dependabot-common 0.292.0 → 0.294.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/errors.rb +75 -22
  3. data/lib/dependabot/file_fetchers/base.rb +5 -0
  4. data/lib/dependabot/metadata_finders/base/release_finder.rb +1 -1
  5. data/lib/dependabot/workspace/change_attempt.rb +1 -6
  6. data/lib/dependabot/workspace/git.rb +8 -15
  7. data/lib/dependabot.rb +1 -1
  8. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: bc0d7a7acc0f4dcb2e25a622e816fd82a11a1553eecf85e6ae1e442ce5750ffb
4
- data.tar.gz: 29e3f86968cb122e49a26f2866ee3554cb07ddbbda305e17d02ee4cb10099282
3
+ metadata.gz: 8cde53c48bd3fb273b5c5c3ff162144a31143428558d7f4585325917970a61a7
4
+ data.tar.gz: 0e3079822bb75940295f85f7b1a61842ec1f4dcf6267fe82b08c5f4ee4c6e2c8
5
5
  SHA512:
6
- metadata.gz: 14e6659eaa880f07f1d2562d89ba71a5f581bcf431edcc49983bf7b6819be8567e0bd252606daa744e0c7d3523d2fd1970e22699b1053179f648009517ca332f
7
- data.tar.gz: 47e39f274165302b4a2da440f242ffb7fd2e635c535666d3c09dc968090fbf7187c614ce1ed642f3ea472093820918675bb7ae465d4cad48a8c644d7ef5d6db8
6
+ metadata.gz: 05a79b1df212125222e50bdd499633fc88923e7de893cbcb9343121082ec1eba8e7ab36fbe500cd5f882d6b6f2f748b290acc8a0d923c8c3a13769c12c682b4f
7
+ data.tar.gz: 2089362ff38c1ef33945b12d3a065af55e36fa786dafc9bda8748665d98f6ca1db036a74c05fd380284f120189da8b723b2096a37ded6f5ff8a15be6e6fed743
data/lib/dependabot/errors.rb CHANGED
@@ -33,6 +33,15 @@ module Dependabot
33
33
  "supported-versions": error.supported_versions
34
34
  }
35
35
  }
36
+ when Dependabot::ToolFeatureNotSupported
37
+ {
38
+ "error-type": "tool_feature_not_supported",
39
+ "error-detail": {
40
+ "tool-name": error.tool_name,
41
+ "tool-type": error.tool_type,
42
+ feature: error.feature
43
+ }
44
+ }
36
45
  when Dependabot::BranchNotFound
37
46
  {
38
47
  "error-type": "branch_not_found",
@@ -103,6 +112,15 @@ module Dependabot
103
112
  sig { params(error: StandardError).returns(T.nilable(T::Hash[Symbol, T.untyped])) }
104
113
  def self.parser_error_details(error)
105
114
  case error
115
+ when Dependabot::ToolFeatureNotSupported
116
+ {
117
+ "error-type": "tool_feature_not_supported",
118
+ "error-detail": {
119
+ "tool-name": error.tool_name,
120
+ "tool-type": error.tool_type,
121
+ feature: error.feature
122
+ }
123
+ }
106
124
  when Dependabot::DependencyFileNotEvaluatable
107
125
  {
108
126
  "error-type": "dependency_file_not_evaluatable",
@@ -149,11 +167,6 @@ module Dependabot
149
167
  "error-type": "git_dependencies_not_reachable",
150
168
  "error-detail": { "dependency-urls": error.dependency_urls }
151
169
  }
152
- when Dependabot::UnresolvableVersionError
153
- {
154
- "error-type": "unresolvable_version",
155
- "error-detail": { dependencies: error.dependencies }
156
- }
157
170
  when Dependabot::NotImplemented
158
171
  {
159
172
  "error-type": "not_implemented",
@@ -171,9 +184,19 @@ module Dependabot
171
184
 
