dependabot-go_modules 0.229.0 → 0.231.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/go_modules/file_fetcher.rb +5 -4
- data/lib/dependabot/go_modules/file_parser.rb +3 -2
- data/lib/dependabot/go_modules/file_updater/go_mod_updater.rb +5 -4
- data/lib/dependabot/go_modules/file_updater.rb +5 -4
- data/lib/dependabot/go_modules/metadata_finder.rb +3 -2
- data/lib/dependabot/go_modules/native_helpers.rb +1 -0
- data/lib/dependabot/go_modules/path_converter.rb +1 -0
- data/lib/dependabot/go_modules/replace_stubber.rb +5 -4
- data/lib/dependabot/go_modules/requirement.rb +14 -13
- data/lib/dependabot/go_modules/resolvability_errors.rb +1 -0
- data/lib/dependabot/go_modules/update_checker/latest_version_finder.rb +7 -6
- data/lib/dependabot/go_modules/update_checker.rb +3 -2
- data/lib/dependabot/go_modules/version.rb +3 -2
- data/lib/dependabot/go_modules.rb +5 -4
- metadata +19 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 3998df520e4c8ba84d58cc3a9ccf1ce87809e27256d93cf36dcabb55db340e56
|
|
4
|
+
data.tar.gz: cc51a82458c5dc84472b177708746642448a82050f864c695e74cc083e6caa59
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 0beb9c74310a693bf8538e7eaef4926b8782a9fc200739991a394eacc0970bcd23b94590cb34fb2333dcfa42b5e1aa3f03bc3dbd99dda6a357664e9ba05e8bc5
|
|
7
|
+
data.tar.gz: 33926850c6c08999c16e7ee79556ff204c5abeba6181aee2be532249695a7522002715bf44d53b5defd5f0829201ead25701f7acece2dc536685b0ff60b92970
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# typed: false
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
|
|
3
4
|
require "dependabot/file_fetchers"
|
|
@@ -36,8 +37,8 @@ module Dependabot
|
|
|
36
37
|
unless go_mod
|
|
37
38
|
raise(
|
|
38
39
|
Dependabot::DependencyFileNotFound,
|
|
39
|
-
Pathname.new(File.join(directory, "go.mod"))
|
|
40
|
-
cleanpath.to_path
|
|
40
|
+
Pathname.new(File.join(directory, "go.mod"))
|
|
41
|
+
.cleanpath.to_path
|
|
41
42
|
)
|
|
42
43
|
end
|
|
43
44
|
|
|
@@ -67,5 +68,5 @@ module Dependabot
|
|
|
67
68
|
end
|
|
68
69
|
end
|
|
69
70
|
|
|
70
|
-
Dependabot::FileFetchers
|
|
71
|
-
register("go_modules", Dependabot::GoModules::FileFetcher)
|
|
71
|
+
Dependabot::FileFetchers
|
|
72
|
+
.register("go_modules", Dependabot::GoModules::FileFetcher)
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# typed: false
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
|
|
3
4
|
require "open3"
|
|
@@ -139,5 +140,5 @@ module Dependabot
|
|
|
139
140
|
end
|
|
140
141
|
end
|
|
141
142
|
|
|
142
|
-
Dependabot::FileParsers
|
|
143
|
-
register("go_modules", Dependabot::GoModules::FileParser)
|
|
143
|
+
Dependabot::FileParsers
|
|
144
|
+
.register("go_modules", Dependabot::GoModules::FileParser)
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# typed: false
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
|
|
3
4
|
require "dependabot/shared_helpers"
