dependabot-bundler 0.138.7 → 0.140.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/helpers/v1/spec/functions/version_resolver_spec.rb +1 -2
- data/helpers/v1/spec/shared_contexts.rb +3 -3
- data/helpers/v2/run.rb +1 -1
- data/helpers/v2/spec/functions/version_resolver_spec.rb +1 -2
- data/helpers/v2/spec/shared_contexts.rb +3 -3
- data/lib/dependabot/bundler/file_parser.rb +1 -1
- data/lib/dependabot/bundler/file_updater.rb +1 -1
- data/lib/dependabot/bundler/file_updater/lockfile_updater.rb +1 -1
- data/lib/dependabot/bundler/helpers.rb +20 -9
- data/lib/dependabot/bundler/update_checker/conflicting_dependency_resolver.rb +1 -1
- data/lib/dependabot/bundler/update_checker/force_updater.rb +1 -1
- data/lib/dependabot/bundler/update_checker/latest_version_finder/dependency_source.rb +1 -1
- data/lib/dependabot/bundler/update_checker/version_resolver.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a92384ff46ace24160a66d14fc4b83d3faf1808b9185cdf18e3021c67e1f2081
|
4
|
+
data.tar.gz: '019ae4c1bdb58b45695a9e6638e2fc25fa6f8d373b6531091d561d531bb19d15'
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: ca6256aee46bcf4b60fd8bb28fd9a91563565f92882bb428f36b89eca72006aaa15fb3e018f81dccff740412e08cb516e89dfd07352edf680c6e1d6da6bbc061
|
7
|
+
data.tar.gz: dac59149fb74050f1c868c9185f82648064a59a99db90b08bb946f229cf70d5a1951d85985e11bf8f1d8d3fae26f474a8262ac85be01cdca82ea8a175fd13c64
|
@@ -84,8 +84,7 @@ RSpec.describe Functions::VersionResolver do
|
|
84
84
|
stub_request(:get, old_index_url + "?gems=business,statesman").
|
85
85
|
to_return(
|
86
86
|
status: 200,
|
87
|
-
body: fixture("
|
88
|
-
"rubygems_responses",
|
87
|
+
body: fixture("rubygems_responses",
|
89
88
|
"dependencies-default-gemfile")
|
90
89
|
)
|
91
90
|
end
|
@@ -41,18 +41,18 @@ RSpec.shared_context "stub rubygems compact index" do
|
|
41
41
|
stub_request(:get, "https://index.rubygems.org/versions").
|
42
42
|
to_return(
|
43
43
|
status: 200,
|
44
|
-
body: fixture("
|
44
|
+
body: fixture("rubygems_responses", "index")
|
45
45
|
)
|
46
46
|
|
47
47
|
# Stub the Rubygems response for each dependency we have a fixture for
|
48
48
|
fixtures =
|
49
|
-
Dir[File.join("../../spec", "fixtures", "
|
49
|
+
Dir[File.join("../../spec", "fixtures", "rubygems_responses", "info-*")]
|
50
50
|
fixtures.each do |path|
|
51
51
|
dep_name = path.split("/").last.gsub("info-", "")
|
52
52
|
stub_request(:get, "https://index.rubygems.org/info/#{dep_name}").
|
53
53
|
to_return(
|
54
54
|
status: 200,
|
55
|
-
body: fixture("
|
55
|
+
body: fixture("rubygems_responses", "info-#{dep_name}")
|
56
56
|
)
|
57
57
|
end
|
58
58
|
end
|
data/helpers/v2/run.rb
CHANGED
@@ -84,8 +84,7 @@ RSpec.describe Functions::VersionResolver do
|
|
84
84
|
stub_request(:get, old_index_url + "?gems=business,statesman").
|
85
85
|
to_return(
|
86
86
|
status: 200,
|
87
|
-
body: fixture("
|
88
|
-
"rubygems_responses",
|
87
|
+
body: fixture("rubygems_responses",
|
89
88
|
"dependencies-default-gemfile")
|
90
89
|
)
|
91
90
|
end
|
@@ -42,18 +42,18 @@ RSpec.shared_context "stub rubygems compact index" do
|
|
42
42
|
stub_request(:get, "https://index.rubygems.org/versions").
|
43
43
|
to_return(
|
44
44
|
status: 200,
|
45
|
-
body: fixture("
|
45
|
+
body: fixture("rubygems_responses", "index")
|
46
46
|
)
|
47
47
|
|
48
48
|
# Stub the Rubygems response for each dependency we have a fixture for
|
49
49
|
fixtures =
|
50
|
-
Dir[File.join("../../spec", "fixtures", "
|
50
|
+
Dir[File.join("../../spec", "fixtures", "rubygems_responses", "info-*")]
|
51
51
|
fixtures.each do |path|
|
52
52
|
dep_name = path.split("/").last.gsub("info-", "")
|
53
53
|
stub_request(:get, "https://index.rubygems.org/info/#{dep_name}").
|
54
54
|
to_return(
|
55
55
|
status: 200,
|
56
|
-
body: fixture("
|
56
|
+
body: fixture("rubygems_responses", "info-#{dep_name}")
|
57
57
|
)
|
58
58
|
end
|
59
59
|
end
|
@@ -5,23 +5,34 @@ module Dependabot
|
|
5
5
|
module Helpers
|
6
6
|
V1 = "1"
|
7
7
|
V2 = "2"
|
8
|
+
# If we are updating a project with no Gemfile.lock, we default to the
|
9
|
+
# newest version we support
|
10
|
+
DEFAULT = V2
|
11
|
+
# If we are updating a project with a Gemfile.lock that does not specify
|
12
|
+
# the version it was bundled with, with failover to V1 on the assumption
|
13
|
+
# it was created with an old version that didn't add this information
|
14
|
+
FAILOVER = V1
|
8
15
|
|
9
|
-
|
10
|
-
def self.bundler_version(_lockfile, options:)
|
11
|
-
# For now, force V2 if bundler_2_available
|
12
|
-
return V2 if options[:bundler_2_available]
|
16
|
+
BUNDLER_MAJOR_VERSION_REGEX = /BUNDLED WITH\s+(?<version>\d+)\./m.freeze
|
13
17
|
|
14
|
-
|
15
|
-
|
18
|
+
def self.bundler_version(lockfile)
|
19
|
+
return DEFAULT unless lockfile
|
16
20
|
|
17
|
-
|
21
|
+
if (matches = lockfile.content.match(BUNDLER_MAJOR_VERSION_REGEX))
|
22
|
+
matches[:version].to_i >= 2 ? V2 : V1
|
23
|
+
else
|
24
|
+
FAILOVER
|
25
|
+
end
|
18
26
|
end
|
19
27
|
|
20
28
|
def self.detected_bundler_version(lockfile)
|
21
29
|
return "unknown" unless lockfile
|
22
|
-
return V2 if lockfile.content.match?(/BUNDLED WITH\s+2/m)
|
23
30
|
|
24
|
-
|
31
|
+
if (matches = lockfile.content.match(BUNDLER_MAJOR_VERSION_REGEX))
|
32
|
+
matches[:version]
|
33
|
+
else
|
34
|
+
FAILOVER
|
35
|
+
end
|
25
36
|
end
|
26
37
|
end
|
27
38
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-bundler
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.140.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-04-08 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dependabot-common
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.
|
19
|
+
version: 0.140.1
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.
|
26
|
+
version: 0.140.1
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: byebug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|