dependabot-composer 0.170.2 → 0.171.3

Sign up to get free protection for your applications and to get access to all the features.
@@ -8,7 +8,7 @@ module Dependabot
8
8
  end
9
9
 
10
10
  def self.composer_helpers_dir
11
- File.join(native_helpers_root, "composer/helpers")
11
+ File.join(native_helpers_root, "composer")
12
12
  end
13
13
 
14
14
  def self.native_helpers_root
@@ -250,10 +250,10 @@ module Dependabot
250
250
 
251
251
  if error.message.match?(FAILED_GIT_CLONE_WITH_MIRROR)
252
252
  dependency_url = error.message.match(FAILED_GIT_CLONE_WITH_MIRROR).named_captures.fetch("url")
253
- raise Dependabot::GitDependenciesNotReachable, dependency_url
253
+ raise Dependabot::GitDependenciesNotReachable, clean_dependency_url(dependency_url)
254
254
  elsif error.message.match?(FAILED_GIT_CLONE)
255
255
  dependency_url = error.message.match(FAILED_GIT_CLONE).named_captures.fetch("url")
256
- raise Dependabot::GitDependenciesNotReachable, dependency_url
256
+ raise Dependabot::GitDependenciesNotReachable, clean_dependency_url(dependency_url)
257
257
  elsif unresolvable_error?(error)
258
258
  raise Dependabot::DependencyFileNotResolvable, sanitized_message
259
259
  elsif error.message.match?(MISSING_EXPLICIT_PLATFORM_REQ_REGEX)
@@ -463,6 +463,15 @@ module Dependabot
463
463
  platform
464
464
  end
465
465
 
466
+ def clean_dependency_url(dependency_url)
467
+ return dependency_url unless URI::DEFAULT_PARSER.regexp[:ABS_URI].match?(dependency_url)
468
+
469
+ url = URI.parse(dependency_url)
470
+ url.user = nil
471
+ url.password = nil
472
+ url.to_s
473
+ end
474
+
466
475
  def parsed_composer_file
467
476
  @parsed_composer_file ||= JSON.parse(composer_file.content)
468
477
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-composer
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.170.2
4
+ version: 0.171.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-01-11 00:00:00.000000000 Z
11
+ date: 2022-01-26 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.170.2
19
+ version: 0.171.3
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.170.2
26
+ version: 0.171.3
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debug
29
29
  requirement: !ruby/object:Gem::Requirement