dependabot-hex 0.262.0 → 0.264.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/helpers/mix.lock +1 -1
- data/lib/dependabot/hex/file_fetcher.rb +22 -13
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 8680022803facacff53345c0c1e762e06d0c17a7644d12b568c76952a98a280e
|
|
4
|
+
data.tar.gz: 7e88f1a2d1cb2a3ae6813589a043ca382aa58806e8a98311d34f68a91100fd24
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 4c8cfc28a26e256dfb41330dfb5a548e03a9d4b937531f2fee10354f84817180fb3242bd6b83c4a899171bd88dacb70954bd0542e62f10989405feccd5e35544
|
|
7
|
+
data.tar.gz: faa26f658d78bec19cab813965ecbf86145a7db47d4b3a998a195d493183d9042531a1a4ba2923e86123ddad230e7278b8017807a052c12ea0b011104c1fc161
|
data/helpers/mix.lock
CHANGED
|
@@ -1,3 +1,3 @@
|
|
|
1
1
|
%{
|
|
2
|
-
"jason": {:hex, :jason, "1.4.
|
|
2
|
+
"jason": {:hex, :jason, "1.4.3", "d3f984eeb96fe53b85d20e0b049f03e57d075b5acda3ac8d465c969a2536c17b", [:mix], [{:decimal, "~> 1.0 or ~> 2.0", [hex: :decimal, repo: "hexpm", optional: true]}], "hexpm", "9a90e868927f7c777689baa16d86f4d0e086d968db5c05d917ccff6d443e58a3"},
|
|
3
3
|
}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# typed:
|
|
1
|
+
# typed: strict
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require "sorbet-runtime"
|
|
@@ -13,14 +13,16 @@ module Dependabot
|
|
|
13
13
|
|
|
14
14
|
APPS_PATH_REGEX = /apps_path:\s*"(?<path>.*?)"/m
|
|
15
15
|
STRING_ARG = %{(?:["'](.*?)["'])}
|
|
16
|
-
SUPPORTED_METHODS = %w(eval_file require_file).join("|").freeze
|
|
16
|
+
SUPPORTED_METHODS = T.let(%w(eval_file require_file).join("|").freeze, String)
|
|
17
17
|
SUPPORT_FILE = /Code\.(?:#{SUPPORTED_METHODS})\(#{STRING_ARG}(?:\s*,\s*#{STRING_ARG})?\)/
|
|
18
18
|
PATH_DEPS_REGEX = /{.*path: ?#{STRING_ARG}.*}/
|
|
19
19
|
|
|
20
|
+
sig { override.params(filenames: T::Array[String]).returns(T::Boolean) }
|
|
20
21
|
def self.required_files_in?(filenames)
|
|
21
22
|
filenames.include?("mix.exs")
|
|
22
23
|
end
|
|
23
24
|
|
|
25
|
+
sig { override.returns(String) }
|
|
24
26
|
def self.required_files_message
|
|
25
27
|
"Repo must contain a mix.exs."
|
|
26
28
|
end
|
|
@@ -37,25 +39,28 @@ module Dependabot
|
|
|
37
39
|
|
|
38
40
|
private
|
|
39
41
|
|
|
42
|
+
sig { returns(T.nilable(DependencyFile)) }
|
|
40
43
|
def mixfile
|
|
41
|
-
@mixfile ||= fetch_file_from_host("mix.exs")
|
|
44
|
+
@mixfile ||= T.let(fetch_file_from_host("mix.exs"), T.nilable(Dependabot::DependencyFile))
|
|
45
|
+
fetch_file_from_host("mix.exs")
|
|
42
46
|
end
|
|
43
47
|
|
|
48
|
+
sig { returns(T.nilable(Dependabot::DependencyFile)) }
|
|
44
49
|
def lockfile
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
@lockfile = fetch_lockfile
|
|
50
|
+
@lockfile ||= T.let(fetch_lockfile, T.nilable(DependencyFile))
|
|
48
51
|
end
|
|
49
52
|
|
|
53
|
+
sig { returns(T.nilable(Dependabot::DependencyFile)) }
|
|
50
54
|
def fetch_lockfile
|
|
51
55
|
fetch_file_from_host("mix.lock")
|
|
52
56
|
rescue Dependabot::DependencyFileNotFound
|
|
53
57
|
nil
|
|
54
58
|
end
|
|
55
59
|
|
|
60
|
+
sig { returns(T::Array[String]) }
|
|
56
61
|
def umbrella_app_directories
|
|
57
|
-
apps_path = mixfile.content.match(APPS_PATH_REGEX)
|
|
58
|
-
|
|
62
|
+
apps_path = T.must(T.must(mixfile).content).match(APPS_PATH_REGEX)
|
|
63
|
+
&.named_captures&.fetch("path")
|
|
59
64
|
return [] unless apps_path
|
|
60
65
|
|
|
61
66
|
repo_contents(dir: apps_path)
|
|
@@ -63,10 +68,12 @@ module Dependabot
|
|
|
63
68
|
.map { |f| File.join(apps_path, f.name) }
|
|
64
69
|
end
|
|
65
70
|
|
|
71
|
+
sig { returns(T::Array[String]) }
|
|
66
72
|
def sub_project_directories
|
|
67
|
-
mixfile.content.scan(PATH_DEPS_REGEX).flatten
|
|
73
|
+
T.must(T.must(mixfile).content).scan(PATH_DEPS_REGEX).flatten
|
|
68
74
|
end
|
|
69
75
|
|
|
76
|
+
sig { returns(T::Array[Dependabot::DependencyFile]) }
|
|
70
77
|
def subapp_mixfiles
|
|
71
78
|
subapp_directories = []
|
|
72
79
|
subapp_directories += umbrella_app_directories
|
|
@@ -86,15 +93,17 @@ module Dependabot
|
|
|
86
93
|
[]
|
|
87
94
|
end
|
|
88
95
|
|
|
96
|
+
sig { returns(T::Array[T.nilable(Dependabot::DependencyFile)]) }
|
|
89
97
|
def support_files
|
|
90
98
|
mixfiles = [mixfile] + subapp_mixfiles
|
|
91
99
|
|
|
92
100
|
mixfiles.flat_map do |mixfile|
|
|
93
|
-
mixfile_dir = mixfile
|
|
101
|
+
mixfile_dir = mixfile&.path&.to_s&.delete_prefix("/")&.delete_suffix("/mix.exs")
|
|
94
102
|
|
|
95
|
-
mixfile
|
|
96
|
-
path = Pathname.new(File.join(
|
|
97
|
-
.cleanpath
|
|
103
|
+
mixfile&.content&.gsub("__DIR__", "\"#{mixfile_dir}\"")&.scan(SUPPORT_FILE)&.map do |support_file_args|
|
|
104
|
+
path = Pathname.new(File.join(Array(support_file_args).compact.reverse))
|
|
105
|
+
.cleanpath
|
|
106
|
+
.to_path
|
|
98
107
|
fetch_file_from_host(path).tap { |f| f.support_file = true }
|
|
99
108
|
end
|
|
100
109
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-hex
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.264.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-
|
|
11
|
+
date: 2024-07-05 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.264.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.264.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -272,7 +272,7 @@ licenses:
|
|
|
272
272
|
- MIT
|
|
273
273
|
metadata:
|
|
274
274
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
275
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
275
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.264.0
|
|
276
276
|
post_install_message:
|
|
277
277
|
rdoc_options: []
|
|
278
278
|
require_paths:
|