|
|
@@ -237,8 +238,8 @@ module Dependabot
|
|
|
237
238
|
# process afterwards.
|
|
238
239
|
def replace_directive_substitutions(manifest)
|
|
239
240
|
@replace_directive_substitutions ||=
|
|
240
|
-
Dependabot::GoModules::ReplaceStubber.new(repo_contents_path)
|
|
241
|
-
|
|
241
|
+
Dependabot::GoModules::ReplaceStubber.new(repo_contents_path)
|
|
242
|
+
.stub_paths(manifest, directory)
|
|
242
243
|
end
|
|
243
244
|
|
|
244
245
|
def substitute_all(substitutions)
|
|
@@ -272,8 +273,8 @@ module Dependabot
|
|
|
272
273
|
path_regex = MODULE_PATH_MISMATCH_REGEXES.find { |r| stderr =~ r }
|
|
273
274
|
if path_regex
|
|
274
275
|
match = path_regex.match(stderr)
|
|
275
|
-
raise Dependabot::GoModulePathMismatch
|
|
276
|
-
new(go_mod_path, match[1], match[2])
|
|
276
|
+
raise Dependabot::GoModulePathMismatch
|
|
277
|
+
.new(go_mod_path, match[1], match[2])
|
|
277
278
|
end
|
|
278
279
|
|
|
279
280
|
out_of_disk_regex = OUT_OF_DISK_REGEXES.find { |r| stderr =~ r }
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# typed: false
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
|
|
3
4
|
require "dependabot/shared_helpers"
|
|
@@ -43,8 +44,8 @@ module Dependabot
|
|
|
43
44
|
)
|
|
44
45
|
end
|
|
45
46
|
|
|
46
|
-
vendor_updater.updated_vendor_cache_files(base_directory: directory)
|
|
47
|
-
|
|
47
|
+
vendor_updater.updated_vendor_cache_files(base_directory: directory)
|
|
48
|
+
.each do |file|
|
|
48
49
|
updated_files << file
|
|
49
50
|
end
|
|
50
51
|
end
|
|
@@ -136,5 +137,5 @@ module Dependabot
|
|
|
136
137
|
end
|
|
137
138
|
end
|
|
138
139
|
|
|
139
|
-
Dependabot::FileUpdaters
|
|
140
|
-
register("go_modules", Dependabot::GoModules::FileUpdater)
|
|
140
|
+
Dependabot::FileUpdaters
|
|
141
|
+
.register("go_modules", Dependabot::GoModules::FileUpdater)
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# typed: false
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
|
|
3
4
|
require "dependabot/metadata_finders"
|
|
@@ -17,5 +18,5 @@ module Dependabot
|
|
|
17
18
|
end
|
|
18
19
|
end
|
|
19
20
|
|
|
20
|
-
Dependabot::MetadataFinders
|
|
21
|
-
register("go_modules", Dependabot::GoModules::MetadataFinder)
|
|
21
|
+
Dependabot::MetadataFinders
|
|
22
|
+
.register("go_modules", Dependabot::GoModules::MetadataFinder)
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# typed: false
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
|
|
3
4
|
module Dependabot
|
|
@@ -16,10 +17,10 @@ module Dependabot
|
|
|
16
17
|
end
|
|
17
18
|
|
|
18
19
|
def stub_paths(manifest, directory)
|
|
19
|
-
(manifest["Replace"] || [])
|
|
20
|
-
filter_map { |r| r["New"]["Path"] }
|
|
21
|
-
select { |p| stub_replace_path?(p, directory) }
|
|
22
|
-
to_h { |p| [p, "./" + Digest::SHA2.hexdigest(p)] }
|
|
20
|
+
(manifest["Replace"] || [])
|
|
21
|
+
.filter_map { |r| r["New"]["Path"] }
|
|
22
|
+
.select { |p| stub_replace_path?(p, directory) }
|
|
23
|
+
.to_h { |p| [p, "./" + Digest::SHA2.hexdigest(p)] }
|
|
23
24
|
end
|
|
24
25
|
|
|
25
26
|
private
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# typed: false
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
|
|
3
4
|
################################################################################
|
|
@@ -94,17 +95,17 @@ module Dependabot
|
|
|
94
95
|
|
|
95
96
|
req_string = req_string.gsub(/(?:(?:\.|^)[xX*])(\.[xX*])+/, "") if req_string.start_with?("~")
|
|
96
97
|
|
|
97
|
-
req_string.split(".")
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
98
|
+
req_string.split(".")
|
|
99
|
+
.map do |part|
|
|
100
|
+
part.split("-").map.with_index do |p, i|
|
|
101
|
+
# Before we hit a wildcard we just return the existing part
|
|
102
|
+
next p unless p.match?(WILDCARD_REGEX) || after_wildcard
|
|
103
|
+
|
|
104
|
+
# On or after a wildcard we replace the version part with zero
|
|
105
|
+
after_wildcard = true
|
|
106
|
+
i.zero? ? "0" : "a"
|
|
107
|
+
end.join("-")
|
|
108
|
+
end.join(".")
|
|
108
109
|
end
|
|
109
110
|
|
|
110
111
|
def convert_tilde_req(req_string)
|
|
@@ -146,5 +147,5 @@ module Dependabot
|
|
|
146
147
|
end
|
|
147
148
|
end
|
|
148
149
|
|
|
149
|
-
Dependabot::Utils
|
|
150
|
-
register_requirement_class("go_modules", Dependabot::GoModules::Requirement)
|
|
150
|
+
Dependabot::Utils
|
|
151
|
+
.register_requirement_class("go_modules", Dependabot::GoModules::Requirement)
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# typed: false
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
|
|
3
4
|
require "excon"
|
|
@@ -101,8 +102,8 @@ module Dependabot
|
|
|
101
102
|
|
|
102
103
|
return [version_class.new(dependency.version)] if version_strings.nil?
|
|
103
104
|
|
|
104
|
-
version_strings.select { |v| version_class.correct?(v) }
|
|
105
|
-
|
|
105
|
+
version_strings.select { |v| version_class.correct?(v) }
|
|
106
|
+
.map { |v| version_class.new(v) }
|
|
106
107
|
end
|
|
107
108
|
end
|
|
108
109
|
rescue SharedHelpers::HelperSubprocessFailed => e
|
|
@@ -151,13 +152,13 @@ module Dependabot
|
|
|
151
152
|
def filter_lower_versions(versions_array)
|
|
152
153
|
return versions_array unless dependency.numeric_version
|
|
153
154
|
|
|
154
|
-
versions_array
|
|
155
|
-
select { |version| version > dependency.numeric_version }
|
|
155
|
+
versions_array
|
|
156
|
+
.select { |version| version > dependency.numeric_version }
|
|
156
157
|
end
|
|
157
158
|
|
|
158
159
|
def filter_ignored_versions(versions_array)
|
|
159
|
-
filtered = versions_array
|
|
160
|
-
reject { |v| ignore_requirements.any? { |r| r.satisfied_by?(v) } }
|
|
160
|
+
filtered = versions_array
|
|
161
|
+
.reject { |v| ignore_requirements.any? { |r| r.satisfied_by?(v) } }
|
|
161
162
|
if @raise_on_ignored && filter_lower_versions(filtered).empty? && filter_lower_versions(versions_array).any?
|
|
162
163
|
raise AllVersionsIgnored
|
|
163
164
|
end
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# typed: false
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
|
|
3
4
|
require "dependabot/update_checkers"
|
|
@@ -88,5 +89,5 @@ module Dependabot
|
|
|
88
89
|
end
|
|
89
90
|
end
|
|
90
91
|
|
|
91
|
-
Dependabot::UpdateCheckers
|
|
92
|
-
register("go_modules", Dependabot::GoModules::UpdateChecker)
|
|
92
|
+
Dependabot::UpdateCheckers
|
|
93
|
+
.register("go_modules", Dependabot::GoModules::UpdateChecker)
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# typed: false
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
|
|
3
4
|
# Go pre-release versions use 1.0.1-rc1 syntax, which Gem::Version
|
|
@@ -42,5 +43,5 @@ module Dependabot
|
|
|
42
43
|
end
|
|
43
44
|
end
|
|
44
45
|
|
|
45
|
-
Dependabot::Utils
|
|
46
|
-
register_version_class("go_modules", Dependabot::GoModules::Version)
|
|
46
|
+
Dependabot::Utils
|
|
47
|
+
.register_version_class("go_modules", Dependabot::GoModules::Version)
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# typed: false
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
|
|
3
4
|
# These all need to be required so the various classes can be registered in a
|
|
@@ -11,12 +12,12 @@ require "dependabot/go_modules/requirement"
|
|
|
11
12
|
require "dependabot/go_modules/version"
|
|
12
13
|
|
|
13
14
|
require "dependabot/pull_request_creator/labeler"
|
|
14
|
-
Dependabot::PullRequestCreator::Labeler
|
|
15
|
-
register_label_details("go_modules", name: "go", colour: "16e2e2")
|
|
15
|
+
Dependabot::PullRequestCreator::Labeler
|
|
16
|
+
.register_label_details("go_modules", name: "go", colour: "16e2e2")
|
|
16
17
|
|
|
17
18
|
require "dependabot/dependency"
|
|
18
|
-
Dependabot::Dependency
|
|
19
|
-
register_production_check("go_modules", ->(_) { true })
|
|
19
|
+
Dependabot::Dependency
|
|
20
|
+
.register_production_check("go_modules", ->(_) { true })
|
|
20
21
|
|
|
21
22
|
require "dependabot/utils"
|
|
22
23
|
Dependabot::Utils.register_always_clone("go_modules")
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-go_modules
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.231.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-
|
|
11
|
+
date: 2023-09-12 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.231.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.231.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -136,6 +136,20 @@ dependencies:
|
|
|
136
136
|
- - "~>"
|
|
137
137
|
- !ruby/object:Gem::Version
|
|
138
138
|
version: 1.19.0
|
|
139
|
+
- !ruby/object:Gem::Dependency
|
|
140
|
+
name: rubocop-sorbet
|
|
141
|
+
requirement: !ruby/object:Gem::Requirement
|
|
142
|
+
requirements:
|
|
143
|
+
- - "~>"
|
|
144
|
+
- !ruby/object:Gem::Version
|
|
145
|
+
version: 0.7.3
|
|
146
|
+
type: :development
|
|
147
|
+
prerelease: false
|
|
148
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
149
|
+
requirements:
|
|
150
|
+
- - "~>"
|
|
151
|
+
- !ruby/object:Gem::Version
|
|
152
|
+
version: 0.7.3
|
|
139
153
|
- !ruby/object:Gem::Dependency
|
|
140
154
|
name: stackprof
|
|
141
155
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -211,7 +225,7 @@ licenses:
|
|
|
211
225
|
- Nonstandard
|
|
212
226
|
metadata:
|
|
213
227
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
214
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
228
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.231.0
|
|
215
229
|
post_install_message:
|
|
216
230
|
rdoc_options: []
|
|
217
231
|
require_paths:
|