dependabot-common 0.363.0 → 0.365.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/command_helpers.rb +5 -1
- data/lib/dependabot/dependency.rb +60 -17
- data/lib/dependabot/dependency_graphers/base.rb +2 -2
- data/lib/dependabot/dependency_group.rb +0 -2
- data/lib/dependabot/file_fetchers/base.rb +14 -14
- data/lib/dependabot/metadata_finders/base/commits_finder.rb +15 -15
- data/lib/dependabot/package/package_latest_version_finder.rb +6 -6
- data/lib/dependabot/pull_request_creator/message_builder/title_builder.rb +126 -0
- data/lib/dependabot/pull_request_creator/message_builder.rb +50 -2
- data/lib/dependabot/shared_helpers.rb +17 -25
- data/lib/dependabot.rb +1 -1
- metadata +7 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f60295381915191cca0d05b7be5c04af89cbe52a0f3df889e8365503d9d23ab6
|
|
4
|
+
data.tar.gz: 6cce9d750a9d91859998a579d9701329ed3bfc40ce63edf21c4c7cd7659e2ca1
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 7b6a7a215197bbfc58f9652bb25c4e240d4ca82cb2cf693e9bba403546a26f97507b18c3456ccacf07ae140b85a975f44ccf3775ffd1747e7a2f943f88796076
|
|
7
|
+
data.tar.gz: 6da0b1e735407a95fb73d30588cdb9c4c31e84239cd049e91c5c3cbc70e8113525c5e56e3d70ccac910be6a43ebb8d425cc948c2da2e332483ba081faabd4442
|
|
@@ -103,7 +103,11 @@ module Dependabot
|
|
|
103
103
|
Dependabot.logger.info("Started process PID: #{pid} with command: #{sanitized_env_cmd.join(' ')}")
|
|
104
104
|
|
|
105
105
|
# Write to stdin if input data is provided
|
|
106
|
-
|
|
106
|
+
begin
|
|
107
|
+
stdin&.write(stdin_data) if stdin_data
|
|
108
|
+
rescue Errno::EPIPE
|
|
109
|
+
# Process exited before reading stdin - continue to collect output
|
|
110
|
+
end
|
|
107
111
|
stdin&.close
|
|
108
112
|
|
|
109
113
|
stdout_io.sync = true
|
|
@@ -14,6 +14,10 @@ module Dependabot
|
|
|
14
14
|
)
|
|
15
15
|
@display_name_builders = T.let({}, T::Hash[String, T.proc.params(arg0: String).returns(String)])
|
|
16
16
|
@name_normalisers = T.let({}, T::Hash[String, T.proc.params(arg0: String).returns(String)])
|
|
17
|
+
@humanized_previous_version_builders = T.let(
|
|
18
|
+
{},
|
|
19
|
+
T::Hash[String, T.proc.params(arg0: Dependency).returns(T.nilable(String))]
|
|
20
|
+
)
|
|
17
21
|
|
|
18
22
|
sig do
|
|
19
23
|
params(package_manager: String).returns(T.proc.params(arg0: T::Array[T.untyped]).returns(T::Boolean))
|
|
@@ -61,6 +65,25 @@ module Dependabot
|
|
|
61
65
|
@name_normalisers[package_manager] = name_builder
|
|
62
66
|
end
|
|
63
67
|
|
|
68
|
+
sig do
|
|
69
|
+
params(
|
|
70
|
+
package_manager: String
|
|
71
|
+
).returns(T.nilable(T.proc.params(arg0: Dependency).returns(T.nilable(String))))
|
|
72
|
+
end
|
|
73
|
+
def self.humanized_previous_version_builder_for_package_manager(package_manager)
|
|
74
|
+
@humanized_previous_version_builders[package_manager]
|
|
75
|
+
end
|
|
76
|
+
|
|
77
|
+
sig do
|
|
78
|
+
params(
|
|
79
|
+
package_manager: String,
|
|
80
|
+
builder: T.proc.params(arg0: Dependency).returns(T.nilable(String))
|
|
81
|
+
).void
|
|
82
|
+
end
|
|
83
|
+
def self.register_humanized_previous_version_builder(package_manager, builder)
|
|
84
|
+
@humanized_previous_version_builders[package_manager] = builder
|
|
85
|
+
end
|
|
86
|
+
|
|
64
87
|
sig { returns(String) }
|
|
65
88
|
attr_reader :name
|
|
66
89
|
|
|
@@ -225,24 +248,10 @@ module Dependabot
|
|
|
225
248
|
|
|
226
249
|
sig { returns(T.nilable(String)) }
|
|
227
250
|
def humanized_previous_version
|
|
228
|
-
|
|
229
|
-
|
|
230
|
-
# previous ref was essentially the version).
|
|
231
|
-
if previous_version.nil?
