dependabot-common 0.139.1 → 0.139.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/shared_helpers.rb +36 -32
- data/lib/dependabot/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 70a8b637aa9cd5c38c93bcdca2f8e26283e0bbb5bebc70f54bc1ce0f80a93e75
|
4
|
+
data.tar.gz: 1aebc5329c67b401cc630c815bf6abf5bf6a63748e326255ebf37e58db52d256
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 75e1080fcf2a30249c962597e7fd09916584f8e4488702050dd8bbd775d2a1447c07ac09e1502f832f7e463b7c760a25e348397072f1b5273faf0dea40a8a79f
|
7
|
+
data.tar.gz: 4e14c9377f28242dc67767004e210e30f1f1c185a6e3e5180222a0a80f2227c7995abbcd8b3b6232edb4fea3345e5a55a995a626df6dd05fdee672ac18258f26
|
@@ -161,47 +161,21 @@ module Dependabot
|
|
161
161
|
reset_global_git_config(backup_git_config_path)
|
162
162
|
end
|
163
163
|
|
164
|
+
def self.credential_helper_path
|
165
|
+
File.join(__dir__, "../../bin/git-credential-store-immutable")
|
166
|
+
end
|
167
|
+
|
168
|
+
# rubocop:disable Metrics/AbcSize
|
169
|
+
# rubocop:disable Metrics/PerceivedComplexity
|
164
170
|
def self.configure_git_to_use_https_with_credentials(credentials)
|
165
171
|
File.open(GIT_CONFIG_GLOBAL_PATH, "w") do |file|
|
166
172
|
file << "# Generated by dependabot/dependabot-core"
|
167
173
|
end
|
168
|
-
configure_git_to_use_https
|
169
|
-
configure_git_credentials(credentials)
|
170
|
-
end
|
171
|
-
|
172
|
-
def self.configure_git_to_use_https
|
173
|
-
# NOTE: we use --global here (rather than --system) so that Dependabot
|
174
|
-
# can be run without privileged access
|
175
|
-
run_shell_command(
|
176
|
-
"git config --global --replace-all url.https://github.com/."\
|
177
|
-
"insteadOf ssh://git@github.com/"
|
178
|
-
)
|
179
|
-
run_shell_command(
|
180
|
-
"git config --global --add url.https://github.com/."\
|
181
|
-
"insteadOf ssh://git@github.com:"
|
182
|
-
)
|
183
|
-
run_shell_command(
|
184
|
-
"git config --global --add url.https://github.com/."\
|
185
|
-
"insteadOf git@github.com:"
|
186
|
-
)
|
187
|
-
run_shell_command(
|
188
|
-
"git config --global --add url.https://github.com/."\
|
189
|
-
"insteadOf git@github.com/"
|
190
|
-
)
|
191
|
-
run_shell_command(
|
192
|
-
"git config --global --add url.https://github.com/."\
|
193
|
-
"insteadOf git://github.com/"
|
194
|
-
)
|
195
|
-
end
|
196
174
|
|
197
|
-
# rubocop:disable Metrics/PerceivedComplexity
|
198
|
-
def self.configure_git_credentials(credentials)
|
199
175
|
# Then add a file-based credential store that loads a file in this repo.
|
200
176
|
# Under the hood this uses git credential-store, but it's invoked through
|
201
177
|
# a wrapper binary that only allows non-mutating commands. Without this,
|
202
178
|
# whenever the credentials are deemed to be invalid, they're erased.
|
203
|
-
credential_helper_path =
|
204
|
-
File.join(__dir__, "../../bin/git-credential-store-immutable")
|
205
179
|
run_shell_command(
|
206
180
|
"git config --global credential.helper "\
|
207
181
|
"'!#{credential_helper_path} --file #{Dir.pwd}/git.store'",
|
@@ -219,6 +193,9 @@ module Dependabot
|
|
219
193
|
github_credentials.find { |c| !c["password"]&.start_with?("v1.") } ||
|
220
194
|
github_credentials.first
|
221
195
|
|
196
|
+
# Make sure we always have https alternatives for github.com.
|
197
|
+
configure_git_to_use_https("github.com") if github_credential.nil?
|
198
|
+
|
222
199
|
deduped_credentials = credentials -
|
223
200
|
github_credentials +
|
224
201
|
[github_credential].compact
|
@@ -234,13 +211,40 @@ module Dependabot
|
|
234
211
|
"@#{cred.fetch('host')}"
|
235
212
|
|
236
213
|
git_store_content += authenticated_url + "\n"
|
214
|
+
configure_git_to_use_https(cred.fetch("host"))
|
237
215
|
end
|
238
216
|
|
239
217
|
# Save the file
|
240
218
|
File.write("git.store", git_store_content)
|
241
219
|
end
|
220
|
+
# rubocop:enable Metrics/AbcSize
|
242
221
|
# rubocop:enable Metrics/PerceivedComplexity
|
243
222
|
|
223
|
+
def self.configure_git_to_use_https(host)
|
224
|
+
# NOTE: we use --global here (rather than --system) so that Dependabot
|
225
|
+
# can be run without privileged access
|
226
|
+
run_shell_command(
|
227
|
+
"git config --global --replace-all url.https://#{host}/."\
|
228
|
+
"insteadOf ssh://git@#{host}/"
|
229
|
+
)
|
230
|
+
run_shell_command(
|
231
|
+
"git config --global --add url.https://#{host}/."\
|
232
|
+
"insteadOf ssh://git@#{host}:"
|
233
|
+
)
|
234
|
+
run_shell_command(
|
235
|
+
"git config --global --add url.https://#{host}/."\
|
236
|
+
"insteadOf git@#{host}:"
|
237
|
+
)
|
238
|
+
run_shell_command(
|
239
|
+
"git config --global --add url.https://#{host}/."\
|
240
|
+
"insteadOf git@#{host}/"
|
241
|
+
)
|
242
|
+
run_shell_command(
|
243
|
+
"git config --global --add url.https://#{host}/."\
|
244
|
+
"insteadOf git://#{host}/"
|
245
|
+
)
|
246
|
+
end
|
247
|
+
|
244
248
|
def self.reset_git_repo(path)
|
245
249
|
Dir.chdir(path) do
|
246
250
|
run_shell_command("git reset HEAD --hard")
|
data/lib/dependabot/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-common
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.139.
|
4
|
+
version: 0.139.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-04-06 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|