dependabot-common 0.278.0 → 0.279.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/config/ignore_condition.rb +3 -37
- data/lib/dependabot/errors.rb +22 -0
- data/lib/dependabot/shared_helpers.rb +7 -2
- data/lib/dependabot/version.rb +32 -0
- data/lib/dependabot.rb +1 -1
- metadata +20 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 43e1a4f4d63c0999b653f691d329d9e55be1ad64a631cd9d90601b448095de51
|
|
4
|
+
data.tar.gz: 3a8ae3ac61c4abe2e4f9f3b2c1259229f1678e7a4753deb2f4b2689488ddbaea
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 33205b1c99d6e7b5da8c41a6943faa3a4a10e570f31c569dd298bfb1f4f9867c0c372efb95992b1b6a0470d476745670b002c55c1a2509504a3e3c0064c77148
|
|
7
|
+
data.tar.gz: d13e0580d0c4a0a492b83f8c17b53d9906b7ee42a6cc767c580b758dd35fcded9d934ca3029f6a8ea4cac7ecc0e7e5817f3f50ea47ecc575a3fe35f3e654f30b
|
|
@@ -57,54 +57,20 @@ module Dependabot
|
|
|
57
57
|
version = correct_version_for(dependency)
|
|
58
58
|
return [] unless version
|
|
59
59
|
|
|
60
|
-
semver = version.to_semver
|
|
61
|
-
|
|
62
60
|
transformed_update_types.flat_map do |t|
|
|
63
61
|
case t
|
|
64
62
|
when PATCH_VERSION_TYPE
|
|
65
|
-
|
|
63
|
+
version.ignored_patch_versions
|
|
66
64
|
when MINOR_VERSION_TYPE
|
|
67
|
-
|
|
65
|
+
version.ignored_minor_versions
|
|
68
66
|
when MAJOR_VERSION_TYPE
|
|
69
|
-
|
|
67
|
+
version.ignored_major_versions
|
|
70
68
|
else
|
|
71
69
|
[]
|
|
72
70
|
end
|
|
73
71
|
end.compact
|
|
74
72
|
end
|
|
75
73
|
|
|
76
|
-
sig { params(version: String).returns(T::Array[String]) }
|
|
77
|
-
def ignore_patch(version)
|
|
78
|
-
parts = version.split(".")
|
|
79
|
-
version_parts = parts.fill("0", parts.length...2)
|
|
80
|
-
upper_parts = version_parts.first(1) + [version_parts[1].to_i + 1]
|
|
81
|
-
lower_bound = "> #{version}"
|
|
82
|
-
upper_bound = "< #{upper_parts.join('.')}"
|
|
83
|
-
|
|
84
|
-
["#{lower_bound}, #{upper_bound}"]
|
|
85
|
-
end
|
|
86
|
-
|
|
87
|
-
sig { params(version: String).returns(T::Array[String]) }
|
|
88
|
-
def ignore_minor(version)
|
|
89
|
-
parts = version.split(".")
|
|
90
|
-
version_parts = parts.fill("0", parts.length...2)
|
|
91
|
-
lower_parts = version_parts.first(1) + [version_parts[1].to_i + 1] + ["a"]
|
|
92
|
-
upper_parts = version_parts.first(0) + [version_parts[0].to_i + 1]
|
|
93
|
-
lower_bound = ">= #{lower_parts.join('.')}"
|
|
94
|
-
upper_bound = "< #{upper_parts.join('.')}"
|
|
95
|
-
|
|
96
|
-
["#{lower_bound}, #{upper_bound}"]
|
|
97
|
-
end
|
|
98
|
-
|
|
99
|
-
sig { params(version: String).returns(T::Array[String]) }
|
|
100
|
-
def ignore_major(version)
|
|
101
|
-
version_parts = version.split(".")
|
|
102
|
-
lower_parts = [version_parts[0].to_i + 1] + ["a"]
|
|
103
|
-
lower_bound = ">= #{lower_parts.join('.')}"
|
|
104
|
-
|
|
105
|
-
[lower_bound]
|
|
106
|
-
end
|
|
107
|
-
|
|
108
74
|
sig { params(dependency: Dependency).returns(T.nilable(Version)) }
|
|
109
75
|
def correct_version_for(dependency)
|
|
110
76
|
version = dependency.version
|
data/lib/dependabot/errors.rb
CHANGED
|
@@ -240,6 +240,13 @@ module Dependabot
|
|
|
240
240
|
"go-mod": error.go_mod
|
|
241
241
|
}
|
|
242
242
|
}
|
|
243
|
+
when Dependabot::UpdateNotPossible
|
|
244
|
+
{
|
|
245
|
+
"error-type": "update_not_possible",
|
|
246
|
+
"error-detail": {
|
|
247
|
+
dependencies: error.dependencies
|
|
248
|
+
}
|
|
249
|
+
}
|
|
243
250
|
when BadRequirementError
|
|
244
251
|
{
|
|
245
252
|
"error-type": "illformed_requirement",
|
|
@@ -639,6 +646,21 @@ module Dependabot
|
|
|
639
646
|
# Dependency level errors #
|
|
640
647
|
###########################
|
|
641
648
|
|
|
649
|
+
class UpdateNotPossible < DependabotError
|
|
650
|
+
extend T::Sig
|
|
651
|
+
|
|
652
|
+
sig { returns(T::Array[String]) }
|
|
653
|
+
attr_reader :dependencies
|
|
654
|
+
|
|
655
|
+
sig { params(dependencies: T::Array[String]).void }
|
|
656
|
+
def initialize(dependencies)
|
|
657
|
+
@dependencies = dependencies
|
|
658
|
+
|
|
659
|
+
msg = "The following dependencies could not be updated: #{@dependencies.join(', ')}"
|
|
660
|
+
super(msg)
|
|
661
|
+
end
|
|
662
|
+
end
|
|
663
|
+
|
|
642
664
|
class GitDependenciesNotReachable < DependabotError
|
|
643
665
|
extend T::Sig
|
|
644
666
|
|
|
@@ -419,6 +419,7 @@ module Dependabot
|
|
|
419
419
|
params(
|
|
420
420
|
command: String,
|
|
421
421
|
allow_unsafe_shell_command: T::Boolean,
|
|
422
|
+
cwd: T.nilable(String),
|
|
422
423
|
env: T.nilable(T::Hash[String, String]),
|
|
423
424
|
fingerprint: T.nilable(String),
|
|
424
425
|
stderr_to_stdout: T::Boolean
|
|
@@ -426,6 +427,7 @@ module Dependabot
|
|
|
426
427
|
end
|
|
427
428
|
def self.run_shell_command(command,
|
|
428
429
|
allow_unsafe_shell_command: false,
|
|
430
|
+
cwd: nil,
|
|
429
431
|
env: {},
|
|
430
432
|
fingerprint: nil,
|
|
431
433
|
stderr_to_stdout: true)
|
|
@@ -434,10 +436,13 @@ module Dependabot
|
|
|
434
436
|
|
|
435
437
|
puts cmd if ENV["DEBUG_HELPERS"] == "true"
|
|
436
438
|
|
|
439
|
+
opts = {}
|
|
440
|
+
opts[:chdir] = cwd if cwd
|
|
441
|
+
|
|
437
442
|
if stderr_to_stdout
|
|
438
|
-
stdout, process = Open3.capture2e(env || {}, cmd)
|
|
443
|
+
stdout, process = Open3.capture2e(env || {}, cmd, opts)
|
|
439
444
|
else
|
|
440
|
-
stdout, stderr, process = Open3.capture3(env || {}, cmd)
|
|
445
|
+
stdout, stderr, process = Open3.capture3(env || {}, cmd, opts)
|
|
441
446
|
end
|
|
442
447
|
|
|
443
448
|
time_taken = Time.now - start
|
data/lib/dependabot/version.rb
CHANGED
|
@@ -36,5 +36,37 @@ module Dependabot
|
|
|
36
36
|
def to_semver
|
|
37
37
|
@original_version
|
|
38
38
|
end
|
|
39
|
+
|
|
40
|
+
sig { overridable.returns(T::Array[String]) }
|
|
41
|
+
def ignored_patch_versions
|
|
42
|
+
parts = to_semver.split(".")
|
|
43
|
+
version_parts = parts.fill("0", parts.length...2)
|
|
44
|
+
upper_parts = version_parts.first(1) + [version_parts[1].to_i + 1]
|
|
45
|
+
lower_bound = "> #{to_semver}"
|
|
46
|
+
upper_bound = "< #{upper_parts.join('.')}"
|
|
47
|
+
|
|
48
|
+
["#{lower_bound}, #{upper_bound}"]
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
sig { overridable.returns(T::Array[String]) }
|
|
52
|
+
def ignored_minor_versions
|
|
53
|
+
parts = to_semver.split(".")
|
|
54
|
+
version_parts = parts.fill("0", parts.length...2)
|
|
55
|
+
lower_parts = version_parts.first(1) + [version_parts[1].to_i + 1] + ["a"]
|
|
56
|
+
upper_parts = version_parts.first(0) + [version_parts[0].to_i + 1]
|
|
57
|
+
lower_bound = ">= #{lower_parts.join('.')}"
|
|
58
|
+
upper_bound = "< #{upper_parts.join('.')}"
|
|
59
|
+
|
|
60
|
+
["#{lower_bound}, #{upper_bound}"]
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
sig { overridable.returns(T::Array[String]) }
|
|
64
|
+
def ignored_major_versions
|
|
65
|
+
version_parts = to_semver.split(".")
|
|
66
|
+
lower_parts = [version_parts[0].to_i + 1] + ["a"]
|
|
67
|
+
lower_bound = ">= #{lower_parts.join('.')}"
|
|
68
|
+
|
|
69
|
+
[lower_bound]
|
|
70
|
+
end
|
|
39
71
|
end
|
|
40
72
|
end
|
data/lib/dependabot.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-common
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.279.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-
|
|
11
|
+
date: 2024-10-03 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-codecommit
|
|
@@ -197,19 +197,33 @@ dependencies:
|
|
|
197
197
|
- !ruby/object:Gem::Version
|
|
198
198
|
version: '8.0'
|
|
199
199
|
- !ruby/object:Gem::Dependency
|
|
200
|
-
name: opentelemetry-
|
|
200
|
+
name: opentelemetry-api
|
|
201
201
|
requirement: !ruby/object:Gem::Requirement
|
|
202
202
|
requirements:
|
|
203
203
|
- - "~>"
|
|
204
204
|
- !ruby/object:Gem::Version
|
|
205
|
-
version: '1.
|
|
205
|
+
version: '1.4'
|
|
206
206
|
type: :runtime
|
|
207
207
|
prerelease: false
|
|
208
208
|
version_requirements: !ruby/object:Gem::Requirement
|
|
209
209
|
requirements:
|
|
210
210
|
- - "~>"
|
|
211
211
|
- !ruby/object:Gem::Version
|
|
212
|
-
version: '1.
|
|
212
|
+
version: '1.4'
|
|
213
|
+
- !ruby/object:Gem::Dependency
|
|
214
|
+
name: opentelemetry-metrics-api
|
|
215
|
+
requirement: !ruby/object:Gem::Requirement
|
|
216
|
+
requirements:
|
|
217
|
+
- - "~>"
|
|
218
|
+
- !ruby/object:Gem::Version
|
|
219
|
+
version: '0.1'
|
|
220
|
+
type: :runtime
|
|
221
|
+
prerelease: false
|
|
222
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
223
|
+
requirements:
|
|
224
|
+
- - "~>"
|
|
225
|
+
- !ruby/object:Gem::Version
|
|
226
|
+
version: '0.1'
|
|
213
227
|
- !ruby/object:Gem::Dependency
|
|
214
228
|
name: parser
|
|
215
229
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -600,7 +614,7 @@ licenses:
|
|
|
600
614
|
- MIT
|
|
601
615
|
metadata:
|
|
602
616
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
603
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
617
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.279.0
|
|
604
618
|
post_install_message:
|
|
605
619
|
rdoc_options: []
|
|
606
620
|
require_paths:
|