dependanot 0.1.2 → 0.1.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/lib/dependabot/cli/scan.rb +15 -15
- data/lib/dependabot/git.rb +44 -0
- data/lib/dependabot/version.rb +1 -1
- data/lib/dependabot.rb +1 -0
- metadata +4 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: c6c42ad297f803bdccb1d62233bfe82e202c4427afe4a11466e1fd726f3b52d6
|
4
|
+
data.tar.gz: a28ae84f166c0ce446660fe28f01f3f55c776398236816719254ca22cf2eee8f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 8fe7d3235412ccced81df898d4d12b7f248bdac24a6d5a7d56e1161b3b1beb57f6e04a735deeb6468af1e174b2cecee0977b8ec186542f4bf48061cbf53402f1
|
7
|
+
data.tar.gz: 5e2d053a77a7bfdeda8d151d849f1ee51fb74a5a2f875b49249da24b54342f950e42ceade96f69f09d17c7fde6eebdf5fff32b5f07bbe1351e840f4d70c3641c
|
data/README.md
CHANGED
@@ -32,7 +32,7 @@ To install this gem onto your local machine, run `bundle exec rake install`. To
|
|
32
32
|
|
33
33
|
## Contributing
|
34
34
|
|
35
|
-
Bug reports and pull requests are welcome on GitHub at https://github.com/
|
35
|
+
Bug reports and pull requests are welcome on GitHub at https://github.com/dependanot/cli.
|
36
36
|
|
37
37
|
## License
|
38
38
|
|
data/lib/dependabot/cli/scan.rb
CHANGED
@@ -31,24 +31,24 @@ module Dependabot
|
|
31
31
|
end
|
32
32
|
|
33
33
|
def update!(dependency)
|
34
|
-
|
35
|
-
|
36
|
-
branch_name = "dependanot/#{dependency.package_manager}/#{dependency.name}"
|
37
|
-
|
38
|
-
repo = Rugged::Repository.discover(dependency.path.parent)
|
39
|
-
branch = repo.create_branch(branch_name, repo.head.name)
|
40
|
-
|
34
|
+
puts "Updating #{dependency.name}..."
|
35
|
+
git_for(dependency) do |git|
|
41
36
|
::Spandx::Core::Plugin.enhance(dependency)
|
37
|
+
puts git.patch
|
38
|
+
git.commit(all: true, message: "Updating #{dependency.name}")
|
39
|
+
end
|
40
|
+
end
|
42
41
|
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
puts repo.index.diff.patch
|
47
|
-
puts
|
42
|
+
def branch_name_for(dependency)
|
43
|
+
"dependanot/#{dependency.package_manager}/#{dependency.name}"
|
44
|
+
end
|
48
45
|
|
49
|
-
|
50
|
-
|
51
|
-
|
46
|
+
def git_for(dependency, branch_name: branch_name_for(dependency))
|
47
|
+
git = ::Dependabot::Git.new(dependency.path.parent)
|
48
|
+
git.checkout(branch: branch_name)
|
49
|
+
yield git
|
50
|
+
ensure
|
51
|
+
git.repo.checkout_head(strategy: :force)
|
52
52
|
end
|
53
53
|
end
|
54
54
|
end
|
@@ -0,0 +1,44 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Dependabot
|
4
|
+
class Git
|
5
|
+
attr_reader :repo
|
6
|
+
|
7
|
+
def initialize(path)
|
8
|
+
@path = path
|
9
|
+
@repo = Rugged::Repository.discover(path)
|
10
|
+
end
|
11
|
+
|
12
|
+
def checkout(branch:)
|
13
|
+
repo.create_branch(branch, repo.head.name)
|
14
|
+
repo.checkout(branch)
|
15
|
+
end
|
16
|
+
|
17
|
+
def patch
|
18
|
+
repo.index.diff.patch
|
19
|
+
end
|
20
|
+
|
21
|
+
def commit(message:, all: false)
|
22
|
+
repo.status { |path, status| stage(path) if status.include?(:worktree_modified) } if all
|
23
|
+
|
24
|
+
Rugged::Commit.create(repo, {
|
25
|
+
message: message,
|
26
|
+
parents: repo.empty? ? [] : [repo.head.target].compact,
|
27
|
+
tree: repo.index.write_tree(repo),
|
28
|
+
update_ref: "HEAD",
|
29
|
+
author: { email: "dependabot[bot]@users.noreply.github.com", name: "dependabot[bot]" },
|
30
|
+
})
|
31
|
+
end
|
32
|
+
|
33
|
+
private
|
34
|
+
|
35
|
+
def stage(path)
|
36
|
+
repo.index.read_tree(repo.head.target.tree)
|
37
|
+
repo.index.add(
|
38
|
+
path: path,
|
39
|
+
oid: repo.write(File.binread(path), :blob),
|
40
|
+
mode: File.stat(path).mode
|
41
|
+
)
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
data/lib/dependabot/version.rb
CHANGED
data/lib/dependabot.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependanot
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- mo khan
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-12-
|
11
|
+
date: 2021-12-20 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: octokit
|
@@ -82,6 +82,7 @@ files:
|
|
82
82
|
- lib/dependabot/bundler/update.rb
|
83
83
|
- lib/dependabot/cli.rb
|
84
84
|
- lib/dependabot/cli/scan.rb
|
85
|
+
- lib/dependabot/git.rb
|
85
86
|
- lib/dependabot/tracer.rb
|
86
87
|
- lib/dependabot/version.rb
|
87
88
|
- lib/github.rb
|
@@ -105,7 +106,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
105
106
|
- !ruby/object:Gem::Version
|
106
107
|
version: '0'
|
107
108
|
requirements: []
|
108
|
-
rubygems_version: 3.2.
|
109
|
+
rubygems_version: 3.2.32
|
109
110
|
signing_key:
|
110
111
|
specification_version: 4
|
111
112
|
summary: The Dependabot CLI
|