dependabot-core 0.80.1 → 0.81.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 4876570b3e1f43af321a0f7ed0f78080d5a46895ed94e38f0728c2d1db5da636
4
- data.tar.gz: 43ddeb3dce5a0032d65d73d1022e0c9849ee88709843b5bf4b589a2a2159beb8
3
+ metadata.gz: d46b715b1f68703b62a2078d8937c31630c9c918b90221d758e50f39535607d9
4
+ data.tar.gz: 788de0506801b8bb803557348eac18c321cda7d3c0f4aa1b4f81c2fd8ca40fdf
5
5
  SHA512:
6
- metadata.gz: 54ac485f972556393b816ac061e3af5743bb08882ec87c4422513cceee2128be116cf03ed3107d341d643b25f11631e6e509049a7ddca0d8c81b51a3fbc6c864
7
- data.tar.gz: d85a8f9eaa459ebc9a4e95461e4c6b9b89c2ca46b16d939c68e1f7cc27da11b59e1938b167987ac34faa5c7789efc2fb3d209ee3c0fefe45090dd1d944b828b9
6
+ metadata.gz: 6ea4c222c5acef4126d5067acc657279b3d017e3f88db93dcfcaedefbcbbe423646ed476c3ebfc719f775250d326ffba099ad8ed59f817d0e2b63f096f4fa1fb
7
+ data.tar.gz: c8cffec6eb0256f1e57e1c6586d0c14c724d696b20c957cc6ff9868004faf5b6b5cbef06baeaf95fc9cde1b23a900768253695e114e201ce977544c039a4d839
data/CHANGELOG.md CHANGED
@@ -1,3 +1,7 @@
1
+ ## v0.81.0, 10 December 2018
2
+
3
+ - Extract Rust logic into a separate gem
4
+
1
5
  ## v0.80.1, 10 December 2018
2
6
 
3
7
  - Add another missing require
@@ -6,7 +6,6 @@ require "dependabot/file_fetchers/java/maven"
6
6
  require "dependabot/file_fetchers/java/gradle"
7
7
  require "dependabot/file_fetchers/php/composer"
8
8
  require "dependabot/file_fetchers/elixir/hex"
9
- require "dependabot/file_fetchers/rust/cargo"
10
9
  require "dependabot/file_fetchers/go/dep"
11
10
  require "dependabot/file_fetchers/go/modules"
12
11
  require "dependabot/file_fetchers/elm/elm_package"
@@ -20,7 +19,6 @@ module Dependabot
20
19
  "gradle" => FileFetchers::Java::Gradle,
21
20
  "composer" => FileFetchers::Php::Composer,
22
21
  "hex" => FileFetchers::Elixir::Hex,
23
- "cargo" => FileFetchers::Rust::Cargo,
24
22
  "dep" => FileFetchers::Go::Dep,
25
23
  "go_modules" => FileFetchers::Go::Modules,
26
24
  "elm-package" => FileFetchers::Elm::ElmPackage
@@ -6,7 +6,6 @@ require "dependabot/file_parsers/java/maven"
6
6
  require "dependabot/file_parsers/java/gradle"
7
7
  require "dependabot/file_parsers/php/composer"
8
8
  require "dependabot/file_parsers/elixir/hex"
9
- require "dependabot/file_parsers/rust/cargo"
10
9
  require "dependabot/file_parsers/go/dep"
11
10
  require "dependabot/file_parsers/go/modules"
12
11
  require "dependabot/file_parsers/elm/elm_package"
@@ -20,7 +19,6 @@ module Dependabot
20
19
  "gradle" => FileParsers::Java::Gradle,
21
20
  "composer" => FileParsers::Php::Composer,
22
21
  "hex" => FileParsers::Elixir::Hex,
23
- "cargo" => FileParsers::Rust::Cargo,
24
22
  "dep" => FileParsers::Go::Dep,
25
23
  "go_modules" => FileParsers::Go::Modules,
26
24
  "elm-package" => FileParsers::Elm::ElmPackage
@@ -6,7 +6,6 @@ require "dependabot/file_updaters/java/maven"
6
6
  require "dependabot/file_updaters/java/gradle"
7
7
  require "dependabot/file_updaters/php/composer"
8
8
  require "dependabot/file_updaters/elixir/hex"
9
- require "dependabot/file_updaters/rust/cargo"
10
9
  require "dependabot/file_updaters/go/dep"
11
10
  require "dependabot/file_updaters/go/modules"
12
11
  require "dependabot/file_updaters/elm/elm_package"
@@ -20,7 +19,6 @@ module Dependabot
20
19
  "gradle" => FileUpdaters::Java::Gradle,
21
20
  "composer" => FileUpdaters::Php::Composer,
22
21
  "hex" => FileUpdaters::Elixir::Hex,
23
- "cargo" => FileUpdaters::Rust::Cargo,
24
22
  "dep" => FileUpdaters::Go::Dep,
25
23
  "go_modules" => FileUpdaters::Go::Modules,
26
24
  "elm-package" => FileUpdaters::Elm::ElmPackage
@@ -5,7 +5,6 @@ require "dependabot/metadata_finders/java_script/npm_and_yarn"
5
5
  require "dependabot/metadata_finders/java/maven"
6
6
  require "dependabot/metadata_finders/php/composer"
7
7
