dependabot-go_modules 0.180.2 → 0.180.5
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: d8875353aa53c65cbe91d98f7dab9b4987129705927e8bf4c678574fa7726e23
|
4
|
+
data.tar.gz: 1a4fc070c1643aa7b5fe3e43a5f7c4e0e3a04c7f43ade16abcb8231cea7aee2b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b8684c125e2dacc7884e4985652938da57dbbfbd5b8691d7d38d61d0b089d42fba1f773f59cf5e1885f15c4af3319c3497f99cbf8e68dde7c89cecb8219e1c76
|
7
|
+
data.tar.gz: aa159b3c0ba5c5c812a7056005047fab5062b3b5cdd61d9f5c894c2a7aa4cb443f2d4ed9bc31f95c2380baa4bbf4c9c22d6d457bc1622bea124c2f08712387ef
|
data/helpers/go.mod
CHANGED
data/helpers/go.sum
CHANGED
@@ -1,2 +1,2 @@
|
|
1
|
-
github.com/Masterminds/vcs v1.13.
|
2
|
-
github.com/Masterminds/vcs v1.13.
|
1
|
+
github.com/Masterminds/vcs v1.13.3 h1:IIA2aBdXvfbIM+yl/eTnL4hb1XwdpvuQLglAix1gweE=
|
2
|
+
github.com/Masterminds/vcs v1.13.3/go.mod h1:TiE7xuEjl1N4j016moRd6vezp6e6Lz23gypeXfzXeW8=
|
@@ -36,10 +36,6 @@ module Dependabot
|
|
36
36
|
# Fetch the (optional) go.sum
|
37
37
|
fetched_files << go_sum if go_sum
|
38
38
|
|
39
|
-
# Fetch the main.go file if present, as this will later identify
|
40
|
-
# this repo as an app.
|
41
|
-
fetched_files << main if main
|
42
|
-
|
43
39
|
fetched_files
|
44
40
|
end
|
45
41
|
end
|
@@ -51,27 +47,6 @@ module Dependabot
|
|
51
47
|
def go_sum
|
52
48
|
@go_sum ||= fetch_file_if_present("go.sum")
|
53
49
|
end
|
54
|
-
|
55
|
-
def main
|
56
|
-
return @main if defined?(@main)
|
57
|
-
|
58
|
-
go_files = Dir.glob("*.go")
|
59
|
-
|
60
|
-
go_files.each do |filename|
|
61
|
-
file_content = File.read(filename)
|
62
|
-
next unless file_content.match?(/\s*package\s+main/)
|
63
|
-
|
64
|
-
return @main = DependencyFile.new(
|
65
|
-
name: Pathname.new(filename).cleanpath.to_path,
|
66
|
-
directory: "/",
|
67
|
-
type: "package_main",
|
68
|
-
support_file: true,
|
69
|
-
content: file_content
|
70
|
-
)
|
71
|
-
end
|
72
|
-
|
73
|
-
nil
|
74
|
-
end
|
75
50
|
end
|
76
51
|
end
|
77
52
|
end
|
@@ -21,24 +21,24 @@ module Dependabot
|
|
21
21
|
/fatal: The remote end hung up unexpectedly/,
|
22
22
|
/repository '.+' not found/,
|
23
23
|
# (Private) module could not be fetched
|
24
|
-
/go
|
24
|
+
/go(?: get)?: .*: git (fetch|ls-remote) .*: exit status 128/m.freeze,
|
25
25
|
# (Private) module could not be found
|
26
26
|
/cannot find module providing package/.freeze,
|
27
27
|
# Package in module was likely renamed or removed
|
28
28
|
/module .* found \(.*\), but does not contain package/m.freeze,
|
29
29
|
# Package pseudo-version does not match the version-control metadata
|
30
30
|
# https://golang.google.cn/doc/go1.13#version-validation
|
31
|
-
/go
|
31
|
+
/go(?: get)?: .*: invalid pseudo-version/m.freeze,
|
32
32
|
# Package does not exist, has been pulled or cannot be reached due to
|
33
33
|
# auth problems with either git or the go proxy
|
34
|
-
/go
|
34
|
+
/go(?: get)?: .*: unknown revision/m.freeze,
|
35
35
|
# Package pointing to a proxy that 404s
|
36
|
-
/go
|
36
|
+
/go(?: get)?: .*: unrecognized import path/m.freeze
|
37
37
|
].freeze
|
38
38
|
|
39
39
|
MODULE_PATH_MISMATCH_REGEXES = [
|
40
40
|
/go(?: get)?: ([^@\s]+)(?:@[^\s]+)?: .* has non-.* module path "(.*)" at/,
|
41
|
-
/go
|
41
|
+
/go(?: get)?: ([^@\s]+)(?:@[^\s]+)?: .* unexpected module path "(.*)"/,
|
42
42
|
/go(?: get)?: ([^@\s]+)(?:@[^\s]+)?:? .* declares its path as: ([\S]*)/m
|
43
43
|
].freeze
|
44
44
|
|
@@ -92,10 +92,6 @@ module Dependabot
|
|
92
92
|
git_dependency?
|
93
93
|
end
|
94
94
|
|
95
|
-
def library?
|
96
|
-
dependency_files.none? { |f| f.type == "package_main" }
|
97
|
-
end
|
98
|
-
|
99
95
|
def version_from_tag(tag)
|
100
96
|
# To compare with the current version we either use the commit SHA
|
101
97
|
# (if that's what the parser picked up) or the tag name.
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-go_modules
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.180.
|
4
|
+
version: 0.180.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-04-07 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dependabot-common
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.180.
|
19
|
+
version: 0.180.5
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.180.
|
26
|
+
version: 0.180.5
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: debug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|