dependabot-common 0.263.0 → 0.265.0
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4715cad47e5311ab6deb63b425cb37b8e9ad44266d20154ada92f5eebeb1072a
|
|
4
|
+
data.tar.gz: 4194a3c0d440f8d320cfad7789f2e0237871236e0d39da5dc8b8705608c6176f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d86205634fc7375b9b652137782d4686c4763c278456ce52cd5af6d2778aa19540e4be8fa0203770234264e8e6af15105fffc428d4c5b160b94d6b1719b50a4f
|
|
7
|
+
data.tar.gz: f3db0f9d9fd293ae3904812b81ec15f400a6b16973e4327f6c23556b27ce35bc767821693a4c6f105ed49b2d316546c906d586f9955e55ffcf8301b20720967e
|
data/lib/dependabot/errors.rb
CHANGED
|
@@ -93,12 +93,13 @@ module Dependabot
|
|
|
93
93
|
#
|
|
94
94
|
# options supports custom feature enablement
|
|
95
95
|
sig do
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
96
|
+
overridable
|
|
97
|
+
.params(
|
|
98
|
+
source: Dependabot::Source,
|
|
99
|
+
credentials: T::Array[Dependabot::Credential],
|
|
100
|
+
repo_contents_path: T.nilable(String),
|
|
101
|
+
options: T::Hash[String, String]
|
|
102
|
+
)
|
|
102
103
|
.void
|
|
103
104
|
end
|
|
104
105
|
def initialize(source:, credentials:, repo_contents_path: nil, options: {})
|
|
@@ -144,14 +144,14 @@ module Dependabot
|
|
|
144
144
|
max_local_tag(allowed_version_tags)
|
|
145
145
|
end
|
|
146
146
|
|
|
147
|
-
sig { returns(T::Array[T
|
|
147
|
+
sig { returns(T::Array[T::Hash[Symbol, T.untyped]]) }
|
|
148
148
|
def local_tags_for_allowed_versions_matching_existing_precision
|
|
149
|
-
select_matching_existing_precision(allowed_version_tags).
|
|
149
|
+
select_matching_existing_precision(allowed_version_tags).filter_map { |t| to_local_tag(t) }
|
|
150
150
|
end
|
|
151
151
|
|
|
152
|
-
sig { returns(T::Array[T
|
|
152
|
+
sig { returns(T::Array[T::Hash[Symbol, T.untyped]]) }
|
|
153
153
|
def local_tags_for_allowed_versions
|
|
154
|
-
allowed_version_tags.
|
|
154
|
+
allowed_version_tags.filter_map { |t| to_local_tag(t) }
|
|
155
155
|
end
|
|
156
156
|
|
|
157
157
|
sig { returns(T::Array[Dependabot::GitRef]) }
|
|
@@ -131,16 +131,18 @@ module Dependabot
|
|
|
131
131
|
params(
|
|
132
132
|
command: String,
|
|
133
133
|
function: String,
|
|
134
|
-
args: T.any(T::Array[String], T::Hash[Symbol, String]),
|
|
134
|
+
args: T.any(T::Array[T.any(String, T::Array[T::Hash[String, T.untyped]])], T::Hash[Symbol, String]),
|
|
135
135
|
env: T.nilable(T::Hash[String, String]),
|
|
136
136
|
stderr_to_stdout: T::Boolean,
|
|
137
|
-
allow_unsafe_shell_command: T::Boolean
|
|
137
|
+
allow_unsafe_shell_command: T::Boolean,
|
|
138
|
+
error_class: T.class_of(HelperSubprocessFailed)
|
|
138
139
|
)
|
|
139
140
|
.returns(T.nilable(T.any(String, T::Hash[String, T.untyped], T::Array[T::Hash[String, T.untyped]])))
|
|
140
141
|
end
|
|
141
142
|
def self.run_helper_subprocess(command:, function:, args:, env: nil,
|
|
142
143
|
stderr_to_stdout: false,
|
|
143
|
-
allow_unsafe_shell_command: false
|
|
144
|
+
allow_unsafe_shell_command: false,
|
|
145
|
+
error_class: HelperSubprocessFailed)
|
|
144
146
|
start = Time.now
|
|
145
147
|
stdin_data = JSON.dump(function: function, args: args)
|
|
146
148
|
cmd = allow_unsafe_shell_command ? command : escape_command(command)
|
|
@@ -180,33 +182,54 @@ module Dependabot
|
|
|
180
182
|
process_termsig: process.termsig
|
|
181
183
|
}
|
|
182
184
|
|
|
183
|
-
check_out_of_memory_error(stderr, error_context)
|
|
185
|
+
check_out_of_memory_error(stderr, error_context, error_class)
|
|
184
186
|
|
|
185
187
|
begin
|
|
186
188
|
response = JSON.parse(stdout)
|
|
187
189
|
return response["result"] if process.success?
|
|
188
190
|
|
|
189
|
-
raise
|
|
191
|
+
raise error_class.new(
|
|
190
192
|
message: response["error"],
|
|
191
193
|
error_class: response["error_class"],
|
|
192
194
|
error_context: error_context,
|
|
193
195
|
trace: response["trace"]
|
|
194
196
|
)
|
|
195
197
|
rescue JSON::ParserError
|
|
196
|
-
raise
|
|
197
|
-
message: stdout || "No output from command",
|
|
198
|
-
error_class: "JSON::ParserError",
|
|
199
|
-
error_context: error_context
|
|
200
|
-
)
|
|
198
|
+
raise handle_json_parse_error(stdout, stderr, error_context, error_class)
|
|
201
199
|
end
|
|
202
200
|
end
|
|
203
201
|
|
|
202
|
+
sig do
|
|
203
|
+
params(stdout: String, stderr: String, error_context: T::Hash[Symbol, T.untyped],
|
|
204
|
+
error_class: T.class_of(HelperSubprocessFailed))
|
|
205
|
+
.returns(HelperSubprocessFailed)
|
|
206
|
+
end
|
|
207
|
+
def self.handle_json_parse_error(stdout, stderr, error_context, error_class)
|
|
208
|
+
# If the JSON is invalid, the helper has likely failed
|
|
209
|
+
# We should raise a more helpful error message
|
|
210
|
+
message = if !stdout.strip.empty?
|
|
211
|
+
stdout
|
|
212
|
+
elsif !stderr.strip.empty?
|
|
213
|
+
stderr
|
|
214
|
+
else
|
|
215
|
+
"No output from command"
|
|
216
|
+
end
|
|
217
|
+
error_class.new(
|
|
218
|
+
message: message,
|
|
219
|
+
error_class: "JSON::ParserError",
|
|
220
|
+
error_context: error_context
|
|
221
|
+
)
|
|
222
|
+
end
|
|
223
|
+
|
|
204
224
|
# rubocop:enable Metrics/MethodLength
|
|
205
|
-
sig
|
|
206
|
-
|
|
225
|
+
sig do
|
|
226
|
+
params(stderr: T.nilable(String), error_context: T::Hash[Symbol, String],
|
|
227
|
+
error_class: T.class_of(HelperSubprocessFailed)).void
|
|
228
|
+
end
|
|
229
|
+
def self.check_out_of_memory_error(stderr, error_context, error_class)
|
|
207
230
|
return unless stderr&.include?("JavaScript heap out of memory")
|
|
208
231
|
|
|
209
|
-
raise
|
|
232
|
+
raise error_class.new(
|
|
210
233
|
message: "JavaScript heap out of memory",
|
|
211
234
|
error_class: "Dependabot::OutOfMemoryError",
|
|
212
235
|
error_context: error_context
|
|
@@ -136,7 +136,7 @@ module Dependabot
|
|
|
136
136
|
|
|
137
137
|
# Lowest available security fix version not checking resolvability
|
|
138
138
|
# @return [Dependabot::<package manager>::Version, #to_s] version class
|
|
139
|
-
sig { overridable.returns(Dependabot::Version) }
|
|
139
|
+
sig { overridable.returns(T.nilable(Dependabot::Version)) }
|
|
140
140
|
def lowest_security_fix_version
|
|
141
141
|
raise NotImplementedError, "#{self.class} must implement #lowest_security_fix_version"
|
|
142
142
|
end
|
|
@@ -363,7 +363,7 @@ module Dependabot
|
|
|
363
363
|
end
|
|
364
364
|
|
|
365
365
|
# TODO: Should this return Dependabot::Version?
|
|
366
|
-
sig { returns(T.nilable(
|
|
366
|
+
sig { returns(T.nilable(Dependabot::Version)) }
|
|
367
367
|
def current_version
|
|
368
368
|
@current_version ||=
|
|
369
369
|
T.let(
|
data/lib/dependabot.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-common
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.265.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-
|
|
11
|
+
date: 2024-07-11 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-codecommit
|
|
@@ -597,7 +597,7 @@ licenses:
|
|
|
597
597
|
- MIT
|
|
598
598
|
metadata:
|
|
599
599
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
600
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
600
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.265.0
|
|
601
601
|
post_install_message:
|
|
602
602
|
rdoc_options: []
|
|
603
603
|
require_paths:
|