  require "dependabot/metadata_finders/elixir/hex"
8
- require "dependabot/metadata_finders/rust/cargo"
9
8
  require "dependabot/metadata_finders/go/dep"
10
9
  require "dependabot/metadata_finders/elm/elm_package"
11
10
 
@@ -18,7 +17,6 @@ module Dependabot
18
17
  "gradle" => MetadataFinders::Java::Maven,
19
18
  "composer" => MetadataFinders::Php::Composer,
20
19
  "hex" => MetadataFinders::Elixir::Hex,
21
- "cargo" => MetadataFinders::Rust::Cargo,
22
20
  "dep" => MetadataFinders::Go::Dep,
23
21
  "go_modules" => MetadataFinders::Go::Dep,
24
22
  "elm-package" => MetadataFinders::Elm::ElmPackage
@@ -6,7 +6,6 @@ require "dependabot/update_checkers/java/maven"
6
6
  require "dependabot/update_checkers/java/gradle"
7
7
  require "dependabot/update_checkers/php/composer"
8
8
  require "dependabot/update_checkers/elixir/hex"
9
- require "dependabot/update_checkers/rust/cargo"
10
9
  require "dependabot/update_checkers/go/dep"
11
10
  require "dependabot/update_checkers/go/modules"
12
11
  require "dependabot/update_checkers/elm/elm_package"
@@ -20,7 +19,6 @@ module Dependabot
20
19
  "gradle" => UpdateCheckers::Java::Gradle,
21
20
  "composer" => UpdateCheckers::Php::Composer,
22
21
  "hex" => UpdateCheckers::Elixir::Hex,
23
- "cargo" => UpdateCheckers::Rust::Cargo,
24
22
  "dep" => UpdateCheckers::Go::Dep,
25
23
  "go_modules" => UpdateCheckers::Go::Modules,
26
24
  "elm-package" => UpdateCheckers::Elm::ElmPackage
@@ -4,7 +4,6 @@ require "dependabot/utils/elixir/version"
4
4
  require "dependabot/utils/java/version"
5
5
  require "dependabot/utils/java_script/version"
6
6
  require "dependabot/utils/php/version"
7
- require "dependabot/utils/rust/version"
8
7
  require "dependabot/utils/go/version"
9
8
  require "dependabot/utils/elm/version"
10
9
 
@@ -13,7 +12,6 @@ require "dependabot/utils/java/requirement"
13
12
  require "dependabot/utils/java_script/requirement"
14
13
  require "dependabot/utils/php/requirement"
15
14
  require "dependabot/utils/ruby/requirement"
16
- require "dependabot/utils/rust/requirement"
17
15
  require "dependabot/utils/go/requirement"
18
16
  require "dependabot/utils/elm/requirement"
19
17
 
@@ -30,7 +28,6 @@ module Dependabot
30
28
  "npm_and_yarn" => Utils::JavaScript::Version,
31
29
  "composer" => Utils::Php::Version,
32
30
  "hex" => Utils::Elixir::Version,
33
- "cargo" => Utils::Rust::Version,
34
31
  "dep" => Utils::Go::Version,
35
32
  "go_modules" => Utils::Go::Version,
36
33
  "elm-package" => Utils::Elm::Version
@@ -56,7 +53,6 @@ module Dependabot
56
53
  "npm_and_yarn" => Utils::JavaScript::Requirement,
57
54
  "composer" => Utils::Php::Requirement,
58
55
  "hex" => Utils::Elixir::Requirement,
59
- "cargo" => Utils::Rust::Requirement,
60
56
  "dep" => Utils::Go::Requirement,
61
57
  "go_modules" => Utils::Go::Requirement,
62
58
  "elm-package" => Utils::Elm::Requirement
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Dependabot
4
- VERSION = "0.80.1"
4
+ VERSION = "0.81.0"
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-core
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.80.1
4
+ version: 0.81.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
@@ -389,7 +389,6 @@ files:
389
389
  - lib/dependabot/file_fetchers/ruby/bundler/child_gemfile_finder.rb
390
390
  - lib/dependabot/file_fetchers/ruby/bundler/path_gemspec_finder.rb
391
391
  - lib/dependabot/file_fetchers/ruby/bundler/require_relative_finder.rb
392
- - lib/dependabot/file_fetchers/rust/cargo.rb
393
392
  - lib/dependabot/file_parsers.rb
394
393
  - lib/dependabot/file_parsers/README.md
395
394
  - lib/dependabot/file_parsers/base.rb
@@ -410,7 +409,6 @@ files:
410
409
  - lib/dependabot/file_parsers/ruby/bundler.rb
411
410
  - lib/dependabot/file_parsers/ruby/bundler/file_preparer.rb
412
411
