dependabot-core 0.87.15 → 0.88.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (33) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +4 -0
  3. data/lib/dependabot/file_fetchers.rb +0 -2
  4. data/lib/dependabot/file_parsers.rb +0 -2
  5. data/lib/dependabot/file_updaters.rb +0 -2
  6. data/lib/dependabot/metadata_finders.rb +0 -2
  7. data/lib/dependabot/pull_request_creator/message_builder.rb +1 -1
  8. data/lib/dependabot/update_checkers.rb +0 -2
  9. data/lib/dependabot/update_checkers/php/composer/version_resolver.rb +3 -2
  10. data/lib/dependabot/utils.rb +0 -4
  11. data/lib/dependabot/version.rb +1 -1
  12. metadata +1 -22
  13. data/helpers/elixir/bin/check_update.exs +0 -92
  14. data/helpers/elixir/bin/do_update.exs +0 -39
  15. data/helpers/elixir/bin/parse_deps.exs +0 -103
  16. data/helpers/elixir/bin/run.exs +0 -76
  17. data/helpers/elixir/mix.exs +0 -21
  18. data/helpers/elixir/mix.lock +0 -3
  19. data/lib/dependabot/file_fetchers/elixir/hex.rb +0 -78
  20. data/lib/dependabot/file_parsers/elixir/hex.rb +0 -134
  21. data/lib/dependabot/file_updaters/elixir/hex.rb +0 -71
  22. data/lib/dependabot/file_updaters/elixir/hex/lockfile_updater.rb +0 -147
  23. data/lib/dependabot/file_updaters/elixir/hex/mixfile_git_pin_updater.rb +0 -53
  24. data/lib/dependabot/file_updaters/elixir/hex/mixfile_requirement_updater.rb +0 -74
  25. data/lib/dependabot/file_updaters/elixir/hex/mixfile_sanitizer.rb +0 -28
  26. data/lib/dependabot/file_updaters/elixir/hex/mixfile_updater.rb +0 -98
  27. data/lib/dependabot/metadata_finders/elixir/hex.rb +0 -69
  28. data/lib/dependabot/update_checkers/elixir/hex.rb +0 -274
  29. data/lib/dependabot/update_checkers/elixir/hex/file_preparer.rb +0 -193
  30. data/lib/dependabot/update_checkers/elixir/hex/requirements_updater.rb +0 -177
  31. data/lib/dependabot/update_checkers/elixir/hex/version_resolver.rb +0 -175
  32. data/lib/dependabot/utils/elixir/requirement.rb +0 -54
  33. data/lib/dependabot/utils/elixir/version.rb +0 -66
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 1950a22635494df74d9d7feb1a356bea48c55442268df6f1d4e67feeb2fbcade
4
- data.tar.gz: 387f83467e7c211e574bc645953524feb193c8c499a6b9bae119fdb39ac359c4
3
+ metadata.gz: 5baac5ebf6cb593e43f66de38fbab67da68f55f771a576cdec418db8f71f2722
4
+ data.tar.gz: a72cb17501ab4a87a3c240684d62c224dcf1537aa8331585867d2f41440a0f21
5
5
  SHA512:
6
- metadata.gz: 9804285a480248a096eac01eda499bebec6e3b354151a89a5d43560f593d9fc60fedb2ce323f18a66a44aa02250b02492584f5f8ebe57ffad8d9206297acfa6b
7
- data.tar.gz: 217717f78a08cce674844c954acdf206ec33409470ee92c9edb817c28f5611307cd1c96bd17504a3d0607c29ab83906e1f728a6b8ab15df079b65906d32eb8e8
6
+ metadata.gz: 2c0fe474ca371161091421f0f903b9765eb2c9f992f52397687520a48b75aac41b0500145c1d4ec29e15dc905ff245606b5f856efc1b5a6f96c3261392bb1d51
7
+ data.tar.gz: ec89afa574296a90926ca749556abb99f68be8b814c1ae5c7fc879afb55f8a08f810eeeabe5f1e514291eb557b6c23dcc24a0385b82227de4958823fa76b7b5a
@@ -1,3 +1,7 @@
1
+ ## v0.88.0, 9 January 2019
2
+
3
+ - Elixir reorg
4
+
1
5
  ## v0.87.15, 9 January 2019
2
6
 
