dependabot-go_modules 0.124.4 → 0.125.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/helpers/go.mod +2 -1
  3. data/helpers/go.sum +18 -2
  4. data/helpers/updatechecker/main.go +3 -3
  5. data/helpers/updater/helpers.go +1 -1
  6. data/helpers/updater/main.go +1 -1
  7. data/lib/dependabot/go_modules/file_updater/go_mod_updater.rb +3 -1
  8. data/lib/dependabot/go_modules/update_checker.rb +3 -1
  9. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 4308ed4c177e9a209523ec4e849e54da68b4a892512d94c5a61c3a0bdbee7384
4
- data.tar.gz: 6cbd501ec54b6eecfc494788a129afc7ed9ac6322145949b81c3004fa9244df5
3
+ metadata.gz: 7f82b946870f3261b65081ac3aa1b56c3e965f986afb66d083b85204bfe19ec7
4
+ data.tar.gz: b2d70637d23ce5ba04bd4f6a6d5fdef06ed9fdad1f32b87b768f5ec75d1c36a6
5
5
  SHA512:
6
- metadata.gz: 8e53e4e877ab5493156d8704937b97e16e1af545ccc2e4539e0f50fb430c636e9a7866981afb5752c0a1aac27078affd3c9d65fdc253b4d407b0b40aa863dba8
7
- data.tar.gz: fd9db11bc2d15b0e4f6acf5af804a9624479c8573443d67bce26c67938e61fc5b012e77180270eafff2284bab2eb5dcc7224998fae57cd85d8cbebf8ae26bf75
6
+ metadata.gz: 64d513d3498bbe3d4d8e03476006bfbf3b0b431f3bda89a00746bd0da3a5f78b746b766836233245103550ff79537da5d9831f01a8f3af77cb080c8ebd854529
7
+ data.tar.gz: 6a826d07d6a64d375154ddf9e4a6d075f5702f26416cf3240d5fda2a827d08aa209d9c03395e7241ae1b63f8552aa9cac7cc8908b185793260c802587f8912ed
data/helpers/go.mod CHANGED
@@ -5,7 +5,8 @@ go 1.13
5
5
  require (
6
6
  github.com/Masterminds/vcs v1.13.1
7
7
  github.com/dependabot/dependabot-core/go_modules/helpers/updater v0.0.0
8
- github.com/dependabot/gomodules-extracted v1.1.0
8
+ github.com/dependabot/gomodules-extracted v1.2.0
9
+ golang.org/x/mod v0.3.0
9
10
  )
10
11
 
11
12
  replace github.com/dependabot/dependabot-core/go_modules/helpers/importresolver => ./importresolver
data/helpers/go.sum CHANGED
@@ -2,5 +2,21 @@ github.com/Masterminds/vcs v1.13.1 h1:NL3G1X7/7xduQtA2sJLpVpfHTNBALVNSjob6KEjPXN
2
2
  github.com/Masterminds/vcs v1.13.1/go.mod h1:N09YCmOQr6RLxC6UNHzuVwAdodYbbnycGHSmwVJjcKA=
3
3
  github.com/dependabot/gomodules-extracted v0.0.0-20181020215834-1b2f850478a3 h1:Xj2leY0FVyZuo+p59vkIWG3dIqo+QtjskT5O1iTiywA=
4
4
  github.com/dependabot/gomodules-extracted v0.0.0-20181020215834-1b2f850478a3/go.mod h1:+dRXSrUymjpT4yzKtn1QmeknT1S/yAHRr35en18dHp8=
5
- github.com/dependabot/gomodules-extracted v1.1.0 h1:k0Fcin3JZBfd/yW0JEeg38UtTiZl6E9uYkdqA4Dqbyw=
6
- github.com/dependabot/gomodules-extracted v1.1.0/go.mod h1:+dRXSrUymjpT4yzKtn1QmeknT1S/yAHRr35en18dHp8=
5
+ github.com/dependabot/gomodules-extracted v1.2.0 h1:K/gTyOyhasOt4cjULvOPNiD3MAFGytp4F7e39aB+0Y0=
6
+ github.com/dependabot/gomodules-extracted v1.2.0/go.mod h1:3NWkH8KcZVDM87JuZI8hCZzYbjfUSz98EZI53qjgMgY=
7
+ golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
8
+ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550 h1:ObdrDkeb4kJdCP557AjRjq69pTHfNouLtWZG7j9rPN8=
9
+ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
10
+ golang.org/x/mod v0.3.0 h1:RM4zey1++hCTbCVQfnWeKs9/IEsaBLA8vTkd0WVtmH4=
11
+ golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
12
+ golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
13
+ golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
14
+ golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
15
+ golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
16
+ golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
17
+ golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
18
+ golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e h1:aZzprAO9/8oim3qStq3wc1Xuxx4QmAGriC4VU4ojemQ=
19
+ golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
20
+ golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
21
+ golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898 h1:/atklqdjdhuosWIl6AIbOeHJjicWYPqR9bpxqxYG2pA=
22
+ golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
data/helpers/updatechecker/main.go CHANGED
@@ -6,9 +6,9 @@ import (
6
6
  "regexp"
7
7
 
8
8
  "github.com/dependabot/gomodules-extracted/cmd/go/_internal_/modfetch"
9
- "github.com/dependabot/gomodules-extracted/cmd/go/_internal_/modfile"
10
9
  "github.com/dependabot/gomodules-extracted/cmd/go/_internal_/modload"
11
- "github.com/dependabot/gomodules-extracted/cmd/go/_internal_/semver"
10
+ "golang.org/x/mod/modfile"
11
+ "golang.org/x/mod/semver"
12
12
  )
13
13
 
14
14
  var (
@@ -44,7 +44,7 @@ func GetUpdatedVersion(args *Args) (interface{}, error) {
44
44
 
45
45
  modload.InitMod()
46
46
 
47
- repo, err := modfetch.Lookup(args.Dependency.Name)
47
+ repo, err := modfetch.Lookup("direct", args.Dependency.Name)
48
48
  if err != nil {
49
49
  return nil, err
50
50
  }
data/helpers/updater/helpers.go CHANGED
@@ -3,7 +3,7 @@ package updater
3
3
  import (
4
4
  "strings"
5
5
 
6
- "github.com/dependabot/gomodules-extracted/cmd/go/_internal_/modfile"
6
+ "golang.org/x/mod/modfile"
7
7
  )
8
8
 
9
9
  // Private methods lifted from the `modfile` package
data/helpers/updater/main.go CHANGED
@@ -3,7 +3,7 @@ package updater
3
3
  import (
4
4
  "io/ioutil"
5
5
 
6
- "github.com/dependabot/gomodules-extracted/cmd/go/_internal_/modfile"
6
+ "golang.org/x/mod/modfile"
7
7
  )
8
8
 
9
9
  type Dependency struct {
data/lib/dependabot/go_modules/file_updater/go_mod_updater.rb CHANGED
@@ -24,7 +24,9 @@ module Dependabot
24
24
  /module .* found \(.*\), but does not contain package/m.freeze,
25
25
  # Package does not exist, has been pulled or cannot be reached due to
26
26
  # auth problems with either git or the go proxy
27
- /go: .*: unknown revision/m.freeze
27
+ /go: .*: unknown revision/m.freeze,
28
+ # Package version doesn't match the module major version
29
+ /go: .*: go.mod has post-v\d+ module path/m.freeze
28
30
  ].freeze
29
31
 
30
32
  MODULE_PATH_MISMATCH_REGEXES = [
data/lib/dependabot/go_modules/update_checker.rb CHANGED
@@ -12,7 +12,9 @@ module Dependabot
12
12
  class UpdateChecker < Dependabot::UpdateCheckers::Base
13
13
  RESOLVABILITY_ERROR_REGEXES = [
14
14
  # Package url/proxy doesn't include any redirect meta tags
15
- /no go-import meta tags/
15
+ /no go-import meta tags/,
16
+ # Package url 404s
17
+ /404 Not Found/
16
18
  ].freeze
17
19
 
18
20
  def latest_resolvable_version
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-go_modules
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.124.4
4
+ version: 0.125.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-10-30 00:00:00.000000000 Z
11
+ date: 2020-11-05 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.124.4
19
+ version: 0.125.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.124.4
26
+ version: 0.125.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement