dependabot-common 0.278.0 → 0.279.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/config/ignore_condition.rb +3 -37
- data/lib/dependabot/errors.rb +22 -0
- data/lib/dependabot/shared_helpers.rb +7 -2
- data/lib/dependabot/version.rb +32 -0
- data/lib/dependabot.rb +1 -1
- metadata +20 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 43e1a4f4d63c0999b653f691d329d9e55be1ad64a631cd9d90601b448095de51
|
|
4
|
+
data.tar.gz: 3a8ae3ac61c4abe2e4f9f3b2c1259229f1678e7a4753deb2f4b2689488ddbaea
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 33205b1c99d6e7b5da8c41a6943faa3a4a10e570f31c569dd298bfb1f4f9867c0c372efb95992b1b6a0470d476745670b002c55c1a2509504a3e3c0064c77148
|
|
7
|
+
data.tar.gz: d13e0580d0c4a0a492b83f8c17b53d9906b7ee42a6cc767c580b758dd35fcded9d934ca3029f6a8ea4cac7ecc0e7e5817f3f50ea47ecc575a3fe35f3e654f30b
|
|
@@ -57,54 +57,20 @@ module Dependabot
|
|
|
57
57
|
version = correct_version_for(dependency)
|
|
58
58
|
return [] unless version
|
|
59
59
|
|
|
60
|
-
semver = version.to_semver
|
|
61
|
-
|
|
62
60
|
transformed_update_types.flat_map do |t|
|
|
63
61
|
case t
|
|
64
62
|
when PATCH_VERSION_TYPE
|
|
65
|
-
|
|
63
|
+
version.ignored_patch_versions
|
|
66
64
|
when MINOR_VERSION_TYPE
|
|
67
|
-
|
|
65
|
+
version.ignored_minor_versions
|
|
68
66
|
when MAJOR_VERSION_TYPE
|
|
69
|
-
|
|
67
|
+
version.ignored_major_versions
|
|
70
68
|
else
|
|
71
69
|
[]
|
|
72
70
|
end
|
|
73
71
|
end.compact
|
|
74
72
|
end
|
|
75
73
|
|
|
76
|
-
sig { params(version: String).returns(T::Array[String]) }
|
|
77
|
-
def ignore_patch(version)
|
|
78
|
-
parts = version.split(".")
|
|
79
|
-
version_parts = parts.fill("0", parts.length...2)
|
|
80
|
-
upper_parts = version_parts.first(1) + [version_parts[1].to_i + 1]
|
|
81
|
-
lower_bound = "> #{version}"
|
|
82
|
-
upper_bound = "< #{upper_parts.join('.')}"
|
|
83
|
-
|
|
84
|
-
["#{lower_bound}, #{upper_bound}"]
|
|
85
|
-
end
|
|
86
|
-
|
|
87
|
-
sig { params(version: String).returns(T::Array[String]) }
|
|
88
|
-
def ignore_minor(version)
|
|
89
|
-
parts = version.split(".")
|
|
90
|
-
version_parts = parts.fill("0", parts.length...2)
|
|
91
|
-
lower_parts = version_parts.first(1) + [version_parts[1].to_i + 1] + ["a"]
|
|
92
|
-
upper_parts = version_parts.first(0) + [version_parts[0].to_i + 1]
|
|
93
|
-
lower_bound = ">= #{lower_parts.join('.')}"
|
|
94
|
-
upper_bound = "< #{upper_parts.join('.')}"
|
|
95
|
-
|
|
96
|
-
["#{lower_bound}, #{upper_bound}"]
|
|
97
|
-
end
|
|
98
|
-
|
|
99
|
-
sig { params(version: String).returns(T::Array[String]) }
|
|
100
|
-
def ignore_major(version)
|
|
101
|
-
version_parts = version.split(".")
|
|
102
|
-
lower_parts = [version_parts[0].to_i + 1] + ["a"]
|
|
103
|
-
lower_bound = ">= #{lower_parts.join('.')}"
|
|
104
|
-
|
|
105
|
-
[lower_bound]
|
|
106
|
-
end
|
|
107
|
-
|
|
108
74
|
sig { params(dependency: Dependency).returns(T.nilable(Version)) }
|
|
109
75
|
def correct_version_for(dependency)
|
|
110
76
|
version = dependency.version
|
data/lib/dependabot/errors.rb
CHANGED
|
@@ -240,6 +240,13 @@ module Dependabot
|
|
|
240
240
|
"go-mod": error.go_mod
|
|
241
241
|
}
|
|
242
242
|
}
|
|
243
|
+
when Dependabot::UpdateNotPossible
|
|
244
|
+
{
|
|
245
|
+
"error-type": "update_not_possible",
|
|
246
|
+
"error-detail": {
|
|
247
|
+
dependencies: error.dependencies
|
|
248
|
+
}
|
|
249
|
+
}
|
|
243
250
|
when BadRequirementError
|
|
244
251
|
{
|
|
245
252
|
"error-type": "illformed_requirement",
|
|
@@ -639,6 +646,21 @@ module Dependabot
|
|
|
639
646
|
# Dependency level errors #
|
|
640
647
|
###########################
|
|
641
648
|
|
|
649
|
+
class UpdateNotPossible < DependabotError
|
|
650
|
+
extend T::Sig
|
|
651
|
+
|
|
652
|
+
sig { returns(T::Array[String]) }
|
|
653
|
+
attr_reader :dependencies
|
|
654
|
+
|
|
655
|
+
sig { params(dependencies: T::Array[String]).void }
|
|
656
|
+
def initialize(dependencies)
|
|
657
|
+
@dependencies = dependencies
|
|
658
|
+
|
|
659
|
+
msg = "The following dependencies could not be updated: #{@dependencies.join(', ')}"
|
|
660
|
+
super(msg)
|
|
661
|
+
end
|
|
662
|
+
end
|
|
663
|
+
|
|
642
664
|
class GitDependenciesNotReachable < DependabotError
|
|
643
665
|
extend T::Sig
|
|
644
666
|
|
|
@@ -419,6 +419,7 @@ module Dependabot
|
|
|
419
419
|
params(
|
|
420
420
|
command: String,
|
|
421
421
|
allow_unsafe_shell_command: T::Boolean,
|
|
422
|
+
cwd: T.nilable(String),
|
|
422
423
|
env: T.nilable(T::Hash[String, String]),
|
|
423
424
|
fingerprint: T.nilable(String),
|
|
424
425
|
stderr_to_stdout: T::Boolean
|
|
@@ -426,6 +427,7 @@ module Dependabot
|
|
|
426
427
|
end
|
|
427
428
|
def self.run_shell_command(command,
|
|
428
429
|
allow_unsafe_shell_command: false,
|
|
430
|
+
cwd: nil,
|
|
429
431
|
env: {},
|
|
430
432
|
fingerprint: nil,
|
|
431
433
|
stderr_to_stdout: true)
|
|
@@ -434,10 +436,13 @@ module Dependabot
|
|
|
434
436
|
|
|
435
437
|
puts cmd if ENV["DEBUG_HELPERS"] == "true"
|
|
436
438
|
|
|
439
|
+
opts = {}
|
|
440
|
+
opts[:chdir] = cwd if cwd
|
|
441
|
+
|
|
437
442
|
if stderr_to_stdout
|
|
438
|
-
stdout, process = Open3.capture2e(env || {}, cmd)
|
|
443
|
+
stdout, process = Open3.capture2e(env || {}, cmd, opts)
|
|
439
444
|
else
|
|
440
|
-
stdout, stderr, process = Open3.capture3(env || {}, cmd)
|
|
445
|
+
stdout, stderr, process = Open3.capture3(env || {}, cmd, opts)
|
|
441
446
|
end
|
|
442
447
|
|
|
443
448
|
time_taken = Time.now - start
|
data/lib/dependabot/version.rb
CHANGED
|
@@ -36,5 +36,37 @@ module Dependabot
|
|
|
36
36
|
def to_semver
|
|
37
37
|
@original_version
|
|
38
38
|
end
|
|
39
|
+
|
|
40
|
+
sig { overridable.returns(T::Array[String]) }
|
|
41
|
+
def ignored_patch_versions
|
|
42
|
+
parts = to_semver.split(".")
