Skip to content

Commit

Permalink
Skip parsing replaced dependencies
Browse files Browse the repository at this point in the history
We previously prevented updating replaced dependencies by treating them
as indirect dependencies which we didn't support updating. Now that
indirect updates are supported we still don't want to update replaced
dependencies till we can properly support them.
  • Loading branch information
mctofu committed Dec 27, 2022
1 parent 3727e08 commit bdb3ae3
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 13 deletions.
5 changes: 4 additions & 1 deletion go_modules/lib/dependabot/go_modules/file_parser.rb
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ def dependency_from_details(details)
Dependency.new(
name: details["Path"],
version: version,
requirements: details["Indirect"] || dependency_is_replaced(details) ? [] : reqs,
requirements: details["Indirect"] ? [] : reqs,
package_manager: "go_modules"
)
end
Expand Down Expand Up @@ -155,6 +155,9 @@ def git_revision(dep)
end

def skip_dependency?(dep)
# Updating replaced dependencies is not supported
return true if dependency_is_replaced(dep)

path_uri = URI.parse("https://#{dep['Path']}")
!path_uri.host.include?(".")
rescue URI::InvalidURIError
Expand Down
18 changes: 6 additions & 12 deletions go_modules/spec/dependabot/go_modules/file_parser_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@
describe "parse" do
subject(:dependencies) { parser.parse }

its(:length) { is_expected.to eq(5) }
its(:length) { is_expected.to eq(4) }

describe "top level dependencies" do
subject(:dependencies) do
Expand Down Expand Up @@ -135,7 +135,7 @@
parser.parse.reject(&:top_level?)
end

its(:length) { is_expected.to eq(3) }
its(:length) { is_expected.to eq(2) }

describe "a dependency that uses go modules" do
subject(:dependency) do
Expand All @@ -156,11 +156,8 @@
dependencies.find { |d| d.name == "rsc.io/qr" }
end

it "has the right details" do
expect(dependency).to be_a(Dependabot::Dependency)
expect(dependency.name).to eq("rsc.io/qr")
expect(dependency.version).to eq("0.1.0")
expect(dependency.requirements).to eq([])
it "is skipped as unsupported" do
expect(dependency).to be_nil
end
end

Expand Down Expand Up @@ -295,9 +292,8 @@
dependencies.find { |d| d.name == "rsc.io/qr" }
end

it "has the right details" do
expect(dependency).to be_a(Dependabot::Dependency)
expect(dependency.name).to eq("rsc.io/qr")
it "is skipped as unsupported" do
expect(dependency).to be_nil
end
end

Expand Down Expand Up @@ -346,7 +342,6 @@
it "parses root file" do
expect(dependencies.map(&:name)).
to eq(%w(
github.com/dependabot/vgotest/common
rsc.io/qr
))
end
Expand All @@ -358,7 +353,6 @@
it "parses nested file" do
expect(dependencies.map(&:name)).
to eq(%w(
github.com/dependabot/vgotest/common
rsc.io/qr
))
end
Expand Down

0 comments on commit bdb3ae3

Please sign in to comment.