dependabot-common 0.118.16 → 0.119.0.beta1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of dependabot-common might be problematic. Click here for more details.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 80651d092678ba4841245e6a4fc002dfba1ab3b2e1a46ed84882885ece8e4989
|
4
|
+
data.tar.gz: f8a26ab2da34de5159d7a94d53a0d81d6f490c7ef8e045dca662bfec0d024dd8
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: efe477821294e613b73ff714056185aa7c8bfaa1133e833d0c9b10ec45316de0937245faa87b81566b5fd4fa671463908e2079a65803eee032cd3028f8070304
|
7
|
+
data.tar.gz: 5b3e6f20b0df041c73eb3f5313474d62910d283748a46c4b5808123c41b6d8ec4a0d213ab33667f9770ff1a9502f6a2906e0ddaec09892e8b37ed167843e032d
|
@@ -67,8 +67,10 @@ module Dependabot
|
|
67
67
|
raise unless e.message.include?("Repository is empty")
|
68
68
|
end
|
69
69
|
|
70
|
+
# Returns the path to the cloned repo
|
70
71
|
def clone_repo_contents(target_directory: nil)
|
71
|
-
|
72
|
+
@clone_repo_contents ||=
|
73
|
+
_clone_repo_contents(target_directory: target_directory)
|
72
74
|
end
|
73
75
|
|
74
76
|
private
|
@@ -423,6 +425,20 @@ module Dependabot
|
|
423
425
|
max_by(&:length)
|
424
426
|
end
|
425
427
|
|
428
|
+
def _clone_repo_contents(target_directory:)
|
429
|
+
SharedHelpers.with_git_configured(credentials: credentials) do
|
430
|
+
path = target_directory || File.join("tmp", source.repo)
|
431
|
+
return path if Dir.exist?(File.join(path, ".git"))
|
432
|
+
|
433
|
+
FileUtils.mkdir_p(path)
|
434
|
+
br_opt = " --branch=#{source.branch} --single-branch" if source.branch
|
435
|
+
SharedHelpers.run_shell_command(
|
436
|
+
"git clone --depth=1#{br_opt} #{source.url} #{path}"
|
437
|
+
)
|
438
|
+
path
|
439
|
+
end
|
440
|
+
end
|
441
|
+
|
426
442
|
def client_for_provider
|
427
443
|
case source.provider
|
428
444
|
when "github" then github_client
|
@@ -170,13 +170,13 @@ module Dependabot
|
|
170
170
|
sha: file.content
|
171
171
|
}
|
172
172
|
else
|
173
|
-
content = if file.
|
174
|
-
{ sha: nil }
|
175
|
-
elsif file.binary?
|
173
|
+
content = if file.binary?
|
176
174
|
sha = github_client_for_source.create_blob(
|
177
175
|
source.repo, file.content, "base64"
|
178
176
|
)
|
179
177
|
{ sha: sha }
|
178
|
+
elsif file.deleted?
|
179
|
+
{ sha: nil }
|
180
180
|
else
|
181
181
|
{ content: file.content }
|
182
182
|
end
|
@@ -124,7 +124,14 @@ module Dependabot
|
|
124
124
|
|
125
125
|
def create_tree
|
126
126
|
file_trees = files.map do |file|
|
127
|
-
if file.type
|
127
|
+
if %w(file symlink).include?(file.type)
|
128
|
+
{
|
129
|
+
path: (file.symlink_target || file.path).sub(%r{^/}, ""),
|
130
|
+
mode: "100644",
|
131
|
+
type: "blob",
|
132
|
+
content: file.content
|
133
|
+
}
|
134
|
+
elsif file.type == "submodule"
|
128
135
|
{
|
129
136
|
path: file.path.sub(%r{^/}, ""),
|
130
137
|
mode: "160000",
|
@@ -132,23 +139,7 @@ module Dependabot
|
|
132
139
|
sha: file.content
|
133
140
|
}
|
134
141
|
else
|
135
|
-
|
136
|
-
{ sha: nil }
|
137
|
-
elsif file.binary?
|
138
|
-
sha = github_client_for_source.create_blob(
|
139
|
-
source.repo, file.content, "base64"
|
140
|
-
)
|
141
|
-
{ sha: sha }
|
142
|
-
else
|
143
|
-
{ content: file.content }
|
144
|
-
end
|
145
|
-
|
146
|
-
{
|
147
|
-
path: (file.symlink_target ||
|
148
|
-
file.path).sub(%r{^/}, ""),
|
149
|
-
mode: "100644",
|
150
|
-
type: "blob"
|
151
|
-
}.merge(content)
|
142
|
+
raise "Unknown file type #{file.type}"
|
152
143
|
end
|
153
144
|
end
|
154
145
|
|
@@ -29,6 +29,19 @@ module Dependabot
|
|
29
29
|
end
|
30
30
|
end
|
31
31
|
|
32
|
+
def self.in_a_temporary_repo_directory(directory = "/",
|
33
|
+
repo_contents_path = nil,
|
34
|
+
&block)
|
35
|
+
if repo_contents_path
|
36
|
+
path = Pathname.new(File.join(repo_contents_path, directory)).
|
37
|
+
expand_path
|
38
|
+
reset_git_repo(repo_contents_path)
|
39
|
+
Dir.chdir(path) { yield(path) }
|
40
|
+
else
|
41
|
+
in_a_temporary_directory(directory, &block)
|
42
|
+
end
|
43
|
+
end
|
44
|
+
|
32
45
|
def self.in_a_temporary_directory(directory = "/")
|
33
46
|
Dir.mkdir(BUMP_TMP_DIR_PATH) unless Dir.exist?(BUMP_TMP_DIR_PATH)
|
34
47
|
Dir.mktmpdir(BUMP_TMP_FILE_PREFIX, BUMP_TMP_DIR_PATH) do |dir|
|
@@ -209,6 +222,12 @@ module Dependabot
|
|
209
222
|
File.write("git.store", git_store_content)
|
210
223
|
end
|
211
224
|
|
225
|
+
def self.reset_git_repo(path)
|
226
|
+
Dir.chdir(path) do
|
227
|
+
run_shell_command("git reset HEAD --hard && git clean -fx")
|
228
|
+
end
|
229
|
+
end
|
230
|
+
|
212
231
|
def self.stash_global_git_config
|
213
232
|
return unless File.exist?(GIT_CONFIG_GLOBAL_PATH)
|
214
233
|
|
@@ -234,7 +253,7 @@ module Dependabot
|
|
234
253
|
|
235
254
|
# Raise an error with the output from the shell session if the
|
236
255
|
# command returns a non-zero status
|
237
|
-
return if process.success?
|
256
|
+
return stdout if process.success?
|
238
257
|
|
239
258
|
error_context = {
|
240
259
|
command: command,
|
data/lib/dependabot/version.rb
CHANGED
metadata
CHANGED
@@ -1,11 +1,11 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-common
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.119.0.beta1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
11
|
date: 2020-08-20 00:00:00.000000000 Z
|
@@ -393,7 +393,7 @@ homepage: https://github.com/dependabot/dependabot-core
|
|
393
393
|
licenses:
|
394
394
|
- Nonstandard
|
395
395
|
metadata: {}
|
396
|
-
post_install_message:
|
396
|
+
post_install_message:
|
397
397
|
rdoc_options: []
|
398
398
|
require_paths:
|
399
399
|
- lib
|
@@ -408,8 +408,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
408
408
|
- !ruby/object:Gem::Version
|
409
409
|
version: 2.7.3
|
410
410
|
requirements: []
|
411
|
-
rubygems_version: 3.1.
|
412
|
-
signing_key:
|
411
|
+
rubygems_version: 3.1.4
|
412
|
+
signing_key:
|
413
413
|
specification_version: 4
|
414
414
|
summary: Shared code used between Dependabot package managers
|
415
415
|
test_files: []
|