### Install dependencies Source: https://github.com/dependabot/dependabot-core/blob/main/npm_and_yarn/helpers/README.md Install the necessary project dependencies. ```bash npm install ``` -------------------------------- ### Start Development Shell for Deno Source: https://github.com/dependabot/dependabot-core/blob/main/deno/README.md Use this command to start a development shell with Deno environment setup. This is necessary for running Deno-specific development tasks and tests locally. ```bash $ bin/docker-dev-shell deno ``` -------------------------------- ### Start Development Shell for vcpkg Source: https://github.com/dependabot/dependabot-core/blob/main/vcpkg/README.md Use this command to start a development shell with vcpkg environment configured. ```bash $ bin/docker-dev-shell vcpkg ``` -------------------------------- ### Install @babel/core Source: https://github.com/dependabot/dependabot-core/blob/main/bun/spec/fixtures/npm_responses/babel-core.html A concise command to install the @babel/core package using npm. ```bash npm i @babel/core ``` -------------------------------- ### Start Development Shell Source: https://github.com/dependabot/dependabot-core/blob/main/pre_commit/README.md Use this command to start a development shell with pre-commit support. ```bash $ bin/docker-dev-shell pre_commit ``` -------------------------------- ### Example of Using a Ruby Bundler File Fetcher Source: https://github.com/dependabot/dependabot-core/blob/main/common/lib/dependabot/file_fetchers/README.md This example demonstrates how to use the `Dependabot::FileFetchers::Ruby::Bundler` to fetch dependency files for a given repository. It checks for required files, raises an error if they are missing, and then prints the names of the fetched files and the commit SHA. ```ruby require 'octokit' require 'dependabot/file_fetchers' require 'dependabot/source' target_repo_name = 'dependabot/dependabot-core' source = Dependabot::Source.new(provider: 'github', repo: target_repo_name) client = Octokit::Client.new fetcher_class = Dependabot::FileFetchers::Ruby::Bundler filenames = client.contents(target_repo_name).map(&:name) unless fetcher_class.required_files_in?(filenames) raise fetcher_class.required_files_message end fetcher = fetcher_class.new(source: source, credentials: []) puts "Fetched #{fetcher.files.map(&:name)}, at commit SHA-1 '#{fetcher.commit}'" ``` -------------------------------- ### Start Nix development shell Source: https://github.com/dependabot/dependabot-core/blob/main/nix/README.md Initializes the local development environment for Nix. ```sh bin/docker-dev-shell nix ``` -------------------------------- ### Start Development Shell for SBT Source: https://github.com/dependabot/dependabot-core/blob/main/sbt/README.md Use this command to start a development shell with SBT environment configured. ```bash $ bin/docker-dev-shell sbt ``` -------------------------------- ### Frontend Manifest File Example Source: https://github.com/dependabot/dependabot-core/blob/main/silent/tests/testdata/vu-multidir-rebase.txt Illustrates the structure of a frontend manifest file, including multiple dependencies and their versions. ```json { "dependency-a": { "version": "1.2.3" }, "dependency-b": { "version": "1.2.3" } } ``` -------------------------------- ### Start Development Shell for Bundler Source: https://github.com/dependabot/dependabot-core/blob/main/bundler/README.md Use this command to start a development shell with Bundler support. ```bash $ bin/docker-dev-shell bundler ``` -------------------------------- ### Dependency Information Example Source: https://github.com/dependabot/dependabot-core/blob/main/silent/tests/testdata/su-err-not-vulnerable.txt Example JSON structure for dependency-a, listing its available versions. ```json { "versions": [ "1.2.3", "1.2.4" ] } ``` -------------------------------- ### Start Development Shell for NuGet Source: https://github.com/dependabot/dependabot-core/blob/main/nuget/README.md Use this command to start a development shell specifically configured for NuGet operations. ```bash $ bin/docker-dev-shell nuget ``` -------------------------------- ### Start Development Shell for OpenTofu Source: https://github.com/dependabot/dependabot-core/blob/main/opentofu/README.md Use this command to enter a development shell with OpenTofu dependencies pre-configured. ```bash $ bin/docker-dev-shell opentofu ``` -------------------------------- ### Start Development Shell for .NET SDK Source: https://github.com/dependabot/dependabot-core/blob/main/dotnet_sdk/README.md Use this command to enter a development shell with the .NET SDK environment configured. ```bash bin/docker-dev-shell dotnet-sdk ``` -------------------------------- ### SBT Project Structure Example Source: https://github.com/dependabot/dependabot-core/blob/main/sbt/spec/dependabot/sbt/fixtures/README.md Illustrates the typical directory structure for an sbt project, including build files and sub-projects. ```text fixtures/ ├── build.sbt ├── project/ │ ├── build.properties │ └── plugins.sbt └── projects/ ├── simple/ └── complex/ ``` -------------------------------- ### Start Dependabot Helm Development Shell Source: https://github.com/dependabot/dependabot-core/blob/main/helm/README.md Use this command to start a development shell for dependabot-helm. This is the first step for local development. ```bash $ bin/docker-dev-shell helm ``` -------------------------------- ### Manifest File Example (JSON) Source: https://github.com/dependabot/dependabot-core/blob/main/silent/tests/testdata/su-group-pattern-multidir.txt This JSON file represents a manifest for a package, specifying dependencies and their versions. ```json { "related-a": { "version": "1.2.3" }, "related-b": { "version": "2.3.4" }, "dependency-c": { "version": "2.3.4" } } ``` ```json { "related-a": { "version": "1.2.3" }, "related-b": { "version": "2.3.4" }, "dependency-d": { "version": "2.3.4" } } ``` -------------------------------- ### Start Development Shell for Maven Source: https://github.com/dependabot/dependabot-core/blob/main/maven/README.md Use this command to enter a development shell pre-configured for Maven tasks. ```bash $ bin/docker-dev-shell maven ``` -------------------------------- ### Start Development Shell for Composer Source: https://github.com/dependabot/dependabot-core/blob/main/composer/README.md Use this command to start a development shell specifically configured for Composer projects within the dependabot-core environment. ```bash $ bin/docker-dev-shell composer ``` -------------------------------- ### Start Development Shell for Bun Source: https://github.com/dependabot/dependabot-core/blob/main/bun/README.md Use this command to enter a development shell with Bun environment set up for Dependabot. ```bash $ bin/docker-dev-shell bun ``` -------------------------------- ### Start development shell for uv Source: https://github.com/dependabot/dependabot-core/blob/main/uv/README.md Initializes the development environment for the uv package. ```shell $ bin/docker-dev-shell uv ``` -------------------------------- ### Start Development Shell for Hex Source: https://github.com/dependabot/dependabot-core/blob/main/hex/README.md Use this command to start a development shell with Hex support enabled for dependabot-core. ```bash $ bin/docker-dev-shell hex ``` -------------------------------- ### Start Development Shell for Go Modules Source: https://github.com/dependabot/dependabot-core/blob/main/go_modules/README.md Use this command to enter a development shell pre-configured for Go modules support. ```bash $ bin/docker-dev-shell go_modules ``` -------------------------------- ### Start Development Shell for Swift Source: https://github.com/dependabot/dependabot-core/blob/main/swift/README.md Use this command to enter a development shell with Swift Package Manager support pre-configured. ```bash bin/docker-dev-shell swift ``` -------------------------------- ### Install @babel/core with yarn Source: https://github.com/dependabot/dependabot-core/blob/main/bun/spec/fixtures/npm_responses/babel-core.html Use this command to install @babel/core as a development dependency in your project using yarn. ```bash yarn add @babel/core --dev ``` -------------------------------- ### Start Development Shell for Bazel Source: https://github.com/dependabot/dependabot-core/blob/main/bazel/README.md Use this command to enter a development shell with Bazel environment configured. ```bash $ bin/docker-dev-shell bazel ``` -------------------------------- ### Install @babel/core with npm Source: https://github.com/dependabot/dependabot-core/blob/main/bun/spec/fixtures/npm_responses/babel-core.html Use this command to install @babel/core as a development dependency in your project using npm. ```bash npm install --save-dev @babel/core ``` -------------------------------- ### Start development shell for GitHub Actions Source: https://github.com/dependabot/dependabot-core/blob/main/github_actions/README.md Initializes the development environment specifically for the github_actions component. ```bash $ bin/docker-dev-shell github_actions ``` -------------------------------- ### Start development shell for Rust toolchain Source: https://github.com/dependabot/dependabot-core/blob/main/rust_toolchain/README.md Initializes the development environment specifically for the rust-toolchain component. ```bash $ bin/docker-dev-shell rust-toolchain ``` -------------------------------- ### Example Fixture Structure Source: https://github.com/dependabot/dependabot-core/blob/main/deno/spec/dependabot/deno/fixtures/README.md Illustrates the directory structure for organizing Deno test fixtures, including manifest files, lockfiles, and project subdirectories. ```tree fixtures/ ├── manifest.json ├── lockfile.lock └── projects/ ├── simple/ └── complex/ ``` -------------------------------- ### Start Development Shell for npm/Yarn Source: https://github.com/dependabot/dependabot-core/blob/main/npm_and_yarn/README.md Use this command to start a development shell specifically configured for npm and Yarn projects within the dependabot-core development environment. ```bash $ bin/docker-dev-shell npm_and_yarn ``` -------------------------------- ### Start Development Shell for Dart Pub Source: https://github.com/dependabot/dependabot-core/blob/main/pub/README.md Use this command to start a development shell with Dart pub support enabled for dependabot-core. ```bash $ bin/docker-dev-shell pub ``` -------------------------------- ### Start Development Shell Source: https://github.com/dependabot/dependabot-core/blob/main/conda/README.md Use this command to start a development shell for working with Conda support locally. ```bash bin/docker-dev-shell conda ``` -------------------------------- ### Dependabot CLI Output Examples Source: https://github.com/dependabot/dependabot-core/blob/main/silent/tests/testdata/su-err-not-supported.txt Standard output and error responses from the Dependabot CLI. ```text stderr dependency_file_not_supported ``` ```json '{"data":{"error-type":"dependency_file_not_supported","error-details":{"dependency-name":"dependency-a"}},"type":"record_update_job_error"}' ``` ```text ! stdout create_pull_request ``` -------------------------------- ### Start Development Shell for Gradle Source: https://github.com/dependabot/dependabot-core/blob/main/gradle/README.md Use this command to enter a development shell pre-configured for Gradle tasks within the dependabot-core project. ```bash $ bin/docker-dev-shell gradle ``` -------------------------------- ### Start development shell for Dev Containers Source: https://github.com/dependabot/dependabot-core/blob/main/devcontainers/README.md Initializes the development environment for the devcontainers component. ```bash $ bin/docker-dev-shell devcontainers ``` -------------------------------- ### Frontend Manifest Configuration Source: https://github.com/dependabot/dependabot-core/blob/main/silent/tests/testdata/vu-multi-ecosystem-multidir-update-types.txt Example JSON structure for frontend dependencies in manifest.json. Ensure versions are correctly formatted. ```json { "dependency-a": { "version": "1.2.3" }, "dependency-b": { "version": "2.0.0" }, "dependency-c": { "version": "3.0.0" } } ``` -------------------------------- ### Backend Manifest Configuration Source: https://github.com/dependabot/dependabot-core/blob/main/silent/tests/testdata/vu-multi-ecosystem-multidir-update-types.txt Example JSON structure for backend dependencies in manifest.json. This demonstrates a different set of dependencies than the frontend. ```json { "dependency-b": { "version": "2.0.0" }, "dependency-d": { "version": "4.0.0" } } ``` -------------------------------- ### Start Development Shell for Docker Source: https://github.com/dependabot/dependabot-core/blob/main/docker/README.md Use this command to enter a development shell with the necessary environment for working with Dependabot's Docker support. ```bash $ bin/docker-dev-shell docker ``` -------------------------------- ### Start Development Shell for Git Submodules Source: https://github.com/dependabot/dependabot-core/blob/main/git_submodules/README.md Use this command to enter a development shell pre-configured for Git Submodules. ```bash $ bin/docker-dev-shell git_submodules ``` -------------------------------- ### Start Dependabot Cargo development shell Source: https://github.com/dependabot/dependabot-core/blob/main/cargo/README.md Initializes the Docker development environment specifically for the Cargo ecosystem. ```bash $ bin/docker-dev-shell cargo ``` -------------------------------- ### Start Dependabot Terraform Development Shell Source: https://github.com/dependabot/dependabot-core/blob/main/terraform/README.md Use this command to enter a pre-configured Docker development environment for Dependabot Terraform. Ensure you are in the project root. ```bash $ bin/docker-dev-shell terraform ``` -------------------------------- ### Run SBT Tests Locally Source: https://github.com/dependabot/dependabot-core/blob/main/sbt/README.md Navigate to the sbt directory and run RSpec tests to verify local setup. ```bash [dependabot-core-dev] ~ $ cd sbt && rspec ``` -------------------------------- ### Start Docker Dev Shell for Updater Source: https://github.com/dependabot/dependabot-core/blob/main/updater/README.md Use this command to enter the Docker development environment for the updater component. It maps 'updater' to the 'bundler' ecosystem image. ```zsh #!/bin/zsh ➜ bin/docker-dev-shell updater # the docker-dev-shell internally maps 'updater' to the 'bundler' ecosystem image [dependabot-core-dev] ~ $ cd dependabot_updater/ [dependabot-core-dev] ~/dependabot_updater $ bundle ``` -------------------------------- ### Supported Environment.yml Example Source: https://github.com/dependabot/dependabot-core/blob/main/conda/README.md This YAML configuration demonstrates a supported environment file structure for Dependabot-Conda, including package names and simple version specifications. ```yaml name: myenv channels: - conda-forge - defaults dependencies: - python=3.11 - numpy>=1.24.0 - r-base>=4.0 - pip: - requests>=2.28.0 ``` -------------------------------- ### Dependabot Create Pull Request Output Source: https://github.com/dependabot/dependabot-core/blob/main/silent/tests/testdata/su-err-not-vulnerable.txt Example of stdout indicating that a pull request creation job has started. ```text stdout create_pull_request ``` -------------------------------- ### Another Dependency Information Example Source: https://github.com/dependabot/dependabot-core/blob/main/silent/tests/testdata/su-err-not-vulnerable.txt Example JSON structure for dependency-b, listing its available versions. ```json { "versions": [ "2.3.4", "2.3.5" ] } ``` -------------------------------- ### Bundler Dependency Graph Hash Example Source: https://github.com/dependabot/dependabot-core/blob/main/common/lib/dependabot/dependency_graphers/README.md An example of the informational hash structure returned by .resolved_dependencies for a Bundler project. ```ruby "addressable": { "package_url": "pkg:gem/addressable@2.8.6", "relationship": "indirect", "scope": "runtime", "dependencies": [], "metadata": {} }, "ast": { "package_url": "pkg:gem/ast@2.4.2", "relationship": "indirect", "scope": "runtime", "dependencies": [], "metadata": {} }, "aws-eventstream": { "package_url": "pkg:gem/aws-eventstream@1.3.0", "relationship": "indirect", "scope": "runtime", "dependencies": [], "metadata": {} } ``` -------------------------------- ### Manifest and Expected Output Files Source: https://github.com/dependabot/dependabot-core/blob/main/silent/tests/testdata/vu-glob.txt Sample JSON files representing dependency states before and after updates. ```json -- manifest.json -- { "dependency-a": { "version": "1.2.3" } } ``` ```json -- expected-0.json -- { "dependency-a": { "version": "1.2.5" } } ``` ```json -- frontend/manifest.json -- { "dependency-a": { "version": "1.2.3" }, "dependency-b": { "version": "1.2.3" } } ``` ```json -- frontend/expected-1.json -- { "dependency-a": { "version": "1.2.5" }, "dependency-b": { "version": "1.2.3" } } ``` ```json -- frontend/expected-2.json -- { "dependency-a": { "version": "1.2.3" }, "dependency-b": { "version": "1.2.5" } } ``` ```json -- backend/manifest.json -- { "dependency-a": { "version": "1.2.3" } } ``` ```json -- backend/expected-3.json -- { "dependency-a": { "version": "1.2.5" } } ``` -------------------------------- ### Install Omnibus and Updater Dependencies Source: https://github.com/dependabot/dependabot-core/blob/main/NEW_ECOSYSTEMS.md After running the infrastructure update task, navigate to the respective directories and run bundle install to update gem dependencies for Omnibus and the Updater. ```bash cd omnibus && bundle install cd ../updater && bundle install ``` -------------------------------- ### Require explicit marking for raw SQL fragments in relation queries Source: https://github.com/dependabot/dependabot-core/blob/main/common/spec/fixtures/changelogs/rails52.md This snippet illustrates the change in how raw SQL fragments are handled in relation query methods. The 'before' example shows direct string usage, while the 'after' example demonstrates using `Arel.sql` for explicit marking to prevent SQL injection. A safe string example is also included. ```ruby Article.order("LENGTH(title)") ``` ```ruby Article.order(Arel.sql("LENGTH(title)")) ``` ```ruby Article.order("title DESC") ``` -------------------------------- ### Start Development Shell for Python Source: https://github.com/dependabot/dependabot-core/blob/main/python/README.md Use this command to enter a development shell with Python support configured. This is the first step for running local tests or making changes to the Python dependency management logic. ```shell bin/docker-dev-shell python ``` -------------------------------- ### Dependabot Error Output Example Source: https://github.com/dependabot/dependabot-core/blob/main/silent/tests/testdata/su-err-pr-exists-latest.txt Example of Dependabot's standard error output when a pull request already exists for the latest version of a dependency. This indicates that no new update job will be created. ```json {"data":{"error-type":"pull_request_exists_for_latest_version","error-details":{"dependency-name":"dependency-a","dependency-version":"1.2.5"}},"type":"record_update_job_error"} ``` -------------------------------- ### Ruby Debugger Session Example Source: https://github.com/dependabot/dependabot-core/blob/main/README.md This is an example of what a Ruby debugger session looks like after hitting a `debugger` statement. It shows the current execution context, call stack, and prompt for debugger commands. ```ruby [11, 20] in ~/go_modules/lib/dependabot/go_modules/update_checker.rb 11| module GoModules 12| class UpdateChecker < Dependabot::UpdateCheckers::Base 13| require_relative "update_checker/latest_version_finder" 14| 15| def latest_resolvable_version => 16| debugger 17| latest_version_finder.latest_version 18| end 19| 20| # This is currently used to short-circuit latest_resolvable_version, =>#0 Dependabot::GoModules::UpdateChecker#latest_resolvable_version at ~/go_modules/lib/dependabot/go_modules/update_checker.rb:16 #1 Dependabot::GoModules::UpdateChecker#latest_version at ~/go_modules/lib/dependabot/go_modules/update_checker.rb:24 # and 9 frames (use `bt' command for all frames) (rdbg) ``` -------------------------------- ### Fix db:setup and db:test:prepare for ar_internal_metadata Source: https://github.com/dependabot/dependabot-core/blob/main/common/spec/fixtures/changelogs/rails52.md Corrects the data written to `ar_internal_metadata` by `bin/rails db:setup` and `bin/rails db:test:prepare` for test databases. Ensures the environment key is set to 'test' instead of 'development'. ```bash $ RAILS_ENV=test rails dbconsole > SELECT * FROM ar_internal_metadata; key|value|created_at|updated_at environment|development|2017-09-11 23:14:10.815679|2017-09-11 23:14:10.815679 ``` ```bash $ RAILS_ENV=test rails dbconsole > SELECT * FROM ar_internal_metadata; key|value|created_at|updated_at environment|test|2017-09-11 23:14:10.815679|2017-09-11 23:14:10.815679 ``` -------------------------------- ### Non-JSON Manifest File Source: https://github.com/dependabot/dependabot-core/blob/main/silent/tests/testdata/err-parsing.txt Example of a file that is expected to be JSON but is not. ```text This isn't JSON ``` -------------------------------- ### Dependency Version Data Source: https://github.com/dependabot/dependabot-core/blob/main/silent/tests/testdata/err-parsing.txt Example structure for dependency version information. ```json { "versions": [ "1.2.3", "1.2.4", "1.2.5" ] } ``` -------------------------------- ### Using Ruby Metadata Finder for Bundler Dependencies Source: https://github.com/dependabot/dependabot-core/blob/main/common/lib/dependabot/metadata_finders/README.md Demonstrates how to instantiate and use a metadata finder for Ruby Bundler dependencies to retrieve changelog information. Ensure you have the dependency and credentials objects available. ```ruby require 'dependabot/metadata_finders' dependency = update_checker.updated_dependency metadata_finder_class = Dependabot::MetadataFinders::Ruby::Bundler metadata_finder = metadata_finder_class.new( dependency: dependency, credentials: credentials ) puts "Changelog for #{dependency.name} is at #{metadata_finder.changelog_url}" ``` -------------------------------- ### Dependabot Error Output Source: https://github.com/dependabot/dependabot-core/blob/main/silent/tests/testdata/err-parsing.txt Example of stderr and stdout output when a dependency file is not parseable. ```bash stderr 'dependency_file_not_parseable' ``` ```json stdout '{"data":{"error-type":"dependency_file_not_parseable","error-details":{"file-path":"/manifest.json","message":"/manifest.json not parseable"}},"type":"record_update_job_error"}' ``` -------------------------------- ### Spin-up Dependabot Development Container Source: https://github.com/dependabot/dependabot-core/blob/main/README.md Use this command to start the development container, rebuilding the specified ecosystem image if necessary. The `--rebuild` flag ensures the latest changes are incorporated. ```shell $ bin/docker-dev-shell go_modules --rebuild ``` -------------------------------- ### Define Manifest and Dependency Files Source: https://github.com/dependabot/dependabot-core/blob/main/silent/tests/testdata/su-err-dependency-not-found.txt JSON configuration files for defining project dependencies and available versions. ```json -- manifest.json -- { "dependency-a": { "version": "1.2.3" } } ``` ```json -- dependency-a -- { "versions": [ "1.2.3" ] } ``` -------------------------------- ### Build Dependabot Updater Ecosystem Image (Go Modules) Source: https://github.com/dependabot/dependabot-core/blob/main/README.md Pull the pre-built ecosystem image or build it using the provided script. The script-based build is recommended for ARM. ```shell $ docker pull ghcr.io/dependabot/dependabot-updater-gomod # OR $ script/build go_modules # recommended on ARM ``` -------------------------------- ### Start Dependabot Elm development shell Source: https://github.com/dependabot/dependabot-core/blob/main/elm/README.md Initializes the Docker development environment specifically for the Elm module. ```bash $ bin/docker-dev-shell elm ``` -------------------------------- ### Define manifest and dependency files Source: https://github.com/dependabot/dependabot-core/blob/main/silent/tests/testdata/vs-close-up-to-date.txt JSON configuration for project manifests and available dependency versions. ```json -- manifest.json -- { "dependency-a": { "version": "1.2.5" } } ``` ```json -- dependency-a -- { "versions": [ "1.2.3", "1.2.4", "1.2.5" ] } ``` -------------------------------- ### Manifest and expected output files Source: https://github.com/dependabot/dependabot-core/blob/main/silent/tests/testdata/vu-group-multidir-rebase.txt JSON files defining dependency versions for different directories and their expected states after an update. ```json -- foo/manifest.json -- { "dependency-a": { "version": "1.2.3" }, "dependency-b": { "version": "1.2.3" } } ``` ```json -- bar/manifest.json -- { "dependency-b": { "version": "1.2.4" }, "dependency-c": { "version": "1.2.3" } } ``` ```json -- foo/expected.json -- { "dependency-a": { "version": "1.2.5" }, "dependency-b": { "version": "1.2.5" } } ``` ```json -- bar/expected.json -- { "dependency-b": { "version": "1.2.5" }, "dependency-c": { "version": "1.2.5" } } ``` -------------------------------- ### Dependabot Update Job Error Output Source: https://github.com/dependabot/dependabot-core/blob/main/silent/tests/testdata/su-err-not-vulnerable.txt Example of stderr and stdout output when a security update is not needed for a dependency. ```text stderr security_update_not_needed stdout {"data":{"error-type":"security_update_not_needed","error-details":{"dependency-name":"dependency-a"}},"type":"record_update_job_error"} ``` -------------------------------- ### Instantiate and Use a Ruby Update Checker Source: https://github.com/dependabot/dependabot-core/blob/main/common/lib/dependabot/update_checkers/README.md Demonstrates how to instantiate and use a specific language's update checker (Ruby Bundler in this case) to check if a dependency needs updating. Requires dependency files and credentials. ```ruby require 'dependabot/update_checkers' dependency = dependencies.first update_checker_class = Dependabot::UpdateCheckers::Ruby::Bundler update_checker = update_checker_class.new( dependency: dependency, dependency_files: files, credentials: [{ "type" => "git_source", "host" => "github.com", "username" => "x-access-token", "password" => "token" }] ) puts "Update needed for #{dependency.name}? "\ "#{update_checker.can_update?(requirements_to_update: :own)}" ``` -------------------------------- ### Parse Project Dependencies with Ruby Source: https://github.com/dependabot/dependabot-core/blob/main/common/lib/dependabot/file_parsers/README.md Example of how to use a file parser to extract dependencies for a project. Ensure you have fetched the necessary dependency files and initialized the parser with the correct source. ```ruby require 'dependabot/file_parsers' files = fetcher.files parser_class = Dependabot::FileParsers::Ruby::Bundler source = Dependabot::Source.new(provider: 'github', repo: "gocardless/business") parser = parser_class.new(dependency_files: files, source: source) dependencies = parser.parse puts "Found the following dependencies: #{dependencies.map(&:name)}" ``` -------------------------------- ### Get and Check Parser Support Source: https://github.com/dependabot/dependabot-core/blob/main/pre_commit/README.md Retrieve a language-specific parser class or check if a language is supported by the AdditionalDependencyParsers registry. ```ruby # Get parser for a language parser_class = AdditionalDependencyParsers.for_language("python") # Check if a language is supported AdditionalDependencyParsers.supported?("python") # => true # List all supported languages AdditionalDependencyParsers.supported_languages # => ["python", "node", ...] ```