dependabot-bundler 0.182.0 → 0.182.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/helpers/v2/build +3 -3
  3. data/helpers/v2/monkey_patches/definition_ruby_version_patch.rb +18 -2
  4. data/lib/dependabot/bundler/file_updater/lockfile_updater.rb +12 -1
  5. data/lib/dependabot/bundler/helpers.rb +1 -1
  6. data/lib/dependabot/bundler/native_helpers.rb +11 -4
  7. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 3e57188bd1df112be594b310a3cab71c8b8541e83d1fd61be7e7ce2a3f141720
4
- data.tar.gz: b78a75e3514f9ada72f9ba77e529e2126db93a4043f5b4622e09d644b41984e4
3
+ metadata.gz: 2f9930097ef435f9b3bf76a340d065b02b92cd537c14978ede57a8343b90d897
4
+ data.tar.gz: b41d593a3b1ece997045749d93309cb2b3c0171114c59073fed23eea4a29a126
5
5
  SHA512:
6
- metadata.gz: f947e37c1ffce4c8fd0f5c9c8f4895dca8c2a08002499c90565d3befd0a4b94c449f222571ec43e0e73a089a3601c683a4bde4ba4419fa5faa191df364180213
7
- data.tar.gz: 4a67bc46c197fe3684df0cc5d414497b11f9843fa0f281e9461e2447d663e059d6d7ae762c7bede10a2a2d1077e27e5b4aea2a6efd70ad0ac7f30945d07da0f4
6
+ metadata.gz: 3e73af493a593ad30a02e6ab5aa4bd49f60083fdf9443eb96e270eb909478664ef3749a3e7b0550a024ae0564ebfea03f5023dcf9bedb12644dbaa5bee25741a
7
+ data.tar.gz: f3f3d4553df9ae695e18904435bac8ac916bf0640db2d7ba5f9e097fc59388bcd2d290a53759292382a4ef338ecbef29bfabc069b868d5214013b4ab477957ff
data/helpers/v2/build CHANGED
@@ -22,6 +22,6 @@ cd "$install_dir"
22
22
 
23
23
  # NOTE: Sets `BUNDLED WITH` to match the installed v2 version in Gemfile.lock
24
24
  # forcing specs and native helpers to run with the same version
25
- BUNDLER_VERSION=2.3.10 bundle config --local path ".bundle"
26
- BUNDLER_VERSION=2.3.10 bundle config --local without "test"
27
- BUNDLER_VERSION=2.3.10 bundle install
25
+ BUNDLER_VERSION=2.3.12 bundle config --local path ".bundle"
26
+ BUNDLER_VERSION=2.3.12 bundle config --local without "test"
27
+ BUNDLER_VERSION=2.3.12 bundle install
data/helpers/v2/monkey_patches/definition_ruby_version_patch.rb CHANGED
@@ -5,16 +5,32 @@ require "bundler/definition"
5
5
  module BundlerDefinitionRubyVersionPatch
6
6
  def source_requirements
7
7
  if ruby_version
8
- requested_version = ruby_version.to_gem_version_with_patchlevel
8
+ requested_version = ruby_version.gem_version
9
9
  sources.metadata_source.specs <<
10
10
  Gem::Specification.new("Ruby\0", requested_version)
11
11
  end
12
12
 
13
13
  sources.metadata_source.specs <<
14
- Gem::Specification.new("Ruby\0", "2.5.3p105")
14
+ Gem::Specification.new("Ruby\0", "2.5.3")
15
15
 
16
16
  super
17
17
  end
18
+
19
+ def metadata_dependencies
20
+ @metadata_dependencies ||=
21
+ [
22
+ Bundler::Dependency.new("Ruby\0", ruby_version_requirements),
23
+ Bundler::Dependency.new("RubyGems\0", Gem::VERSION)
24
+ ]
25
+ end
26
+
27
+ def ruby_version_requirements
28
+ return [] unless ruby_version
29
+
30
+ ruby_version.versions.map do |version|
31
+ Gem::Requirement.new(version)
32
+ end
33
+ end
18
34
  end
19
35
 
20
36
  Bundler::Definition.prepend(BundlerDefinitionRubyVersionPatch)
data/lib/dependabot/bundler/file_updater/lockfile_updater.rb CHANGED
@@ -16,6 +16,7 @@ module Dependabot
16
16
  require_relative "gemspec_updater"
17
17
  require_relative "gemspec_sanitizer"
18
18
  require_relative "gemspec_dependency_name_finder"
19
+ require_relative "ruby_requirement_setter"
19
20
 
20
21
  LOCKFILE_ENDING =
21
22
  /(?<ending>\s*(?:RUBY VERSION|BUNDLED WITH).*)/m.freeze
@@ -82,7 +83,7 @@ module Dependabot
82
83
  end
83
84
 
84
85
  def write_temporary_dependency_files
85
- File.write(gemfile.name, updated_gemfile_content(gemfile))
86
+ File.write(gemfile.name, prepared_gemfile_content(gemfile))
86
87
  File.write(lockfile.name, sanitized_lockfile_body)
87
88
 
88
89
  top_level_gemspecs.each do |gemspec|
@@ -222,6 +223,16 @@ module Dependabot
222
223
  end
223
224
  # rubocop:enable Metrics/PerceivedComplexity
224
225
 
226
+ def prepared_gemfile_content(file)
227
+ content = updated_gemfile_content(file)
228
+
229
+ top_level_gemspecs.each do |gs|
230
+ content = RubyRequirementSetter.new(gemspec: gs).rewrite(content)
231
+ end
232
+
233
+ content
234
+ end
235
+
225
236
  def updated_gemfile_content(file)
226
237
  GemfileUpdater.new(
227
238
  dependencies: dependencies,
data/lib/dependabot/bundler/helpers.rb CHANGED
@@ -4,7 +4,7 @@ module Dependabot
4
4
  module Bundler
5
5
  module Helpers
6
6
  V1 = "1.17.3"
7
- V2 = "2.3.10"
7
+ V2 = "2.3.12"
8
8
  # If we are updating a project with no Gemfile.lock, we default to the
9
9
  # newest version we support
10
10
  DEFAULT = V2
data/lib/dependabot/bundler/native_helpers.rb CHANGED
@@ -36,7 +36,7 @@ module Dependabot
36
36
  def self.run_bundler_subprocess(function:, args:, bundler_version:, options: {})
37
37
  # Run helper suprocess with all bundler-related ENV variables removed
38
38
  bundler_major_version = bundler_version.split(".").first
39
- helpers_path = versioned_helper_path(bundler_version: bundler_major_version)
39
+ helpers_path = versioned_helper_path(bundler_major_version)
40
40
  ::Bundler.with_original_env do
41
41
  command = BundleCommand.
42
42
  new(options[:timeout_per_operation_seconds]).
@@ -47,7 +47,7 @@ module Dependabot
47
47
  args: args,
48
48
  env: {
49
49
  # Bundler will pick the matching installed major version
50
- "BUNDLER_VERSION" => bundler_version,
50
+ "BUNDLER_VERSION" => installed_bundler_version(bundler_major_version),
51
51
  "BUNDLE_GEMFILE" => File.join(helpers_path, "Gemfile"),
52
52
  # Prevent the GEM_HOME from being set to a folder owned by root
53
53
  "GEM_HOME" => File.join(helpers_path, ".bundle")
@@ -61,8 +61,15 @@ module Dependabot
61
61
  end
62
62
  end
63
63
 
64
- def self.versioned_helper_path(bundler_version:)
65
- File.join(native_helpers_root, "v#{bundler_version}")
64
+ def self.versioned_helper_path(bundler_major_version)
65
+ File.join(native_helpers_root, "v#{bundler_major_version}")
66
+ end
67
+
68
+ # Maps the major version unto the specific version we have installed
69
+ def self.installed_bundler_version(bundler_major_version)
70
+ return Helpers::V1 if bundler_major_version == "1"
71
+
72
+ Helpers::V2
66
73
  end
67
74
 
68
75
  def self.native_helpers_root
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-bundler
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.182.0
4
+ version: 0.182.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-04-20 00:00:00.000000000 Z
11
+ date: 2022-04-25 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.182.0
19
+ version: 0.182.3
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.182.0
26
+ version: 0.182.3
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debase
29
29
  requirement: !ruby/object:Gem::Requirement