|
|
232
|
-
return ref_changed? ? previous_ref : nil
|
|
233
|
-
end
|
|
234
|
-
|
|
235
|
-
if T.must(previous_version).match?(/^[0-9a-f]{40}/)
|
|
236
|
-
return previous_ref if ref_changed? && previous_ref
|
|
251
|
+
custom_version = custom_humanized_previous_version
|
|
252
|
+
return custom_version if custom_version
|
|
237
253
|
|
|
238
|
-
|
|
239
|
-
elsif version == previous_version &&
|
|
240
|
-
package_manager == "docker"
|
|
241
|
-
digest = docker_digest_from_reqs(T.must(previous_requirements))
|
|
242
|
-
"`#{T.must(T.must(digest).split(':').last)[0..6]}`"
|
|
243
|
-
else
|
|
244
|
-
previous_version
|
|
245
|
-
end
|
|
254
|
+
default_humanized_previous_version
|
|
246
255
|
end
|
|
247
256
|
|
|
248
257
|
sig { returns(T.nilable(String)) }
|
|
@@ -391,6 +400,40 @@ module Dependabot
|
|
|
391
400
|
|
|
392
401
|
private
|
|
393
402
|
|
|
403
|
+
sig { returns(T.nilable(String)) }
|
|
404
|
+
def custom_humanized_previous_version
|
|
405
|
+
builder = self.class.humanized_previous_version_builder_for_package_manager(package_manager)
|
|
406
|
+
return nil unless builder
|
|
407
|
+
|
|
408
|
+
builder.call(self)
|
|
409
|
+
end
|
|
410
|
+
|
|
411
|
+
sig { returns(T.nilable(String)) }
|
|
412
|
+
def default_humanized_previous_version
|
|
413
|
+
# If we don't have a previous version, we *may* still be able to figure
|
|
414
|
+
# one out if a ref was provided and has been changed (in which case the
|
|
415
|
+
# previous ref was essentially the version).
|
|
416
|
+
return (ref_changed? ? previous_ref : nil) if previous_version.nil?
|
|
417
|
+
|
|
418
|
+
return humanized_sha_previous_version if T.must(previous_version).match?(/^[0-9a-f]{40}/)
|
|
419
|
+
return humanized_docker_previous_version if version == previous_version && package_manager == "docker"
|
|
420
|
+
|
|
421
|
+
previous_version
|
|
422
|
+
end
|
|
423
|
+
|
|
424
|
+
sig { returns(T.nilable(String)) }
|
|
425
|
+
def humanized_sha_previous_version
|
|
426
|
+
return previous_ref if ref_changed? && previous_ref
|
|
427
|
+
|
|
428
|
+
"`#{T.must(previous_version)[0..6]}`"
|
|
429
|
+
end
|
|
430
|
+
|
|
431
|
+
sig { returns(String) }
|
|
432
|
+
def humanized_docker_previous_version
|
|
433
|
+
digest = docker_digest_from_reqs(T.must(previous_requirements))
|
|
434
|
+
"`#{T.must(T.must(digest).split(':').last)[0..6]}`"
|
|
435
|
+
end
|
|
436
|
+
|
|
394
437
|
sig { void }
|
|
395
438
|
def check_values
|
|
396
439
|
check_requirement_fields
|
|
@@ -91,8 +91,8 @@ module Dependabot
|
|
|
91
91
|
sig { returns(T::Hash[String, Dependabot::Dependency]) }
|
|
92
92
|
def dependencies_by_name
|
|
93
93
|
@dependencies_by_name ||= T.let(
|
|
94
|
-
@dependencies.
|
|
95
|
-
|
|
94
|
+
@dependencies.to_h do |dep|
|
|
95
|
+
[dep.name, dep]
|
|
96
96
|
end,
|
|
97
97
|
T.nilable(T::Hash[String, Dependabot::Dependency])
|
|
98
98
|
)
|
|
@@ -641,20 +641,20 @@ module Dependabot
|
|
|
641
641
|
T.unsafe(gitlab_client)
|
|
642
642
|
.repo_tree(repo, path: path, ref: commit, per_page: 100)
|
|
643
643
|
.map do |file|
|
|
644
|
-
|
|
645
|
-
|
|
646
|
-
|
|
647
|
-
|
|
648
|
-
|
|
649
|
-
|
|
650
|
-
|
|
651
|
-
|
|
652
|
-
|
|
653
|
-
|
|
654
|
-
|
|
655
|
-
|
|
656
|
-
|
|
657
|
-
|
|
644
|
+
# GitLab API essentially returns the output from `git ls-tree`
|
|
645
|
+
type = case file.type
|
|
646
|
+
when "blob" then "file"
|
|
647
|
+
when "tree" then "dir"
|
|
648
|
+
when "commit" then "submodule"
|
|
649
|
+
else file.fetch("type")
|
|
650
|
+
end
|
|
651
|
+
|
|
652
|
+
RepositoryContent.new(
|
|
653
|
+
name: file.name,
|
|
654
|
+
path: file.path,
|
|
655
|
+
type: type,
|
|
656
|
+
size: 0 # GitLab doesn't return file size
|
|
657
|
+
)
|
|
658
658
|
end
|
|
659
659
|
end
|
|
660
660
|
|
|
@@ -309,11 +309,11 @@ module Dependabot
|
|
|
309
309
|
T.unsafe(bitbucket_client)
|
|
310
310
|
.compare(T.must(source).repo, previous_tag, new_tag)
|
|
311
311
|
.map do |commit|
|
|
312
|
-
|
|
313
|
-
|
|
314
|
-
|
|
315
|
-
|
|
316
|
-
|
|
312
|
+
{
|
|
313
|
+
message: commit.dig("summary", "raw"),
|
|
314
|
+
sha: commit["hash"],
|
|
315
|
+
html_url: commit.dig("links", "html", "href")
|
|
316
|
+
}
|
|
317
317
|
end
|
|
318
318
|
rescue Dependabot::Clients::Bitbucket::NotFound,
|
|
319
319
|
Dependabot::Clients::Bitbucket::Unauthorized,
|
|
@@ -330,11 +330,11 @@ module Dependabot
|
|
|
330
330
|
.compare(T.must(source).repo, previous_tag, new_tag)
|
|
331
331
|
.commits
|
|
332
332
|
.map do |commit|
|
|
333
|
-
|
|
334
|
-
|
|
335
|
-
|
|
336
|
-
|
|
337
|
-
|
|
333
|
+
{
|
|
334
|
+
message: commit["message"],
|
|
335
|
+
sha: commit["id"],
|
|
336
|
+
html_url: "#{T.must(source).url}/commit/#{commit['id']}"
|
|
337
|
+
}
|
|
338
338
|
end
|
|
339
339
|
rescue Gitlab::Error::NotFound
|
|
340
340
|
[]
|
|
@@ -346,11 +346,11 @@ module Dependabot
|
|
|
346
346
|
azure_client
|
|
347
347
|
.compare(previous_tag, new_tag, type)
|
|
348
348
|
.map do |commit|
|
|
349
|
-
|
|
350
|
-
|
|
351
|
-
|
|
352
|
-
|
|
353
|
-
|
|
349
|
+
{
|
|
350
|
+
message: commit["comment"],
|
|
351
|
+
sha: commit["commitId"],
|
|
352
|
+
html_url: commit["remoteUrl"]
|
|
353
|
+
}
|
|
354
354
|
end
|
|
355
355
|
rescue Dependabot::Clients::Azure::NotFound,
|
|
356
356
|
Dependabot::Clients::Azure::Unauthorized,
|
|
@@ -240,9 +240,9 @@ module Dependabot
|
|
|
240
240
|
def filter_ignored_versions(releases)
|
|
241
241
|
filtered = releases
|
|
242
242
|
.reject do |release|
|
|
243
|
-
|
|
244
|
-
|
|
245
|
-
|
|
243
|
+
ignore_requirements.any? do |r|
|
|
244
|
+
r.satisfied_by?(release.version)
|
|
245
|
+
end
|
|
246
246
|
end
|
|
247
247
|
if @raise_on_ignored && filter_lower_versions(filtered).empty? && filter_lower_versions(releases).any?
|
|
248
248
|
raise Dependabot::AllVersionsIgnored
|
|
@@ -277,9 +277,9 @@ module Dependabot
|
|
|
277
277
|
|
|
278
278
|
releases
|
|
279
279
|
.select do |release|
|
|
280
|
-
|
|
281
|
-
|
|
282
|
-
|
|
280
|
+
reqs.all? do |r|
|
|
281
|
+
r.any? { |o| o.satisfied_by?(release.version) }
|
|
282
|
+
end
|
|
283
283
|
end
|
|
284
284
|
end
|
|
285
285
|
|
|
@@ -0,0 +1,126 @@
|
|
|
1
|
+
# typed: strict
|
|
2
|
+
# frozen_string_literal: true
|
|
3
|
+
|
|
4
|
+
require "sorbet-runtime"
|
|
5
|
+
require "dependabot/dependency"
|
|
6
|
+
require "dependabot/logger"
|
|
7
|
+
require "dependabot/pull_request_creator/pr_name_prefixer"
|
|
8
|
+
|
|
9
|
+
module Dependabot
|
|
10
|
+
class PullRequestCreator
|
|
11
|
+
class MessageBuilder
|
|
12
|
+
# Composes a final PR title from a base title + prefix.
|
|
13
|
+
#
|
|
14
|
+
# Works in two modes:
|
|
15
|
+
# 1. With a full PrNamePrefixer (updater path — has source/credentials for
|
|
16
|
+
# commit style auto-detection)
|
|
17
|
+
# 2. With just commit_message_options (API path — explicit prefix only,
|
|
18
|
+
# no network calls needed)
|
|
19
|
+
class TitleBuilder
|
|
20
|
+
extend T::Sig
|
|
21
|
+
|
|
22
|
+
sig { returns(String) }
|
|
23
|
+
attr_reader :base_title
|
|
24
|
+
|
|
25
|
+
sig { returns(T.nilable(Dependabot::PullRequestCreator::PrNamePrefixer)) }
|
|
26
|
+
attr_reader :prefixer
|
|
27
|
+
|
|
28
|
+
sig { returns(T.nilable(T::Hash[Symbol, T.untyped])) }
|
|
29
|
+
attr_reader :commit_message_options
|
|
30
|
+
|
|
31
|
+
sig { returns(T.nilable(T::Array[Dependabot::Dependency])) }
|
|
32
|
+
attr_reader :dependencies
|
|
33
|
+
|
|
34
|
+
sig do
|
|
35
|
+
params(
|
|
36
|
+
base_title: String,
|
|
37
|
+
prefixer: T.nilable(Dependabot::PullRequestCreator::PrNamePrefixer),
|
|
38
|
+
commit_message_options: T.nilable(T::Hash[Symbol, T.untyped]),
|
|
39
|
+
dependencies: T.nilable(T::Array[Dependabot::Dependency])
|
|
40
|
+
).void
|
|
41
|
+
end
|
|
42
|
+
def initialize(base_title:, prefixer: nil, commit_message_options: nil, dependencies: nil)
|
|
43
|
+
@base_title = base_title
|
|
44
|
+
@prefixer = prefixer
|
|
45
|
+
@commit_message_options = commit_message_options
|
|
46
|
+
@dependencies = dependencies
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
# Generates a base title for multi-ecosystem combined PR updates.
|
|
50
|
+
sig { params(group_name: String, update_count: Integer).returns(String) }
|
|
51
|
+
def self.multi_ecosystem_base_title(group_name:, update_count:)
|
|
52
|
+
"bump the \"#{group_name}\" group with " \
|
|
53
|
+
"#{update_count} update#{'s' unless update_count == 1} across multiple ecosystems"
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
sig { returns(String) }
|
|
57
|
+
def build
|
|
58
|
+
name = base_title.dup
|
|
59
|
+
name[0] = T.must(name[0]).capitalize if !name.empty? && capitalize?
|
|
60
|
+
"#{prefix}#{name}"
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
private
|
|
64
|
+
|
|
65
|
+
sig { returns(String) }
|
|
66
|
+
def prefix
|
|
67
|
+
return T.must(prefixer).pr_name_prefix if prefixer
|
|
68
|
+
|
|
69
|
+
build_explicit_prefix
|
|
70
|
+
rescue StandardError => e
|
|
71
|
+
Dependabot.logger.error("Error while generating PR name prefix: #{e.message}")
|
|
72
|
+
Dependabot.logger.error(e.backtrace&.join("\n"))
|
|
73
|
+
""
|
|
74
|
+
end
|
|
75
|
+
|
|
76
|
+
sig { returns(T::Boolean) }
|
|
77
|
+
def capitalize?
|
|
78
|
+
return T.must(prefixer).capitalize_first_word? if prefixer
|
|
79
|
+
|
|
80
|
+
true
|
|
81
|
+
end
|
|
82
|
+
|
|
83
|
+
# Builds prefix from explicit commit_message_options only.
|
|
84
|
+
# Same logic as PrNamePrefixer#prefix_from_explicitly_provided_details
|
|
85
|
+
# but without requiring source/credentials.
|
|
86
|
+
sig { returns(String) }
|
|
87
|
+
def build_explicit_prefix
|
|
88
|
+
return "" unless commit_message_options&.key?(:prefix)
|
|
89
|
+
|
|
90
|
+
prefix = explicit_prefix_string
|
|
91
|
+
return "" if prefix.empty?
|
|
92
|
+
|
|
93
|
+
prefix += "(#{scope})" if commit_message_options&.dig(:include_scope)
|
|
94
|
+
# Append colon after alphanumeric or closing bracket to follow
|
|
95
|
+
# conventional commit format (e.g., "chore: ..." or "fix(deps): ...")
|
|
96
|
+
prefix += ":" if prefix.match?(/[A-Za-z0-9\)\]]\Z/)
|
|
97
|
+
prefix += " " unless prefix.end_with?(" ")
|
|
98
|
+
prefix
|
|
99
|
+
end
|
|
100
|
+
|
|
101
|
+
sig { returns(String) }
|
|
102
|
+
def explicit_prefix_string
|
|
103
|
+
if production_dependencies?
|
|
104
|
+
commit_message_options&.dig(:prefix).to_s
|
|
105
|
+
elsif commit_message_options&.key?(:prefix_development)
|
|
106
|
+
commit_message_options&.dig(:prefix_development).to_s
|
|
107
|
+
else
|
|
108
|
+
commit_message_options&.dig(:prefix).to_s
|
|
109
|
+
end
|
|
110
|
+
end
|
|
111
|
+
|
|
112
|
+
sig { returns(T::Boolean) }
|
|
113
|
+
def production_dependencies?
|
|
114
|
+
dependencies&.any?(&:production?) != false
|
|
115
|
+
rescue StandardError
|
|
116
|
+
true
|
|
117
|
+
end
|
|
118
|
+
|
|
119
|
+
sig { returns(String) }
|
|
120
|
+
def scope
|
|
121
|
+
production_dependencies? ? "deps" : "deps-dev"
|
|
122
|
+
end
|
|
123
|
+
end
|
|
124
|
+
end
|
|
125
|
+
end
|
|
126
|
+
end
|
|
@@ -24,6 +24,7 @@ module Dependabot
|
|
|
24
24
|
require_relative "message_builder/metadata_presenter"
|
|
25
25
|
require_relative "message_builder/issue_linker"
|
|
26
26
|
require_relative "message_builder/link_and_mention_sanitizer"
|
|
27
|
+
require_relative "message_builder/title_builder"
|
|
27
28
|
require_relative "pr_name_prefixer"
|
|
28
29
|
|
|
29
30
|
sig { returns(Dependabot::Source) }
|
|
@@ -130,8 +131,10 @@ module Dependabot
|
|
|
130
131
|
sig { returns(String) }
|
|
131
132
|
def pr_name
|
|
132
133
|
name = dependency_group ? group_pr_name : solo_pr_name
|
|
133
|
-
|
|
134
|
-
|
|
134
|
+
MessageBuilder::TitleBuilder.new(
|
|
135
|
+
base_title: name,
|
|
136
|
+
prefixer: pr_name_prefixer
|
|
137
|
+
).build
|
|
135
138
|
end
|
|
136
139
|
|
|
137
140
|
sig { returns(String) }
|
|
@@ -263,6 +266,8 @@ module Dependabot
|
|
|
263
266
|
|
|
264
267
|
sig { returns(String) }
|
|
265
268
|
def group_pr_name
|
|
269
|
+
return dependency_name_group_pr_name if dependency_group&.group_by_dependency_name?
