RubyGems - dependabot-core - Versions diffs - 0.87.15 → 0.88.0 - Mend

dependabot-core 0.87.15 → 0.88.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (33) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +4 -0
data/lib/dependabot/file_fetchers.rb +0 -2
data/lib/dependabot/file_parsers.rb +0 -2
data/lib/dependabot/file_updaters.rb +0 -2
data/lib/dependabot/metadata_finders.rb +0 -2
data/lib/dependabot/pull_request_creator/message_builder.rb +1 -1
data/lib/dependabot/update_checkers.rb +0 -2
data/lib/dependabot/update_checkers/php/composer/version_resolver.rb +3 -2
data/lib/dependabot/utils.rb +0 -4
data/lib/dependabot/version.rb +1 -1
metadata +1 -22
data/helpers/elixir/bin/check_update.exs +0 -92
data/helpers/elixir/bin/do_update.exs +0 -39
data/helpers/elixir/bin/parse_deps.exs +0 -103
data/helpers/elixir/bin/run.exs +0 -76
data/helpers/elixir/mix.exs +0 -21
data/helpers/elixir/mix.lock +0 -3
data/lib/dependabot/file_fetchers/elixir/hex.rb +0 -78
data/lib/dependabot/file_parsers/elixir/hex.rb +0 -134
data/lib/dependabot/file_updaters/elixir/hex.rb +0 -71
data/lib/dependabot/file_updaters/elixir/hex/lockfile_updater.rb +0 -147
data/lib/dependabot/file_updaters/elixir/hex/mixfile_git_pin_updater.rb +0 -53
data/lib/dependabot/file_updaters/elixir/hex/mixfile_requirement_updater.rb +0 -74
data/lib/dependabot/file_updaters/elixir/hex/mixfile_sanitizer.rb +0 -28
data/lib/dependabot/file_updaters/elixir/hex/mixfile_updater.rb +0 -98
data/lib/dependabot/metadata_finders/elixir/hex.rb +0 -69
data/lib/dependabot/update_checkers/elixir/hex.rb +0 -274
data/lib/dependabot/update_checkers/elixir/hex/file_preparer.rb +0 -193
data/lib/dependabot/update_checkers/elixir/hex/requirements_updater.rb +0 -177
data/lib/dependabot/update_checkers/elixir/hex/version_resolver.rb +0 -175
data/lib/dependabot/utils/elixir/requirement.rb +0 -54
data/lib/dependabot/utils/elixir/version.rb +0 -66

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1950a22635494df74d9d7feb1a356bea48c55442268df6f1d4e67feeb2fbcade
-  data.tar.gz: 387f83467e7c211e574bc645953524feb193c8c499a6b9bae119fdb39ac359c4
+  metadata.gz: 5baac5ebf6cb593e43f66de38fbab67da68f55f771a576cdec418db8f71f2722
+  data.tar.gz: a72cb17501ab4a87a3c240684d62c224dcf1537aa8331585867d2f41440a0f21
 SHA512:
-  metadata.gz: 9804285a480248a096eac01eda499bebec6e3b354151a89a5d43560f593d9fc60fedb2ce323f18a66a44aa02250b02492584f5f8ebe57ffad8d9206297acfa6b
-  data.tar.gz: 217717f78a08cce674844c954acdf206ec33409470ee92c9edb817c28f5611307cd1c96bd17504a3d0607c29ab83906e1f728a6b8ab15df079b65906d32eb8e8
+  metadata.gz: 2c0fe474ca371161091421f0f903b9765eb2c9f992f52397687520a48b75aac41b0500145c1d4ec29e15dc905ff245606b5f856efc1b5a6f96c3261392bb1d51
+  data.tar.gz: ec89afa574296a90926ca749556abb99f68be8b814c1ae5c7fc879afb55f8a08f810eeeabe5f1e514291eb557b6c23dcc24a0385b82227de4958823fa76b7b5a

data/CHANGELOG.md CHANGED

@@ -1,3 +1,7 @@
+## v0.88.0, 9 January 2019
+- Elixir reorg
 ## v0.87.15, 9 January 2019
 - PHP: Raise resolvability issue when working with local VCS errors

data/lib/dependabot/file_fetchers.rb CHANGED

@@ -3,7 +3,6 @@
 require "dependabot/file_fetchers/ruby/bundler"
 require "dependabot/file_fetchers/java_script/npm_and_yarn"
 require "dependabot/file_fetchers/php/composer"
-require "dependabot/file_fetchers/elixir/hex"
 require "dependabot/file_fetchers/go/dep"
 module Dependabot
@@ -12,7 +11,6 @@ module Dependabot
       "bundler" => FileFetchers::Ruby::Bundler,
       "npm_and_yarn" => FileFetchers::JavaScript::NpmAndYarn,
       "composer" => FileFetchers::Php::Composer,
-      "hex" => FileFetchers::Elixir::Hex,
       "dep" => FileFetchers::Go::Dep
     }

