dependabot-composer 0.128.2 → 0.129.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/helpers/{.php_cs → v1/.php_cs} +0 -0
- data/helpers/{bin → v1/bin}/run +0 -0
- data/helpers/v1/build +20 -0
- data/helpers/{composer.json → v1/composer.json} +0 -0
- data/helpers/{composer.lock → v1/composer.lock} +10 -5
- data/helpers/{phpstan.neon → v1/phpstan.neon} +0 -0
- data/helpers/{src → v1/src}/DependabotInstallationManager.php +0 -0
- data/helpers/{src → v1/src}/DependabotPluginManager.php +0 -0
- data/helpers/{src → v1/src}/ExceptionIO.php +0 -0
- data/helpers/{src → v1/src}/Hasher.php +0 -0
- data/helpers/{src → v1/src}/UpdateChecker.php +0 -0
- data/helpers/{src → v1/src}/Updater.php +0 -0
- data/helpers/v2/.php_cs +32 -0
- data/helpers/v2/bin/run +86 -0
- data/helpers/{build → v2/build} +0 -0
- data/helpers/v2/composer.json +23 -0
- data/helpers/v2/composer.lock +2610 -0
- data/helpers/v2/phpstan.neon +5 -0
- data/helpers/v2/src/DependabotInstallationManager.php +67 -0
- data/helpers/v2/src/DependabotPluginManager.php +23 -0
- data/helpers/v2/src/ExceptionIO.php +25 -0
- data/helpers/v2/src/Hasher.php +28 -0
- data/helpers/v2/src/UpdateChecker.php +133 -0
- data/helpers/v2/src/Updater.php +99 -0
- data/lib/dependabot/composer/file_updater/lockfile_updater.rb +31 -2
- data/lib/dependabot/composer/native_helpers.rb +2 -2
- data/lib/dependabot/composer/update_checker/version_resolver.rb +13 -2
- metadata +28 -17
- data/helpers/setup.sh +0 -17
@@ -3,8 +3,8 @@
|
|
3
3
|
module Dependabot
|
4
4
|
module Composer
|
5
5
|
module NativeHelpers
|
6
|
-
def self.composer_helper_path
|
7
|
-
File.join(composer_helpers_dir, "bin/run")
|
6
|
+
def self.composer_helper_path(composer_version: "v2")
|
7
|
+
File.join(composer_helpers_dir, composer_version, "bin/run")
|
8
8
|
end
|
9
9
|
|
10
10
|
def self.composer_helpers_dir
|
@@ -29,7 +29,8 @@ module Dependabot
|
|
29
29
|
MISSING_IMPLICIT_PLATFORM_REQ_REGEX =
|
30
30
|
%r{
|
31
31
|
(?<!with|for|by)\sext\-[^\s\/]+\s.*?\s(?=->)|
|
32
|
-
(?<=requires\s)php(?:\-[^\s\/]+)?\s.*?\s(?=->)
|
32
|
+
(?<=requires\s)php(?:\-[^\s\/]+)?\s.*?\s(?=->)| # composer v1
|
33
|
+
(?<=require\s)php(?:\-[^\s\/]+)?\s.*?\s(?=->) # composer v2
|
33
34
|
}x.freeze
|
34
35
|
VERSION_REGEX = /[0-9]+(?:\.[A-Za-z0-9\-_]+)*/.freeze
|
35
36
|
SOURCE_TIMED_OUT_REGEX =
|
@@ -428,7 +429,17 @@ module Dependabot
|
|
428
429
|
end
|
429
430
|
|
430
431
|
def php_helper_path
|
431
|
-
NativeHelpers.composer_helper_path
|
432
|
+
NativeHelpers.composer_helper_path(composer_version: composer_version)
|
433
|
+
end
|
434
|
+
|
435
|
+
def composer_version
|
436
|
+
@composer_version ||=
|
437
|
+
begin
|
438
|
+
return "v2" unless lockfile && parsed_lockfile["plugin-api-version"]
|
439
|
+
|
440
|
+
version = Version.new(parsed_lockfile["plugin-api-version"])
|
441
|
+
version.canonical_segments.first == 1 ? "v1" : "v2"
|
442
|
+
end
|
432
443
|
end
|
433
444
|
|
434
445
|
def initial_platform
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-composer
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.129.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-12-
|
11
|
+
date: 2020-12-15 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dependabot-common
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.
|
19
|
+
version: 0.129.0
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.
|
26
|
+
version: 0.129.0
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: byebug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -171,19 +171,30 @@ executables: []
|
|
171
171
|
extensions: []
|
172
172
|
extra_rdoc_files: []
|
173
173
|
files:
|
174
|
-
- helpers/.php_cs
|
175
|
-
- helpers/bin/run
|
176
|
-
- helpers/build
|
177
|
-
- helpers/composer.json
|
178
|
-
- helpers/composer.lock
|
179
|
-
- helpers/phpstan.neon
|
180
|
-
- helpers/
|
181
|
-
- helpers/src/
|
182
|
-
- helpers/src/
|
183
|
-
- helpers/src/
|
184
|
-
- helpers/src/
|
185
|
-
- helpers/src/
|
186
|
-
- helpers/
|
174
|
+
- helpers/v1/.php_cs
|
175
|
+
- helpers/v1/bin/run
|
176
|
+
- helpers/v1/build
|
177
|
+
- helpers/v1/composer.json
|
178
|
+
- helpers/v1/composer.lock
|
179
|
+
- helpers/v1/phpstan.neon
|
180
|
+
- helpers/v1/src/DependabotInstallationManager.php
|
181
|
+
- helpers/v1/src/DependabotPluginManager.php
|
182
|
+
- helpers/v1/src/ExceptionIO.php
|
183
|
+
- helpers/v1/src/Hasher.php
|
184
|
+
- helpers/v1/src/UpdateChecker.php
|
185
|
+
- helpers/v1/src/Updater.php
|
186
|
+
- helpers/v2/.php_cs
|
187
|
+
- helpers/v2/bin/run
|
188
|
+
- helpers/v2/build
|
189
|
+
- helpers/v2/composer.json
|
190
|
+
- helpers/v2/composer.lock
|
191
|
+
- helpers/v2/phpstan.neon
|
192
|
+
- helpers/v2/src/DependabotInstallationManager.php
|
193
|
+
- helpers/v2/src/DependabotPluginManager.php
|
194
|
+
- helpers/v2/src/ExceptionIO.php
|
195
|
+
- helpers/v2/src/Hasher.php
|
196
|
+
- helpers/v2/src/UpdateChecker.php
|
197
|
+
- helpers/v2/src/Updater.php
|
187
198
|
- lib/dependabot/composer.rb
|
188
199
|
- lib/dependabot/composer/file_fetcher.rb
|
189
200
|
- lib/dependabot/composer/file_fetcher/path_dependency_builder.rb
|
data/helpers/setup.sh
DELETED
@@ -1,17 +0,0 @@
|
|
1
|
-
#!/bin/sh
|
2
|
-
|
3
|
-
EXPECTED_SIGNATURE="$(wget -q -O - https://composer.github.io/installer.sig)"
|
4
|
-
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
|
5
|
-
ACTUAL_SIGNATURE="$(php -r "echo hash_file('sha384', 'composer-setup.php');")"
|
6
|
-
|
7
|
-
if [ "$EXPECTED_SIGNATURE" != "$ACTUAL_SIGNATURE" ]
|
8
|
-
then
|
9
|
-
>&2 echo 'ERROR: Invalid installer signature'
|
10
|
-
rm composer-setup.php
|
11
|
-
exit 1
|
12
|
-
fi
|
13
|
-
|
14
|
-
php composer-setup.php --quiet
|
15
|
-
RESULT=$?
|
16
|
-
rm composer-setup.php
|
17
|
-
exit $RESULT
|