dependabot-hex 0.211.0 → 0.212.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/hex/file_fetcher.rb +3 -3
- data/lib/dependabot/hex/file_parser.rb +1 -1
- data/lib/dependabot/hex/file_updater/mixfile_sanitizer.rb +4 -2
- data/lib/dependabot/hex/metadata_finder.rb +2 -3
- data/lib/dependabot/hex/native_helpers.rb +1 -1
- data/lib/dependabot/hex/update_checker/file_preparer.rb +2 -2
- data/lib/dependabot/hex/update_checker/requirements_updater.rb +1 -1
- metadata +22 -8
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: fa6164f9855066705271a83f2556deaa0c32a89af0e49cfff34d5c0a8e1b9312
|
4
|
+
data.tar.gz: 558c4572c1aa4e94d82177346ebf51aec461887ddb2d92f2de4768bd50438f30
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 5e55998f587fea943c00117017cf2080ad856bf006aae03a87652f821110b8deb270bc49cdc83cceb6c886e17e7a4c2088cfba259d507abe63fc6623efb64185
|
7
|
+
data.tar.gz: e649ad7a932676542b0059fbd37ffa26c992b86eae0948ea654bbacd591c2dcffe12298cf150f286eb97bcdf33b0d5cffcaa86a2414f4c35f25212d3670fbf38
|
@@ -64,14 +64,14 @@ module Dependabot
|
|
64
64
|
subapp_directories += umbrella_app_directories
|
65
65
|
subapp_directories += sub_project_directories
|
66
66
|
|
67
|
-
subapp_directories.
|
67
|
+
subapp_directories.filter_map do |dir|
|
68
68
|
fetch_file_from_host("#{dir}/mix.exs")
|
69
69
|
rescue Dependabot::DependencyFileNotFound
|
70
70
|
# If the folder doesn't have a mix.exs it *might* be because it's
|
71
71
|
# not an app. Ignore the fact we couldn't fetch one and proceed with
|
72
72
|
# updating (it will blow up later if there are problems)
|
73
73
|
nil
|
74
|
-
end
|
74
|
+
end
|
75
75
|
rescue Octokit::NotFound, Gitlab::Error::NotFound
|
76
76
|
# If the path specified in apps_path doesn't exist then it's not being
|
77
77
|
# used. We can just return an empty array of subapp files.
|
@@ -82,7 +82,7 @@ module Dependabot
|
|
82
82
|
mixfiles = [mixfile] + subapp_mixfiles
|
83
83
|
|
84
84
|
mixfiles.flat_map do |mixfile|
|
85
|
-
mixfile_dir = mixfile.path.
|
85
|
+
mixfile_dir = mixfile.path.to_s.delete_prefix("/").delete_suffix("/mix.exs")
|
86
86
|
|
87
87
|
mixfile.content.gsub(/__DIR__/, "\"#{mixfile_dir}\"").scan(SUPPORT_FILE).map do |support_file_args|
|
88
88
|
path = Pathname.new(File.join(*support_file_args.compact.reverse)).
|
@@ -23,11 +23,13 @@ module Dependabot
|
|
23
23
|
PIPED_VERSION_FILE_READ_BANG =
|
24
24
|
/#{VERSION_FILE}[[:space:]]+#{PIPE}[[:space:]]+#{FILE_READ_BANG}/.freeze
|
25
25
|
|
26
|
+
# rubocop:disable Performance/MethodObjectAsBlock
|
26
27
|
def sanitized_content
|
27
28
|
mixfile_content.
|
28
|
-
|
29
|
-
|
29
|
+
then(&method(:prevent_version_file_loading)).
|
30
|
+
then(&method(:prevent_config_path_loading))
|
30
31
|
end
|
32
|
+
# rubocop:enable Performance/MethodObjectAsBlock
|
31
33
|
|
32
34
|
private
|
33
35
|
|
@@ -38,15 +38,14 @@ module Dependabot
|
|
38
38
|
def find_source_from_hex_listing
|
39
39
|
potential_source_urls =
|
40
40
|
SOURCE_KEYS.
|
41
|
-
|
42
|
-
compact
|
41
|
+
filter_map { |key| hex_listing.dig("meta", "links", key) }
|
43
42
|
|
44
43
|
source_url = potential_source_urls.find { |url| Source.from_url(url) }
|
45
44
|
Source.from_url(source_url)
|
46
45
|
end
|
47
46
|
|
48
47
|
def find_source_from_git_url
|
49
|
-
info = dependency.requirements.
|
48
|
+
info = dependency.requirements.filter_map { |r| r[:source] }.first
|
50
49
|
|
51
50
|
url = info[:url] || info.fetch("url")
|
52
51
|
Source.from_url(url)
|
@@ -4,7 +4,7 @@ module Dependabot
|
|
4
4
|
module Hex
|
5
5
|
module NativeHelpers
|
6
6
|
def self.hex_helpers_dir
|
7
|
-
helpers_root = ENV
|
7
|
+
helpers_root = ENV.fetch("DEPENDABOT_NATIVE_HELPERS_PATH", nil)
|
8
8
|
return File.join(helpers_root, "hex") unless helpers_root.nil?
|
9
9
|
|
10
10
|
File.join(__dir__, "../../../../hex/helpers")
|
@@ -99,7 +99,7 @@ module Dependabot
|
|
99
99
|
elsif dependency.version then ">= #{dependency.version}"
|
100
100
|
else
|
101
101
|
version_for_requirement =
|
102
|
-
dependency.requirements.
|
102
|
+
dependency.requirements.filter_map { |r| r[:requirement] }.
|
103
103
|
reject { |req_string| req_string.start_with?("<") }.
|
104
104
|
select { |req_string| req_string.match?(version_regex) }.
|
105
105
|
map { |req_string| req_string.match(version_regex) }.
|
@@ -115,9 +115,9 @@ module Dependabot
|
|
115
115
|
">= #{parts.join('.')}"
|
116
116
|
end
|
117
117
|
end
|
118
|
+
# rubocop:enable Metrics/PerceivedComplexity
|
118
119
|
# rubocop:enable Metrics/CyclomaticComplexity
|
119
120
|
# rubocop:enable Metrics/AbcSize
|
120
|
-
# rubocop:enable Metrics/PerceivedComplexity
|
121
121
|
|
122
122
|
def replace_git_pin(content, filename:)
|
123
123
|
old_pin =
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-hex
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.212.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-09-06 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dependabot-common
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.
|
19
|
+
version: 0.212.0
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.
|
26
|
+
version: 0.212.0
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: debase
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -86,14 +86,14 @@ dependencies:
|
|
86
86
|
requirements:
|
87
87
|
- - "~>"
|
88
88
|
- !ruby/object:Gem::Version
|
89
|
-
version: 3.
|
89
|
+
version: 3.12.0
|
90
90
|
type: :development
|
91
91
|
prerelease: false
|
92
92
|
version_requirements: !ruby/object:Gem::Requirement
|
93
93
|
requirements:
|
94
94
|
- - "~>"
|
95
95
|
- !ruby/object:Gem::Version
|
96
|
-
version: 3.
|
96
|
+
version: 3.12.0
|
97
97
|
- !ruby/object:Gem::Dependency
|
98
98
|
name: rake
|
99
99
|
requirement: !ruby/object:Gem::Requirement
|
@@ -142,14 +142,28 @@ dependencies:
|
|
142
142
|
requirements:
|
143
143
|
- - "~>"
|
144
144
|
- !ruby/object:Gem::Version
|
145
|
-
version: 1.
|
145
|
+
version: 1.36.0
|
146
146
|
type: :development
|
147
147
|
prerelease: false
|
148
148
|
version_requirements: !ruby/object:Gem::Requirement
|
149
149
|
requirements:
|
150
150
|
- - "~>"
|
151
151
|
- !ruby/object:Gem::Version
|
152
|
-
version: 1.
|
152
|
+
version: 1.36.0
|
153
|
+
- !ruby/object:Gem::Dependency
|
154
|
+
name: rubocop-performance
|
155
|
+
requirement: !ruby/object:Gem::Requirement
|
156
|
+
requirements:
|
157
|
+
- - "~>"
|
158
|
+
- !ruby/object:Gem::Version
|
159
|
+
version: 1.14.2
|
160
|
+
type: :development
|
161
|
+
prerelease: false
|
162
|
+
version_requirements: !ruby/object:Gem::Requirement
|
163
|
+
requirements:
|
164
|
+
- - "~>"
|
165
|
+
- !ruby/object:Gem::Version
|
166
|
+
version: 1.14.2
|
153
167
|
- !ruby/object:Gem::Dependency
|
154
168
|
name: ruby-debug-ide
|
155
169
|
requirement: !ruby/object:Gem::Requirement
|