Module: Dependabot::Bundler::UpdateChecker::SharedBundlerHelpers
- Included in:
- ConflictingDependencyResolver, ForceUpdater, LatestVersionFinder::DependencySource, VersionResolver
- Defined in:
- lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb
Defined Under Namespace
Modules: BundlerErrorPatterns
Constant Summary collapse
- GIT_REGEX =
/reset --hard [^\s]*` in directory (?<path>[^\s]*)/.freeze
- GIT_REF_REGEX =
/not exist in the repository (?<path>[^\s]*)\./.freeze
- PATH_REGEX =
/The path `(?<path>.*)` does not exist/.freeze
- RETRYABLE_ERRORS =
%w( Bundler::HTTPError Bundler::Fetcher::FallbackError ).freeze
- RETRYABLE_PRIVATE_REGISTRY_ERRORS =
%w( Bundler::GemNotFound Gem::InvalidSpecificationException Bundler::VersionConflict Bundler::HTTPError Bundler::Fetcher::FallbackError ).freeze
Instance Attribute Summary collapse
-
#credentials ⇒ Object
readonly
Returns the value of attribute credentials.
-
#dependency_files ⇒ Object
readonly
Returns the value of attribute dependency_files.
-
#repo_contents_path ⇒ Object
readonly
Returns the value of attribute repo_contents_path.
Instance Method Summary collapse
- #base_directory ⇒ Object
- #gemfile ⇒ Object
- #git_source_credentials ⇒ Object
-
#handle_bundler_errors(error) ⇒ Object
rubocop:disable Metrics/CyclomaticComplexity rubocop:disable Metrics/PerceivedComplexity rubocop:disable Metrics/AbcSize rubocop:disable Metrics/MethodLength.
-
#in_a_native_bundler_context(error_handling: true) ⇒ Object
Bundler context setup #.
-
#inaccessible_git_dependencies ⇒ Object
rubocop:enable Metrics/CyclomaticComplexity rubocop:enable Metrics/PerceivedComplexity rubocop:enable Metrics/AbcSize rubocop:enable Metrics/MethodLength.
- #jfrog_source ⇒ Object
- #lockfile ⇒ Object
- #private_registry_credentials ⇒ Object
- #relevant_credentials ⇒ Object
- #retryable_error?(error) ⇒ Boolean
-
#sanitized_lockfile_body ⇒ Object
TODO: Stop sanitizing the lockfile once we have bundler 2 installed.
- #using_bundler_2? ⇒ Boolean
- #write_temporary_dependency_files ⇒ Object
Instance Attribute Details
#credentials ⇒ Object (readonly)
Returns the value of attribute credentials.
41 42 43 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 41 def credentials @credentials end |
#dependency_files ⇒ Object (readonly)
Returns the value of attribute dependency_files.
41 42 43 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 41 def dependency_files @dependency_files end |
#repo_contents_path ⇒ Object (readonly)
Returns the value of attribute repo_contents_path.
41 42 43 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 41 def repo_contents_path @repo_contents_path end |
Instance Method Details
#base_directory ⇒ Object
63 64 65 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 63 def base_directory dependency_files.first.directory end |
#gemfile ⇒ Object
231 232 233 234 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 231 def gemfile dependency_files.find { |f| f.name == "Gemfile" } || dependency_files.find { |f| f.name == "gems.rb" } end |
#git_source_credentials ⇒ Object
225 226 227 228 229 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 225 def git_source_credentials credentials. select { |cred| cred["password"] || cred["token"] }. select { |cred| cred["type"] == "git_source" } end |
#handle_bundler_errors(error) ⇒ Object
rubocop:disable Metrics/CyclomaticComplexity rubocop:disable Metrics/PerceivedComplexity rubocop:disable Metrics/AbcSize rubocop:disable Metrics/MethodLength
80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 80 def handle_bundler_errors(error) if error.error_class == "JSON::ParserError" msg = "Error evaluating your dependency files: #{error.}" raise Dependabot::DependencyFileNotEvaluatable, msg end msg = error.error_class + " with message: " + error. case error.error_class when "Bundler::Dsl::DSLError", "Bundler::GemspecError" # We couldn't evaluate the Gemfile, let alone resolve it raise Dependabot::DependencyFileNotEvaluatable, msg when "Bundler::Source::Git::MissingGitRevisionError" gem_name = error..match(GIT_REF_REGEX). named_captures["path"]. split("/").last raise GitDependencyReferenceNotFound, gem_name when "Bundler::PathError" gem_name = error..match(PATH_REGEX). named_captures["path"]. split("/").last.split("-")[0..-2].join raise Dependabot::PathDependenciesNotReachable, [gem_name] when "Bundler::Source::Git::GitCommandError" if error..match?(GIT_REGEX) # We couldn't find the specified branch / commit (or the two # weren't compatible). gem_name = error..match(GIT_REGEX). named_captures["path"]. split("/").last.split("-")[0..