dependabot-bundler 0.125.5 → 0.127.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/bundler/file_updater/gemspec_sanitizer.rb +1 -1
- data/lib/dependabot/bundler/file_updater/lockfile_updater.rb +3 -14
- data/lib/dependabot/bundler/metadata_finder.rb +1 -1
- data/lib/dependabot/bundler/update_checker/conflicting_dependency_resolver.rb +2 -2
- data/lib/dependabot/bundler/update_checker/force_updater.rb +3 -14
- data/lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb +5 -18
- data/lib/dependabot/bundler/update_checker/version_resolver.rb +2 -2
- metadata +8 -8
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 144dc9eb837efd26ab301efedf1ca2f0e42cc6d46a51fe9c9cfc35410a28dd00
|
|
4
|
+
data.tar.gz: 9d22aaa9270a397c1be80437c383dba9df21c17d475439ec663cdf15b81ef577
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 91c0a9688c564defe0d3ad7a2310fff80fe1cd83d99f6edd887749bb9359b8b55c21d42411d0c6e9a60b800778ae1d99111aefb5690aa4c03e4031b439bc157d
|
|
7
|
+
data.tar.gz: 6a169875e0008fd52f7124ac265607413ea039ca2eb58524b0398f07d9cba9c07d2c669ea19bb32ab4deb367d1abacfdfbb01fb6c31a786989006a145204eed9
|
|
@@ -235,7 +235,7 @@ module Dependabot
|
|
|
235
235
|
return unless node.is_a?(Parser::AST::Node)
|
|
236
236
|
|
|
237
237
|
if unnecessary_assignment?(node) &&
|
|
238
|
-
node.children.last&.location
|
|
238
|
+
node.children.last&.location.respond_to?(:heredoc_end)
|
|
239
239
|
range_to_remove = node.loc.expression.join(
|
|
240
240
|
node.children.last.location.heredoc_end
|
|
241
241
|
)
|
|
@@ -70,9 +70,9 @@ module Dependabot
|
|
|
70
70
|
args: {
|
|
71
71
|
gemfile_name: gemfile.name,
|
|
72
72
|
lockfile_name: lockfile.name,
|
|
73
|
-
|
|
73
|
+
using_bundler2: using_bundler2?,
|
|
74
74
|
dir: tmp_dir,
|
|
75
|
-
credentials:
|
|
75
|
+
credentials: credentials,
|
|
76
76
|
dependencies: dependencies.map(&:to_h)
|
|
77
77
|
}
|
|
78
78
|
)
|
|
@@ -234,17 +234,6 @@ module Dependabot
|
|
|
234
234
|
end
|
|
235
235
|
# rubocop:enable Metrics/PerceivedComplexity
|
|
236
236
|
|
|
237
|
-
def relevant_credentials
|
|
238
|
-
credentials.
|
|
239
|
-
select { |cred| cred["password"] || cred["token"] }.
|
|
240
|
-
select do |cred|
|
|
241
|
-
next true if cred["type"] == "git_source"
|
|
242
|
-
next true if cred["type"] == "rubygems_server"
|
|
243
|
-
|
|
244
|
-
false
|
|
245
|
-
end
|
|
246
|
-
end
|
|
247
|
-
|
|
248
237
|
def prepared_gemfile_content(file)
|
|
249
238
|
content =
|
|
250
239
|
GemfileUpdater.new(
|
|
@@ -307,7 +296,7 @@ module Dependabot
|
|
|
307
296
|
dependency_files.select { |f| f.name.end_with?(".specification") }
|
|
308
297
|
end
|
|
309
298
|
|
|
310
|
-
def
|
|
299
|
+
def using_bundler2?