|
|
43
|
+
version_parts = parts.fill("0", parts.length...2)
|
|
44
|
+
upper_parts = version_parts.first(1) + [version_parts[1].to_i + 1]
|
|
45
|
+
lower_bound = "> #{to_semver}"
|
|
46
|
+
upper_bound = "< #{upper_parts.join('.')}"
|
|
47
|
+
|
|
48
|
+
["#{lower_bound}, #{upper_bound}"]
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
sig { overridable.returns(T::Array[String]) }
|
|
52
|
+
def ignored_minor_versions
|
|
53
|
+
parts = to_semver.split(".")
|
|
54
|
+
version_parts = parts.fill("0", parts.length...2)
|
|
55
|
+
lower_parts = version_parts.first(1) + [version_parts[1].to_i + 1] + ["a"]
|
|
56
|
+
upper_parts = version_parts.first(0) + [version_parts[0].to_i + 1]
|
|
57
|
+
lower_bound = ">= #{lower_parts.join('.')}"
|
|
58
|
+
upper_bound = "< #{upper_parts.join('.')}"
|
|
59
|
+
|
|
60
|
+
["#{lower_bound}, #{upper_bound}"]
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
sig { overridable.returns(T::Array[String]) }
|
|
64
|
+
def ignored_major_versions
|
|
65
|
+
version_parts = to_semver.split(".")
|
|
66
|
+
lower_parts = [version_parts[0].to_i + 1] + ["a"]
|
|
67
|
+
lower_bound = ">= #{lower_parts.join('.')}"
|
|
68
|
+
|
|
69
|
+
[lower_bound]
|
|
70
|
+
end
|
|
39
71
|
end
|
|
40
72
|
end
|
data/lib/dependabot.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-common
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.279.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-
|
|
11
|
+
date: 2024-10-03 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-codecommit
|
|
@@ -197,19 +197,33 @@ dependencies:
|
|
|
197
197
|
- !ruby/object:Gem::Version
|
|
198
198
|
version: '8.0'
|
|
199
199
|
- !ruby/object:Gem::Dependency
|
|
200
|
-
name: opentelemetry-
|
|
200
|
+
name: opentelemetry-api
|
|
201
201
|
requirement: !ruby/object:Gem::Requirement
|
|
202
202
|
requirements:
|
|
203
203
|
- - "~>"
|
|
204
204
|
- !ruby/object:Gem::Version
|
|
205
|
-
version: '1.
|
|
205
|
+
version: '1.4'
|
|
206
206
|
type: :runtime
|
|
207
207
|
prerelease: false
|
|
208
208
|
version_requirements: !ruby/object:Gem::Requirement
|
|
209
209
|
requirements:
|
|
210
210
|
- - "~>"
|
|
211
211
|
- !ruby/object:Gem::Version
|
|
212
|
-
version: '1.
|
|
212
|
+
version: '1.4'
|
|
213
|
+
- !ruby/object:Gem::Dependency
|
|
214
|
+
name: opentelemetry-metrics-api
|
|
215
|
+
requirement: !ruby/object:Gem::Requirement
|
|
216
|
+
requirements:
|
|
217
|
+
- - "~>"
|
|
218
|
+
- !ruby/object:Gem::Version
|
|
219
|
+
version: '0.1'
|
|
220
|
+
type: :runtime
|
|
221
|
+
prerelease: false
|
|
222
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
223
|
+
requirements:
|
|
224
|
+
- - "~>"
|
|
225
|
+
- !ruby/object:Gem::Version
|
|
226
|
+
version: '0.1'
|
|
213
227
|
- !ruby/object:Gem::Dependency
|
|
214
228
|
name: parser
|
|
215
229
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -600,7 +614,7 @@ licenses:
|
|
|
600
614
|
- MIT
|
|
601
615
|
metadata:
|
|
602
616
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
603
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
617
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.279.0
|
|
604
618
|
post_install_message:
|
|
605
619
|
rdoc_options: []
|
|
606
620
|
require_paths:
|