172
185
  # rubocop:disable Lint/RedundantCopDisableDirective
173
186
  # rubocop:disable Metrics/CyclomaticComplexity
187
+ # rubocop:disable Metrics/AbcSize
174
188
  sig { params(error: StandardError).returns(T.nilable(T::Hash[Symbol, T.untyped])) }
175
189
  def self.updater_error_details(error)
176
190
  case error
191
+ when Dependabot::ToolFeatureNotSupported
192
+ {
193
+ "error-type": "tool_feature_not_supported",
194
+ "error-detail": {
195
+ "tool-name": error.tool_name,
196
+ "tool-type": error.tool_type,
197
+ feature: error.feature
198
+ }
199
+ }
177
200
  when Dependabot::DependencyFileNotResolvable
178
201
  {
179
202
  "error-type": "dependency_file_not_resolvable",
@@ -184,11 +207,27 @@ module Dependabot
184
207
  "error-type": "dependency_file_not_evaluatable",
185
208
  "error-detail": { message: error.message }
186
209
  }
210
+ when Dependabot::DependencyFileNotParseable
211
+ {
212
+ "error-type": "dependency_file_not_parseable",
213
+ "error-detail": {
214
+ message: error.message,
215
+ "file-path": error.file_path
216
+ }
217
+ }
187
218
  when Dependabot::GitDependenciesNotReachable
188
219
  {
189
220
  "error-type": "git_dependencies_not_reachable",
190
221
  "error-detail": { "dependency-urls": error.dependency_urls }
191
222
  }
223
+ when Dependabot::DependencyFileNotFound
224
+ {
225
+ "error-type": "dependency_file_not_found",
226
+ "error-detail": {
227
+ message: error.message,
228
+ "file-path": error.file_path
229
+ }
230
+ }
192
231
  when Dependabot::ToolVersionNotSupported
193
232
  {
194
233
  "error-type": "tool_version_not_supported",
@@ -296,9 +335,11 @@ module Dependabot
296
335
  }
297
336
  end
298
337
  end
338
+
299
339
  # rubocop:enable Metrics/MethodLength
300
340
  # rubocop:enable Metrics/CyclomaticComplexity
301
341
  # rubocop:enable Lint/RedundantCopDisableDirective
342
+ # rubocop:enable Metrics/AbcSize
302
343
 
303
344
  class DependabotError < StandardError
304
345
  extend T::Sig
@@ -485,6 +526,35 @@ module Dependabot
485
526
  end
486
527
  end
487
528
 
529
+ class ToolFeatureNotSupported < DependabotError
530
+ extend T::Sig
531
+
532
+ sig { returns(String) }
533
+ attr_reader :tool_name, :tool_type, :feature
534
+
535
+ sig do
536
+ params(
537
+ tool_name: String,
538
+ tool_type: String,
539
+ feature: String
540
+ ).void
541
+ end
542
+ def initialize(tool_name:, tool_type:, feature:)
543
+ @tool_name = tool_name
544
+ @tool_type = tool_type
545
+ @feature = feature
546
+ super(build_message)
547
+ end
548
+
549
+ private
550
+
551
+ sig { returns(String) }
552
+ def build_message
553
+ "Dependabot doesn't support the feature '#{feature}' for #{tool_name} (#{tool_type}). " \
554
+ "Please refer to the documentation for supported features."
555
+ end
556
+ end
557
+
488
558
  class DependencyFileNotFound < DependabotError
489
559
  extend T::Sig
490
560
 
@@ -671,23 +741,6 @@ module Dependabot
671
741
  end
672
742
  end
673
743
 
674
- class UnresolvableVersionError < DependabotError
675
- extend T::Sig
676
-
677
- sig { returns(T::Array[String]) }
678
- attr_reader :dependencies
679
-
680
- sig { params(dependencies: T::Array[String]).void }
681
- def initialize(dependencies)
682
- @dependencies = dependencies
683
-
684
- msg = "Unable to determine semantic version from tags or commits for dependencies. " \
685
- "Dependencies must have a tag or commit that references a semantic version. " \
686
- "Affected dependencies: #{@dependencies.join(', ')}"
687
- super(msg)
688
- end
689
- end
690
-
691
744
  class GitDependenciesNotReachable < DependabotError
692
745
  extend T::Sig
693
746
 
data/lib/dependabot/file_fetchers/base.rb CHANGED
@@ -128,6 +128,11 @@ module Dependabot
128
128
  source.branch
129
129
  end
130
130
 
131
+ sig { returns(T::Boolean) }
132
+ def allow_beta_ecosystems?
133
+ Experiments.enabled?(:enable_beta_ecosystems)
134
+ end
135
+
131
136
  sig { returns(T::Array[DependencyFile]) }
132
137
  def files
133
138
  return @files if @files.any?
data/lib/dependabot/metadata_finders/base/release_finder.rb CHANGED
@@ -302,7 +302,7 @@ module Dependabot
302
302
 
303
303
  # Previous version looks like a git SHA and there's a previous ref, we
304
304
  # could be changing to a nil previous ref in which case we want to
305
- # fall back to tge sha version
305
+ # fall back to the sha version
306
306
  if T.must(dependency.previous_version).match?(/^[0-9a-f]{40}$/) &&
307
307
  ref_changed? && previous_ref
308
308
  previous_ref
data/lib/dependabot/workspace/change_attempt.rb CHANGED
@@ -8,9 +8,6 @@ module Dependabot
8
8
  class ChangeAttempt
9
9
  extend T::Sig
10
10
 
11
- sig { returns(T.nilable(String)) }
12
- attr_reader :diff
13
-
14
11
  sig { returns(T.nilable(StandardError)) }
15
12
  attr_reader :error
16
13
 
@@ -28,15 +25,13 @@ module Dependabot
28
25
  workspace: Dependabot::Workspace::Base,
29
26
  id: String,
30
27
  memo: T.nilable(String),
31
- diff: T.nilable(String),
32
28
  error: T.nilable(StandardError)
33
29
  ).void
34
30
  end
35
- def initialize(workspace, id:, memo:, diff: nil, error: nil)
31
+ def initialize(workspace, id:, memo:, error: nil)
36
32
  @workspace = workspace
37
33
  @id = id
38
34
  @memo = memo
39
- @diff = diff
40
35
  @error = error
41
36
  end
42
37
 
data/lib/dependabot/workspace/git.rb CHANGED
@@ -56,9 +56,9 @@ module Dependabot
56
56
  return nil if changed_files(ignored_mode: "no").empty?
57
57
 
58
58
  debug("store_change - before: #{current_commit}")
59
- sha, diff = commit(memo)
59
+ sha = commit(memo)
60
60
 
61
- change_attempts << ChangeAttempt.new(self, id: sha, memo: memo, diff: diff)
61
+ change_attempts << ChangeAttempt.new(self, id: sha, memo: memo)
62
62
  ensure
63
63
  debug("store_change - after: #{current_commit}")
64
64
  end
@@ -73,8 +73,8 @@ module Dependabot
73
73
  def capture_failed_change_attempt(memo = nil, error = nil)
74
74
  return nil if changed_files(ignored_mode: "matching").empty? && error.nil?
75
75
 
76
- sha, diff = stash(memo)
77
- change_attempts << ChangeAttempt.new(self, id: sha, memo: memo, diff: diff, error: error)
76
+ sha = stash(memo)
77
+ change_attempts << ChangeAttempt.new(self, id: sha, memo: memo, error: error)
78
78
  end
79
79
 
80
80
  private
@@ -112,7 +112,7 @@ module Dependabot
112
112
  ).strip
113
113
  end
114
114
 
115
- sig { params(memo: T.nilable(String)).returns([String, String]) }
115
+ sig { params(memo: T.nilable(String)).returns(String) }
116
116
  def stash(memo = nil)
117
117
  msg = memo || "workspace change attempt"
118
118
  run_shell_command("git add --all --force .")
@@ -122,19 +122,12 @@ module Dependabot
122
122
  allow_unsafe_shell_command: true
123
123
  )
124
124
 
125
- sha = last_stash_sha
126
- diff = run_shell_command(
127
- "git stash show --patch #{sha}",
128
- fingerprint: "git stash show --patch <sha>"
129
- )
130
-
131
- [sha, diff]
125
+ last_stash_sha
132
126
  end
133
127
 
134
- sig { params(memo: T.nilable(String)).returns([String, String]) }
128
+ sig { params(memo: T.nilable(String)).returns(String) }
135
129
  def commit(memo = nil)
136
130
  run_shell_command("git add #{path}")
137
- diff = run_shell_command("git diff --cached .")
138
131
 
139
132
  msg = memo || "workspace change"
140
133
  run_shell_command(
@@ -143,7 +136,7 @@ module Dependabot
143
136
  allow_unsafe_shell_command: true
144
137
  )
145
138
 
146
- [head_sha, diff]
139
+ head_sha
147
140
  end
148
141
 
149
142
  sig { params(sha: String).returns(String) }
data/lib/dependabot.rb CHANGED
@@ -2,5 +2,5 @@
2
2
  # frozen_string_literal: true
3
3
 
4
4
  module Dependabot
5
- VERSION = "0.292.0"
5
+ VERSION = "0.294.0"
6
6
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.292.0
4
+ version: 0.294.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2025-01-09 00:00:00.000000000 Z
11
+ date: 2025-01-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-codecommit
@@ -615,7 +615,7 @@ licenses:
615
615
  - MIT
616
616
  metadata:
617
617
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
618
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.292.0
618
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.294.0
619
619
  post_install_message:
620
620
  rdoc_options: []
621
621
  require_paths: