dependabot-bundler 0.113.5 → 0.113.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/bundler/file_updater/lockfile_updater.rb +10 -3
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 5bc537f68ecb48a8d31acbeb8235c450e3009e2bcf61f14858b92ba891ddd3ce
|
|
4
|
+
data.tar.gz: 61b4d994eb21fe223208bbae141daa7cecff5d3079d33416ebacc2de454ee54e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9b99e38ee8ff5ff54597de917725bc9d580558e8abd36e62c5707cd86fee1cf465aa89b17189f4a54d26c454843f328f0918e4aeec01756ca2b546da9ceb4261
|
|
7
|
+
data.tar.gz: a23c3d3a703bc0e0d2144a338f8a707d79c683d105287c2537cc2baa20e6bb83f87d4b919e5ce00c86df313919d9142f2627c0dcbac872578d77e98674e71067
|
|
@@ -172,6 +172,8 @@ module Dependabot
|
|
|
172
172
|
map(&:name).map(&:to_s)
|
|
173
173
|
allowed_new_unlocks = all_deps - top_level - dependencies_to_unlock
|
|
174
174
|
|
|
175
|
+
raise if allowed_new_unlocks.none?
|
|
176
|
+
|
|
175
177
|
# Unlock any sub-dependencies that Bundler reports caused the
|
|
176
178
|
# conflict
|
|
177
179
|
potentials_deps =
|
|
@@ -181,10 +183,15 @@ module Dependabot
|
|
|
181
183
|
tree.find { |req| allowed_new_unlocks.include?(req.name) }
|
|
182
184
|
end.compact.map(&:name)
|
|
183
185
|
|
|
184
|
-
# If there
|
|
185
|
-
|
|
186
|
+
# If there are specific dependencies we can unlock, unlock them
|
|
187
|
+
if potentials_deps.any?
|
|
188
|
+
return dependencies_to_unlock.append(*potentials_deps)
|
|
189
|
+
end
|
|
186
190
|
|
|
187
|
-
|
|
191
|
+
# Fall back to unlocking *all* sub-dependencies. This is required
|
|
192
|
+
# because Bundler's VersionConflict objects don't include enough
|
|
193
|
+
# information to chart the full path through all conflicts unwound
|
|
194
|
+
dependencies_to_unlock.append(*allowed_new_unlocks)
|
|
188
195
|
end
|
|
189
196
|
|
|
190
197
|
def build_definition(dependencies_to_unlock)
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-bundler
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.113.
|
|
4
|
+
version: 0.113.6
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.113.
|
|
19
|
+
version: 0.113.6
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.113.
|
|
26
|
+
version: 0.113.6
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -58,14 +58,14 @@ dependencies:
|
|
|
58
58
|
requirements:
|
|
59
59
|
- - "~>"
|
|
60
60
|
- !ruby/object:Gem::Version
|
|
61
|
-
version: '
|
|
61
|
+
version: '13'
|
|
62
62
|
type: :development
|
|
63
63
|
prerelease: false
|
|
64
64
|
version_requirements: !ruby/object:Gem::Requirement
|
|
65
65
|
requirements:
|
|
66
66
|
- - "~>"
|
|
67
67
|
- !ruby/object:Gem::Version
|
|
68
|
-
version: '
|
|
68
|
+
version: '13'
|
|
69
69
|
- !ruby/object:Gem::Dependency
|
|
70
70
|
name: rspec
|
|
71
71
|
requirement: !ruby/object:Gem::Requirement
|