dependabot-go_modules 0.143.4 → 0.143.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/helpers/Makefile +2 -2
- data/helpers/build +2 -2
- data/helpers/go.mod +1 -8
- data/helpers/go.sum +0 -1
- data/helpers/updater/helpers.go +16 -8
- data/helpers/updater/main.go +3 -1
- data/lib/dependabot/go_modules/update_checker.rb +1 -1
- metadata +4 -6
- data/helpers/updater/go.mod +0 -3
- data/helpers/updater/go.sum +0 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 9e7f7d52aa2101f758f1b5041a69ec480f43b6afa40cbcc466a2a4ca7c6c5f1d
|
4
|
+
data.tar.gz: bc50731b3e23f20bfd368fcad0beeb11ce84ff1d8ebefcb7379d04a6454a8555
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 823c06ca3d150db110e23bbb06940993af989fb57b401dbe4739f557c86da2ed4dd1494054a7dbc7723cbe063d3813cdd66d55c78fcc3f18eeb25a4a66db5d67
|
7
|
+
data.tar.gz: a86a90214f579be6cc32c6a1932d2db80ef3925e2418b627a5fdc412e005a68953f379783a4246e536574a91c05b8ffeb043e7c29ddf370fe41d2f425badd975
|
data/helpers/Makefile
CHANGED
@@ -3,7 +3,7 @@
|
|
3
3
|
all: darwin linux
|
4
4
|
|
5
5
|
darwin:
|
6
|
-
|
6
|
+
GOOS=darwin GOARCH=amd64 go build -o go-helpers.darwin64 .
|
7
7
|
|
8
8
|
linux:
|
9
|
-
|
9
|
+
GOOS=linux GOARCH=amd64 go build -o go-helpers.linux64 .
|
data/helpers/build
CHANGED
@@ -23,5 +23,5 @@ cd $helpers_dir
|
|
23
23
|
os="$(uname -s | tr '[:upper:]' '[:lower:]')"
|
24
24
|
echo "building $install_dir/bin/helper"
|
25
25
|
|
26
|
-
|
27
|
-
go clean -cache -modcache
|
26
|
+
GOOS="$os" GOARCH=amd64 go build -o "$install_dir/bin/helper" .
|
27
|
+
go clean -cache -modcache
|
data/helpers/go.mod
CHANGED
@@ -1,16 +1,9 @@
|
|
1
1
|
module github.com/dependabot/dependabot-core/go_modules/helpers
|
2
2
|
|
3
|
-
go 1.
|
3
|
+
go 1.16
|
4
4
|
|
5
5
|
require (
|
6
6
|
github.com/Masterminds/vcs v1.13.1
|
7
|
-
github.com/dependabot/dependabot-core/go_modules/helpers/updater v0.0.0
|
8
7
|
github.com/dependabot/gomodules-extracted v1.2.0
|
9
8
|
golang.org/x/mod v0.4.2
|
10
9
|
)
|
11
|
-
|
12
|
-
replace github.com/dependabot/dependabot-core/go_modules/helpers/importresolver => ./importresolver
|
13
|
-
|
14
|
-
replace github.com/dependabot/dependabot-core/go_modules/helpers/updater => ./updater
|
15
|
-
|
16
|
-
replace github.com/dependabot/dependabot-core/go_modules/helpers/updatechecker => ./updatechecker
|
data/helpers/go.sum
CHANGED
@@ -1,6 +1,5 @@
|
|
1
1
|
github.com/Masterminds/vcs v1.13.1 h1:NL3G1X7/7xduQtA2sJLpVpfHTNBALVNSjob6KEjPXNQ=
|
2
2
|
github.com/Masterminds/vcs v1.13.1/go.mod h1:N09YCmOQr6RLxC6UNHzuVwAdodYbbnycGHSmwVJjcKA=
|
3
|
-
github.com/dependabot/gomodules-extracted v0.0.0-20181020215834-1b2f850478a3/go.mod h1:+dRXSrUymjpT4yzKtn1QmeknT1S/yAHRr35en18dHp8=
|
4
3
|
github.com/dependabot/gomodules-extracted v1.2.0 h1:K/gTyOyhasOt4cjULvOPNiD3MAFGytp4F7e39aB+0Y0=
|
5
4
|
github.com/dependabot/gomodules-extracted v1.2.0/go.mod h1:3NWkH8KcZVDM87JuZI8hCZzYbjfUSz98EZI53qjgMgY=
|
6
5
|
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
data/helpers/updater/helpers.go
CHANGED
@@ -6,7 +6,11 @@ import (
|
|
6
6
|
"golang.org/x/mod/modfile"
|
7
7
|
)
|
8
8
|
|
9
|
-
// Private methods lifted from the `modfile` package
|
9
|
+
// Private methods lifted from the `modfile` package.
