diff --git a/bundler/lib/dependabot/bundler/metadata_finder.rb b/bundler/lib/dependabot/bundler/metadata_finder.rb index bf231ba1904..c4053bf0214 100644 --- a/bundler/lib/dependabot/bundler/metadata_finder.rb +++ b/bundler/lib/dependabot/bundler/metadata_finder.rb @@ -201,7 +201,7 @@ def base_url return @base_url if defined?(@base_url) credential = credentials.find do |cred| - cred["type"] == "rubygems_server" && cred["replaces-base"] == true + cred["type"] == "rubygems_server" && cred.replaces_base? end host = credential ? credential["host"] : "rubygems.org" @base_url = "https://#{host}" + ("/" unless host.end_with?("/")) diff --git a/bundler/spec/dependabot/bundler/metadata_finder_spec.rb b/bundler/spec/dependabot/bundler/metadata_finder_spec.rb index 5bdf383a17d..5316aa8a165 100644 --- a/bundler/spec/dependabot/bundler/metadata_finder_spec.rb +++ b/bundler/spec/dependabot/bundler/metadata_finder_spec.rb @@ -3,6 +3,7 @@ require "octokit" require "spec_helper" +require "dependabot/credential" require "dependabot/dependency" require "dependabot/bundler/metadata_finder" require_common_spec "metadata_finders/shared_examples_for_metadata_finders" @@ -139,11 +140,11 @@ end let(:credentials) do [ - { + Dependabot::Credential.new({ "type" => "rubygems_server", "host" => "gems.greysteil.com", "replaces-base" => true - } + }) ] end diff --git a/common/lib/dependabot/credential.rb b/common/lib/dependabot/credential.rb new file mode 100644 index 00000000000..2fabfc7038b --- /dev/null +++ b/common/lib/dependabot/credential.rb @@ -0,0 +1,30 @@ +# typed: strict +# frozen_string_literal: true + +require "sorbet-runtime" + +module Dependabot + class Credential + extend T::Sig + extend Forwardable + + def_delegators :@credential, :fetch, :keys, :[]=, :delete + + sig { params(credential: T::Hash[String, T.any(T::Boolean, String)]).void } + def initialize(credential) + @replaces_base = T.let(credential["replaces-base"] == true, T::Boolean) + credential.delete("replaces-base") + @credential = T.let(T.unsafe(credential), T::Hash[String, String]) + end + + sig { returns(T::Boolean) } + def replaces_base? + @replaces_base + end + + sig { params(key: String).returns(T.nilable(String)) } + def [](key) + @credential[key] + end + end +end diff --git a/common/lib/dependabot/file_fetchers/base.rb b/common/lib/dependabot/file_fetchers/base.rb index ab65d86188b..d2cddf8d14e 100644 --- a/common/lib/dependabot/file_fetchers/base.rb +++ b/common/lib/dependabot/file_fetchers/base.rb @@ -7,6 +7,7 @@ require "dependabot/dependency_file" require "dependabot/source" require "dependabot/errors" +require "dependabot/credential" require "dependabot/clients/azure" require "dependabot/clients/codecommit" require "dependabot/clients/github_with_retries" @@ -26,7 +27,7 @@ class Base sig { returns(Dependabot::Source) } attr_reader :source - sig { returns(T::Array[T::Hash[String, String]]) } + sig { returns(T::Array[Dependabot::Credential]) } attr_reader :credentials sig { returns(T.nilable(String)) } @@ -94,7 +95,7 @@ def self.required_files_message sig do params( source: Dependabot::Source, - credentials: T::Array[T::Hash[String, String]], + credentials: T::Array[Dependabot::Credential], repo_contents_path: T.nilable(String), options: T::Hash[String, String] ) diff --git a/common/lib/dependabot/file_parsers/base.rb b/common/lib/dependabot/file_parsers/base.rb index de860ff44b8..a8960f0c19b 100644 --- a/common/lib/dependabot/file_parsers/base.rb +++ b/common/lib/dependabot/file_parsers/base.rb @@ -2,6 +2,7 @@ # frozen_string_literal: true require "sorbet-runtime" +require "dependabot/credential" module Dependabot module FileParsers @@ -17,7 +18,7 @@ class Base sig { returns(T.nilable(String)) } attr_reader :repo_contents_path - sig { returns(T::Array[T::Hash[String, String]]) } + sig { returns(T::Array[Dependabot::Credential]) } attr_reader :credentials sig { returns(T.nilable(Dependabot::Source)) } @@ -31,7 +32,7 @@ class Base dependency_files: T::Array[Dependabot::DependencyFile], source: T.nilable(Dependabot::Source), repo_contents_path: T.nilable(String), - credentials: T::Array[T::Hash[String, String]], + credentials: T::Array[Dependabot::Credential], reject_external_code: T::Boolean, options: T::Hash[Symbol, T.untyped] ) diff --git a/common/lib/dependabot/file_updaters/base.rb b/common/lib/dependabot/file_updaters/base.rb index 0028114fcb6..a7c59c1240c 100644 --- a/common/lib/dependabot/file_updaters/base.rb +++ b/common/lib/dependabot/file_updaters/base.rb @@ -2,6 +2,7 @@ # frozen_string_literal: true require "sorbet-runtime" +require "dependabot/credential" module Dependabot module FileUpdaters @@ -19,7 +20,7 @@ class Base sig { returns(T.nilable(String)) } attr_reader :repo_contents_path - sig { returns(T::Array[T::Hash[String, String]]) } + sig { returns(T::Array[Dependabot::Credential]) } attr_reader :credentials sig { returns(T::Hash[Symbol, T.untyped]) } @@ -34,7 +35,7 @@ def self.updated_files_regex params( dependencies: T::Array[Dependabot::Dependency], dependency_files: T::Array[Dependabot::DependencyFile], - credentials: T::Array[T::Hash[String, String]], + credentials: T::Array[Dependabot::Credential], repo_contents_path: T.nilable(String), options: T::Hash[Symbol, T.untyped] ).void diff --git a/common/lib/dependabot/git_commit_checker.rb b/common/lib/dependabot/git_commit_checker.rb index 9f4a94c7acd..bb8477a2986 100644 --- a/common/lib/dependabot/git_commit_checker.rb +++ b/common/lib/dependabot/git_commit_checker.rb @@ -12,6 +12,7 @@ require "dependabot/utils" require "dependabot/source" require "dependabot/dependency" +require "dependabot/credential" require "dependabot/git_metadata_fetcher" module Dependabot # rubocop:disable Metrics/ClassLength @@ -29,7 +30,7 @@ class GitCommitChecker sig do params( dependency: Dependabot::Dependency, - credentials: T::Array[T::Hash[String, String]], + credentials: T::Array[Dependabot::Credential], ignored_versions: T::Array[String], raise_on_ignored: T::Boolean, consider_version_branches_pinned: T::Boolean, @@ -226,7 +227,7 @@ def most_specific_version_tag_for_sha(commit_sha) sig { returns(Dependabot::Dependency) } attr_reader :dependency - sig { returns(T::Array[T::Hash[String, String]]) } + sig { returns(T::Array[Dependabot::Credential]) } attr_reader :credentials sig { returns(T::Array[String]) } diff --git a/common/lib/dependabot/git_metadata_fetcher.rb b/common/lib/dependabot/git_metadata_fetcher.rb index 05c993a8a46..98fdcdbbfa5 100644 --- a/common/lib/dependabot/git_metadata_fetcher.rb +++ b/common/lib/dependabot/git_metadata_fetcher.rb @@ -7,6 +7,7 @@ require "dependabot/errors" require "dependabot/git_ref" +require "dependabot/credential" module Dependabot class GitMetadataFetcher @@ -17,7 +18,7 @@ class GitMetadataFetcher sig do params( url: String, - credentials: T::Array[T::Hash[String, String]] + credentials: T::Array[Dependabot::Credential] ) .void end @@ -97,7 +98,7 @@ def head_commit_for_ref_sha(ref) sig { returns(String) } attr_reader :url - sig { returns(T::Array[T::Hash[String, String]]) } + sig { returns(T::Array[Dependabot::Credential]) } attr_reader :credentials sig { params(uri: String).returns(String) } diff --git a/common/lib/dependabot/metadata_finders/base.rb b/common/lib/dependabot/metadata_finders/base.rb index 911b0bc7df9..6867ddf8b1e 100644 --- a/common/lib/dependabot/metadata_finders/base.rb +++ b/common/lib/dependabot/metadata_finders/base.rb @@ -3,6 +3,7 @@ require "sorbet-runtime" require "dependabot/source" +require "dependabot/credential" module Dependabot module MetadataFinders @@ -19,13 +20,13 @@ class Base sig { returns(Dependabot::Dependency) } attr_reader :dependency - sig { returns(T::Array[T::Hash[String, String]]) } + sig { returns(T::Array[Dependabot::Credential]) } attr_reader :credentials sig do params( dependency: Dependabot::Dependency, - credentials: T::Array[T::Hash[String, String]] + credentials: T::Array[Dependabot::Credential] ) .void end diff --git a/common/lib/dependabot/metadata_finders/base/commits_finder.rb b/common/lib/dependabot/metadata_finders/base/commits_finder.rb index e73f088fb32..97b2c59d6d7 100644 --- a/common/lib/dependabot/metadata_finders/base/commits_finder.rb +++ b/common/lib/dependabot/metadata_finders/base/commits_finder.rb @@ -9,6 +9,7 @@ require "dependabot/git_metadata_fetcher" require "dependabot/git_commit_checker" require "dependabot/metadata_finders/base" +require "dependabot/credential" module Dependabot module MetadataFinders @@ -22,14 +23,14 @@ class CommitsFinder sig { returns(Dependabot::Dependency) } attr_reader :dependency - sig { returns(T::Array[T::Hash[String, String]]) } + sig { returns(T::Array[Dependabot::Credential]) } attr_reader :credentials sig do params( source: T.nilable(Dependabot::Source), dependency: Dependabot::Dependency, - credentials: T::Array[T::Hash[String, String]] + credentials: T::Array[Dependabot::Credential] ) .void end diff --git a/common/lib/dependabot/metadata_finders/base/release_finder.rb b/common/lib/dependabot/metadata_finders/base/release_finder.rb index 8e389f1e689..20a9d9e28eb 100644 --- a/common/lib/dependabot/metadata_finders/base/release_finder.rb +++ b/common/lib/dependabot/metadata_finders/base/release_finder.rb @@ -3,6 +3,7 @@ require "sorbet-runtime" +require "dependabot/credential" require "dependabot/clients/github_with_retries" require "dependabot/clients/gitlab_with_retries" require "dependabot/metadata_finders/base" @@ -17,7 +18,7 @@ class ReleaseFinder sig { returns(Dependabot::Dependency) } attr_reader :dependency - sig { returns(T::Array[T::Hash[String, String]]) } + sig { returns(T::Array[Dependabot::Credential]) } attr_reader :credentials sig { returns(T.nilable(Dependabot::Source)) } @@ -27,7 +28,7 @@ class ReleaseFinder params( source: T.nilable(Dependabot::Source), dependency: Dependabot::Dependency, - credentials: T::Array[T::Hash[String, String]] + credentials: T::Array[Dependabot::Credential] ) .void end diff --git a/common/lib/dependabot/pull_request_creator.rb b/common/lib/dependabot/pull_request_creator.rb index f785bcda5a5..f24bcc8ec53 100644 --- a/common/lib/dependabot/pull_request_creator.rb +++ b/common/lib/dependabot/pull_request_creator.rb @@ -3,6 +3,7 @@ require "sorbet-runtime" require "dependabot/metadata_finders" +require "dependabot/credential" module Dependabot class PullRequestCreator @@ -76,7 +77,7 @@ def initialize(cause, pull_request) sig { returns(String) } attr_reader :base_commit - sig { returns(T::Array[T::Hash[String, String]]) } + sig { returns(T::Array[Dependabot::Credential]) } attr_reader :credentials sig { returns(T.nilable(String)) } @@ -142,7 +143,7 @@ def initialize(cause, pull_request) base_commit: String, dependencies: T::Array[Dependabot::Dependency], files: T::Array[Dependabot::DependencyFile], - credentials: T::Array[T::Hash[String, String]], + credentials: T::Array[Dependabot::Credential], pr_message_header: T.nilable(String), pr_message_footer: T.nilable(String), custom_labels: T.nilable(T::Array[String]), diff --git a/common/lib/dependabot/pull_request_creator/labeler.rb b/common/lib/dependabot/pull_request_creator/labeler.rb index 5a6c0bcb404..b09179cc4f1 100644 --- a/common/lib/dependabot/pull_request_creator/labeler.rb +++ b/common/lib/dependabot/pull_request_creator/labeler.rb @@ -4,6 +4,7 @@ require "octokit" require "sorbet-runtime" require "dependabot/pull_request_creator" +require "dependabot/credential" module Dependabot class PullRequestCreator @@ -41,7 +42,7 @@ def register_label_details(package_manager, label_details) params( source: Dependabot::Source, custom_labels: T.nilable(T::Array[String]), - credentials: T::Array[T::Hash[String, String]], + credentials: T::Array[Dependabot::Credential], dependencies: T::Array[Dependency], includes_security_fixes: T::Boolean, label_language: T::Boolean, @@ -107,7 +108,7 @@ def label_pull_request(pull_request_number) sig { returns(T.nilable(T::Array[String])) } attr_reader :custom_labels - sig { returns(T::Array[T::Hash[String, String]]) } + sig { returns(T::Array[Dependabot::Credential]) } attr_reader :credentials sig { returns(T::Array[Dependency]) } diff --git a/common/lib/dependabot/pull_request_creator/pr_name_prefixer.rb b/common/lib/dependabot/pull_request_creator/pr_name_prefixer.rb index 83387abfd7e..c96b365ba77 100644 --- a/common/lib/dependabot/pull_request_creator/pr_name_prefixer.rb +++ b/common/lib/dependabot/pull_request_creator/pr_name_prefixer.rb @@ -2,6 +2,7 @@ # frozen_string_literal: true require "sorbet-runtime" +require "dependabot/credential" require "dependabot/clients/azure" require "dependabot/clients/bitbucket" require "dependabot/clients/codecommit" @@ -36,7 +37,7 @@ class PrNamePrefixer # rubocop:disable Metrics/ClassLength params( source: Dependabot::Source, dependencies: T::Array[Dependency], - credentials: T::Array[T::Hash[String, String]], + credentials: T::Array[Dependabot::Credential], security_fix: T::Boolean, commit_message_options: T::Hash[Symbol, T.untyped] ) @@ -76,7 +77,7 @@ def capitalize_first_word? sig { returns(T::Array[Dependency]) } attr_reader :dependencies - sig { returns(T::Array[T::Hash[String, String]]) } + sig { returns(T::Array[Dependabot::Credential]) } attr_reader :credentials sig { returns(T::Hash[Symbol, T.untyped]) } diff --git a/common/lib/dependabot/pull_request_updater.rb b/common/lib/dependabot/pull_request_updater.rb index 728cf6315a6..de39f45fe4d 100644 --- a/common/lib/dependabot/pull_request_updater.rb +++ b/common/lib/dependabot/pull_request_updater.rb @@ -5,6 +5,7 @@ require "dependabot/pull_request_updater/github" require "dependabot/pull_request_updater/gitlab" require "dependabot/pull_request_updater/azure" +require "dependabot/credential" module Dependabot class PullRequestUpdater @@ -24,7 +25,7 @@ class BranchProtected < StandardError; end sig { returns(String) } attr_reader :old_commit - sig { returns(T::Array[T::Hash[String, String]]) } + sig { returns(T::Array[Dependabot::Credential]) } attr_reader :credentials sig { returns(Integer) } @@ -45,7 +46,7 @@ class BranchProtected < StandardError; end base_commit: String, old_commit: String, files: T::Array[Dependabot::DependencyFile], - credentials: T::Array[T::Hash[String, String]], + credentials: T::Array[Dependabot::Credential], pull_request_number: Integer, author_details: T.nilable(T::Hash[Symbol, String]), signature_key: T.nilable(String), diff --git a/common/lib/dependabot/shared_helpers.rb b/common/lib/dependabot/shared_helpers.rb index 0607a1407ba..02139fcebf0 100644 --- a/common/lib/dependabot/shared_helpers.rb +++ b/common/lib/dependabot/shared_helpers.rb @@ -11,6 +11,7 @@ require "sorbet-runtime" require "tmpdir" +require "dependabot/credential" require "dependabot/simple_instrumentor" require "dependabot/utils" require "dependabot/errors" @@ -246,7 +247,7 @@ def self.excon_defaults(options = nil) sig do type_parameters(:T) .params( - credentials: T::Array[T::Hash[String, String]], + credentials: T::Array[Dependabot::Credential], _block: T.proc.returns(T.type_parameter(:T)) ) .returns(T.type_parameter(:T)) @@ -285,7 +286,7 @@ def self.credential_helper_path end # rubocop:disable Metrics/PerceivedComplexity - sig { params(credentials: T::Array[T::Hash[String, String]], safe_directories: T::Array[String]).void } + sig { params(credentials: T::Array[Dependabot::Credential], safe_directories: T::Array[String]).void } def self.configure_git_to_use_https_with_credentials(credentials, safe_directories) File.open(GIT_CONFIG_GLOBAL_PATH, "w") do |file| file << "# Generated by dependabot/dependabot-core" diff --git a/docker/lib/dependabot/docker/utils/credentials_finder.rb b/docker/lib/dependabot/docker/utils/credentials_finder.rb index 570b0c89550..26b38eaa8b4 100644 --- a/docker/lib/dependabot/docker/utils/credentials_finder.rb +++ b/docker/lib/dependabot/docker/utils/credentials_finder.rb @@ -30,7 +30,7 @@ def credentials_for_registry(registry_hostname) def base_registry @base_registry ||= credentials.find do |cred| - cred["type"] == "docker_registry" && cred["replaces-base"] == true + cred["type"] == "docker_registry" && cred.replaces_base? end @base_registry ||= { "registry" => DEFAULT_DOCKER_HUB_REGISTRY, "credentials" => nil } @base_registry["registry"] diff --git a/docker/spec/dependabot/docker/file_parser_spec.rb b/docker/spec/dependabot/docker/file_parser_spec.rb index 65b40b6479e..03050a9a1c5 100644 --- a/docker/spec/dependabot/docker/file_parser_spec.rb +++ b/docker/spec/dependabot/docker/file_parser_spec.rb @@ -2,6 +2,7 @@ # frozen_string_literal: true require "spec_helper" +require "dependabot/credential" require "dependabot/dependency_file" require "dependabot/source" require "dependabot/docker/file_parser" @@ -278,11 +279,11 @@ context "when replaces-base is false" do let(:repo_url) { "https://registry.hub.docker.com/v2/library/ubuntu/" } let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "docker_registry", "registry" => "registry-host.io:5000", "replaces-base" => false - }] + })] end let(:parser) do described_class.new( diff --git a/docker/spec/dependabot/docker/update_checker_spec.rb b/docker/spec/dependabot/docker/update_checker_spec.rb index 27a42a49fce..194ba27d840 100644 --- a/docker/spec/dependabot/docker/update_checker_spec.rb +++ b/docker/spec/dependabot/docker/update_checker_spec.rb @@ -2,6 +2,7 @@ # frozen_string_literal: true require "spec_helper" +require "dependabot/credential" require "dependabot/dependency" require "dependabot/docker/update_checker" require "dependabot/config" @@ -1164,18 +1165,18 @@ def stub_tag_with_no_digest(tag) context "with replaces-base set to false" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, { + }), Dependabot::Credential.new({ "type" => "docker_registry", "registry" => "registry-host.io:5000", "username" => "grey", "password" => "pa55word", "replaces-base" => false - }] + })] end before do @@ -1189,18 +1190,18 @@ def stub_tag_with_no_digest(tag) context "with replaces-base set to true and with authentication credentials" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, { + }), Dependabot::Credential.new({ "type" => "docker_registry", "registry" => "registry-host.io:5000", "username" => "grey", "password" => "pa55word", "replaces-base" => true - }] + })] end before do @@ -1223,16 +1224,16 @@ def stub_tag_with_no_digest(tag) end let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, { + }), Dependabot::Credential.new({ "type" => "docker_registry", "registry" => "registry-host.io:5000", "replaces-base" => true - }] + })] end it "raises a to PrivateSourceAuthenticationFailure error" do diff --git a/docker/spec/dependabot/docker/utils/credentials_finder_spec.rb b/docker/spec/dependabot/docker/utils/credentials_finder_spec.rb index 67a047f8501..d88eab770e9 100644 --- a/docker/spec/dependabot/docker/utils/credentials_finder_spec.rb +++ b/docker/spec/dependabot/docker/utils/credentials_finder_spec.rb @@ -2,6 +2,7 @@ # frozen_string_literal: true require "spec_helper" +require "dependabot/credential" require "dependabot/docker/utils/credentials_finder" require "aws-sdk-ecr" require "base64" @@ -191,13 +192,13 @@ context "with private registry and replaces-base true" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "docker_registry", "registry" => "registry-host.io:5000", "username" => "grey", "password" => "pa55word", "replaces-base" => true - }] + })] end it { is_expected.to eq("registry-host.io:5000") } @@ -205,13 +206,13 @@ context "with private registry and replaces-base false" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "docker_registry", "registry" => "registry-host.io:5000", "username" => "grey", "password" => "pa55word", "replaces-base" => false - }] + })] end it { is_expected.to eq("registry.hub.docker.com") } @@ -219,19 +220,19 @@ context "with multiple private registries and mixed value of replaces-base" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "docker_registry", "registry" => "registry-host.io:5000", "username" => "grey", "password" => "pa55word", "replaces-base" => false - }, { + }), Dependabot::Credential.new({ "type" => "docker_registry", "registry" => "registry-host-new.io:5000", "username" => "ankit", "password" => "pa55word", "replaces-base" => true - }] + })] end it { is_expected.to eq("registry-host-new.io:5000") } diff --git a/maven/lib/dependabot/maven/file_parser/repositories_finder.rb b/maven/lib/dependabot/maven/file_parser/repositories_finder.rb index a1a28be7e5a..5aa1a8848da 100644 --- a/maven/lib/dependabot/maven/file_parser/repositories_finder.rb +++ b/maven/lib/dependabot/maven/file_parser/repositories_finder.rb @@ -38,7 +38,7 @@ def initialize(pom_fetcher:, dependency_files: [], credentials: [], evaluate_pro end def central_repo_url - base = @credentials.find { |cred| cred["type"] == "maven_repository" && cred["replaces-base"] == true } + base = @credentials.find { |cred| cred["type"] == "maven_repository" && cred.replaces_base? } base ? base["url"] : "https://repo.maven.apache.org/maven2" end diff --git a/maven/spec/dependabot/maven/file_parser/repositories_finder_spec.rb b/maven/spec/dependabot/maven/file_parser/repositories_finder_spec.rb index e801e5b38cc..6e2f0b0b632 100644 --- a/maven/spec/dependabot/maven/file_parser/repositories_finder_spec.rb +++ b/maven/spec/dependabot/maven/file_parser/repositories_finder_spec.rb @@ -2,6 +2,7 @@ # frozen_string_literal: true require "spec_helper" +require "dependabot/credential" require "dependabot/dependency_file" require "dependabot/maven/file_parser/repositories_finder" require "dependabot/maven/file_parser/pom_fetcher" @@ -31,11 +32,11 @@ end context "if replaces-base is present" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "maven_repository", "url" => "https://example.com", "replaces-base" => true - }] + })] end it "returns that URL instead" do expect(finder.central_repo_url).to eq("https://example.com") @@ -140,8 +141,9 @@ let(:base_pom_fixture_name) { "basic_pom.xml" } let(:credentials) do [ - { "type" => "maven_repository", "url" => "https://example.com" }, - { "type" => "git_source", "url" => "https://github.com" } # ignored since it's not maven + Dependabot::Credential.new({ "type" => "maven_repository", "url" => "https://example.com" }), + # ignored since it's not maven + Dependabot::Credential.new({ "type" => "git_source", "url" => "https://github.com" }) ] end diff --git a/maven/spec/dependabot/maven/update_checker/version_finder_spec.rb b/maven/spec/dependabot/maven/update_checker/version_finder_spec.rb index 61306103894..47539dfa45a 100644 --- a/maven/spec/dependabot/maven/update_checker/version_finder_spec.rb +++ b/maven/spec/dependabot/maven/update_checker/version_finder_spec.rb @@ -2,6 +2,7 @@ # frozen_string_literal: true require "spec_helper" +require "dependabot/credential" require "dependabot/dependency" require "dependabot/dependency_file" require "dependabot/maven/update_checker/version_finder" @@ -324,12 +325,12 @@ context "with a repository from credentials" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "maven_repository", "url" => "https://private.registry.org/repo/", "username" => "dependabot", "password" => "dependabotPassword" - }] + })] end let(:private_registry_metadata_url) do @@ -353,16 +354,16 @@ context "that is a gitlab maven repository" do let(:credentials) do [ - { + Dependabot::Credential.new({ "type" => "maven_repository", "url" => "https://private.registry.org/api/v4/groups/-/packages/maven/" - }, - { + }), + Dependabot::Credential.new({ "type" => "git_source", "host" => "private.registry.org", "username" => "x-access-token", "password" => "customToken" - } + }) ] end @@ -389,10 +390,10 @@ context "but no auth details" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "maven_repository", "url" => "https://private.registry.org/repo/" - }] + })] end before do @@ -427,32 +428,32 @@ context "with multiple repositories from credentials" do let(:credentials) do [ - { + Dependabot::Credential.new({ "type" => "maven_repository", "url" => "https://private.registry.org/repo/", "username" => "dependabot", "password" => "dependabotPassword" - }, - { + }), + Dependabot::Credential.new({ "type" => "maven_repository", "url" => "https://private.registry.org/repo/" - }, - { + }), + Dependabot::Credential.new({ "type" => "maven_repository", "url" => "https://private.registry.org/repo2/", "username" => "dependabot2", "password" => "dependabotPassword2" - }, - { + }), + Dependabot::Credential.new({ "type" => "maven_repository", "url" => "https://private.registry.org/api/v4/groups/-/packages/maven/" - }, - { + }), + Dependabot::Credential.new({ "type" => "git_source", "host" => "private.registry.org", "username" => "x-access-token", "password" => "customToken" - } + }) ] end diff --git a/npm_and_yarn/lib/dependabot/npm_and_yarn/update_checker/registry_finder.rb b/npm_and_yarn/lib/dependabot/npm_and_yarn/update_checker/registry_finder.rb index c7fed5d3573..aec49204bdb 100644 --- a/npm_and_yarn/lib/dependabot/npm_and_yarn/update_checker/registry_finder.rb +++ b/npm_and_yarn/lib/dependabot/npm_and_yarn/update_checker/registry_finder.rb @@ -220,7 +220,7 @@ def configured_global_registry return @configured_global_registry = parsed_yarnrc_yml["npmRegistryServer"] end - replaces_base = credentials.find { |cred| cred["type"] == "npm_registry" && cred["replaces-base"] == true } + replaces_base = credentials.find { |cred| cred["type"] == "npm_registry" && cred.replaces_base? } if replaces_base registry = replaces_base["registry"] registry = "https://#{registry}" unless registry.start_with?