dependabot-bundler 0.125.6 → 0.125.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/bundler/file_updater/gemspec_sanitizer.rb +1 -1
- data/lib/dependabot/bundler/file_updater/lockfile_updater.rb +3 -14
- data/lib/dependabot/bundler/metadata_finder.rb +1 -1
- data/lib/dependabot/bundler/update_checker/conflicting_dependency_resolver.rb +2 -2
- data/lib/dependabot/bundler/update_checker/force_updater.rb +3 -14
- data/lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb +5 -18
- data/lib/dependabot/bundler/update_checker/version_resolver.rb +2 -2
- metadata +8 -8
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b4e9a7b2435d88bf37b280feddb2462827ed9be53d5734e0dc1d51d8c779df1d
|
4
|
+
data.tar.gz: d42bbde21d53e8cf60e443becfe3b7330061e17615dc25c88c184892b7603fe3
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f9fbedc6d0ed8a5bec7b0c0fb6fc381cd1ac4a26bc669b46467176df0e6f14a0bf46f5064aa277be7340fe4a83262528be5c74161003db11c54bfae1a7a2e3cc
|
7
|
+
data.tar.gz: 422c7ae17518aa3b2e57c6dba21725101adf7c42352b56219a410f62f6b0214c1f7ee7f2e2374acd0d15c4465b83e0bec2fb68b3686cf01396b82ee854092d88
|
@@ -235,7 +235,7 @@ module Dependabot
|
|
235
235
|
return unless node.is_a?(Parser::AST::Node)
|
236
236
|
|
237
237
|
if unnecessary_assignment?(node) &&
|
238
|
-
node.children.last&.location
|
238
|
+
node.children.last&.location.respond_to?(:heredoc_end)
|
239
239
|
range_to_remove = node.loc.expression.join(
|
240
240
|
node.children.last.location.heredoc_end
|
241
241
|
)
|
@@ -70,9 +70,9 @@ module Dependabot
|
|
70
70
|
args: {
|
71
71
|
gemfile_name: gemfile.name,
|
72
72
|
lockfile_name: lockfile.name,
|
73
|
-
|
73
|
+
using_bundler2: using_bundler2?,
|
74
74
|
dir: tmp_dir,
|
75
|
-
credentials:
|
75
|
+
credentials: credentials,
|
76
76
|
dependencies: dependencies.map(&:to_h)
|
77
77
|
}
|
78
78
|
)
|
@@ -234,17 +234,6 @@ module Dependabot
|
|
234
234
|
end
|
235
235
|
# rubocop:enable Metrics/PerceivedComplexity
|
236
236
|
|
237
|
-
def relevant_credentials
|
238
|
-
credentials.
|
239
|
-
select { |cred| cred["password"] || cred["token"] }.
|
240
|
-
select do |cred|
|
241
|
-
next true if cred["type"] == "git_source"
|
242
|
-
next true if cred["type"] == "rubygems_server"
|
243
|
-
|
244
|
-
false
|
245
|
-
end
|
246
|
-
end
|
247
|
-
|
248
237
|
def prepared_gemfile_content(file)
|
249
238
|
content =
|
250
239
|
GemfileUpdater.new(
|
@@ -307,7 +296,7 @@ module Dependabot
|
|
307
296
|
dependency_files.select { |f| f.name.end_with?(".specification") }
|
308
297
|
end
|
309
298
|
|
310
|
-
def
|
299
|
+
def using_bundler2?
|
311
300
|
return unless lockfile
|
312
301
|
|
313
302
|
lockfile.content.match?(/BUNDLED WITH\s+2/m)
|
@@ -117,7 +117,7 @@ module Dependabot
|
|
117
117
|
end
|
118
118
|
end
|
119
119
|
|
120
|
-
#
|
120
|
+
# NOTE: This response MUST NOT be unmarshalled
|
121
121
|
# (as calling Marshal.load is unsafe)
|
122
122
|
def rubygems_marshalled_gemspec_response
|
123
123
|
return @rubygems_marshalled_gemspec_response if defined?(@rubygems_marshalled_gemspec_response)
|
@@ -35,9 +35,9 @@ module Dependabot
|
|
35
35
|
dir: tmp_dir,
|
36
36
|
dependency_name: dependency.name,
|
37
37
|
target_version: target_version,
|
38
|
-
credentials:
|
38
|
+
credentials: credentials,
|
39
39
|
lockfile_name: lockfile.name,
|
40
|
-
|
40
|
+
using_bundler2: using_bundler2?
|
41
41
|
}
|
42
42
|
)
|
43
43
|
end
|
@@ -50,10 +50,10 @@ module Dependabot
|
|
50
50
|
dir: tmp_dir,
|
51
51
|
dependency_name: dependency.name,
|
52
52
|
target_version: target_version,
|
53
|
-
credentials:
|
53
|
+
credentials: credentials,
|
54
54
|
gemfile_name: gemfile.name,
|
55
55
|
lockfile_name: lockfile.name,
|
56
|
-
|
56
|
+
using_bundler2: using_bundler2?,
|
57
57
|
update_multiple_dependencies: update_multiple_dependencies?
|
58
58
|
}
|
59
59
|
)
|
@@ -141,18 +141,7 @@ module Dependabot
|
|
141
141
|
File.write(lockfile.name, sanitized_lockfile_body) if lockfile
|
142
142
|
end
|
143
143
|
|
144
|
-
def
|
145
|
-
credentials.
