dependabot-common 0.120.3 → 0.120.4

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of dependabot-common might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e86bdfc4f410dbf077edfcea229a0125e0e6f56f3f78c02e8a0dcd082cf50445
4
- data.tar.gz: e2ec62b6b2d8e487286014b21e87a021d169a518639010d33ab80b3030f8d3af
3
+ metadata.gz: 71c52ab937193ccc6c472643fe327544840ce8b99d27454d9f06f77435b52f88
4
+ data.tar.gz: 5fd0a5e3350466bbf47ea7658caa77c656469f1de10aafb8a8308a3bdd848d71
5
5
  SHA512:
6
- metadata.gz: 379aadb5ac467e6d8b31fc771f112a2d9590889ab2438326617e6f19f93c2fddc5b20a9fdff7454ef4c870ea849054b15672fb27fbbe99304f33a895bdd91357
7
- data.tar.gz: 966790a0b7977b710db805c819b8952c85bad3d6fb87429a3aa8d300bdce13b2381ee3b9cfc184250f1735ee19281d01841fe7eefaad0fc7c40b2a8d33b1d4f5
6
+ metadata.gz: 4d28541943c3f27dfee7688002d4c3bd692597f5870d9db512a4dd07510d0f48db033603172c044c9b713493549878e202130bd77b1a7272c7d51d246b86bf17
7
+ data.tar.gz: 22a0c6246d7d2494614498736f94295986b29d1adfe31c8442361559d4d957ba7b0a1f419355b079247391cc2be75ad3383c580da2fb4f7de8181f8476014b91
@@ -14,7 +14,7 @@ require "dependabot/shared_helpers"
14
14
  module Dependabot
15
15
  module FileFetchers
16
16
  class Base
17
- attr_reader :source, :credentials
17
+ attr_reader :source, :credentials, :repo_contents_path
18
18
 
19
19
  CLIENT_NOT_FOUND_ERRORS = [
20
20
  Octokit::NotFound,
@@ -32,10 +32,19 @@ module Dependabot
32
32
  raise NotImplementedError
33
33
  end
34
34
 
35
- def initialize(source:, credentials:)
35
+ # Creates a new FileFetcher for retrieving `DependencyFile`s.
36
+ #
37
+ # Files are typically grabbed individually via the source's API.
38
+ # repo_contents_path is an optional empty directory that will be used
39
+ # to clone the entire source repository on first read.
40
+ #
41
+ # If provided, file _data_ will be loaded from the clone.
42
+ # Submodules and directory listings are _not_ currently supported
43
+ # by repo_contents_path and still use an API trip.
44
+ def initialize(source:, credentials:, repo_contents_path: nil)
36
45
  @source = source
37
46
  @credentials = credentials
38
-
47
+ @repo_contents_path = repo_contents_path
39
48
  @linked_paths = {}
40
49
  end
41
50
 
@@ -68,14 +77,24 @@ module Dependabot
68
77
  end
69
78
 
70
79
  # Returns the path to the cloned repo
71
- def clone_repo_contents(target_directory: nil)
80
+ def clone_repo_contents
72
81
  @clone_repo_contents ||=
73
- _clone_repo_contents(target_directory: target_directory)
82
+ _clone_repo_contents(target_directory: repo_contents_path)
83
+ rescue Dependabot::SharedHelpers::HelperSubprocessFailed
84
+ raise Dependabot::RepoNotFound, source
74
85
  end
75
86
 
76
87
  private
77
88
 
78
89
  def fetch_file_if_present(filename, fetch_submodules: false)
90
+ unless repo_contents_path.nil?
91
+ begin
92
+ return load_cloned_file_if_present(filename)
93
+ rescue Dependabot::DependencyFileNotFound
94
+ return
95
+ end
96
+ end
97
+
79
98
  dir = File.dirname(filename)
80
99
  basename = File.basename(filename)
81
100
 
@@ -91,7 +110,35 @@ module Dependabot
91
110
  raise Dependabot::DependencyFileNotFound, path
92
111
  end
93
112
 
113
+ def load_cloned_file_if_present(filename)
114
+ path = Pathname.new(File.join(directory, filename)).cleanpath.to_path
115
+ repo_path = File.join(clone_repo_contents, path)
116
+ unless File.exist?(repo_path)
117
+ raise Dependabot::DependencyFileNotFound, path
118
+ end
119
+
120
+ content = File.read(repo_path)
121
+ type = if File.symlink?(repo_path)
122
+ symlink_target = File.readlink(repo_path)
123
+ "symlink"
124
+ else
125
+ "file"
126
+ end
127
+
128
+ DependencyFile.new(
129
+ name: Pathname.new(filename).cleanpath.to_path,
130
+ directory: directory,
131
+ type: type,
132
+ content: content,
133
+ symlink_target: symlink_target
134
+ )
135
+ end
136
+
94
137
  def fetch_file_from_host(filename, type: "file", fetch_submodules: false)
138
+ unless repo_contents_path.nil?
139
+ return load_cloned_file_if_present(filename)
140
+ end
141
+
95
142
  path = Pathname.new(File.join(directory, filename)).cleanpath.to_path
96
143
  content = _fetch_file_content(path, fetch_submodules: fetch_submodules)
97
144
  type = @linked_paths.key?(path.gsub(%r{^/}, "")) ? "symlink" : type
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Dependabot
4
- VERSION = "0.120.3"
4
+ VERSION = "0.120.4"
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.120.3
4
+ version: 0.120.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-09-28 00:00:00.000000000 Z
11
+ date: 2020-10-01 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-codecommit