tests
|
|
387
|
+
requirement: !ruby/object:Gem::Requirement
|
|
388
|
+
requirements:
|
|
389
|
+
- - "~>"
|
|
390
|
+
- !ruby/object:Gem::Version
|
|
391
|
+
version: 2.2.0
|
|
392
|
+
type: :development
|
|
393
|
+
prerelease: false
|
|
394
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
395
|
+
requirements:
|
|
396
|
+
- - "~>"
|
|
397
|
+
- !ruby/object:Gem::Version
|
|
398
|
+
version: 2.2.0
|
|
399
399
|
- !ruby/object:Gem::Dependency
|
|
400
400
|
name: vcr
|
|
401
401
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -514,7 +514,7 @@ licenses:
|
|
|
514
514
|
- Nonstandard
|
|
515
515
|
metadata:
|
|
516
516
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
517
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
517
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.234.0
|
|
518
518
|
post_install_message:
|
|
519
519
|
rdoc_options: []
|
|
520
520
|
require_paths:
|