|
|
311
300
|
return unless lockfile
|
|
312
301
|
|
|
313
302
|
lockfile.content.match?(/BUNDLED WITH\s+2/m)
|
|
@@ -117,7 +117,7 @@ module Dependabot
|
|
|
117
117
|
end
|
|
118
118
|
end
|
|
119
119
|
|
|
120
|
-
#
|
|
120
|
+
# NOTE: This response MUST NOT be unmarshalled
|
|
121
121
|
# (as calling Marshal.load is unsafe)
|
|
122
122
|
def rubygems_marshalled_gemspec_response
|
|
123
123
|
return @rubygems_marshalled_gemspec_response if defined?(@rubygems_marshalled_gemspec_response)
|
|
@@ -35,9 +35,9 @@ module Dependabot
|
|
|
35
35
|
dir: tmp_dir,
|
|
36
36
|
dependency_name: dependency.name,
|
|
37
37
|
target_version: target_version,
|
|
38
|
-
credentials:
|
|
38
|
+
credentials: credentials,
|
|
39
39
|
lockfile_name: lockfile.name,
|
|
40
|
-
|
|
40
|
+
using_bundler2: using_bundler2?
|
|
41
41
|
}
|
|
42
42
|
)
|
|
43
43
|
end
|
|
@@ -50,10 +50,10 @@ module Dependabot
|
|
|
50
50
|
dir: tmp_dir,
|
|
51
51
|
dependency_name: dependency.name,
|
|
52
52
|
target_version: target_version,
|
|
53
|
-
credentials:
|
|
53
|
+
credentials: credentials,
|
|
54
54
|
gemfile_name: gemfile.name,
|
|
55
55
|
lockfile_name: lockfile.name,
|
|
56
|
-
|
|
56
|
+
using_bundler2: using_bundler2?,
|
|
57
57
|
update_multiple_dependencies: update_multiple_dependencies?
|
|
58
58
|
}
|
|
59
59
|
)
|
|
@@ -141,18 +141,7 @@ module Dependabot
|
|
|
141
141
|
File.write(lockfile.name, sanitized_lockfile_body) if lockfile
|
|
142
142
|
end
|
|
143
143
|
|
|
144
|
-
def
|
|
145
|
-
credentials.
|
|
146
|
-
select { |cred| cred["password"] || cred["token"] }.
|
|
147
|
-
select do |cred|
|
|
148
|
-
next true if cred["type"] == "git_source"
|
|
149
|
-
next true if cred["type"] == "rubygems_server"
|
|
150
|
-
|
|
151
|
-
false
|
|
152
|
-
end
|
|
153
|
-
end
|
|
154
|
-
|
|
155
|
-
def using_bundler_2?
|
|
144
|
+
def using_bundler2?
|
|
156
145
|
return unless lockfile
|
|
157
146
|
|
|
158
147
|
lockfile.content.match?(/BUNDLED WITH\s+2/m)
|
|
@@ -169,8 +169,8 @@ module Dependabot
|
|
|
169
169
|
args: {
|
|
170
170
|
dir: tmp_dir,
|
|
171
171
|
gemfile_name: gemfile.name,
|
|
172
|
-
credentials:
|
|
173
|
-
|
|
172
|
+
credentials: credentials,
|
|
173
|
+
using_bundler2: using_bundler2?
|
|
174
174
|
}
|
|
175
175
|
)
|
|
176
176
|
git_specs.reject do |spec|
|
|
@@ -193,8 +193,8 @@ module Dependabot
|
|
|
193
193
|
args: {
|
|
194
194
|
dir: dir,
|
|
195
195
|
gemfile_name: gemfile.name,
|
|
196
|
-
credentials:
|
|
197
|
-
|
|
196
|
+
credentials: credentials,
|
|
197
|
+
using_bundler2: using_bundler2?
|
|
198
198
|
}
|
|
199
199
|
)
|
|
200
200
|
end
|
|
@@ -210,24 +210,11 @@ module Dependabot
|
|
|
210
210
|
File.write(lockfile.name, sanitized_lockfile_body) if lockfile
|
|
211
211
|
end
|
|
212
212
|
|
|
213
|
-
def relevant_credentials
|
|
214
|
-
[
|
|
215
|
-
*git_source_credentials,
|
|
216
|
-
*private_registry_credentials
|
|
217
|
-
].select { |cred| cred["password"] || cred["token"] }
|
|
218
|
-
end
|
|
219
|
-
|
|
220
213
|
def private_registry_credentials
|
|
221
214
|
credentials.
