RubyGems - dependanot - Versions diffs - 0.1.2 → 0.1.3 - Mend

dependanot 0.1.2 → 0.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e6b6b8422f1c510199070d5eaf33c8c2fef772d09430a2aaf767fa1e644ec664
-  data.tar.gz: 820fa64f9730ed96538df5f5ca8ca63ac5d103a87f675d825519264b68f0c884
+  metadata.gz: c6c42ad297f803bdccb1d62233bfe82e202c4427afe4a11466e1fd726f3b52d6
+  data.tar.gz: a28ae84f166c0ce446660fe28f01f3f55c776398236816719254ca22cf2eee8f
 SHA512:
-  metadata.gz: 722e4985f630ee173803ae22f4b00a84139ba13a4473f29f4852e85418da742c1a153e59ed6eeaa0930e32bbcdcf0e21628f83081015c4c78ab21afd41461dfb
-  data.tar.gz: eb9127f744df240a387439f6a35703a7a9191c08eb2f530a82448ddf2ea2ab89184f8726f9f70ef9c0f758cfbb8a29a119ea986413071e0bb92b114cf35ec02f
+  metadata.gz: 8fe7d3235412ccced81df898d4d12b7f248bdac24a6d5a7d56e1161b3b1beb57f6e04a735deeb6468af1e174b2cecee0977b8ec186542f4bf48061cbf53402f1
+  data.tar.gz: 5e2d053a77a7bfdeda8d151d849f1ee51fb74a5a2f875b49249da24b54342f950e42ceade96f69f09d17c7fde6eebdf5fff32b5f07bbe1351e840f4d70c3641c

data/README.md CHANGED Viewed

@@ -32,7 +32,7 @@ To install this gem onto your local machine, run `bundle exec rake install`. To
 ## Contributing
-Bug reports and pull requests are welcome on GitHub at https://github.com/xlgmokha/dependabot.
+Bug reports and pull requests are welcome on GitHub at https://github.com/dependanot/cli.
 ## License

data/lib/dependabot/cli/scan.rb CHANGED Viewed

@@ -31,24 +31,24 @@ module Dependabot
       end
       def update!(dependency)
-        Dir.chdir(dependency.path.parent) do |path|
-          puts "Updating #{dependency.name}..."
-          branch_name = "dependanot/#{dependency.package_manager}/#{dependency.name}"
-          repo = Rugged::Repository.discover(dependency.path.parent)
-          branch = repo.create_branch(branch_name, repo.head.name)
+        puts "Updating #{dependency.name}..."
+        git_for(dependency) do |git|
           ::Spandx::Core::Plugin.enhance(dependency)
+          puts git.patch
+          git.commit(all: true, message: "Updating #{dependency.name}")
+        end
+      end
-          repo.status do |file, status|
-            puts "#{file} has status: #{status.inspect}"
-          end
-          puts repo.index.diff.patch
-          puts
+      def branch_name_for(dependency)
+        "dependanot/#{dependency.package_manager}/#{dependency.name}"
+      end
-          repo.branches.delete(branch_name)
-          repo.checkout_head(strategy: :force)
-        end
+      def git_for(dependency, branch_name: branch_name_for(dependency))
+        git = ::Dependabot::Git.new(dependency.path.parent)
+        git.checkout(branch: branch_name)
+        yield git
+      ensure
+        git.repo.checkout_head(strategy: :force)
       end
     end
   end

data/lib/dependabot/git.rb ADDED Viewed

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+module Dependabot
+  class Git
+    attr_reader :repo
+    def initialize(path)
+      @path = path
+      @repo = Rugged::Repository.discover(path)
+    end
+    def checkout(branch:)
+      repo.create_branch(branch, repo.head.name)
+      repo.checkout(branch)
+    end
+    def patch
+      repo.index.diff.patch
+    end
+    def commit(message:, all: false)
+      repo.status { |path, status| stage(path) if status.include?(:worktree_modified) } if all
+      Rugged::Commit.create(repo, {
+        message: message,
+        parents: repo.empty? ? [] : [repo.head.target].compact,
+        tree: repo.index.write_tree(repo),
+        update_ref: "HEAD",
+        author: { email: "dependabot[bot]@users.noreply.github.com", name: "dependabot[bot]" },
+      })
+    end
+    private
+    def stage(path)
+      repo.index.read_tree(repo.head.target.tree)
+      repo.index.add(
+        path: path,
+        oid: repo.write(File.binread(path), :blob),
+        mode: File.stat(path).mode
+      )
+    end
+  end
+end

data/lib/dependabot/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Dependabot
-  VERSION = "0.1.2"
+  VERSION = "0.1.3"
 end

data/lib/dependabot.rb CHANGED Viewed

@@ -7,6 +7,7 @@ require "rugged"
 require "spandx"
 require_relative "dependabot/bundler/update"
+require_relative "dependabot/git"
 require_relative "dependabot/tracer"
 require_relative "dependabot/version"

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependanot
 version: !ruby/object:Gem::Version
-  version: 0.1.2
+  version: 0.1.3
 platform: ruby
 authors:
 - mo khan
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2021-12-17 00:00:00.000000000 Z
+date: 2021-12-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: octokit
@@ -82,6 +82,7 @@ files:
 - lib/dependabot/bundler/update.rb
 - lib/dependabot/cli.rb
 - lib/dependabot/cli/scan.rb
+- lib/dependabot/git.rb
 - lib/dependabot/tracer.rb
 - lib/dependabot/version.rb
 - lib/github.rb
@@ -105,7 +106,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.33
+rubygems_version: 3.2.32
 signing_key:
 specification_version: 4
 summary: The Dependabot CLI