dependanot 0.1.10 → 0.1.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/cli.rb +2 -0
  3. data/lib/dependabot/git.rb +1 -1
  4. data/lib/dependabot/npm/update.rb +21 -0
  5. data/lib/dependabot/publish.rb +5 -7
  6. data/lib/dependabot/version.rb +1 -1
  7. data/lib/dependabot.rb +1 -0
  8. metadata +4 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 0471f5a768b50b41aa35cb8c9d174cb03ea1c33df18876bd09bbba5c6b42e993
4
- data.tar.gz: 9c855417ea4ab1d5f9f3cee0cb0967becb5b15b2567bddb50f72b1d0aed7ada3
3
+ metadata.gz: e5badfc35fefa1a5209ee7e9495d8051990d5c64c379a1653aeb4e1075c3bce6
4
+ data.tar.gz: 85c462d293de42633139a913aa28e73e13460745ccd421cd0ba02898749b2be7
5
5
  SHA512:
6
- metadata.gz: 4c26a3edfcf2a09c9a98b554d4b6c6312030996c9f3a8b76f80b696b6b30c18cb3760bce57372b4b3b19456b2a0b440ed125c17e86a40c3e60078e4673c4c057
7
- data.tar.gz: 5ec531ad6b506b93e560bbe08950c10a8049cfddc2e588ead9240d57b92c13c802c752ae5e71643424071c5cf8535cb42d068e91910421cdd3e4c2fa3d546c0e
6
+ metadata.gz: a9189f9292c94bac7e08ab53c6039e7a305d03f4fe631f13558807ec27703446e3c55b636c5e97f9e34a10b1cb0de83abeabd0576c49f2ddcac6e33257f3f9f1
7
+ data.tar.gz: b172ac7a995ad36e83c480db71d5046a95e97b2f66aa872046bf3b5045f77d0de62b9aa6490c32dafead65530aee7a200d1cb7e245742bd8fe233316323381f2
data/lib/dependabot/cli.rb CHANGED
@@ -11,7 +11,9 @@ module Dependabot
11
11
  method_option :dependency, aliases: "-d", type: :string, desc: "Update a specific dependency", default: nil
12
12
  method_option :push, aliases: "-p", type: :boolean, desc: "Push the update as a pull request. Default: --no-push", default: false
13
13
  method_option :recursive, aliases: "-r", type: :boolean, desc: "Perform a recursive. Default: --no-recursive", default: false
14
+ method_option :verbose, aliases: "-v", type: :boolean, desc: "Increase verbosity. Default: --no-verbose", default: false
14
15
  def scan(path = Pathname.pwd)
16
+ Dependabot.logger.level = :debug if options[:verbose]
15
17
  ::Dependabot::CLI::Scan.new(path, options).run
16
18
  end
17
19
 
data/lib/dependabot/git.rb CHANGED
@@ -13,7 +13,7 @@ module Dependabot
13
13
  end
14
14
 
15
15
  def checkout(branch:)
16
- repo.create_branch(branch, repo.head.name)
16
+ repo.create_branch(branch, repo.head.name) unless repo.branches[branch]
17
17
  repo.checkout(branch)
18
18
  end
19
19
 
data/lib/dependabot/npm/update.rb ADDED
@@ -0,0 +1,21 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Dependabot
4
+ module Npm
5
+ class Update < ::Spandx::Core::Plugin
6
+ def match?(dependency)
7
+ dependency.package_manager == :npm
8
+ end
9
+
10
+ def enhance(dependency)
11
+ return dependency unless match?(dependency)
12
+
13
+ Dir.chdir(dependency.path.parent) do
14
+ system("rm -fr node_modules/#{dependency.name}")
15
+ system("npm update #{dependency.name}")
16
+ end
17
+ dependency
18
+ end
19
+ end
20
+ end
21
+ end
data/lib/dependabot/publish.rb CHANGED
@@ -30,9 +30,12 @@ module Dependabot
30
30
  def transaction(push:)
31
31
  git.checkout(branch: pull_request.head)
32
32
  callback = yield Callback
33
- return if no_changes? || !push
33
+ return if no_changes?
34
34
 
35
- commit_and_push
35
+ git.commit(all: true, message: pull_request.commit_message)
36
+ return unless push
37
+
38
+ git.push(remote: "origin", branch: pull_request.head)
36
39
  callback.call
37
40
  ensure
38
41
  reset
@@ -46,10 +49,5 @@ module Dependabot
46
49
  def no_changes?
47
50
  git.patch.empty?
48
51
  end
49
-
50
- def commit_and_push
51
- git.commit(all: true, message: pull_request.commit_message)
52
- git.push(remote: "origin", branch: pull_request.head)
53
- end
54
52
  end
55
53
  end
data/lib/dependabot/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Dependabot
4
- VERSION = "0.1.10"
4
+ VERSION = "0.1.11"
5
5
  end
data/lib/dependabot.rb CHANGED
@@ -9,6 +9,7 @@ require "spandx"
9
9
  require "straw"
10
10
 
11
11
  require_relative "dependabot/bundler/update"
12
+ require_relative "dependabot/npm/update"
12
13
  require_relative "dependabot/callback"
13
14
  require_relative "dependabot/git"
14
15
  require_relative "dependabot/publish"
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependanot
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.10
4
+ version: 0.1.11
5
5
  platform: ruby
6
6
  authors:
7
7
  - mo khan
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2021-12-22 00:00:00.000000000 Z
11
+ date: 2021-12-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -112,6 +112,7 @@ files:
112
112
  - lib/dependabot/cli.rb
113
113
  - lib/dependabot/cli/scan.rb
114
114
  - lib/dependabot/git.rb
115
+ - lib/dependabot/npm/update.rb
115
116
  - lib/dependabot/publish.rb
116
117
  - lib/dependabot/pull_request.rb
117
118
  - lib/dependabot/templates/pull.md.erb
@@ -138,7 +139,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
138
139
  - !ruby/object:Gem::Version
139
140
  version: '0'
140
141
  requirements: []
141
- rubygems_version: 3.2.32
142
+ rubygems_version: 3.2.33
142
143
  signing_key:
143
144
  specification_version: 4
144
145
  summary: Definitely not Dependabot