RubyGems - dependabot-go_modules - Versions diffs - 0.143.0 → 0.143.5 - Mend

dependabot-go_modules 0.143.0 → 0.143.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

checksums.yaml +4 -4
data/helpers/Makefile +2 -2
data/helpers/build +2 -2
data/helpers/go.mod +1 -8
data/helpers/go.sum +0 -1
data/helpers/updater/helpers.go +16 -8
data/helpers/updater/main.go +3 -1
data/lib/dependabot/go_modules/update_checker.rb +2 -2
metadata +4 -6
data/helpers/updater/go.mod +0 -3
data/helpers/updater/go.sum +0 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 657d54c489329452912e5f76918dd79a95a429020a37dc90d9a1d61fbe513610
-  data.tar.gz: f8fa6af636c3d8ed16441f3c89ab188bd8faf73e936c4290235fbd2756fd0f74
+  metadata.gz: 9e7f7d52aa2101f758f1b5041a69ec480f43b6afa40cbcc466a2a4ca7c6c5f1d
+  data.tar.gz: bc50731b3e23f20bfd368fcad0beeb11ce84ff1d8ebefcb7379d04a6454a8555
 SHA512:
-  metadata.gz: affd7950ce174e8c87cb96af2ecd276cf79baf10503b58463209785cf15433560ecd825c4d1eef63f30180d5833843f8186647c51c1826d4ec775f91ad4872d4
-  data.tar.gz: 30229778ed96351e467b9975d536e96589a1e62f67b3ff595f49e034152d141a46ed3120715579ec5ef431ebba642f38cba22052542ce63f7628003fa3585fdc
+  metadata.gz: 823c06ca3d150db110e23bbb06940993af989fb57b401dbe4739f557c86da2ed4dd1494054a7dbc7723cbe063d3813cdd66d55c78fcc3f18eeb25a4a66db5d67
+  data.tar.gz: a86a90214f579be6cc32c6a1932d2db80ef3925e2418b627a5fdc412e005a68953f379783a4246e536574a91c05b8ffeb043e7c29ddf370fe41d2f425badd975

data/helpers/Makefile CHANGED Viewed

@@ -3,7 +3,7 @@
 all: darwin linux
 darwin:
-	GO111MODULE=on GOOS=darwin GOARCH=amd64 go build -o go-helpers.darwin64 .
+	GOOS=darwin GOARCH=amd64 go build -o go-helpers.darwin64 .
 linux:
-	GO111MODULE=on GOOS=linux GOARCH=amd64  go build -o go-helpers.linux64 .
+	GOOS=linux GOARCH=amd64  go build -o go-helpers.linux64 .

data/helpers/build CHANGED Viewed

@@ -23,5 +23,5 @@ cd $helpers_dir
 os="$(uname -s | tr '[:upper:]' '[:lower:]')"
 echo "building $install_dir/bin/helper"
-GO111MODULE=on GOOS="$os" GOARCH=amd64 go build -o "$install_dir/bin/helper" .
-go clean -cache -modcache
+GOOS="$os" GOARCH=amd64 go build -o "$install_dir/bin/helper" .
+go clean -cache -modcache

data/helpers/go.mod CHANGED Viewed

@@ -1,16 +1,9 @@
 module github.com/dependabot/dependabot-core/go_modules/helpers
-go 1.13
+go 1.16
 require (
 	github.com/Masterminds/vcs v1.13.1
-	github.com/dependabot/dependabot-core/go_modules/helpers/updater v0.0.0
 	github.com/dependabot/gomodules-extracted v1.2.0
 	golang.org/x/mod v0.4.2
 )
-replace github.com/dependabot/dependabot-core/go_modules/helpers/importresolver => ./importresolver
-replace github.com/dependabot/dependabot-core/go_modules/helpers/updater => ./updater
-replace github.com/dependabot/dependabot-core/go_modules/helpers/updatechecker => ./updatechecker

data/helpers/go.sum CHANGED Viewed

@@ -1,6 +1,5 @@
 github.com/Masterminds/vcs v1.13.1 h1:NL3G1X7/7xduQtA2sJLpVpfHTNBALVNSjob6KEjPXNQ=
 github.com/Masterminds/vcs v1.13.1/go.mod h1:N09YCmOQr6RLxC6UNHzuVwAdodYbbnycGHSmwVJjcKA=
-github.com/dependabot/gomodules-extracted v0.0.0-20181020215834-1b2f850478a3/go.mod h1:+dRXSrUymjpT4yzKtn1QmeknT1S/yAHRr35en18dHp8=
 github.com/dependabot/gomodules-extracted v1.2.0 h1:K/gTyOyhasOt4cjULvOPNiD3MAFGytp4F7e39aB+0Y0=
 github.com/dependabot/gomodules-extracted v1.2.0/go.mod h1:3NWkH8KcZVDM87JuZI8hCZzYbjfUSz98EZI53qjgMgY=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=

data/helpers/updater/helpers.go CHANGED Viewed

@@ -6,7 +6,11 @@ import (
 	"golang.org/x/mod/modfile"
 )
-// Private methods lifted from the `modfile` package
+// Private methods lifted from the `modfile` package.
+// Last synced: 4/28/2021 from:
+// https://github.com/golang/mod/blob/858fdbee9c245c8109c359106e89c6b8d321f19c/modfile/rule.go
+var slashSlash = []byte("//")
 // setIndirect sets line to have (or not have) a "// indirect" comment.
 func setIndirect(line *modfile.Line, indirect bool) {
@@ -20,13 +24,17 @@ func setIndirect(line *modfile.Line, indirect bool) {
 			line.Suffix = []modfile.Comment{{Token: "// indirect", Suffix: true}}
 			return
 		}
-		// Insert at beginning of existing comment.
 		com := &line.Suffix[0]
-		space := " "
-		if len(com.Token) > 2 && com.Token[2] == ' ' || com.Token[2] == '\t' {
-			space = ""
+		text := strings.TrimSpace(strings.TrimPrefix(com.Token, string(slashSlash)))
+		if text == "" {
+			// Empty comment.
+			com.Token = "// indirect"
+			return
 		}
-		com.Token = "// indirect;" + space + com.Token[2:]
+		// Insert at beginning of existing comment.
+		com.Token = "// indirect; " + text
 		return
 	}
@@ -52,6 +60,6 @@ func isIndirect(line *modfile.Line) bool {
 	if len(line.Suffix) == 0 {
 		return false
 	}
-	f := strings.Fields(line.Suffix[0].Token)
-	return (len(f) == 2 && f[1] == "indirect" || len(f) > 2 && f[1] == "indirect;") && f[0] == "//"
+	f := strings.Fields(strings.TrimPrefix(line.Suffix[0].Token, string(slashSlash)))
+	return (len(f) == 1 && f[0] == "indirect" || len(f) > 1 && f[0] == "indirect;")
 }

data/helpers/updater/main.go CHANGED Viewed

@@ -28,7 +28,9 @@ func UpdateDependencyFile(args *Args) (interface{}, error) {
 	}
 	for _, dep := range args.Dependencies {
-		f.AddRequire(dep.Name, dep.Version)
+		if err := f.AddRequire(dep.Name, dep.Version); err != nil {
+			return nil, err
+		}
 	}
 	for _, r := range f.Require {

data/lib/dependabot/go_modules/update_checker.rb CHANGED Viewed

@@ -24,7 +24,7 @@ module Dependabot
         #
         # To update indirect dependencies we'll need to promote the indirect
         # dependency to the go.mod file forcing the resolver to pick this
-        # version (possibly as # indirect)
+        # version (possibly as `// indirect`)
         unless dependency.top_level?
           return unless dependency.version
@@ -122,7 +122,7 @@ module Dependabot
       def version_from_tag(tag)
         # To compare with the current version we either use the commit SHA
-        # (if that's what the parser picked up) of the tag name.
+        # (if that's what the parser picked up) or the tag name.
         return tag&.fetch(:commit_sha) if dependency.version&.match?(/^[0-9a-f]{40}$/)
         tag&.fetch(:tag)

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-go_modules
 version: !ruby/object:Gem::Version
-  version: 0.143.0
+  version: 0.143.5
 platform: ruby
 authors:
 - Dependabot
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-04-21 00:00:00.000000000 Z
+date: 2021-04-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.143.0
+        version: 0.143.5
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.143.0
+        version: 0.143.5
 - !ruby/object:Gem::Dependency
   name: byebug
   requirement: !ruby/object:Gem::Requirement
@@ -192,8 +192,6 @@ files:
 - helpers/importresolver/main.go
 - helpers/main.go
 - helpers/updatechecker/main.go
-- helpers/updater/go.mod
-- helpers/updater/go.sum
 - helpers/updater/helpers.go
 - helpers/updater/main.go
 - lib/dependabot/go_modules.rb

data/helpers/updater/go.mod DELETED Viewed

@@ -1,3 +0,0 @@
-module github.com/dependabot/dependabot-core/helpers/go/updater
-require github.com/dependabot/gomodules-extracted v0.0.0-20181020215834-1b2f850478a3

data/helpers/updater/go.sum DELETED Viewed

	@@ -1,2 +0,0 @@
1	- github.com/dependabot/gomodules-extracted v0.0.0-20181020215834-1b2f850478a3 h1:Xj2leY0FVyZuo+p59vkIWG3dIqo+QtjskT5O1iTiywA=
2	- github.com/dependabot/gomodules-extracted v0.0.0-20181020215834-1b2f850478a3/go.mod h1:+dRXSrUymjpT4yzKtn1QmeknT1S/yAHRr35en18dHp8=