dependabot-go_modules 0.180.2 → 0.180.5

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 59318c7635e68d4c720c7d0a1c14a46793a979e122e82501213e7a0ec3233912
4
- data.tar.gz: e6edc5e8cdf317c1e9c7bcf6b546665c02115aad1ee643d45bce6f0406426188
3
+ metadata.gz: d8875353aa53c65cbe91d98f7dab9b4987129705927e8bf4c678574fa7726e23
4
+ data.tar.gz: 1a4fc070c1643aa7b5fe3e43a5f7c4e0e3a04c7f43ade16abcb8231cea7aee2b
5
5
  SHA512:
6
- metadata.gz: a43d0c00ed043018e87ab6be9429cb2306a288902ee09017a17c3d1fdb99d17635006012d68de0ed56ec535a86d8bd8f7beaf3fb4da27861a32e5209ebc76a94
7
- data.tar.gz: 9056990aad88c5ff1703ee54a5324563bb17932d578ac8b059c964480e98ad40a59bd2f76c62760c305aaa3650ff9d7a0d12aac9aef4a43488bd74fed4a8e24e
6
+ metadata.gz: b8684c125e2dacc7884e4985652938da57dbbfbd5b8691d7d38d61d0b089d42fba1f773f59cf5e1885f15c4af3319c3497f99cbf8e68dde7c89cecb8219e1c76
7
+ data.tar.gz: aa159b3c0ba5c5c812a7056005047fab5062b3b5cdd61d9f5c894c2a7aa4cb443f2d4ed9bc31f95c2380baa4bbf4c9c22d6d457bc1622bea124c2f08712387ef
data/helpers/go.mod CHANGED
@@ -2,4 +2,4 @@ module github.com/dependabot/dependabot-core/go_modules/helpers
2
2
 
3
3
  go 1.18
4
4
 
5
- require github.com/Masterminds/vcs v1.13.1
5
+ require github.com/Masterminds/vcs v1.13.3
data/helpers/go.sum CHANGED
@@ -1,2 +1,2 @@
1
- github.com/Masterminds/vcs v1.13.1 h1:NL3G1X7/7xduQtA2sJLpVpfHTNBALVNSjob6KEjPXNQ=
2
- github.com/Masterminds/vcs v1.13.1/go.mod h1:N09YCmOQr6RLxC6UNHzuVwAdodYbbnycGHSmwVJjcKA=
1
+ github.com/Masterminds/vcs v1.13.3 h1:IIA2aBdXvfbIM+yl/eTnL4hb1XwdpvuQLglAix1gweE=
2
+ github.com/Masterminds/vcs v1.13.3/go.mod h1:TiE7xuEjl1N4j016moRd6vezp6e6Lz23gypeXfzXeW8=
@@ -36,10 +36,6 @@ module Dependabot
36
36
  # Fetch the (optional) go.sum
37
37
  fetched_files << go_sum if go_sum
38
38
 
39
- # Fetch the main.go file if present, as this will later identify
40
- # this repo as an app.
41
- fetched_files << main if main
42
-
43
39
  fetched_files
44
40
  end
45
41
  end
@@ -51,27 +47,6 @@ module Dependabot
51
47
  def go_sum
52
48
  @go_sum ||= fetch_file_if_present("go.sum")
53
49
  end
54
-
55
- def main
56
- return @main if defined?(@main)
57
-
58
- go_files = Dir.glob("*.go")
59
-
60
- go_files.each do |filename|
61
- file_content = File.read(filename)
62
- next unless file_content.match?(/\s*package\s+main/)
63
-
64
- return @main = DependencyFile.new(
65
- name: Pathname.new(filename).cleanpath.to_path,
66
- directory: "/",
67
- type: "package_main",
68
- support_file: true,
69
- content: file_content
70
- )
71
- end
72
-
73
- nil
74
- end
75
50
  end
76
51
  end
77
52
  end
@@ -21,24 +21,24 @@ module Dependabot
21
21
  /fatal: The remote end hung up unexpectedly/,
22
22
  /repository '.+' not found/,
23
23
  # (Private) module could not be fetched
24
- /go: .*: git (fetch|ls-remote) .*: exit status 128/m.freeze,
24
+ /go(?: get)?: .*: git (fetch|ls-remote) .*: exit status 128/m.freeze,
25
25
  # (Private) module could not be found
26
26
  /cannot find module providing package/.freeze,
27
27
  # Package in module was likely renamed or removed
28
28
  /module .* found \(.*\), but does not contain package/m.freeze,
29
29
  # Package pseudo-version does not match the version-control metadata
30
30
  # https://golang.google.cn/doc/go1.13#version-validation
31
- /go: .*: invalid pseudo-version/m.freeze,
31
+ /go(?: get)?: .*: invalid pseudo-version/m.freeze,
32
32
  # Package does not exist, has been pulled or cannot be reached due to
33
33
  # auth problems with either git or the go proxy
34
- /go: .*: unknown revision/m.freeze,
34
+ /go(?: get)?: .*: unknown revision/m.freeze,
35
35
  # Package pointing to a proxy that 404s
36
- /go: .*: unrecognized import path/m.freeze
36
+ /go(?: get)?: .*: unrecognized import path/m.freeze
37
37
  ].freeze
38
38
 
39
39
  MODULE_PATH_MISMATCH_REGEXES = [
40
40
  /go(?: get)?: ([^@\s]+)(?:@[^\s]+)?: .* has non-.* module path "(.*)" at/,
41
- /go: ([^@\s]+)(?:@[^\s]+)?: .* unexpected module path "(.*)"/,
41
+ /go(?: get)?: ([^@\s]+)(?:@[^\s]+)?: .* unexpected module path "(.*)"/,
42
42
  /go(?: get)?: ([^@\s]+)(?:@[^\s]+)?:? .* declares its path as: ([\S]*)/m
43
43
  ].freeze
44
44
 
@@ -92,10 +92,6 @@ module Dependabot
92
92
  git_dependency?
93
93
  end
94
94
 
95
- def library?
96
- dependency_files.none? { |f| f.type == "package_main" }
97
- end
98
-
99
95
  def version_from_tag(tag)
100
96
  # To compare with the current version we either use the commit SHA
101
97
  # (if that's what the parser picked up) or the tag name.
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-go_modules
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.180.2
4
+ version: 0.180.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-03-28 00:00:00.000000000 Z
11
+ date: 2022-04-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.180.2
19
+ version: 0.180.5
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.180.2
26
+ version: 0.180.5
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debug
29
29
  requirement: !ruby/object:Gem::Requirement