("http") diff --git a/npm_and_yarn/spec/dependabot/npm_and_yarn/file_fetcher_spec.rb b/npm_and_yarn/spec/dependabot/npm_and_yarn/file_fetcher_spec.rb index c414983eeba..fc5b1f771dc 100644 --- a/npm_and_yarn/spec/dependabot/npm_and_yarn/file_fetcher_spec.rb +++ b/npm_and_yarn/spec/dependabot/npm_and_yarn/file_fetcher_spec.rb @@ -21,12 +21,12 @@ let(:url) { "https://api.github.com/repos/gocardless/bump/contents/" } let(:directory) { "/" } let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }] + })] end let(:json_header) { { "content-type" => "application/json" } } diff --git a/npm_and_yarn/spec/dependabot/npm_and_yarn/file_parser_spec.rb b/npm_and_yarn/spec/dependabot/npm_and_yarn/file_parser_spec.rb index 6ece281f522..a5b5b829fb8 100644 --- a/npm_and_yarn/spec/dependabot/npm_and_yarn/file_parser_spec.rb +++ b/npm_and_yarn/spec/dependabot/npm_and_yarn/file_parser_spec.rb @@ -25,12 +25,12 @@ ) end let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }] + })] end describe "parse" do @@ -275,12 +275,12 @@ context "with a credential that matches the hostname, but not the path" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "npm.pkg.github.com/dependabot", "username" => "x-access-token", "password" => "token" - }] + })] end its(:requirements) do @@ -366,17 +366,17 @@ context "with credentials" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "artifactory01.mydomain.com.evil.com/artifactory/api/npm/my-repo", "token" => "secret_token" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "artifactory01.mydomain.com/artifactory/api/npm/my-repo", "token" => "secret_token" - }] + })] end its(:requirements) do @@ -396,11 +396,11 @@ context "excluding the auth token" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "artifactory01.mydomain.com/artifactory/api/npm/my-repo" - }] + })] end its(:requirements) do diff --git a/npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater/npm_lockfile_updater_spec.rb b/npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater/npm_lockfile_updater_spec.rb index 45b028f8b17..a3ffba06305 100644 --- a/npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater/npm_lockfile_updater_spec.rb +++ b/npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater/npm_lockfile_updater_spec.rb @@ -2,6 +2,7 @@ # frozen_string_literal: true require "spec_helper" +require "dependabot/credential" require "dependabot/npm_and_yarn/file_updater/npm_lockfile_updater" RSpec.describe Dependabot::NpmAndYarn::FileUpdater::NpmLockfileUpdater do @@ -16,10 +17,10 @@ let(:dependencies) { [dependency] } let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com" - }] + })] end let(:dependency) do diff --git a/npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater/npmrc_builder_spec.rb b/npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater/npmrc_builder_spec.rb index ad28e3558a5..79d39f86a11 100644 --- a/npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater/npmrc_builder_spec.rb +++ b/npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater/npmrc_builder_spec.rb @@ -2,6 +2,7 @@ # frozen_string_literal: true require "spec_helper" +require "dependabot/credential" require "dependabot/dependency_file" require "dependabot/npm_and_yarn/file_updater/npmrc_builder" @@ -15,12 +16,12 @@ end let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }] + })] end let(:dependencies) do @@ -61,31 +62,31 @@ let(:dependency_files) { project_dependency_files("generic/simple") } let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "registry.npmjs.org", "token" => "my_token" - }] + })] end it { is_expected.to eq("//registry.npmjs.org/:_authToken=my_token") } context "and using basic auth" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "registry.npmjs.org", "token" => "my:token" - }] + })] end it "includes Basic auth details" do expect(npmrc_content).to eq( @@ -126,13 +127,13 @@ context "with no private sources and credentials cleared" do let(:dependency_files) { project_dependency_files("yarn/simple") } let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "registry.npmjs.org" - }] + })] end it { is_expected.to eq("") } @@ -145,32 +146,32 @@ context "and some credentials" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "registry.npmjs.org", "token" => "my_token" - }] + })] end it { is_expected.to eq("//registry.npmjs.org/:_authToken=my_token") } context "where the registry has a trailing slash" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "artifactory.jfrog.com" \ "/artifactory/api/npm/dependabot/", "token" => "my_token" - }] + })] end it "only adds a single trailing slash" do @@ -182,20 +183,20 @@ context "that match a scoped package" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "npm.fury.io/dependabot", "token" => "my_token" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "npm.fury.io/dep", "token" => "my_other_token" - }] + })] end it "adds auth details, and scopes them correctly" do @@ -207,16 +208,16 @@ context "using bintray" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "api.bintray.com/npm/dependabot/npm-private", "token" => "my_token" - }] + })] end it "adds auth details, and scopes them correctly" do @@ -234,16 +235,16 @@ let(:dependency_files) { project_dependency_files("yarn/scoped_private_source_with_npmrc") } let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "registry.dependabot.com/npm-private", "token" => "my_token" - }] + })] end it "adds auth details without replacing the global registry" do @@ -279,29 +280,29 @@ context "and some credentials" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "registry.npmjs.org" - }] + })] end it { is_expected.to eq("") } end context "that match a scoped package" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "npm.fury.io/dependabot" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "npm.fury.io/dep" - }] + })] end it "adds auth details, and scopes them correctly" do expect(npmrc_content) @@ -317,16 +318,16 @@ context "and credentials for the private source" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "npm.fury.io/dependabot", "token" => "my_token" - }] + })] end it "adds a global registry line, and auth details" do @@ -395,13 +396,13 @@ context "and credentials for the private source" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "npm.fury.io/dependabot" - }] + })] end it "adds a global registry line, and auth details" do @@ -464,13 +465,13 @@ project_dependency_files("npm6/private_source_shrinkwrap") end let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "host.docker.internal" - }] + })] end it "creates npmrc file with inferred registry" do @@ -484,13 +485,13 @@ let(:dependency_files) { project_dependency_files("npm6/private_source") } let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "registry.npmjs.org" - }] + })] end it { is_expected.to eq("") } @@ -511,31 +512,31 @@ context "and some credentials" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "registry.npmjs.org", "token" => "my_token" - }] + })] end it { is_expected.to eq("//registry.npmjs.org/:_authToken=my_token") } context "that match a scoped package" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "npm.fury.io/dependabot", "token" => "my_token" - }] + })] end it "adds auth details, and scopes them correctly" do expect(npmrc_content) @@ -549,16 +550,16 @@ let(:dependency_files) { project_dependency_files("npm8/scoped_private_source_with_npmrc") } let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "registry.dependabot.com/npm-private", "token" => "my_token" - }] + })] end it "adds auth details without replacing the global registry" do @@ -581,25 +582,25 @@ context "and some credentials" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "registry.npmjs.org" - }] + })] end it { is_expected.to eq("") } context "that match a scoped package" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "npm.fury.io/dependabot" - }] + })] end it "adds auth details, and scopes them correctly" do expect(npmrc_content) @@ -610,13 +611,13 @@ context "that match a scoped package with lowercase escaped slash" do let(:dependency_files) { project_dependency_files("npm6/private_source_lower") } let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "npm.fury.io/dependabot" - }] + })] end it "adds auth details, and scopes them correctly" do expect(npmrc_content) @@ -633,16 +634,16 @@ context "and credentials for the private source" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "npm.fury.io/dependabot", "token" => "my_token" - }] + })] end it "adds a global registry line, and token auth details" do @@ -654,16 +655,16 @@ context "with basic auth credentials" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "npm.fury.io/dependabot", "token" => "secret:token" - }] + })] end it "adds a global registry line, and Basic auth details" do @@ -689,16 +690,16 @@ context "with basic auth credentials" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "npm.fury.io/dependabot", "token" => "secret:token" - }] + })] end it "populates the already existing npmrc" do @@ -722,13 +723,13 @@ context "and credentials for the private source" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "npm.fury.io/dependabot" - }] + })] end