dependabot-common 0.292.0 → 0.294.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/errors.rb +75 -22
  3. data/lib/dependabot/file_fetchers/base.rb +5 -0
  4. data/lib/dependabot/metadata_finders/base/release_finder.rb +1 -1
  5. data/lib/dependabot/workspace/change_attempt.rb +1 -6
  6. data/lib/dependabot/workspace/git.rb +8 -15
  7. data/lib/dependabot.rb +1 -1
  8. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: bc0d7a7acc0f4dcb2e25a622e816fd82a11a1553eecf85e6ae1e442ce5750ffb
4
- data.tar.gz: 29e3f86968cb122e49a26f2866ee3554cb07ddbbda305e17d02ee4cb10099282
3
+ metadata.gz: 8cde53c48bd3fb273b5c5c3ff162144a31143428558d7f4585325917970a61a7
4
+ data.tar.gz: 0e3079822bb75940295f85f7b1a61842ec1f4dcf6267fe82b08c5f4ee4c6e2c8
5
5
  SHA512:
6
- metadata.gz: 14e6659eaa880f07f1d2562d89ba71a5f581bcf431edcc49983bf7b6819be8567e0bd252606daa744e0c7d3523d2fd1970e22699b1053179f648009517ca332f
7
- data.tar.gz: 47e39f274165302b4a2da440f242ffb7fd2e635c535666d3c09dc968090fbf7187c614ce1ed642f3ea472093820918675bb7ae465d4cad48a8c644d7ef5d6db8
6
+ metadata.gz: 05a79b1df212125222e50bdd499633fc88923e7de893cbcb9343121082ec1eba8e7ab36fbe500cd5f882d6b6f2f748b290acc8a0d923c8c3a13769c12c682b4f
7
+ data.tar.gz: 2089362ff38c1ef33945b12d3a065af55e36fa786dafc9bda8748665d98f6ca1db036a74c05fd380284f120189da8b723b2096a37ded6f5ff8a15be6e6fed743
data/lib/dependabot/errors.rb CHANGED
@@ -33,6 +33,15 @@ module Dependabot
33
33
  "supported-versions": error.supported_versions
34
34
  }
35
35
  }
36
+ when Dependabot::ToolFeatureNotSupported
37
+ {
38
+ "error-type": "tool_feature_not_supported",
39
+ "error-detail": {
40
+ "tool-name": error.tool_name,
41
+ "tool-type": error.tool_type,
42
+ feature: error.feature
43
+ }
44
+ }
36
45
  when Dependabot::BranchNotFound
37
46
  {
38
47
  "error-type": "branch_not_found",
@@ -103,6 +112,15 @@ module Dependabot
103
112
  sig { params(error: StandardError).returns(T.nilable(T::Hash[Symbol, T.untyped])) }
104
113
  def self.parser_error_details(error)
105
114
  case error
115
+ when Dependabot::ToolFeatureNotSupported
116
+ {
117
+ "error-type": "tool_feature_not_supported",
118
+ "error-detail": {
119
+ "tool-name": error.tool_name,
120
+ "tool-type": error.tool_type,
121
+ feature: error.feature
122
+ }
123
+ }
106
124
  when Dependabot::DependencyFileNotEvaluatable
107
125
  {
108
126
  "error-type": "dependency_file_not_evaluatable",
@@ -149,11 +167,6 @@ module Dependabot
149
167
  "error-type": "git_dependencies_not_reachable",
150
168
  "error-detail": { "dependency-urls": error.dependency_urls }
151
169
  }
152
- when Dependabot::UnresolvableVersionError
153
- {
154
- "error-type": "unresolvable_version",
155
- "error-detail": { dependencies: error.dependencies }
156
- }
157
170
  when Dependabot::NotImplemented
158
171
  {
159
172
  "error-type": "not_implemented",
@@ -171,9 +184,19 @@ module Dependabot
171
184
 
172
185
  # rubocop:disable Lint/RedundantCopDisableDirective
173
186
  # rubocop:disable Metrics/CyclomaticComplexity
187
+ # rubocop:disable Metrics/AbcSize
174
188
  sig { params(error: StandardError).returns(T.nilable(T::Hash[Symbol, T.untyped])) }
175
189
  def self.updater_error_details(error)
176
190
  case error
191
+ when Dependabot::ToolFeatureNotSupported
192
+ {
193
+ "error-type": "tool_feature_not_supported",
194
+ "error-detail": {
195
+ "tool-name": error.tool_name,
196
+ "tool-type": error.tool_type,
197
+ feature: error.feature
198
+ }
199
+ }
177
200
  when Dependabot::DependencyFileNotResolvable
178
201
  {
179
202
  "error-type": "dependency_file_not_resolvable",
@@ -184,11 +207,27 @@ module Dependabot
184
207
  "error-type": "dependency_file_not_evaluatable",
185
208
  "error-detail": { message: error.message }
186
209
  }
210
+ when Dependabot::DependencyFileNotParseable
211
+ {
212
+ "error-type": "dependency_file_not_parseable",
213
+ "error-detail": {
214
+ message: error.message,
215
+ "file-path": error.file_path
216
+ }
217
+ }
187
218
  when Dependabot::GitDependenciesNotReachable
188
219
  {
189
220
  "error-type": "git_dependencies_not_reachable",
190
221
  "error-detail": { "dependency-urls": error.dependency_urls }
191
222
  }
223
+ when Dependabot::DependencyFileNotFound
224
+ {
225
+ "error-type": "dependency_file_not_found",
226
+ "error-detail": {
227
+ message: error.message,
228
+ "file-path": error.file_path
229
+ }
230
+ }
192
231
  when Dependabot::ToolVersionNotSupported
193
232
  {
194
233
  "error-type": "tool_version_not_supported",
@@ -296,9 +335,11 @@ module Dependabot
296
335
  }
297
336
  end
298
337
  end
338
+
299
339
  # rubocop:enable Metrics/MethodLength
300
340
  # rubocop:enable Metrics/CyclomaticComplexity
301
341
  # rubocop:enable Lint/RedundantCopDisableDirective
342
+ # rubocop:enable Metrics/AbcSize
302
343
 
303
344
  class DependabotError < StandardError
304
345
  extend T::Sig
@@ -485,6 +526,35 @@ module Dependabot
485
526
  end
486
527
  end
487
528
 
529
+ class ToolFeatureNotSupported < DependabotError
530
+ extend T::Sig
531
+
532
+ sig { returns(String) }
533
+ attr_reader :tool_name, :tool_type, :feature
534
+
535
+ sig do
536
+ params(
537
+ tool_name: String,
538
+ tool_type: String,
539
+ feature: String
540
+ ).void
541
+ end
542
+ def initialize(tool_name:, tool_type:, feature:)
543
+ @tool_name = tool_name
544
+ @tool_type = tool_type
545
+ @feature = feature
546
+ super(build_message)
547
+ end
548
+
549
+ private
550
+
551
+ sig { returns(String) }
552
+ def build_message
553
+ "Dependabot doesn't support the feature '#{feature}' for #{tool_name} (#{tool_type}). " \
554
+ "Please refer to the documentation for supported features."
555
+ end
556
+ end
557
+
488
558
  class DependencyFileNotFound < DependabotError
489
559
  extend T::Sig
490
560
 
@@ -671,23 +741,6 @@ module Dependabot
671
741
  end
672
742
  end
673
743
 
674
- class UnresolvableVersionError < DependabotError
675
- extend T::Sig
676
-
677
- sig { returns(T::Array[String]) }
678
- attr_reader :dependencies
679
-
680
- sig { params(dependencies: T::Array[String]).void }
681
- def initialize(dependencies)
682
- @dependencies = dependencies
683
-
684
- msg = "Unable to determine semantic version from tags or commits for dependencies. " \
685
- "Dependencies must have a tag or commit that references a semantic version. " \
686
- "Affected dependencies: #{@dependencies.join(', ')}"
687
- super(msg)
688
- end
689
- end
690
-
691
744
  class GitDependenciesNotReachable < DependabotError
692
745
  extend T::Sig
693
746
 
data/lib/dependabot/file_fetchers/base.rb CHANGED
@@ -128,6 +128,11 @@ module Dependabot
128
128
  source.branch
129
129
  end
130
130
 
131
+ sig { returns(T::Boolean) }
132
+ def allow_beta_ecosystems?
133
+ Experiments.enabled?(:enable_beta_ecosystems)
134
+ end
135
+
131
136
  sig { returns(T::Array[DependencyFile]) }
132
137
  def files
133
138
  return @files if @files.any?
data/lib/dependabot/metadata_finders/base/release_finder.rb CHANGED
@@ -302,7 +302,7 @@ module Dependabot
302
302
 
303
303
  # Previous version looks like a git SHA and there's a previous ref, we
304
304
  # could be changing to a nil previous ref in which case we want to
305
- # fall back to tge sha version
305
+ # fall back to the sha version
306
306
  if T.must(dependency.previous_version).match?(/^[0-9a-f]{40}$/) &&
307
307
  ref_changed? && previous_ref
308
308
  previous_ref
data/lib/dependabot/workspace/change_attempt.rb CHANGED
@@ -8,9 +8,6 @@ module Dependabot
8
8
  class ChangeAttempt
9
9
  extend T::Sig
10
10
 
11
- sig { returns(T.nilable(String)) }
12
- attr_reader :diff
13
-
14
11
  sig { returns(T.nilable(StandardError)) }
15
12
  attr_reader :error
16
13
 
@@ -28,15 +25,13 @@ module Dependabot
28
25
  workspace: Dependabot::Workspace::Base,
29
26
  id: String,
30
27
  memo: T.nilable(String),
31
- diff: T.nilable(String),
32
28
  error: T.nilable(StandardError)
33
29
  ).void
34
30
  end
35
- def initialize(workspace, id:, memo:, diff: nil, error: nil)
31
+ def initialize(workspace, id:, memo:, error: nil)
36
32
  @workspace = workspace
37
33
  @id = id
38
34
  @memo = memo
39
- @diff = diff
40
35
  @error = error
41
36
  end
42
37
 
data/lib/dependabot/workspace/git.rb CHANGED
@@ -56,9 +56,9 @@ module Dependabot
56
56
  return nil if changed_files(ignored_mode: "no").empty?
57
57
 
58
58
  debug("store_change - before: #{current_commit}")
59
- sha, diff = commit(memo)
59
+ sha = commit(memo)
60
60
 
61
- change_attempts << ChangeAttempt.new(self, id: sha, memo: memo, diff: diff)
61
+ change_attempts << ChangeAttempt.new(self, id: sha, memo: memo)
62
62
  ensure
63
63
  debug("store_change - after: #{current_commit}")
64
64
  end
@@ -73,8 +73,8 @@ module Dependabot
73
73
  def capture_failed_change_attempt(memo = nil, error = nil)
74
74
  return nil if changed_files(ignored_mode: "matching").empty? && error.nil?
75
75
 
76
- sha, diff = stash(memo)
77
- change_attempts << ChangeAttempt.new(self, id: sha, memo: memo, diff: diff, error: error)
76
+ sha = stash(memo)
77
+ change_attempts << ChangeAttempt.new(self, id: sha, memo: memo, error: error)
78
78
  end
79
79
 
80
80
  private
@@ -112,7 +112,7 @@ module Dependabot
112
112
  ).strip
113
113
  end
114
114
 
115
- sig { params(memo: T.nilable(String)).returns([String, String]) }
115
+ sig { params(memo: T.nilable(String)).returns(String) }
116
116
  def stash(memo = nil)
117
117
  msg = memo || "workspace change attempt"
118
118
  run_shell_command("git add --all --force .")
@@ -122,19 +122,12 @@ module Dependabot
122
122
  allow_unsafe_shell_command: true
123
123
  )
124
124
 
125
- sha = last_stash_sha
126
- diff = run_shell_command(
127
- "git stash show --patch #{sha}",
128
- fingerprint: "git stash show --patch <sha>"
129
- )
130
-
131
- [sha, diff]
125
+ last_stash_sha
132
126
  end
133
127
 
134
- sig { params(memo: T.nilable(String)).returns([String, String]) }
128
+ sig { params(memo: T.nilable(String)).returns(String) }
135
129
  def commit(memo = nil)
136
130
  run_shell_command("git add #{path}")
137
- diff = run_shell_command("git diff --cached .")
138
131
 
139
132
  msg = memo || "workspace change"
140
133
  run_shell_command(
@@ -143,7 +136,7 @@ module Dependabot
143
136
  allow_unsafe_shell_command: true
144
137
  )
145
138
 
146
- [head_sha, diff]
139
+ head_sha
147
140
  end
148
141
 
149
142
  sig { params(sha: String).returns(String) }
data/lib/dependabot.rb CHANGED
@@ -2,5 +2,5 @@
2
2
  # frozen_string_literal: true
3
3
 
4
4
  module Dependabot
5
- VERSION = "0.292.0"
5
+ VERSION = "0.294.0"
6
6
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.292.0
4
+ version: 0.294.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2025-01-09 00:00:00.000000000 Z
11
+ date: 2025-01-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-codecommit
@@ -615,7 +615,7 @@ licenses:
615
615
  - MIT
616
616
  metadata:
617
617
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
618
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.292.0
618
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.294.0
619
619
  post_install_message:
620
620
  rdoc_options: []
621
621
  require_paths: