dependabot-composer 0.286.0 → 0.287.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (16) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/composer/helpers.rb +5 -9
  3. data/lib/dependabot/composer/package_manager.rb +0 -18
  4. metadata +5 -17
  5. data/helpers/v1/.php-cs-fixer.dist.php +0 -32
  6. data/helpers/v1/bin/run +0 -86
  7. data/helpers/v1/build +0 -31
  8. data/helpers/v1/composer.json +0 -26
  9. data/helpers/v1/composer.lock +0 -2501
  10. data/helpers/v1/phpstan.dist.neon +0 -5
  11. data/helpers/v1/src/DependabotInstallationManager.php +0 -61
  12. data/helpers/v1/src/DependabotPluginManager.php +0 -23
  13. data/helpers/v1/src/ExceptionIO.php +0 -25
  14. data/helpers/v1/src/Hasher.php +0 -28
  15. data/helpers/v1/src/UpdateChecker.php +0 -121
  16. data/helpers/v1/src/Updater.php +0 -98
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 4d544676aafa67c45ff3d489882678802b0d168f9fd6652a1545552a49b8beb5
4
- data.tar.gz: d5ecf28b2e85c494136db0f09293e8a268b18ac7c52685958a23381499a0708f
3
+ metadata.gz: 33efc3aae325bc2acdd965e6ec6904a390e1e69c730028acbf543ae50c7f853e
4
+ data.tar.gz: 3d70840ea14077b634287b459b5168ebcc991f341cc305e78cde0efbd0796694
5
5
  SHA512:
6
- metadata.gz: a683c8a8b3363618a1b87fd9269246100de66ca595eb4c89709fe6d4b4c626fe4b2d3d0cc9af00f10c43ef06b7b67acdc48f92fb01f35882abc7d4287fe0e91f
7
- data.tar.gz: 84e4afce44edf09ddd4922ca0e89fe80b2e20857ac7258ecf416ab7658f892bf2c8153ad11c948d02e62639403642ba1b3903b2d91ff0aaa91ace47a7288ac5e
6
+ metadata.gz: b274ddd490c9d93fa441e06404df4bad8e172178a54963307d3b804865cd45e448caeb55d7446a9d13030c7a71637712a405e6a4311a1e539dfa04b21a4c3139
7
+ data.tar.gz: 7d06ec720c22e6e88602a76e987887aa1a927e3b031673b9773d61884ddb19272a02d9efe12d13aa4091e6a0c635a93f7340c533d4839e3a84eef8a93aba9a8d
data/lib/dependabot/composer/helpers.rb CHANGED
@@ -43,13 +43,13 @@ module Dependabot
43
43
  .returns(String)
44
44
  end
45
45
  def self.composer_version(composer_json, parsed_lockfile = nil)
46
- v1_unsupported = Dependabot::Experiments.enabled?(:composer_v1_unsupported_error)
47
-
48
46
  # If the parsed lockfile has a plugin API version, we return either V1 or V2
49
47
  # based on the major version of the lockfile.
50
48
  if parsed_lockfile && parsed_lockfile["plugin-api-version"]
51
49
  version = Composer::Version.new(parsed_lockfile["plugin-api-version"])
52
- return version.canonical_segments.first == 1 ? V1 : V2
50
+ major_version = version.canonical_segments.first
51
+
52
+ return major_version.nil? || major_version > 1 ? V2 : V1
53
53
  end
54
54
 
55
55
  # Check if the composer name does not follow the Composer V2 naming conventions.
@@ -57,18 +57,14 @@ module Dependabot
57
57
  composer_name_invalid = composer_json["name"] && composer_json["name"] !~ COMPOSER_V2_NAME_REGEX
58
58
 
59
59
  # If the name is invalid returns the fallback version.
60
- if composer_name_invalid
61
- return v1_unsupported ? V2 : V1
62
- end
60
+ return V2 if composer_name_invalid
63
61
 
64
62
  # Check if the composer.json file contains "require" entries that don't follow
65
63
  # either the platform package naming conventions or the Composer V2 name conventions.
66
64
  invalid_v2 = invalid_v2_requirement?(composer_json)
67
65
 
68
66
  # If there are invalid requirements returns fallback version.
69
- if invalid_v2
70
- return v1_unsupported ? V2 : V1
71
- end
67
+ return V2 if invalid_v2
72
68
 