|
10
|
+
// Last synced: 4/28/2021 from:
|
11
|
+
// https://github.com/golang/mod/blob/858fdbee9c245c8109c359106e89c6b8d321f19c/modfile/rule.go
|
12
|
+
|
13
|
+
var slashSlash = []byte("//")
|
10
14
|
|
11
15
|
// setIndirect sets line to have (or not have) a "// indirect" comment.
|
12
16
|
func setIndirect(line *modfile.Line, indirect bool) {
|
@@ -20,13 +24,17 @@ func setIndirect(line *modfile.Line, indirect bool) {
|
|
20
24
|
line.Suffix = []modfile.Comment{{Token: "// indirect", Suffix: true}}
|
21
25
|
return
|
22
26
|
}
|
23
|
-
|
27
|
+
|
24
28
|
com := &line.Suffix[0]
|
25
|
-
|
26
|
-
if
|
27
|
-
|
29
|
+
text := strings.TrimSpace(strings.TrimPrefix(com.Token, string(slashSlash)))
|
30
|
+
if text == "" {
|
31
|
+
// Empty comment.
|
32
|
+
com.Token = "// indirect"
|
33
|
+
return
|
28
34
|
}
|
29
|
-
|
35
|
+
|
36
|
+
// Insert at beginning of existing comment.
|
37
|
+
com.Token = "// indirect; " + text
|
30
38
|
return
|
31
39
|
}
|
32
40
|
|
@@ -52,6 +60,6 @@ func isIndirect(line *modfile.Line) bool {
|
|
52
60
|
if len(line.Suffix) == 0 {
|
53
61
|
return false
|
54
62
|
}
|
55
|
-
f := strings.Fields(line.Suffix[0].Token)
|
56
|
-
return (len(f) ==
|
63
|
+
f := strings.Fields(strings.TrimPrefix(line.Suffix[0].Token, string(slashSlash)))
|
64
|
+
return (len(f) == 1 && f[0] == "indirect" || len(f) > 1 && f[0] == "indirect;")
|
57
65
|
}
|
data/helpers/updater/main.go
CHANGED
@@ -28,7 +28,9 @@ func UpdateDependencyFile(args *Args) (interface{}, error) {
|
|
28
28
|
}
|
29
29
|
|
30
30
|
for _, dep := range args.Dependencies {
|
31
|
-
f.AddRequire(dep.Name, dep.Version)
|
31
|
+
if err := f.AddRequire(dep.Name, dep.Version); err != nil {
|
32
|
+
return nil, err
|
33
|
+
}
|
32
34
|
}
|
33
35
|
|
34
36
|
for _, r := range f.Require {
|
@@ -24,7 +24,7 @@ module Dependabot
|
|
24
24
|
#
|
25
25
|
# To update indirect dependencies we'll need to promote the indirect
|
26
26
|
# dependency to the go.mod file forcing the resolver to pick this
|
27
|
-
# version (possibly as
|
27
|
+
# version (possibly as `// indirect`)
|
28
28
|
unless dependency.top_level?
|
29
29
|
return unless dependency.version
|
30
30
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-go_modules
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.143.
|
4
|
+
version: 0.143.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-04-
|
11
|
+
date: 2021-04-29 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dependabot-common
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.143.
|
19
|
+
version: 0.143.5
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.143.
|
26
|
+
version: 0.143.5
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: byebug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -192,8 +192,6 @@ files:
|
|
192
192
|
- helpers/importresolver/main.go
|
193
193
|
- helpers/main.go
|
194
194
|
- helpers/updatechecker/main.go
|
195
|
-
- helpers/updater/go.mod
|
196
|
-
- helpers/updater/go.sum
|
197
195
|
- helpers/updater/helpers.go
|
198
196
|
- helpers/updater/main.go
|
199
197
|
- lib/dependabot/go_modules.rb
|
data/helpers/updater/go.mod
DELETED
data/helpers/updater/go.sum
DELETED