dependabot-go_modules 0.335.0 → 0.336.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 441237d8b344eb149a012809416b5ead853ad2ad04ada80b83c909eec215a3f8
|
|
4
|
+
data.tar.gz: af69934d9b47e3eeec459f021610dc591949a3e6b1073f9729e62531ffd29734
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1b0a329ebb51fa5cebefa6c7236538b561771f2ca1500082b68e3c036dd3f58fc99e87254a35750c58feac75fb3073c52fad2031d7e934d9aebf5aba05cd016c
|
|
7
|
+
data.tar.gz: 4c0a6ff2f636a900f137fdf5bba5ab8b4832b8e8f4d97d86ef92e3647dd9d2264cf76201ba6c3c3ae61eb69d1681f5fb82e28b40a4ea37e73271c79c28fbae3e
|
|
@@ -11,6 +11,8 @@ module Dependabot
|
|
|
11
11
|
class DependencyGrapher < Dependabot::DependencyGraphers::Base
|
|
12
12
|
sig { override.returns(Dependabot::DependencyFile) }
|
|
13
13
|
def relevant_dependency_file
|
|
14
|
+
# This cannot realistically happen as the parser will throw a runtime error on init without a go_mod file,
|
|
15
|
+
# but this will avoid surprises if anything changes.
|
|
14
16
|
raise DependabotError, "No go.mod present in dependency files." unless go_mod
|
|
15
17
|
|
|
16
18
|
T.must(go_mod)
|
|
@@ -32,7 +34,7 @@ module Dependabot
|
|
|
32
34
|
return @go_mod if defined?(@go_mod)
|
|
33
35
|
|
|
34
36
|
@go_mod = T.let(
|
|
35
|
-
|
|
37
|
+
dependency_files.find { |f| f.name = "go.mod" },
|
|
36
38
|
T.nilable(Dependabot::DependencyFile)
|
|
37
39
|
)
|
|
38
40
|
end
|
|
@@ -58,7 +58,9 @@ module Dependabot
|
|
|
58
58
|
# Package pointing to a proxy that 404s
|
|
59
59
|
/go(?: get)?: .*: unrecognized import path/m,
|
|
60
60
|
# Package not being referenced correctly
|
|
61
|
-
/go:.*imports.*package.+is not in std/m
|
|
61
|
+
/go:.*imports.*package.+is not in std/m,
|
|
62
|
+
# Invalid version due to missing go.mod files at specified revision
|
|
63
|
+
/go: .*: invalid version: missing .*go\.mod.* at revision/m
|
|
62
64
|
].freeze,
|
|
63
65
|
T::Array[Regexp]
|
|
64
66
|
)
|
|
@@ -81,6 +83,17 @@ module Dependabot
|
|
|
81
83
|
T::Array[Regexp]
|
|
82
84
|
)
|
|
83
85
|
|
|
86
|
+
GO_MOD_PARSE_ERROR_REGEXES = T.let(
|
|
87
|
+
[
|
|
88
|
+
# go.mod file parsing errors
|
|
89
|
+
/go: error loading go\.mod:/,
|
|
90
|
+
/go\.mod:\d+: .*unknown.*/,
|
|
91
|
+
/go\.mod:\d+: .*syntax error.*/,
|
|
92
|
+
/go\.mod:\d+: .*invalid.*/
|
|
93
|
+
].freeze,
|
|
94
|
+
T::Array[Regexp]
|
|
95
|
+
)
|
|
96
|
+
|
|
84
97
|
GO_LANG = "Go"
|
|
85
98
|
|
|
86
99
|
AMBIGUOUS_ERROR_MESSAGE = /ambiguous import: found package (?<package>.*) in multiple modules/
|
|
@@ -310,9 +323,15 @@ module Dependabot
|
|
|
310
323
|
# rubocop:disable Metrics/AbcSize
|
|
311
324
|
# rubocop:disable Metrics/PerceivedComplexity
|
|
312
325
|
sig { params(stderr: String).returns(T.noreturn) }
|
|
313
|
-
def handle_subprocess_error(stderr) # rubocop:disable Metrics/AbcSize
|
|
326
|
+
def handle_subprocess_error(stderr) # rubocop:disable Metrics/AbcSize,Metrics/MethodLength
|
|
314
327
|
stderr = stderr.gsub(Dir.getwd, "")
|
|
315
328
|
|
|
329
|
+
go_mod_parse_error_regex = GO_MOD_PARSE_ERROR_REGEXES.find { |r| stderr =~ r }
|
|
330
|
+
if go_mod_parse_error_regex
|
|
331
|
+
error_message = filter_error_message(message: stderr, regex: go_mod_parse_error_regex)
|
|
332
|
+
raise Dependabot::DependencyFileNotParseable.new(go_mod_path, error_message)
|
|
333
|
+
end
|
|
334
|
+
|
|
316
335
|
# Package version doesn't match the module major version
|
|
317
336
|
error_regex = RESOLVABILITY_ERROR_REGEXES.find { |r| stderr =~ r }
|
|
318
337
|
if error_regex
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-go_modules
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.336.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -15,14 +15,14 @@ dependencies:
|
|
|
15
15
|
requirements:
|
|
16
16
|
- - '='
|
|
17
17
|
- !ruby/object:Gem::Version
|
|
18
|
-
version: 0.
|
|
18
|
+
version: 0.336.0
|
|
19
19
|
type: :runtime
|
|
20
20
|
prerelease: false
|
|
21
21
|
version_requirements: !ruby/object:Gem::Requirement
|
|
22
22
|
requirements:
|
|
23
23
|
- - '='
|
|
24
24
|
- !ruby/object:Gem::Version
|
|
25
|
-
version: 0.
|
|
25
|
+
version: 0.336.0
|
|
26
26
|
- !ruby/object:Gem::Dependency
|
|
27
27
|
name: debug
|
|
28
28
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -272,7 +272,7 @@ licenses:
|
|
|
272
272
|
- MIT
|
|
273
273
|
metadata:
|
|
274
274
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
275
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
275
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.336.0
|
|
276
276
|
rdoc_options: []
|
|
277
277
|
require_paths:
|
|
278
278
|
- lib
|