dependabot-common 0.263.0 → 0.265.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4715cad47e5311ab6deb63b425cb37b8e9ad44266d20154ada92f5eebeb1072a
|
|
4
|
+
data.tar.gz: 4194a3c0d440f8d320cfad7789f2e0237871236e0d39da5dc8b8705608c6176f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d86205634fc7375b9b652137782d4686c4763c278456ce52cd5af6d2778aa19540e4be8fa0203770234264e8e6af15105fffc428d4c5b160b94d6b1719b50a4f
|
|
7
|
+
data.tar.gz: f3db0f9d9fd293ae3904812b81ec15f400a6b16973e4327f6c23556b27ce35bc767821693a4c6f105ed49b2d316546c906d586f9955e55ffcf8301b20720967e
|
data/lib/dependabot/errors.rb
CHANGED
|
@@ -93,12 +93,13 @@ module Dependabot
|
|
|
93
93
|
#
|
|
94
94
|
# options supports custom feature enablement
|
|
95
95
|
sig do
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
96
|
+
overridable
|
|
97
|
+
.params(
|
|
98
|
+
source: Dependabot::Source,
|
|
99
|
+
credentials: T::Array[Dependabot::Credential],
|
|
100
|
+
repo_contents_path: T.nilable(String),
|
|
101
|
+
options: T::Hash[String, String]
|
|
102
|
+
)
|
|
102
103
|
.void
|
|
103
104
|
end
|
|
104
105
|
def initialize(source:, credentials:, repo_contents_path: nil, options: {})
|
|
@@ -144,14 +144,14 @@ module Dependabot
|
|
|
144
144
|
max_local_tag(allowed_version_tags)
|
|
145
145
|
end
|
|
146
146
|
|
|
147
|
-
sig { returns(T::Array[T
|
|
147
|
+
sig { returns(T::Array[T::Hash[Symbol, T.untyped]]) }
|
|
148
148
|
def local_tags_for_allowed_versions_matching_existing_precision
|
|
149
|
-
select_matching_existing_precision(allowed_version_tags).
|
|
149
|
+
select_matching_existing_precision(allowed_version_tags).filter_map { |t| to_local_tag(t) }
|
|
150
150
|
end
|
|
151
151
|
|
|
152
|
-
sig { returns(T::Array[T
|
|
152
|
+
sig { returns(T::Array[T::Hash[Symbol, T.untyped]]) }
|
|
153
153
|
def local_tags_for_allowed_versions
|
|
154
|
-
allowed_version_tags.
|
|
154
|
+
allowed_version_tags.filter_map { |t| to_local_tag(t) }
|
|
155
155
|
end
|
|
156
156
|
|
|
157
157
|
sig { returns(T::Array[Dependabot::GitRef]) }
|
|
@@ -131,16 +131,18 @@ module Dependabot
|
|
|
131
131
|
params(
|
|
132
132
|
command: String,
|
|
133
133
|
function: String,
|
|
134
|
-
args: T.any(T::Array[String], T::Hash[Symbol, String]),
|
|
134
|
+
args: T.any(T::Array[T.any(String, T::Array[T::Hash[String, T.untyped]])], T::Hash[Symbol, String]),
|
|
135
135
|
env: T.nilable(T::Hash[String, String]),
|
|
136
136
|
stderr_to_stdout: T::Boolean,
|
|
137
|
-
allow_unsafe_shell_command: T::Boolean
|
|
137
|
+
allow_unsafe_shell_command: T::Boolean,
|
|
138
|
+
error_class: T.class_of(HelperSubprocessFailed)
|
|
138
139
|
)
|
|
139
140
|
.returns(T.nilable(T.any(String, T::Hash[String, T.untyped], T::Array[T::Hash[String, T.untyped]])))
|
|
140
141
|
end
|
|
141
142
|
def self.run_helper_subprocess(command:, function:, args:, env: nil,
|
|
142
143
|
stderr_to_stdout: false,
|
|
143
|
-
allow_unsafe_shell_command: false
|
|
144
|
+
allow_unsafe_shell_command: false,
|
|
145
|
+
error_class: HelperSubprocessFailed)
|
|
144
146
|
start = Time.now
|
|
145
147
|
stdin_data = JSON.dump(function: function, args: args)
|
|
146
148
|
cmd = allow_unsafe_shell_command ? command : escape_command(command)
|
|
@@ -180,33 +182,54 @@ module Dependabot
|
|
|
180
182
|
process_termsig: process.termsig
|
|
181
183
|
}
|
|
182
184
|
|
|
183
|
-
check_out_of_memory_error(stderr, error_context)
|
|
185
|
+
check_out_of_memory_error(stderr, error_context, error_class)
|
|
184
186
|
|
|
185
187
|
begin
|
|
186
188
|
response = JSON.parse(stdout)
|
|
187
189
|
return response["result"] if process.success?