|
|
270
|
+
|
|
266
271
|
if source.directories
|
|
267
272
|
grouped_directory_name
|
|
268
273
|
else
|
|
@@ -270,6 +275,20 @@ module Dependabot
|
|
|
270
275
|
end
|
|
271
276
|
end
|
|
272
277
|
|
|
278
|
+
sig { returns(String) }
|
|
279
|
+
def dependency_name_group_pr_name
|
|
280
|
+
dep = T.must(dependencies.first)
|
|
281
|
+
directories = dep.metadata[:updated_directories] || [dep.metadata[:directory]].compact
|
|
282
|
+
|
|
283
|
+
if directories.count > 1
|
|
284
|
+
"bump #{dep.name} across #{directories.count} directories"
|
|
285
|
+
elsif directories.one?
|
|
286
|
+
"bump #{dep.name} in #{directories.first}"
|
|
287
|
+
else
|
|
288
|
+
"bump #{dep.name}"
|
|
289
|
+
end
|
|
290
|
+
end
|
|
291
|
+
|
|
273
292
|
sig { returns(String) }
|
|
274
293
|
def grouped_name
|
|
275
294
|
updates = dependencies.map(&:name).uniq.count
|
|
@@ -411,6 +430,8 @@ module Dependabot
|
|
|
411
430
|
# rubocop:disable Metrics/AbcSize
|
|
412
431
|
sig { returns(String) }
|
|
413
432
|
def version_commit_message_intro
|
|
433
|
+
return dependency_name_group_intro if dependency_group&.group_by_dependency_name? && source.directories
|
|
434
|
+
|
|
414
435
|
return multi_directory_group_intro if dependency_group && source.directories
|
|
415
436
|
|
|
416
437
|
return group_intro if dependency_group
|
|
@@ -546,6 +567,33 @@ module Dependabot
|
|
|
546
567
|
end
|
|
547
568
|
# rubocop:enable Metrics/AbcSize
|
|
548
569
|
|
|
570
|
+
sig { returns(String) }
|
|
571
|
+
def dependency_name_group_intro
|
|
572
|
+
dep = T.must(dependencies.first)
|
|
573
|
+
directories = dep.metadata[:updated_directories] || [dep.metadata[:directory]].compact
|
|
574
|
+
|
|
575
|
+
msg = "Bumps #{dependency_links.first}"
|
|
576
|
+
|
|
577
|
+
if directories.count > 1
|
|
578
|
+
msg += " across #{directories.count} directories:\n\n"
|
|
579
|
+
msg += directories.map do |dir|
|
|
580
|
+
prev_version = dep.humanized_previous_version || "unknown"
|
|
581
|
+
new_version = dep.humanized_version || "unknown"
|
|
582
|
+
"- `#{dir}`: #{prev_version} → #{new_version}"
|
|
583
|
+
end.join("\n")
|
|
584
|
+
elsif directories.one?
|
|
585
|
+
msg += " in `#{directories.first}`"
|
|
586
|
+
msg += " #{from_version_msg(dep.humanized_previous_version)}"
|
|
587
|
+
msg += "to #{dep.humanized_version}."
|
|
588
|
+
else
|
|
589
|
+
msg += " #{from_version_msg(dep.humanized_previous_version)}"
|
|
590
|
+
msg += "to #{dep.humanized_version}."
|
|
591
|
+
end
|
|
592
|
+
|
|
593
|
+
msg += "\n"
|
|
594
|
+
msg
|
|
595
|
+
end
|
|
596
|
+
|
|
549
597
|
sig { returns(String) }
|
|
550
598
|
def group_intro
|
|
551
599
|
# Ensure dependencies are unique by name, from and to versions
|
|
@@ -163,15 +163,13 @@ module Dependabot
|
|
|
163
163
|
end
|
|
164
164
|
|
|
165
165
|
env_cmd = [env, cmd].compact
|
|
166
|
-
|
|
167
|
-
|
|
168
|
-
|
|
169
|
-
|
|
170
|
-
|
|
171
|
-
|
|
172
|
-
|
|
173
|
-
stdout, stderr, process = T.unsafe(Open3).capture3(*env_cmd, stdin_data: stdin_data)
|
|
174
|
-
end
|
|
166
|
+
raw_stdout, raw_stderr, process = CommandHelpers.capture3_with_timeout(
|
|
167
|
+
env_cmd,
|
|
168
|
+
stdin_data: stdin_data,
|
|
169
|
+
timeout: timeout
|
|
170
|
+
)
|
|
171
|
+
stdout = T.let(raw_stdout || "", String)
|
|
172
|
+
stderr = T.let(raw_stderr || "", String)
|
|
175
173
|
time_taken = Time.now - start
|
|
176
174
|
|
|
177
175
|
if ENV["DEBUG_HELPERS"] == "true"
|
|
@@ -480,22 +478,16 @@ module Dependabot
|
|
|
480
478
|
opts[:chdir] = cwd if cwd
|
|
481
479
|
|
|
482
480
|
env_cmd = [env || {}, cmd, opts].compact
|
|
483
|
-
|
|
484
|
-
|
|
485
|
-
|
|
486
|
-
|
|
487
|
-
|
|
488
|
-
|
|
489
|
-
|
|
490
|
-
|
|
491
|
-
|
|
492
|
-
|
|
493
|
-
)
|
|
494
|
-
elsif stderr_to_stdout
|
|
495
|
-
stdout, process = Open3.capture2e(env || {}, cmd, opts)
|
|
496
|
-
else
|
|
497
|
-
stdout, stderr, process = Open3.capture3(env || {}, cmd, opts)
|
|
498
|
-
end
|
|
481
|
+
kwargs = {
|
|
482
|
+
stderr_to_stdout: stderr_to_stdout,
|
|
483
|
+
timeout: timeout
|
|
484
|
+
}
|
|
485
|
+
kwargs[:output_observer] = output_observer if output_observer
|
|
486
|
+
|
|
487
|
+
stdout, stderr, process = CommandHelpers.capture3_with_timeout(
|
|
488
|
+
env_cmd,
|
|
489
|
+
**kwargs
|
|
490
|
+
)
|
|
499
491
|
|
|
500
492
|
time_taken = Time.now - start
|
|
501
493
|
|
data/lib/dependabot.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-common
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.365.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -133,14 +133,14 @@ dependencies:
|
|
|
133
133
|
requirements:
|
|
134
134
|
- - "~>"
|
|
135
135
|
- !ruby/object:Gem::Version
|
|
136
|
-
version: '
|
|
136
|
+
version: '6.0'
|
|
137
137
|
type: :runtime
|
|
138
138
|
prerelease: false
|
|
139
139
|
version_requirements: !ruby/object:Gem::Requirement
|
|
140
140
|
requirements:
|
|
141
141
|
- - "~>"
|
|
142
142
|
- !ruby/object:Gem::Version
|
|
143
|
-
version: '
|
|
143
|
+
version: '6.0'
|
|
144
144
|
- !ruby/object:Gem::Dependency
|
|
145
145
|
name: json
|
|
146
146
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -175,14 +175,14 @@ dependencies:
|
|
|
175
175
|
requirements:
|
|
176
176
|
- - "~>"
|
|
177
177
|
- !ruby/object:Gem::Version
|
|
178
|
-
version: '
|
|
178
|
+
version: '10.0'
|
|
179
179
|
type: :runtime
|
|
180
180
|
prerelease: false
|
|
181
181
|
version_requirements: !ruby/object:Gem::Requirement
|
|
182
182
|
requirements:
|
|
183
183
|
- - "~>"
|
|
184
184
|
- !ruby/object:Gem::Version
|
|
185
|
-
version: '
|
|
185
|
+
version: '10.0'
|
|
186
186
|
- !ruby/object:Gem::Dependency
|
|
187
187
|
name: opentelemetry-api
|
|
188
188
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -586,6 +586,7 @@ files:
|
|
|
586
586
|
- lib/dependabot/pull_request_creator/message_builder/issue_linker.rb
|
|
587
587
|
- lib/dependabot/pull_request_creator/message_builder/link_and_mention_sanitizer.rb
|
|
588
588
|
- lib/dependabot/pull_request_creator/message_builder/metadata_presenter.rb
|
|
589
|
+
- lib/dependabot/pull_request_creator/message_builder/title_builder.rb
|
|
589
590
|
- lib/dependabot/pull_request_creator/pr_name_prefixer.rb
|
|
590
591
|
- lib/dependabot/pull_request_updater.rb
|
|
591
592
|
- lib/dependabot/pull_request_updater/azure.rb
|
|
@@ -615,7 +616,7 @@ licenses:
|
|
|
615
616
|
- MIT
|
|
616
617
|
metadata:
|
|
617
618
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
618
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
619
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.365.0
|
|
619
620
|
rdoc_options: []
|
|
620
621
|
require_paths:
|
|
621
622
|
- lib
|