73
69
  # If no conditions are met return V2 by default.
74
70
  V2
data/lib/dependabot/composer/package_manager.rb CHANGED
@@ -29,24 +29,6 @@ module Dependabot
29
29
  SUPPORTED_COMPOSER_VERSIONS,
30
30
  )
31
31
  end
32
-
33
- sig { override.returns(T::Boolean) }
34
- def deprecated?
35
- return false if unsupported?
36
-
37
- # Check if the feature flag for Composer v1 deprecation warning is enabled.
38
- return false unless Dependabot::Experiments.enabled?(:composer_v1_deprecation_warning)
39
-
40
- super
41
- end
42
-
43
- sig { override.returns(T::Boolean) }
44
- def unsupported?
45
- # Check if the feature flag for Composer v1 unsupported error is enabled.
46
- return false unless Dependabot::Experiments.enabled?(:composer_v1_unsupported_error)
47
-
48
- super
49
- end
50
32
  end
51
33
  end
52
34
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-composer
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.286.0
4
+ version: 0.287.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-11-14 00:00:00.000000000 Z
11
+ date: 2024-11-19 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.286.0
19
+ version: 0.287.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.286.0
26
+ version: 0.287.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -242,18 +242,6 @@ executables: []
242
242
  extensions: []
243
243
  extra_rdoc_files: []
244
244
  files:
245
- - helpers/v1/.php-cs-fixer.dist.php
246
- - helpers/v1/bin/run
247
- - helpers/v1/build
248
- - helpers/v1/composer.json
249
- - helpers/v1/composer.lock
250
- - helpers/v1/phpstan.dist.neon
251
- - helpers/v1/src/DependabotInstallationManager.php
252
- - helpers/v1/src/DependabotPluginManager.php
253
- - helpers/v1/src/ExceptionIO.php
254
- - helpers/v1/src/Hasher.php
255
- - helpers/v1/src/UpdateChecker.php
256
- - helpers/v1/src/Updater.php
257
245
  - helpers/v2/.php-cs-fixer.php
258
246
  - helpers/v2/bin/run
259
247
  - helpers/v2/build
@@ -287,7 +275,7 @@ licenses:
287
275
  - MIT
288
276
  metadata:
289
277
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
290
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.286.0
278
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.287.0
291
279
  post_install_message:
292
280
  rdoc_options: []
293
281
  require_paths:
data/helpers/v1/.php-cs-fixer.dist.php DELETED
@@ -1,32 +0,0 @@
1
- <?php
2
- $finder = PhpCsFixer\Finder::create()
3
- ->in(__DIR__ . '/src')
4
- ->in(__DIR__ . '/bin');
5
- $config = new PhpCsFixer\Config();
6
- return $config
7
- ->setRules([
8
- '@Symfony' => true,
9
- 'array_syntax' => ['syntax' => 'short'],
10
- 'blank_line_after_opening_tag' => true,
11
- 'concat_space' => ['spacing' => 'one'],
12
- 'declare_strict_types' => true,
13
- 'increment_style' => ['style' => 'post'],
14
- 'list_syntax' => ['syntax' => 'short'],
15
- 'method_argument_space' => ['on_multiline' => 'ensure_fully_multiline'],
16
- 'modernize_types_casting' => true,
17
- 'multiline_whitespace_before_semicolons' => true,
18
- 'no_useless_else' => true,
19
- 'no_useless_return' => true,
20
- 'ordered_imports' => true,
21
- 'php_unit_construct' => true,
22
- 'php_unit_dedicate_assert' => true,
23
- 'phpdoc_align' => false,
24
- 'phpdoc_order' => true,
25
- 'single_line_comment_style' => true,
26
- 'ternary_to_null_coalescing' => true,
27
- 'void_return' => true,
28
- 'yoda_style' => false,
29
- ])
30
- ->setFinder($finder)
31
- ->setUsingCache(true)
32
- ->setRiskyAllowed(true);
data/helpers/v1/bin/run DELETED
@@ -1,86 +0,0 @@
1
- #!/usr/bin/env php
2
- <?php
3
-
4
- declare(strict_types=1);
5
-
6
- namespace Dependabot\Composer;
7
-
8
- require __DIR__ . '/../vendor/autoload.php';
9
-
10
- // Get details of the process to run from STDIN. It will have a `function`
11
- // and an `args` method, as passed in by UpdateCheckers::Php
12
- $request = json_decode(file_get_contents('php://stdin'), true);
13
-
14
- function memoryInBytes($value) {
15
- $unit = strtolower(substr($value, -1, 1));
16
- $value = (int) $value;
17
- if ($unit == 'g') {
18
- $value *= (1024 * 1024 * 1024);
19
- } elseif ($unit == 'm') {
20
- $value *= (1024 * 1024);
21
- } elseif ($unit == 'k') {
22
- $value *= 1024;
23
- }
24
-
25
- return $value;
26
- }
27
-
28
- // Increase the default memory limit the same way Composer does (but clearer)
29
- if (function_exists('ini_set')) {
30
- $memoryLimit = trim(ini_get('memory_limit'));
31
- // Increase memory_limit if it is lower than 1900MB
32
- if ($memoryLimit != -1 && memoryInBytes($memoryLimit) < 1024 * 1024 * 1900) {
33
- @ini_set('memory_limit', '1900M');
34
- }
35
-
36
- // Set user defined memory limit
37
- if ($memoryLimit = getenv('COMPOSER_MEMORY_LIMIT')) {
38
- @ini_set('memory_limit', $memoryLimit);
39
- }
40
- unset($memoryInBytes, $memoryLimit);
41
- }
42
-
43
- date_default_timezone_set('Europe/London');
44
-
45
- // This storage is freed on error (case of allowed memory exhausted)
46
- $memory = str_repeat('*', 1024 * 1024);
47
-
48
- register_shutdown_function(function (): void {
49
- global $memory;
50
- $memory = null;
51
- $error = error_get_last();
52
- if (null !== $error) {
53
- fwrite(STDOUT, json_encode(['error' => $error['message']]));
54
- }
55
- });
56
-
57
- if ($memoryAlloc = getenv('DEPENDABOT_TEST_MEMORY_ALLOCATION')) {
58
- str_repeat('*', memoryInBytes($memoryAlloc));
59
- }
60
-
61
- try {
62
- switch ($request['function']) {
63
- case 'update':
64
- $updatedFiles = Updater::update($request['args']);
65
- fwrite(STDOUT, json_encode(['result' => $updatedFiles]));
66
- error_clear_last();
67
- break;
68
- case 'get_latest_resolvable_version':
69
- $latestVersion = UpdateChecker::getLatestResolvableVersion($request['args']);
70
- fwrite(STDOUT, json_encode(['result' => $latestVersion]));
71
- error_clear_last();
72
- break;
73
- case 'get_content_hash':
74
- $content_hash = Hasher::getContentHash($request['args']);
75
- fwrite(STDOUT, json_encode(['result' => $content_hash]));
76
- error_clear_last();
77
- break;
78
- default:
79
- fwrite(STDOUT, json_encode(['error' => "Invalid function {$request['function']}"]));
80
- exit(1);
81
- }
82
- } catch (\Exception $e) {
83
- fwrite(STDOUT, json_encode(['error' => $e->getMessage()]));
84
- error_clear_last();
85
- exit(1);
86
- }
data/helpers/v1/build DELETED
@@ -1,31 +0,0 @@
1
- #!/usr/bin/env bash
2
-
3
- set -e
4
-
5
- if [ -z "$DEPENDABOT_NATIVE_HELPERS_PATH" ]; then
6
- echo "Unable to build, DEPENDABOT_NATIVE_HELPERS_PATH is not set"
7
- exit 1
8
- fi
9
-
10
- install_dir="$DEPENDABOT_NATIVE_HELPERS_PATH/composer/v1"
11
- mkdir -p "$install_dir"
12
-
13
- helpers_dir="$(dirname "${BASH_SOURCE[0]}")"
14
- cp -r \
15
- "$helpers_dir/bin" \
16
- "$helpers_dir/src" \
17
- "$helpers_dir/.php-cs-fixer.dist.php" \
18
- "$helpers_dir/composer.json" \
19
- "$helpers_dir/composer.lock" \
20
- "$helpers_dir/phpstan.dist.neon" \
21
- "$install_dir"
22
-
23
- cd "$install_dir"
24
-
25
- composer1 validate --no-check-publish
26
- composer1 install
27
- composer1 run lint -- --dry-run
28
- composer1 run stan
29
-
30
- # Composer caches source zips and repo metadata, none of which is useful. Save space in this layer
31
- rm -Rf ~/.composer/cache
data/helpers/v1/composer.json DELETED
@@ -1,26 +0,0 @@
1
- {
2
- "name": "dependabot/composer-v1-helper",
3
- "description": "A helper package for Dependabot to perform updates using Composer",
4
- "license": "MIT",
5
- "require": {
6
- "php": "^7.4",
7
- "ext-json": "*",
8
- "composer/composer": "^1"
9
- },
10
- "require-dev": {
11
- "friendsofphp/php-cs-fixer": "^2.9",
12
- "phpstan/phpstan": "~1.10.3"
13
- },
14
- "autoload": {
15
- "psr-4": {
16
- "Dependabot\\Composer\\": "src/"
17
- }
18
- },
19
- "scripts": {
20
- "lint": "php-cs-fixer fix --diff --verbose",
21
- "stan": "phpstan analyse"
22
- },
23
- "config": {
24
- "sort-packages": true
25
- }
26
- }