dependabot-go_modules 0.211.0 → 0.212.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e2fd2d0b1e09d48b7bea41af75ff0c823f7fa97f3fc428f6961ca09c1f0a7473
-  data.tar.gz: c4c938fd3210c4c84f8e946afc04aacdb4b332099697a52476fab15020f02af4
+  metadata.gz: 9a4dc6858676aa3f1b955c586842f791cb99b2685f6c4c1254481bef52e4fcd3
+  data.tar.gz: e1d58699f368c4d17982156b7a485cf5c7ce10c261abb1754f832dbbec9f0b0d
 SHA512:
-  metadata.gz: da1c93d034f2ce7ff361b6f8972a7b8f71f68a29d0f2451bc0a4e5b6a7613d9e8e875f1f4adb6e8c78efe8e8aab11366cbeb43ae472b77205f0bb06ae55cbb14
-  data.tar.gz: f09ef513ea9835d19f85ed2e9fb82076cf1120d39f5bfb35b4a60c8ad1b16ffe01797e85bf648df35540c08312414284dd6fb962e891ab6cab4eddcfec85ec7c
+  metadata.gz: c24e914689efc47b2bf3faffd11cef23f9b0f07804a79d90177aa7e5600b7dd8666316330d7e13e3d4efb489a2082d53837e9baeb4a4bdc3c148603fe2554d65
+  data.tar.gz: b019db2774816b9f78d687494ad12ee3119aef1158e63acf31df12cce09f4baca7f58763d61d578216930d612576070dd23cef788424ed6c873e5f7f392360ad

data/lib/dependabot/go_modules/file_parser.rb

@@ -65,7 +65,7 @@ module Dependabot
             # `go mod edit` works, even if some modules have been `replace`d with
             # a local module that we don't have access to.
             local_replacements.each do |_, stub_path|
-              Dir.mkdir(stub_path) unless Dir.exist?(stub_path)
+              FileUtils.mkdir_p(stub_path)
               FileUtils.touch(File.join(stub_path, "go.mod"))
             end
 
@@ -135,8 +135,8 @@ module Dependabot
         }
       rescue Dependabot::SharedHelpers::HelperSubprocessFailed => e
         if e.message == "Cannot detect VCS"
-          msg = e.message + " for #{dep['Path']}. Attempted to detect VCS "\
-                            "because the version looks like a git revision: "\
+          msg = e.message + " for #{dep['Path']}. Attempted to detect VCS " \
+                            "because the version looks like a git revision: " \
                             "#{dep['Version']}"
           raise Dependabot::DependencyFileNotResolvable, msg
         end

data/lib/dependabot/go_modules/file_updater/go_mod_updater.rb

@@ -175,7 +175,7 @@ module Dependabot
           _, stderr, status = Open3.capture3(environment, command)
           handle_subprocess_error(stderr) unless status.success?
         ensure
-          File.delete(tmp_go_file) if File.exist?(tmp_go_file)
+          FileUtils.rm_f(tmp_go_file)
         end
 
         def parse_manifest
@@ -188,9 +188,7 @@ module Dependabot
 
         def in_repo_path(&block)
           SharedHelpers.in_a_temporary_repo_directory(directory, repo_contents_path) do
-            SharedHelpers.with_git_configured(credentials: credentials) do
-              block.call
-            end
+            SharedHelpers.with_git_configured(credentials: credentials, &block)
           end
         end
 
@@ -199,7 +197,7 @@ module Dependabot
           # `go get` works, even if some modules have been `replace`d
           # with a local module that we don't have access to.
           stub_paths.each do |stub_path|
-            Dir.mkdir(stub_path) unless Dir.exist?(stub_path)
+            FileUtils.mkdir_p(stub_path)
             FileUtils.touch(File.join(stub_path, "go.mod"))
             FileUtils.touch(File.join(stub_path, "main.go"))
           end

data/lib/dependabot/go_modules/file_updater.rb

@@ -70,7 +70,7 @@ module Dependabot
           dependency_files.each do |file|
             path = File.join(@repo_contents_path, directory, file.name)
             path = Pathname.new(path).expand_path
-            FileUtils.mkdir_p(path.dirname) unless Dir.exist?(path.dirname)
+            FileUtils.mkdir_p(path.dirname)
             File.write(path, file.content)
           end
 

data/lib/dependabot/go_modules/replace_stubber.rb

@@ -17,11 +17,9 @@ module Dependabot
 
       def stub_paths(manifest, directory)
         (manifest["Replace"] || []).
-          map { |r| r["New"]["Path"] }.
-          compact.
+          filter_map { |r| r["New"]["Path"] }.
           select { |p| stub_replace_path?(p, directory) }.
-          map { |p| [p, "./" + Digest::SHA2.hexdigest(p)] }.
-          to_h
+          to_h { |p| [p, "./" + Digest::SHA2.hexdigest(p)] }
       end
 
       private
@@ -44,7 +42,7 @@ module Dependabot
 
       def relative_replacement_path?(path)
         # https://golang.org/ref/mod#go-mod-file-replace
-        path.start_with?("./") || path.start_with?("../")
+        path.start_with?("./", "../")
       end
 
       def module_pathname(directory)

data/lib/dependabot/go_modules/update_checker/latest_version_finder.rb

@@ -52,7 +52,7 @@ module Dependabot
         attr_reader :dependency, :dependency_files, :credentials, :ignored_versions, :security_advisories
 
         def fetch_latest_version
-          return dependency.version if dependency.version =~ PSEUDO_VERSION_REGEX
+          return dependency.version if PSEUDO_VERSION_REGEX.match?(dependency.version)
 
           candidate_versions = available_versions
           candidate_versions = filter_prerelease_versions(candidate_versions)
@@ -62,7 +62,7 @@ module Dependabot
         end
 
         def fetch_lowest_security_fix_version
-          return dependency.version if dependency.version =~ PSEUDO_VERSION_REGEX
+          return dependency.version if PSEUDO_VERSION_REGEX.match?(dependency.version)
 
           relevant_versions = available_versions
           relevant_versions = filter_prerelease_versions(relevant_versions)
@@ -110,7 +110,7 @@ module Dependabot
         def handle_subprocess_error(error)
           if RESOLVABILITY_ERROR_REGEXES.any? { |rgx| error.message =~ rgx }
             ResolvabilityErrors.handle(error.message, credentials: credentials, goprivate: @goprivate)
-          elsif INVALID_VERSION_REGEX =~ error.message
+          elsif INVALID_VERSION_REGEX.match?(error.message)
             raise Dependabot::DependencyFileNotResolvable, error.message
           end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-go_modules
 version: !ruby/object:Gem::Version
-  version: 0.211.0
+  version: 0.212.0
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-08-23 00:00:00.000000000 Z
+date: 2022-09-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.211.0
+        version: 0.212.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.211.0
+        version: 0.212.0
 - !ruby/object:Gem::Dependency
   name: debase
   requirement: !ruby/object:Gem::Requirement
@@ -86,14 +86,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.11.1
+        version: 3.12.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.11.1
+        version: 3.12.0
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -142,14 +142,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.35.1
+        version: 1.36.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.35.1
+        version: 1.36.0
+- !ruby/object:Gem::Dependency
+  name: rubocop-performance
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.14.2
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.14.2
 - !ruby/object:Gem::Dependency
   name: ruby-debug-ide
   requirement: !ruby/object:Gem::Requirement