dependabot-bundler 0.211.0 → 0.212.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1b17b4f044523e671c8d5089cd9f4e8f63ce0d03f40c2c0cf98592bbd08e328b
-  data.tar.gz: c4c07d736246603d2ab6a2222b285f5dd4058cd9466de3ae55e4e01a6c34fe0c
+  metadata.gz: b08c43d9300e9e7fa9b6d5f0e3e0631638a6e9785385688079fdc91fa4ad5aaf
+  data.tar.gz: 4958a4a8e3a18c4b533891917c85b71f75fe94c002faac703240eef60e24cfad
 SHA512:
-  metadata.gz: 3493c9d2028172e1f80ced2a7d80585471ea07cc298c47af088e8dcc42471c8c594aafe16e4dc376f63602f68190f0952a56ec1ef6f9b32397bfc4041659ffe0
-  data.tar.gz: e8a1f7a0657d4bb5d6371a73a6c627d7538a480fa1e4e3d2afe5be11a3fbc5cdb88f561c84869f3e5344183cac1294b638d6f161f9a63be13a210ba6019af5b1
+  metadata.gz: c808f814bde969264d27a002a03839c07b7654f013154b3287b9b3259568c795bcd1b4a4fd346a3c9496aee2e8364243832baad5cdf02bfbeb2add6f844fc885
+  data.tar.gz: 5caf001d47e54cca9efac60192e772aafdc5038add498779d96e5f722568d260e0adbc3503c382600805d9c2ea012101bc346e1f9c62607dfc1506763e008de7

data/helpers/v1/lib/functions/conflicting_dependency_resolver.rb

@@ -63,7 +63,7 @@ module Functions
       if spec.name == top_level.name
         "#{spec.name} (#{spec.version}) requires #{dependency_name} (#{dependency.requirement})"
       else
-        "#{top_level.name} (#{top_level.version}) requires #{dependency_name} "\
+        "#{top_level.name} (#{top_level.version}) requires #{dependency_name} " \
           "(#{dependency.requirement}) via #{spec.name} (#{spec.version})"
       end
     end

data/helpers/v1/lib/functions/file_parser.rb

@@ -14,13 +14,13 @@ module Functions
       Bundler::Definition.build(gemfile_name, nil, {}).
         dependencies.select(&:current_platform?).
         reject { |dep| dep.source.is_a?(Bundler::Source::Gemspec) }.
-        map(&method(:serialize_bundler_dependency))
+        map { |dep| serialize_bundler_dependency(dep) }
     end
 
     def parsed_gemspec(gemspec_name:)
       Bundler.load_gemspec_uncached(gemspec_name).
         dependencies.
-        map(&method(:serialize_bundler_dependency))
+        map { |dep| serialize_bundler_dependency(dep) }
     end
 
     private
@@ -71,15 +71,17 @@ module Functions
       }
     end
 
+    RUBYGEMS_HOSTS = [
+      "rubygems.org",
+      "www.rubygems.org"
+    ].freeze
+
     def default_rubygems?(source)
       return true if source.nil?
       return false unless source.is_a?(Bundler::Source::Rubygems)
 
       source.remotes.any? do |r|
-        [
-          "rubygems.org",
-          "www.rubygems.org"
-        ].include?(URI(r.to_s).host)
+        RUBYGEMS_HOSTS.include?(URI(r.to_s).host)
       end
     end
 

data/helpers/v1/lib/functions/lockfile_updater.rb

@@ -160,9 +160,9 @@ module Functions
       potentials_deps =
         error.cause.conflicts.values.
         flat_map(&:requirement_trees).
-        map do |tree|
+        filter_map do |tree|
           tree.find { |req| allowed_new_unlocks.include?(req.name) }
-        end.compact.map(&:name)
+        end.map(&:name)
 
       # If there are specific dependencies we can unlock, unlock them
       return dependencies_to_unlock.append(*potentials_deps) if potentials_deps.any?

data/helpers/v1/monkey_patches/fileutils_keyword_splat_patch.rb

@@ -11,7 +11,7 @@ module BundlerFileUtilsKeywordSplatPatch
     opts = {}
     opts[:encoding] = ::Encoding::UTF_8 if fu_windows?
     Dir.entries(path, **opts).
-      reject { |n| [".", ".."].include?(n) }.
+      reject { |n| n == "." || n == ".." }.
       map { |n| self.class.new(prefix, join(rel, n.untaint)) }
   end
 end

data/helpers/v1/monkey_patches/git_source_patch.rb

@@ -51,7 +51,7 @@ module Bundler
 
           Bundler.rubygems.set_installed_by_version(spec)
           Bundler.rubygems.validate(spec)
-          File.open(spec_path, "wb") { |file| file.write(spec.to_ruby) }
+          File.binwrite(spec_path, spec.to_ruby)
         end
         $LOAD_PATH.shift until $LOAD_PATH.empty?
         original_load_paths.each { |p| $LOAD_PATH << p }

data/helpers/v1/spec/shared_contexts.rb

@@ -9,7 +9,7 @@ RSpec.shared_context "in a temporary bundler directory" do
   let(:project_name) { "gemfile" }
 
   let(:tmp_path) do
-    Dir.mkdir(TMP_DIR_PATH) unless Dir.exist?(TMP_DIR_PATH)
+    FileUtils.mkdir_p(TMP_DIR_PATH)
     dir = Dir.mktmpdir("native_helper_spec_", TMP_DIR_PATH)
     Pathname.new(dir).expand_path
   end

data/helpers/v2/lib/functions/conflicting_dependency_resolver.rb

@@ -63,7 +63,7 @@ module Functions
       if spec.name == top_level.name
         "#{spec.name} (#{spec.version}) requires #{dependency_name} (#{dependency.requirement})"
       else
-        "#{top_level.name} (#{top_level.version}) requires #{dependency_name} "\
+        "#{top_level.name} (#{top_level.version}) requires #{dependency_name} " \
           "(#{dependency.requirement}) via #{spec.name} (#{spec.version})"
       end
     end

data/helpers/v2/lib/functions/file_parser.rb

@@ -14,13 +14,13 @@ module Functions
       Bundler::Definition.build(gemfile_name, nil, {}).
         dependencies.select(&:current_platform?).
         reject { |dep| dep.source.is_a?(Bundler::Source::Gemspec) }.
-        map(&method(:serialize_bundler_dependency))
+        map { |dep| serialize_bundler_dependency(dep) }
     end
 
     def parsed_gemspec(gemspec_name:)
       Bundler.load_gemspec_uncached(gemspec_name).
         dependencies.
-        map(&method(:serialize_bundler_dependency))
+        map { |dep| serialize_bundler_dependency(dep) }
     end
 
     private
@@ -72,15 +72,17 @@ module Functions
       }
     end
 
+    RUBYGEMS_HOSTS = [
+      "rubygems.org",
+      "www.rubygems.org"
+    ].freeze
+
     def default_rubygems?(source)
       return true if source.nil?
       return false unless source.is_a?(Bundler::Source::Rubygems)
 
       source.remotes.any? do |r|
-        [
-          "rubygems.org",
-          "www.rubygems.org"
-        ].include?(URI(r.to_s).host)
+        RUBYGEMS_HOSTS.include?(URI(r.to_s).host)
       end
     end
 

data/helpers/v2/lib/functions/lockfile_updater.rb

@@ -161,9 +161,9 @@ module Functions
       potentials_deps =
         error.cause.conflicts.values.
         flat_map(&:requirement_trees).
-        map do |tree|
+        filter_map do |tree|
           tree.find { |req| allowed_new_unlocks.include?(req.name) }
-        end.compact.map(&:name)
+        end.map(&:name)
 
       # If there are specific dependencies we can unlock, unlock them
       return dependencies_to_unlock.append(*potentials_deps) if potentials_deps.any?

data/helpers/v2/monkey_patches/git_source_patch.rb

@@ -13,7 +13,7 @@ module Bundler
         # Instead, we convert all `git@github.com:` URLs to use HTTPS.
         def configured_uri_for(uri)
           uri = uri.gsub(%r{git@(.*?):/?}, 'https://\1/')
-          if /https?:/ =~ uri
+          if /https?:/.match?(uri)
             remote = Bundler::URI(uri)
             config_auth = Bundler.settings[remote.to_s] || Bundler.settings[remote.host]
             remote.userinfo ||= config_auth
@@ -50,7 +50,7 @@ module Bundler
 
           Bundler.rubygems.set_installed_by_version(spec)
           Bundler.rubygems.validate(spec)
-          File.open(spec_path, "wb") { |file| file.write(spec.to_ruby) }
+          File.binwrite(spec_path, spec.to_ruby)
         end
         $LOAD_PATH.shift until $LOAD_PATH.empty?
         original_load_paths.each { |p| $LOAD_PATH << p }

data/helpers/v2/spec/functions_spec.rb

@@ -38,7 +38,7 @@ RSpec.describe Functions do
       expect(git_specs.size).to eq(count)
       git_specs.each do |gs|
         uri = URI.parse(gs[:auth_uri])
-        expect(uri.scheme).to(satisfy { |s| %w(http https).include?(s) })
+        expect(uri.scheme).to(satisfy { |s| s.match?(/https?/o) })
       end
     end
 

data/helpers/v2/spec/shared_contexts.rb

@@ -10,7 +10,7 @@ RSpec.shared_context "in a temporary bundler directory" do
   let(:project_name) { "gemfile" }
 
   let(:tmp_path) do
-    Dir.mkdir(TMP_DIR_PATH) unless Dir.exist?(TMP_DIR_PATH)
+    FileUtils.mkdir_p(TMP_DIR_PATH)
     dir = Dir.mktmpdir("native_helper_spec_", TMP_DIR_PATH)
     Pathname.new(dir).expand_path
   end

data/lib/dependabot/bundler/file_fetcher/child_gemfile_finder.rb

@@ -33,8 +33,8 @@ module Dependabot
             path_node = node.children[2]
             unless path_node.type == :str
               path = gemfile.path
-              msg = "Dependabot only supports uninterpolated string arguments "\
-                    "to eval_gemfile. Got "\
+              msg = "Dependabot only supports uninterpolated string arguments " \
+                    "to eval_gemfile. Got " \
                     "`#{path_node.loc.expression.source}`"
               raise Dependabot::DependencyFileNotParseable.new(path, msg)
             end

data/lib/dependabot/bundler/file_fetcher/gemspec_finder.rb

@@ -35,8 +35,8 @@ module Dependabot
 
             unless path_node.type == :str
               path = gemfile.path
-              msg = "Dependabot only supports uninterpolated string arguments "\
-                    "to gemspec. Got "\
+              msg = "Dependabot only supports uninterpolated string arguments " \
+                    "to gemspec. Got " \
                     "`#{path_node.loc.expression.source}`"
               raise Dependabot::DependencyFileNotParseable.new(path, msg)
             end

data/lib/dependabot/bundler/file_fetcher/path_gemspec_finder.rb

@@ -34,8 +34,8 @@ module Dependabot
 
             unless path_node.type == :str
               path = gemfile.path
-              msg = "Dependabot only supports uninterpolated string arguments "\
-                    "for path dependencies. Got "\
+              msg = "Dependabot only supports uninterpolated string arguments " \
+                    "for path dependencies. Got " \
                     "`#{path_node.loc.expression.source}`"
               raise Dependabot::DependencyFileNotParseable.new(path, msg)
             end

data/lib/dependabot/bundler/file_updater/gemfile_updater.rb

@@ -6,6 +6,8 @@ module Dependabot
   module Bundler
     class FileUpdater
       class GemfileUpdater
+        GEMFILE_FILENAMES = %w(Gemfile gems.rb).freeze
+
         require_relative "git_pin_replacer"
         require_relative "git_source_remover"
         require_relative "requirement_replacer"
@@ -68,13 +70,13 @@ module Dependabot
         def remove_git_source?(dependency)
           old_gemfile_req =
             dependency.previous_requirements.
-            find { |f| %w(Gemfile gems.rb).include?(f[:file]) }
+            find { |f| GEMFILE_FILENAMES.include?(f[:file]) }
 
           return false unless old_gemfile_req&.dig(:source, :type) == "git"
 
           new_gemfile_req =
             dependency.requirements.
-            find { |f| %w(Gemfile gems.rb).include?(f[:file]) }
+            find { |f| GEMFILE_FILENAMES.include?(f[:file]) }
 
           new_gemfile_req[:source].nil?
         end
@@ -82,7 +84,7 @@ module Dependabot
         def update_git_pin?(dependency)
           new_gemfile_req =
             dependency.requirements.
-            find { |f| %w(Gemfile gems.rb).include?(f[:file]) }
+            find { |f| GEMFILE_FILENAMES.include?(f[:file]) }
           return false unless new_gemfile_req&.dig(:source, :type) == "git"
 
