dependabot-go_modules 0.157.1 → 0.159.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/go_modules/file_updater/go_mod_updater.rb +7 -5
  3. data/lib/dependabot/go_modules/resolvability_errors.rb +1 -1
  4. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 359cce2a13b917a7df9dc80697a18ddc5b631c9a21bfd1d42ea745a5a6f6a2b9
4
- data.tar.gz: ec474b1977871a8f9386af330b5d808316224c0716a1ac495aca5bab645dd1ad
3
+ metadata.gz: b11213f416c5225bc46bdb8674a23e4b548b96dcdc222a6e95dd208f1f773db8
4
+ data.tar.gz: 87ed3830ec3854ffa063ef96643dcd191465cd1194295e3254564592a655e415
5
5
  SHA512:
6
- metadata.gz: d14ac5f2003e95d1a3b1abf0c37f619e52e4589c227547f69021544961d6a0260e64061bf28624a37ac6387376190fbc93d6b7ea69032686927637f3df1e96a8
7
- data.tar.gz: aa4fde5d130048d28c50fbf34af6b000f43ac852c3023a2cb278b42ba7b8d2fb8ec330ef187d2fe21031cc319e2f521e72db1f14f421a522a3cb9c8910b06fb3
6
+ metadata.gz: 2621ca0ed607cce5e1792a2ee35db2076425e3c11e9bf318233dffb42a21195cdeaff4d06479af7ec19427f06f0b8a9f3eeac9379dbc9d57ecf25a54933a36cd
7
+ data.tar.gz: b03bd0204ac46169fbb3edfb74473641a6da24052f4b1c53e3e559039d0bd28f7c11526f5ef086053c8bbd34f8a84f488e45c8bfb6eeecd8b9ac1948e5f8c2db
data/lib/dependabot/go_modules/file_updater/go_mod_updater.rb CHANGED
@@ -25,7 +25,7 @@ module Dependabot
25
25
  /fatal: The remote end hung up unexpectedly/,
26
26
  /repository '.+' not found/,
27
27
  # (Private) module could not be fetched
28
- /go: .*: git fetch .*: exit status 128/.freeze,
28
+ /go: .*: git fetch .*: exit status 128/m.freeze,
29
29
  # (Private) module could not be found
30
30
  /cannot find module providing package/.freeze,
31
31
  # Package in module was likely renamed or removed
@@ -172,6 +172,8 @@ module Dependabot
172
172
  version = "v" + dep.version.sub(/^v/i, "")
173
173
  command << " #{dep.name}@#{version}"
174
174
  end
175
+ command = SharedHelpers.escape_command(command)
176
+
175
177
  _, stderr, status = Open3.capture3(ENVIRONMENT, command)
176
178
  handle_subprocess_error(stderr) unless status.success?
177
179
  ensure
@@ -237,6 +239,10 @@ module Dependabot
237
239
  raise Dependabot::DependencyFileNotResolvable, error_message
238
240
  end
239
241
 
242
+ if (matches = stderr.match(/Authentication failed for '(?<url>.+)'/))
243
+ raise Dependabot::PrivateSourceAuthenticationFailure, matches[:url]
244
+ end
245
+
240
246
  repo_error_regex = REPO_RESOLVABILITY_ERROR_REGEXES.find { |r| stderr =~ r }
241
247
  if repo_error_regex
242
248
  error_message = filter_error_message(message: stderr, regex: repo_error_regex)
@@ -256,10 +262,6 @@ module Dependabot
256
262
  raise Dependabot::OutOfDisk.new, error_message
257
263
  end
258
264
 
259
- if (matches = stderr.match(/Authentication failed for '(?<url>.+)'/))
260
- raise Dependabot::PrivateSourceAuthenticationFailure, matches[:url]
261
- end
262
-
263
265
  # We don't know what happened so we raise a generic error
264
266
  msg = stderr.lines.last(10).join.strip
265
267
  raise Dependabot::DependabotError, msg
data/lib/dependabot/go_modules/resolvability_errors.rb CHANGED
@@ -6,7 +6,7 @@ module Dependabot
6
6
  GITHUB_REPO_REGEX = %r{github.com/[^:@]*}.freeze
7
7
 
8
8
  def self.handle(message, credentials:)
9
- mod_path = message.scan(GITHUB_REPO_REGEX).first
9
+ mod_path = message.scan(GITHUB_REPO_REGEX).last
10
10
  raise Dependabot::DependencyFileNotResolvable, message unless mod_path
11
11
 
12
12
  # Module not found on github.com - query for _any_ version to know if it
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-go_modules
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.157.1
4
+ version: 0.159.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-07-27 00:00:00.000000000 Z
11
+ date: 2021-08-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.157.1
19
+ version: 0.159.1
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.157.1
26
+ version: 0.159.1
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement