Bump Hex Elixir to 1.15

hex/Dockerfile

@@ -15,8 +15,8 @@ RUN apt-get update \
 
 # Install Elixir
 # https://github.com/elixir-lang/elixir/releases
-ARG ELIXIR_VERSION=v1.14.5
-ARG ELIXIR_CHECKSUM=f3b35d9fa61da7e93c9979cb8a08f64a9ce7074aeda66fae994f2a4ea2e4f82e
+ARG ELIXIR_VERSION=v1.15.8
+ARG ELIXIR_CHECKSUM=62d33c51417191e027c9b6f0c46e11daeb236a7dda6f0746ec4dd53263531092
 RUN curl -sSLfO https://github.com/elixir-lang/elixir/releases/download/${ELIXIR_VERSION}/elixir-otp-${ERLANG_MAJOR_VERSION}.zip \
   && echo "$ELIXIR_CHECKSUM  elixir-otp-${ERLANG_MAJOR_VERSION}.zip" | sha256sum -c - \
   && unzip -d /usr/local/elixir -x elixir-otp-${ERLANG_MAJOR_VERSION}.zip \

hex/helpers/lib/check_update.exs

@@ -1,5 +1,8 @@
 defmodule UpdateChecker do
   def run(dependency_name) do
+    # This is necessary because we can't specify :extra_applications to have :hex in other mixfiles.
+    Mix.ensure_application!(:hex)
+
     # Update the lockfile in a session that we can time out
     task = Task.async(fn -> do_resolution(dependency_name) end)
 
@@ -45,24 +48,28 @@ end
 
 [dependency_name] = System.argv()
 
-case UpdateChecker.run(dependency_name) do
-  {:ok, version} ->
-    version = :erlang.term_to_binary({:ok, version})
-    IO.write(:stdio, version)
+result =
+  case UpdateChecker.run(dependency_name) do
+    {:ok, version} ->
+      {:ok, version}
+
+    {:error, %Version.InvalidRequirementError{} = error}  ->
+      {:error, "Invalid requirement: #{error.requirement}"}
 
-  {:error, %Version.InvalidRequirementError{} = error}  ->
-    result = :erlang.term_to_binary({:error, "Invalid requirement: #{error.requirement}"})
-    IO.write(:stdio, result)
+    {:error, %Mix.Error{} = error} ->
+      {:error, "Dependency resolution failed: #{error.message}"}
 
-  {:error, %Mix.Error{} = error} ->
-    result = :erlang.term_to_binary({:error, "Dependency resolution failed: #{error.message}"})
-    IO.write(:stdio, result)
+    {:error, :dependency_resolution_timed_out} ->
+      # We do nothing here because Hex is already printing out a message in stdout
+      nil
 
-  {:error, :dependency_resolution_timed_out} ->
-    # We do nothing here because Hex is already printing out a message in stdout
-    nil
+    {:error, error} ->
+      {:error, "Unknown error in check_update: #{inspect(error)}"}
+  end
 
-  {:error, error} ->
-    result = :erlang.term_to_binary({:error, "Unknown error in check_update: #{inspect(error)}"})
-    IO.write(:stdio, result)
+if not is_nil(result) do
+  result
+  |> :erlang.term_to_binary()
+  |> Base.encode64()
+  |> IO.write()
 end

hex/helpers/lib/do_update.exs

@@ -1,3 +1,6 @@
+# This is necessary because we can't specify :extra_applications to have :hex in other mixfiles.
+Mix.ensure_application!(:hex)
+
 dependency =
   System.argv()
   |> List.first()
@@ -23,9 +26,8 @@ System.cmd(
   ]
 )
 
-lockfile_content =
-  "mix.lock"
-  |> File.read()
-  |> :erlang.term_to_binary()
-
-IO.write(:stdio, lockfile_content)
+"mix.lock"
+|> File.read()
+|> :erlang.term_to_binary()
+|> Base.encode64()
+|> IO.write()

hex/helpers/lib/parse_deps.exs

@@ -1,5 +1,8 @@
 defmodule Parser do
   def run do
+    # This is necessary because we can't specify :extra_applications to have :hex in other mixfiles.
+    Mix.ensure_application!(:hex)
+
     Mix.Dep.load_on_environment([])
     |> Enum.flat_map(&parse_dep/1)
     |> Enum.map(&build_dependency(&1.opts[:lock], &1))
@@ -82,7 +85,7 @@ defmodule Parser do
     |> empty_str_to_nil()
   end
 
-  defp maybe_regex_to_str(s), do: if Regex.regex?(s), do: Regex.source(s), else: s
+  defp maybe_regex_to_str(s), do: if(Regex.regex?(s), do: Regex.source(s), else: s)
   defp empty_str_to_nil(""), do: nil
   defp empty_str_to_nil(s), do: s
 
@@ -99,6 +102,7 @@ defmodule Parser do
   end
 end
 
-dependencies = :erlang.term_to_binary({:ok, Parser.run()})
-
-IO.write(:stdio, dependencies)
+{:ok, Parser.run()}
+|> :erlang.term_to_binary()
+|> Base.encode64()
+|> IO.write()

hex/helpers/lib/run.exs

@@ -5,13 +5,15 @@ defmodule DependencyHelper do
     |> run()
     |> case do
       {output, 0} ->
+        output = Base.decode64!(output)
         if output =~ "No authenticated organization found" do
           {:error, output}
         else
           {:ok, :erlang.binary_to_term(output)}
         end
 
       {error, 1} ->
+        Base.decode64!(error)
         {:error, error}
     end
     |> handle_result()

hex/helpers/mix.exs

@@ -12,7 +12,7 @@ defmodule DependabotCore.Mixfile do
   end
 
   def application do
-    [extra_applications: [:logger]]
+    [extra_applications: [:hex, :logger, :ssh]]
   end
 
   defp deps() do

hex/spec/dependabot/hex/file_parser_spec.rb

@@ -476,7 +476,7 @@
       it "returns the correct language" do
         expect(language.name).to eq "elixir"
         expect(language.requirement).to be_nil
-        expect(language.version.to_s).to eq "1.14.5"
+        expect(language.version.to_s).to eq "1.15.8"
       end
     end
   end

hex/spec/fixtures/mixfiles/deps_warning

@@ -7,14 +7,18 @@ defmodule DependabotTest.Mixfile do
       version: "0.1.0",
       elixir: "~> 1.5",
       start_permanent: Mix.env == :prod,
-      deps: deps
+      deps: deps()
     ]
   end
 
   def application do
     [extra_applications: [:logger]]
   end
 
+  defp test do
+    nil
+  end
+
   defp deps do
     [
       {:plug, "~> 1.3.0"},