dependabot-common 0.234.0 → 0.235.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/errors.rb +10 -1
- data/lib/dependabot/file_fetchers/base.rb +3 -1
- data/lib/dependabot/file_updaters/base.rb +39 -7
- data/lib/dependabot.rb +1 -1
- data/lib/wildcard_matcher.rb +2 -0
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 0b22cec48025b20921f000f63975cfc9db22dac670fa8ef6710fda754c288f68
|
|
4
|
+
data.tar.gz: 901b6246fde924caa2adfdcba0bc19dbd86833133c6cf951967024b656f68918
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 819445f789764166001ff2f6ce532e6bd60ecb1a644eb4bb20ec00a15c433c58608af56e3c75bbccba479c2f6b81fd415298083f9d4e74c24ba382881a35280c
|
|
7
|
+
data.tar.gz: 3b5f7aa169756240055ded3136f8daae04cc52129a42f0566eddc90232a302427b889ef512534f5e865609d7a7ba526f82deb7cea2b59138c4533e61fa01971a
|
data/lib/dependabot/errors.rb
CHANGED
|
@@ -5,7 +5,7 @@ require "dependabot/utils"
|
|
|
5
5
|
|
|
6
6
|
module Dependabot
|
|
7
7
|
class DependabotError < StandardError
|
|
8
|
-
BASIC_AUTH_REGEX = %r{://(?<auth>[
|
|
8
|
+
BASIC_AUTH_REGEX = %r{://(?<auth>[^:@]*:[^@%\s/]+(@|%40))}
|
|
9
9
|
# Remove any path segment from fury.io sources
|
|
10
10
|
FURY_IO_PATH_REGEX = %r{fury\.io/(?<path>.+)}
|
|
11
11
|
|
|
@@ -54,6 +54,15 @@ module Dependabot
|
|
|
54
54
|
# Repo level errors #
|
|
55
55
|
#####################
|
|
56
56
|
|
|
57
|
+
class DirectoryNotFound < DependabotError
|
|
58
|
+
attr_reader :directory_name
|
|
59
|
+
|
|
60
|
+
def initialize(directory_name, msg = nil)
|
|
61
|
+
@directory_name = directory_name
|
|
62
|
+
super(msg)
|
|
63
|
+
end
|
|
64
|
+
end
|
|
65
|
+
|
|
57
66
|
class BranchNotFound < DependabotError
|
|
58
67
|
attr_reader :branch_name
|
|
59
68
|
|
|
@@ -194,7 +194,7 @@ module Dependabot
|
|
|
194
194
|
def repo_contents(dir: ".", ignore_base_directory: false,
|
|
195
195
|
raise_errors: true, fetch_submodules: false)
|
|
196
196
|
dir = File.join(directory, dir) unless ignore_base_directory
|
|
197
|
-
path = Pathname.new(
|
|
197
|
+
path = Pathname.new(dir).cleanpath.to_path.gsub(%r{^/*}, "")
|
|
198
198
|
|
|
199
199
|
@repo_contents ||= {}
|
|
200
200
|
@repo_contents[dir] ||= if repo_contents_path
|
|
@@ -309,6 +309,8 @@ module Dependabot
|
|
|
309
309
|
|
|
310
310
|
_fetch_repo_contents_fully_specified(provider, repo, tmp_path, commit)
|
|
311
311
|
rescue *CLIENT_NOT_FOUND_ERRORS
|
|
312
|
+
raise Dependabot::DirectoryNotFound, directory if path == directory.gsub(%r{^/*}, "")
|
|
313
|
+
|
|
312
314
|
result = raise_errors ? -> { raise } : -> { [] }
|
|
313
315
|
retrying ||= false
|
|
314
316
|
|
|
@@ -1,18 +1,45 @@
|
|
|
1
|
-
# typed:
|
|
1
|
+
# typed: strict
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
|
+
require "sorbet-runtime"
|
|
5
|
+
|
|
4
6
|
module Dependabot
|
|
5
7
|
module FileUpdaters
|
|
6
8
|
class Base
|
|
7
|
-
|
|
8
|
-
|
|
9
|
+
extend T::Sig
|
|
10
|
+
extend T::Helpers
|
|
11
|
+
abstract!
