dependabot-go_modules 0.126.1 → 0.128.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/go_modules/file_updater/go_mod_updater.rb +37 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 829d0ac68d17ff0e98eb1cea23df08e6d0dda6f28b9f9f7315b99b7ed2a6a355
|
|
4
|
+
data.tar.gz: f90a05b616834eea6573db46d5e327ffc2fc233fc9018562746205f88972a2c0
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1fe6f621f9af602d6c4f8245e17376f6fb3ea010d97b0ccd31d832f1a91d119133ca9cc2a6c386595320770214a08891bf9c3260035476985417242a59d495a6
|
|
7
|
+
data.tar.gz: 73f66e0d0165db078aee5ea0ddbe088306955eb7be220e43118bc5d46ae06c302836472d6565d19a9ec04e4285695ed0b8e4f53576b972c7f1d2dd6e0a1e1ef3
|
|
@@ -35,6 +35,11 @@ module Dependabot
|
|
|
35
35
|
/go: ([^@\s]+)(?:@[^\s]+)?: .* declares its path as: ([\S]*)/m
|
|
36
36
|
].freeze
|
|
37
37
|
|
|
38
|
+
OUT_OF_DISK_REGEXES = [
|
|
39
|
+
%r{input/output error}.freeze,
|
|
40
|
+
/no space left on device/.freeze
|
|
41
|
+
].freeze
|
|
42
|
+
|
|
38
43
|
def initialize(dependencies:, credentials:, repo_contents_path:,
|
|
39
44
|
directory:, options:)
|
|
40
45
|
@dependencies = dependencies
|
|
@@ -235,12 +240,37 @@ module Dependabot
|
|
|
235
240
|
(manifest["Replace"] || []).
|
|
236
241
|
map { |r| r["New"]["Path"] }.
|
|
237
242
|
compact.
|
|
238
|
-
select { |p|
|
|
243
|
+
select { |p| stub_replace_path?(p) }.
|
|
239
244
|
map { |p| [p, "./" + Digest::SHA2.hexdigest(p)] }.
|
|
240
245
|
to_h
|
|
241
246
|
end
|
|
242
247
|
end
|
|
243
248
|
|
|
249
|
+
# returns true if the provided path should be replaced with a stub
|
|
250
|
+
def stub_replace_path?(path)
|
|
251
|
+
return true if absolute_path?(path)
|
|
252
|
+
return false unless relative_replacement_path?(path)
|
|
253
|
+
|
|
254
|
+
resolved_path = module_pathname.join(path).realpath
|
|
255
|
+
inside_repo_contents_path = resolved_path.to_s.start_with?(repo_contents_path.to_s)
|
|
256
|
+
!inside_repo_contents_path
|
|
257
|
+
rescue Errno::ENOENT
|
|
258
|
+
true
|
|
259
|
+
end
|
|
260
|
+
|
|
261
|
+
def absolute_path?(path)
|
|
262
|
+
path.start_with?("/")
|
|
263
|
+
end
|
|
264
|
+
|
|
265
|
+
def relative_replacement_path?(path)
|
|
266
|
+
# https://golang.org/ref/mod#go-mod-file-replace
|
|
267
|
+
path.start_with?("./") || path.start_with?("../")
|
|
268
|
+
end
|
|
269
|
+
|
|
270
|
+
def module_pathname
|
|
271
|
+
@module_pathname ||= Pathname.new(repo_contents_path).join(directory)
|
|
272
|
+
end
|
|
273
|
+
|
|
244
274
|
def substitute_all(substitutions)
|
|
245
275
|
body = substitutions.reduce(File.read("go.mod")) do |text, (a, b)|
|
|
246
276
|
text.sub(a, b)
|
|
@@ -265,6 +295,12 @@ module Dependabot
|
|
|
265
295
|
new(go_mod_path, match[1], match[2])
|
|
266
296
|
end
|
|
267
297
|
|
|
298
|
+
out_of_disk_regex = OUT_OF_DISK_REGEXES.find { |r| stderr =~ r }
|
|
299
|
+
if out_of_disk_regex
|
|
300
|
+
lines = stderr.lines.select { |l| out_of_disk_regex =~ l }
|
|
301
|
+
raise Dependabot::OutOfDisk.new, lines.join
|
|
302
|
+
end
|
|
303
|
+
|
|
268
304
|
# We don't know what happened so we raise a generic error
|
|
269
305
|
msg = stderr.lines.last(10).join.strip
|
|
270
306
|
raise Dependabot::DependabotError, msg
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-go_modules
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.128.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-12-
|
|
11
|
+
date: 2020-12-14 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.128.2
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.128.2
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|