dependabot-common 0.274.0 → 0.276.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/errors.rb +19 -0
- data/lib/dependabot/notices.rb +1 -50
- data/lib/dependabot/package_manager.rb +18 -4
- data/lib/dependabot.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 89849af83417a9d65db16d6ee145ae83689c7539b3fd0e6ed5c688ebab74e1a9
|
|
4
|
+
data.tar.gz: 6464f65d42856b6957799879104fddbe55b197aa82b77ad1757ab06f67115d72
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ee084c1b0647008d5512aa34af26c5431b1ab6215c427212f4519590755b86a6c5f9954e423a3d8b250e5ac2d1d8fc2b8af0b9b640394173b9df078cf0ae0b1f
|
|
7
|
+
data.tar.gz: 253e0d9f8f48e047a4b132b2ae746a2709ee3caa108399e80f2ad01a8468b4c03a0ce70158dda288e725eb7d2f331d36285990c66b03f6aaf0a5f525929c6e0d
|
data/lib/dependabot/errors.rb
CHANGED
|
@@ -245,6 +245,12 @@ module Dependabot
|
|
|
245
245
|
"error-type": "illformed_requirement",
|
|
246
246
|
"error-detail": { message: error.message }
|
|
247
247
|
}
|
|
248
|
+
when RegistryError
|
|
249
|
+
{
|
|
250
|
+
"error-type": "registry_error",
|
|
251
|
+
"error-detail": { status: error.status,
|
|
252
|
+
msg: error.message }
|
|
253
|
+
}
|
|
248
254
|
when
|
|
249
255
|
IncompatibleCPU,
|
|
250
256
|
NetworkUnsafeHTTP
|
|
@@ -612,6 +618,19 @@ module Dependabot
|
|
|
612
618
|
end
|
|
613
619
|
end
|
|
614
620
|
|
|
621
|
+
class RegistryError < DependabotError
|
|
622
|
+
extend T::Sig
|
|
623
|
+
|
|
624
|
+
sig { returns(Integer) }
|
|
625
|
+
attr_reader :status
|
|
626
|
+
|
|
627
|
+
sig { params(status: Integer, msg: String).void }
|
|
628
|
+
def initialize(status, msg)
|
|
629
|
+
@status = status
|
|
630
|
+
super(msg)
|
|
631
|
+
end
|
|
632
|
+
end
|
|
633
|
+
|
|
615
634
|
# Useful for JS file updaters, where the registry API sometimes returns
|
|
616
635
|
# different results to the actual update process
|
|
617
636
|
class InconsistentRegistryResponse < DependabotError; end
|
data/lib/dependabot/notices.rb
CHANGED
|
@@ -94,22 +94,6 @@ module Dependabot
|
|
|
94
94
|
"Please upgrade to one of the following versions: #{versions_string}#{later_description}."
|
|
95
95
|
end
|
|
96
96
|
|
|
97
|
-
# Generates a support notice for the given package manager.
|
|
98
|
-
# @param package_manager [PackageManagerBase] The package manager object.
|
|
99
|
-
# @return [Notice, nil] The generated notice or nil if no notice is applicable.
|
|
100
|
-
sig do
|
|
101
|
-
params(
|
|
102
|
-
package_manager: PackageManagerBase
|
|
103
|
-
).returns(T.nilable(Notice))
|
|
104
|
-
end
|
|
105
|
-
def self.generate_support_notice(package_manager)
|
|
106
|
-
deprecation_notice = generate_pm_deprecation_notice(package_manager)
|
|
107
|
-
|
|
108
|
-
return deprecation_notice if deprecation_notice
|
|
109
|
-
|
|
110
|
-
generate_pm_unsupported_notice(package_manager)
|
|
111
|
-
end
|
|
112
|
-
|
|
113
97
|
# Generates a deprecation notice for the given package manager.
|
|
114
98
|
# @param package_manager [PackageManagerBase] The package manager object.
|
|
115
99
|
# @return [Notice, nil] The generated deprecation notice or nil if the package manager is not deprecated.
|
|
@@ -144,40 +128,6 @@ module Dependabot
|
|
|
144
128
|
)
|
|
145
129
|
end
|
|
146
130
|
|
|
147
|
-
# Generates an unsupported notice for the given package manager.
|
|
148
|
-
# @param package_manager [PackageManagerBase] The package manager object.
|
|
149
|
-
# @return [Notice, nil] The generated unsupported notice or nil if the package manager is not unsupported.
|
|
150
|
-
sig do
|
|
151
|
-
params(
|
|
152
|
-
package_manager: PackageManagerBase
|
|
153
|
-
).returns(T.nilable(Notice))
|
|
154
|
-
end
|
|
155
|
-
def self.generate_pm_unsupported_notice(package_manager)
|
|
156
|
-
return nil unless package_manager.unsupported?
|
|
157
|
-
|
|
158
|
-
mode = NoticeMode::ERROR
|
|
159
|
-
supported_versions_description = generate_supported_versions_description(
|
|
160
|
-
package_manager.supported_versions,
|
|
161
|
-
package_manager.support_later_versions?
|
|
162
|
-
)
|
|
163
|
-
notice_type = "#{package_manager.name}_unsupported_error"
|
|
164
|
-
title = "Package manager unsupported notice"
|
|
165
|
-
description = "Dependabot no longer supports `#{package_manager.name} v#{package_manager.version}`!"
|
|
166
|
-
|
|
167
|
-
## Add the supported versions to the description
|
|
168
|
-
description += "\n\n#{supported_versions_description}\n" unless supported_versions_description.empty?
|
|
169
|
-
|
|
170
|
-
Notice.new(
|
|
171
|
-
mode: mode,
|
|
172
|
-
type: notice_type,
|
|
173
|
-
package_manager_name: package_manager.name,
|
|
174
|
-
title: title,
|
|
175
|
-
description: description,
|
|
176
|
-
show_in_pr: true,
|
|
177
|
-
show_alert: true
|
|
178
|
-
)
|
|
179
|
-
end
|
|
180
|
-
|
|
181
131
|
sig { params(notice: Notice).returns(T.nilable(String)) }
|
|
182
132
|
def self.markdown_from_description(notice)
|
|
183
133
|
description = notice.description
|
|
@@ -190,6 +140,7 @@ module Dependabot
|
|
|
190
140
|
line = line.strip
|
|
191
141
|
markdown += "> #{line}\n"
|
|
192
142
|
end
|
|
143
|
+
markdown += ">\n\n"
|
|
193
144
|
markdown
|
|
194
145
|
end
|
|
195
146
|
|
|
@@ -55,6 +55,9 @@ module Dependabot
|
|
|
55
55
|
# package_manager.deprecated? #=> true
|
|
56
56
|
sig { returns(T::Boolean) }
|
|
57
57
|
def deprecated?
|
|
58
|
+
# If the version is unsupported, the unsupported error is getting raised separately.
|
|
59
|
+
return false if unsupported?
|
|
60
|
+
|
|
58
61
|
deprecated_versions.include?(version)
|
|
59
62
|
end
|
|
60
63
|
|
|
@@ -64,12 +67,23 @@ module Dependabot
|
|
|
64
67
|
# package_manager.unsupported? #=> false
|
|
65
68
|
sig { returns(T::Boolean) }
|
|
66
69
|
def unsupported?
|
|
67
|
-
|
|
70
|
+
false
|
|
71
|
+
end
|
|
68
72
|
|
|
69
|
-
|
|
70
|
-
|
|
73
|
+
# Raises an error if the current package manager version is unsupported.
|
|
74
|
+
# If the version is unsupported, it raises a ToolVersionNotSupported error.
|
|
75
|
+
sig { void }
|
|
76
|
+
def raise_if_unsupported!
|
|
77
|
+
return unless unsupported?
|
|
71
78
|
|
|
72
|
-
|
|
79
|
+
# Example: v2.*, v3.*
|
|
80
|
+
supported_versions_message = supported_versions.map { |v| "v#{v}.*" }.join(", ")
|
|
81
|
+
|
|
82
|
+
raise ToolVersionNotSupported.new(
|
|
83
|
+
name,
|
|
84
|
+
version.to_s,
|
|
85
|
+
supported_versions_message
|
|
86
|
+
)
|
|
73
87
|
end
|
|
74
88
|
|
|
75
89
|
# Indicates if the package manager supports later versions beyond those listed in supported_versions.
|
data/lib/dependabot.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-common
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.276.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-09-
|
|
11
|
+
date: 2024-09-19 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-codecommit
|
|
@@ -600,7 +600,7 @@ licenses:
|
|
|
600
600
|
- MIT
|
|
601
601
|
metadata:
|
|
602
602
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
603
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
603
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.276.0
|
|
604
604
|
post_install_message:
|
|
605
605
|
rdoc_options: []
|
|
606
606
|
require_paths:
|