data/lib/dependabot/file_parsers.rb CHANGED

@@ -3,7 +3,6 @@
 require "dependabot/file_parsers/ruby/bundler"
 require "dependabot/file_parsers/java_script/npm_and_yarn"
 require "dependabot/file_parsers/php/composer"
-require "dependabot/file_parsers/elixir/hex"
 require "dependabot/file_parsers/go/dep"
 module Dependabot
@@ -12,7 +11,6 @@ module Dependabot
       "bundler" => FileParsers::Ruby::Bundler,
       "npm_and_yarn" => FileParsers::JavaScript::NpmAndYarn,
       "composer" => FileParsers::Php::Composer,
-      "hex" => FileParsers::Elixir::Hex,
       "dep" => FileParsers::Go::Dep
     }

data/lib/dependabot/file_updaters.rb CHANGED

@@ -3,7 +3,6 @@
 require "dependabot/file_updaters/ruby/bundler"
 require "dependabot/file_updaters/java_script/npm_and_yarn"
 require "dependabot/file_updaters/php/composer"
-require "dependabot/file_updaters/elixir/hex"
 require "dependabot/file_updaters/go/dep"
 module Dependabot
@@ -12,7 +11,6 @@ module Dependabot
       "bundler" => FileUpdaters::Ruby::Bundler,
       "npm_and_yarn" => FileUpdaters::JavaScript::NpmAndYarn,
       "composer" => FileUpdaters::Php::Composer,
-      "hex" => FileUpdaters::Elixir::Hex,
       "dep" => FileUpdaters::Go::Dep
     }

data/lib/dependabot/metadata_finders.rb CHANGED

@@ -3,7 +3,6 @@
 require "dependabot/metadata_finders/ruby/bundler"
 require "dependabot/metadata_finders/java_script/npm_and_yarn"
 require "dependabot/metadata_finders/php/composer"
-require "dependabot/metadata_finders/elixir/hex"
 require "dependabot/metadata_finders/go/dep"
 module Dependabot
@@ -12,7 +11,6 @@ module Dependabot
       "bundler" => MetadataFinders::Ruby::Bundler,
       "npm_and_yarn" => MetadataFinders::JavaScript::NpmAndYarn,
       "composer" => MetadataFinders::Php::Composer,
-      "hex" => MetadataFinders::Elixir::Hex,
       "dep" => MetadataFinders::Go::Dep
     }

data/lib/dependabot/pull_request_creator/message_builder.rb CHANGED

@@ -523,7 +523,7 @@ module Dependabot
       def truncated_line
         # Tables can spill out of truncated details, so we close them
-        "></table> ... (truncated)\n"
+        "></tr></table> ... (truncated)\n"
       end
       def releases_url(dependency)

data/lib/dependabot/update_checkers.rb CHANGED

@@ -3,7 +3,6 @@
 require "dependabot/update_checkers/ruby/bundler"
 require "dependabot/update_checkers/java_script/npm_and_yarn"
 require "dependabot/update_checkers/php/composer"
-require "dependabot/update_checkers/elixir/hex"
 require "dependabot/update_checkers/go/dep"
 module Dependabot
@@ -12,7 +11,6 @@ module Dependabot
       "bundler" => UpdateCheckers::Ruby::Bundler,
       "npm_and_yarn" => UpdateCheckers::JavaScript::NpmAndYarn,
       "composer" => UpdateCheckers::Php::Composer,
-      "hex" => UpdateCheckers::Elixir::Hex,
       "dep" => UpdateCheckers::Go::Dep
     }

data/lib/dependabot/update_checkers/php/composer/version_resolver.rb CHANGED

@@ -129,8 +129,9 @@ module Dependabot
             elsif error.message.include?("requested PHP extension")
               extensions = error.message.scan(/\sext\-.*?\s/).map(&:strip).uniq
               msg = "Dependabot's installed extensions didn't match those "\
-                    "required by your application. Please add the following "\
-                    "extensions to the platform config in your composer.json: "\
+                    "required by your application.\n\n"\
+                    "Please add the following extensions to the platform "\
+                    "config in your composer.json to allow Dependabot to run: "\
                     "#{extensions.join(', ')}.\n\n"\
                     "The full error raised was:\n\n#{error.message}"
               raise Dependabot::DependencyFileNotResolvable, msg

data/lib/dependabot/utils.rb CHANGED

@@ -1,11 +1,9 @@
 # frozen_string_literal: true
-require "dependabot/utils/elixir/version"
 require "dependabot/utils/java_script/version"
 require "dependabot/utils/php/version"
 require "dependabot/utils/go/version"
-require "dependabot/utils/elixir/requirement"
 require "dependabot/utils/java_script/requirement"
 require "dependabot/utils/php/requirement"
 require "dependabot/utils/ruby/requirement"
@@ -21,7 +19,6 @@ module Dependabot
       "docker" => Gem::Version,
       "npm_and_yarn" => Utils::JavaScript::Version,
       "composer" => Utils::Php::Version,
-      "hex" => Utils::Elixir::Version,
       "dep" => Utils::Go::Version
     }
@@ -42,7 +39,6 @@ module Dependabot
       "docker" => Utils::Ruby::Requirement,
       "npm_and_yarn" => Utils::JavaScript::Requirement,
       "composer" => Utils::Php::Requirement,
-      "hex" => Utils::Elixir::Requirement,
       "dep" => Utils::Go::Requirement
     }

data/lib/dependabot/version.rb CHANGED

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Dependabot
-  VERSION = "0.87.15"
+  VERSION = "0.88.0"
 end

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-core
 version: !ruby/object:Gem::Version
-  version: 0.87.15
+  version: 0.88.0
 platform: ruby
 authors:
 - Dependabot
@@ -298,12 +298,6 @@ files:
 - CHANGELOG.md
 - LICENSE
 - README.md
-- helpers/elixir/bin/check_update.exs
-- helpers/elixir/bin/do_update.exs
-- helpers/elixir/bin/parse_deps.exs
-- helpers/elixir/bin/run.exs
-- helpers/elixir/mix.exs
-- helpers/elixir/mix.lock
 - helpers/go/Makefile
 - helpers/go/go.mod
 - helpers/go/go.sum
@@ -371,7 +365,6 @@ files:
 - lib/dependabot/file_fetchers.rb
 - lib/dependabot/file_fetchers/README.md
 - lib/dependabot/file_fetchers/base.rb
-- lib/dependabot/file_fetchers/elixir/hex.rb
 - lib/dependabot/file_fetchers/go/dep.rb
 - lib/dependabot/file_fetchers/java_script/npm_and_yarn.rb
 - lib/dependabot/file_fetchers/java_script/npm_and_yarn/path_dependency_builder.rb
@@ -384,7 +377,6 @@ files:
 - lib/dependabot/file_parsers/README.md
 - lib/dependabot/file_parsers/base.rb
 - lib/dependabot/file_parsers/base/dependency_set.rb
-- lib/dependabot/file_parsers/elixir/hex.rb
 - lib/dependabot/file_parsers/go/dep.rb
 - lib/dependabot/file_parsers/java_script/npm_and_yarn.rb
 - lib/dependabot/file_parsers/php/composer.rb
@@ -394,12 +386,6 @@ files:
 - lib/dependabot/file_updaters.rb
 - lib/dependabot/file_updaters/README.md
 - lib/dependabot/file_updaters/base.rb
-- lib/dependabot/file_updaters/elixir/hex.rb
-- lib/dependabot/file_updaters/elixir/hex/lockfile_updater.rb
-- lib/dependabot/file_updaters/elixir/hex/mixfile_git_pin_updater.rb
-- lib/dependabot/file_updaters/elixir/hex/mixfile_requirement_updater.rb
-- lib/dependabot/file_updaters/elixir/hex/mixfile_sanitizer.rb
-- lib/dependabot/file_updaters/elixir/hex/mixfile_updater.rb
 - lib/dependabot/file_updaters/go/dep.rb
 - lib/dependabot/file_updaters/go/dep/lockfile_updater.rb
 - lib/dependabot/file_updaters/go/dep/manifest_updater.rb
@@ -429,7 +415,6 @@ files:
 - lib/dependabot/metadata_finders/base/changelog_pruner.rb
 - lib/dependabot/metadata_finders/base/commits_finder.rb
 - lib/dependabot/metadata_finders/base/release_finder.rb
-- lib/dependabot/metadata_finders/elixir/hex.rb
 - lib/dependabot/metadata_finders/go/dep.rb
 - lib/dependabot/metadata_finders/java_script/npm_and_yarn.rb
 - lib/dependabot/metadata_finders/php/composer.rb
@@ -448,10 +433,6 @@ files:
 - lib/dependabot/update_checkers.rb
 - lib/dependabot/update_checkers/README.md
 - lib/dependabot/update_checkers/base.rb
-- lib/dependabot/update_checkers/elixir/hex.rb
-- lib/dependabot/update_checkers/elixir/hex/file_preparer.rb
-- lib/dependabot/update_checkers/elixir/hex/requirements_updater.rb
-- lib/dependabot/update_checkers/elixir/hex/version_resolver.rb
 - lib/dependabot/update_checkers/go/dep.rb
 - lib/dependabot/update_checkers/go/dep/file_preparer.rb
 - lib/dependabot/update_checkers/go/dep/latest_version_finder.rb
@@ -476,8 +457,6 @@ files:
 - lib/dependabot/update_checkers/ruby/bundler/shared_bundler_helpers.rb
 - lib/dependabot/update_checkers/ruby/bundler/version_resolver.rb
 - lib/dependabot/utils.rb
-- lib/dependabot/utils/elixir/requirement.rb
-- lib/dependabot/utils/elixir/version.rb
 - lib/dependabot/utils/go/path_converter.rb
 - lib/dependabot/utils/go/requirement.rb
 - lib/dependabot/utils/go/shared_helper.rb

data/helpers/elixir/bin/check_update.exs DELETED

@@ -1,92 +0,0 @@
-defmodule UpdateChecker do
-  def run(dependency_name, credentials) do
-    set_credentials(credentials)
-    # Update the lockfile in a session that we can time out
-    task = Task.async(fn -> do_resolution(dependency_name) end)
-    case Task.yield(task, 30000) || Task.shutdown(task) do
-      {:ok, {:ok, :resolution_successful}} ->
-        # Read the new lock
-        {updated_lock, _updated_rest_lock} =
-          Map.split(Mix.Dep.Lock.read(), [String.to_atom(dependency_name)])
-        # Get the new dependency version
-        version =
-          updated_lock
-          |> Map.get(String.to_atom(dependency_name))
-          |> elem(2)
-        {:ok, version}
-      {:ok, {:error, error}} -> {:error, error}
-      nil -> {:error, :dependency_resolution_timed_out}
-      {:exit, reason} -> {:error, reason}
-    end
-  end
-  defp set_credentials(credentials) do
-    credentials
-    |> Enum.reduce([], fn cred, acc ->
-      if List.last(acc) == nil || List.last(acc)[:token] do
-        List.insert_at(acc, -1, %{organization: cred})
-      else
-        {item, acc} = List.pop_at(acc, -1)
-        item = Map.put(item, :token, cred)
-        List.insert_at(acc, -1, item)
-      end
-    end)
-    |> Enum.each(fn cred ->
-      hexpm = Hex.Repo.get_repo("hexpm")
-      repo = %{
-        url: hexpm.url <> "/repos/#{cred.organization}",
-        public_key: nil,
-        auth_key: cred.token
-      }
-      Hex.Config.read()
-      |> Hex.Config.read_repos()
-      |> Map.put("hexpm:#{cred.organization}", repo)
-      |> Hex.Config.update_repos()
-    end)
-  end
-  defp do_resolution(dependency_name) do
-    # Fetch dependencies that needs updating
-    {dependency_lock, rest_lock} =
-      Map.split(Mix.Dep.Lock.read(), [String.to_atom(dependency_name)])
-    try do
-      Mix.Dep.Fetcher.by_name([dependency_name], dependency_lock, rest_lock, [])
-      {:ok, :resolution_successful}
-    rescue
-      error -> {:error, error}
-    end
-  end
-end
-[dependency_name | credentials] = System.argv()
-case UpdateChecker.run(dependency_name, credentials) do
-  {:ok, version} ->
-    version = :erlang.term_to_binary({:ok, version})
-    IO.write(:stdio, version)
-  {:error, %Hex.Version.InvalidRequirementError{} = error}  ->
-    result = :erlang.term_to_binary({:error, "Invalid requirement: #{error.requirement}"})
-    IO.write(:stdio, result)
-  {:error, %Mix.Error{} = error} ->
-    result = :erlang.term_to_binary({:error, "Dependency resolution failed: #{error.message}"})
-    IO.write(:stdio, result)
-  {:error, :dependency_resolution_timed_out} ->
-    # We do nothing here because Hex is already printing out a message in stdout
-    nil
-  {:error, error} ->
-    result = :erlang.term_to_binary({:error, "Unknown error in check_update: #{inspect(error)}"})
-    IO.write(:stdio, result)
-end

