Module: Dependabot::Bundler::UpdateChecker::SharedBundlerHelpers
- Included in:
- LatestVersionFinder, VersionResolver
- Defined in:
- lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb
Constant Summary collapse
- GIT_REGEX =
/reset --hard [^\s]*` in directory (?<path>[^\s]*)/.freeze
- GIT_REF_REGEX =
/not exist in the repository (?<path>[^\s]*)\./.freeze
- PATH_REGEX =
/The path `(?<path>.*)` does not exist/.freeze
- RETRYABLE_ERRORS =
%w( Bundler::HTTPError Bundler::Fetcher::FallbackError ).freeze
- RETRYABLE_PRIVATE_REGISTRY_ERRORS =
%w( Bundler::GemNotFound Gem::InvalidSpecificationException Bundler::VersionConflict Bundler::HTTPError Bundler::Fetcher::FallbackError ).freeze
Instance Attribute Summary collapse
-
#credentials ⇒ Object
readonly
Returns the value of attribute credentials.
-
#dependency_files ⇒ Object
readonly
Returns the value of attribute dependency_files.
Instance Method Summary collapse
- #gemfile ⇒ Object
- #git_source_credentials ⇒ Object
-
#handle_bundler_errors(error) ⇒ Object
rubocop:disable Metrics/CyclomaticComplexity rubocop:disable Metrics/PerceivedComplexity rubocop:disable Metrics/AbcSize rubocop:disable Metrics/MethodLength.
-
#in_a_temporary_bundler_context(error_handling: true) ⇒ Object
Bundler context setup #.
-
#inaccessible_git_dependencies ⇒ Object
rubocop:enable Metrics/CyclomaticComplexity rubocop:enable Metrics/PerceivedComplexity rubocop:enable Metrics/AbcSize rubocop:enable Metrics/MethodLength.
- #jfrog_source ⇒ Object
- #lockfile ⇒ Object
- #private_registry_credentials ⇒ Object
- #relevant_credentials ⇒ Object
- #retryable_error?(error) ⇒ Boolean
- #sanitized_lockfile_body ⇒ Object
- #write_temporary_dependency_files ⇒ Object
Instance Attribute Details
#credentials ⇒ Object (readonly)
Returns the value of attribute credentials.
32 33 34 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 32 def credentials @credentials end |
#dependency_files ⇒ Object (readonly)
Returns the value of attribute dependency_files.
32 33 34 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 32 def dependency_files @dependency_files end |
Instance Method Details
#gemfile ⇒ Object
241 242 243 244 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 241 def gemfile dependency_files.find { |f| f.name == "Gemfile" } || dependency_files.find { |f| f.name == "gems.rb" } end |
#git_source_credentials ⇒ Object
235 236 237 238 239 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 235 def git_source_credentials credentials. select { |cred| cred["password"] || cred["token"] }. select { |cred| cred["type"] == "git_source" } end |
#handle_bundler_errors(error) ⇒ Object
rubocop:disable Metrics/CyclomaticComplexity rubocop:disable Metrics/PerceivedComplexity rubocop:disable Metrics/AbcSize rubocop:disable Metrics/MethodLength
93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 93 def handle_bundler_errors(error) if error. == "marshal data too short" msg = "Error evaluating your dependency files: #{error.}" raise Dependabot::DependencyFileNotEvaluatable, msg end raise if error.is_a?(ArgumentError) msg = error.error_class + " with message: " + error. case error.error_class when "Bundler::Dsl::DSLError", "Bundler::GemspecError" # We couldn't evaluate the Gemfile, let alone resolve it raise Dependabot::DependencyFileNotEvaluatable, msg when "Bundler::Source::Git::MissingGitRevisionError" gem_name = error..match(GIT_REF_REGEX). named_captures["path"]. split("/").last raise GitDependencyReferenceNotFound, gem_name when "Bundler::PathError" gem_name = error..match(PATH_REGEX). named_captures["path"]. split("/").last.split("-")[0..-2].join raise Dependabot::PathDependenciesNotReachable, [gem_name] when "Bundler::Source::Git::GitCommandError" if error..match?(GIT_REGEX) # We couldn't find the specified branch / commit (or the two # weren't compatible). gem_name = error..match(GIT_REGEX). named_captures["path"]. split("/").last.split("-")[0..-2].join raise GitDependencyReferenceNotFound, gem_name end bad_uris = inaccessible_git_dependencies.map { |s| s.source.uri } raise unless bad_uris.any? # We don't have access to one of repos required raise Dependabot::GitDependenciesNotReachable, bad_uris when "Bundler::GemNotFound", "Gem::InvalidSpecificationException", "Bundler::VersionConflict", "Bundler::CyclicDependencyError" # Bundler threw an error during resolution. Any of: # - the gem doesn't exist in any of the specified sources # - the gem wasn't specified properly # - the gem was specified at an incompatible version raise Dependabot::DependencyFileNotResolvable, msg when "Bundler::Fetcher::AuthenticationRequiredError" regex = /bundle config (?<source>.*) username:password/ source = error..match(regex)[:source] raise Dependabot::PrivateSourceAuthenticationFailure, source when "Bundler::Fetcher::BadAuthenticationError" regex = /Bad username or password for (?<source>.*)\.