dependabot-common 0.111.1 → 0.111.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/dependency_file.rb +13 -3
  3. data/lib/dependabot/file_fetchers/base.rb +4 -1
  4. data/lib/dependabot/metadata_finders/base/changelog_finder.rb +8 -2
  5. data/lib/dependabot/metadata_finders/base/changelog_pruner.rb +4 -0
  6. data/lib/dependabot/pull_request_creator/github.rb +1 -1
  7. data/lib/dependabot/pull_request_creator/gitlab.rb +13 -5
  8. data/lib/dependabot/pull_request_updater/github.rb +2 -2
  9. data/lib/dependabot/version.rb +1 -1
  10. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 5532abd75ca995f2f4815c6765e4a55ef067cd131722582a3d57917860680b7e
4
- data.tar.gz: 73c9de0fe2e5c26bf37e804584dd8f417b5f7c5548566235a335b0b64f967172
3
+ metadata.gz: 35b217009843be8eabe9ef89659ed34b10a10ede90b7fd5ee6805df4088773d5
4
+ data.tar.gz: af229198761bdfde61e9f2cdb3dff967c0923aa0f3d60731288410ccb69c176a
5
5
  SHA512:
6
- metadata.gz: 5275808780651bda3c209f9d755d9a2ce8eb4f6d1e3d0df3f549005c1f97881242b92491496a634943843d3261e81f4eff916e08033d7f924eb45654a272906d
7
- data.tar.gz: 6a0c1d64fe75cb7686469a14c81703182d941d5a95277da880e50b3effee808bb84bd99b9dd686ecbc2d3c0f2e3a0fb1589a367dabea42c41f79e301fb2e67c0
6
+ metadata.gz: ad0096f35e338d18c597c41f5db959ecbe34dfc66926e7f78a6394685129b34944c9c1514271eb04744d23b5411a97ceacf859193e7a3cdb82c6743fc5fe22f2
7
+ data.tar.gz: aa9c3b759369886280f9cc6c91d128897b47f1110d361e13ea3aa3817b3553fe5966e8a862734a4326a99fd61e3788cc90b69a86ce054a0a654a2f3f5d20f9b5
data/lib/dependabot/dependency_file.rb CHANGED
@@ -4,13 +4,15 @@ require "pathname"
4
4
 
5
5
  module Dependabot
6
6
  class DependencyFile
7
- attr_accessor :name, :content, :directory, :type, :support_file
7
+ attr_accessor :name, :content, :directory, :type, :support_file,
8
+ :symlink_target
8
9
 
9
10
  def initialize(name:, content:, directory: "/", type: "file",
10
- support_file: false)
11
+ support_file: false, symlink_target: nil)
11
12
  @name = name
12
13
  @content = content
13
14
  @directory = clean_directory(directory)
15
+ @symlink_target = symlink_target
14
16
  @support_file = support_file
15
17
 
16
18
  # Type is used *very* sparingly. It lets the git_modules updater know that
@@ -19,16 +21,24 @@ module Dependabot
19
21
  # New use cases should be avoided if at all possible (and use the
20
22
  # support_file flag instead)
21
23
  @type = type
24
+
25
+ return unless (type == "symlink") ^ symlink_target
26
+
27
+ raise "Symlinks must specify a target!" unless symlink_target
28
+ raise "Only symlinked files must specify a target!" if symlink_target
22
29
  end
23
30
 
24
31
  def to_h
25
- {
32
+ details = {
26
33
  "name" => name,
27
34
  "content" => content,
28
35
  "directory" => directory,
29
36
  "type" => type,
30
37
  "support_file" => support_file
31
38
  }
39
+
40
+ details["symlink_target"] = symlink_target if symlink_target
41
+ details
32
42
  end
33
43
 
34
44
  def path
data/lib/dependabot/file_fetchers/base.rb CHANGED
@@ -83,12 +83,14 @@ module Dependabot
83
83
 
84
84
  def fetch_file_from_host(filename, type: "file", fetch_submodules: false)
85
85
  path = Pathname.new(File.join(directory, filename)).cleanpath.to_path
86
+ content = _fetch_file_content(path, fetch_submodules: fetch_submodules)
87
+ type = @linked_paths.key?(path) ? "symlink" : type
86
88
 