data/helpers/elixir/bin/do_update.exs DELETED

@@ -1,39 +0,0 @@
-[dependency_name | credentials] = System.argv()
-grouped_creds = Enum.reduce credentials, [], fn cred, acc ->
-  if List.last(acc) == nil || List.last(acc)[:token] do
-    List.insert_at(acc, -1, %{ organization: cred })
-  else
-    { item, acc } = List.pop_at(acc, -1)
-    item = Map.put(item, :token, cred)
-    List.insert_at(acc, -1, item)
-  end
-end
-Enum.each grouped_creds, fn cred ->
-  hexpm = Hex.Repo.get_repo("hexpm")
-  repo = %{
-    url: hexpm.url <> "/repos/#{cred.organization}",
-    public_key: nil,
-    auth_key: cred.token
-  }
-  Hex.Config.read()
-  |> Hex.Config.read_repos()
-  |> Map.put("hexpm:#{cred.organization}", repo)
-  |> Hex.Config.update_repos()
-end
-# dependency atom
-dependency = String.to_atom(dependency_name)
-# Fetch dependencies that needs updating
-{dependency_lock, rest_lock} = Map.split(Mix.Dep.Lock.read(), [dependency])
-Mix.Dep.Fetcher.by_name([dependency_name], dependency_lock, rest_lock, [])
-lockfile_content =
-  "mix.lock"
-  |> File.read()
-  |> :erlang.term_to_binary()
-IO.write(:stdio, lockfile_content)

data/helpers/elixir/bin/parse_deps.exs DELETED

@@ -1,103 +0,0 @@
-defmodule Parser do
-  def run do
-    Mix.Dep.load_on_environment([])
-    |> Enum.flat_map(&parse_dep/1)
-    |> Enum.map(&build_dependency(&1.opts[:lock], &1))
-  end
-  defp build_dependency(nil, dep) do
-    %{
-      name: dep.app,
-      from: Path.relative_to_cwd(dep.from),
-      groups: [],
-      requirement: normalise_requirement(dep.requirement),
-      top_level: dep.top_level || umbrella_top_level_dep?(dep)
-    }
-  end
-  defp build_dependency(lock, dep) do
-    {version, checksum, source} = parse_lock(lock)
-    groups = parse_groups(dep.opts[:only])
-    %{
-      name: dep.app,
-      from: Path.relative_to_cwd(dep.from),
-      version: version,
-      groups: groups,
-      checksum: checksum,
-      requirement: normalise_requirement(dep.requirement),
-      source: source,
-      top_level: dep.top_level || umbrella_top_level_dep?(dep)
-    }
-  end
-  defp parse_groups(nil), do: []
-  defp parse_groups(only) when is_list(only), do: only
-  defp parse_groups(only), do: [only]
-  # path dependency
-  defp parse_dep(%{scm: Mix.SCM.Path, opts: opts} = dep) do
-    cond do
-      # umbrella dependency - ignore
-      opts[:in_umbrella] ->
-        []
-      # umbrella application
-      opts[:from_umbrella] ->
-        Enum.reject(dep.deps, fn dep -> dep.opts[:in_umbrella] end)
-      true ->
-        []
-    end
-  end
-  # hex, git dependency
-  defp parse_dep(%{scm: scm} = dep) when scm in [Hex.SCM, Mix.SCM.Git], do: [dep]
-  # unsupported
-  defp parse_dep(_dep), do: []
-  defp umbrella_top_level_dep?(dep) do
-    if Mix.Project.umbrella?() do
-      apps_paths = Path.expand(Mix.Project.config()[:apps_path], File.cwd!())
-      String.contains?(Path.dirname(Path.dirname(dep.from)), apps_paths)
-    else
-      false
-    end
-  end
-  defp parse_lock({:git, repo_url, checksum, opts}),
-    do: {nil, checksum, git_source(repo_url, opts)}
-  defp parse_lock({:hex, _app, version, checksum, _managers, _dependencies, _source}),
-    do: {version, checksum, nil}
-  defp parse_lock({:hex, _app, version, checksum, _managers, _dependencies}),
-    do: {version, checksum, nil}
-  defp normalise_requirement(req) do
-    req
-    |> maybe_regex_to_str()
-    |> empty_str_to_nil()
-  end
-  defp maybe_regex_to_str(s), do: if Regex.regex?(s), do: Regex.source(s), else: s
-  defp empty_str_to_nil(""), do: nil
-  defp empty_str_to_nil(s), do: s
-  def git_source(repo_url, opts) do
-    ref = opts[:ref] || opts[:tag]
-    ref = if is_list(ref), do: to_string(ref), else: ref
-    %{
-      type: "git",
-      url: repo_url,
-      branch: opts[:branch] || "master",
-      ref: ref
-    }
-  end
-end
-dependencies = :erlang.term_to_binary({:ok, Parser.run()})
-IO.write(:stdio, dependencies)