dependabot-go_modules 0.125.5 → 0.127.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/helpers/go.mod +1 -1
- data/helpers/go.sum +2 -4
- data/lib/dependabot/go_modules/file_updater/go_mod_updater.rb +19 -2
- data/lib/dependabot/go_modules/requirement.rb +1 -1
- metadata +8 -8
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1dfaae749c4420411ee664ba4c96615a2cd8245a2b70f26d78c37f803abfce2f
|
|
4
|
+
data.tar.gz: 5e6b13e4676fd6d46b57394fbf28716f30f8afd72da57db75a42150f096f45fc
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d88776004dfe840cf109d8f06ec4bb2471ac0cf7be9607246a0497e55df3f37cb3f51746a93e81d55ed9e5ea0229a2e0f349f917c1e669015d6235e93adc86be
|
|
7
|
+
data.tar.gz: 8672e6a60410b21b288fa2ad6a7ba48a1d3fec6040a98ca8f1af12e82a5dd42f964e18c729b5b15c487879684243a7c160c48460e0b963888b93c04cc8583e38
|
data/helpers/go.mod
CHANGED
|
@@ -6,7 +6,7 @@ require (
|
|
|
6
6
|
github.com/Masterminds/vcs v1.13.1
|
|
7
7
|
github.com/dependabot/dependabot-core/go_modules/helpers/updater v0.0.0
|
|
8
8
|
github.com/dependabot/gomodules-extracted v1.2.0
|
|
9
|
-
golang.org/x/mod v0.
|
|
9
|
+
golang.org/x/mod v0.4.0
|
|
10
10
|
)
|
|
11
11
|
|
|
12
12
|
replace github.com/dependabot/dependabot-core/go_modules/helpers/importresolver => ./importresolver
|
data/helpers/go.sum
CHANGED
|
@@ -1,14 +1,12 @@
|
|
|
1
1
|
github.com/Masterminds/vcs v1.13.1 h1:NL3G1X7/7xduQtA2sJLpVpfHTNBALVNSjob6KEjPXNQ=
|
|
2
2
|
github.com/Masterminds/vcs v1.13.1/go.mod h1:N09YCmOQr6RLxC6UNHzuVwAdodYbbnycGHSmwVJjcKA=
|
|
3
|
-
github.com/dependabot/gomodules-extracted v0.0.0-20181020215834-1b2f850478a3 h1:Xj2leY0FVyZuo+p59vkIWG3dIqo+QtjskT5O1iTiywA=
|
|
4
|
-
github.com/dependabot/gomodules-extracted v0.0.0-20181020215834-1b2f850478a3/go.mod h1:+dRXSrUymjpT4yzKtn1QmeknT1S/yAHRr35en18dHp8=
|
|
5
3
|
github.com/dependabot/gomodules-extracted v1.2.0 h1:K/gTyOyhasOt4cjULvOPNiD3MAFGytp4F7e39aB+0Y0=
|
|
6
4
|
github.com/dependabot/gomodules-extracted v1.2.0/go.mod h1:3NWkH8KcZVDM87JuZI8hCZzYbjfUSz98EZI53qjgMgY=
|
|
7
5
|
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
|
8
6
|
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550 h1:ObdrDkeb4kJdCP557AjRjq69pTHfNouLtWZG7j9rPN8=
|
|
9
7
|
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
|
10
|
-
golang.org/x/mod v0.
|
|
11
|
-
golang.org/x/mod v0.
|
|
8
|
+
golang.org/x/mod v0.4.0 h1:8pl+sMODzuvGJkmj2W4kZihvVb5mKm8pB/X44PIQHv8=
|
|
9
|
+
golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
|
12
10
|
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
|
13
11
|
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
|
14
12
|
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
|
@@ -35,6 +35,11 @@ module Dependabot
|
|
|
35
35
|
/go: ([^@\s]+)(?:@[^\s]+)?: .* declares its path as: ([\S]*)/m
|
|
36
36
|
].freeze
|
|
37
37
|
|
|
38
|
+
OUT_OF_DISK_REGEXES = [
|
|
39
|
+
%r{input/output error}.freeze,
|
|
40
|
+
/no space left on device/.freeze
|
|
41
|
+
].freeze
|
|
42
|
+
|
|
38
43
|
def initialize(dependencies:, credentials:, repo_contents_path:,
|
|
39
44
|
directory:, options:)
|
|
40
45
|
@dependencies = dependencies
|
|
@@ -118,9 +123,15 @@ module Dependabot
|
|
|
118
123
|
def run_go_mod_tidy
|
|
119
124
|
return unless tidy?
|
|
120
125
|
|
|
126
|
+
# NOTE(arslan): use `go mod tidy -e` once Go 1.16 is out:
|
|
127
|
+
# https://github.com/golang/go/commit/3aa09489ab3aa13a3ac78b1ff012b148ffffe367
|
|
121
128
|
command = "go mod tidy"
|
|
122
|
-
|
|
123
|
-
|
|
129
|
+
|
|
130
|
+
# we explicitly don't raise an error for 'go mod tidy' and silently
|
|
131
|
+
# continue here. `go mod tidy` shouldn't block updating versions
|
|
132
|
+
# because there are some edge cases where it's OK to fail (such as
|
|
133
|
+
# generated files not available yet to us).
|
|
134
|
+
Open3.capture3(ENVIRONMENT, command)
|
|
124
135
|
end
|
|
125
136
|
|
|
126
137
|
def run_go_vendor
|
|
@@ -259,6 +270,12 @@ module Dependabot
|
|
|
259
270
|
new(go_mod_path, match[1], match[2])
|
|
260
271
|
end
|
|
261
272
|
|
|
273
|
+
out_of_disk_regex = OUT_OF_DISK_REGEXES.find { |r| stderr =~ r }
|
|
274
|
+
if out_of_disk_regex
|
|
275
|
+
lines = stderr.lines.select { |l| out_of_disk_regex =~ l }
|
|
276
|
+
raise Dependabot::OutOfDisk.new, lines.join
|
|
277
|
+
end
|
|
278
|
+
|
|
262
279
|
# We don't know what happened so we raise a generic error
|
|
263
280
|
msg = stderr.lines.last(10).join.strip
|
|
264
281
|
raise Dependabot::DependabotError, msg
|
|
@@ -132,7 +132,7 @@ module Dependabot
|
|
|
132
132
|
"~> #{parts.join('.')}"
|
|
133
133
|
end
|
|
134
134
|
|
|
135
|
-
#
|
|
135
|
+
# NOTE: Dep's caret notation implementation doesn't distinguish between
|
|
136
136
|
# pre and post-1.0.0 requirements (unlike in JS)
|
|
137
137
|
def convert_caret_req(req_string)
|
|
138
138
|
version = req_string.gsub(/^\^?v?/, "")
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-go_modules
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.127.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-
|
|
11
|
+
date: 2020-12-14 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.127.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.127.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -100,28 +100,28 @@ dependencies:
|
|
|
100
100
|
requirements:
|
|
101
101
|
- - "~>"
|
|
102
102
|
- !ruby/object:Gem::Version
|
|
103
|
-
version:
|
|
103
|
+
version: 1.6.0
|
|
104
104
|
type: :development
|
|
105
105
|
prerelease: false
|
|
106
106
|
version_requirements: !ruby/object:Gem::Requirement
|
|
107
107
|
requirements:
|
|
108
108
|
- - "~>"
|
|
109
109
|
- !ruby/object:Gem::Version
|
|
110
|
-
version:
|
|
110
|
+
version: 1.6.0
|
|
111
111
|
- !ruby/object:Gem::Dependency
|
|
112
112
|
name: simplecov
|
|
113
113
|
requirement: !ruby/object:Gem::Requirement
|
|
114
114
|
requirements:
|
|
115
115
|
- - "~>"
|
|
116
116
|
- !ruby/object:Gem::Version
|
|
117
|
-
version: 0.
|
|
117
|
+
version: 0.20.0
|
|
118
118
|
type: :development
|
|
119
119
|
prerelease: false
|
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
|
121
121
|
requirements:
|
|
122
122
|
- - "~>"
|
|
123
123
|
- !ruby/object:Gem::Version
|
|
124
|
-
version: 0.
|
|
124
|
+
version: 0.20.0
|
|
125
125
|
- !ruby/object:Gem::Dependency
|
|
126
126
|
name: simplecov-console
|
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|