dependabot-common 0.111.1 → 0.111.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/dependency_file.rb +13 -3
- data/lib/dependabot/file_fetchers/base.rb +4 -1
- data/lib/dependabot/metadata_finders/base/changelog_finder.rb +8 -2
- data/lib/dependabot/metadata_finders/base/changelog_pruner.rb +4 -0
- data/lib/dependabot/pull_request_creator/github.rb +1 -1
- data/lib/dependabot/pull_request_creator/gitlab.rb +13 -5
- data/lib/dependabot/pull_request_updater/github.rb +2 -2
- data/lib/dependabot/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 35b217009843be8eabe9ef89659ed34b10a10ede90b7fd5ee6805df4088773d5
|
4
|
+
data.tar.gz: af229198761bdfde61e9f2cdb3dff967c0923aa0f3d60731288410ccb69c176a
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: ad0096f35e338d18c597c41f5db959ecbe34dfc66926e7f78a6394685129b34944c9c1514271eb04744d23b5411a97ceacf859193e7a3cdb82c6743fc5fe22f2
|
7
|
+
data.tar.gz: aa9c3b759369886280f9cc6c91d128897b47f1110d361e13ea3aa3817b3553fe5966e8a862734a4326a99fd61e3788cc90b69a86ce054a0a654a2f3f5d20f9b5
|
@@ -4,13 +4,15 @@ require "pathname"
|
|
4
4
|
|
5
5
|
module Dependabot
|
6
6
|
class DependencyFile
|
7
|
-
attr_accessor :name, :content, :directory, :type, :support_file
|
7
|
+
attr_accessor :name, :content, :directory, :type, :support_file,
|
8
|
+
:symlink_target
|
8
9
|
|
9
10
|
def initialize(name:, content:, directory: "/", type: "file",
|
10
|
-
support_file: false)
|
11
|
+
support_file: false, symlink_target: nil)
|
11
12
|
@name = name
|
12
13
|
@content = content
|
13
14
|
@directory = clean_directory(directory)
|
15
|
+
@symlink_target = symlink_target
|
14
16
|
@support_file = support_file
|
15
17
|
|
16
18
|
# Type is used *very* sparingly. It lets the git_modules updater know that
|
@@ -19,16 +21,24 @@ module Dependabot
|
|
19
21
|
# New use cases should be avoided if at all possible (and use the
|
20
22
|
# support_file flag instead)
|
21
23
|
@type = type
|
24
|
+
|
25
|
+
return unless (type == "symlink") ^ symlink_target
|
26
|
+
|
27
|
+
raise "Symlinks must specify a target!" unless symlink_target
|
28
|
+
raise "Only symlinked files must specify a target!" if symlink_target
|
22
29
|
end
|
23
30
|
|
24
31
|
def to_h
|
25
|
-
{
|
32
|
+
details = {
|
26
33
|
"name" => name,
|
27
34
|
"content" => content,
|
28
35
|
"directory" => directory,
|
29
36
|
"type" => type,
|
30
37
|
"support_file" => support_file
|
31
38
|
}
|
39
|
+
|
40
|
+
details["symlink_target"] = symlink_target if symlink_target
|
41
|
+
details
|
32
42
|
end
|
33
43
|
|
34
44
|
def path
|
@@ -83,12 +83,14 @@ module Dependabot
|
|
83
83
|
|
84
84
|
def fetch_file_from_host(filename, type: "file", fetch_submodules: false)
|
85
85
|
path = Pathname.new(File.join(directory, filename)).cleanpath.to_path
|
86
|
+
content = _fetch_file_content(path, fetch_submodules: fetch_submodules)
|
87
|
+
type = @linked_paths.key?(path) ? "symlink" : type
|
86
88
|
|
87
89
|
DependencyFile.new(
|
88
90
|
name: Pathname.new(filename).cleanpath.to_path,
|
89
91
|
directory: directory,
|
90
92
|
type: type,
|
91
|
-
content:
|
93
|
+
content: content
|
92
94
|
)
|
93
95
|
rescue *CLIENT_NOT_FOUND_ERRORS
|
94
96
|
raise Dependabot::DependencyFileNotFound, path
|
@@ -327,6 +329,7 @@ module Dependabot
|
|
327
329
|
raise Octokit::NotFound if tmp.is_a?(Array)
|
328
330
|
|
329
331
|
if tmp.type == "symlink"
|
332
|
+
@linked_paths[path] = tmp.target
|
330
333
|
tmp = github_client.contents(
|
331
334
|
repo,
|
332
335
|
path: tmp.target,
|
@@ -137,16 +137,22 @@ module Dependabot
|
|
137
137
|
reject { |f| f.size > 1_000_000 }.
|
138
138
|
reject { |f| f.size < 100 }
|
139
139
|
|
140
|
+
select_best_changelog(files)
|
141
|
+
end
|
142
|
+
|
143
|
+
def select_best_changelog(files)
|
140
144
|
CHANGELOG_NAMES.each do |name|
|
141
145
|
candidates = files.select { |f| f.name =~ /#{name}/i }
|
142
146
|
file = candidates.first if candidates.one?
|
143
147
|
file ||=
|
144
148
|
candidates.find do |f|
|
145
149
|
candidates -= [f] && next if fetch_file_text(f).nil?
|
146
|
-
ChangelogPruner.new(
|
150
|
+
pruner = ChangelogPruner.new(
|
147
151
|
dependency: dependency,
|
148
152
|
changelog_text: fetch_file_text(f)
|
149
|
-
)
|
153
|
+
)
|
154
|
+
pruner.includes_new_version? ||
|
155
|
+
pruner.includes_previous_version?
|
150
156
|
end
|
151
157
|
file ||= candidates.max_by(&:size)
|
152
158
|
return file if file
|
@@ -17,6 +17,10 @@ module Dependabot
|
|
17
17
|
!new_version_changelog_line.nil?
|
18
18
|
end
|
19
19
|
|
20
|
+
def includes_previous_version?
|
21
|
+
!old_version_changelog_line.nil?
|
22
|
+
end
|
23
|
+
|
20
24
|
# rubocop:disable Metrics/PerceivedComplexity
|
21
25
|
# rubocop:disable Metrics/CyclomaticComplexity
|
22
26
|
def pruned_text
|
@@ -97,11 +97,19 @@ module Dependabot
|
|
97
97
|
end
|
98
98
|
|
99
99
|
actions = files.map do |file|
|
100
|
-
|
101
|
-
|
102
|
-
|
103
|
-
|
104
|
-
|
100
|
+
if file.type == "symlink"
|
101
|
+
{
|
102
|
+
action: "update",
|
103
|
+
file_path: file.symlink_target,
|
104
|
+
content: file.content
|
105
|
+
}
|
106
|
+
else
|
107
|
+
{
|
108
|
+
action: "update",
|
109
|
+
file_path: file.path,
|
110
|
+
content: file.content
|
111
|
+
}
|
112
|
+
end
|
105
113
|
end
|
106
114
|
|
107
115
|
gitlab_client_for_source.create_commit(
|
@@ -124,9 +124,9 @@ module Dependabot
|
|
124
124
|
|
125
125
|
def create_tree
|
126
126
|
file_trees = files.map do |file|
|
127
|
-
if file.type
|
127
|
+
if %w(file symlink).include?(file.type)
|
128
128
|
{
|
129
|
-
path: file.path.sub(%r{^/}, ""),
|
129
|
+
path: (file.symlink_target || file.path).sub(%r{^/}, ""),
|
130
130
|
mode: "100644",
|
131
131
|
type: "blob",
|
132
132
|
content: file.content
|
data/lib/dependabot/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-common
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.111.
|
4
|
+
version: 0.111.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-07-
|
11
|
+
date: 2019-07-08 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-ecr
|