it "adds a global registry line, and token auth details" do @@ -739,13 +740,13 @@ context "with basic auth credentials cleared" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "npm.fury.io/dependabot" - }] + })] end it "adds a global registry line, and Basic auth details" do @@ -769,13 +770,13 @@ context "with basic auth credentials" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "npm.fury.io/dependabot" - }] + })] end it "populates the already existing npmrc" do @@ -805,11 +806,11 @@ context "and a private registry configured that lists a specific dependency" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "pkgs.dev.azure.com/dependabot/my-project/_packaging/my-feed/npm/registry/", "token" => "my_token" - }] + })] end before do @@ -829,15 +830,15 @@ context "registry scope generation" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "registry.npmjs.org" - }, - { + }), + Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "npm.pkg.github.com", "token" => "my_token" - }] + })] end context "when no packages resolve to the private registry" do diff --git a/npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater/pnpm_lockfile_updater_spec.rb b/npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater/pnpm_lockfile_updater_spec.rb index 32eaef1961d..395bfa883e2 100644 --- a/npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater/pnpm_lockfile_updater_spec.rb +++ b/npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater/pnpm_lockfile_updater_spec.rb @@ -16,10 +16,10 @@ let(:dependencies) { [dependency] } let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com" - }] + })] end let(:dependency) do Dependabot::Dependency.new( diff --git a/npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater_spec.rb b/npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater_spec.rb index 76c26afe5bd..935f38eef36 100644 --- a/npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater_spec.rb +++ b/npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater_spec.rb @@ -16,10 +16,10 @@ let(:dependencies) { [dependency] } let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com" - }] + })] end let(:dependency) do Dependabot::Dependency.new( diff --git a/npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater_spec.rb b/npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater_spec.rb index cbfd29f96f1..f0eaff7b7cb 100644 --- a/npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater_spec.rb +++ b/npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater_spec.rb @@ -21,10 +21,10 @@ end let(:dependencies) { [dependency] } let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com" - }] + })] end let(:dependency) do Dependabot::Dependency.new( @@ -1458,11 +1458,11 @@ let(:files) { project_dependency_files("npm6/npmrc_env_global_auth") } let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "registry.npmjs.org", "token" => "secret_token" - }] + })] end it "updates the files" do @@ -2182,11 +2182,11 @@ let(:files) { project_dependency_files("npm8/npmrc_env_global_auth") } let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "registry.npmjs.org", "token" => "secret_token" - }] + })] end it "updates the files" do @@ -2934,11 +2934,11 @@ let(:files) { project_dependency_files("npm6/npmrc_env_global_auth") } let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "registry.npmjs.org", "token" => "secret_token" - }] + })] end it "updates the files" do @@ -3308,11 +3308,11 @@ context "when the npm registry was explicitly specified" do let(:files) { project_dependency_files("yarn/npm_global_registry") } let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "https://registry.npmjs.org", "token" => "secret_token" - }] + })] end let(:source) do { type: "registry", url: "https://registry.npmjs.org" } diff --git a/npm_and_yarn/spec/dependabot/npm_and_yarn/metadata_finder_spec.rb b/npm_and_yarn/spec/dependabot/npm_and_yarn/metadata_finder_spec.rb index 224f1224ad7..df917a1f285 100644 --- a/npm_and_yarn/spec/dependabot/npm_and_yarn/metadata_finder_spec.rb +++ b/npm_and_yarn/spec/dependabot/npm_and_yarn/metadata_finder_spec.rb @@ -3,6 +3,7 @@ require "octokit" require "spec_helper" +require "dependabot/credential" require "dependabot/dependency" require "dependabot/npm_and_yarn/metadata_finder" require_common_spec "metadata_finders/shared_examples_for_metadata_finders" @@ -24,12 +25,12 @@ described_class.new(dependency: dependency, credentials: credentials) end let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }] + })] end let(:dependency_name) { "etag" } @@ -229,17 +230,17 @@ context "with credentials" do let(:credentials) do [ - { + Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, - { + }), + Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "registry.npmjs.org", "token" => "secret_token" - } + }) ] end @@ -293,17 +294,17 @@ context "with credentials" do let(:credentials) do [ - { + Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, - { + }), + Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "npm.fury.io/dependabot", "token" => "secret_token" - } + }) ] end @@ -337,17 +338,17 @@ let(:credentials) do [ - { + Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, - { + }), + Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "npm.fury.io/dependabot", "token" => "secret_token" - } + }) ] end diff --git a/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker/dependency_files_builder_spec.rb b/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker/dependency_files_builder_spec.rb index 606a12d9e47..85a7d505cfe 100644 --- a/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker/dependency_files_builder_spec.rb +++ b/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker/dependency_files_builder_spec.rb @@ -16,12 +16,12 @@ end let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }] + })] end let!(:dependency_files) { project_dependency_files(project_name) } let(:project_name) { "npm6_and_yarn/simple" } @@ -95,17 +95,17 @@ def project_dependency_file(file_name) describe "a private registry in a .yarnrc with a configured Dependabot private registry and yarn.lock" do let(:project_name) { "yarn/all_private_global_registry" } let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, { + }), Dependabot::Credential.new({ "type" => "npm-registry", "host" => "https://npm-proxy.fury.io/", "username" => "dependabot", "password" => "password" - }] + })] end it "writes the relevant files to disk" do Dependabot::SharedHelpers.in_a_temporary_directory do diff --git a/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker/latest_version_finder_spec.rb b/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker/latest_version_finder_spec.rb index 44a4e74c92d..54947744ba4 100644 --- a/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker/latest_version_finder_spec.rb +++ b/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker/latest_version_finder_spec.rb @@ -34,12 +34,12 @@ let(:dependency_files) { project_dependency_files("npm6/no_lockfile") } let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }] + })] end let(:dependency_name) { "etag" } @@ -283,16 +283,16 @@ context "with credentials" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "registry.npmjs.org", "token" => "secret_token" - }] + })] end it { is_expected.to eq(Gem::Version.new("1.7.0")) } @@ -300,12 +300,12 @@ context "without credentials" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }] + })] end before do @@ -324,12 +324,12 @@ context "when the login page is rate limited" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }] + })] end before do @@ -348,16 +348,16 @@ context "with Basic auth credentials" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "registry.npmjs.org", "token" => "secret:token" - }] + })] end before do body = fixture("npm_responses", "prerelease.json") @@ -487,16 +487,16 @@ context "with credentials" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "npm.fury.io/dependabot", "token" => "secret_token" - }] + })] end it { is_expected.to eq(Gem::Version.new("1.8.1")) } @@ -618,12 +618,12 @@ context "without credentials" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }] + })] end it "raises a to Dependabot::PrivateSourceAuthenticationFailure error" do diff --git a/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker/library_detector_spec.rb b/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker/library_detector_spec.rb index 3c1dc6ac66e..f3f83026388 100644 --- a/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker/library_detector_spec.rb +++ b/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker/library_detector_spec.rb @@ -16,7 +16,7 @@ let(:package_json_file) do project_dependency_files(project_name).find { |f| f.name == "package.json" } end - let(:credentials) { {} } + let(:credentials) { [] } let(:dependency_files) { project_dependency_files(project_name) } describe "library?" do diff --git a/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker/registry_finder_spec.rb b/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker/registry_finder_spec.rb index a3286971e8e..21b17e93ff8 100644 --- a/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker/registry_finder_spec.rb +++ b/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker/registry_finder_spec.rb @@ -2,6 +2,7 @@ # frozen_string_literal: true require "spec_helper" +require "dependabot/credential" require "dependabot/npm_and_yarn/update_checker/registry_finder" RSpec.describe Dependabot::NpmAndYarn::UpdateChecker::RegistryFinder do @@ -18,12 +19,12 @@ let(:yarnrc_file) { nil } let(:yarnrc_yml_file) { nil } let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }] + })] end let(:dependency_name) { "etag" } let(:requirements) do @@ -53,11 +54,11 @@ context "with no rc and with credentials" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "http://example.com", "replaces-base" => true - }] + })] end it { is_expected.to eq("http://example.com") } @@ -180,16 +181,16 @@ context "with credentials for a private registry" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "https://npm.fury.io/dependabot", "token" => "secret_token" - }] + })] end context "which doesn't list the dependency" do @@ -224,15 +225,15 @@ context "but doesn't include auth" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, { + }), Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "npm.fury.io/dependabot" - }] + })] end before do @@ -411,11 +412,11 @@ context "with credentials for a private registry" do before do - credentials << { + credentials << Dependabot::Credential.new({ "type" => "npm_registry", "registry" => "npm.fury.io/dependabot", "token" => "secret_token" - } + }) end context "which doesn't list the dependency" do diff --git a/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker/subdependency_version_resolver_spec.rb b/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker/subdependency_version_resolver_spec.rb index 6e9911afa28..be93059b22b 100644 --- a/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker/subdependency_version_resolver_spec.rb +++ b/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker/subdependency_version_resolver_spec.rb @@ -21,12 +21,12 @@ let(:latest_allowable_version) { dependency.version } let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }] + })] end let(:ignored_versions) { [] } diff --git a/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker/version_resolver_spec.rb b/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker/version_resolver_spec.rb index c032086af20..cd4a74cc0df 100644 --- a/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker/version_resolver_spec.rb +++ b/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker/version_resolver_spec.rb @@ -65,12 +65,12 @@ let(:dependency_files) { project_dependency_files(project_name) } let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }] + })] end let(:repo_contents_path) { build_tmp_repo(project_name, path: "projects") } diff --git a/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker/vulnerability_auditor_spec.rb b/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker/vulnerability_auditor_spec.rb index 119c5d2dcba..f24912e170a 100644 --- a/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker/vulnerability_auditor_spec.rb +++ b/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker/vulnerability_auditor_spec.rb @@ -10,12 +10,12 @@ RSpec.describe Dependabot::NpmAndYarn::UpdateChecker::VulnerabilityAuditor do let(:dependency_files) { [] } # Specified in scenarios below. let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }] + })] end subject do diff --git a/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker_spec.rb b/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker_spec.rb index 8d20aaf1ed4..eb0abdca7b1 100644 --- a/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker_spec.rb +++ b/npm_and_yarn/spec/dependabot/npm_and_yarn/update_checker_spec.rb @@ -41,12 +41,12 @@ let(:options) { {} } let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }] + })] end let(:dependency_name) { "etag" } @@ -1591,12 +1591,12 @@ def eq_including_metadata(expected_array) describe "#conflicting_dependencies" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }] + })] end let(:dependency_name) { "@dependabot-fixtures/npm-transitive-dependency" } diff --git a/python/lib/dependabot/python/file_updater/pip_compile_file_updater.rb b/python/lib/dependabot/python/file_updater/pip_compile_file_updater.rb index 6e071219146..cf536dc13c6 100644 --- a/python/lib/dependabot/python/file_updater/pip_compile_file_updater.rb +++ b/python/lib/dependabot/python/file_updater/pip_compile_file_updater.rb @@ -463,7 +463,7 @@ def pip_compile_index_options .map do |cred| authed_url = AuthedUrlBuilder.authed_url(credential: cred) - if cred["replaces-base"] + if cred.replaces_base? "--index-url=#{authed_url}" else "--extra-index-url=#{authed_url}" diff --git a/python/lib/dependabot/python/update_checker/index_finder.rb b/python/lib/dependabot/python/update_checker/index_finder.rb index 1d57de4af27..57f290ebc25 100644 --- a/python/lib/dependabot/python/update_checker/index_finder.rb +++ b/python/lib/dependabot/python/update_checker/index_finder.rb @@ -146,13 +146,13 @@ def config_variable_index_urls index_url_creds = credentials .select { |cred| cred["type"] == "python_index" } - if (main_cred = index_url_creds.find { |cred| cred["replaces-base"] }) + if (main_cred = index_url_creds.find(&:replaces_base?)) urls[:main] = AuthedUrlBuilder.authed_url(credential: main_cred) end urls[:extra] = index_url_creds - .reject { |cred| cred["replaces-base"] } + .reject(&:replaces_base?) .map { |cred| AuthedUrlBuilder.authed_url(credential: cred) } urls diff --git a/python/lib/dependabot/python/update_checker/pip_compile_version_resolver.rb b/python/lib/dependabot/python/update_checker/pip_compile_version_resolver.rb index d79ae7ce2e7..7f625ed767d 100644 --- a/python/lib/dependabot/python/update_checker/pip_compile_version_resolver.rb +++ b/python/lib/dependabot/python/update_checker/pip_compile_version_resolver.rb @@ -257,7 +257,7 @@ def pip_compile_index_options .map do |cred| authed_url = AuthedUrlBuilder.authed_url(credential: cred) - if cred["replaces-base"] + if cred.replaces_base? "--index-url=#{authed_url}" else "--extra-index-url=#{authed_url}" diff --git a/python/spec/dependabot/python/authed_url_builder_spec.rb b/python/spec/dependabot/python/authed_url_builder_spec.rb index 7043fced469..7efa018d586 100644 --- a/python/spec/dependabot/python/authed_url_builder_spec.rb +++ b/python/spec/dependabot/python/authed_url_builder_spec.rb @@ -2,6 +2,7 @@ # frozen_string_literal: true require "spec_helper" +require "dependabot/credential" require "dependabot/python/authed_url_builder" RSpec.describe Dependabot::Python::AuthedUrlBuilder do @@ -10,11 +11,11 @@ context "without a token" do let(:credential) do - { + Dependabot::Credential.new({ "type" => "python_index", "index-url" => "https://pypi.weasyldev.com/weasyl/source/+simple", - "replaces-base" => "true" - } + "replaces-base" => true + }) end it "leaves the URL alone" do @@ -25,12 +26,12 @@ context "with a token" do let(:credential) do - { + Dependabot::Credential.new({ "type" => "python_index", "index-url" => "https://pypi.weasyldev.com/weasyl/source/+simple", "token" => token, - "replaces-base" => "true" - } + "replaces-base" => true + }) end context "that doesn't include a :" do diff --git a/python/spec/dependabot/python/file_fetcher_spec.rb b/python/spec/dependabot/python/file_fetcher_spec.rb index 982e5033ad8..bd1bba79e6c 100644 --- a/python/spec/dependabot/python/file_fetcher_spec.rb +++ b/python/spec/dependabot/python/file_fetcher_spec.rb @@ -77,12 +77,12 @@ let(:url) { "https://api.github.com/repos/gocardless/bump/contents/" } let(:url_with_directory) { File.join(url, directory) } let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }] + })] end let(:json_header) { { "content-type" => "application/json" } } diff --git a/python/spec/dependabot/python/file_updater/pip_compile_file_updater_spec.rb b/python/spec/dependabot/python/file_updater/pip_compile_file_updater_spec.rb index 0d19b195c6f..0daf13587fd 100644 --- a/python/spec/dependabot/python/file_updater/pip_compile_file_updater_spec.rb +++ b/python/spec/dependabot/python/file_updater/pip_compile_file_updater_spec.rb @@ -60,12 +60,12 @@ }] end let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }] + })] end let(:tmp_path) { Dependabot::Utils::BUMP_TMP_DIR_PATH } diff --git a/python/spec/dependabot/python/file_updater/pipfile_file_updater_spec.rb b/python/spec/dependabot/python/file_updater/pipfile_file_updater_spec.rb index 8289e8a528f..e56da07ce01 100644 --- a/python/spec/dependabot/python/file_updater/pipfile_file_updater_spec.rb +++ b/python/spec/dependabot/python/file_updater/pipfile_file_updater_spec.rb @@ -53,12 +53,12 @@ end let(:dependency_name) { "requests" } let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }] + })] end let(:repo_contents_path) { nil } @@ -185,16 +185,16 @@ context "with a source not included in the original Pipfile" do let(:credentials) do [ - { + Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, - { + }), + Dependabot::Credential.new({ "type" => "python_index", "index-url" => "https://pypi.posrip.com/pypi/" - } + }) ] end @@ -215,16 +215,16 @@ let(:lockfile_fixture_name) { "environment_variable_source.lock" } let(:credentials) do [ - { + Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, - { + }), + Dependabot::Credential.new({ "type" => "python_index", "index-url" => "https://pypi.org/simple" - } + }) ] end diff --git a/python/spec/dependabot/python/file_updater/pipfile_preparer_spec.rb b/python/spec/dependabot/python/file_updater/pipfile_preparer_spec.rb index d6c065e2093..3806178a5a4 100644 --- a/python/spec/dependabot/python/file_updater/pipfile_preparer_spec.rb +++ b/python/spec/dependabot/python/file_updater/pipfile_preparer_spec.rb @@ -20,15 +20,15 @@ subject(:updated_content) { preparer.replace_sources(credentials) } let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, { + }), Dependabot::Credential.new({ "type" => "python_index", "index-url" => "https://username:password@pypi.posrip.com/pypi/" - }] + })] end let(:pipfile_fixture_name) { "version_not_specified" } @@ -42,16 +42,16 @@ context "with auth details provided as a token" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, { + }), Dependabot::Credential.new({ "type" => "python_index", "index-url" => "https://pypi.posrip.com/pypi/", "token" => "username:password" - }] + })] end it "adds the source" do @@ -65,16 +65,16 @@ context "with auth details provided in Pipfile" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, { + }), Dependabot::Credential.new({ "type" => "python_index", "index-url" => "https://pypi.posrip.com/pypi/", "token" => "username:password" - }] + })] end let(:pipfile_fixture_name) { "private_source_auth" } diff --git a/python/spec/dependabot/python/file_updater/poetry_file_updater_spec.rb b/python/spec/dependabot/python/file_updater/poetry_file_updater_spec.rb index 68841211b86..3380fed4d22 100644 --- a/python/spec/dependabot/python/file_updater/poetry_file_updater_spec.rb +++ b/python/spec/dependabot/python/file_updater/poetry_file_updater_spec.rb @@ -54,12 +54,12 @@ end let(:dependency_name) { "requests" } let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }] + })] end describe "#updated_dependency_files" do @@ -811,12 +811,12 @@ ) end let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "python_index", "index-url" => "https://some.internal.registry.com/pypi/", "username" => "test", "password" => "test" - }] + })] end it "prepares a pyproject file without credentials in" do diff --git a/python/spec/dependabot/python/file_updater/requirement_file_updater_spec.rb b/python/spec/dependabot/python/file_updater/requirement_file_updater_spec.rb index 78ec63b7545..a35abeb723e 100644 --- a/python/spec/dependabot/python/file_updater/requirement_file_updater_spec.rb +++ b/python/spec/dependabot/python/file_updater/requirement_file_updater_spec.rb @@ -45,12 +45,12 @@ let(:previous_requirement_string) { "==2.6.1" } let(:updated_requirement_string) { "==2.8.1" } let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }] + })] end describe "#updated_dependency_files" do diff --git a/python/spec/dependabot/python/file_updater_spec.rb b/python/spec/dependabot/python/file_updater_spec.rb index 4741909f248..755029eaf39 100644 --- a/python/spec/dependabot/python/file_updater_spec.rb +++ b/python/spec/dependabot/python/file_updater_spec.rb @@ -46,12 +46,12 @@ ) end let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }] + })] end let(:tmp_path) { Dependabot::Utils::BUMP_TMP_DIR_PATH } diff --git a/python/spec/dependabot/python/metadata_finder_spec.rb b/python/spec/dependabot/python/metadata_finder_spec.rb index c99a5e13df4..5af31ac6c78 100644 --- a/python/spec/dependabot/python/metadata_finder_spec.rb +++ b/python/spec/dependabot/python/metadata_finder_spec.rb @@ -27,12 +27,12 @@ described_class.new(dependency: dependency, credentials: credentials) end let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }] + })] end let(:dependency_name) { "luigi" } let(:version) { "1.0" } @@ -68,15 +68,15 @@ context "with a private index" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, { + }), Dependabot::Credential.new({ "type" => "python_index", "index-url" => "https://username:password@pypi.posrip.com/pypi/" - }] + })] end before do private_url = "https://pypi.posrip.com/pypi/#{dependency_name}/json" @@ -91,16 +91,16 @@ context "with the creds passed as a token" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, { + }), Dependabot::Credential.new({ "type" => "python_index", "index-url" => "https://pypi.posrip.com/pypi/", "token" => "username:password" - }] + })] end it { is_expected.to eq("https://github.com/spotify/luigi") } @@ -108,15 +108,15 @@ context "with the creds using an email address and basic auth" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, { + }), Dependabot::Credential.new({ "type" => "python_index", "index-url" => "https://user@mail.co:password@pypi.posrip.com/pypi/" - }] + })] end before do diff --git a/python/spec/dependabot/python/update_checker/index_finder_spec.rb b/python/spec/dependabot/python/update_checker/index_finder_spec.rb index ed5d3cbe1d4..7a2804511d9 100644 --- a/python/spec/dependabot/python/update_checker/index_finder_spec.rb +++ b/python/spec/dependabot/python/update_checker/index_finder_spec.rb @@ -2,6 +2,7 @@ # frozen_string_literal: true require "spec_helper" +require "dependabot/credential" require "dependabot/dependency_file" require "dependabot/python/update_checker/index_finder" @@ -14,12 +15,12 @@ ) end let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }] + })] end let(:dependency_files) { [requirements_file] } let(:dependency) do @@ -155,11 +156,11 @@ context "set in credentials" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "python_index", "index-url" => "https://pypi.weasyldev.com/weasyl/source/+simple", "replaces-base" => true - }] + })] end it "gets the right index URL" do @@ -169,12 +170,12 @@ context "with credentials passed as a token" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "python_index", "index-url" => "https://pypi.weasyldev.com/weasyl/source/+simple", "token" => "user:pass", "replaces-base" => true - }] + })] end it "gets the right index URL" do @@ -216,12 +217,12 @@ context "that was provided as a config variable" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "python_index", "index-url" => "https://pypi.weasyldev.com/weasyl/" \ "source/+simple", "replaces-base" => false - }] + })] end it "gets the right index URLs" do @@ -235,10 +236,10 @@ context "with a gemfury style" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "python_index", "index-url" => "https://pypi.weasyldev.com/source/+simple" - }] + })] end let(:url) { "https://pypi.weasyldev.com/source/+simple/luigi/" } @@ -258,12 +259,12 @@ end let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "python_index", "index-url" => "https://pypi.weasyldev.com/source/+simple", "token" => "user:pass", "replaces-base" => false - }] + })] end it "gets the right index URLs" do @@ -359,11 +360,11 @@ context "set in credentials" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "python_index", "index-url" => "https://pypi.weasyldev.com/weasyl/source/+simple", "replaces-base" => false - }] + })] end it "gets the right index URLs" do diff --git a/python/spec/dependabot/python/update_checker/latest_version_finder_spec.rb b/python/spec/dependabot/python/update_checker/latest_version_finder_spec.rb index 15e04ec5eda..0ebf30ea6e4 100644 --- a/python/spec/dependabot/python/update_checker/latest_version_finder_spec.rb +++ b/python/spec/dependabot/python/update_checker/latest_version_finder_spec.rb @@ -2,6 +2,7 @@ # frozen_string_literal: true require "spec_helper" +require "dependabot/credential" require "dependabot/dependency" require "dependabot/dependency_file" require "dependabot/python/update_checker/latest_version_finder" @@ -25,12 +26,12 @@ ) end let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }] + })] end let(:ignored_versions) { [] } let(:raise_on_ignored) { false } @@ -366,11 +367,11 @@ context "set in credentials" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "python_index", "index-url" => "https://pypi.weasyldev.com/weasyl/source/+simple", "replaces-base" => true - }] + })] end it { is_expected.to eq(Gem::Version.new("2.6.0")) } @@ -384,12 +385,12 @@ end let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "python_index", "index-url" => "https://pypi.weasyldev.com/weasyl/source/+simple", "token" => "user:pass", "replaces-base" => true - }] + })] end it { is_expected.to eq(Gem::Version.new("2.6.0")) } @@ -443,22 +444,22 @@ context "that was provided as a config variable" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "python_index", "index-url" => "https://pypi.weasyldev.com/weasyl/" \ "source/+simple", "replaces-base" => false - }] + })] end its(:to_s) { is_expected.to eq("3.0.0+weasyl.2") } context "with a gemfury style" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "python_index", "index-url" => "https://pypi.weasyldev.com/source/+simple" - }] + })] end let(:url) { "https://pypi.weasyldev.com/source/+simple/luigi/" } @@ -503,11 +504,11 @@ context "set in credentials" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "python_index", "index-url" => "https://pypi.weasyldev.com/weasyl/source/+simple", "replaces-base" => false - }] + })] end its(:to_s) { is_expected.to eq("3.0.0+weasyl.2") } diff --git a/python/spec/dependabot/python/update_checker/pip_compile_version_resolver_spec.rb b/python/spec/dependabot/python/update_checker/pip_compile_version_resolver_spec.rb index b95b08004e2..adb2ee6c49a 100644 --- a/python/spec/dependabot/python/update_checker/pip_compile_version_resolver_spec.rb +++ b/python/spec/dependabot/python/update_checker/pip_compile_version_resolver_spec.rb @@ -17,12 +17,12 @@ ) end let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }] + })] end let(:dependency_files) { [manifest_file, generated_file] } let(:manifest_file) do diff --git a/python/spec/dependabot/python/update_checker/pip_version_resolver_spec.rb b/python/spec/dependabot/python/update_checker/pip_version_resolver_spec.rb index 60ee4bb18f8..31499e993c6 100644 --- a/python/spec/dependabot/python/update_checker/pip_version_resolver_spec.rb +++ b/python/spec/dependabot/python/update_checker/pip_version_resolver_spec.rb @@ -22,12 +22,12 @@ ) end let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }] + })] end let(:ignored_versions) { [] } let(:security_advisories) { [] } diff --git a/python/spec/dependabot/python/update_checker/pipenv_version_resolver_spec.rb b/python/spec/dependabot/python/update_checker/pipenv_version_resolver_spec.rb index 31f93d3945d..6afaea9e810 100644 --- a/python/spec/dependabot/python/update_checker/pipenv_version_resolver_spec.rb +++ b/python/spec/dependabot/python/update_checker/pipenv_version_resolver_spec.rb @@ -16,12 +16,12 @@ ) end let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }] + })] end let(:dependency_files) { [pipfile, lockfile] } let(:pipfile) do @@ -306,15 +306,15 @@ context "with a matching credential" do let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }, { + }), Dependabot::Credential.new({ "type" => "python_index", "index-url" => "https://pypi.org/simple" - }] + })] end it { is_expected.to eq(Gem::Version.new("2.18.4")) } diff --git a/python/spec/dependabot/python/update_checker/poetry_version_resolver_spec.rb b/python/spec/dependabot/python/update_checker/poetry_version_resolver_spec.rb index 7f5709611af..2fc046d7bb5 100644 --- a/python/spec/dependabot/python/update_checker/poetry_version_resolver_spec.rb +++ b/python/spec/dependabot/python/update_checker/poetry_version_resolver_spec.rb @@ -17,12 +17,12 @@ ) end let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }] + })] end let(:dependency_files) { [pyproject, lockfile] } let(:pyproject) do diff --git a/python/spec/dependabot/python/update_checker_spec.rb b/python/spec/dependabot/python/update_checker_spec.rb index 772c5bc23bd..fe10d2b1dc7 100644 --- a/python/spec/dependabot/python/update_checker_spec.rb +++ b/python/spec/dependabot/python/update_checker_spec.rb @@ -27,12 +27,12 @@ ) end let(:credentials) do - [{ + [Dependabot::Credential.new({ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" - }] + })] end let(:ignored_versions) { [] } let(:raise_on_ignored) { false } diff --git a/updater/lib/dependabot/dependency_snapshot.rb b/updater/lib/dependabot/dependency_snapshot.rb index 0cf328a4dfe..fa049b935c8 100644 --- a/updater/lib/dependabot/dependency_snapshot.rb +++ b/updater/lib/dependabot/dependency_snapshot.rb @@ -12,6 +12,8 @@ # representing the output. module Dependabot class DependencySnapshot + extend T::Sig + def self.create_from_job_definition(job:, job_definition:) decoded_dependency_files = job_definition.fetch("base64_dependency_files").map do |a| file = Dependabot::DependencyFile.new(**a.transform_keys(&:to_sym)) @@ -38,7 +40,7 @@ def add_handled_dependencies(dependency_names) # by the project configuration. def allowed_dependencies @allowed_dependencies ||= if job.security_updates_only? - dependencies.select { |d| job.dependencies.include?(d.name) } + dependencies.select { |d| T.must(job.dependencies).include?(d.name) } else dependencies.select { |d| job.allowed_update?(d) } end @@ -58,7 +60,7 @@ def job_dependencies # private registry but shouldn't cause problems here as job.dependencies # is set either from an existing PR rebase/recreate or a security # advisory. - job_dependency_names = job.dependencies.map(&:downcase) + job_dependency_names = T.must(job.dependencies).map(&:downcase) @job_dependencies = dependencies.select do |dep| job_dependency_names.include?(dep.name.downcase) end @@ -99,6 +101,7 @@ def initialize(job:, base_commit_sha:, dependency_files:) @dependency_group_engine.assign_to_groups!(dependencies: allowed_dependencies) end + sig { returns(Dependabot::Job) } attr_reader :job def parse_files! diff --git a/updater/lib/dependabot/job.rb b/updater/lib/dependabot/job.rb index 7038ed8b96e..57b36320130 100644 --- a/updater/lib/dependabot/job.rb +++ b/updater/lib/dependabot/job.rb @@ -1,6 +1,7 @@ # typed: strict # frozen_string_literal: true +require "dependabot/credential" require "dependabot/config/ignore_condition" require "dependabot/config/update_config" require "dependabot/dependency_group_engine" @@ -50,7 +51,7 @@ class Job sig { returns(T::Array[T::Hash[String, T.untyped]]) } attr_reader :allowed_updates - sig { returns(T::Array[T::Hash[String, T.any(T::Boolean, String)]]) } + sig { returns(T::Array[Dependabot::Credential]) } attr_reader :credentials sig { returns(T.nilable(T::Array[String])) } @@ -130,8 +131,10 @@ def initialize(attributes) # rubocop:disable Metrics/AbcSize @allowed_updates = T.let(attributes.fetch(:allowed_updates), T::Array[T.untyped]) @commit_message_options = T.let(attributes.fetch(:commit_message_options, {}), T.nilable(T::Hash[T.untyped, T.untyped])) - @credentials = T.let(attributes.fetch(:credentials, []), - T::Array[T::Hash[String, T.any(T::Boolean, String)]]) + @credentials = T.let(attributes.fetch(:credentials, []).map do |data| + Dependabot::Credential.new(data) + end, + T::Array[Dependabot::Credential]) @dependencies = T.let(attributes.fetch(:dependencies), T.nilable(T::Array[T.untyped])) @existing_pull_requests = T.let(attributes.fetch(:existing_pull_requests), T::Array[T::Array[T::Hash[String, String]]]) diff --git a/updater/spec/dependabot/updater_spec.rb b/updater/spec/dependabot/updater_spec.rb index b9cd9dfb271..58b01a1f63c 100644 --- a/updater/spec/dependabot/updater_spec.rb +++ b/updater/spec/dependabot/updater_spec.rb @@ -655,15 +655,7 @@ def expect_update_checker_with_ignored_versions(versions, dependency_matcher: an ], dependency_files: default_dependency_files, repo_contents_path: nil, - credentials: [ - { - "type" => "git_source", - "host" => "github.com", - "username" => "x-access-token", - "password" => "github-token" - }, - { "type" => "random", "secret" => "codes" } - ], + credentials: anything, options: { cloning: true } ).and_call_original @@ -2278,15 +2270,7 @@ def expect_update_checker_with_ignored_versions(versions, dependency_matcher: an ) ], repo_contents_path: nil, - credentials: [ - { - "type" => "git_source", - "host" => "github.com", - "username" => "x-access-token", - "password" => "github-token" - }, - { "type" => "random", "secret" => "codes" } - ], + credentials: anything, options: { large_hadron_collider: true } ).and_call_original