dependabot-go_modules 0.227.0 → 0.228.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c02bc783acee302833e388822ff46540c7cb2123b7383030de0128e5e2afefda
-  data.tar.gz: 7251f4950da361833edbf3febfaf2f07759a8471d010367169a58f7486958583
+  metadata.gz: 5b44fa9f728127b4003c2654f3f5848ef682e8a398d3056f5cb735b5f7a11d78
+  data.tar.gz: d94ff58e1bff9c363f20efd158b3fa949650942a2324601a8c9ec878f2e7d759
 SHA512:
-  metadata.gz: a775f9b8090ca945718db61ee6b5118374081da7b854db7958b0943396b9e40441f97ebe7b1d98725f6a8dd3984c28eb8cdfb926422e748a92fdf1df26783132
-  data.tar.gz: 3466ac3aaa4534221c3b2c122c29473d0d2f630ebcccdcd9a171fbd7612902c0c935c2f29cce7140c09e915454638698745cf92564769cfc66ddf1a7277c125e
+  metadata.gz: 70b7c170f5631d3f33f2de907d69edf61a6e58c9fb5363307156be98a6256a3bbc41a80d5cb55e1e6f6d6db4d3dbb78d18df603eaa0cef65b6c0539a33882a0b
+  data.tar.gz: 8f5e6c7b6baad727707a91a525cafb06b4ba77e9f46d9737882756213b55366f9da7ec6f846d155b99a0a9bcca2a15d7bb3dd2aecdf787bcd9ec9576ec6e1ed2

data/lib/dependabot/go_modules/file_updater/go_mod_updater.rb

@@ -266,7 +266,7 @@ module Dependabot
           repo_error_regex = REPO_RESOLVABILITY_ERROR_REGEXES.find { |r| stderr =~ r }
           if repo_error_regex
             error_message = filter_error_message(message: stderr, regex: repo_error_regex)
-            ResolvabilityErrors.handle(error_message, credentials: credentials, goprivate: @goprivate)
+            ResolvabilityErrors.handle(error_message, goprivate: @goprivate)
           end
 
           path_regex = MODULE_PATH_MISMATCH_REGEXES.find { |r| stderr =~ r }

data/lib/dependabot/go_modules/resolvability_errors.rb

@@ -5,29 +5,27 @@ module Dependabot
     module ResolvabilityErrors
       GITHUB_REPO_REGEX = %r{github.com/[^:@]*}
 
-      def self.handle(message, credentials:, goprivate:)
+      def self.handle(message, goprivate:)
         mod_path = message.scan(GITHUB_REPO_REGEX).last
         raise Dependabot::DependencyFileNotResolvable, message unless mod_path
 
         # Module not found on github.com - query for _any_ version to know if it
         # doesn't exist (or is private) or we were just given a bad revision by this manifest
         SharedHelpers.in_a_temporary_directory do
-          SharedHelpers.with_git_configured(credentials: credentials) do
-            File.write("go.mod", "module dummy\n")
+          File.write("go.mod", "module dummy\n")
 
-            mod_split = mod_path.split("/")
-            repo_path = if mod_split.size > 3
-                          mod_split[0..2].join("/")
-                        else
-                          mod_path
-                        end
+          mod_split = mod_path.split("/")
+          repo_path = if mod_split.size > 3
+                        mod_split[0..2].join("/")
+                      else
+                        mod_path
+                      end
 
-            env = { "GOPRIVATE" => goprivate }
-            _, _, status = Open3.capture3(env, SharedHelpers.escape_command("go list -m -versions #{repo_path}"))
-            raise Dependabot::DependencyFileNotResolvable, message if status.success?
+          env = { "GOPRIVATE" => goprivate }
+          _, _, status = Open3.capture3(env, SharedHelpers.escape_command("go list -m -versions #{repo_path}"))
+          raise Dependabot::DependencyFileNotResolvable, message if status.success?
 
-            raise Dependabot::GitDependenciesNotReachable, [repo_path]
-          end
+          raise Dependabot::GitDependenciesNotReachable, [repo_path]
         end
       end
     end

data/lib/dependabot/go_modules/update_checker/latest_version_finder.rb

@@ -115,7 +115,7 @@ module Dependabot
 
         def handle_subprocess_error(error)
           if RESOLVABILITY_ERROR_REGEXES.any? { |rgx| error.message =~ rgx }
-            ResolvabilityErrors.handle(error.message, credentials: credentials, goprivate: @goprivate)
+            ResolvabilityErrors.handle(error.message, goprivate: @goprivate)
           elsif INVALID_VERSION_REGEX.match?(error.message)
             raise Dependabot::DependencyFileNotResolvable, error.message
           end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-go_modules
 version: !ruby/object:Gem::Version
-  version: 0.227.0
+  version: 0.228.0
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-08-18 00:00:00.000000000 Z
+date: 2023-08-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.227.0
+        version: 0.228.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.227.0
+        version: 0.228.0
 - !ruby/object:Gem::Dependency
   name: debug
   requirement: !ruby/object:Gem::Requirement
@@ -114,14 +114,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.50.0
+        version: 1.56.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.50.0
+        version: 1.56.0
 - !ruby/object:Gem::Dependency
   name: rubocop-performance
   requirement: !ruby/object:Gem::Requirement
@@ -211,7 +211,7 @@ licenses:
 - Nonstandard
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.227.0
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.228.0
 post_install_message: 
 rdoc_options: []
 require_paths: