dependabot-go_modules 0.138.6 → 0.138.7

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/helpers/go.mod +1 -1
  3. data/helpers/go.sum +2 -2
  4. data/lib/dependabot/go_modules/file_updater/go_mod_updater.rb +20 -22
  5. metadata +6 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9c7dedb732a27d9c584f560e2a8feb455544812304e936b672ca3da768bb8b79
4
- data.tar.gz: 34c2c937316d8ae415e4f7d87c0da228d4facf49f99229d9bff457349a22a6b9
3
+ metadata.gz: d4bf01422d0d6b5d38f97230bc59d0cabb422c6c5f254dc6a3fd82f165cd6b3e
4
+ data.tar.gz: 3137ada20e69002e022109ddfe4627eb6fd510634e529064d5d10500f16138b9
5
5
  SHA512:
6
- metadata.gz: 9431d4d8cadff527b74e933f5f4c47b2e756f148ab3d03a4c62c9615077be546f8abf738c8c6627f51ba6513bc7df6cdb0538f1f170beb063fa4973cbead9975
7
- data.tar.gz: d13165568ea340a5b26c98a80bfd7a1a1b3e17a5e208d4cca945d7d85768c6ff9abda007eac23e38c15d67f0fdd7f4f2cf79ce699566f7cec833c28db8967f51
6
+ metadata.gz: f49969b54b69804c7df6aedeb32cf85a0c9a19fdf4b2360f713c48f95384d5850c4e3978c493de9f37724a214fff8c3a4ed875b936ba21b3788b036133a81958
7
+ data.tar.gz: ddcbdd053d70479fe24112b2423daf43b8f2660ff282963bd34227ad8ae37b332c54b81d576f97b6bf42a1a93abd54c1ff88bc447858d92cc12b411b982d534e
data/helpers/go.mod CHANGED
@@ -6,7 +6,7 @@ require (
6
6
  github.com/Masterminds/vcs v1.13.1
7
7
  github.com/dependabot/dependabot-core/go_modules/helpers/updater v0.0.0
8
8
  github.com/dependabot/gomodules-extracted v1.2.0
9
- golang.org/x/mod v0.4.1
9
+ golang.org/x/mod v0.4.2
10
10
  )
11
11
 
12
12
  replace github.com/dependabot/dependabot-core/go_modules/helpers/importresolver => ./importresolver
data/helpers/go.sum CHANGED
@@ -6,8 +6,8 @@ github.com/dependabot/gomodules-extracted v1.2.0/go.mod h1:3NWkH8KcZVDM87JuZI8hC
6
6
  golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
7
7
  golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550 h1:ObdrDkeb4kJdCP557AjRjq69pTHfNouLtWZG7j9rPN8=
8
8
  golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
9
- golang.org/x/mod v0.4.1 h1:Kvvh58BN8Y9/lBi7hTekvtMpm07eUZ0ck5pRHpsMWrY=
10
- golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
9
+ golang.org/x/mod v0.4.2 h1:Gz96sIWK3OalVv/I/qNygP42zyoKp3xptRVCWRFEBvo=
10
+ golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
11
11
  golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
12
12
  golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
13
13
  golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
data/lib/dependabot/go_modules/file_updater/go_mod_updater.rb CHANGED
@@ -222,18 +222,12 @@ module Dependabot
222
222
  # process afterwards.
223
223
  def replace_directive_substitutions(manifest)
224
224
  @replace_directive_substitutions ||=
225
- begin
226
- # Find all the local replacements, and return them with a stub
227
- # path we can use in their place. Using generated paths is safer
228
- # as it means we don't need to worry about references to parent
229
- # directories, etc.
230
- (manifest["Replace"] || []).
231
- map { |r| r["New"]["Path"] }.
232
- compact.
233
- select { |p| stub_replace_path?(p) }.
234
- map { |p| [p, "./" + Digest::SHA2.hexdigest(p)] }.
235
- to_h
236
- end
225
+ (manifest["Replace"] || []).
226
+ map { |r| r["New"]["Path"] }.
227
+ compact.
228
+ select { |p| stub_replace_path?(p) }.
229
+ map { |p| [p, "./" + Digest::SHA2.hexdigest(p)] }.
230
+ to_h
237
231
  end
238
232
 
239
233
  # returns true if the provided path should be replaced with a stub
@@ -269,22 +263,20 @@ module Dependabot
269
263
  write_go_mod(body)
270
264
  end
271
265
 
272
- # rubocop:disable Metrics/AbcSize
273
- # rubocop:disable Metrics/PerceivedComplexity
274
266
  def handle_subprocess_error(stderr)
275
267
  stderr = stderr.gsub(Dir.getwd, "")
276
268
 
277
269
  # Package version doesn't match the module major version
278
270
  error_regex = RESOLVABILITY_ERROR_REGEXES.find { |r| stderr =~ r }
279
271
  if error_regex
280
- lines = stderr.lines.drop_while { |l| error_regex !~ l }
281
- raise Dependabot::DependencyFileNotResolvable, lines.join
272
+ error_message = filter_error_message(message: stderr, regex: error_regex)
273
+ raise Dependabot::DependencyFileNotResolvable, error_message
282
274
  end
283
275
 
284
276
  repo_error_regex = REPO_RESOLVABILITY_ERROR_REGEXES.find { |r| stderr =~ r }
285
277
  if repo_error_regex
286
- lines = stderr.lines.drop_while { |l| repo_error_regex !~ l }
287
- ResolvabilityErrors.handle(lines.join, credentials: credentials)
278
+ error_message = filter_error_message(message: stderr, regex: repo_error_regex)
279
+ ResolvabilityErrors.handle(error_message, credentials: credentials)
288
280
  end
289
281
 
290
282
  path_regex = MODULE_PATH_MISMATCH_REGEXES.find { |r| stderr =~ r }
@@ -296,16 +288,22 @@ module Dependabot
296
288
 
297
289
  out_of_disk_regex = OUT_OF_DISK_REGEXES.find { |r| stderr =~ r }
298
290
  if out_of_disk_regex
299
- lines = stderr.lines.select { |l| out_of_disk_regex =~ l }
300
- raise Dependabot::OutOfDisk.new, lines.join
291
+ error_message = filter_error_message(message: stderr, regex: out_of_disk_regex)
292
+ raise Dependabot::OutOfDisk.new, error_message
301
293
  end
302
294
 
303
295
  # We don't know what happened so we raise a generic error
304
296
  msg = stderr.lines.last(10).join.strip
305
297
  raise Dependabot::DependabotError, msg
306
298
  end
307
- # rubocop:enable Metrics/PerceivedComplexity
308
- # rubocop:enable Metrics/AbcSize
299
+
300
+ def filter_error_message(message:, regex:)
301
+ lines = message.lines.select { |l| regex =~ l }
302
+ return lines.join if lines.any?
303
+
304
+ # In case the regex is multi-line, match the whole string
305
+ message.match(regex).to_s
306
+ end
309
307
 
310
308
  def go_mod_path
311
309
  return "go.mod" if directory == "/"
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-go_modules
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.138.6
4
+ version: 0.138.7
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-03-29 00:00:00.000000000 Z
11
+ date: 2021-03-30 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.138.6
19
+ version: 0.138.7
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.138.6
26
+ version: 0.138.7
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -100,14 +100,14 @@ dependencies:
100
100
  requirements:
101
101
  - - "~>"
102
102
  - !ruby/object:Gem::Version
103
- version: 1.11.0
103
+ version: 1.12.0
104
104
  type: :development
105
105
  prerelease: false
106
106
  version_requirements: !ruby/object:Gem::Requirement
107
107
  requirements:
108
108
  - - "~>"
109
109
  - !ruby/object:Gem::Version
110
- version: 1.11.0
110
+ version: 1.12.0
111
111
  - !ruby/object:Gem::Dependency
112
112
  name: simplecov
113
113
  requirement: !ruby/object:Gem::Requirement