87
89
  DependencyFile.new(
88
90
  name: Pathname.new(filename).cleanpath.to_path,
89
91
  directory: directory,
90
92
  type: type,
91
- content: _fetch_file_content(path, fetch_submodules: fetch_submodules)
93
+ content: content
92
94
  )
93
95
  rescue *CLIENT_NOT_FOUND_ERRORS
94
96
  raise Dependabot::DependencyFileNotFound, path
@@ -327,6 +329,7 @@ module Dependabot
327
329
  raise Octokit::NotFound if tmp.is_a?(Array)
328
330
 
329
331
  if tmp.type == "symlink"
332
+ @linked_paths[path] = tmp.target
330
333
  tmp = github_client.contents(
331
334
  repo,
332
335
  path: tmp.target,
data/lib/dependabot/metadata_finders/base/changelog_finder.rb CHANGED
@@ -137,16 +137,22 @@ module Dependabot
137
137
  reject { |f| f.size > 1_000_000 }.
138
138
  reject { |f| f.size < 100 }
139
139
 
140
+ select_best_changelog(files)
141
+ end
142
+
143
+ def select_best_changelog(files)
140
144
  CHANGELOG_NAMES.each do |name|
141
145
  candidates = files.select { |f| f.name =~ /#{name}/i }
142
146
  file = candidates.first if candidates.one?
143
147
  file ||=
144
148
  candidates.find do |f|
145
149
  candidates -= [f] && next if fetch_file_text(f).nil?
146
- ChangelogPruner.new(
150
+ pruner = ChangelogPruner.new(
147
151
  dependency: dependency,
148
152
  changelog_text: fetch_file_text(f)
149
- ).includes_new_version?
153
+ )
154
+ pruner.includes_new_version? ||
155
+ pruner.includes_previous_version?
150
156
  end
151
157
  file ||= candidates.max_by(&:size)
152
158
  return file if file
data/lib/dependabot/metadata_finders/base/changelog_pruner.rb CHANGED
@@ -17,6 +17,10 @@ module Dependabot
17
17
  !new_version_changelog_line.nil?
18
18
  end
19
19
 
20
+ def includes_previous_version?
21
+ !old_version_changelog_line.nil?
22
+ end
23
+
20
24
  # rubocop:disable Metrics/PerceivedComplexity
21
25
  # rubocop:disable Metrics/CyclomaticComplexity
22
26
  def pruned_text
data/lib/dependabot/pull_request_creator/github.rb CHANGED
@@ -149,7 +149,7 @@ module Dependabot
149
149
  }
150
150
  else
151
151
  {
152
- path: file.path.sub(%r{^/}, ""),
152
+ path: (file.symlink_target || file.path).sub(%r{^/}, ""),
153
153
  mode: "100644",
154
154
  type: "blob",
155
155
  content: file.content
data/lib/dependabot/pull_request_creator/gitlab.rb CHANGED
@@ -97,11 +97,19 @@ module Dependabot
97
97
  end
98
98
 
99
99
  actions = files.map do |file|
100
- {
101
- action: "update",
102
- file_path: file.path,
103
- content: file.content
104
- }
100
+ if file.type == "symlink"
101
+ {
102
+ action: "update",
103
+ file_path: file.symlink_target,
104
+ content: file.content
105
+ }
106
+ else
107
+ {
108
+ action: "update",
109
+ file_path: file.path,
110
+ content: file.content
111
+ }
112
+ end
105
113
  end
106
114
 
107
115
  gitlab_client_for_source.create_commit(
data/lib/dependabot/pull_request_updater/github.rb CHANGED
@@ -124,9 +124,9 @@ module Dependabot
124
124
 
125
125
  def create_tree
126
126
  file_trees = files.map do |file|
127
- if file.type == "file"
127
+ if %w(file symlink).include?(file.type)
128
128
  {
129
- path: file.path.sub(%r{^/}, ""),
129
+ path: (file.symlink_target || file.path).sub(%r{^/}, ""),
130
130
  mode: "100644",
131
131
  type: "blob",
132
132
  content: file.content
data/lib/dependabot/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Dependabot
4
- VERSION = "0.111.1"
4
+ VERSION = "0.111.2"
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.111.1
4
+ version: 0.111.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-07-07 00:00:00.000000000 Z
11
+ date: 2019-07-08 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-ecr