3
7
  - PHP: Raise resolvability issue when working with local VCS errors
@@ -3,7 +3,6 @@
3
3
  require "dependabot/file_fetchers/ruby/bundler"
4
4
  require "dependabot/file_fetchers/java_script/npm_and_yarn"
5
5
  require "dependabot/file_fetchers/php/composer"
6
- require "dependabot/file_fetchers/elixir/hex"
7
6
  require "dependabot/file_fetchers/go/dep"
8
7
 
9
8
  module Dependabot
@@ -12,7 +11,6 @@ module Dependabot
12
11
  "bundler" => FileFetchers::Ruby::Bundler,
13
12
  "npm_and_yarn" => FileFetchers::JavaScript::NpmAndYarn,
14
13
  "composer" => FileFetchers::Php::Composer,
15
- "hex" => FileFetchers::Elixir::Hex,
16
14
  "dep" => FileFetchers::Go::Dep
17
15
  }
18
16
 
@@ -3,7 +3,6 @@
3
3
  require "dependabot/file_parsers/ruby/bundler"
4
4
  require "dependabot/file_parsers/java_script/npm_and_yarn"
5
5
  require "dependabot/file_parsers/php/composer"
6
- require "dependabot/file_parsers/elixir/hex"
7
6
  require "dependabot/file_parsers/go/dep"
8
7
 
9
8
  module Dependabot
@@ -12,7 +11,6 @@ module Dependabot
12
11
  "bundler" => FileParsers::Ruby::Bundler,
13
12
  "npm_and_yarn" => FileParsers::JavaScript::NpmAndYarn,
14
13
  "composer" => FileParsers::Php::Composer,
15
- "hex" => FileParsers::Elixir::Hex,
16
14
  "dep" => FileParsers::Go::Dep
17
15
  }
18
16
 
@@ -3,7 +3,6 @@
3
3
  require "dependabot/file_updaters/ruby/bundler"
4
4
  require "dependabot/file_updaters/java_script/npm_and_yarn"
5
5
  require "dependabot/file_updaters/php/composer"
6
- require "dependabot/file_updaters/elixir/hex"
7
6
  require "dependabot/file_updaters/go/dep"
8
7
 
9
8
  module Dependabot
@@ -12,7 +11,6 @@ module Dependabot
12
11
  "bundler" => FileUpdaters::Ruby::Bundler,
13
12
  "npm_and_yarn" => FileUpdaters::JavaScript::NpmAndYarn,
14
13
  "composer" => FileUpdaters::Php::Composer,
15
- "hex" => FileUpdaters::Elixir::Hex,
16
14
  "dep" => FileUpdaters::Go::Dep
17
15
  }
18
16
 
@@ -3,7 +3,6 @@
3
3
  require "dependabot/metadata_finders/ruby/bundler"
4
4
  require "dependabot/metadata_finders/java_script/npm_and_yarn"
5
5
  require "dependabot/metadata_finders/php/composer"
6
- require "dependabot/metadata_finders/elixir/hex"
7
6
  require "dependabot/metadata_finders/go/dep"
8
7
 
9
8
  module Dependabot
@@ -12,7 +11,6 @@ module Dependabot
12
11
  "bundler" => MetadataFinders::Ruby::Bundler,
13
12
  "npm_and_yarn" => MetadataFinders::JavaScript::NpmAndYarn,
14
13
  "composer" => MetadataFinders::Php::Composer,
15
- "hex" => MetadataFinders::Elixir::Hex,
16
14
  "dep" => MetadataFinders::Go::Dep
17
15
  }
18
16
 
@@ -523,7 +523,7 @@ module Dependabot
523
523
 
524
524
  def truncated_line
525
525
  # Tables can spill out of truncated details, so we close them
526
- "></table> ... (truncated)\n"
526
+ "></tr></table> ... (truncated)\n"
527
527
  end
528
528
 
529
529
  def releases_url(dependency)
@@ -3,7 +3,6 @@
3
3
  require "dependabot/update_checkers/ruby/bundler"
4
4
  require "dependabot/update_checkers/java_script/npm_and_yarn"
5
5
  require "dependabot/update_checkers/php/composer"
6
- require "dependabot/update_checkers/elixir/hex"
7
6
  require "dependabot/update_checkers/go/dep"
8
7
 