  - lib/dependabot/file_parsers/ruby/bundler/gemfile_checker.rb
413
- - lib/dependabot/file_parsers/rust/cargo.rb
414
412
  - lib/dependabot/file_updaters.rb
415
413
  - lib/dependabot/file_updaters/README.md
416
414
  - lib/dependabot/file_updaters/base.rb
@@ -443,6 +441,7 @@ files:
443
441
  - lib/dependabot/file_updaters/php/composer.rb
444
442
  - lib/dependabot/file_updaters/php/composer/lockfile_updater.rb
445
443
  - lib/dependabot/file_updaters/php/composer/manifest_updater.rb
444
+ - lib/dependabot/file_updaters/ruby/.DS_Store
446
445
  - lib/dependabot/file_updaters/ruby/bundler.rb
447
446
  - lib/dependabot/file_updaters/ruby/bundler/gemfile_updater.rb
448
447
  - lib/dependabot/file_updaters/ruby/bundler/gemspec_dependency_name_finder.rb
@@ -452,9 +451,6 @@ files:
452
451
  - lib/dependabot/file_updaters/ruby/bundler/git_source_remover.rb
453
452
  - lib/dependabot/file_updaters/ruby/bundler/lockfile_updater.rb
454
453
  - lib/dependabot/file_updaters/ruby/bundler/requirement_replacer.rb
455
- - lib/dependabot/file_updaters/rust/cargo.rb
456
- - lib/dependabot/file_updaters/rust/cargo/lockfile_updater.rb
457
- - lib/dependabot/file_updaters/rust/cargo/manifest_updater.rb
458
454
  - lib/dependabot/git_commit_checker.rb
459
455
  - lib/dependabot/metadata_finders.rb
460
456
  - lib/dependabot/metadata_finders/README.md
@@ -470,7 +466,6 @@ files:
470
466
  - lib/dependabot/metadata_finders/java_script/npm_and_yarn.rb
471
467
  - lib/dependabot/metadata_finders/php/composer.rb
472
468
  - lib/dependabot/metadata_finders/ruby/bundler.rb
473
- - lib/dependabot/metadata_finders/rust/cargo.rb
474
469
  - lib/dependabot/pull_request_creator.rb
475
470
  - lib/dependabot/pull_request_creator/branch_namer.rb
476
471
  - lib/dependabot/pull_request_creator/commit_signer.rb
@@ -525,10 +520,6 @@ files:
525
520
  - lib/dependabot/update_checkers/ruby/bundler/ruby_requirement_setter.rb
526
521
  - lib/dependabot/update_checkers/ruby/bundler/shared_bundler_helpers.rb
527
522
  - lib/dependabot/update_checkers/ruby/bundler/version_resolver.rb
528
- - lib/dependabot/update_checkers/rust/cargo.rb
529
- - lib/dependabot/update_checkers/rust/cargo/file_preparer.rb
530
- - lib/dependabot/update_checkers/rust/cargo/requirements_updater.rb
531
- - lib/dependabot/update_checkers/rust/cargo/version_resolver.rb
532
523
  - lib/dependabot/utils.rb
533
524
  - lib/dependabot/utils/elixir/requirement.rb
534
525
  - lib/dependabot/utils/elixir/version.rb
@@ -545,8 +536,6 @@ files:
545
536
  - lib/dependabot/utils/php/requirement.rb
546
537
  - lib/dependabot/utils/php/version.rb
547
538
  - lib/dependabot/utils/ruby/requirement.rb
548
- - lib/dependabot/utils/rust/requirement.rb
549
- - lib/dependabot/utils/rust/version.rb
550
539
  - lib/dependabot/version.rb
551
540
  homepage: https://github.com/dependabot/dependabot-core
552
541
  licenses:
@@ -568,7 +557,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
568
557
  version: 2.7.3
569
558
  requirements: []
570
559
  rubyforge_project:
571
- rubygems_version: 2.7.7
560
+ rubygems_version: 2.7.6
572
561
  signing_key:
573
562
  specification_version: 4
574
563
  summary: Automated dependency management
@@ -1,240 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "pathname"
4
- require "toml-rb"
5
-
6
- require "dependabot/file_fetchers/base"
7
- require "dependabot/file_parsers/rust/cargo"
8
-
9
- # Docs on Cargo workspaces:
10
- # https://doc.rust-lang.org/cargo/reference/manifest.html#the-workspace-section
11
- module Dependabot
12
- module FileFetchers
13
- module Rust
14
- class Cargo < Dependabot::FileFetchers::Base
15
- def self.required_files_in?(filenames)
16
- filenames.include?("Cargo.toml")
17
- end
18
-
19
- def self.required_files_message
20
- "Repo must contain a Cargo.toml."