|
|
222
215
|
select { |cred| cred["type"] == "rubygems_server" }
|
|
223
216
|
end
|
|
224
217
|
|
|
225
|
-
def git_source_credentials
|
|
226
|
-
credentials.
|
|
227
|
-
select { |cred| cred["password"] || cred["token"] }.
|
|
228
|
-
select { |cred| cred["type"] == "git_source" }
|
|
229
|
-
end
|
|
230
|
-
|
|
231
218
|
def gemfile
|
|
232
219
|
dependency_files.find { |f| f.name == "Gemfile" } ||
|
|
233
220
|
dependency_files.find { |f| f.name == "gems.rb" }
|
|
@@ -244,7 +231,7 @@ module Dependabot
|
|
|
244
231
|
lockfile.content.gsub(re, "")
|
|
245
232
|
end
|
|
246
233
|
|
|
247
|
-
def
|
|
234
|
+
def using_bundler2?
|
|
248
235
|
return unless lockfile
|
|
249
236
|
|
|
250
237
|
lockfile.content.match?(/BUNDLED WITH\s+2/m)
|
|
@@ -83,7 +83,7 @@ module Dependabot
|
|
|
83
83
|
dependency_requirements: dependency.requirements,
|
|
84
84
|
gemfile_name: gemfile.name,
|
|
85
85
|
lockfile_name: lockfile&.name,
|
|
86
|
-
|
|
86
|
+
using_bundler2: using_bundler2?,
|
|
87
87
|
dir: tmp_dir,
|
|
88
88
|
credentials: credentials
|
|
89
89
|
}
|
|
@@ -213,7 +213,7 @@ module Dependabot
|
|
|
213
213
|
dependency_files.find { |f| f.name == "gems.locked" }
|
|
214
214
|
end
|
|
215
215
|
|
|
216
|
-
def
|
|
216
|
+
def using_bundler2?
|
|
217
217
|
return unless lockfile
|
|
218
218
|
|
|
219
219
|
lockfile.content.match?(/BUNDLED WITH\s+2/m)
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-bundler
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.127.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-
|
|
11
|
+
date: 2020-12-14 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.127.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.127.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -100,28 +100,28 @@ dependencies:
|
|
|
100
100
|
requirements:
|
|
101
101
|
- - "~>"
|
|
102
102
|
- !ruby/object:Gem::Version
|
|
103
|
-
version:
|
|
103
|
+
version: 1.6.0
|
|
104
104
|
type: :development
|
|
105
105
|
prerelease: false
|
|
106
106
|
version_requirements: !ruby/object:Gem::Requirement
|
|
107
107
|
requirements:
|
|
108
108
|
- - "~>"
|
|
109
109
|
- !ruby/object:Gem::Version
|
|
110
|
-
version:
|
|
110
|
+
version: 1.6.0
|
|
111
111
|
- !ruby/object:Gem::Dependency
|
|
112
112
|
name: simplecov
|
|
113
113
|
requirement: !ruby/object:Gem::Requirement
|
|
114
114
|
requirements:
|
|
115
115
|
- - "~>"
|
|
116
116
|
- !ruby/object:Gem::Version
|
|
117
|
-
version: 0.
|
|
117
|
+
version: 0.20.0
|
|
118
118
|
type: :development
|
|
119
119
|
prerelease: false
|
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
|
121
121
|
requirements:
|
|
122
122
|
- - "~>"
|
|
123
123
|
- !ruby/object:Gem::Version
|
|
124
|
-
version: 0.
|
|
124
|
+
version: 0.20.0
|
|
125
125
|
- !ruby/object:Gem::Dependency
|
|
126
126
|
name: simplecov-console
|
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|