9
8
  module Dependabot
@@ -12,7 +11,6 @@ module Dependabot
12
11
  "bundler" => UpdateCheckers::Ruby::Bundler,
13
12
  "npm_and_yarn" => UpdateCheckers::JavaScript::NpmAndYarn,
14
13
  "composer" => UpdateCheckers::Php::Composer,
15
- "hex" => UpdateCheckers::Elixir::Hex,
16
14
  "dep" => UpdateCheckers::Go::Dep
17
15
  }
18
16
 
@@ -129,8 +129,9 @@ module Dependabot
129
129
  elsif error.message.include?("requested PHP extension")
130
130
  extensions = error.message.scan(/\sext\-.*?\s/).map(&:strip).uniq
131
131
  msg = "Dependabot's installed extensions didn't match those "\
132
- "required by your application. Please add the following "\
133
- "extensions to the platform config in your composer.json: "\
132
+ "required by your application.\n\n"\
133
+ "Please add the following extensions to the platform "\
134
+ "config in your composer.json to allow Dependabot to run: "\
134
135
  "#{extensions.join(', ')}.\n\n"\
135
136
  "The full error raised was:\n\n#{error.message}"
136
137
  raise Dependabot::DependencyFileNotResolvable, msg
@@ -1,11 +1,9 @@
1
1
  # frozen_string_literal: true
2
2
 
3
- require "dependabot/utils/elixir/version"
4
3
  require "dependabot/utils/java_script/version"
5
4
  require "dependabot/utils/php/version"
6
5
  require "dependabot/utils/go/version"
7
6
 
8
- require "dependabot/utils/elixir/requirement"
9
7
  require "dependabot/utils/java_script/requirement"
10
8
  require "dependabot/utils/php/requirement"
11
9
  require "dependabot/utils/ruby/requirement"
@@ -21,7 +19,6 @@ module Dependabot
21
19
  "docker" => Gem::Version,
22
20
  "npm_and_yarn" => Utils::JavaScript::Version,
23
21
  "composer" => Utils::Php::Version,
24
- "hex" => Utils::Elixir::Version,
25
22
  "dep" => Utils::Go::Version
26
23
  }
27
24
 
@@ -42,7 +39,6 @@ module Dependabot
42
39
  "docker" => Utils::Ruby::Requirement,
43
40
  "npm_and_yarn" => Utils::JavaScript::Requirement,
44
41
  "composer" => Utils::Php::Requirement,
45
- "hex" => Utils::Elixir::Requirement,
46
42
  "dep" => Utils::Go::Requirement
47
43
  }
48
44
 
