RubyGems - dependabot-composer - Versions diffs - 0.128.2 → 0.129.0 - Mend

dependabot-composer 0.128.2 → 0.129.0

Files changed (30) hide show

checksums.yaml +4 -4
data/helpers/{.php_cs → v1/.php_cs} +0 -0
data/helpers/{bin → v1/bin}/run +0 -0
data/helpers/v1/build +20 -0
data/helpers/{composer.json → v1/composer.json} +0 -0
data/helpers/{composer.lock → v1/composer.lock} +10 -5
data/helpers/{phpstan.neon → v1/phpstan.neon} +0 -0
data/helpers/{src → v1/src}/DependabotInstallationManager.php +0 -0
data/helpers/{src → v1/src}/DependabotPluginManager.php +0 -0
data/helpers/{src → v1/src}/ExceptionIO.php +0 -0
data/helpers/{src → v1/src}/Hasher.php +0 -0
data/helpers/{src → v1/src}/UpdateChecker.php +0 -0
data/helpers/{src → v1/src}/Updater.php +0 -0
data/helpers/v2/.php_cs +32 -0
data/helpers/v2/bin/run +86 -0
data/helpers/{build → v2/build} +0 -0
data/helpers/v2/composer.json +23 -0
data/helpers/v2/composer.lock +2610 -0
data/helpers/v2/phpstan.neon +5 -0
data/helpers/v2/src/DependabotInstallationManager.php +67 -0
data/helpers/v2/src/DependabotPluginManager.php +23 -0
data/helpers/v2/src/ExceptionIO.php +25 -0
data/helpers/v2/src/Hasher.php +28 -0
data/helpers/v2/src/UpdateChecker.php +133 -0
data/helpers/v2/src/Updater.php +99 -0
data/lib/dependabot/composer/file_updater/lockfile_updater.rb +31 -2
data/lib/dependabot/composer/native_helpers.rb +2 -2
data/lib/dependabot/composer/update_checker/version_resolver.rb +13 -2
metadata +28 -17
data/helpers/setup.sh +0 -17

data/lib/dependabot/composer/native_helpers.rb CHANGED

@@ -3,8 +3,8 @@
 module Dependabot
   module Composer
     module NativeHelpers
-      def self.composer_helper_path
-        File.join(composer_helpers_dir, "bin/run")
+      def self.composer_helper_path(composer_version: "v2")
+        File.join(composer_helpers_dir, composer_version, "bin/run")
       end
       def self.composer_helpers_dir

data/lib/dependabot/composer/update_checker/version_resolver.rb CHANGED

@@ -29,7 +29,8 @@ module Dependabot
         MISSING_IMPLICIT_PLATFORM_REQ_REGEX =
           %r{
             (?<!with|for|by)\sext\-[^\s\/]+\s.*?\s(?=->)|
-            (?<=requires\s)php(?:\-[^\s\/]+)?\s.*?\s(?=->)
+            (?<=requires\s)php(?:\-[^\s\/]+)?\s.*?\s(?=->)| # composer v1
+            (?<=require\s)php(?:\-[^\s\/]+)?\s.*?\s(?=->) # composer v2
           }x.freeze
         VERSION_REGEX = /[0-9]+(?:\.[A-Za-z0-9\-_]+)*/.freeze
         SOURCE_TIMED_OUT_REGEX =
@@ -428,7 +429,17 @@ module Dependabot
         end
         def php_helper_path
-          NativeHelpers.composer_helper_path
+          NativeHelpers.composer_helper_path(composer_version: composer_version)
+        end
+        def composer_version
+          @composer_version ||=
+            begin
+              return "v2" unless lockfile && parsed_lockfile["plugin-api-version"]
+              version = Version.new(parsed_lockfile["plugin-api-version"])
+              version.canonical_segments.first == 1 ? "v1" : "v2"
+            end
         end
         def initial_platform

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-composer
 version: !ruby/object:Gem::Version
-  version: 0.128.2
+  version: 0.129.0
 platform: ruby
 authors:
 - Dependabot
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-12-14 00:00:00.000000000 Z
+date: 2020-12-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.128.2
+        version: 0.129.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.128.2
+        version: 0.129.0
 - !ruby/object:Gem::Dependency
   name: byebug
   requirement: !ruby/object:Gem::Requirement
@@ -171,19 +171,30 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- helpers/.php_cs
-- helpers/bin/run
-- helpers/build
-- helpers/composer.json
-- helpers/composer.lock
-- helpers/phpstan.neon
-- helpers/setup.sh
-- helpers/src/DependabotInstallationManager.php
-- helpers/src/DependabotPluginManager.php
-- helpers/src/ExceptionIO.php
-- helpers/src/Hasher.php
-- helpers/src/UpdateChecker.php
-- helpers/src/Updater.php
+- helpers/v1/.php_cs
+- helpers/v1/bin/run
+- helpers/v1/build
+- helpers/v1/composer.json
+- helpers/v1/composer.lock
+- helpers/v1/phpstan.neon
+- helpers/v1/src/DependabotInstallationManager.php
+- helpers/v1/src/DependabotPluginManager.php
+- helpers/v1/src/ExceptionIO.php
+- helpers/v1/src/Hasher.php
+- helpers/v1/src/UpdateChecker.php
+- helpers/v1/src/Updater.php
+- helpers/v2/.php_cs
+- helpers/v2/bin/run
+- helpers/v2/build
+- helpers/v2/composer.json
+- helpers/v2/composer.lock
+- helpers/v2/phpstan.neon
+- helpers/v2/src/DependabotInstallationManager.php
+- helpers/v2/src/DependabotPluginManager.php
+- helpers/v2/src/ExceptionIO.php
+- helpers/v2/src/Hasher.php
+- helpers/v2/src/UpdateChecker.php
+- helpers/v2/src/Updater.php
 - lib/dependabot/composer.rb
 - lib/dependabot/composer/file_fetcher.rb
 - lib/dependabot/composer/file_fetcher/path_dependency_builder.rb

data/helpers/setup.sh DELETED

@@ -1,17 +0,0 @@
-#!/bin/sh
-EXPECTED_SIGNATURE="$(wget -q -O - https://composer.github.io/installer.sig)"
-php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
-ACTUAL_SIGNATURE="$(php -r "echo hash_file('sha384', 'composer-setup.php');")"
-if [ "$EXPECTED_SIGNATURE" != "$ACTUAL_SIGNATURE" ]
-then
-    >&2 echo 'ERROR: Invalid installer signature'
-    rm composer-setup.php
-    exit 1
-fi
-php composer-setup.php --quiet
-RESULT=$?
-rm composer-setup.php
-exit $RESULT