Module: Dependabot::Bundler::UpdateChecker::SharedBundlerHelpers
- Extended by:
- T::Helpers, T::Sig
- Includes:
- Kernel
- Included in:
- Package::PackageDetailsFetcher, ConflictingDependencyResolver, ForceUpdater, LatestVersionFinder::DependencySource, VersionResolver
- Defined in:
- lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb
Defined Under Namespace
Modules: BundlerErrorPatterns
Constant Summary collapse
- GIT_REGEX =
/reset --hard [^\s]*` in directory (?<path>[^\s]*)/- GIT_REF_REGEX =
/not exist in the repository (?<path>[^\s]*)\./- PATH_REGEX =
/The path `(?<path>.*)` does not exist/- REGISTRY_METADATA_ERROR_REGEX =
Raised by Bundler when a registry's compact index (
/info/<gem>) returns gem metadata it can't parse (e.g. an illformedruby:/rubygems:requirement). This means the registry served bad data, not that the user's dependency files are broken. The trailingdetailcapture keeps Bundler's own explanation (e.g.Illformed requirement [...]) so the exact parse failure is preserved rather than discarded. /error parsing the metadata for the gem (?<gem>\S+) \((?<version>[^)]+)\):?\s*(?<detail>.*)/m- RETRYABLE_ERRORS =
%w( Bundler::HTTPError Bundler::Fetcher::FallbackError ).freeze
- RETRYABLE_PRIVATE_REGISTRY_ERRORS =
%w( Bundler::GemNotFound Gem::InvalidSpecificationException Bundler::VersionConflict Bundler::HTTPError Bundler::Fetcher::FallbackError ).freeze
Instance Method Summary collapse
- #base_directory ⇒ Object
- #credentials ⇒ Object
- #dependency_files ⇒ Object
- #gemfile ⇒ Object
- #handle_bundler_errors(error) ⇒ Object
- #in_a_native_bundler_context(error_handling: true, &_blk) ⇒ Object
- #inaccessible_git_dependencies ⇒ Object
- #jfrog_source ⇒ Object
- #lockfile ⇒ Object
- #options ⇒ Object
- #private_registry_credentials ⇒ Object
- #private_registry_source ⇒ Object
- #registry_metadata_error(error) ⇒ Object
- #repo_contents_path ⇒ Object
- #retryable_error?(error) ⇒ Boolean
- #write_temporary_dependency_files ⇒ Object
Instance Method Details
#base_directory ⇒ Object
100 101 102 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 100 def base_directory T.must(dependency_files.first).directory end |
#credentials ⇒ Object
37 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 37 def credentials; end |
#dependency_files ⇒ Object
31 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 31 def dependency_files; end |
#gemfile ⇒ Object
312 313 314 315 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 312 def gemfile dependency_files.find { |f| f.name == "Gemfile" } || dependency_files.find { |f| f.name == "gems.rb" } end |
#handle_bundler_errors(error) ⇒ Object
119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 119 def handle_bundler_errors(error) if error.error_class == "JSON::ParserError" msg = "Error evaluating your dependency files: #{error.}" raise Dependabot::DependencyFileNotEvaluatable, msg end msg = error.error_class + " with message: " + error. case error.error_class when "Bundler::Dsl::DSLError", "Bundler::GemspecError" # We couldn't evaluate the Gemfile, let alone resolve it raise (error) || Dependabot::DependencyFileNotEvaluatable.new(msg) when "Bundler::Source::Git::MissingGitRevisionError" match_data = error..match(GIT_REF_REGEX) gem_name = T.must(T.must(match_data).named_captures["path"]) .split("/").last raise GitDependencyReferenceNotFound, T.must(gem_name) when "Bundler::PathError" match_data = error..match(PATH_REGEX) path = T.must(T.must(match_data).named_captures["path"]) gem_name = T.must(T.must(path.split("/").last).split("-")[0..-2]).join raise Dependabot::PathDependenciesNotReachable, [gem_name] when "Bundler::Source::Git::GitCommandError" if error..match?(GIT_REGEX) # We couldn't find the specified branch / commit (or the two # weren't compatible). match_data = error..match(GIT_REGEX) path = T.must(T.must(match_data).named_captures["path"]) gem_name = T.must(T.must(path.split("/").last).split("-")[0..-2]).join raise GitDependencyReferenceNotFound, gem_name end bad_uris = inaccessible_git_dependencies.map do |spec| spec.fetch("uri") end raise unless bad_uris.any? # We don't have access to one of repos required raise Dependabot::GitDependenciesNotReachable, bad_uris.uniq when "Bundler::GemNotFound", "Gem::InvalidSpecificationException", "Bundler::VersionConflict", "Bundler::CyclicDependencyError", "Bundler::SolveFailure" # Bundler threw an error during resolution. Any of: # - the gem doesn't exist in any of the specified sources # - the gem wasn't specified properly # - the gem was specified at an incompatible version raise Dependabot::DependencyFileNotResolvable, msg when "Bundler::Fetcher::AuthenticationRequiredError" regex = BundlerErrorPatterns::MISSING_AUTH_REGEX source = T.must(T.must(error..match(regex))[:source]) raise Dependabot::PrivateSourceAuthenticationFailure, source when "Bundler::Fetcher::AuthenticationForbiddenError" regex = BundlerErrorPatterns::FORBIDDEN_AUTH_REGEX source = T.must(T.must(error..match(regex))[:source]) raise Dependabot::PrivateSourceAuthenticationFailure, source when "Bundler::Fetcher::BadAuthenticationError" regex = BundlerErrorPatterns::BAD_AUTH_REGEX source = T.must(T.must(error..match(regex))[:source]) raise Dependabot::PrivateSourceAuthenticationFailure, source when "Bundler::Fetcher::CertificateFailureError" regex = BundlerErrorPatterns::BAD_CERT_REGEX source = T.must(T.must(error..match(regex))[:source]) raise Dependabot::PrivateSourceCertificateFailure, source when "Bundler::HTTPError" regex = BundlerErrorPatterns::HTTP_ERR_REGEX if error..match?(regex) source = T.must(T.must(error..match(regex))[:source]) raise if [ "rubygems.org", "www.rubygems.org" ].include?(URI(source).host) raise Dependabot::PrivateSourceTimedOut, source end # JFrog can serve a 403 if the credentials provided are good but # don't have access to a particular gem. raise unless error..include?("permitted to deploy") raise unless jfrog_source raise Dependabot::PrivateSourceAuthenticationFailure, jfrog_source else raise end end |
