Module: Dependabot::Bundler::UpdateChecker::SharedBundlerHelpers

Included in:

ConflictingDependencyResolver, ForceUpdater, LatestVersionFinder::DependencySource, VersionResolver

Defined in:

lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb

Defined Under Namespace

Modules: BundlerErrorPatterns

Constant Summary

GIT_REGEX =

/reset --hard [^\s]*` in directory (?<path>[^\s]*)/

GIT_REF_REGEX =

/not exist in the repository (?<path>[^\s]*)\./

PATH_REGEX =

/The path `(?<path>.*)` does not exist/

RETRYABLE_ERRORS =

%w(
  Bundler::HTTPError
  Bundler::Fetcher::FallbackError
).freeze

RETRYABLE_PRIVATE_REGISTRY_ERRORS =

%w(
  Bundler::GemNotFound
  Gem::InvalidSpecificationException
  Bundler::VersionConflict
  Bundler::HTTPError
  Bundler::Fetcher::FallbackError
).freeze

Instance Attribute Summary

• #credentials ⇒ Object readonly

  Returns the value of attribute credentials.

• #dependency_files ⇒ Object readonly

  Returns the value of attribute dependency_files.

• #repo_contents_path ⇒ Object readonly

  Returns the value of attribute repo_contents_path.

Instance Method Summary

• #base_directory ⇒ Object
• #gemfile ⇒ Object
• #handle_bundler_errors(error) ⇒ Object

  rubocop:disable Metrics/CyclomaticComplexity rubocop:disable Metrics/PerceivedComplexity rubocop:disable Metrics/AbcSize rubocop:disable Metrics/MethodLength.

• #in_a_native_bundler_context(error_handling: true) ⇒ Object

  Bundler context setup #.

• #inaccessible_git_dependencies ⇒ Object

  rubocop:enable Metrics/CyclomaticComplexity rubocop:enable Metrics/PerceivedComplexity rubocop:enable Metrics/AbcSize rubocop:enable Metrics/MethodLength.

• #jfrog_source ⇒ Object
• #lockfile ⇒ Object
• #private_registry_credentials ⇒ Object
• #retryable_error?(error) ⇒ Boolean
• #write_temporary_dependency_files ⇒ Object

Instance Attribute Details

#credentials ⇒ Object (readonly)

Returns the value of attribute credentials.

# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 40

def credentials
  @credentials
end

#dependency_files ⇒ Object (readonly)

Returns the value of attribute dependency_files.

# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 40

def dependency_files
  @dependency_files
end

#repo_contents_path ⇒ Object (readonly)

Returns the value of attribute repo_contents_path.

# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 40

def repo_contents_path
  @repo_contents_path
end

Instance Method Details

#base_directory ⇒ Object

# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 62

def base_directory
  dependency_files.first.directory
end

#gemfile ⇒ Object

# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 223

def gemfile
  dependency_files.find { |f| f.name == "Gemfile" } ||
    dependency_files.find { |f| f.name == "gems.rb" }
end

#handle_bundler_errors(error) ⇒ Object

rubocop:disable Metrics/CyclomaticComplexity rubocop:disable Metrics/PerceivedComplexity rubocop:disable Metrics/AbcSize rubocop:disable Metrics/MethodLength

# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 79

def handle_bundler_errors(error)
  if error.error_class == "JSON::ParserError"
    msg = "Error evaluating your dependency files: #{error.message}"
    raise Dependabot::DependencyFileNotEvaluatable, msg
  end

  msg = error.error_class + " with message: " + error.message

  case error.error_class
  when "Bundler::Dsl::DSLError", "Bundler::GemspecError"
    # We couldn't evaluate the Gemfile, let alone resolve it
    raise Dependabot::DependencyFileNotEvaluatable, msg
  when "Bundler::Source::Git::MissingGitRevisionError"
    gem_name =
      error.message.match(GIT_REF_REGEX).
      named_captures["path"].
      split("/").last
    raise GitDependencyReferenceNotFound, gem_name
  when "Bundler::PathError"
    gem_name =
      error.message.match(PATH_REGEX).
      named_captures["path"].
      split("/").last.split("-")[0..-2].join
    raise Dependabot::PathDependenciesNotReachable, [gem_name]
  when "Bundler::Source::Git::GitCommandError"
    if error.message.match?(GIT_REGEX)
      # We couldn't find the specified branch / commit (or the two
      # weren't compatible).
      gem_name =
        error.message.match(GIT_REGEX).
        named_captures["path"].
        split("/").last.split("-")[0..-2].join
      raise GitDependencyReferenceNotFound, gem_name
    end

    bad_uris = inaccessible_git_dependencies.map do |spec|
      spec.fetch("uri")
    end
    raise unless bad_uris.any?

    # We don't have access to one of repos required
    raise Dependabot::GitDependenciesNotReachable, bad_uris.uniq
  when "Bundler::GemNotFound", "Gem::InvalidSpecificationException",
       "Bundler::VersionConflict", "Bundler::CyclicDependencyError"
    # Bundler threw an error during resolution. Any of:
    # - the gem doesn't exist in any of the specified sources
    # - the gem wasn't specified properly
    # - the gem was specified at an incompatible version
    raise Dependabot::DependencyFileNotResolvable, msg
  when "Bundler::Fetcher::AuthenticationRequiredError"
    regex = BundlerErrorPatterns::MISSING_AUTH_REGEX
    source = error.message.match(regex)[:source]
    raise Dependabot::PrivateSourceAuthenticationFailure, source
  when "Bundler::Fetcher::BadAuthenticationError"
    regex = BundlerErrorPatterns::BAD_AUTH_REGEX
    source = error.message.match(regex)[:source]
    raise Dependabot::PrivateSourceAuthenticationFailure, source
  when "Bundler::Fetcher::CertificateFailureError"
    regex = BundlerErrorPatterns::BAD_CERT_REGEX
    source = error.message.match(regex)[:source]
    raise Dependabot::PrivateSourceCertificateFailure, source
  when "Bundler::HTTPError"
    regex = BundlerErrorPatterns::HTTP_ERR_REGEX
    if error.message.match?(regex)
      source = error.message.match(regex)[:source]
      raise if [
        "rubygems.org",
        "www.rubygems.org"
      ].include?(URI(source).host)

      raise Dependabot::PrivateSourceTimedOut, source
    end

    # JFrog can serve a 403 if the credentials provided are good but
    # don't have access to a particular gem.
    raise unless error.message.include?("permitted to deploy")
    raise unless jfrog_source

    raise Dependabot::PrivateSourceAuthenticationFailure, jfrog_source
  else raise
  end
end

#in_a_native_bundler_context(error_handling: true) ⇒ Object

Bundler context setup #

# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 46

def in_a_native_bundler_context(error_handling: true)
  SharedHelpers.
    in_a_temporary_repo_directory(base_directory,
                                  repo_contents_path) do |tmp_dir|
    write_temporary_dependency_files

    yield(tmp_dir)
  end
rescue SharedHelpers::HelperSubprocessFailed => e
  retry_count ||= 0
  retry_count += 1
  sleep(rand(1.0..5.0)) && retry if retryable_error?(e) && retry_count <= 2

  error_handling ? handle_bundler_errors(e) : raise
end

#inaccessible_git_dependencies ⇒ Object

rubocop:enable Metrics/CyclomaticComplexity rubocop:enable Metrics/PerceivedComplexity rubocop:enable Metrics/AbcSize rubocop:enable Metrics/MethodLength

# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 166

def inaccessible_git_dependencies
  in_a_native_bundler_context(error_handling: false) do |tmp_dir|
    git_specs = NativeHelpers.run_bundler_subprocess(
      bundler_version: bundler_version,
      function: "git_specs",
      options: options,
      args: {
        dir: tmp_dir,
        gemfile_name: gemfile.name,
        credentials: credentials
      }
    )
    git_specs.reject do |spec|
      uri = URI.parse(spec.fetch("auth_uri"))
      next false unless uri.scheme&.match?(/https?/o)

      Dependabot::RegistryClient.get(
        url: uri.to_s
      ).status == 200
    rescue Excon::Error::Socket, Excon::Error::Timeout
      false
    end
  end
end

#jfrog_source ⇒ Object

# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 191

def jfrog_source
  return @jfrog_source unless defined?(@jfrog_source)

  @jfrog_source = in_a_native_bundler_context(error_handling: false) do |dir|
    NativeHelpers.run_bundler_subprocess(
      bundler_version: bundler_version,
      function: "jfrog_source",
      options: options,
      args: {
        dir: dir,
        gemfile_name: gemfile.name,
        credentials: credentials
      }
    )
  end
end

#lockfile ⇒ Object

# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 228

def lockfile
  dependency_files.find { |f| f.name == "Gemfile.lock" } ||
    dependency_files.find { |f| f.name == "gems.locked" }
end

#private_registry_credentials ⇒ Object

# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 218

def private_registry_credentials
  credentials.
    select { |cred| cred["type"] == "rubygems_server" }
end

#retryable_error?(error) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 66

def retryable_error?(error)
  return true if error.error_class == "JSON::ParserError"
  return true if RETRYABLE_ERRORS.include?(error.error_class)

  return false unless RETRYABLE_PRIVATE_REGISTRY_ERRORS.include?(error.error_class)

  private_registry_credentials.any?
end

#write_temporary_dependency_files ⇒ Object

# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 208

def write_temporary_dependency_files
  dependency_files.each do |file|
    path = file.name
    FileUtils.mkdir_p(Pathname.new(path).dirname)
    File.write(path, file.content)
  end

  File.write(lockfile.name, lockfile.content) if lockfile
end