21
- end
22
-
23
- private
24
-
25
- def fetch_files
26
- fetched_files = []
27
- fetched_files << cargo_toml
28
- fetched_files << cargo_lock if cargo_lock
29
- fetched_files << rust_toolchain if rust_toolchain
30
- fetched_files += workspace_files
31
- fetched_files += path_dependency_files
32
- fetched_files
33
- end
34
-
35
- def workspace_files
36
- @workspace_files ||=
37
- fetch_workspace_files(
38
- file: cargo_toml,
39
- previously_fetched_files: []
40
- )
41
- end
42
-
43
- def path_dependency_files
44
- @path_dependency_files ||=
45
- begin
46
- fetched_path_dependency_files = []
47
- [cargo_toml, *workspace_files].each do |file|
48
- fetched_path_dependency_files +=
49
- fetch_path_dependency_files(
50
- file: file,
51
- previously_fetched_files: [cargo_toml, *workspace_files] +
52
- fetched_path_dependency_files
53
- )
54
- end
55
-
56
- fetched_path_dependency_files
57
- end
58
- end
59
-
60
- def fetch_workspace_files(file:, previously_fetched_files:)
61
- current_dir = file.name.split("/")[0..-2].join("/")
62
- current_dir = nil if current_dir == ""
63
-
64
- workspace_dependency_paths_from_file(file).flat_map do |path|
65
- path = File.join(current_dir, path) unless current_dir.nil?
66
- path = Pathname.new(path).cleanpath.to_path
67
-
68
- next if previously_fetched_files.map(&:name).include?(path)
69
- next if file.name == path
70
-
71
- fetched_file = fetch_file_from_host(path)
72
- previously_fetched_files << fetched_file
73
- grandchild_requirement_files =
74
- fetch_workspace_files(
75
- file: fetched_file,
76
- previously_fetched_files: previously_fetched_files
77
- )
78
- [fetched_file, *grandchild_requirement_files]
79
- end.compact
80
- end
81
-
82
- def fetch_path_dependency_files(
83
- file:,
84
- previously_fetched_files:
85
- )
86
- current_dir = file.name.split("/")[0..-2].join("/")
87
- current_dir = nil if current_dir == ""
88
-
89
- path_dependency_paths_from_file(file).flat_map do |path|
90
- path = File.join(current_dir, path) unless current_dir.nil?
91
- path = Pathname.new(path).cleanpath.to_path
92
-
93
- next if previously_fetched_files.map(&:name).include?(path)
94
- next if file.name == path
95
-
96
- fetched_file = fetch_file_from_host(path, type: "path_dependency").
97
- tap { |f| f.support_file = true }
98
- previously_fetched_files << fetched_file
99
- grandchild_requirement_files =
100
- fetch_path_dependency_files(
101
- file: fetched_file,
102
- previously_fetched_files: previously_fetched_files
103
- )
104
- [fetched_file, *grandchild_requirement_files]
105
- rescue Dependabot::DependencyFileNotFound
106
- raise if required_path?(file, path)
107
- end.compact
108
- end
109
-
110
- def path_dependency_paths_from_file(file)
111
- paths = []
112
-
113
- # Paths specified in dependency declaration
114
- FileParsers::Rust::Cargo::DEPENDENCY_TYPES.each do |type|
115
- parsed_file(file).fetch(type, {}).each do |_, details|
116
- next unless details.is_a?(Hash)
117
- next unless details["path"]
118
-
119
- paths << File.join(details["path"], "Cargo.toml")
120
- end
121
- end
122
-
123
- # Paths specified for target-specific dependencies
124
- parsed_file(file).fetch("target", {}).each do |_, t_details|
125
- FileParsers::Rust::Cargo::DEPENDENCY_TYPES.each do |type|
126
- t_details.fetch(type, {}).each do |_, details|
127
- next unless details.is_a?(Hash)
128
- next unless details["path"]
129
-
130
- paths << File.join(details["path"], "Cargo.toml")
131
- end
132
- end
133
- end
134
-
135
- # Paths specified as replacements
136
- parsed_file(file).fetch("replace", {}).each do |_, details|
137
- next unless details.is_a?(Hash)
138
- next unless details["path"]
139
-
140
- paths << File.join(details["path"], "Cargo.toml")
141
- end
142
-
143
- paths
144
- end
145
-
146
- def workspace_dependency_paths_from_file(file)
147
- workspace_paths = parsed_file(file).dig("workspace", "members")
148
- return [] unless workspace_paths&.any?
