dependabot-composer 0.171.0 → 0.171.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/helpers/v1/build +5 -3
- data/helpers/v1/composer.json +1 -1
- data/helpers/v1/composer.lock +121 -105
- data/helpers/v2/build +5 -3
- data/helpers/v2/composer.json +1 -1
- data/helpers/v2/composer.lock +217 -219
- data/helpers/v2/src/UpdateChecker.php +3 -12
- data/helpers/v2/src/Updater.php +1 -0
- data/lib/dependabot/composer/update_checker/version_resolver.rb +11 -2
- metadata +4 -5
- data/helpers/v2/src/DependabotInstallationManager.php +0 -74
@@ -8,7 +8,6 @@ use Composer\DependencyResolver\Request;
|
|
8
8
|
use Composer\Factory;
|
9
9
|
use Composer\Installer;
|
10
10
|
use Composer\Package\PackageInterface;
|
11
|
-
use Composer\Util\Filesystem;
|
12
11
|
|
13
12
|
final class UpdateChecker
|
14
13
|
{
|
@@ -48,15 +47,6 @@ final class UpdateChecker
|
|
48
47
|
$io->loadConfiguration($config);
|
49
48
|
}
|
50
49
|
|
51
|
-
$installationManager = new DependabotInstallationManager($composer->getLoop(), $io);
|
52
|
-
|
53
|
-
$fs = new Filesystem(null);
|
54
|
-
$binaryInstaller = new Installer\BinaryInstaller($io, rtrim($composer->getConfig()->get('bin-dir'), '/'), $composer->getConfig()->get('bin-compat'), $fs);
|
55
|
-
|
56
|
-
$installationManager->addInstaller(new Installer\LibraryInstaller($io, $composer, null, $fs, $binaryInstaller));
|
57
|
-
$installationManager->addInstaller(new Installer\PluginInstaller($io, $composer, $fs, $binaryInstaller));
|
58
|
-
$installationManager->addInstaller(new Installer\MetapackageInstaller($io));
|
59
|
-
|
60
50
|
$install = new Installer(
|
61
51
|
$io,
|
62
52
|
$config,
|
@@ -64,7 +54,7 @@ final class UpdateChecker
|
|
64
54
|
$composer->getDownloadManager(),
|
65
55
|
$composer->getRepositoryManager(),
|
66
56
|
$composer->getLocker(),
|
67
|
-
$
|
57
|
+
$composer->getInstallationManager(),
|
68
58
|
$composer->getEventDispatcher(),
|
69
59
|
$composer->getAutoloadGenerator()
|
70
60
|
);
|
@@ -72,6 +62,7 @@ final class UpdateChecker
|
|
72
62
|
// For all potential options, see UpdateCommand in composer
|
73
63
|
$install
|
74
64
|
->setUpdate(true)
|
65
|
+
->setInstall(false)
|
75
66
|
->setDevMode(true)
|
76
67
|
->setUpdateAllowTransitiveDependencies(Request::UPDATE_LISTED_WITH_TRANSITIVE_DEPS)
|
77
68
|
->setDumpAutoloader(false)
|
@@ -86,7 +77,7 @@ final class UpdateChecker
|
|
86
77
|
|
87
78
|
$install->run();
|
88
79
|
|
89
|
-
$installedPackages = $
|
80
|
+
$installedPackages = $composer->getLocker()->getLockedRepository(true)->getPackages();
|
90
81
|
|
91
82
|
$updatedPackage = current(array_filter($installedPackages, static function (PackageInterface $package) use ($dependencyName): bool {
|
92
83
|
return $package->getName() === $dependencyName;
|
data/helpers/v2/src/Updater.php
CHANGED
@@ -250,10 +250,10 @@ module Dependabot
|
|
250
250
|
|
251
251
|
if error.message.match?(FAILED_GIT_CLONE_WITH_MIRROR)
|
252
252
|
dependency_url = error.message.match(FAILED_GIT_CLONE_WITH_MIRROR).named_captures.fetch("url")
|
253
|
-
raise Dependabot::GitDependenciesNotReachable, dependency_url
|
253
|
+
raise Dependabot::GitDependenciesNotReachable, clean_dependency_url(dependency_url)
|
254
254
|
elsif error.message.match?(FAILED_GIT_CLONE)
|
255
255
|
dependency_url = error.message.match(FAILED_GIT_CLONE).named_captures.fetch("url")
|
256
|
-
raise Dependabot::GitDependenciesNotReachable, dependency_url
|
256
|
+
raise Dependabot::GitDependenciesNotReachable, clean_dependency_url(dependency_url)
|
257
257
|
elsif unresolvable_error?(error)
|
258
258
|
raise Dependabot::DependencyFileNotResolvable, sanitized_message
|
259
259
|
elsif error.message.match?(MISSING_EXPLICIT_PLATFORM_REQ_REGEX)
|
@@ -463,6 +463,15 @@ module Dependabot
|
|
463
463
|
platform
|
464
464
|
end
|
465
465
|
|
466
|
+
def clean_dependency_url(dependency_url)
|
467
|
+
return dependency_url unless URI::DEFAULT_PARSER.regexp[:ABS_URI].match?(dependency_url)
|
468
|
+
|
469
|
+
url = URI.parse(dependency_url)
|
470
|
+
url.user = nil
|
471
|
+
url.password = nil
|
472
|
+
url.to_s
|
473
|
+
end
|
474
|
+
|
466
475
|
def parsed_composer_file
|
467
476
|
@parsed_composer_file ||= JSON.parse(composer_file.content)
|
468
477
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-composer
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.171.
|
4
|
+
version: 0.171.4
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-01-
|
11
|
+
date: 2022-01-27 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dependabot-common
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.171.
|
19
|
+
version: 0.171.4
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.171.
|
26
|
+
version: 0.171.4
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: debug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -203,7 +203,6 @@ files:
|
|
203
203
|
- helpers/v2/composer.json
|
204
204
|
- helpers/v2/composer.lock
|
205
205
|
- helpers/v2/phpstan.neon
|
206
|
-
- helpers/v2/src/DependabotInstallationManager.php
|
207
206
|
- helpers/v2/src/DependabotPluginManager.php
|
208
207
|
- helpers/v2/src/ExceptionIO.php
|
209
208
|
- helpers/v2/src/Hasher.php
|
@@ -1,74 +0,0 @@
|
|
1
|
-
<?php
|
2
|
-
|
3
|
-
declare(strict_types=1);
|
4
|
-
|
5
|
-
namespace Dependabot\Composer;
|
6
|
-
|
7
|
-
use Composer\DependencyResolver\Operation\InstallOperation;
|
8
|
-
use Composer\DependencyResolver\Operation\UninstallOperation;
|
9
|
-
use Composer\DependencyResolver\Operation\UpdateOperation;
|
10
|
-
use Composer\Installer\InstallationManager;
|
11
|
-
use Composer\Package\PackageInterface;
|
12
|
-
use Composer\Repository\InstalledRepositoryInterface;
|
13
|
-
use React\Promise\PromiseInterface;
|
14
|
-
|
15
|
-
final class DependabotInstallationManager extends InstallationManager
|
16
|
-
{
|
17
|
-
private array $installed = [];
|
18
|
-
private array $updated = [];
|
19
|
-
private array $uninstalled = [];
|
20
|
-
|
21
|
-
public function execute(InstalledRepositoryInterface $repo, array $operations, $devMode = true, $runScripts = true): void
|
22
|
-
{
|
23
|
-
foreach ($operations as $operation) {
|
24
|
-
$method = $operation->getOperationType();
|
25
|
-
// NOTE: skipping download() step
|
26
|
-
$this->$method($repo, $operation);
|
27
|
-
}
|
28
|
-
}
|
29
|
-
|
30
|
-
public function install(InstalledRepositoryInterface $repo, InstallOperation $operation): ?PromiseInterface
|
31
|
-
{
|
32
|
-
$this->installed[] = $operation->getPackage();
|
33
|
-
|
34
|
-
return null;
|
35
|
-
}
|
36
|
-
|
37
|
-
public function update(InstalledRepositoryInterface $repo, UpdateOperation $operation): ?PromiseInterface
|
38
|
-
{
|
39
|
-
$this->updated[] = [$operation->getInitialPackage(), $operation->getTargetPackage()];
|
40
|
-
|
41
|
-
return null;
|
42
|
-
}
|
43
|
-
|
44
|
-
public function uninstall(InstalledRepositoryInterface $repo, UninstallOperation $operation): ?PromiseInterface
|
45
|
-
{
|
46
|
-
$this->uninstalled[] = $operation->getPackage();
|
47
|
-
|
48
|
-
return null;
|
49
|
-
}
|
50
|
-
|
51
|
-
/**
|
52
|
-
* @return PackageInterface[]
|
53
|
-
*/
|
54
|
-
public function getInstalledPackages(): array
|
55
|
-
{
|
56
|
-
return $this->installed;
|
57
|
-
}
|
58
|
-
|
59
|
-
/**
|
60
|
-
* @return PackageInterface[]
|
61
|
-
*/
|
62
|
-
public function getUpdatedPackages(): array
|
63
|
-
{
|
64
|
-
return $this->updated;
|
65
|
-
}
|
66
|
-
|
67
|
-
/**
|
68
|
-
* @return PackageInterface[]
|
69
|
-
*/
|
70
|
-
public function getUninstalledPackages(): array
|
71
|
-
{
|
72
|
-
return $this->uninstalled;
|
73
|
-
}
|
74
|
-
}
|