Module: Dependabot::Bundler::UpdateChecker::SharedBundlerHelpers
- Included in:
- LatestVersionFinder, VersionResolver
- Defined in:
- lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb
Constant Summary collapse
- GIT_REGEX =
/reset --hard [^\s]*` in directory (?<path>[^\s]*)/.freeze
- GIT_REF_REGEX =
/not exist in the repository (?<path>[^\s]*)\./.freeze
- PATH_REGEX =
/The path `(?<path>.*)` does not exist/.freeze
- RETRYABLE_ERRORS =
%w( Bundler::HTTPError Bundler::Fetcher::FallbackError ).freeze
- RETRYABLE_PRIVATE_REGISTRY_ERRORS =
%w( Bundler::GemNotFound Gem::InvalidSpecificationException Bundler::VersionConflict Bundler::HTTPError Bundler::Fetcher::FallbackError ).freeze
Instance Attribute Summary collapse
-
#credentials ⇒ Object
readonly
Returns the value of attribute credentials.
-
#dependency_files ⇒ Object
readonly
Returns the value of attribute dependency_files.
Instance Method Summary collapse
- #base_directory ⇒ Object
- #gemfile ⇒ Object
- #git_source_credentials ⇒ Object
-
#handle_bundler_errors(error) ⇒ Object
rubocop:disable Metrics/CyclomaticComplexity rubocop:disable Metrics/PerceivedComplexity rubocop:disable Metrics/AbcSize rubocop:disable Metrics/MethodLength.
-
#in_a_temporary_bundler_context(error_handling: true) ⇒ Object
Bundler context setup #.
-
#inaccessible_git_dependencies ⇒ Object
rubocop:enable Metrics/CyclomaticComplexity rubocop:enable Metrics/PerceivedComplexity rubocop:enable Metrics/AbcSize rubocop:enable Metrics/MethodLength.
- #jfrog_source ⇒ Object
- #lockfile ⇒ Object
- #private_registry_credentials ⇒ Object
- #relevant_credentials ⇒ Object
- #retryable_error?(error) ⇒ Boolean
- #sanitized_lockfile_body ⇒ Object
- #write_temporary_dependency_files ⇒ Object
Instance Attribute Details
#credentials ⇒ Object (readonly)
Returns the value of attribute credentials.
32 33 34 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 32 def credentials @credentials end |
#dependency_files ⇒ Object (readonly)
Returns the value of attribute dependency_files.
32 33 34 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 32 def dependency_files @dependency_files end |
Instance Method Details
#base_directory ⇒ Object
78 79 80 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 78 def base_directory dependency_files.first.directory end |
#gemfile ⇒ Object
246 247 248 249 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 246 def gemfile dependency_files.find { |f| f.name == "Gemfile" } || dependency_files.find { |f| f.name == "gems.rb" } end |
#git_source_credentials ⇒ Object
240 241 242 243 244 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 240 def git_source_credentials credentials. select { |cred| cred["password"] || cred["token"] }. select { |cred| cred["type"] == "git_source" } end |
#handle_bundler_errors(error) ⇒ Object
rubocop:disable Metrics/CyclomaticComplexity rubocop:disable Metrics/PerceivedComplexity rubocop:disable Metrics/AbcSize rubocop:disable Metrics/MethodLength
98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 98 def handle_bundler_errors(error) if error. == "marshal data too short" msg = "Error evaluating your dependency files: #{error.}" raise Dependabot::DependencyFileNotEvaluatable, msg end raise if error.is_a?(ArgumentError) msg = error.error_class + " with message: " + error. case error.error_class when "Bundler::Dsl::DSLError", "Bundler::GemspecError" # We couldn't evaluate the Gemfile, let alone resolve it raise Dependabot::DependencyFileNotEvaluatable, msg when "Bundler::Source::Git::MissingGitRevisionError" gem_name = error..match(GIT_REF_REGEX). named_captures["path"]. split("/").last raise GitDependencyReferenceNotFound, gem_name when "Bundler::PathError" gem_name = error..match(PATH_REGEX). named_captures["path"]. split("/").last.split("-")[0..-2].join raise Dependabot::PathDependenciesNotReachable, [gem_name] when "Bundler::Source::Git::GitCommandError" if error..match?(GIT_REGEX) # We couldn't find the specified branch / commit (or the two # weren't compatible). gem_name = error..match(GIT_REGEX). named_captures["path"]. split("/").last.split("-")[0..-2].join raise GitDependencyReferenceNotFound, gem_name end bad_uris = inaccessible_git_dependencies.map { |s| s.source.uri } raise unless bad_uris.any? # We don't have access to one of repos required raise Dependabot::GitDependenciesNotReachable, bad_uris.uniq when "Bundler::GemNotFound", "Gem::InvalidSpecificationException", "Bundler::VersionConflict", "Bundler::CyclicDependencyError" # Bundler threw an error during resolution. Any of: # - the gem doesn't exist in any of the specified sources # - the gem wasn't specified properly # - the gem was specified at an incompatible version raise Dependabot::DependencyFileNotResolvable, msg when "Bundler::Fetcher::AuthenticationRequiredError" regex = /bundle config (?<source>.*) username:password/ source = error..match(regex)[:source] raise Dependabot::PrivateSourceAuthenticationFailure, source when "Bundler::Fetcher::BadAuthenticationError" regex = /Bad username or password for (?<source>.*)\.$/ source = error..match(regex)[:source] raise Dependabot::PrivateSourceAuthenticationFailure, source when "Bundler::Fetcher::CertificateFailureError" regex = /verify the SSL certificate for (?<source>.*)\.$/ source = error..match(regex)[:source] raise Dependabot::PrivateSourceCertificateFailure, source when "Bundler::HTTPError" regex = /Could not fetch specs from (?<source>.*)$/ if error..match?(regex) source = error..match(regex)[:source] raise if source.include?("rubygems.org") raise Dependabot::PrivateSourceTimedOut, source end # JFrog can serve a 403 if the credentials provided are good but # don't have access to a particular gem. raise unless error..include?("permitted to deploy") raise unless jfrog_source raise Dependabot::PrivateSourceAuthenticationFailure, jfrog_source else raise end end |
#in_a_temporary_bundler_context(error_handling: true) ⇒ Object
Bundler context setup #
38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 38 def in_a_temporary_bundler_context(error_handling: true) SharedHelpers.in_a_temporary_directory(base_directory) do |tmp_dir| write_temporary_dependency_files SharedHelpers.in_a_forked_process do # Set the path for path gemspec correctly ::Bundler.instance_variable_set(:@root, tmp_dir) # Remove installed gems from the default Rubygems index ::Gem::Specification.all = ::Gem::Specification.send(:default_stubs, "*.gemspec") # Set auth details relevant_credentials.each do |cred| token = cred["token"] || "#{cred['username']}:#{cred['password']}" ::Bundler.settings.set_command_option( cred.fetch("host"), token.gsub("@", "%40F").gsub("?", "%3F") ) end # Equivalent of running --full-index. Ensures recent dependencies # are always fetched, and fixes Artifactory issues ::Bundler::Fetcher.disable_endpoint yield end end rescue SharedHelpers::ChildProcessFailed, ArgumentError => e retry_count ||= 0 retry_count += 1 if retryable_error?(e) && retry_count <= 2 sleep(rand(1.0..5.0)) && retry end error_handling ? handle_bundler_errors(e) : raise end |
#inaccessible_git_dependencies ⇒ Object
rubocop:enable Metrics/CyclomaticComplexity rubocop:enable Metrics/PerceivedComplexity rubocop:enable Metrics/AbcSize rubocop:enable Metrics/MethodLength
181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 181 def inaccessible_git_dependencies in_a_temporary_bundler_context(error_handling: false) do ::Bundler::Definition.build(gemfile.name, nil, {}).dependencies. reject do |spec| next true unless spec.source.is_a?(::Bundler::Source::Git) # Piggy-back off some private Bundler methods to configure the # URI with auth details in the same way Bundler does. git_proxy = spec.source.send(:git_proxy) uri = spec.source.uri.gsub("git://", "https://") uri = git_proxy.send(:configured_uri_for, uri) uri += ".git" unless uri.end_with?(".git") uri += "/info/refs?service=git-upload-pack" begin Excon.get( uri, idempotent: true, **SharedHelpers.excon_defaults ).status == 200 rescue Excon::Error::Socket, Excon::Error::Timeout false end end end end |
#jfrog_source ⇒ Object
208 209 210 211 212 213 214 215 216 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 208 def jfrog_source in_a_temporary_bundler_context(error_handling: false) do ::Bundler::Definition.build(gemfile.name, nil, {}). send(:sources). rubygems_remotes. find { |uri| uri.host.include?("jfrog") }&. host end end |
#lockfile ⇒ Object
251 252 253 254 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 251 def lockfile dependency_files.find { |f| f.name == "Gemfile.lock" } || dependency_files.find { |f| f.name == "gems.locked" } end |
#private_registry_credentials ⇒ Object
235 236 237 238 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 235 def private_registry_credentials credentials. select { |cred| cred["type"] == "rubygems_server" } end |
#relevant_credentials ⇒ Object
228 229 230 231 232 233 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 228 def relevant_credentials [ *git_source_credentials, *private_registry_credentials ].select { |cred| cred["password"] || cred["token"] } end |
#retryable_error?(error) ⇒ Boolean
82 83 84 85 86 87 88 89 90 91 92 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 82 def retryable_error?(error) return true if error. == "marshal data too short" return false if error.is_a?(ArgumentError) return true if RETRYABLE_ERRORS.include?(error.error_class) unless RETRYABLE_PRIVATE_REGISTRY_ERRORS.include?(error.error_class) return false end private_registry_credentials.any? end |
#sanitized_lockfile_body ⇒ Object
256 257 258 259 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 256 def sanitized_lockfile_body re = FileUpdater::LockfileUpdater::LOCKFILE_ENDING lockfile.content.gsub(re, "") end |
#write_temporary_dependency_files ⇒ Object
218 219 220 221 222 223 224 225 226 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 218 def write_temporary_dependency_files dependency_files.each do |file| path = file.name FileUtils.mkdir_p(Pathname.new(path).dirname) File.write(path, file.content) end File.write(lockfile.name, sanitized_lockfile_body) if lockfile end |