dependabot-go_modules 0.138.6 → 0.138.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/helpers/go.mod +1 -1
  3. data/helpers/go.sum +2 -2
  4. data/lib/dependabot/go_modules/file_updater/go_mod_updater.rb +20 -22
  5. metadata +6 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9c7dedb732a27d9c584f560e2a8feb455544812304e936b672ca3da768bb8b79
4
- data.tar.gz: 34c2c937316d8ae415e4f7d87c0da228d4facf49f99229d9bff457349a22a6b9
3
+ metadata.gz: d4bf01422d0d6b5d38f97230bc59d0cabb422c6c5f254dc6a3fd82f165cd6b3e
4
+ data.tar.gz: 3137ada20e69002e022109ddfe4627eb6fd510634e529064d5d10500f16138b9
5
5
  SHA512:
6
- metadata.gz: 9431d4d8cadff527b74e933f5f4c47b2e756f148ab3d03a4c62c9615077be546f8abf738c8c6627f51ba6513bc7df6cdb0538f1f170beb063fa4973cbead9975
7
- data.tar.gz: d13165568ea340a5b26c98a80bfd7a1a1b3e17a5e208d4cca945d7d85768c6ff9abda007eac23e38c15d67f0fdd7f4f2cf79ce699566f7cec833c28db8967f51
6
+ metadata.gz: f49969b54b69804c7df6aedeb32cf85a0c9a19fdf4b2360f713c48f95384d5850c4e3978c493de9f37724a214fff8c3a4ed875b936ba21b3788b036133a81958
7
+ data.tar.gz: ddcbdd053d70479fe24112b2423daf43b8f2660ff282963bd34227ad8ae37b332c54b81d576f97b6bf42a1a93abd54c1ff88bc447858d92cc12b411b982d534e
data/helpers/go.mod CHANGED
@@ -6,7 +6,7 @@ require (
6
6
  github.com/Masterminds/vcs v1.13.1
7
7
  github.com/dependabot/dependabot-core/go_modules/helpers/updater v0.0.0
8
8
  github.com/dependabot/gomodules-extracted v1.2.0
9
- golang.org/x/mod v0.4.1
9
+ golang.org/x/mod v0.4.2
10
10
  )
11
11
 
12
12
  replace github.com/dependabot/dependabot-core/go_modules/helpers/importresolver => ./importresolver
data/helpers/go.sum CHANGED
@@ -6,8 +6,8 @@ github.com/dependabot/gomodules-extracted v1.2.0/go.mod h1:3NWkH8KcZVDM87JuZI8hC
6
6
  golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
7
7
  golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550 h1:ObdrDkeb4kJdCP557AjRjq69pTHfNouLtWZG7j9rPN8=
8
8
  golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
9
- golang.org/x/mod v0.4.1 h1:Kvvh58BN8Y9/lBi7hTekvtMpm07eUZ0ck5pRHpsMWrY=
10
- golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
9
+ golang.org/x/mod v0.4.2 h1:Gz96sIWK3OalVv/I/qNygP42zyoKp3xptRVCWRFEBvo=
10
+ golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
11
11
  golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
12
12
  golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
13
13
  golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
data/lib/dependabot/go_modules/file_updater/go_mod_updater.rb CHANGED
@@ -222,18 +222,12 @@ module Dependabot
222
222
  # process afterwards.
223
223
  def replace_directive_substitutions(manifest)
224
224
  @replace_directive_substitutions ||=
225
- begin
226
- # Find all the local replacements, and return them with a stub
227
- # path we can use in their place. Using generated paths is safer
228
- # as it means we don't need to worry about references to parent
229
- # directories, etc.
230
- (manifest["Replace"] || []).
231
- map { |r| r["New"]["Path"] }.
232
- compact.
233
- select { |p| stub_replace_path?(p) }.
234
- map { |p| [p, "./" + Digest::SHA2.hexdigest(p)] }.
235
- to_h
236
- end
225
+ (manifest["Replace"] || []).
226
+ map { |r| r["New"]["Path"] }.
227
+ compact.
228
+ select { |p| stub_replace_path?(p) }.
229
+ map { |p| [p, "./" + Digest::SHA2.hexdigest(p)] }.
230
+ to_h
237
231
  end
238
232
 
239
233
  # returns true if the provided path should be replaced with a stub
@@ -269,22 +263,20 @@ module Dependabot
269
263
  write_go_mod(body)
270
264
  end
271
265
 
272
- # rubocop:disable Metrics/AbcSize
273
- # rubocop:disable Metrics/PerceivedComplexity
274
266
  def handle_subprocess_error(stderr)
275
267
  stderr = stderr.gsub(Dir.getwd, "")
276
268
 
277
269
  # Package version doesn't match the module major version
278
270
  error_regex = RESOLVABILITY_ERROR_REGEXES.find { |r| stderr =~ r }
279
271
  if error_regex
280
- lines = stderr.lines.drop_while { |l| error_regex !~ l }
281
- raise Dependabot::DependencyFileNotResolvable, lines.join
272
+ error_message = filter_error_message(message: stderr, regex: error_regex)
273
+ raise Dependabot::DependencyFileNotResolvable, error_message
282
274
  end
283
275
 
284
276
  repo_error_regex = REPO_RESOLVABILITY_ERROR_REGEXES.find { |r| stderr =~ r }
285
277
  if repo_error_regex
286
- lines = stderr.lines.drop_while { |l| repo_error_regex !~ l }
287
- ResolvabilityErrors.handle(lines.join, credentials: credentials)
278
+ error_message = filter_error_message(message: stderr, regex: repo_error_regex)
279
+ ResolvabilityErrors.handle(error_message, credentials: credentials)
288
280
  end
289
281
 
290
282
  path_regex = MODULE_PATH_MISMATCH_REGEXES.find { |r| stderr =~ r }
@@ -296,16 +288,22 @@ module Dependabot
296
288
 
297
289
  out_of_disk_regex = OUT_OF_DISK_REGEXES.find { |r| stderr =~ r }
298
290
  if out_of_disk_regex
299
- lines = stderr.lines.select { |l| out_of_disk_regex =~ l }
300
- raise Dependabot::OutOfDisk.new, lines.join
291
+ error_message = filter_error_message(message: stderr, regex: out_of_disk_regex)
292
+ raise Dependabot::OutOfDisk.new, error_message
301
293
  end
302
294
 
303
295
  # We don't know what happened so we raise a generic error
304
296
  msg = stderr.lines.last(10).join.strip
305
297
  raise Dependabot::DependabotError, msg
306
298
  end
307
- # rubocop:enable Metrics/PerceivedComplexity
308
- # rubocop:enable Metrics/AbcSize
299
+
300
+ def filter_error_message(message:, regex:)
301
+ lines = message.lines.select { |l| regex =~ l }
302
+ return lines.join if lines.any?
303
+
304
+ # In case the regex is multi-line, match the whole string
305
+ message.match(regex).to_s
306
+ end
309
307
 
310
308
  def go_mod_path
311
309
  return "go.mod" if directory == "/"
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-go_modules
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.138.6
4
+ version: 0.138.7
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-03-29 00:00:00.000000000 Z
11
+ date: 2021-03-30 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.138.6
19
+ version: 0.138.7
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.138.6
26
+ version: 0.138.7
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -100,14 +100,14 @@ dependencies:
100
100
  requirements:
101
101
  - - "~>"
102
102
  - !ruby/object:Gem::Version
103
- version: 1.11.0
103
+ version: 1.12.0
104
104
  type: :development
105
105
  prerelease: false
106
106
  version_requirements: !ruby/object:Gem::Requirement
107
107
  requirements:
108
108
  - - "~>"
109
109
  - !ruby/object:Gem::Version
110
- version: 1.11.0
110
+ version: 1.12.0
111
111
  - !ruby/object:Gem::Dependency
112
112
  name: simplecov
113
113
  requirement: !ruby/object:Gem::Requirement