dependabot-swift 0.367.0 → 0.368.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: '058280369adb6c289d2f489441966b3a1388d034dc13aca3c65aa8d12b19a0de'
|
|
4
|
+
data.tar.gz: 01c2cf4b8a1b9cbc0d8f7adb61d6d5d50340b76ad9bc4956aa993ad941d3b66b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2ff6fe44d399d5d0b2bad6cd86930522217382c0987dcc613d28f6f275a0e204e38049f6cdc987c16ac212eab39b5dd517a98d3538eb7e9d07a9be81d3189ee1
|
|
7
|
+
data.tar.gz: 3eca296a8d786017decc79a8eccc0f902f84216daba17c42d849bd5a02c380c6435f067c9474c94167fe77fadb21288a2767a179456dc607024a717c9758e882
|
|
@@ -34,9 +34,10 @@ module Dependabot
|
|
|
34
34
|
|
|
35
35
|
# Patterns for extracting requirement fields
|
|
36
36
|
KIND_PATTERN = T.let(/kind\s*=\s*(\w+);/, Regexp)
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
37
|
+
VERSION_NUMBER_PATTERN = T.let(/[0-9A-Za-z.+-]+/, Regexp)
|
|
38
|
+
MIN_VERSION_PATTERN = T.let(/minimumVersion\s*=\s*(#{VERSION_NUMBER_PATTERN});/, Regexp)
|
|
39
|
+
MAX_VERSION_PATTERN = T.let(/maximumVersion\s*=\s*(#{VERSION_NUMBER_PATTERN});/, Regexp)
|
|
40
|
+
VERSION_PATTERN = T.let(/version\s*=\s*(#{VERSION_NUMBER_PATTERN});/, Regexp)
|
|
40
41
|
BRANCH_PATTERN = T.let(/branch\s*=\s*"?([^";]+)"?;/, Regexp)
|
|
41
42
|
REVISION_PATTERN = T.let(/revision\s*=\s*"?([^";]+)"?;/, Regexp)
|
|
42
43
|
|
|
@@ -0,0 +1,120 @@
|
|
|
1
|
+
# typed: strong
|
|
2
|
+
# frozen_string_literal: true
|
|
3
|
+
|
|
4
|
+
require "sorbet-runtime"
|
|
5
|
+
require "dependabot/dependency"
|
|
6
|
+
require "dependabot/dependency_file"
|
|
7
|
+
require "dependabot/errors"
|
|
8
|
+
require "dependabot/shared_helpers"
|
|
9
|
+
require "dependabot/file_updaters/base"
|
|
10
|
+
require "dependabot/swift/url_helpers"
|
|
11
|
+
|
|
12
|
+
module Dependabot
|
|
13
|
+
module Swift
|
|
14
|
+
class FileUpdater < Dependabot::FileUpdaters::Base
|
|
15
|
+
# Updates version requirements in project.pbxproj files for
|
|
16
|
+
# XCRemoteSwiftPackageReference entries that match the dependencies
|
|
17
|
+
# being updated. This ensures the Xcode project stays consistent
|
|
18
|
+
# with the updated Package.resolved.
|
|
19
|
+
class PbxprojUpdater
|
|
20
|
+
extend T::Sig
|
|
21
|
+
|
|
22
|
+
PACKAGE_REF_BLOCK = T.let(
|
|
23
|
+
/
|
|
24
|
+
(isa\s*=\s*XCRemoteSwiftPackageReference;\s*
|
|
25
|
+
repositoryURL\s*=\s*")
|
|
26
|
+
([^"]+)
|
|
27
|
+
(";\s*
|
|
28
|
+
requirement\s*=\s*\{)
|
|
29
|
+
([^}]*)
|
|
30
|
+
(\};)
|
|
31
|
+
/mx,
|
|
32
|
+
Regexp
|
|
33
|
+
)
|
|
34
|
+
|
|
35
|
+
KIND_PATTERN = T.let(/kind\s*=\s*(\w+);/, Regexp)
|
|
36
|
+
MIN_VERSION_PATTERN = T.let(/minimumVersion\s*=\s*[0-9A-Za-z.+-]+;/, Regexp)
|
|
37
|
+
VERSION_PATTERN = T.let(/\bversion\s*=\s*[0-9A-Za-z.+-]+;/, Regexp)
|
|
38
|
+
|
|
39
|
+
sig do
|
|
40
|
+
params(
|
|
41
|
+
pbxproj_file: Dependabot::DependencyFile,
|
|
42
|
+
dependencies: T::Array[Dependabot::Dependency]
|
|
43
|
+
).void
|
|
44
|
+
end
|
|
45
|
+
def initialize(pbxproj_file:, dependencies:)
|
|
46
|
+
@pbxproj_file = pbxproj_file
|
|
47
|
+
@dependencies = dependencies
|
|
48
|
+
end
|
|
49
|
+
|
|
50
|
+
sig { returns(String) }
|
|
51
|
+
def updated_pbxproj_content
|
|
52
|
+
content = pbxproj_file.content
|
|
53
|
+
unless content
|
|
54
|
+
raise Dependabot::DependencyFileNotParseable.new(
|
|
55
|
+
pbxproj_file.name,
|
|
56
|
+
"#{pbxproj_file.name} has no content"
|
|
57
|
+
)
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
dep_lookup = build_dependency_lookup
|
|
61
|
+
|
|
62
|
+
content.gsub(PACKAGE_REF_BLOCK) do
|
|
63
|
+
prefix = T.must(Regexp.last_match(1))
|
|
64
|
+
url = T.must(Regexp.last_match(2))
|
|
65
|
+
mid = T.must(Regexp.last_match(3))
|
|
66
|
+
req_block = T.must(Regexp.last_match(4))
|
|
67
|
+
suffix = T.must(Regexp.last_match(5))
|
|
68
|
+
|
|
69
|
+
normalized = normalize_url(url)
|
|
70
|
+
dep = dep_lookup[normalized]
|
|
71
|
+
|
|
72
|
+
if dep&.version
|
|
73
|
+
updated_block = update_requirement_block(req_block, T.must(dep.version))
|
|
74
|
+
"#{prefix}#{url}#{mid}#{updated_block}#{suffix}"
|
|
75
|
+
else
|
|
76
|
+
T.must(Regexp.last_match(0))
|
|
77
|
+
end
|
|
78
|
+
end
|
|
79
|
+
end
|
|
80
|
+
|
|
81
|
+
private
|
|
82
|
+
|
|
83
|
+
sig { returns(Dependabot::DependencyFile) }
|
|
84
|
+
attr_reader :pbxproj_file
|
|
85
|
+
|
|
86
|
+
sig { returns(T::Array[Dependabot::Dependency]) }
|
|
87
|
+
attr_reader :dependencies
|
|
88
|
+
|
|
89
|
+
sig { returns(T::Hash[String, Dependabot::Dependency]) }
|
|
90
|
+
def build_dependency_lookup
|
|
91
|
+
dependencies.to_h { |dep| [dep.name, dep] }
|
|
92
|
+
end
|
|
93
|
+
|
|
94
|
+
sig { params(url: String).returns(String) }
|
|
95
|
+
def normalize_url(url)
|
|
96
|
+
UrlHelpers.normalize_name(SharedHelpers.scp_to_standard(url))
|
|
97
|
+
end
|
|
98
|
+
|
|
99
|
+
sig { params(req_block: String, target_version: String).returns(String) }
|
|
100
|
+
def update_requirement_block(req_block, target_version)
|
|
101
|
+
kind = req_block.match(KIND_PATTERN)&.captures&.first
|
|
102
|
+
|
|
103
|
+
case kind
|
|
104
|
+
when "upToNextMajorVersion", "upToNextMinorVersion", "versionRange"
|
|
105
|
+
req_block.sub(MIN_VERSION_PATTERN, "minimumVersion = #{target_version};")
|
|
106
|
+
when "exactVersion"
|
|
107
|
+
if req_block.match?(VERSION_PATTERN)
|
|
108
|
+
req_block.sub(VERSION_PATTERN, "version = #{target_version};")
|
|
109
|
+
else
|
|
110
|
+
req_block.sub(MIN_VERSION_PATTERN, "minimumVersion = #{target_version};")
|
|
111
|
+
end
|
|
112
|
+
else
|
|
113
|
+
# branch, revision, or unknown — no version update needed
|
|
114
|
+
req_block
|
|
115
|
+
end
|
|
116
|
+
end
|
|
117
|
+
end
|
|
118
|
+
end
|
|
119
|
+
end
|
|
120
|
+
end
|
|
@@ -1,12 +1,9 @@
|
|
|
1
|
-
# typed:
|
|
1
|
+
# typed: strict
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require "dependabot/experiments"
|
|
5
5
|
require "dependabot/file_updaters"
|
|
6
6
|
require "dependabot/file_updaters/base"
|
|
7
|
-
require "dependabot/swift/file_updater/lockfile_updater"
|
|
8
|
-
require "dependabot/swift/file_updater/manifest_updater"
|
|
9
|
-
require "dependabot/swift/file_updater/xcode_lockfile_updater"
|
|
10
7
|
require "dependabot/swift/xcode_file_helpers"
|
|
11
8
|
|
|
12
9
|
module Dependabot
|
|
@@ -14,6 +11,11 @@ module Dependabot
|
|
|
14
11
|
class FileUpdater < Dependabot::FileUpdaters::Base
|
|
15
12
|
extend T::Sig
|
|
16
13
|
|
|
14
|
+
require_relative "file_updater/lockfile_updater"
|
|
15
|
+
require_relative "file_updater/manifest_updater"
|
|
16
|
+
require_relative "file_updater/pbxproj_updater"
|
|
17
|
+
require_relative "file_updater/xcode_lockfile_updater"
|
|
18
|
+
|
|
17
19
|
sig { override.returns(T::Array[Dependabot::DependencyFile]) }
|
|
18
20
|
def updated_dependency_files
|
|
19
21
|
if xcode_spm_mode?
|
|
@@ -46,7 +48,7 @@ module Dependabot
|
|
|
46
48
|
updated_files
|
|
47
49
|
end
|
|
48
50
|
|
|
49
|
-
# Xcode SPM update: updates Package.resolved
|
|
51
|
+
# Xcode SPM update: updates Package.resolved and project.pbxproj files
|
|
50
52
|
sig { returns(T::Array[Dependabot::DependencyFile]) }
|
|
51
53
|
def updated_xcode_spm_files
|
|
52
54
|
updated_files = T.let([], T::Array[Dependabot::DependencyFile])
|
|
@@ -66,6 +68,8 @@ module Dependabot
|
|
|
66
68
|
updated_files << updated_file(file: resolved_file, content: updated_content)
|
|
67
69
|
end
|
|
68
70
|
|
|
71
|
+
update_pbxproj_files(updated_files)
|
|
72
|
+
|
|
69
73
|
if updated_files.empty?
|
|
70
74
|
raise Dependabot::DependencyFileNotFound.new(
|
|
71
75
|
nil,
|
|
@@ -109,6 +113,51 @@ module Dependabot
|
|
|
109
113
|
)
|
|
110
114
|
end
|
|
111
115
|
|
|
116
|
+
sig { params(updated_files: T::Array[Dependabot::DependencyFile]).void }
|
|
117
|
+
def update_pbxproj_files(updated_files)
|
|
118
|
+
pbxproj_files.each do |pbxproj_file|
|
|
119
|
+
scoped_dependencies = dependencies_for_pbxproj(pbxproj_file)
|
|
120
|
+
next if scoped_dependencies.empty?
|
|
121
|
+
|
|
122
|
+
updater = PbxprojUpdater.new(
|
|
123
|
+
pbxproj_file: pbxproj_file,
|
|
124
|
+
dependencies: scoped_dependencies
|
|
125
|
+
)
|
|
126
|
+
updated_content = updater.updated_pbxproj_content
|
|
127
|
+
next if updated_content == pbxproj_file.content
|
|
128
|
+
|
|
129
|
+
updated = updated_file(file: pbxproj_file, content: updated_content)
|
|
130
|
+
updated.support_file = false
|
|
131
|
+
updated_files << updated
|
|
132
|
+
end
|
|
133
|
+
end
|
|
134
|
+
|
|
135
|
+
sig do
|
|
136
|
+
params(pbxproj_file: Dependabot::DependencyFile)
|
|
137
|
+
.returns(T::Array[Dependabot::Dependency])
|
|
138
|
+
end
|
|
139
|
+
def dependencies_for_pbxproj(pbxproj_file)
|
|
140
|
+
dependencies.select do |dep|
|
|
141
|
+
requirement_files_for(dep).include?(pbxproj_file.name)
|
|
142
|
+
end
|
|
143
|
+
end
|
|
144
|
+
|
|
145
|
+
sig { params(dep: Dependabot::Dependency).returns(T::Set[String]) }
|
|
146
|
+
def requirement_files_for(dep)
|
|
147
|
+
files = dep.requirements.map { |req| req[:file] } + (dep.previous_requirements || []).map { |req| req[:file] }
|
|
148
|
+
files.compact.to_set
|
|
149
|
+
end
|
|
150
|
+
|
|
151
|
+
sig { returns(T::Array[Dependabot::DependencyFile]) }
|
|
152
|
+
def pbxproj_files
|
|
153
|
+
@pbxproj_files ||= T.let(
|
|
154
|
+
dependency_files.select do |f|
|
|
155
|
+
f.name.end_with?("project.pbxproj") && f.support_file?
|
|
156
|
+
end,
|
|
157
|
+
T.nilable(T::Array[Dependabot::DependencyFile])
|
|
158
|
+
)
|
|
159
|
+
end
|
|
160
|
+
|
|
112
161
|
sig { returns(T::Array[Dependabot::DependencyFile]) }
|
|
113
162
|
def xcode_workspace_files
|
|
114
163
|
@xcode_workspace_files ||= T.let(
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-swift
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.368.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -15,14 +15,14 @@ dependencies:
|
|
|
15
15
|
requirements:
|
|
16
16
|
- - '='
|
|
17
17
|
- !ruby/object:Gem::Version
|
|
18
|
-
version: 0.
|
|
18
|
+
version: 0.368.0
|
|
19
19
|
type: :runtime
|
|
20
20
|
prerelease: false
|
|
21
21
|
version_requirements: !ruby/object:Gem::Requirement
|
|
22
22
|
requirements:
|
|
23
23
|
- - '='
|
|
24
24
|
- !ruby/object:Gem::Version
|
|
25
|
-
version: 0.
|
|
25
|
+
version: 0.368.0
|
|
26
26
|
- !ruby/object:Gem::Dependency
|
|
27
27
|
name: debug
|
|
28
28
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -252,6 +252,7 @@ files:
|
|
|
252
252
|
- lib/dependabot/swift/file_updater.rb
|
|
253
253
|
- lib/dependabot/swift/file_updater/lockfile_updater.rb
|
|
254
254
|
- lib/dependabot/swift/file_updater/manifest_updater.rb
|
|
255
|
+
- lib/dependabot/swift/file_updater/pbxproj_updater.rb
|
|
255
256
|
- lib/dependabot/swift/file_updater/requirement_replacer.rb
|
|
256
257
|
- lib/dependabot/swift/file_updater/xcode_lockfile_updater.rb
|
|
257
258
|
- lib/dependabot/swift/language.rb
|
|
@@ -273,7 +274,7 @@ licenses:
|
|
|
273
274
|
- MIT
|
|
274
275
|
metadata:
|
|
275
276
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
276
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
277
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.368.0
|
|
277
278
|
rdoc_options: []
|
|
278
279
|
require_paths:
|
|
279
280
|
- lib
|