dependabot-common 0.376.0 → 0.377.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/shared_helpers.rb +20 -6
  3. data/lib/dependabot.rb +1 -1
  4. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 2649607c4b50e0d3447b6127fee079597d0f6c404347195ef0e7283b9017d528
4
- data.tar.gz: 29f1fbfd4fc78fe8ac967bc5d77c01ad1de766e65ed7a6f36408e63226ebf7f4
3
+ metadata.gz: 6be97d14c40d59ea74fe9f48f02e95c13c734175d7eee00543924af96a216516
4
+ data.tar.gz: daf82ec144a7a3e8eb766988dec53b09e000dc34117d75c8ec220ccda7114d0f
5
5
  SHA512:
6
- metadata.gz: 55b79ec0676c883d3533f361215d3c704c96a297c717c2f9c721567391875990f726079c6873e442f86424c2858ecb545499639e5ce0987154743ea68689351c
7
- data.tar.gz: e67f0a9ef1254c6747743f6ab56234ffe720ae4e0d56440fe8ab85220ecf3a5761c1545b7743bfbc65ea90c2ce6f72d6d2bbe4d6ad80ad486e69833eef69e01e
6
+ metadata.gz: 4cc34b89173ce3b43c688f5692a0a5c19b1bf66e3c527c5409e2e7699e7a15f7888feab422b4cda76f3c720be69463f4699fd4fba2d6491c10be5455811d194d
7
+ data.tar.gz: f74a92a16c5fd939ed7121f8f2a5e47fc6dbcce641bb572909cda4be83782a00ad715eb5c4d19d5e6ff7055bc1d4aab595c57a835d3f9860758844dc2d1542ba
data/lib/dependabot/shared_helpers.rb CHANGED
@@ -303,13 +303,20 @@ module Dependabot
303
303
  previous_config = ENV.fetch("GIT_CONFIG_GLOBAL", nil)
304
304
  # adding a random suffix to avoid conflicts when running in parallel
305
305
  # some package managers like bundler will modify the global git config
306
- git_config_global_path = File.expand_path("#{SecureRandom.hex(16)}.gitconfig", Utils::BUMP_TMP_DIR_PATH)
306
+ random_suffix = SecureRandom.hex(16)
307
+ git_config_global_path = File.expand_path("#{random_suffix}.gitconfig", Utils::BUMP_TMP_DIR_PATH)
308
+ git_store_path = File.join(Dir.pwd, "#{random_suffix}.git.store")
307
309
  previous_terminal_prompt = ENV.fetch("GIT_TERMINAL_PROMPT", nil)
308
310
 
309
311
  begin
310
312
  ENV["GIT_CONFIG_GLOBAL"] = git_config_global_path
311
313
  ENV["GIT_TERMINAL_PROMPT"] = "false"
312
- configure_git_to_use_https_with_credentials(credentials, safe_directories, git_config_global_path)
314
+ configure_git_to_use_https_with_credentials(
315
+ credentials,
316
+ safe_directories,
317
+ git_config_global_path,
318
+ git_store_path
319
+ )
313
320
  yield
314
321
  ensure
315
322
  ENV["GIT_CONFIG_GLOBAL"] = previous_config
@@ -319,6 +326,7 @@ module Dependabot
319
326
  raise Dependabot::OutOfDisk, e.message
320
327
  ensure
321
328
  FileUtils.rm_f(T.must(git_config_global_path))
329
+ FileUtils.rm_f(T.must(git_store_path))
322
330
  end
323
331
 
324
332
  # Handle SCP-style git URIs
@@ -339,10 +347,16 @@ module Dependabot
339
347
  params(
340
348
  credentials: T::Array[Dependabot::Credential],
341
349
  safe_directories: T::Array[String],
342
- git_config_global_path: String
350
+ git_config_global_path: String,
351
+ git_store_path: String
343
352
  ).void
344
353
  end
345
- def self.configure_git_to_use_https_with_credentials(credentials, safe_directories, git_config_global_path)
354
+ def self.configure_git_to_use_https_with_credentials(
355
+ credentials,
356
+ safe_directories,
357
+ git_config_global_path,
358
+ git_store_path
359
+ )
346
360
  File.open(git_config_global_path, "w") do |file|
347
361
  file << "# Generated by dependabot/dependabot-core"
348
362
  end
@@ -353,7 +367,7 @@ module Dependabot
353
367
  # whenever the credentials are deemed to be invalid, they're erased.
354
368
  run_shell_command(
355
369
  "git config --global credential.helper " \
356
- "'!#{credential_helper_path} --file #{Dir.pwd}/git.store'",
370
+ "'!#{credential_helper_path} --file #{git_store_path}'",
357
371
  allow_unsafe_shell_command: true,
358
372
  fingerprint: "git config --global credential.helper '<helper_command>'"
359
373
  )
@@ -398,7 +412,7 @@ module Dependabot
398
412
  end
399
413
 
400
414
  # Save the file
401
- File.write("git.store", git_store_content)
415
+ File.write(git_store_path, git_store_content)
402
416
  end
403
417
  # rubocop:enable Metrics/AbcSize
404
418
  # rubocop:enable Metrics/PerceivedComplexity
data/lib/dependabot.rb CHANGED
@@ -2,5 +2,5 @@
2
2
  # frozen_string_literal: true
3
3
 
4
4
  module Dependabot
5
- VERSION = "0.376.0"
5
+ VERSION = "0.377.0"
6
6
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.376.0
4
+ version: 0.377.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
@@ -617,7 +617,7 @@ licenses:
617
617
  - MIT
618
618
  metadata:
619
619
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
620
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.376.0
620
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.377.0
621
621
  rdoc_options: []
622
622
  require_paths:
623
623
  - lib