dependanot 0.1.10 → 0.1.11

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/cli.rb +2 -0
  3. data/lib/dependabot/git.rb +1 -1
  4. data/lib/dependabot/npm/update.rb +21 -0
  5. data/lib/dependabot/publish.rb +5 -7
  6. data/lib/dependabot/version.rb +1 -1
  7. data/lib/dependabot.rb +1 -0
  8. metadata +4 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 0471f5a768b50b41aa35cb8c9d174cb03ea1c33df18876bd09bbba5c6b42e993
4
- data.tar.gz: 9c855417ea4ab1d5f9f3cee0cb0967becb5b15b2567bddb50f72b1d0aed7ada3
3
+ metadata.gz: e5badfc35fefa1a5209ee7e9495d8051990d5c64c379a1653aeb4e1075c3bce6
4
+ data.tar.gz: 85c462d293de42633139a913aa28e73e13460745ccd421cd0ba02898749b2be7
5
5
  SHA512:
6
- metadata.gz: 4c26a3edfcf2a09c9a98b554d4b6c6312030996c9f3a8b76f80b696b6b30c18cb3760bce57372b4b3b19456b2a0b440ed125c17e86a40c3e60078e4673c4c057
7
- data.tar.gz: 5ec531ad6b506b93e560bbe08950c10a8049cfddc2e588ead9240d57b92c13c802c752ae5e71643424071c5cf8535cb42d068e91910421cdd3e4c2fa3d546c0e
6
+ metadata.gz: a9189f9292c94bac7e08ab53c6039e7a305d03f4fe631f13558807ec27703446e3c55b636c5e97f9e34a10b1cb0de83abeabd0576c49f2ddcac6e33257f3f9f1
7
+ data.tar.gz: b172ac7a995ad36e83c480db71d5046a95e97b2f66aa872046bf3b5045f77d0de62b9aa6490c32dafead65530aee7a200d1cb7e245742bd8fe233316323381f2
data/lib/dependabot/cli.rb CHANGED
@@ -11,7 +11,9 @@ module Dependabot
11
11
  method_option :dependency, aliases: "-d", type: :string, desc: "Update a specific dependency", default: nil
12
12
  method_option :push, aliases: "-p", type: :boolean, desc: "Push the update as a pull request. Default: --no-push", default: false
13
13
  method_option :recursive, aliases: "-r", type: :boolean, desc: "Perform a recursive. Default: --no-recursive", default: false
14
+ method_option :verbose, aliases: "-v", type: :boolean, desc: "Increase verbosity. Default: --no-verbose", default: false
14
15
  def scan(path = Pathname.pwd)
16
+ Dependabot.logger.level = :debug if options[:verbose]
15
17
  ::Dependabot::CLI::Scan.new(path, options).run
16
18
  end
17
19
 
data/lib/dependabot/git.rb CHANGED
@@ -13,7 +13,7 @@ module Dependabot
13
13
  end
14
14
 
15
15
  def checkout(branch:)
16
- repo.create_branch(branch, repo.head.name)
16
+ repo.create_branch(branch, repo.head.name) unless repo.branches[branch]
17
17
  repo.checkout(branch)
18
18
  end
19
19
 
data/lib/dependabot/npm/update.rb ADDED
@@ -0,0 +1,21 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Dependabot
4
+ module Npm
5
+ class Update < ::Spandx::Core::Plugin
6
+ def match?(dependency)
7
+ dependency.package_manager == :npm
8
+ end
9
+
10
+ def enhance(dependency)
11
+ return dependency unless match?(dependency)
12
+
13
+ Dir.chdir(dependency.path.parent) do
14
+ system("rm -fr node_modules/#{dependency.name}")
15
+ system("npm update #{dependency.name}")
16
+ end
17
+ dependency
18
+ end
19
+ end
20
+ end
21
+ end
data/lib/dependabot/publish.rb CHANGED
@@ -30,9 +30,12 @@ module Dependabot
30
30
  def transaction(push:)
31
31
  git.checkout(branch: pull_request.head)
32
32
  callback = yield Callback
33
- return if no_changes? || !push
33
+ return if no_changes?
34
34
 
35
- commit_and_push
35
+ git.commit(all: true, message: pull_request.commit_message)
36
+ return unless push
37
+
38
+ git.push(remote: "origin", branch: pull_request.head)
36
39
  callback.call
37
40
  ensure
38
41
  reset
@@ -46,10 +49,5 @@ module Dependabot
46
49
  def no_changes?
47
50
  git.patch.empty?
48
51
  end
49
-
50
- def commit_and_push
51
- git.commit(all: true, message: pull_request.commit_message)
52
- git.push(remote: "origin", branch: pull_request.head)
53
- end
54
52
  end
55
53
  end
data/lib/dependabot/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Dependabot
4
- VERSION = "0.1.10"
4
+ VERSION = "0.1.11"
5
5
  end
data/lib/dependabot.rb CHANGED
@@ -9,6 +9,7 @@ require "spandx"
9
9
  require "straw"
10
10
 
11
11
  require_relative "dependabot/bundler/update"
12
+ require_relative "dependabot/npm/update"
12
13
  require_relative "dependabot/callback"
13
14
  require_relative "dependabot/git"
14
15
  require_relative "dependabot/publish"
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependanot
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.10
4
+ version: 0.1.11
5
5
  platform: ruby
6
6
  authors:
7
7
  - mo khan
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2021-12-22 00:00:00.000000000 Z
11
+ date: 2021-12-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -112,6 +112,7 @@ files:
112
112
  - lib/dependabot/cli.rb
113
113
  - lib/dependabot/cli/scan.rb
114
114
  - lib/dependabot/git.rb
115
+ - lib/dependabot/npm/update.rb
115
116
  - lib/dependabot/publish.rb
116
117
  - lib/dependabot/pull_request.rb
117
118
  - lib/dependabot/templates/pull.md.erb
@@ -138,7 +139,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
138
139
  - !ruby/object:Gem::Version
139
140
  version: '0'
140
141
  requirements: []
141
- rubygems_version: 3.2.32
142
+ rubygems_version: 3.2.33
142
143
  signing_key:
143
144
  specification_version: 4
144
145
  summary: Definitely not Dependabot