dependabot-common 0.234.0 → 0.235.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/errors.rb +10 -1
- data/lib/dependabot/file_fetchers/base.rb +3 -1
- data/lib/dependabot/file_updaters/base.rb +39 -7
- data/lib/dependabot.rb +1 -1
- data/lib/wildcard_matcher.rb +2 -0
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 0b22cec48025b20921f000f63975cfc9db22dac670fa8ef6710fda754c288f68
|
|
4
|
+
data.tar.gz: 901b6246fde924caa2adfdcba0bc19dbd86833133c6cf951967024b656f68918
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 819445f789764166001ff2f6ce532e6bd60ecb1a644eb4bb20ec00a15c433c58608af56e3c75bbccba479c2f6b81fd415298083f9d4e74c24ba382881a35280c
|
|
7
|
+
data.tar.gz: 3b5f7aa169756240055ded3136f8daae04cc52129a42f0566eddc90232a302427b889ef512534f5e865609d7a7ba526f82deb7cea2b59138c4533e61fa01971a
|
data/lib/dependabot/errors.rb
CHANGED
|
@@ -5,7 +5,7 @@ require "dependabot/utils"
|
|
|
5
5
|
|
|
6
6
|
module Dependabot
|
|
7
7
|
class DependabotError < StandardError
|
|
8
|
-
BASIC_AUTH_REGEX = %r{://(?<auth>[
|
|
8
|
+
BASIC_AUTH_REGEX = %r{://(?<auth>[^:@]*:[^@%\s/]+(@|%40))}
|
|
9
9
|
# Remove any path segment from fury.io sources
|
|
10
10
|
FURY_IO_PATH_REGEX = %r{fury\.io/(?<path>.+)}
|
|
11
11
|
|
|
@@ -54,6 +54,15 @@ module Dependabot
|
|
|
54
54
|
# Repo level errors #
|
|
55
55
|
#####################
|
|
56
56
|
|
|
57
|
+
class DirectoryNotFound < DependabotError
|
|
58
|
+
attr_reader :directory_name
|
|
59
|
+
|
|
60
|
+
def initialize(directory_name, msg = nil)
|
|
61
|
+
@directory_name = directory_name
|
|
62
|
+
super(msg)
|
|
63
|
+
end
|
|
64
|
+
end
|
|
65
|
+
|
|
57
66
|
class BranchNotFound < DependabotError
|
|
58
67
|
attr_reader :branch_name
|
|
59
68
|
|
|
@@ -194,7 +194,7 @@ module Dependabot
|
|
|
194
194
|
def repo_contents(dir: ".", ignore_base_directory: false,
|
|
195
195
|
raise_errors: true, fetch_submodules: false)
|
|
196
196
|
dir = File.join(directory, dir) unless ignore_base_directory
|
|
197
|
-
path = Pathname.new(
|
|
197
|
+
path = Pathname.new(dir).cleanpath.to_path.gsub(%r{^/*}, "")
|
|
198
198
|
|
|
199
199
|
@repo_contents ||= {}
|
|
200
200
|
@repo_contents[dir] ||= if repo_contents_path
|
|
@@ -309,6 +309,8 @@ module Dependabot
|
|
|
309
309
|
|
|
310
310
|
_fetch_repo_contents_fully_specified(provider, repo, tmp_path, commit)
|
|
311
311
|
rescue *CLIENT_NOT_FOUND_ERRORS
|
|
312
|
+
raise Dependabot::DirectoryNotFound, directory if path == directory.gsub(%r{^/*}, "")
|
|
313
|
+
|
|
312
314
|
result = raise_errors ? -> { raise } : -> { [] }
|
|
313
315
|
retrying ||= false
|
|
314
316
|
|
|
@@ -1,18 +1,45 @@
|
|
|
1
|
-
# typed:
|
|
1
|
+
# typed: strict
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
|
+
require "sorbet-runtime"
|
|
5
|
+
|
|
4
6
|
module Dependabot
|
|
5
7
|
module FileUpdaters
|
|
6
8
|
class Base
|
|
7
|
-
|
|
8
|
-
|
|
9
|
+
extend T::Sig
|
|
10
|
+
extend T::Helpers
|
|
11
|
+
abstract!
|
|
12
|
+
|
|
13
|
+
sig { returns(T::Array[Dependabot::Dependency]) }
|
|
14
|
+
attr_reader :dependencies
|
|
15
|
+
|
|
16
|
+
sig { returns(T::Array[Dependabot::DependencyFile]) }
|
|
17
|
+
attr_reader :dependency_files
|
|
18
|
+
|
|
19
|
+
sig { returns(T.nilable(String)) }
|
|
20
|
+
attr_reader :repo_contents_path
|
|
9
21
|
|
|
22
|
+
sig { returns(T::Array[T::Hash[String, String]]) }
|
|
23
|
+
attr_reader :credentials
|
|
24
|
+
|
|
25
|
+
sig { returns(T::Hash[Symbol, T.untyped]) }
|
|
26
|
+
attr_reader :options
|
|
27
|
+
|
|
28
|
+
sig { overridable.returns(String) }
|
|
10
29
|
def self.updated_files_regex
|
|
11
30
|
raise NotImplementedError
|
|
12
31
|
end
|
|
13
32
|
|
|
14
|
-
|
|
15
|
-
|
|
33
|
+
sig do
|
|
34
|
+
params(
|
|
35
|
+
dependencies: T::Array[Dependabot::Dependency],
|
|
36
|
+
dependency_files: T::Array[Dependabot::DependencyFile],
|
|
37
|
+
credentials: T::Array[T::Hash[String, String]],
|
|
38
|
+
repo_contents_path: T.nilable(String),
|
|
39
|
+
options: T::Hash[Symbol, T.untyped]
|
|
40
|
+
).void
|
|
41
|
+
end
|
|
42
|
+
def initialize(dependencies:, dependency_files:, credentials:, repo_contents_path: nil, options: {})
|
|
16
43
|
@dependencies = dependencies
|
|
17
44
|
@dependency_files = dependency_files
|
|
18
45
|
@repo_contents_path = repo_contents_path
|
|
@@ -22,31 +49,36 @@ module Dependabot
|
|
|
22
49
|
check_required_files
|
|
23
50
|
end
|
|
24
51
|
|
|
52
|
+
sig { overridable.returns(T::Array[::Dependabot::DependencyFile]) }
|
|
25
53
|
def updated_dependency_files
|
|
26
54
|
raise NotImplementedError
|
|
27
55
|
end
|
|
28
56
|
|
|
29
57
|
private
|
|
30
58
|
|
|
59
|
+
sig { overridable.void }
|
|
31
60
|
def check_required_files
|
|
32
61
|
raise NotImplementedError
|
|
33
62
|
end
|
|
34
63
|
|
|
64
|
+
sig { params(filename: String).returns(T.nilable(Dependabot::DependencyFile)) }
|
|
35
65
|
def get_original_file(filename)
|
|
36
66
|
dependency_files.find { |f| f.name == filename }
|
|
37
67
|
end
|
|
38
68
|
|
|
69
|
+
sig { params(file: Dependabot::DependencyFile).returns(T::Boolean) }
|
|
39
70
|
def file_changed?(file)
|
|
40
71
|
dependencies.any? { |dep| requirement_changed?(file, dep) }
|
|
41
72
|
end
|
|
42
73
|
|
|
74
|
+
sig { params(file: Dependabot::DependencyFile, dependency: Dependabot::Dependency).returns(T::Boolean) }
|
|
43
75
|
def requirement_changed?(file, dependency)
|
|
44
|
-
changed_requirements =
|
|
45
|
-
dependency.requirements - dependency.previous_requirements
|
|
76
|
+
changed_requirements = dependency.requirements - dependency.previous_requirements
|
|
46
77
|
|
|
47
78
|
changed_requirements.any? { |f| f[:file] == file.name }
|
|
48
79
|
end
|
|
49
80
|
|
|
81
|
+
sig { params(file: Dependabot::DependencyFile, content: String).returns(Dependabot::DependencyFile) }
|
|
50
82
|
def updated_file(file:, content:)
|
|
51
83
|
updated_file = file.dup
|
|
52
84
|
updated_file.content = content
|
data/lib/dependabot.rb
CHANGED
data/lib/wildcard_matcher.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-common
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.235.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-10-
|
|
11
|
+
date: 2023-10-19 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-codecommit
|
|
@@ -514,7 +514,7 @@ licenses:
|
|
|
514
514
|
- Nonstandard
|
|
515
515
|
metadata:
|
|
516
516
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
517
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
517
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.235.0
|
|
518
518
|
post_install_message:
|
|
519
519
|
rdoc_options: []
|
|
520
520
|
require_paths:
|