|
|
12
|
+
|
|
13
|
+
sig { returns(T::Array[Dependabot::Dependency]) }
|
|
14
|
+
attr_reader :dependencies
|
|
15
|
+
|
|
16
|
+
sig { returns(T::Array[Dependabot::DependencyFile]) }
|
|
17
|
+
attr_reader :dependency_files
|
|
18
|
+
|
|
19
|
+
sig { returns(T.nilable(String)) }
|
|
20
|
+
attr_reader :repo_contents_path
|
|
9
21
|
|
|
22
|
+
sig { returns(T::Array[T::Hash[String, String]]) }
|
|
23
|
+
attr_reader :credentials
|
|
24
|
+
|
|
25
|
+
sig { returns(T::Hash[Symbol, T.untyped]) }
|
|
26
|
+
attr_reader :options
|
|
27
|
+
|
|
28
|
+
sig { overridable.returns(String) }
|
|
10
29
|
def self.updated_files_regex
|
|
11
30
|
raise NotImplementedError
|
|
12
31
|
end
|
|
13
32
|
|
|
14
|
-
|
|
15
|
-
|
|
33
|
+
sig do
|
|
34
|
+
params(
|
|
35
|
+
dependencies: T::Array[Dependabot::Dependency],
|
|
36
|
+
dependency_files: T::Array[Dependabot::DependencyFile],
|
|
37
|
+
credentials: T::Array[T::Hash[String, String]],
|
|
38
|
+
repo_contents_path: T.nilable(String),
|
|
39
|
+
options: T::Hash[Symbol, T.untyped]
|
|
40
|
+
).void
|
|
41
|
+
end
|
|
42
|
+
def initialize(dependencies:, dependency_files:, credentials:, repo_contents_path: nil, options: {})
|
|
16
43
|
@dependencies = dependencies
|
|
17
44
|
@dependency_files = dependency_files
|
|
18
45
|
@repo_contents_path = repo_contents_path
|
|
@@ -22,31 +49,36 @@ module Dependabot
|
|
|
22
49
|
check_required_files
|
|
23
50
|
end
|
|
24
51
|
|
|
52
|
+
sig { overridable.returns(T::Array[::Dependabot::DependencyFile]) }
|
|
25
53
|
def updated_dependency_files
|
|
26
54
|
raise NotImplementedError
|
|
27
55
|
end
|
|
28
56
|
|
|
29
57
|
private
|
|
30
58
|
|
|
59
|
+
sig { overridable.void }
|
|
31
60
|
def check_required_files
|
|
32
61
|
raise NotImplementedError
|
|
33
62
|
end
|
|
34
63
|
|
|
64
|
+
sig { params(filename: String).returns(T.nilable(Dependabot::DependencyFile)) }
|
|
35
65
|
def get_original_file(filename)
|
|
36
66
|
dependency_files.find { |f| f.name == filename }
|
|
37
67
|
end
|
|
38
68
|
|
|
69
|
+
sig { params(file: Dependabot::DependencyFile).returns(T::Boolean) }
|
|
39
70
|
def file_changed?(file)
|
|
40
71
|
dependencies.any? { |dep| requirement_changed?(file, dep) }
|
|
41
72
|
end
|
|
42
73
|
|
|
74
|
+
sig { params(file: Dependabot::DependencyFile, dependency: Dependabot::Dependency).returns(T::Boolean) }
|
|
43
75
|
def requirement_changed?(file, dependency)
|
|
44
|
-
changed_requirements =
|
|
45
|
-
dependency.requirements - dependency.previous_requirements
|
|
76
|
+
changed_requirements = dependency.requirements - dependency.previous_requirements
|
|
46
77
|
|
|
47
78
|
changed_requirements.any? { |f| f[:file] == file.name }
|
|
48
79
|
end
|
|
49
80
|
|
|
81
|
+
sig { params(file: Dependabot::DependencyFile, content: String).returns(Dependabot::DependencyFile) }
|
|
50
82
|
def updated_file(file:, content:)
|
|
51
83
|
updated_file = file.dup
|
|
52
84
|
updated_file.content = content
|
data/lib/dependabot.rb
CHANGED
data/lib/wildcard_matcher.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-common
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.235.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-10-
|
|
11
|
+
date: 2023-10-19 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-codecommit
|
|
@@ -514,7 +514,7 @@ licenses:
|
|
|
514
514
|
- Nonstandard
|
|
515
515
|
metadata:
|
|
516
516
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
517
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
517
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.235.0
|
|
518
518
|
post_install_message:
|
|
519
519
|
rdoc_options: []
|
|
520
520
|
require_paths:
|