dependabot-common 0.261.1 → 0.263.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/errors.rb +19 -0
  3. data/lib/dependabot/pull_request_creator/message_builder/link_and_mention_sanitizer.rb +12 -2
  4. data/lib/dependabot/requirements_update_strategy.rb +7 -0
  5. data/lib/dependabot/shared_helpers.rb +3 -0
  6. data/lib/dependabot.rb +1 -1
  7. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 415959ea14773d81bb155264358ab19c52c5dcb8aa8f0c88693a21d7b6088b6a
4
- data.tar.gz: 4ca304de008ac1431d05adf3ef3157fb15a82677361c077d588401ec664029fa
3
+ metadata.gz: 22016be70b3847889c81eabf845be31526245c9236559a27b5109d47018d7235
4
+ data.tar.gz: 13cd4ef806fe2f7e9d3957a053a221282098c1246802b1973900b0679a13911d
5
5
  SHA512:
6
- metadata.gz: e22ca6fd2de98b9c278aa3705722369d50534a8d1cd3d17a3fb745f623ed4b2ec1056b23f77fd87b2dbd026810027b8e384af6d2c21e001c11daac298e387a89
7
- data.tar.gz: 965983f2f7a1598fbdd010c5f9a56f6d82fa4f13a929a9e9e209092b09b94dbcd4de99d5da29723b46454bd6112643861c26a9fce679f731bd6c0e1e75bd337e
6
+ metadata.gz: bf3a197a93951f0296ea1258ee4a8a941732a2cc4a72fb319a31fc9561fa2e661c4079bbc8f3771c7a8d1d774ef38912fbc2c2abf23cad7565929eda505a77b4
7
+ data.tar.gz: 0d8b54e3ff114cc8a3bb58eb8843d781befcf111df3261ac814aa77b262ccda2131aedfe46acd3e556a86e220c90457b3475598d2431bbaf581f954d21e83ddc
data/lib/dependabot/errors.rb CHANGED
@@ -191,6 +191,11 @@ module Dependabot
191
191
  "error-type": "private_source_authentication_failure",
192
192
  "error-detail": { source: error.source }
193
193
  }
194
+ when Dependabot::DependencyNotFound
195
+ {
196
+ "error-type": "dependency_not_found",
197
+ "error-detail": { source: error.source }
198
+ }
194
199
  when Dependabot::PrivateSourceTimedOut
195
200
  {
196
201
  "error-type": "private_source_timed_out",
@@ -511,6 +516,20 @@ module Dependabot
511
516
  end
512
517
  end
513
518
 
519
+ class DependencyNotFound < DependabotError
520
+ extend T::Sig
521
+
522
+ sig { returns(String) }
523
+ attr_reader :source
524
+
525
+ sig { params(source: T.nilable(String)).void }
526
+ def initialize(source)
527
+ @source = T.let(sanitize_source(T.must(source)), String)
528
+ msg = "The following dependency could not be found : #{@source}"
529
+ super(msg)
530
+ end
531
+ end
532
+
514
533
  # Useful for JS file updaters, where the registry API sometimes returns
515
534
  # different results to the actual update process
516
535
  class InconsistentRegistryResponse < DependabotError; end
data/lib/dependabot/pull_request_creator/message_builder/link_and_mention_sanitizer.rb CHANGED
@@ -25,6 +25,10 @@ module Dependabot
25
25
  TEAM_MENTION_REGEX = %r{(?<![A-Za-z0-9`~])@(?<org>#{GITHUB_USERNAME})/(?<team>#{GITHUB_USERNAME})/?}
26
26
  # End of string
27
27
  EOS_REGEX = /\z/
28
+
29
+ # regex to match markdown headers or links
30
+ MARKDOWN_REGEX = /\[(.+?)\]\(([^)]+)\)|\[(.+?)\]|\A#+\s+([^\s].*)/
31
+
28
32
  COMMONMARKER_OPTIONS = T.let(
29
33
  %i(GITHUB_PRE_LANG FULL_INFO_STRING).freeze,
30
34
  T::Array[Symbol]
@@ -53,10 +57,16 @@ module Dependabot
53
57
  sanitize_links(doc)
54
58
  sanitize_nwo_text(doc)
55
59
 
60
+ render_options = if text.match?(MARKDOWN_REGEX)
61
+ COMMONMARKER_OPTIONS
62
+ else
63
+ COMMONMARKER_OPTIONS + [:HARDBREAKS]
64
+ end
65
+
56
66
  mode = unsafe ? :UNSAFE : :DEFAULT
57
- return doc.to_commonmark([mode] + COMMONMARKER_OPTIONS) unless format_html
67
+ return doc.to_commonmark([mode] + render_options) unless format_html
58
68
 
59
- doc.to_html(([mode] + COMMONMARKER_OPTIONS), COMMONMARKER_EXTENSIONS)
69
+ doc.to_html(([mode] + render_options), COMMONMARKER_EXTENSIONS)
60
70
  end
61
71
 
62
72
  private
data/lib/dependabot/requirements_update_strategy.rb CHANGED
@@ -9,5 +9,12 @@ module Dependabot
9
9
  LockfileOnly = new("lockfile_only")
10
10
  WidenRanges = new("widen_ranges")
11
11
  end
12
+
13
+ extend T::Sig
14
+
15
+ sig { returns(T::Boolean) }
16
+ def lockfile_only?
17
+ self == LockfileOnly
18
+ end
12
19
  end
13
20
  end
data/lib/dependabot/shared_helpers.rb CHANGED
@@ -258,13 +258,16 @@ module Dependabot
258
258
  FileUtils.mkdir_p(Utils::BUMP_TMP_DIR_PATH)
259
259
 
260
260
  previous_config = ENV.fetch("GIT_CONFIG_GLOBAL", nil)
261
+ previous_terminal_prompt = ENV.fetch("GIT_TERMINAL_PROMPT", nil)
261
262
 
262
263
  begin
263
264
  ENV["GIT_CONFIG_GLOBAL"] = GIT_CONFIG_GLOBAL_PATH
265
+ ENV["GIT_TERMINAL_PROMPT"] = "false"
264
266
  configure_git_to_use_https_with_credentials(credentials, safe_directories)
265
267
  yield
266
268
  ensure
267
269
  ENV["GIT_CONFIG_GLOBAL"] = previous_config
270
+ ENV["GIT_TERMINAL_PROMPT"] = previous_terminal_prompt
268
271
  end
269
272
  rescue Errno::ENOSPC => e
270
273
  raise Dependabot::OutOfDisk, e.message
data/lib/dependabot.rb CHANGED
@@ -2,5 +2,5 @@
2
2
  # frozen_string_literal: true
3
3
 
4
4
  module Dependabot
5
- VERSION = "0.261.1"
5
+ VERSION = "0.263.0"
6
6
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.261.1
4
+ version: 0.263.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-06-17 00:00:00.000000000 Z
11
+ date: 2024-06-27 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-codecommit
@@ -597,7 +597,7 @@ licenses:
597
597
  - MIT
598
598
  metadata:
599
599
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
600
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.261.1
600
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.263.0
601
601
  post_install_message:
602
602
  rdoc_options: []
603
603
  require_paths: