dependabot-hex 0.125.2 → 0.125.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/hex/file_fetcher.rb +7 -6
  3. data/lib/dependabot/hex/file_parser.rb +3 -3
  4. data/lib/dependabot/hex/file_updater/lockfile_updater.rb +1 -1
  5. data/lib/dependabot/hex/update_checker/version_resolver.rb +4 -9
  6. metadata +6 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ccf5e6c9a745861faf7a85d45261350258c0efcae2f02d89ef2af526e01a53f4
4
- data.tar.gz: 4f334bdd914f8bbbea03286c47c45a4495e7c18d46af1eef691dd3bced929803
3
+ metadata.gz: a36c9777c2db45cf67dd2ce2d81aaec014dd27d62edad43069deb80bad80d3fd
4
+ data.tar.gz: d4f53fb6fe1be904d461995842890a5ff8b07a0dd6f06d1460c7724d855fdc8e
5
5
  SHA512:
6
- metadata.gz: b2d9a737478470a4ebd393a84d9fbad9df9c9e613ecc82d2653652e53da3b4b9f4ee1f768858e9d2be33de9fcf37986af0b328a87871a147ade252b595b3350d
7
- data.tar.gz: b959589f374e322120f2c0554878ba2a5cb7305ef2bc264dc29fcf6afa24e147227aab23ee6276223ade6c1ac3ac0d845fe6907251ccdaefee7d5f82bc8c88e9
6
+ metadata.gz: 7ca5e56a99fc842eabdb7707caea000a3e7b8bfcbfd022efabb08ddfee1d05ca2ab5a7ccb17bf921157cc9dc426a5e223c239bb9b48980e6e6e8dc6cfd7f6c30
7
+ data.tar.gz: ca81978e969bde8dcd3fa8136a471cb16b9a96ec6fa6ba50533515806fe9671464070163fe00dc2f0c206e4a20f229ef282b32bd7f907638278e7b281ee93bab
data/lib/dependabot/hex/file_fetcher.rb CHANGED
@@ -8,8 +8,9 @@ module Dependabot
8
8
  class FileFetcher < Dependabot::FileFetchers::Base
9
9
  APPS_PATH_REGEX = /apps_path:\s*"(?<path>.*?)"/m.freeze
10
10
  STRING_ARG = %{(?:["'](.*?)["'])}
11
- EVAL_FILE = /Code\.eval_file\(#{STRING_ARG}(?:\s*,\s*#{STRING_ARG})?\)/.
12
- freeze
11
+ SUPPORTED_METHODS = %w(eval_file require_file).join("|").freeze
12
+ SUPPORT_FILE = /Code\.(?:#{SUPPORTED_METHODS})\(#{STRING_ARG}(?:\s*,\s*#{STRING_ARG})?\)/.
13
+ freeze
13
14
 
14
15
  def self.required_files_in?(filenames)
15
16
  filenames.include?("mix.exs")
@@ -26,7 +27,7 @@ module Dependabot
26
27
  fetched_files << mixfile
27
28
  fetched_files << lockfile if lockfile
28
29
  fetched_files += subapp_mixfiles
29
- fetched_files += evaled_files
30
+ fetched_files += support_files
30
31
  fetched_files
31
32
  end
32
33
 
@@ -66,9 +67,9 @@ module Dependabot
66
67
  []
67
68
  end
68
69
 
69
- def evaled_files
70
- mixfile.content.scan(EVAL_FILE).map do |eval_file_args|
71
- path = Pathname.new(File.join(*eval_file_args.compact.reverse)).
70
+ def support_files
71
+ mixfile.content.scan(SUPPORT_FILE).map do |support_file_args|
72
+ path = Pathname.new(File.join(*support_file_args.compact.reverse)).
72
73
  cleanpath.to_path
73
74
  fetch_file_from_host(path).tap { |f| f.support_file = true }
74
75
  end
data/lib/dependabot/hex/file_parser.rb CHANGED
@@ -42,7 +42,7 @@ module Dependabot
42
42
  def dependency_details
43
43
  SharedHelpers.in_a_temporary_directory do
44
44
  write_sanitized_mixfiles
45
- write_supporting_files
45
+ write_sanitized_supporting_files
46
46
  File.write("mix.lock", lockfile.content) if lockfile
47
47
  FileUtils.cp(elixir_helper_parse_deps_path, "parse_deps.exs")
48
48
 
@@ -73,11 +73,11 @@ module Dependabot
73
73
  end
74
74
  end
75
75
 
76
- def write_supporting_files
76
+ def write_sanitized_supporting_files
77
77
  dependency_files.select(&:support_file).each do |file|
78
78
  path = file.name
79
79
  FileUtils.mkdir_p(Pathname.new(path).dirname)
80
- File.write(path, file.content)
80
+ File.write(path, sanitize_mixfile(file.content))
81
81
  end
82
82
  end
83
83
 
data/lib/dependabot/hex/file_updater/lockfile_updater.rb CHANGED
@@ -66,7 +66,7 @@ module Dependabot
66
66
  dependency_files.select(&:support_file).each do |file|
67
67
  path = file.name
68
68
  FileUtils.mkdir_p(Pathname.new(path).dirname)
69
- File.write(path, file.content)
69
+ File.write(path, sanitize_mixfile(file.content))
70
70
  end
71
71
  end
72
72
 
data/lib/dependabot/hex/update_checker/version_resolver.rb CHANGED
@@ -31,7 +31,7 @@ module Dependabot
31
31
  def fetch_latest_resolvable_version
32
32
  latest_resolvable_version =
33
33
  SharedHelpers.in_a_temporary_directory do
34
- write_temporary_dependency_files
34
+ write_temporary_sanitized_dependency_files
35
35
  FileUtils.cp(
36
36
  elixir_helper_check_update_path,
37
37
  "check_update.exs"
@@ -109,7 +109,7 @@ module Dependabot
109
109
 
110
110
  def check_original_requirements_resolvable
111
111
  SharedHelpers.in_a_temporary_directory do
112
- write_temporary_dependency_files(prepared: false)
112
+ write_temporary_sanitized_dependency_files(prepared: false)
113
113
  FileUtils.cp(
114
114
  elixir_helper_check_update_path,
115
115
  "check_update.exs"
@@ -125,7 +125,7 @@ module Dependabot
125
125
  raise Dependabot::DependencyFileNotResolvable, e.message
126
126
  end
127
127
 
128
- def write_temporary_dependency_files(prepared: true)
128
+ def write_temporary_sanitized_dependency_files(prepared: true)
129
129
  files = if prepared then prepared_dependency_files
130
130
  else original_dependency_files
131
131
  end
@@ -133,12 +133,7 @@ module Dependabot
133
133
  files.each do |file|
134
134
  path = file.name
135
135
  FileUtils.mkdir_p(Pathname.new(path).dirname)
136
-
137
- if file.name.end_with?("mix.exs")
138
- File.write(path, sanitize_mixfile(file.content))
139
- else
140
- File.write(path, file.content)
141
- end
136
+ File.write(path, sanitize_mixfile(file.content))
142
137
  end
143
138
  end
144
139
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-hex
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.125.2
4
+ version: 0.125.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-11-11 00:00:00.000000000 Z
11
+ date: 2020-11-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.125.2
19
+ version: 0.125.3
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.125.2
26
+ version: 0.125.3
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -128,14 +128,14 @@ dependencies:
128
128
  requirements:
129
129
  - - "~>"
130
130
  - !ruby/object:Gem::Version
131
- version: 0.7.2
131
+ version: 0.8.0
132
132
  type: :development
133
133
  prerelease: false
134
134
  version_requirements: !ruby/object:Gem::Requirement
135
135
  requirements:
136
136
  - - "~>"
137
137
  - !ruby/object:Gem::Version
138
- version: 0.7.2
138
+ version: 0.8.0
139
139
  - !ruby/object:Gem::Dependency
140
140
  name: vcr
141
141
  requirement: !ruby/object:Gem::Requirement