dependabot-core 0.87.10 → 0.87.11
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +6 -0
- data/helpers/php/bin/run.php +29 -2
- data/helpers/php/composer.lock +46 -41
- data/lib/dependabot/file_updaters/php/composer/lockfile_updater.rb +9 -4
- data/lib/dependabot/update_checkers/php/composer/version_resolver.rb +6 -0
- data/lib/dependabot/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 8b63632aba699f2ec833f56d9e3d9889f38cdd1c72e8366159999cf481bc24c2
|
4
|
+
data.tar.gz: 30710c01e8ff3c766adc54e107b81baf8d83b6c45c404af6be15044dad08b92c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 88fe738b7f0ab0be707524ed3dd5c6635c88227d608fc917a9e40cd005023abdf20074df9a1d29b9f3301154c8b3e433f1e19faa7d9d02c7a55aa15ec0cd580f
|
7
|
+
data.tar.gz: 991d97bbe9472d30f3fe0c88c8e16719f96ab3fc48ee21a89754f0f5779f374f38b903d8f8f5184bd884970e3a15ad89f6a37a90f50c7addc98f65a16546a73b
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,9 @@
|
|
1
|
+
## v0.87.11, 7 January 2019
|
2
|
+
|
3
|
+
- PHP: Cowardly ignore of stefandoorn/sitemap-plugin error we can't figure out
|
4
|
+
- PHP: Serve resolution error for non-https requests when they're disallowed
|
5
|
+
- PHP: Improve memory limit handling in PHP helper
|
6
|
+
|
1
7
|
## v0.87.10, 6 January 2019
|
2
8
|
|
3
9
|
- Better GitHub issue sanitization
|
data/helpers/php/bin/run.php
CHANGED
@@ -13,8 +13,35 @@ $request = json_decode(file_get_contents('php://stdin'), true);
|
|
13
13
|
// Increase the default memory limit. Calling `composer update` is otherwise
|
14
14
|
// vulnerable to scenarios where there are unconstrained versions, resulting in
|
15
15
|
// it checking huge numbers of dependency combinations and causing OOM issues.
|
16
|
-
|
17
|
-
|
16
|
+
// This logic is a duplicate of the logic found in Composer
|
17
|
+
$memoryInBytes = function ($value) {
|
18
|
+
$unit = strtolower(substr($value, -1, 1));
|
19
|
+
$value = (int) $value;
|
20
|
+
switch ($unit) {
|
21
|
+
case 'g':
|
22
|
+
$value *= 1024;
|
23
|
+
// no break (cumulative multiplier)
|
24
|
+
case 'm':
|
25
|
+
$value *= 1024;
|
26
|
+
// no break (cumulative multiplier)
|
27
|
+
case 'k':
|
28
|
+
$value *= 1024;
|
29
|
+
}
|
30
|
+
|
31
|
+
return $value;
|
32
|
+
};
|
33
|
+
|
34
|
+
$memoryLimit = trim(ini_get('memory_limit'));
|
35
|
+
// Increase memory_limit if it is lower than 1900MB
|
36
|
+
if ($memoryLimit != -1 && $memoryInBytes($memoryLimit) < 1024 * 1024 * 1900) {
|
37
|
+
ini_set('memory_limit', '1900M');
|
38
|
+
}
|
39
|
+
|
40
|
+
// Set user defined memory limit
|
41
|
+
if ($memoryLimit = getenv('COMPOSER_MEMORY_LIMIT')) {
|
42
|
+
ini_set('memory_limit', $memoryLimit);
|
43
|
+
}
|
44
|
+
unset($memoryInBytes, $memoryLimit);
|
18
45
|
|
19
46
|
date_default_timezone_set('Europe/London');
|
20
47
|
|
data/helpers/php/composer.lock
CHANGED
@@ -517,16 +517,16 @@
|
|
517
517
|
},
|
518
518
|
{
|
519
519
|
"name": "symfony/console",
|
520
|
-
"version": "v4.2.
|
520
|
+
"version": "v4.2.2",
|
521
521
|
"source": {
|
522
522
|
"type": "git",
|
523
523
|
"url": "https://github.com/symfony/console.git",
|
524
|
-
"reference": "
|
524
|
+
"reference": "b0a03c1bb0fcbe288629956cf2f1dd3f1dc97522"
|
525
525
|
},
|
526
526
|
"dist": {
|
527
527
|
"type": "zip",
|
528
|
-
"url": "https://api.github.com/repos/symfony/console/zipball/
|
529
|
-
"reference": "
|
528
|
+
"url": "https://api.github.com/repos/symfony/console/zipball/b0a03c1bb0fcbe288629956cf2f1dd3f1dc97522",
|
529
|
+
"reference": "b0a03c1bb0fcbe288629956cf2f1dd3f1dc97522",
|
530
530
|
"shasum": ""
|
531
531
|
},
|
532
532
|
"require": {
|
@@ -582,7 +582,7 @@
|
|
582
582
|
],
|
583
583
|
"description": "Symfony Console Component",
|
584
584
|
"homepage": "https://symfony.com",
|
585
|
-
"time": "
|
585
|
+
"time": "2019-01-04T15:13:53+00:00"
|
586
586
|
},
|
587
587
|
{
|
588
588
|
"name": "symfony/contracts",
|
@@ -654,16 +654,16 @@
|
|
654
654
|
},
|
655
655
|
{
|
656
656
|
"name": "symfony/filesystem",
|
657
|
-
"version": "v4.2.
|
657
|
+
"version": "v4.2.2",
|
658
658
|
"source": {
|
659
659
|
"type": "git",
|
660
660
|
"url": "https://github.com/symfony/filesystem.git",
|
661
|
-
"reference": "
|
661
|
+
"reference": "c2ffd9a93f2d6c5be2f68a0aa7953cc229f871f8"
|
662
662
|
},
|
663
663
|
"dist": {
|
664
664
|
"type": "zip",
|
665
|
-
"url": "https://api.github.com/repos/symfony/filesystem/zipball/
|
666
|
-
"reference": "
|
665
|
+
"url": "https://api.github.com/repos/symfony/filesystem/zipball/c2ffd9a93f2d6c5be2f68a0aa7953cc229f871f8",
|
666
|
+
"reference": "c2ffd9a93f2d6c5be2f68a0aa7953cc229f871f8",
|
667
667
|
"shasum": ""
|
668
668
|
},
|
669
669
|
"require": {
|
@@ -700,20 +700,20 @@
|
|
700
700
|
],
|
701
701
|
"description": "Symfony Filesystem Component",
|
702
702
|
"homepage": "https://symfony.com",
|
703
|
-
"time": "
|
703
|
+
"time": "2019-01-03T09:07:35+00:00"
|
704
704
|
},
|
705
705
|
{
|
706
706
|
"name": "symfony/finder",
|
707
|
-
"version": "v4.2.
|
707
|
+
"version": "v4.2.2",
|
708
708
|
"source": {
|
709
709
|
"type": "git",
|
710
710
|
"url": "https://github.com/symfony/finder.git",
|
711
|
-
"reference": "
|
711
|
+
"reference": "9094d69e8c6ee3fe186a0ec5a4f1401e506071ce"
|
712
712
|
},
|
713
713
|
"dist": {
|
714
714
|
"type": "zip",
|
715
|
-
"url": "https://api.github.com/repos/symfony/finder/zipball/
|
716
|
-
"reference": "
|
715
|
+
"url": "https://api.github.com/repos/symfony/finder/zipball/9094d69e8c6ee3fe186a0ec5a4f1401e506071ce",
|
716
|
+
"reference": "9094d69e8c6ee3fe186a0ec5a4f1401e506071ce",
|
717
717
|
"shasum": ""
|
718
718
|
},
|
719
719
|
"require": {
|
@@ -749,7 +749,7 @@
|
|
749
749
|
],
|
750
750
|
"description": "Symfony Finder Component",
|
751
751
|
"homepage": "https://symfony.com",
|
752
|
-
"time": "
|
752
|
+
"time": "2019-01-03T09:07:35+00:00"
|
753
753
|
},
|
754
754
|
{
|
755
755
|
"name": "symfony/polyfill-ctype",
|
@@ -870,16 +870,16 @@
|
|
870
870
|
},
|
871
871
|
{
|
872
872
|
"name": "symfony/process",
|
873
|
-
"version": "v4.2.
|
873
|
+
"version": "v4.2.2",
|
874
874
|
"source": {
|
875
875
|
"type": "git",
|
876
876
|
"url": "https://github.com/symfony/process.git",
|
877
|
-
"reference": "
|
877
|
+
"reference": "ea043ab5d8ed13b467a9087d81cb876aee7f689a"
|
878
878
|
},
|
879
879
|
"dist": {
|
880
880
|
"type": "zip",
|
881
|
-
"url": "https://api.github.com/repos/symfony/process/zipball/
|
882
|
-
"reference": "
|
881
|
+
"url": "https://api.github.com/repos/symfony/process/zipball/ea043ab5d8ed13b467a9087d81cb876aee7f689a",
|
882
|
+
"reference": "ea043ab5d8ed13b467a9087d81cb876aee7f689a",
|
883
883
|
"shasum": ""
|
884
884
|
},
|
885
885
|
"require": {
|
@@ -915,7 +915,7 @@
|
|
915
915
|
],
|
916
916
|
"description": "Symfony Process Component",
|
917
917
|
"homepage": "https://symfony.com",
|
918
|
-
"time": "
|
918
|
+
"time": "2019-01-03T14:48:52+00:00"
|
919
919
|
}
|
920
920
|
],
|
921
921
|
"packages-dev": [
|
@@ -1043,16 +1043,16 @@
|
|
1043
1043
|
},
|
1044
1044
|
{
|
1045
1045
|
"name": "friendsofphp/php-cs-fixer",
|
1046
|
-
"version": "v2.
|
1046
|
+
"version": "v2.14.0",
|
1047
1047
|
"source": {
|
1048
1048
|
"type": "git",
|
1049
1049
|
"url": "https://github.com/FriendsOfPHP/PHP-CS-Fixer.git",
|
1050
|
-
"reference": "
|
1050
|
+
"reference": "b788ea0af899cedc8114dca7db119c93b6685da2"
|
1051
1051
|
},
|
1052
1052
|
"dist": {
|
1053
1053
|
"type": "zip",
|
1054
|
-
"url": "https://api.github.com/repos/FriendsOfPHP/PHP-CS-Fixer/zipball/
|
1055
|
-
"reference": "
|
1054
|
+
"url": "https://api.github.com/repos/FriendsOfPHP/PHP-CS-Fixer/zipball/b788ea0af899cedc8114dca7db119c93b6685da2",
|
1055
|
+
"reference": "b788ea0af899cedc8114dca7db119c93b6685da2",
|
1056
1056
|
"shasum": ""
|
1057
1057
|
},
|
1058
1058
|
"require": {
|
@@ -1061,7 +1061,7 @@
|
|
1061
1061
|
"doctrine/annotations": "^1.2",
|
1062
1062
|
"ext-json": "*",
|
1063
1063
|
"ext-tokenizer": "*",
|
1064
|
-
"php": "^5.6 ||
|
1064
|
+
"php": "^5.6 || ^7.0",
|
1065
1065
|
"php-cs-fixer/diff": "^1.3",
|
1066
1066
|
"symfony/console": "^3.4.17 || ^4.1.6",
|
1067
1067
|
"symfony/event-dispatcher": "^3.0 || ^4.0",
|
@@ -1099,6 +1099,11 @@
|
|
1099
1099
|
"php-cs-fixer"
|
1100
1100
|
],
|
1101
1101
|
"type": "application",
|
1102
|
+
"extra": {
|
1103
|
+
"branch-alias": {
|
1104
|
+
"dev-master": "2.14-dev"
|
1105
|
+
}
|
1106
|
+
},
|
1102
1107
|
"autoload": {
|
1103
1108
|
"psr-4": {
|
1104
1109
|
"PhpCsFixer\\": "src/"
|
@@ -1130,7 +1135,7 @@
|
|
1130
1135
|
}
|
1131
1136
|
],
|
1132
1137
|
"description": "A tool to automatically fix PHP code style",
|
1133
|
-
"time": "2019-01-04T18:
|
1138
|
+
"time": "2019-01-04T18:29:47+00:00"
|
1134
1139
|
},
|
1135
1140
|
{
|
1136
1141
|
"name": "paragonie/random_compat",
|
@@ -1230,16 +1235,16 @@
|
|
1230
1235
|
},
|
1231
1236
|
{
|
1232
1237
|
"name": "symfony/event-dispatcher",
|
1233
|
-
"version": "v4.2.
|
1238
|
+
"version": "v4.2.2",
|
1234
1239
|
"source": {
|
1235
1240
|
"type": "git",
|
1236
1241
|
"url": "https://github.com/symfony/event-dispatcher.git",
|
1237
|
-
"reference": "
|
1242
|
+
"reference": "887de6d34c86cf0cb6cbf910afb170cdb743cb5e"
|
1238
1243
|
},
|
1239
1244
|
"dist": {
|
1240
1245
|
"type": "zip",
|
1241
|
-
"url": "https://api.github.com/repos/symfony/event-dispatcher/zipball/
|
1242
|
-
"reference": "
|
1246
|
+
"url": "https://api.github.com/repos/symfony/event-dispatcher/zipball/887de6d34c86cf0cb6cbf910afb170cdb743cb5e",
|
1247
|
+
"reference": "887de6d34c86cf0cb6cbf910afb170cdb743cb5e",
|
1243
1248
|
"shasum": ""
|
1244
1249
|
},
|
1245
1250
|
"require": {
|
@@ -1290,20 +1295,20 @@
|
|
1290
1295
|
],
|
1291
1296
|
"description": "Symfony EventDispatcher Component",
|
1292
1297
|
"homepage": "https://symfony.com",
|
1293
|
-
"time": "
|
1298
|
+
"time": "2019-01-05T16:37:49+00:00"
|
1294
1299
|
},
|
1295
1300
|
{
|
1296
1301
|
"name": "symfony/options-resolver",
|
1297
|
-
"version": "v4.2.
|
1302
|
+
"version": "v4.2.2",
|
1298
1303
|
"source": {
|
1299
1304
|
"type": "git",
|
1300
1305
|
"url": "https://github.com/symfony/options-resolver.git",
|
1301
|
-
"reference": "
|
1306
|
+
"reference": "fbcb106aeee72f3450298bf73324d2cc00d083d1"
|
1302
1307
|
},
|
1303
1308
|
"dist": {
|
1304
1309
|
"type": "zip",
|
1305
|
-
"url": "https://api.github.com/repos/symfony/options-resolver/zipball/
|
1306
|
-
"reference": "
|
1310
|
+
"url": "https://api.github.com/repos/symfony/options-resolver/zipball/fbcb106aeee72f3450298bf73324d2cc00d083d1",
|
1311
|
+
"reference": "fbcb106aeee72f3450298bf73324d2cc00d083d1",
|
1307
1312
|
"shasum": ""
|
1308
1313
|
},
|
1309
1314
|
"require": {
|
@@ -1344,7 +1349,7 @@
|
|
1344
1349
|
"configuration",
|
1345
1350
|
"options"
|
1346
1351
|
],
|
1347
|
-
"time": "
|
1352
|
+
"time": "2019-01-03T09:07:35+00:00"
|
1348
1353
|
},
|
1349
1354
|
{
|
1350
1355
|
"name": "symfony/polyfill-php70",
|
@@ -1462,16 +1467,16 @@
|
|
1462
1467
|
},
|
1463
1468
|
{
|
1464
1469
|
"name": "symfony/stopwatch",
|
1465
|
-
"version": "v4.2.
|
1470
|
+
"version": "v4.2.2",
|
1466
1471
|
"source": {
|
1467
1472
|
"type": "git",
|
1468
1473
|
"url": "https://github.com/symfony/stopwatch.git",
|
1469
|
-
"reference": "
|
1474
|
+
"reference": "af62b35760fc92c8dbdce659b4eebdfe0e6a0472"
|
1470
1475
|
},
|
1471
1476
|
"dist": {
|
1472
1477
|
"type": "zip",
|
1473
|
-
"url": "https://api.github.com/repos/symfony/stopwatch/zipball/
|
1474
|
-
"reference": "
|
1478
|
+
"url": "https://api.github.com/repos/symfony/stopwatch/zipball/af62b35760fc92c8dbdce659b4eebdfe0e6a0472",
|
1479
|
+
"reference": "af62b35760fc92c8dbdce659b4eebdfe0e6a0472",
|
1475
1480
|
"shasum": ""
|
1476
1481
|
},
|
1477
1482
|
"require": {
|
@@ -1508,7 +1513,7 @@
|
|
1508
1513
|
],
|
1509
1514
|
"description": "Symfony Stopwatch Component",
|
1510
1515
|
"homepage": "https://symfony.com",
|
1511
|
-
"time": "
|
1516
|
+
"time": "2019-01-03T09:07:35+00:00"
|
1512
1517
|
}
|
1513
1518
|
],
|
1514
1519
|
"aliases": [],
|
@@ -85,21 +85,24 @@ module Dependabot
|
|
85
85
|
named_captures.fetch("url")
|
86
86
|
raise GitDependenciesNotReachable, dependency_url
|
87
87
|
end
|
88
|
+
|
88
89
|
if error.message.start_with?("Failed to clone")
|
89
90
|
dependency_url =
|
90
91
|
error.message.match(/Failed to clone (?<url>.*?) via/).
|
91
92
|
named_captures.fetch("url")
|
92
93
|
raise GitDependenciesNotReachable, dependency_url
|
93
94
|
end
|
95
|
+
|
94
96
|
if error.message.start_with?("Could not find a key for ACF PRO")
|
95
97
|
raise MissingEnvironmentVariable, "ACF_PRO_KEY"
|
96
98
|
end
|
97
|
-
|
98
|
-
|
99
|
-
|
100
|
-
|
99
|
+
|
100
|
+
if error.message.start_with?("Unknown downloader type: npm-sign") ||
|
101
|
+
error.message.include?("file could not be downloaded") ||
|
102
|
+
error.message.include?("configuration does not allow connect")
|
101
103
|
raise DependencyFileNotResolvable, error.message
|
102
104
|
end
|
105
|
+
|
103
106
|
if error.message.start_with?("Allowed memory size")
|
104
107
|
raise Dependabot::OutOfMemory
|
105
108
|
end
|
@@ -109,12 +112,14 @@ module Dependabot
|
|
109
112
|
named_captures.fetch("source")
|
110
113
|
raise PrivateSourceAuthenticationFailure, source
|
111
114
|
end
|
115
|
+
|
112
116
|
if error.message.include?("Argument 1 passed to Composer")
|
113
117
|
msg = "One of your Composer plugins is not compatible with the "\
|
114
118
|
"latest version of Composer. Please update Composer and "\
|
115
119
|
"try running `composer update` to debug further."
|
116
120
|
raise DependencyFileNotResolvable, msg
|
117
121
|
end
|
122
|
+
|
118
123
|
raise error
|
119
124
|
end
|
120
125
|
# rubocop:enable Metrics/PerceivedComplexity
|
@@ -165,6 +165,12 @@ module Dependabot
|
|
165
165
|
# dependency is no longer required and is just cruft in the
|
166
166
|
# composer.json. In this case we just ignore the dependency.
|
167
167
|
nil
|
168
|
+
elsif error.message.include?("stefandoorn/sitemap-plugin-1.0.0.0")
|
169
|
+
# We get a recurring error when attempting to update this repo
|
170
|
+
# which doesn't recur locally and we can't figure out how to fix!
|
171
|
+
#
|
172
|
+
# Package is not installed: stefandoorn/sitemap-plugin-1.0.0.0
|
173
|
+
nil
|
168
174
|
else
|
169
175
|
raise error
|
170
176
|
end
|
data/lib/dependabot/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-core
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.87.
|
4
|
+
version: 0.87.11
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-01-
|
11
|
+
date: 2019-01-07 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-ecr
|