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Dependabot
4
- VERSION = "0.87.15"
4
+ VERSION = "0.88.0"
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-core
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.87.15
4
+ version: 0.88.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
@@ -298,12 +298,6 @@ files:
298
298
  - CHANGELOG.md
299
299
  - LICENSE
300
300
  - README.md
301
- - helpers/elixir/bin/check_update.exs
302
- - helpers/elixir/bin/do_update.exs
303
- - helpers/elixir/bin/parse_deps.exs
304
- - helpers/elixir/bin/run.exs
305
- - helpers/elixir/mix.exs
306
- - helpers/elixir/mix.lock
307
301
  - helpers/go/Makefile
308
302
  - helpers/go/go.mod
309
303
  - helpers/go/go.sum
@@ -371,7 +365,6 @@ files:
371
365
  - lib/dependabot/file_fetchers.rb
372
366
  - lib/dependabot/file_fetchers/README.md
373
367
  - lib/dependabot/file_fetchers/base.rb
374
- - lib/dependabot/file_fetchers/elixir/hex.rb
375
368
  - lib/dependabot/file_fetchers/go/dep.rb
376
369
  - lib/dependabot/file_fetchers/java_script/npm_and_yarn.rb
377
370
  - lib/dependabot/file_fetchers/java_script/npm_and_yarn/path_dependency_builder.rb
@@ -384,7 +377,6 @@ files:
384
377
  - lib/dependabot/file_parsers/README.md
385
378
  - lib/dependabot/file_parsers/base.rb
386
379
  - lib/dependabot/file_parsers/base/dependency_set.rb
387
- - lib/dependabot/file_parsers/elixir/hex.rb
388
380
  - lib/dependabot/file_parsers/go/dep.rb
389
381
  - lib/dependabot/file_parsers/java_script/npm_and_yarn.rb
390
382
  - lib/dependabot/file_parsers/php/composer.rb
@@ -394,12 +386,6 @@ files:
394
386
  - lib/dependabot/file_updaters.rb
395
387
  - lib/dependabot/file_updaters/README.md
396
388
  - lib/dependabot/file_updaters/base.rb
397
- - lib/dependabot/file_updaters/elixir/hex.rb
398
- - lib/dependabot/file_updaters/elixir/hex/lockfile_updater.rb
399
- - lib/dependabot/file_updaters/elixir/hex/mixfile_git_pin_updater.rb
400
- - lib/dependabot/file_updaters/elixir/hex/mixfile_requirement_updater.rb
401
- - lib/dependabot/file_updaters/elixir/hex/mixfile_sanitizer.rb
402
- - lib/dependabot/file_updaters/elixir/hex/mixfile_updater.rb
403
389
  - lib/dependabot/file_updaters/go/dep.rb
404
390
  - lib/dependabot/file_updaters/go/dep/lockfile_updater.rb
405
391
  - lib/dependabot/file_updaters/go/dep/manifest_updater.rb
@@ -429,7 +415,6 @@ files:
429
415
  - lib/dependabot/metadata_finders/base/changelog_pruner.rb
430
416
  - lib/dependabot/metadata_finders/base/commits_finder.rb
431
417
  - lib/dependabot/metadata_finders/base/release_finder.rb
432
- - lib/dependabot/metadata_finders/elixir/hex.rb
433
418
  - lib/dependabot/metadata_finders/go/dep.rb
434
419
  - lib/dependabot/metadata_finders/java_script/npm_and_yarn.rb
435
420
  - lib/dependabot/metadata_finders/php/composer.rb
@@ -448,10 +433,6 @@ files:
448
433
  - lib/dependabot/update_checkers.rb
449
434
  - lib/dependabot/update_checkers/README.md
450
435
  - lib/dependabot/update_checkers/base.rb
451
- - lib/dependabot/update_checkers/elixir/hex.rb
452
- - lib/dependabot/update_checkers/elixir/hex/file_preparer.rb
453
- - lib/dependabot/update_checkers/elixir/hex/requirements_updater.rb
454
- - lib/dependabot/update_checkers/elixir/hex/version_resolver.rb
455
436
  - lib/dependabot/update_checkers/go/dep.rb
456
437
  - lib/dependabot/update_checkers/go/dep/file_preparer.rb
457
438
  - lib/dependabot/update_checkers/go/dep/latest_version_finder.rb
@@ -476,8 +457,6 @@ files:
476
457
  - lib/dependabot/update_checkers/ruby/bundler/shared_bundler_helpers.rb
477
458
  - lib/dependabot/update_checkers/ruby/bundler/version_resolver.rb
478
459
  - lib/dependabot/utils.rb
479
- - lib/dependabot/utils/elixir/requirement.rb
480
- - lib/dependabot/utils/elixir/version.rb
481
460
  - lib/dependabot/utils/go/path_converter.rb
482
461
  - lib/dependabot/utils/go/requirement.rb
483
462
  - lib/dependabot/utils/go/shared_helper.rb
@@ -1,92 +0,0 @@
1
- defmodule UpdateChecker do
2
- def run(dependency_name, credentials) do
3
- set_credentials(credentials)
4
-
5
- # Update the lockfile in a session that we can time out
6
- task = Task.async(fn -> do_resolution(dependency_name) end)
7
- case Task.yield(task, 30000) || Task.shutdown(task) do
8
- {:ok, {:ok, :resolution_successful}} ->
9
- # Read the new lock
10
- {updated_lock, _updated_rest_lock} =
11
- Map.split(Mix.Dep.Lock.read(), [String.to_atom(dependency_name)])
12
-
13
- # Get the new dependency version
14
- version =
15
- updated_lock
16
- |> Map.get(String.to_atom(dependency_name))
17
- |> elem(2)
18
- {:ok, version}
19
-
20
- {:ok, {:error, error}} -> {:error, error}
21
-
22
- nil -> {:error, :dependency_resolution_timed_out}
23
-
24
- {:exit, reason} -> {:error, reason}
25
- end
26
- end
27
-
28
- defp set_credentials(credentials) do
29
- credentials
30
- |> Enum.reduce([], fn cred, acc ->
31
- if List.last(acc) == nil || List.last(acc)[:token] do
32
- List.insert_at(acc, -1, %{organization: cred})
33
- else
34
- {item, acc} = List.pop_at(acc, -1)
35
- item = Map.put(item, :token, cred)
36
- List.insert_at(acc, -1, item)
37
- end
38
- end)
39
- |> Enum.each(fn cred ->
40
- hexpm = Hex.Repo.get_repo("hexpm")
41
-
42
- repo = %{
43
- url: hexpm.url <> "/repos/#{cred.organization}",
44
- public_key: nil,
45
- auth_key: cred.token
46
- }
47
-
48
- Hex.Config.read()
49
- |> Hex.Config.read_repos()
50
- |> Map.put("hexpm:#{cred.organization}", repo)
51
- |> Hex.Config.update_repos()
52
- end)
53
- end
54
-
55
- defp do_resolution(dependency_name) do
56
- # Fetch dependencies that needs updating
57
- {dependency_lock, rest_lock} =
58
- Map.split(Mix.Dep.Lock.read(), [String.to_atom(dependency_name)])
59
-
60
- try do
61
- Mix.Dep.Fetcher.by_name([dependency_name], dependency_lock, rest_lock, [])
62
- {:ok, :resolution_successful}
63
- rescue
64
- error -> {:error, error}
65
- end
66
- end
67
- end
68
-
69
- [dependency_name | credentials] = System.argv()
70
-
71
-
72
- case UpdateChecker.run(dependency_name, credentials) do
73
- {:ok, version} ->
74
- version = :erlang.term_to_binary({:ok, version})
75
- IO.write(:stdio, version)
76
-
77
- {:error, %Hex.Version.InvalidRequirementError{} = error} ->
78
- result = :erlang.term_to_binary({:error, "Invalid requirement: #{error.requirement}"})
79
- IO.write(:stdio, result)
80
-
81
- {:error, %Mix.Error{} = error} ->
82
- result = :erlang.term_to_binary({:error, "Dependency resolution failed: #{error.message}"})
83
- IO.write(:stdio, result)
84
-
85
- {:error, :dependency_resolution_timed_out} ->
86
- # We do nothing here because Hex is already printing out a message in stdout
87
- nil
88
-
89
- {:error, error} ->
90
- result = :erlang.term_to_binary({:error, "Unknown error in check_update: #{inspect(error)}"})
91
- IO.write(:stdio, result)
92
- end
@@ -1,39 +0,0 @@
1
- [dependency_name | credentials] = System.argv()
2
-
3
- grouped_creds = Enum.reduce credentials, [], fn cred, acc ->
4
- if List.last(acc) == nil || List.last(acc)[:token] do
5
- List.insert_at(acc, -1, %{ organization: cred })
6
- else
7
- { item, acc } = List.pop_at(acc, -1)
8
- item = Map.put(item, :token, cred)
9
- List.insert_at(acc, -1, item)
10
- end
11
- end
12
-
13
- Enum.each grouped_creds, fn cred ->
14
- hexpm = Hex.Repo.get_repo("hexpm")
15
- repo = %{
16
- url: hexpm.url <> "/repos/#{cred.organization}",
17
- public_key: nil,
18
- auth_key: cred.token
19
- }
20
-
21
- Hex.Config.read()
22
- |> Hex.Config.read_repos()
23
- |> Map.put("hexpm:#{cred.organization}", repo)
24
- |> Hex.Config.update_repos()
25
- end
26
-
27
- # dependency atom
28
- dependency = String.to_atom(dependency_name)
29
-
30
- # Fetch dependencies that needs updating
31
- {dependency_lock, rest_lock} = Map.split(Mix.Dep.Lock.read(), [dependency])
32
- Mix.Dep.Fetcher.by_name([dependency_name], dependency_lock, rest_lock, [])
33
-
34
- lockfile_content =
35
- "mix.lock"
36
- |> File.read()
37
- |> :erlang.term_to_binary()
38
-
39
- IO.write(:stdio, lockfile_content)
@@ -1,103 +0,0 @@
1
- defmodule Parser do
2
- def run do
3
- Mix.Dep.load_on_environment([])
4
- |> Enum.flat_map(&parse_dep/1)
5
- |> Enum.map(&build_dependency(&1.opts[:lock], &1))
6
- end
7
-
8
- defp build_dependency(nil, dep) do
9
- %{
10
- name: dep.app,
11
- from: Path.relative_to_cwd(dep.from),
12
- groups: [],
13
- requirement: normalise_requirement(dep.requirement),
14
- top_level: dep.top_level || umbrella_top_level_dep?(dep)
15
- }
16
- end
17
-
18
- defp build_dependency(lock, dep) do
19
- {version, checksum, source} = parse_lock(lock)
20
- groups = parse_groups(dep.opts[:only])
21
-
22
- %{
23
- name: dep.app,
24
- from: Path.relative_to_cwd(dep.from),
25
- version: version,
26
- groups: groups,
27
- checksum: checksum,
28
- requirement: normalise_requirement(dep.requirement),
29
- source: source,
30
- top_level: dep.top_level || umbrella_top_level_dep?(dep)
31
- }
32
- end
33
-
34
- defp parse_groups(nil), do: []
35
- defp parse_groups(only) when is_list(only), do: only
36
- defp parse_groups(only), do: [only]
37
-
38
- # path dependency
39
- defp parse_dep(%{scm: Mix.SCM.Path, opts: opts} = dep) do
40
- cond do
41
- # umbrella dependency - ignore
42
- opts[:in_umbrella] ->
43
- []
44
-
45
- # umbrella application
46
- opts[:from_umbrella] ->
47
- Enum.reject(dep.deps, fn dep -> dep.opts[:in_umbrella] end)
48
-
49
- true ->
50
- []
51
- end
52
- end
53
-
54
- # hex, git dependency
55
- defp parse_dep(%{scm: scm} = dep) when scm in [Hex.SCM, Mix.SCM.Git], do: [dep]
56
-
57
- # unsupported
58
- defp parse_dep(_dep), do: []
59
-
60
- defp umbrella_top_level_dep?(dep) do
61
- if Mix.Project.umbrella?() do
62
- apps_paths = Path.expand(Mix.Project.config()[:apps_path], File.cwd!())
63
- String.contains?(Path.dirname(Path.dirname(dep.from)), apps_paths)
64
- else
65
- false
66
- end
67
- end
68
-
69
- defp parse_lock({:git, repo_url, checksum, opts}),
70
- do: {nil, checksum, git_source(repo_url, opts)}
71
-
72
- defp parse_lock({:hex, _app, version, checksum, _managers, _dependencies, _source}),
73
- do: {version, checksum, nil}
74
-
75
- defp parse_lock({:hex, _app, version, checksum, _managers, _dependencies}),
76
- do: {version, checksum, nil}
77
-
78
- defp normalise_requirement(req) do
79
- req
80
- |> maybe_regex_to_str()
81
- |> empty_str_to_nil()
82
- end
83
-
84
- defp maybe_regex_to_str(s), do: if Regex.regex?(s), do: Regex.source(s), else: s
85
- defp empty_str_to_nil(""), do: nil
86
- defp empty_str_to_nil(s), do: s
87
-
88
- def git_source(repo_url, opts) do
89
- ref = opts[:ref] || opts[:tag]
90
- ref = if is_list(ref), do: to_string(ref), else: ref
91
-
92
- %{
93
- type: "git",
94
- url: repo_url,
95
- branch: opts[:branch] || "master",
96
- ref: ref
97
- }
98
- end
99
- end
100
-
101
- dependencies = :erlang.term_to_binary({:ok, Parser.run()})
102
-
103
- IO.write(:stdio, dependencies)