dependabot-composer 0.110.11 → 0.110.12
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 98acd79574fd23cc58b391b0811dea57ec709665f242603e577901f62d838e37
|
4
|
+
data.tar.gz: 69a8fde2fbe34bd7ff92fac939ae2ea199faac68f94a77fd23c09eeae3981b5e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: '0569b1987caeb3a6ab816118272140907cc667f487c9890a3c2086463c0ae72e7a0386b57f73ff5e4f426367dd7662b8d7b5de327386356f55ce66d159e10cf9'
|
7
|
+
data.tar.gz: 1e11a8f8992ac2ac403d71b4c25501f657bef4055cfe38e75d24c97ae89fe3b264a288f4775877a4dd8b2854c0f3d86405daf446a4a531604539f9872b122807
|
@@ -148,6 +148,7 @@ module Dependabot
|
|
148
148
|
|
149
149
|
File.write("composer.json", locked_composer_json_content)
|
150
150
|
File.write("composer.lock", lockfile.content)
|
151
|
+
File.write("auth.json", auth_json.content) if auth_json
|
151
152
|
end
|
152
153
|
|
153
154
|
def locked_composer_json_content
|
@@ -271,6 +272,10 @@ module Dependabot
|
|
271
272
|
dependency_files.find { |f| f.name == "composer.lock" }
|
272
273
|
end
|
273
274
|
|
275
|
+
def auth_json
|
276
|
+
@auth_json ||= dependency_files.find { |f| f.name == "auth.json" }
|
277
|
+
end
|
278
|
+
|
274
279
|
def path_dependencies
|
275
280
|
@path_dependencies ||=
|
276
281
|
dependency_files.select { |f| f.name.end_with?("/composer.json") }
|
@@ -142,7 +142,23 @@ module Dependabot
|
|
142
142
|
end
|
143
143
|
|
144
144
|
def registry_credentials
|
145
|
-
credentials.select { |cred| cred["type"] == "composer_repository" }
|
145
|
+
credentials.select { |cred| cred["type"] == "composer_repository" } +
|
146
|
+
auth_json_credentials
|
147
|
+
end
|
148
|
+
|
149
|
+
def auth_json_credentials
|
150
|
+
return [] unless auth_json
|
151
|
+
|
152
|
+
parsed_auth_json = JSON.parse(auth_json.content)
|
153
|
+
parsed_auth_json.fetch("http-basic", {}).map do |reg, details|
|
154
|
+
{
|
155
|
+
"registry" => reg,
|
156
|
+
"username" => details["username"],
|
157
|
+
"password" => details["password"]
|
158
|
+
}
|
159
|
+
end
|
160
|
+
rescue JSON::ParserError
|
161
|
+
raise Dependabot::DependencyFileNotParseable, auth_json.path
|
146
162
|
end
|
147
163
|
|
148
164
|
def composer_file
|
@@ -153,6 +169,10 @@ module Dependabot
|
|
153
169
|
composer_file
|
154
170
|
end
|
155
171
|
|
172
|
+
def auth_json
|
173
|
+
dependency_files.find { |f| f.name == "auth.json" }
|
174
|
+
end
|
175
|
+
|
156
176
|
def ignore_reqs
|
157
177
|
ignored_versions.map { |req| requirement_class.new(req.split(",")) }
|
158
178
|
end
|
@@ -44,6 +44,7 @@ module Dependabot
|
|
44
44
|
SharedHelpers.in_a_temporary_directory(base_directory) do
|
45
45
|
File.write("composer.json", prepared_composer_json_content)
|
46
46
|
File.write("composer.lock", lockfile.content) if lockfile
|
47
|
+
File.write("auth.json", auth_json.content) if auth_json
|
47
48
|
|
48
49
|
run_update_checker
|
49
50
|
end
|
@@ -221,6 +222,10 @@ module Dependabot
|
|
221
222
|
dependency_files.find { |f| f.name == "composer.lock" }
|
222
223
|
end
|
223
224
|
|
225
|
+
def auth_json
|
226
|
+
@auth_json ||= dependency_files.find { |f| f.name == "auth.json" }
|
227
|
+
end
|
228
|
+
|
224
229
|
def git_credentials
|
225
230
|
credentials.
|
226
231
|
select { |cred| cred["type"] == "git_source" }.
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-composer
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.110.
|
4
|
+
version: 0.110.12
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.110.
|
19
|
+
version: 0.110.12
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.110.
|
26
|
+
version: 0.110.12
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: byebug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|