149
-
150
- # Expand any workspace paths that specify a `*`
151
- workspace_paths = workspace_paths.flat_map do |path|
152
- path.end_with?("*") ? expand_workspaces(path) : [path]
153
- end
154
-
155
- # Excluded paths, to be subtracted for the workspaces array
156
- excluded_paths = parsed_file(file).dig("workspace", "excluded_paths")
157
-
158
- (workspace_paths - (excluded_paths || [])).map do |path|
159
- File.join(path, "Cargo.toml")
160
- end
161
- end
162
-
163
- # Check whether a path is required or not. It will not be required if
164
- # an alternative source (i.e., a git source) is also specified
165
- # rubocop:disable Metrics/AbcSize
166
- # rubocop:disable Metrics/CyclomaticComplexity
167
- # rubocop:disable Metrics/PerceivedComplexity
168
- def required_path?(file, path)
169
- # Paths specified in dependency declaration
170
- FileParsers::Rust::Cargo::DEPENDENCY_TYPES.each do |type|
171
- parsed_file(file).fetch(type, {}).each do |_, details|
172
- next unless details.is_a?(Hash)
173
- next unless details["path"]
174
- next unless path == File.join(details["path"], "Cargo.toml")
175
-
176
- return true if details["git"].nil?
177
- end
178
- end
179
-
180
- # Paths specified for target-specific dependencies
181
- parsed_file(file).fetch("target", {}).each do |_, t_details|
182
- FileParsers::Rust::Cargo::DEPENDENCY_TYPES.each do |type|
183
- t_details.fetch(type, {}).each do |_, details|
184
- next unless details.is_a?(Hash)
185
- next unless details["path"]
186
- next unless path == File.join(details["path"], "Cargo.toml")
187
-
188
- return true if details["git"].nil?
189
- end
190
- end
191
- end
192
-
193
- # Paths specified as replacements
194
- parsed_file(file).fetch("replace", {}).each do |_, details|
195
- next unless details.is_a?(Hash)
196
- next unless details["path"]
197
- next unless path == File.join(details["path"], "Cargo.toml")
198
-
199
- return true if details["git"].nil?
200
- end
201
-
202
- false
203
- end
204
- # rubocop:enable Metrics/AbcSize
205
- # rubocop:enable Metrics/CyclomaticComplexity
206
- # rubocop:enable Metrics/PerceivedComplexity
207
-
208
- def expand_workspaces(path)
209
- path = Pathname.new(path).cleanpath.to_path
210
- dir = directory.gsub(%r{(^/|/$)}, "")
211
- unglobbed_path = path.split("*").first.gsub(%r{(?<=/)[^/]*$}, "")
212
-
213
- repo_contents(dir: unglobbed_path, raise_errors: false).
214
- select { |file| file.type == "dir" }.
215
- map { |f| f.path.gsub(%r{^/?#{Regexp.escape(dir)}/?}, "") }.
216
- select { |filename| File.fnmatch?(path, filename) }
217
- end
218
-
219
- def parsed_file(file)
220
- TomlRB.parse(file.content)
221
- rescue TomlRB::ParseError
222
- raise Dependabot::DependencyFileNotParseable, file.path
223
- end
224
-
225
- def cargo_toml
226
- @cargo_toml ||= fetch_file_from_host("Cargo.toml")
227
- end
228
-
229
- def cargo_lock
230
- @cargo_lock ||= fetch_file_if_present("Cargo.lock")
231
- end
232
-
233
- def rust_toolchain
234
- @rust_toolchain ||= fetch_file_if_present("rust-toolchain")&.
235
- tap { |f| f.support_file = true }
236
- end
237
- end
238
- end
239
- end
240
- end