dependabot-bundler 0.119.2 → 0.120.0
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: bbdc15bf5ce1f5c5640a479441b79e14f538801cc9f77f4b3cbdbafd0ac6597a
|
|
4
|
+
data.tar.gz: fa7412a8c943b7ae2a22bb7e58d12e58318fafeb58d0b923c2923fdcf504179a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f20ee639537da20840eced82883ef34a931929006c4354837832129eee4011e32157f6ed9806e9c2df13b5602719468a41fb6baeb447fd1a974da96c9a272420
|
|
7
|
+
data.tar.gz: 3bea303d985d3cc6fe14976ddf3750c66e6a25617a213194bd58a9e6a8ce9418407dd6b5667114554664ec70ff40b0e8f1f0d8a7a5dde6969995aa8c83f0ea9c
|
|
@@ -20,6 +20,7 @@ module Dependabot
|
|
|
20
20
|
]
|
|
21
21
|
end
|
|
22
22
|
|
|
23
|
+
# rubocop:disable Metrics/PerceivedComplexity
|
|
23
24
|
def updated_dependency_files
|
|
24
25
|
updated_files = []
|
|
25
26
|
|
|
@@ -59,6 +60,7 @@ module Dependabot
|
|
|
59
60
|
|
|
60
61
|
updated_files
|
|
61
62
|
end
|
|
63
|
+
# rubocop:enable Metrics/PerceivedComplexity
|
|
62
64
|
|
|
63
65
|
private
|
|
64
66
|
|
|
@@ -168,7 +168,7 @@ module Dependabot
|
|
|
168
168
|
# Dependencies that have been unlocked for the update (including
|
|
169
169
|
# sub-dependencies)
|
|
170
170
|
unlocked_gems = definition.instance_variable_get(:@unlock).
|
|
171
|
-
fetch(:gems)
|
|
171
|
+
fetch(:gems).reject { |gem| __keep_on_prune?(gem) }
|
|
172
172
|
bundler_opts = {
|
|
173
173
|
cache_all: true,
|
|
174
174
|
cache_all_platforms: true,
|
|
@@ -188,6 +188,15 @@ module Dependabot
|
|
|
188
188
|
end
|
|
189
189
|
end
|
|
190
190
|
|
|
191
|
+
# This is not officially supported and may be removed without notice.
|
|
192
|
+
def __keep_on_prune?(spec_name)
|
|
193
|
+
unless (specs = ::Bundler.settings[:persistent_gems_after_clean])
|
|
194
|
+
return false
|
|
195
|
+
end
|
|
196
|
+
|
|
197
|
+
specs.include?(spec_name)
|
|
198
|
+
end
|
|
199
|
+
|
|
191
200
|
# Copied from Bundler::Runtime: Modified to only prune gems that have
|
|
192
201
|
# been unlocked
|
|
193
202
|
def prune_gem_cache(resolve, cache_path, unlocked_gems)
|
|
@@ -240,6 +249,7 @@ module Dependabot
|
|
|
240
249
|
dependencies_to_unlock << gem_name
|
|
241
250
|
end
|
|
242
251
|
|
|
252
|
+
# rubocop:disable Metrics/PerceivedComplexity
|
|
243
253
|
def unlock_blocking_subdeps(dependencies_to_unlock, error)
|
|
244
254
|
all_deps = ::Bundler::LockfileParser.new(sanitized_lockfile_body).
|
|
245
255
|
specs.map(&:name).map(&:to_s)
|
|
@@ -268,6 +278,7 @@ module Dependabot
|
|
|
268
278
|
# information to chart the full path through all conflicts unwound
|
|
269
279
|
dependencies_to_unlock.append(*allowed_new_unlocks)
|
|
270
280
|
end
|
|
281
|
+
# rubocop:enable Metrics/PerceivedComplexity
|
|
271
282
|
|
|
272
283
|
def build_definition(dependencies_to_unlock)
|
|
273
284
|
defn = ::Bundler::Definition.build(
|
|
@@ -407,6 +418,7 @@ module Dependabot
|
|
|
407
418
|
rewrite(gemspec_content)
|
|
408
419
|
end
|
|
409
420
|
|
|
421
|
+
# rubocop:disable Metrics/PerceivedComplexity
|
|
410
422
|
def replacement_version_for_gemspec(gemspec_content)
|
|
411
423
|
return "0.0.1" unless lockfile
|
|
412
424
|
|
|
@@ -423,6 +435,7 @@ module Dependabot
|
|
|
423
435
|
spec = gemspec_specs.find { |s| s.name == gem_name }
|
|
424
436
|
spec&.version || gemspec_specs.first&.version || "0.0.1"
|
|
425
437
|
end
|
|
438
|
+
# rubocop:enable Metrics/PerceivedComplexity
|
|
426
439
|
|
|
427
440
|
def relevant_credentials
|
|
428
441
|
credentials.
|
|
@@ -214,6 +214,7 @@ module Dependabot
|
|
|
214
214
|
lower_bound_req + ", <= #{latest_allowable_version}"
|
|
215
215
|
end
|
|
216
216
|
|
|
217
|
+
# rubocop:disable Metrics/PerceivedComplexity
|
|
217
218
|
def updated_version_req_lower_bound(filename)
|
|
218
219
|
original_req = dependency.requirements.
|
|
219
220
|
find { |r| r.fetch(:file) == filename }&.
|
|
@@ -234,6 +235,7 @@ module Dependabot
|
|
|
234
235
|
">= #{version_for_requirement || 0}"
|
|
235
236
|
end
|
|
236
237
|
end
|
|
238
|
+
# rubocop:enable Metrics/PerceivedComplexity
|
|
237
239
|
|
|
238
240
|
def remove_git_source(content)
|
|
239
241
|
FileUpdater::GitSourceRemover.new(
|
|
@@ -261,6 +263,7 @@ module Dependabot
|
|
|
261
263
|
@lock_ruby_version && file == gemfile
|
|
262
264
|
end
|
|
263
265
|
|
|
266
|
+
# rubocop:disable Metrics/PerceivedComplexity
|
|
264
267
|
def replacement_version_for_gemspec(gemspec_content)
|
|
265
268
|
return "0.0.1" unless lockfile
|
|
266
269
|
|
|
@@ -278,6 +281,7 @@ module Dependabot
|
|
|
278
281
|
spec = gemspec_specs.find { |s| s.name == gem_name }
|
|
279
282
|
spec&.version || gemspec_specs.first&.version || "0.0.1"
|
|
280
283
|
end
|
|
284
|
+
# rubocop:enable Metrics/PerceivedComplexity
|
|
281
285
|
|
|
282
286
|
def sanitized_lockfile_content
|
|
283
287
|
re = FileUpdater::LockfileUpdater::LOCKFILE_ENDING
|
|
@@ -252,7 +252,6 @@ module Dependabot
|
|
|
252
252
|
|
|
253
253
|
# Updates the version in a "<" or "<=" constraint to allow the given
|
|
254
254
|
# version
|
|
255
|
-
# rubocop:disable Metrics/PerceivedComplexity
|
|
256
255
|
def update_greatest_version(requirement, version_to_be_permitted)
|
|
257
256
|
if version_to_be_permitted.is_a?(String)
|
|
258
257
|
version_to_be_permitted = Gem::Version.new(version_to_be_permitted)
|
|
@@ -278,8 +277,6 @@ module Dependabot
|
|
|
278
277
|
|
|
279
278
|
Gem::Requirement.new("#{op} #{new_segments.join('.')}")
|
|
280
279
|
end
|
|
281
|
-
|
|
282
|
-
# rubocop:enable Metrics/PerceivedComplexity
|
|
283
280
|
end
|
|
284
281
|
end
|
|
285
282
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-bundler
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.120.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-09-
|
|
11
|
+
date: 2020-09-24 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.120.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.120.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -100,14 +100,14 @@ dependencies:
|
|
|
100
100
|
requirements:
|
|
101
101
|
- - "~>"
|
|
102
102
|
- !ruby/object:Gem::Version
|
|
103
|
-
version: 0.
|
|
103
|
+
version: 0.91.0
|
|
104
104
|
type: :development
|
|
105
105
|
prerelease: false
|
|
106
106
|
version_requirements: !ruby/object:Gem::Requirement
|
|
107
107
|
requirements:
|
|
108
108
|
- - "~>"
|
|
109
109
|
- !ruby/object:Gem::Version
|
|
110
|
-
version: 0.
|
|
110
|
+
version: 0.91.0
|
|
111
111
|
- !ruby/object:Gem::Dependency
|
|
112
112
|
name: vcr
|
|
113
113
|
requirement: !ruby/object:Gem::Requirement
|