|
|
188
190
|
|
|
189
|
-
raise
|
|
191
|
+
raise error_class.new(
|
|
190
192
|
message: response["error"],
|
|
191
193
|
error_class: response["error_class"],
|
|
192
194
|
error_context: error_context,
|
|
193
195
|
trace: response["trace"]
|
|
194
196
|
)
|
|
195
197
|
rescue JSON::ParserError
|
|
196
|
-
raise
|
|
197
|
-
message: stdout || "No output from command",
|
|
198
|
-
error_class: "JSON::ParserError",
|
|
199
|
-
error_context: error_context
|
|
200
|
-
)
|
|
198
|
+
raise handle_json_parse_error(stdout, stderr, error_context, error_class)
|
|
201
199
|
end
|
|
202
200
|
end
|
|
203
201
|
|
|
202
|
+
sig do
|
|
203
|
+
params(stdout: String, stderr: String, error_context: T::Hash[Symbol, T.untyped],
|
|
204
|
+
error_class: T.class_of(HelperSubprocessFailed))
|
|
205
|
+
.returns(HelperSubprocessFailed)
|
|
206
|
+
end
|
|
207
|
+
def self.handle_json_parse_error(stdout, stderr, error_context, error_class)
|
|
208
|
+
# If the JSON is invalid, the helper has likely failed
|
|
209
|
+
# We should raise a more helpful error message
|
|
210
|
+
message = if !stdout.strip.empty?
|
|
211
|
+
stdout
|
|
212
|
+
elsif !stderr.strip.empty?
|
|
213
|
+
stderr
|
|
214
|
+
else
|
|
215
|
+
"No output from command"
|
|
216
|
+
end
|
|
217
|
+
error_class.new(
|
|
218
|
+
message: message,
|
|
219
|
+
error_class: "JSON::ParserError",
|
|
220
|
+
error_context: error_context
|
|
221
|
+
)
|
|
222
|
+
end
|
|
223
|
+
|
|
204
224
|
# rubocop:enable Metrics/MethodLength
|
|
205
|
-
sig
|
|
206
|
-
|
|
225
|
+
sig do
|
|
226
|
+
params(stderr: T.nilable(String), error_context: T::Hash[Symbol, String],
|
|
227
|
+
error_class: T.class_of(HelperSubprocessFailed)).void
|
|
228
|
+
end
|
|
229
|
+
def self.check_out_of_memory_error(stderr, error_context, error_class)
|
|
207
230
|
return unless stderr&.include?("JavaScript heap out of memory")
|
|
208
231
|
|
|
209
|
-
raise
|
|
232
|
+
raise error_class.new(
|
|
210
233
|
message: "JavaScript heap out of memory",
|
|
211
234
|
error_class: "Dependabot::OutOfMemoryError",
|
|
212
235
|
error_context: error_context
|
|
@@ -136,7 +136,7 @@ module Dependabot
|
|
|
136
136
|
|
|
137
137
|
# Lowest available security fix version not checking resolvability
|
|
138
138
|
# @return [Dependabot::<package manager>::Version, #to_s] version class
|
|
139
|
-
sig { overridable.returns(Dependabot::Version) }
|
|
139
|
+
sig { overridable.returns(T.nilable(Dependabot::Version)) }
|
|
140
140
|
def lowest_security_fix_version
|
|
141
141
|
raise NotImplementedError, "#{self.class} must implement #lowest_security_fix_version"
|
|
142
142
|
end
|
|
@@ -363,7 +363,7 @@ module Dependabot
|
|
|
363
363
|
end
|
|
364
364
|
|
|
365
365
|
# TODO: Should this return Dependabot::Version?
|
|
366
|
-
sig { returns(T.nilable(
|
|
366
|
+
sig { returns(T.nilable(Dependabot::Version)) }
|
|
367
367
|
def current_version
|
|
368
368
|
@current_version ||=
|
|
369
369
|
T.let(
|
data/lib/dependabot.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-common
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.265.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-
|
|
11
|
+
date: 2024-07-11 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-codecommit
|
|
@@ -597,7 +597,7 @@ licenses:
|
|
|
597
597
|
- MIT
|
|
598
598
|
metadata:
|
|
599
599
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
600
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
600
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.265.0
|
|
601
601
|
post_install_message:
|
|
602
602
|
rdoc_options: []
|
|
603
603
|
require_paths:
|