dependabot-hex 0.119.0.beta1 → 0.119.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/helpers/lib/do_update.exs +16 -0
- data/lib/dependabot/hex/update_checker.rb +2 -0
- data/lib/dependabot/hex/update_checker/requirements_updater.rb +2 -1
- metadata +10 -31
- data/helpers/install-dir/hex/deps/jason/.fetch +0 -0
- data/helpers/install-dir/hex/deps/jason/.hex +0 -0
- data/helpers/install-dir/hex/deps/jason/CHANGELOG.md +0 -88
- data/helpers/install-dir/hex/deps/jason/LICENSE +0 -13
- data/helpers/install-dir/hex/deps/jason/README.md +0 -141
- data/helpers/install-dir/hex/deps/jason/hex_metadata.config +0 -20
- data/helpers/install-dir/hex/deps/jason/lib/codegen.ex +0 -138
- data/helpers/install-dir/hex/deps/jason/lib/decoder.ex +0 -657
- data/helpers/install-dir/hex/deps/jason/lib/encode.ex +0 -634
- data/helpers/install-dir/hex/deps/jason/lib/encoder.ex +0 -216
- data/helpers/install-dir/hex/deps/jason/lib/formatter.ex +0 -253
- data/helpers/install-dir/hex/deps/jason/lib/fragment.ex +0 -11
- data/helpers/install-dir/hex/deps/jason/lib/helpers.ex +0 -98
- data/helpers/install-dir/hex/deps/jason/lib/jason.ex +0 -228
- data/helpers/install-dir/hex/deps/jason/mix.exs +0 -76
- data/helpers/install-dir/hex/lib/check_update.exs +0 -92
- data/helpers/install-dir/hex/lib/do_update.exs +0 -39
- data/helpers/install-dir/hex/lib/parse_deps.exs +0 -104
- data/helpers/install-dir/hex/lib/run.exs +0 -76
- data/helpers/install-dir/hex/mix.exs +0 -21
- data/helpers/install-dir/hex/mix.lock +0 -3
@@ -1,39 +0,0 @@
|
|
1
|
-
[dependency_name | credentials] = System.argv()
|
2
|
-
|
3
|
-
grouped_creds = Enum.reduce credentials, [], fn cred, acc ->
|
4
|
-
if List.last(acc) == nil || List.last(acc)[:token] do
|
5
|
-
List.insert_at(acc, -1, %{ organization: cred })
|
6
|
-
else
|
7
|
-
{ item, acc } = List.pop_at(acc, -1)
|
8
|
-
item = Map.put(item, :token, cred)
|
9
|
-
List.insert_at(acc, -1, item)
|
10
|
-
end
|
11
|
-
end
|
12
|
-
|
13
|
-
Enum.each grouped_creds, fn cred ->
|
14
|
-
hexpm = Hex.Repo.get_repo("hexpm")
|
15
|
-
repo = %{
|
16
|
-
url: hexpm.url <> "/repos/#{cred.organization}",
|
17
|
-
public_key: nil,
|
18
|
-
auth_key: cred.token
|
19
|
-
}
|
20
|
-
|
21
|
-
Hex.Config.read()
|
22
|
-
|> Hex.Config.read_repos()
|
23
|
-
|> Map.put("hexpm:#{cred.organization}", repo)
|
24
|
-
|> Hex.Config.update_repos()
|
25
|
-
end
|
26
|
-
|
27
|
-
# dependency atom
|
28
|
-
dependency = String.to_atom(dependency_name)
|
29
|
-
|
30
|
-
# Fetch dependencies that needs updating
|
31
|
-
{dependency_lock, rest_lock} = Map.split(Mix.Dep.Lock.read(), [dependency])
|
32
|
-
Mix.Dep.Fetcher.by_name([dependency_name], dependency_lock, rest_lock, [])
|
33
|
-
|
34
|
-
lockfile_content =
|
35
|
-
"mix.lock"
|
36
|
-
|> File.read()
|
37
|
-
|> :erlang.term_to_binary()
|
38
|
-
|
39
|
-
IO.write(:stdio, lockfile_content)
|
@@ -1,104 +0,0 @@
|
|
1
|
-
defmodule Parser do
|
2
|
-
def run do
|
3
|
-
Mix.Dep.load_on_environment([])
|
4
|
-
|> Enum.flat_map(&parse_dep/1)
|
5
|
-
|> Enum.map(&build_dependency(&1.opts[:lock], &1))
|
6
|
-
end
|
7
|
-
|
8
|
-
defp build_dependency(nil, dep) do
|
9
|
-
%{
|
10
|
-
name: dep.app,
|
11
|
-
from: Path.relative_to_cwd(dep.from),
|
12
|
-
groups: [],
|
13
|
-
requirement: normalise_requirement(dep.requirement),
|
14
|
-
top_level: dep.top_level || umbrella_top_level_dep?(dep)
|
15
|
-
}
|
16
|
-
end
|
17
|
-
|
18
|
-
defp build_dependency(lock, dep) do
|
19
|
-
{version, checksum, source} = parse_lock(lock)
|
20
|
-
groups = parse_groups(dep.opts[:only])
|
21
|
-
|
22
|
-
%{
|
23
|
-
name: dep.app,
|
24
|
-
from: Path.relative_to_cwd(dep.from),
|
25
|
-
version: version,
|
26
|
-
groups: groups,
|
27
|
-
checksum: checksum,
|
28
|
-
requirement: normalise_requirement(dep.requirement),
|
29
|
-
source: source,
|
30
|
-
top_level: dep.top_level || umbrella_top_level_dep?(dep)
|
31
|
-
}
|
32
|
-
end
|
33
|
-
|
34
|
-
defp parse_groups(nil), do: []
|
35
|
-
defp parse_groups(only) when is_list(only), do: only
|
36
|
-
defp parse_groups(only), do: [only]
|
37
|
-
|
38
|
-
# path dependency
|
39
|
-
defp parse_dep(%{scm: Mix.SCM.Path, opts: opts} = dep) do
|
40
|
-
cond do
|
41
|
-
# umbrella dependency - ignore
|
42
|
-
opts[:in_umbrella] ->
|
43
|
-
[]
|
44
|
-
|
45
|
-
# umbrella application
|
46
|
-
opts[:from_umbrella] ->
|
47
|
-
Enum.reject(dep.deps, fn dep -> dep.opts[:in_umbrella] end)
|
48
|
-
|
49
|
-
true ->
|
50
|
-
[]
|
51
|
-
end
|
52
|
-
end
|
53
|
-
|
54
|
-
# hex, git dependency
|
55
|
-
defp parse_dep(%{scm: scm} = dep) when scm in [Hex.SCM, Mix.SCM.Git], do: [dep]
|
56
|
-
|
57
|
-
# unsupported
|
58
|
-
defp parse_dep(_dep), do: []
|
59
|
-
|
60
|
-
defp umbrella_top_level_dep?(dep) do
|
61
|
-
if Mix.Project.umbrella?() do
|
62
|
-
apps_paths = Path.expand(Mix.Project.config()[:apps_path], File.cwd!())
|
63
|
-
String.contains?(Path.dirname(Path.dirname(dep.from)), apps_paths)
|
64
|
-
else
|
65
|
-
false
|
66
|
-
end
|
67
|
-
end
|
68
|
-
|
69
|
-
defp parse_lock({:git, repo_url, checksum, opts}),
|
70
|
-
do: {nil, checksum, git_source(repo_url, opts)}
|
71
|
-
|
72
|
-
defp parse_lock(tuple) when elem(tuple, 0) == :hex do
|
73
|
-
destructure [:hex, _app, version, _old_checksum, _managers, _deps, _repo, checksum],
|
74
|
-
Tuple.to_list(tuple)
|
75
|
-
|
76
|
-
{version, checksum, nil}
|
77
|
-
end
|
78
|
-
|
79
|
-
defp normalise_requirement(req) do
|
80
|
-
req
|
81
|
-
|> maybe_regex_to_str()
|
82
|
-
|> empty_str_to_nil()
|
83
|
-
end
|
84
|
-
|
85
|
-
defp maybe_regex_to_str(s), do: if Regex.regex?(s), do: Regex.source(s), else: s
|
86
|
-
defp empty_str_to_nil(""), do: nil
|
87
|
-
defp empty_str_to_nil(s), do: s
|
88
|
-
|
89
|
-
def git_source(repo_url, opts) do
|
90
|
-
ref = opts[:ref] || opts[:tag]
|
91
|
-
ref = if is_list(ref), do: to_string(ref), else: ref
|
92
|
-
|
93
|
-
%{
|
94
|
-
type: "git",
|
95
|
-
url: repo_url,
|
96
|
-
branch: opts[:branch] || "master",
|
97
|
-
ref: ref
|
98
|
-
}
|
99
|
-
end
|
100
|
-
end
|
101
|
-
|
102
|
-
dependencies = :erlang.term_to_binary({:ok, Parser.run()})
|
103
|
-
|
104
|
-
IO.write(:stdio, dependencies)
|
@@ -1,76 +0,0 @@
|
|
1
|
-
defmodule DependencyHelper do
|
2
|
-
def main() do
|
3
|
-
IO.read(:stdio, :all)
|
4
|
-
|> Jason.decode!()
|
5
|
-
|> run()
|
6
|
-
|> case do
|
7
|
-
{output, 0} ->
|
8
|
-
if output =~ "No authenticated organization found" do
|
9
|
-
{:error, output}
|
10
|
-
else
|
11
|
-
{:ok, :erlang.binary_to_term(output)}
|
12
|
-
end
|
13
|
-
|
14
|
-
{error, 1} -> {:error, error}
|
15
|
-
end
|
16
|
-
|> handle_result()
|
17
|
-
end
|
18
|
-
|
19
|
-
defp handle_result({:ok, {:ok, result}}) do
|
20
|
-
encode_and_write(%{"result" => result})
|
21
|
-
end
|
22
|
-
|
23
|
-
defp handle_result({:ok, {:error, reason}}) do
|
24
|
-
encode_and_write(%{"error" => reason})
|
25
|
-
System.halt(1)
|
26
|
-
end
|
27
|
-
|
28
|
-
defp handle_result({:error, reason}) do
|
29
|
-
encode_and_write(%{"error" => reason})
|
30
|
-
System.halt(1)
|
31
|
-
end
|
32
|
-
|
33
|
-
defp encode_and_write(content) do
|
34
|
-
content
|
35
|
-
|> Jason.encode!()
|
36
|
-
|> IO.write()
|
37
|
-
end
|
38
|
-
|
39
|
-
defp run(%{"function" => "parse", "args" => [dir]}) do
|
40
|
-
run_script("parse_deps.exs", dir)
|
41
|
-
end
|
42
|
-
|
43
|
-
defp run(%{"function" => "get_latest_resolvable_version", "args" => [dir, dependency_name, credentials]}) do
|
44
|
-
run_script("check_update.exs", dir, [dependency_name] ++ credentials)
|
45
|
-
end
|
46
|
-
|
47
|
-
defp run(%{"function" => "get_updated_lockfile", "args" => [dir, dependency_name, credentials]}) do
|
48
|
-
run_script("do_update.exs", dir, [dependency_name] ++ credentials)
|
49
|
-
end
|
50
|
-
|
51
|
-
defp run_script(script, dir, args \\ []) do
|
52
|
-
args = [
|
53
|
-
"run",
|
54
|
-
"--no-deps-check",
|
55
|
-
"--no-start",
|
56
|
-
"--no-compile",
|
57
|
-
"--no-elixir-version-check",
|
58
|
-
script
|
59
|
-
] ++ args
|
60
|
-
|
61
|
-
System.cmd(
|
62
|
-
"mix",
|
63
|
-
args,
|
64
|
-
[
|
65
|
-
cd: dir,
|
66
|
-
env: %{
|
67
|
-
"MIX_EXS" => nil,
|
68
|
-
"MIX_LOCK" => nil,
|
69
|
-
"MIX_DEPS" => nil
|
70
|
-
}
|
71
|
-
]
|
72
|
-
)
|
73
|
-
end
|
74
|
-
end
|
75
|
-
|
76
|
-
DependencyHelper.main()
|
@@ -1,21 +0,0 @@
|
|
1
|
-
defmodule DependabotCore.Mixfile do
|
2
|
-
use Mix.Project
|
3
|
-
|
4
|
-
def project do
|
5
|
-
[app: :dependabot_core,
|
6
|
-
version: "0.1.0",
|
7
|
-
elixir: "~> 1.5",
|
8
|
-
start_permanent: Mix.env == :prod,
|
9
|
-
lockfile: System.get_env("MIX_LOCK") || "mix.lock",
|
10
|
-
deps_path: System.get_env("MIX_DEPS") || "deps",
|
11
|
-
deps: deps()]
|
12
|
-
end
|
13
|
-
|
14
|
-
def application do
|
15
|
-
[extra_applications: [:logger]]
|
16
|
-
end
|
17
|
-
|
18
|
-
defp deps() do
|
19
|
-
[{:jason, "~> 1.0"}]
|
20
|
-
end
|
21
|
-
end
|