dependabot-go_modules 0.326.1 → 0.327.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/helpers/go.mod +1 -1
- data/helpers/go.sum +2 -2
- data/lib/dependabot/go_modules/file_parser.rb +13 -4
- data/lib/dependabot/go_modules/resolvability_errors.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 20093466d53685c725bef4a937ba1c02e24d6035a516e877fc239f429007baab
|
|
4
|
+
data.tar.gz: 9668163f7dd4f2617a0e87679d3a525e850b1e1432de91b8ef4717f1aa31d79c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 5e28a9cd9506ff3d8b054c360d867738997d710a23d9c57100e08de3e8f7a6e442f45a71d89a129ce7b0c4fea700806cc9a7e745685bede9c75978da1066f846
|
|
7
|
+
data.tar.gz: 5f9776d873a1f64cc1978929f19671c85bd60489560be5f6f2f545b4eb66776d64f3b17337f1b1078dbd7852cf3ecf8d2692943f3385448bf9ea9a3b551aa67c
|
data/helpers/go.mod
CHANGED
data/helpers/go.sum
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
1
|
github.com/Masterminds/vcs v1.13.3 h1:IIA2aBdXvfbIM+yl/eTnL4hb1XwdpvuQLglAix1gweE=
|
|
2
2
|
github.com/Masterminds/vcs v1.13.3/go.mod h1:TiE7xuEjl1N4j016moRd6vezp6e6Lz23gypeXfzXeW8=
|
|
3
|
-
golang.org/x/mod v0.
|
|
4
|
-
golang.org/x/mod v0.
|
|
3
|
+
golang.org/x/mod v0.27.0 h1:kb+q2PyFnEADO2IEF935ehFUXlWiNjJWtRNgBLSfbxQ=
|
|
4
|
+
golang.org/x/mod v0.27.0/go.mod h1:rWI627Fq0DEoudcK+MBkNkCe0EetEaDSwJJkCcjpazc=
|
|
@@ -24,8 +24,14 @@ module Dependabot
|
|
|
24
24
|
def parse
|
|
25
25
|
dependency_set = Dependabot::FileParsers::Base::DependencySet.new
|
|
26
26
|
|
|
27
|
-
required_packages.each do |
|
|
28
|
-
|
|
27
|
+
required_packages.each do |hsh|
|
|
28
|
+
unless skip_dependency?(hsh) # rubocop:disable Style/Next
|
|
29
|
+
|
|
30
|
+
dep = dependency_from_details(hsh)
|
|
31
|
+
|
|
32
|
+
T.must(go_mod).dependencies << dep
|
|
33
|
+
dependency_set << dep
|
|
34
|
+
end
|
|
29
35
|
end
|
|
30
36
|
|
|
31
37
|
dependency_set.dependencies
|
|
@@ -96,11 +102,14 @@ module Dependabot
|
|
|
96
102
|
groups: []
|
|
97
103
|
}]
|
|
98
104
|
|
|
105
|
+
is_indirect = details["Indirect"]
|
|
106
|
+
|
|
99
107
|
Dependency.new(
|
|
100
108
|
name: details["Path"],
|
|
101
109
|
version: version,
|
|
102
|
-
requirements:
|
|
103
|
-
package_manager: "go_modules"
|
|
110
|
+
requirements: is_indirect ? [] : reqs,
|
|
111
|
+
package_manager: "go_modules",
|
|
112
|
+
direct_relationship: !is_indirect
|
|
104
113
|
)
|
|
105
114
|
end
|
|
106
115
|
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-go_modules
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.327.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -15,14 +15,14 @@ dependencies:
|
|
|
15
15
|
requirements:
|
|
16
16
|
- - '='
|
|
17
17
|
- !ruby/object:Gem::Version
|
|
18
|
-
version: 0.
|
|
18
|
+
version: 0.327.0
|
|
19
19
|
type: :runtime
|
|
20
20
|
prerelease: false
|
|
21
21
|
version_requirements: !ruby/object:Gem::Requirement
|
|
22
22
|
requirements:
|
|
23
23
|
- - '='
|
|
24
24
|
- !ruby/object:Gem::Version
|
|
25
|
-
version: 0.
|
|
25
|
+
version: 0.327.0
|
|
26
26
|
- !ruby/object:Gem::Dependency
|
|
27
27
|
name: debug
|
|
28
28
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -271,7 +271,7 @@ licenses:
|
|
|
271
271
|
- MIT
|
|
272
272
|
metadata:
|
|
273
273
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
274
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
274
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.327.0
|
|
275
275
|
rdoc_options: []
|
|
276
276
|
require_paths:
|
|
277
277
|
- lib
|