dependabot-composer 0.95.74 → 0.95.75
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 66f8f0f48c82bfe06df50374e55e36610b343fd1cbc692520ef49a058c7b1b7c
|
|
4
|
+
data.tar.gz: e4e4344100d8089d1af78b4833b649dfc6f895e7b59adc3bfeb965294ee6df71
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d2b73d4af31663b2e92165ed5d7efbf091a054e210416aa327dc4b7137e9a42a4ecac48a2c53c429bdaeba935d02c305f14214c2dfc3707e8e337892d8dc195f
|
|
7
|
+
data.tar.gz: 458e89c8aa6bd407e00d9167b4c425e20b74a26c6687cfbbff912cf1a0ac18c32677e2cc1b0a2bcfa60fe693c63f0923089ff3df1505563616cddb9b5bb11dc0
|
|
@@ -6,6 +6,8 @@ require "dependabot/file_fetchers/base"
|
|
|
6
6
|
module Dependabot
|
|
7
7
|
module Composer
|
|
8
8
|
class FileFetcher < Dependabot::FileFetchers::Base
|
|
9
|
+
require_relative "file_fetcher/path_dependency_builder"
|
|
10
|
+
|
|
9
11
|
def self.required_files_in?(filenames)
|
|
10
12
|
filenames.include?("composer.json")
|
|
11
13
|
end
|
|
@@ -57,12 +59,13 @@ module Dependabot
|
|
|
57
59
|
begin
|
|
58
60
|
composer_json_files << fetch_file_with_root_fallback(file)
|
|
59
61
|
rescue Dependabot::DependencyFileNotFound
|
|
60
|
-
|
|
61
|
-
unfetchable_deps << file
|
|
62
|
+
unfetchable_deps << path
|
|
62
63
|
end
|
|
63
64
|
end
|
|
64
65
|
end
|
|
65
66
|
|
|
67
|
+
composer_json_files += build_unfetchable_deps(unfetchable_deps)
|
|
68
|
+
|
|
66
69
|
# Mark the path dependencies as support files - we don't currently
|
|
67
70
|
# parse or update them.
|
|
68
71
|
composer_json_files.tap do |files|
|
|
@@ -81,6 +84,16 @@ module Dependabot
|
|
|
81
84
|
raise Dependabot::DependencyFileNotParseable, composer_json.path
|
|
82
85
|
end
|
|
83
86
|
|
|
87
|
+
def build_unfetchable_deps(unfetchable_deps)
|
|
88
|
+
unfetchable_deps.map do |path|
|
|
89
|
+
PathDependencyBuilder.new(
|
|
90
|
+
path: path,
|
|
91
|
+
directory: directory,
|
|
92
|
+
lockfile: composer_lock
|
|
93
|
+
).dependency_file
|
|
94
|
+
end.compact
|
|
95
|
+
end
|
|
96
|
+
|
|
84
97
|
def expand_path(path)
|
|
85
98
|
repo_contents(dir: path.gsub(/\*$/, "")).
|
|
86
99
|
select { |file| file.type == "dir" }.
|
|
@@ -0,0 +1,70 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require "json"
|
|
4
|
+
require "dependabot/dependency_file"
|
|
5
|
+
require "dependabot/composer/file_fetcher"
|
|
6
|
+
require "dependabot/composer/file_parser"
|
|
7
|
+
|
|
8
|
+
module Dependabot
|
|
9
|
+
module Composer
|
|
10
|
+
class FileFetcher
|
|
11
|
+
class PathDependencyBuilder
|
|
12
|
+
def initialize(path:, directory:, lockfile:)
|
|
13
|
+
@path = path
|
|
14
|
+
@directory = directory
|
|
15
|
+
@lockfile = lockfile
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
def dependency_file
|
|
19
|
+
filename = File.join(path, "composer.json")
|
|
20
|
+
|
|
21
|
+
# Current we just return `nil` if a path dependency can't be built.
|
|
22
|
+
# In future we may wish to change that to a raise. (We'll get errors
|
|
23
|
+
# in the UpdateChecker or FileUpdater if we fail to build files.)
|
|
24
|
+
built_content = build_path_dep_content
|
|
25
|
+
return unless built_content
|
|
26
|
+
|
|
27
|
+
DependencyFile.new(
|
|
28
|
+
name: Pathname.new(filename).cleanpath.to_path,
|
|
29
|
+
content: built_content,
|
|
30
|
+
directory: directory,
|
|
31
|
+
support_file: true
|
|
32
|
+
)
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
private
|
|
36
|
+
|
|
37
|
+
attr_reader :path, :lockfile, :directory
|
|
38
|
+
|
|
39
|
+
def details_from_lockfile
|
|
40
|
+
keys = FileParser::DEPENDENCY_GROUP_KEYS.
|
|
41
|
+
map { |h| h.fetch(:lockfile) }
|
|
42
|
+
|
|
43
|
+
keys.each do |key|
|
|
44
|
+
next unless parsed_lockfile[key]
|
|
45
|
+
|
|
46
|
+
parsed_lockfile[key].each do |details|
|
|
47
|
+
return details if details.dig("dist", "url") == path
|
|
48
|
+
end
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
nil
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
def build_path_dep_content
|
|
55
|
+
return unless details_from_lockfile
|
|
56
|
+
|
|
57
|
+
details_from_lockfile.to_json
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
def parsed_lockfile
|
|
61
|
+
return {} unless lockfile
|
|
62
|
+
|
|
63
|
+
@parsed_lockfile ||= JSON.parse(lockfile.content)
|
|
64
|
+
rescue JSON::ParserError
|
|
65
|
+
{}
|
|
66
|
+
end
|
|
67
|
+
end
|
|
68
|
+
end
|
|
69
|
+
end
|
|
70
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-composer
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.95.
|
|
4
|
+
version: 0.95.75
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-02-
|
|
11
|
+
date: 2019-02-27 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.95.
|
|
19
|
+
version: 0.95.75
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.95.
|
|
26
|
+
version: 0.95.75
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -157,6 +157,7 @@ files:
|
|
|
157
157
|
- helpers/src/Updater.php
|
|
158
158
|
- lib/dependabot/composer.rb
|
|
159
159
|
- lib/dependabot/composer/file_fetcher.rb
|
|
160
|
+
- lib/dependabot/composer/file_fetcher/path_dependency_builder.rb
|
|
160
161
|
- lib/dependabot/composer/file_parser.rb
|
|
161
162
|
- lib/dependabot/composer/file_updater.rb
|
|
162
163
|
- lib/dependabot/composer/file_updater/lockfile_updater.rb
|