#in_a_native_bundler_context(error_handling: true, &_blk) ⇒ Object
83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 83 def in_a_native_bundler_context(error_handling: true, &_blk) SharedHelpers .in_a_temporary_repo_directory(base_directory, repo_contents_path) do |tmp_dir| write_temporary_dependency_files yield(tmp_dir.to_s) end rescue SharedHelpers::HelperSubprocessFailed => e retry_count ||= 0 retry_count += 1 sleep(rand(1.0..5.0)) && retry if retryable_error?(e) && retry_count <= 2 error_handling ? handle_bundler_errors(e) : raise end |
#inaccessible_git_dependencies ⇒ Object
248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 248 def inaccessible_git_dependencies in_a_native_bundler_context(error_handling: false) do |tmp_dir| git_specs = NativeHelpers.run_bundler_subprocess( bundler_version: bundler_version, function: "git_specs", options: , args: { dir: tmp_dir, gemfile_name: T.must(gemfile).name, credentials: credentials } ) git_specs.reject do |spec| uri = URI.parse(spec.fetch("auth_uri")) next false unless uri.scheme&.match?(/https?/o) Dependabot::RegistryClient.get( url: uri.to_s, headers: { "Accept-Encoding" => "gzip" } ).status == 200 rescue Excon::Error::Socket, Excon::Error::Timeout false end end end |
#jfrog_source ⇒ Object
275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 275 def jfrog_source @jfrog_source = T.let(@jfrog_source, T.nilable(String)) if @jfrog_source.nil? return @jfrog_source unless @jfrog_source.nil? @jfrog_source = in_a_native_bundler_context(error_handling: false) do |dir| NativeHelpers.run_bundler_subprocess( bundler_version: bundler_version, function: "jfrog_source", options: , args: { dir: dir, gemfile_name: T.must(gemfile).name, credentials: credentials } ) end end |
#lockfile ⇒ Object
318 319 320 321 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 318 def lockfile dependency_files.find { |f| f.name == "Gemfile.lock" } || dependency_files.find { |f| f.name == "gems.locked" } end |
#options ⇒ Object
28 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 28 def ; end |
#private_registry_credentials ⇒ Object
306 307 308 309 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 306 def private_registry_credentials credentials .select { |cred| cred["type"] == "rubygems_server" } end |
#private_registry_source ⇒ Object
243 244 245 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 243 def private_registry_source private_registry_credentials.filter_map { |cred| cred["host"] }.first end |
#registry_metadata_error(error) ⇒ Object
216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 216 def (error) match = error..match(REGISTRY_METADATA_ERROR_REGEX) return nil unless match source = private_registry_source return nil unless source # Bundler's original message identifies which gem/version the registry # served unparseable metadata for, and why (e.g. the illformed # requirement string). The structured job error only records the source # host, so log the full message here to keep the offending gem # diagnosable from the updater logs. Dependabot.logger.error( "Registry #{source} returned unparseable compact-index metadata for " \ "#{match[:gem]} (#{match[:version]}); raising PrivateSourceBadResponse. " \ "Original Bundler error: #{error..strip}" ) parse_detail = match[:detail].to_s.strip.gsub(/\s*\n\s*/, "; ") detail = "Invalid gem metadata returned for #{match[:gem]} (#{match[:version]}) " \ "by the source: #{source}" detail += " (#{parse_detail})" unless parse_detail.empty? Dependabot::PrivateSourceBadResponse.new(source, detail) end |
#repo_contents_path ⇒ Object
34 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 34 def repo_contents_path; end |
#retryable_error?(error) ⇒ Boolean
105 106 107 108 109 110 111 112 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 105 def retryable_error?(error) return true if error.error_class == "JSON::ParserError" return true if RETRYABLE_ERRORS.include?(error.error_class) return false unless RETRYABLE_PRIVATE_REGISTRY_ERRORS.include?(error.error_class) private_registry_credentials.any? end |
#write_temporary_dependency_files ⇒ Object
294 295 296 297 298 299 300 301 302 303 |
# File 'lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb', line 294 def write_temporary_dependency_files dependency_files.each do |file| path = file.name FileUtils.mkdir_p(Pathname.new(path).dirname) File.write(path, file.content) end lockfile_obj = lockfile File.write(lockfile_obj.name, lockfile_obj.content) if lockfile_obj end |