-2].join raise GitDependencyReferenceNotFound, gem_name end bad_uris = inaccessible_git_dependencies.map do |spec| spec.fetch("uri") end raise unless bad_uris.any? # We don't have access to one of repos required raise Dependabot::GitDependenciesNotReachable, bad_uris.uniq when "Bundler::GemNotFound", "Gem::InvalidSpecificationException", "Bundler::VersionConflict", "Bundler::CyclicDependencyError" # Bundler threw an error during resolution. Any of: # - the gem doesn't exist in any of the specified sources # - the gem wasn't specified properly # - the gem was specified at an incompatible version raise Dependabot::DependencyFileNotResolvable, msg when "Bundler::Fetcher::AuthenticationRequiredError" regex = BundlerErrorPatterns::MISSING_AUTH_REGEX source = error..match(regex)[:source] raise Dependabot::PrivateSourceAuthenticationFailure, source when "Bundler::Fetcher::BadAuthenticationError" regex = BundlerErrorPatterns::BAD_AUTH_REGEX source = error..match(regex)[:source] raise Dependabot::PrivateSourceAuthenticationFailure, source when "Bundler::Fetcher::CertificateFailureError" regex = BundlerErrorPatterns::BAD_CERT_REGEX source = error..match(regex)[:source] raise Dependabot::PrivateSourceCertificateFailure, source when "Bundler::HTTPError" regex = BundlerErrorPatterns::HTTP_ERR_REGEX if error..match?(regex) source = error..match(regex)[:source] raise if source.end_with?("rubygems.org/") raise Dependabot::PrivateSourceTimedOut, source end # JFrog can serve a 403 if the credentials provided are good but # don't have access to a particular gem. raise unless error..include?("permitted to deploy") raise unless jfrog_source raise Dependabot::PrivateSourceAuthenticationFailure, jfrog_source else raise end end |
#in_a_native_bundler_context(error_handling: true) ⇒ Object
Bundler context setup #
47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 47 def in_a_native_bundler_context(error_handling: true) SharedHelpers. in_a_temporary_repo_directory(base_directory, repo_contents_path) do |tmp_dir| write_temporary_dependency_files yield(tmp_dir) end rescue SharedHelpers::HelperSubprocessFailed => e retry_count ||= 0 retry_count += 1 sleep(rand(1.0..5.0)) && retry if retryable_error?(e) && retry_count <= 2 error_handling ? handle_bundler_errors(e) : raise end |
#inaccessible_git_dependencies ⇒ Object
rubocop:enable Metrics/CyclomaticComplexity rubocop:enable Metrics/PerceivedComplexity rubocop:enable Metrics/AbcSize rubocop:enable Metrics/MethodLength
164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 164 def inaccessible_git_dependencies in_a_native_bundler_context(error_handling: false) do |tmp_dir| git_specs = SharedHelpers.run_helper_subprocess( command: NativeHelpers.helper_path, function: "git_specs", args: { dir: tmp_dir, gemfile_name: gemfile.name, credentials: relevant_credentials, using_bundler_2: using_bundler_2? } ) git_specs.reject do |spec| Excon.get( spec.fetch("auth_uri"), idempotent: true, **SharedHelpers.excon_defaults ).status == 200 rescue Excon::Error::Socket, Excon::Error::Timeout false end end end |
#jfrog_source ⇒ Object
188 189 190 191 192 193 194 195 196 197 198 199 200 201 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 188 def jfrog_source in_a_native_bundler_context(error_handling: false) do |dir| SharedHelpers.run_helper_subprocess( command: NativeHelpers.helper_path, function: "jfrog_source", args: { dir: dir, gemfile_name: gemfile.name, credentials: relevant_credentials, using_bundler_2: using_bundler_2? } ) end end |
#lockfile ⇒ Object
236 237 238 239 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 236 def lockfile dependency_files.find { |f| f.name == "Gemfile.lock" } || dependency_files.find { |f| f.name == "gems.locked" } end |
#private_registry_credentials ⇒ Object
220 221 222 223 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 220 def private_registry_credentials credentials. select { |cred| cred["type"] == "rubygems_server" } end |
#relevant_credentials ⇒ Object
213 214 215 216 217 218 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 213 def relevant_credentials [ *git_source_credentials, *private_registry_credentials ].select { |cred| cred["password"] || cred["token"] } end |
#retryable_error?(error) ⇒ Boolean
67 68 69 70 71 72 73 74 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 67 def retryable_error?(error) return true if error.error_class == "JSON::ParserError" return true if RETRYABLE_ERRORS.include?(error.error_class) return false unless RETRYABLE_PRIVATE_REGISTRY_ERRORS.include?(error.error_class) private_registry_credentials.any? end |
#sanitized_lockfile_body ⇒ Object
TODO: Stop sanitizing the lockfile once we have bundler 2 installed
242 243 244 245 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 242 def sanitized_lockfile_body re = FileUpdater::LockfileUpdater::LOCKFILE_ENDING lockfile.content.gsub(re, "") end |
#using_bundler_2? ⇒ Boolean
247 248 249 250 251 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 247 def using_bundler_2? return unless lockfile lockfile.content.match?(/BUNDLED WITH\s+2/m) end |
#write_temporary_dependency_files ⇒ Object
203 204 205 206 207 208 209 210 211 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 203 def write_temporary_dependency_files dependency_files.each do |file| path = file.name FileUtils.mkdir_p(Pathname.new(path).dirname) File.write(path, file.content) end File.write(lockfile.name, sanitized_lockfile_body) if lockfile end |