dependabot-common 0.108.25 → 0.109.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/clients/bitbucket_with_retries.rb +0 -2
- data/lib/dependabot/clients/github_with_retries.rb +0 -2
- data/lib/dependabot/clients/gitlab_with_retries.rb +0 -2
- data/lib/dependabot/file_fetchers/base.rb +0 -12
- data/lib/dependabot/pull_request_creator.rb +4 -4
- data/lib/dependabot/pull_request_creator/message_builder.rb +7 -4
- data/lib/dependabot/pull_request_creator/pr_name_prefixer.rb +78 -32
- data/lib/dependabot/version.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 958e2831cb2d5ddd319e55c1e66944ad7d1ded3c1aa8992508f9d4a6ea5f8f2d
|
|
4
|
+
data.tar.gz: 42ac5477caabdcd19a606b82872169b3e7860e26f2e2435788c986d7eab6f015
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 45eb816d0cb4a8950699534d8deac680db71666ff3702d6d047e2e7f86ce8914ca60dd1fbcbf2d2e4db7aef7ab9d5495f620a15f010a3d4eb660d838bd0e8055
|
|
7
|
+
data.tar.gz: 93987f39728087398cf50409b1bffd41df56d02e9dbc853b6b02bd7bd4a54903ef49559f7c1851382aae3038ce174b150dd4579355feb8df371cf6a3cc0ca058
|
|
@@ -47,7 +47,6 @@ module Dependabot
|
|
|
47
47
|
@client.respond_to?(method_name) || super
|
|
48
48
|
end
|
|
49
49
|
|
|
50
|
-
# rubocop:disable Naming/RescuedExceptionsVariableName
|
|
51
50
|
def retry_connection_failures
|
|
52
51
|
retry_attempt = 0
|
|
53
52
|
|
|
@@ -58,7 +57,6 @@ module Dependabot
|
|
|
58
57
|
retry_attempt <= @max_retries ? retry : raise
|
|
59
58
|
end
|
|
60
59
|
end
|
|
61
|
-
# rubocop:enable Naming/RescuedExceptionsVariableName
|
|
62
60
|
end
|
|
63
61
|
end
|
|
64
62
|
end
|
|
@@ -108,7 +108,6 @@ module Dependabot
|
|
|
108
108
|
@clients.first.respond_to?(method_name) || super
|
|
109
109
|
end
|
|
110
110
|
|
|
111
|
-
# rubocop:disable Naming/RescuedExceptionsVariableName
|
|
112
111
|
def retry_connection_failures
|
|
113
112
|
retry_attempt = 0
|
|
114
113
|
|
|
@@ -119,7 +118,6 @@ module Dependabot
|
|
|
119
118
|
retry_attempt <= @max_retries ? retry : raise
|
|
120
119
|
end
|
|
121
120
|
end
|
|
122
|
-
# rubocop:enable Naming/RescuedExceptionsVariableName
|
|
123
121
|
end
|
|
124
122
|
end
|
|
125
123
|
end
|
|
@@ -75,7 +75,6 @@ module Dependabot
|
|
|
75
75
|
@client.respond_to?(method_name) || super
|
|
76
76
|
end
|
|
77
77
|
|
|
78
|
-
# rubocop:disable Naming/RescuedExceptionsVariableName
|
|
79
78
|
def retry_connection_failures
|
|
80
79
|
retry_attempt = 0
|
|
81
80
|
|
|
@@ -86,7 +85,6 @@ module Dependabot
|
|
|
86
85
|
retry_attempt <= @max_retries ? retry : raise
|
|
87
86
|
end
|
|
88
87
|
end
|
|
89
|
-
# rubocop:enable Naming/RescuedExceptionsVariableName
|
|
90
88
|
end
|
|
91
89
|
end
|
|
92
90
|
end
|
|
@@ -51,7 +51,6 @@ module Dependabot
|
|
|
51
51
|
@files ||= fetch_files
|
|
52
52
|
end
|
|
53
53
|
|
|
54
|
-
# rubocop:disable Naming/RescuedExceptionsVariableName
|
|
55
54
|
def commit
|
|
56
55
|
branch = target_branch || default_branch_for_repo
|
|
57
56
|
|
|
@@ -61,11 +60,9 @@ module Dependabot
|
|
|
61
60
|
rescue Octokit::Conflict => e
|
|
62
61
|
raise unless e.message.include?("Repository is empty")
|
|
63
62
|
end
|
|
64
|
-
# rubocop:enable Naming/RescuedExceptionsVariableName
|
|
65
63
|
|
|
66
64
|
private
|
|
67
65
|
|
|
68
|
-
# rubocop:disable Naming/RescuedExceptionsVariableName
|
|
69
66
|
def fetch_file_if_present(filename, fetch_submodules: false)
|
|
70
67
|
dir = File.dirname(filename)
|
|
71
68
|
basename = File.basename(filename)
|
|
@@ -81,9 +78,7 @@ module Dependabot
|
|
|
81
78
|
path = Pathname.new(File.join(directory, filename)).cleanpath.to_path
|
|
82
79
|
raise Dependabot::DependencyFileNotFound, path
|
|
83
80
|
end
|
|
84
|
-
# rubocop:enable Naming/RescuedExceptionsVariableName
|
|
85
81
|
|
|
86
|
-
# rubocop:disable Naming/RescuedExceptionsVariableName
|
|
87
82
|
def fetch_file_from_host(filename, type: "file", fetch_submodules: false)
|
|
88
83
|
path = Pathname.new(File.join(directory, filename)).cleanpath.to_path
|
|
89
84
|
|
|
@@ -96,7 +91,6 @@ module Dependabot
|
|
|
96
91
|
rescue *CLIENT_NOT_FOUND_ERRORS
|
|
97
92
|
raise Dependabot::DependencyFileNotFound, path
|
|
98
93
|
end
|
|
99
|
-
# rubocop:enable Naming/RescuedExceptionsVariableName
|
|
100
94
|
|
|
101
95
|
def repo_contents(dir: ".", ignore_base_directory: false,
|
|
102
96
|
raise_errors: true, fetch_submodules: false)
|
|
@@ -115,7 +109,6 @@ module Dependabot
|
|
|
115
109
|
# INTERNAL METHODS (not for use by sub-classes) #
|
|
116
110
|
#################################################
|
|
117
111
|
|
|
118
|
-
# rubocop:disable Naming/RescuedExceptionsVariableName
|
|
119
112
|
def _fetch_repo_contents(path, fetch_submodules: false,
|
|
120
113
|
raise_errors: true)
|
|
121
114
|
path = path.gsub(" ", "%20")
|
|
@@ -144,7 +137,6 @@ module Dependabot
|
|
|
144
137
|
retrying = true
|
|
145
138
|
retry
|
|
146
139
|
end
|
|
147
|
-
# rubocop:enable Naming/RescuedExceptionsVariableName
|
|
148
140
|
|
|
149
141
|
def _fetch_repo_contents_fully_specified(provider, repo, path, commit)
|
|
150
142
|
case provider
|
|
@@ -270,7 +262,6 @@ module Dependabot
|
|
|
270
262
|
end
|
|
271
263
|
end
|
|
272
264
|
|
|
273
|
-
# rubocop:disable Naming/RescuedExceptionsVariableName
|
|
274
265
|
def _fetch_file_content(path, fetch_submodules: false)
|
|
275
266
|
path = path.gsub(%r{^/*}, "")
|
|
276
267
|
|
|
@@ -290,7 +281,6 @@ module Dependabot
|
|
|
290
281
|
retrying = true
|
|
291
282
|
retry
|
|
292
283
|
end
|
|
293
|
-
# rubocop:enable Naming/RescuedExceptionsVariableName
|
|
294
284
|
|
|
295
285
|
def _fetch_file_content_fully_specified(provider, repo, path, commit)
|
|
296
286
|
case provider
|
|
@@ -337,14 +327,12 @@ module Dependabot
|
|
|
337
327
|
end
|
|
338
328
|
# rubocop:enable Metrics/AbcSize
|
|
339
329
|
|
|
340
|
-
# rubocop:disable Naming/RescuedExceptionsVariableName
|
|
341
330
|
def default_branch_for_repo
|
|
342
331
|
@default_branch_for_repo ||= client_for_provider.
|
|
343
332
|
fetch_default_branch(repo)
|
|
344
333
|
rescue *CLIENT_NOT_FOUND_ERRORS
|
|
345
334
|
raise Dependabot::RepoNotFound, source
|
|
346
335
|
end
|
|
347
|
-
# rubocop:enable Naming/RescuedExceptionsVariableName
|
|
348
336
|
|
|
349
337
|
# Update the @linked_paths hash by exploiting a side-effect of
|
|
350
338
|
# recursively calling `repo_contents` for each directory up the tree
|
|
@@ -16,7 +16,7 @@ module Dependabot
|
|
|
16
16
|
|
|
17
17
|
attr_reader :source, :dependencies, :files, :base_commit,
|
|
18
18
|
:credentials, :pr_message_footer, :custom_labels,
|
|
19
|
-
:author_details, :signature_key, :
|
|
19
|
+
:author_details, :signature_key, :commit_message_options,
|
|
20
20
|
:vulnerabilities_fixed,
|
|
21
21
|
:reviewers, :assignees, :milestone, :branch_name_separator,
|
|
22
22
|
:branch_name_prefix, :github_redirection_service,
|
|
@@ -25,7 +25,7 @@ module Dependabot
|
|
|
25
25
|
def initialize(source:, base_commit:, dependencies:, files:, credentials:,
|
|
26
26
|
pr_message_footer: nil, custom_labels: nil,
|
|
27
27
|
author_details: nil, signature_key: nil,
|
|
28
|
-
|
|
28
|
+
commit_message_options: {},
|
|
29
29
|
reviewers: nil, assignees: nil, milestone: nil,
|
|
30
30
|
vulnerabilities_fixed: {}, branch_name_separator: "/",
|
|
31
31
|
branch_name_prefix: "dependabot",
|
|
@@ -40,7 +40,7 @@ module Dependabot
|
|
|
40
40
|
@pr_message_footer = pr_message_footer
|
|
41
41
|
@author_details = author_details
|
|
42
42
|
@signature_key = signature_key
|
|
43
|
-
@
|
|
43
|
+
@commit_message_options = commit_message_options
|
|
44
44
|
@custom_labels = custom_labels
|
|
45
45
|
@reviewers = reviewers
|
|
46
46
|
@assignees = assignees
|
|
@@ -127,7 +127,7 @@ module Dependabot
|
|
|
127
127
|
dependencies: dependencies,
|
|
128
128
|
files: files,
|
|
129
129
|
credentials: credentials,
|
|
130
|
-
|
|
130
|
+
commit_message_options: commit_message_options,
|
|
131
131
|
pr_message_footer: pr_message_footer,
|
|
132
132
|
vulnerabilities_fixed: vulnerabilities_fixed,
|
|
133
133
|
github_redirection_service: github_redirection_service
|
|
@@ -15,18 +15,18 @@ module Dependabot
|
|
|
15
15
|
require_relative "pr_name_prefixer"
|
|
16
16
|
|
|
17
17
|
attr_reader :source, :dependencies, :files, :credentials,
|
|
18
|
-
:pr_message_footer, :
|
|
19
|
-
:github_redirection_service
|
|
18
|
+
:pr_message_footer, :commit_message_options,
|
|
19
|
+
:vulnerabilities_fixed, :github_redirection_service
|
|
20
20
|
|
|
21
21
|
def initialize(source:, dependencies:, files:, credentials:,
|
|
22
|
-
pr_message_footer: nil,
|
|
22
|
+
pr_message_footer: nil, commit_message_options: {},
|
|
23
23
|
vulnerabilities_fixed: {}, github_redirection_service: nil)
|
|
24
24
|
@dependencies = dependencies
|
|
25
25
|
@files = files
|
|
26
26
|
@source = source
|
|
27
27
|
@credentials = credentials
|
|
28
28
|
@pr_message_footer = pr_message_footer
|
|
29
|
-
@
|
|
29
|
+
@commit_message_options = commit_message_options
|
|
30
30
|
@vulnerabilities_fixed = vulnerabilities_fixed
|
|
31
31
|
@github_redirection_service = github_redirection_service
|
|
32
32
|
end
|
|
@@ -127,6 +127,7 @@ module Dependabot
|
|
|
127
127
|
end
|
|
128
128
|
|
|
129
129
|
def signoff_message
|
|
130
|
+
signoff_details = commit_message_options[:signoff_details]
|
|
130
131
|
return unless signoff_details.is_a?(Hash)
|
|
131
132
|
return unless signoff_details[:name] && signoff_details[:email]
|
|
132
133
|
|
|
@@ -134,6 +135,7 @@ module Dependabot
|
|
|
134
135
|
end
|
|
135
136
|
|
|
136
137
|
def on_behalf_of_message
|
|
138
|
+
signoff_details = commit_message_options[:signoff_details]
|
|
137
139
|
return unless signoff_details.is_a?(Hash)
|
|
138
140
|
return unless signoff_details[:org_name] && signoff_details[:org_email]
|
|
139
141
|
|
|
@@ -525,6 +527,7 @@ module Dependabot
|
|
|
525
527
|
source: source,
|
|
526
528
|
dependencies: dependencies,
|
|
527
529
|
credentials: credentials,
|
|
530
|
+
commit_message_options: commit_message_options,
|
|
528
531
|
security_fix: vulnerabilities_fixed.values.flatten.any?
|
|
529
532
|
)
|
|
530
533
|
end
|
|
@@ -4,6 +4,7 @@ require "dependabot/clients/github_with_retries"
|
|
|
4
4
|
require "dependabot/clients/gitlab_with_retries"
|
|
5
5
|
require "dependabot/pull_request_creator"
|
|
6
6
|
|
|
7
|
+
# rubocop:disable Metrics/ClassLength
|
|
7
8
|
module Dependabot
|
|
8
9
|
class PullRequestCreator
|
|
9
10
|
class PrNamePrefixer
|
|
@@ -25,11 +26,13 @@ module Dependabot
|
|
|
25
26
|
twisted_rightwards_arrows whale wheelchair
|
|
26
27
|
white_check_mark wrench zap).freeze
|
|
27
28
|
|
|
28
|
-
def initialize(source:, dependencies:, credentials:, security_fix: false
|
|
29
|
-
|
|
30
|
-
@
|
|
31
|
-
@
|
|
32
|
-
@
|
|
29
|
+
def initialize(source:, dependencies:, credentials:, security_fix: false,
|
|
30
|
+
commit_message_options: {})
|
|
31
|
+
@dependencies = dependencies
|
|
32
|
+
@source = source
|
|
33
|
+
@credentials = credentials
|
|
34
|
+
@security_fix = security_fix
|
|
35
|
+
@commit_message_options = commit_message_options
|
|
33
36
|
end
|
|
34
37
|
|
|
35
38
|
def pr_name_prefix
|
|
@@ -39,45 +42,63 @@ module Dependabot
|
|
|
39
42
|
end
|
|
40
43
|
|
|
41
44
|
def capitalize_first_word?
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
last_dependabot_commit_message.match?(/: (\[Security\] )?(B|U)/)
|
|
46
|
-
else
|
|
47
|
-
if using_angular_commit_messages? || using_eslint_commit_messages?
|
|
48
|
-
prefixes = ANGULAR_PREFIXES + ESLINT_PREFIXES
|
|
49
|
-
semantic_msgs = recent_commit_messages.select do |message|
|
|
50
|
-
prefixes.any? { |pre| message.match?(/#{pre}[:(]/i) }
|
|
51
|
-
end
|
|
52
|
-
|
|
53
|
-
return true if semantic_msgs.all? { |m| m.match?(/:\s+\[?[A-Z]/) }
|
|
54
|
-
return false if semantic_msgs.all? { |m| m.match?(/:\s+\[?[a-z]/) }
|
|
55
|
-
end
|
|
45
|
+
if commit_message_options.key?(:prefix)
|
|
46
|
+
return !commit_message_options[:prefix]&.strip&.match?(/\A[a-z]/)
|
|
47
|
+
end
|
|
56
48
|
|
|
57
|
-
|
|
49
|
+
if last_dependabot_commit_style
|
|
50
|
+
return capitalise_first_word_from_last_dependabot_commit_style
|
|
58
51
|
end
|
|
52
|
+
|
|
53
|
+
capitalise_first_word_from_previous_commits
|
|
59
54
|
end
|
|
60
55
|
|
|
61
56
|
private
|
|
62
57
|
|
|
63
|
-
attr_reader :source, :dependencies, :credentials
|
|
58
|
+
attr_reader :source, :dependencies, :credentials, :commit_message_options
|
|
64
59
|
|
|
65
60
|
def security_fix?
|
|
66
61
|
@security_fix
|
|
67
62
|
end
|
|
68
63
|
|
|
69
64
|
def commit_prefix
|
|
70
|
-
# If
|
|
71
|
-
|
|
65
|
+
# If a preferred prefix has been explicitly provided, use it
|
|
66
|
+
if commit_message_options.key?(:prefix)
|
|
67
|
+
return prefix_from_explicitly_provided_details
|
|
68
|
+
end
|
|
69
|
+
|
|
70
|
+
# Otherwise, if there is a previous Dependabot commit and it used a
|
|
71
|
+
# known style, use that as our model for subsequent commits
|
|
72
|
+
if last_dependabot_commit_style
|
|
73
|
+
return prefix_for_last_dependabot_commit_style
|
|
74
|
+
end
|
|
75
|
+
|
|
76
|
+
# Otherwise we need to detect the user's preferred style from the
|
|
77
|
+
# existing commits on their repo
|
|
78
|
+
build_commit_prefix_from_previous_commits
|
|
79
|
+
end
|
|
80
|
+
|
|
81
|
+
def prefix_from_explicitly_provided_details
|
|
82
|
+
unless commit_message_options.key?(:prefix)
|
|
83
|
+
raise "No explicitly provided prefix!"
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
prefix = commit_message_options[:prefix].to_s
|
|
87
|
+
return if prefix.empty?
|
|
88
|
+
|
|
89
|
+
prefix += "(#{scope})" if commit_message_options[:include_scope]
|
|
90
|
+
prefix += ":" if prefix.match?(/[A-Za-z0-9\)\]]\Z/)
|
|
91
|
+
prefix += " " unless prefix.end_with?(" ")
|
|
92
|
+
prefix
|
|
93
|
+
end
|
|
94
|
+
|
|
95
|
+
def prefix_for_last_dependabot_commit_style
|
|
72
96
|
case last_dependabot_commit_style
|
|
73
97
|
when :gitmoji then "⬆️ "
|
|
74
98
|
when :conventional_prefix then "#{last_dependabot_commit_prefix}: "
|
|
75
99
|
when :conventional_prefix_with_scope
|
|
76
100
|
"#{last_dependabot_commit_prefix}(#{scope}): "
|
|
77
|
-
else
|
|
78
|
-
# Otherwise we need to detect the user's preferred style from the
|
|
79
|
-
# existing commits on their repo
|
|
80
|
-
build_commit_prefix_from_previous_commits
|
|
101
|
+
else raise "Unknown commit style #{last_dependabot_commit_style}"
|
|
81
102
|
end
|
|
82
103
|
end
|
|
83
104
|
|
|
@@ -104,6 +125,29 @@ module Dependabot
|
|
|
104
125
|
dependencies.any?(&:production?) ? "deps" : "deps-dev"
|
|
105
126
|
end
|
|
106
127
|
|
|
128
|
+
def capitalise_first_word_from_last_dependabot_commit_style
|
|
129
|
+
case last_dependabot_commit_style
|
|
130
|
+
when :gitmoji then true
|
|
131
|
+
when :conventional_prefix, :conventional_prefix_with_scope
|
|
132
|
+
last_dependabot_commit_message.match?(/: (\[[Ss]ecurity\] )?(B|U)/)
|
|
133
|
+
else raise "Unknown commit style #{last_dependabot_commit_style}"
|
|
134
|
+
end
|
|
135
|
+
end
|
|
136
|
+
|
|
137
|
+
def capitalise_first_word_from_previous_commits
|
|
138
|
+
if using_angular_commit_messages? || using_eslint_commit_messages?
|
|
139
|
+
prefixes = ANGULAR_PREFIXES + ESLINT_PREFIXES
|
|
140
|
+
semantic_msgs = recent_commit_messages.select do |message|
|
|
141
|
+
prefixes.any? { |pre| message.match?(/#{pre}[:(]/i) }
|
|
142
|
+
end
|
|
143
|
+
|
|
144
|
+
return true if semantic_msgs.all? { |m| m.match?(/:\s+\[?[A-Z]/) }
|
|
145
|
+
return false if semantic_msgs.all? { |m| m.match?(/:\s+\[?[a-z]/) }
|
|
146
|
+
end
|
|
147
|
+
|
|
148
|
+
!commit_prefix&.match(/\A[a-z]/)
|
|
149
|
+
end
|
|
150
|
+
|
|
107
151
|
def last_dependabot_commit_style
|
|
108
152
|
return unless (msg = last_dependabot_commit_message)
|
|
109
153
|
|
|
@@ -250,11 +294,12 @@ module Dependabot
|
|
|
250
294
|
end
|
|
251
295
|
|
|
252
296
|
def last_dependabot_commit_message
|
|
253
|
-
|
|
254
|
-
|
|
255
|
-
|
|
256
|
-
|
|
257
|
-
|
|
297
|
+
@last_dependabot_commit_message ||=
|
|
298
|
+
case source.provider
|
|
299
|
+
when "github" then last_github_dependabot_commit_message
|
|
300
|
+
when "gitlab" then last_gitlab_dependabot_commit_message
|
|
301
|
+
else raise "Unsupported provider: #{source.provider}"
|
|
302
|
+
end
|
|
258
303
|
end
|
|
259
304
|
|
|
260
305
|
def last_github_dependabot_commit_message
|
|
@@ -305,3 +350,4 @@ module Dependabot
|
|
|
305
350
|
end
|
|
306
351
|
end
|
|
307
352
|
end
|
|
353
|
+
# rubocop:enable Metrics/ClassLength
|
data/lib/dependabot/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-common
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.109.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-06-
|
|
11
|
+
date: 2019-06-26 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-ecr
|
|
@@ -266,14 +266,14 @@ dependencies:
|
|
|
266
266
|
requirements:
|
|
267
267
|
- - "~>"
|
|
268
268
|
- !ruby/object:Gem::Version
|
|
269
|
-
version: 0.
|
|
269
|
+
version: 0.72.0
|
|
270
270
|
type: :development
|
|
271
271
|
prerelease: false
|
|
272
272
|
version_requirements: !ruby/object:Gem::Requirement
|
|
273
273
|
requirements:
|
|
274
274
|
- - "~>"
|
|
275
275
|
- !ruby/object:Gem::Version
|
|
276
|
-
version: 0.
|
|
276
|
+
version: 0.72.0
|
|
277
277
|
- !ruby/object:Gem::Dependency
|
|
278
278
|
name: vcr
|
|
279
279
|
requirement: !ruby/object:Gem::Requirement
|