$/ source = error..match(regex)[:source] raise Dependabot::PrivateSourceAuthenticationFailure, source when "Bundler::Fetcher::CertificateFailureError" regex = /verify the SSL certificate for (?<source>.*)\.$/ source = error..match(regex)[:source] raise Dependabot::PrivateSourceCertificateFailure, source when "Bundler::HTTPError" regex = /Could not fetch specs from (?<source>.*)$/ if error..match?(regex) source = error..match(regex)[:source] raise if source.include?("rubygems.org") raise Dependabot::PrivateSourceTimedOut, source end # JFrog can serve a 403 if the credentials provided are good but # don't have access to a particular gem. raise unless error..include?("permitted to deploy") raise unless jfrog_source raise Dependabot::PrivateSourceAuthenticationFailure, jfrog_source else raise end end |
#in_a_temporary_bundler_context(error_handling: true) ⇒ Object
Bundler context setup #
38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 38 def in_a_temporary_bundler_context(error_handling: true) base_directory = dependency_files.first.directory SharedHelpers.in_a_temporary_directory(base_directory) do |tmp_dir| write_temporary_dependency_files SharedHelpers.in_a_forked_process do # Set the path for path gemspec correctly ::Bundler.instance_variable_set(:@root, tmp_dir) # Remove installed gems from the default Rubygems index ::Gem::Specification.all = [] # Set auth details relevant_credentials.each do |cred| token = cred["token"] || "#{cred['username']}:#{cred['password']}" ::Bundler.settings.set_command_option( cred.fetch("host"), token.gsub("@", "%40F").gsub("?", "%3F") ) end yield end end rescue SharedHelpers::ChildProcessFailed, ArgumentError => e retry_count ||= 0 retry_count += 1 if retryable_error?(e) && retry_count <= 2 sleep(rand(1.0..5.0)) && retry end raise unless error_handling # Raise more descriptive errors handle_bundler_errors(e) end |
#inaccessible_git_dependencies ⇒ Object
rubocop:enable Metrics/CyclomaticComplexity rubocop:enable Metrics/PerceivedComplexity rubocop:enable Metrics/AbcSize rubocop:enable Metrics/MethodLength
176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 176 def inaccessible_git_dependencies in_a_temporary_bundler_context(error_handling: false) do ::Bundler::Definition.build(gemfile.name, nil, {}).dependencies. reject do |spec| next true unless spec.source.is_a?(::Bundler::Source::Git) # Piggy-back off some private Bundler methods to configure the # URI with auth details in the same way Bundler does. git_proxy = spec.source.send(:git_proxy) uri = spec.source.uri.gsub("git://", "https://") uri = git_proxy.send(:configured_uri_for, uri) uri += ".git" unless uri.end_with?(".git") uri += "/info/refs?service=git-upload-pack" begin Excon.get( uri, idempotent: true, **SharedHelpers.excon_defaults ).status == 200 rescue Excon::Error::Socket, Excon::Error::Timeout false end end end end |
#jfrog_source ⇒ Object
203 204 205 206 207 208 209 210 211 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 203 def jfrog_source in_a_temporary_bundler_context(error_handling: false) do ::Bundler::Definition.build(gemfile.name, nil, {}). send(:sources). rubygems_remotes. find { |uri| uri.host.include?("jfrog") }&. host end end |
#lockfile ⇒ Object
246 247 248 249 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 246 def lockfile dependency_files.find { |f| f.name == "Gemfile.lock" } || dependency_files.find { |f| f.name == "gems.locked" } end |
#private_registry_credentials ⇒ Object
230 231 232 233 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 230 def private_registry_credentials credentials. select { |cred| cred["type"] == "rubygems_server" } end |
#relevant_credentials ⇒ Object
223 224 225 226 227 228 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 223 def relevant_credentials [ *git_source_credentials, *private_registry_credentials ].select { |cred| cred["password"] || cred["token"] } end |
#retryable_error?(error) ⇒ Boolean
77 78 79 80 81 82 83 84 85 86 87 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 77 def retryable_error?(error) return true if error. == "marshal data too short" return false if error.is_a?(ArgumentError) return true if RETRYABLE_ERRORS.include?(error.error_class) unless RETRYABLE_PRIVATE_REGISTRY_ERRORS.include?(error.error_class) return false end private_registry_credentials.any? end |
#sanitized_lockfile_body ⇒ Object
251 252 253 254 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 251 def sanitized_lockfile_body re = FileUpdater::LockfileUpdater::LOCKFILE_ENDING lockfile.content.gsub(re, "") end |
#write_temporary_dependency_files ⇒ Object
213 214 215 216 217 218 219 220 221 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 213 def write_temporary_dependency_files dependency_files.each do |file| path = file.name FileUtils.mkdir_p(Pathname.new(path).dirname) File.write(path, file.content) end File.write(lockfile.name, sanitized_lockfile_body) if lockfile end |