|
146
|
-
select { |cred| cred["password"] || cred["token"] }.
|
147
|
-
select do |cred|
|
148
|
-
next true if cred["type"] == "git_source"
|
149
|
-
next true if cred["type"] == "rubygems_server"
|
150
|
-
|
151
|
-
false
|
152
|
-
end
|
153
|
-
end
|
154
|
-
|
155
|
-
def using_bundler_2?
|
144
|
+
def using_bundler2?
|
156
145
|
return unless lockfile
|
157
146
|
|
158
147
|
lockfile.content.match?(/BUNDLED WITH\s+2/m)
|
@@ -169,8 +169,8 @@ module Dependabot
|
|
169
169
|
args: {
|
170
170
|
dir: tmp_dir,
|
171
171
|
gemfile_name: gemfile.name,
|
172
|
-
credentials:
|
173
|
-
|
172
|
+
credentials: credentials,
|
173
|
+
using_bundler2: using_bundler2?
|
174
174
|
}
|
175
175
|
)
|
176
176
|
git_specs.reject do |spec|
|
@@ -193,8 +193,8 @@ module Dependabot
|
|
193
193
|
args: {
|
194
194
|
dir: dir,
|
195
195
|
gemfile_name: gemfile.name,
|
196
|
-
credentials:
|
197
|
-
|
196
|
+
credentials: credentials,
|
197
|
+
using_bundler2: using_bundler2?
|
198
198
|
}
|
199
199
|
)
|
200
200
|
end
|
@@ -210,24 +210,11 @@ module Dependabot
|
|
210
210
|
File.write(lockfile.name, sanitized_lockfile_body) if lockfile
|
211
211
|
end
|
212
212
|
|
213
|
-
def relevant_credentials
|
214
|
-
[
|
215
|
-
*git_source_credentials,
|
216
|
-
*private_registry_credentials
|
217
|
-
].select { |cred| cred["password"] || cred["token"] }
|
218
|
-
end
|
219
|
-
|
220
213
|
def private_registry_credentials
|
221
214
|
credentials.
|
222
215
|
select { |cred| cred["type"] == "rubygems_server" }
|
223
216
|
end
|
224
217
|
|
225
|
-
def git_source_credentials
|
226
|
-
credentials.
|
227
|
-
select { |cred| cred["password"] || cred["token"] }.
|
228
|
-
select { |cred| cred["type"] == "git_source" }
|
229
|
-
end
|
230
|
-
|
231
218
|
def gemfile
|
232
219
|
dependency_files.find { |f| f.name == "Gemfile" } ||
|
233
220
|
dependency_files.find { |f| f.name == "gems.rb" }
|
@@ -244,7 +231,7 @@ module Dependabot
|
|
244
231
|
lockfile.content.gsub(re, "")
|
245
232
|
end
|
246
233
|
|
247
|
-
def
|
234
|
+
def using_bundler2?
|
248
235
|
return unless lockfile
|
249
236
|
|
250
237
|
lockfile.content.match?(/BUNDLED WITH\s+2/m)
|
@@ -83,7 +83,7 @@ module Dependabot
|
|
83
83
|
dependency_requirements: dependency.requirements,
|
84
84
|
gemfile_name: gemfile.name,
|
85
85
|
lockfile_name: lockfile&.name,
|
86
|
-
|
86
|
+
using_bundler2: using_bundler2?,
|
87
87
|
dir: tmp_dir,
|
88
88
|
credentials: credentials
|
89
89
|
}
|
@@ -213,7 +213,7 @@ module Dependabot
|
|
213
213
|
dependency_files.find { |f| f.name == "gems.locked" }
|
214
214
|
end
|
215
215
|
|
216
|
-
def
|
216
|
+
def using_bundler2?
|
217
217
|
return unless lockfile
|
218
218
|
|
219
219
|
lockfile.content.match?(/BUNDLED WITH\s+2/m)
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-bundler
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.125.
|
4
|
+
version: 0.125.7
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-11-
|
11
|
+
date: 2020-11-30 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dependabot-common
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.125.
|
19
|
+
version: 0.125.7
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.125.
|
26
|
+
version: 0.125.7
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: byebug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -100,28 +100,28 @@ dependencies:
|
|
100
100
|
requirements:
|
101
101
|
- - "~>"
|
102
102
|
- !ruby/object:Gem::Version
|
103
|
-
version:
|
103
|
+
version: 1.4.2
|
104
104
|
type: :development
|
105
105
|
prerelease: false
|
106
106
|
version_requirements: !ruby/object:Gem::Requirement
|
107
107
|
requirements:
|
108
108
|
- - "~>"
|
109
109
|
- !ruby/object:Gem::Version
|
110
|
-
version:
|
110
|
+
version: 1.4.2
|
111
111
|
- !ruby/object:Gem::Dependency
|
112
112
|
name: simplecov
|
113
113
|
requirement: !ruby/object:Gem::Requirement
|
114
114
|
requirements:
|
115
115
|
- - "~>"
|
116
116
|
- !ruby/object:Gem::Version
|
117
|
-
version: 0.
|
117
|
+
version: 0.20.0
|
118
118
|
type: :development
|
119
119
|
prerelease: false
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
121
121
|
requirements:
|
122
122
|
- - "~>"
|
123
123
|
- !ruby/object:Gem::Version
|
124
|
-
version: 0.
|
124
|
+
version: 0.20.0
|
125
125
|
- !ruby/object:Gem::Dependency
|
126
126
|
name: simplecov-console
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|