           # If the new requirement is a git dependency with a ref then there's

data/lib/dependabot/bundler/file_updater/gemspec_sanitizer.rb

@@ -90,9 +90,9 @@ module Dependabot
           def wrap_require(node)
             replace(
               node.loc.expression,
-              "begin\n"\
-              "#{node.loc.expression.source_line}\n"\
-              "rescue LoadError\n"\
+              "begin\n" \
+              "#{node.loc.expression.source_line}\n" \
+              "rescue LoadError\n" \
               "end"
             )
           end

data/lib/dependabot/bundler/file_updater/requirement_replacer.rb

@@ -56,7 +56,7 @@ module Dependabot
             if length_change.positive?
               updated_line.sub(/(?<=\s)\s{#{length_change}}#/, "#")
             elsif length_change.negative?
-              updated_line.sub(/(?<=\s{2})#/, " " * length_change.abs + "#")
+              updated_line.sub(/(?<=\s{2})#/, (" " * length_change.abs) + "#")
             end
 
           updated_lines[updated_line_index] = updated_line

data/lib/dependabot/bundler/metadata_finder.rb

@@ -76,7 +76,7 @@ module Dependabot
       end
 
       def find_source_from_git_url
-        info = dependency.requirements.map { |r| r[:source] }.compact.first
+        info = dependency.requirements.filter_map { |r| r[:source] }.first
 
         url = info[:url] || info.fetch("url")
         Source.from_url(url)
@@ -106,8 +106,8 @@ module Dependabot
 
         rubygems_marshalled_gemspec_response.gsub("\x06;", "\n").
           scan(Dependabot::Source::SOURCE_REGEX) do
-            github_urls << Regexp.last_match.to_s +
-                           Regexp.last_match.post_match.split("\n").first
+            github_urls << (Regexp.last_match.to_s +
+                           Regexp.last_match.post_match.split("\n").first)
           end
 
         github_urls.find do |url|
@@ -124,7 +124,7 @@ module Dependabot
         return @rubygems_marshalled_gemspec_response if defined?(@rubygems_marshalled_gemspec_response)
 
         gemspec_uri =
-          "#{registry_url}quick/Marshal.4.8/"\
+          "#{registry_url}quick/Marshal.4.8/" \
           "#{dependency.name}-#{dependency.version}.gemspec.rz"
 
         response =
@@ -198,7 +198,7 @@ module Dependabot
       def registry_url
         return "https://rubygems.org/" if new_source_type == "default"
 
-        info = dependency.requirements.map { |r| r[:source] }.compact.first
+        info = dependency.requirements.filter_map { |r| r[:source] }.first
         info[:url] || info.fetch("url")
       end
 

data/lib/dependabot/bundler/native_helpers.rb

@@ -63,7 +63,7 @@ module Dependabot
       end
 
       def self.native_helpers_root
-        helpers_root = ENV["DEPENDABOT_NATIVE_HELPERS_PATH"]
+        helpers_root = ENV.fetch("DEPENDABOT_NATIVE_HELPERS_PATH", nil)
         return File.join(helpers_root, "bundler") unless helpers_root.nil?
 
         File.expand_path("../../../helpers", __dir__)

data/lib/dependabot/bundler/update_checker/force_updater.rb

@@ -85,7 +85,7 @@ module Dependabot
           #
           # This is kind of a bug in Bundler, and we should try to fix it,
           # but resolving it won't necessarily be easy.
-          updated_deps.map do |dep|
+          updated_deps.filter_map do |dep|
             original_dep =
               original_dependencies.find { |d| d.name == dep.fetch("name") }
             spec = specs.find { |d| d.fetch("name") == dep.fetch("name") }
@@ -93,7 +93,7 @@ module Dependabot
             next if spec.fetch("version") == original_dep.version
 
             build_dependency(original_dep, spec)
-          end.compact
+          end
         end
 
         def build_dependency(original_dep, updated_spec)

data/lib/dependabot/bundler/update_checker/requirements_updater.rb

@@ -28,7 +28,7 @@ module Dependabot
 
         def updated_requirements
           requirements.map do |req|
-            if req[:file].match?(/\.gemspec/)
+            if req[:file].include?(".gemspec")
               update_gemspec_requirement(req)
             else
               # If a requirement doesn't come from a gemspec, it must be from
@@ -101,7 +101,7 @@ module Dependabot
               when "!="
                 []
               else
-                raise "Unexpected operation for unsatisfied Gemfile "\
+                raise "Unexpected operation for unsatisfied Gemfile " \
                       "requirement: #{op}"
               end
             end

data/lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb

@@ -181,7 +181,7 @@ module Dependabot
             )
             git_specs.reject do |spec|
               uri = URI.parse(spec.fetch("auth_uri"))
-              next false unless %w(http https).include?(uri.scheme)
+              next false unless uri.scheme&.match?(/https?/o)
 
               Dependabot::RegistryClient.get(
                 url: uri.to_s

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-bundler
 version: !ruby/object:Gem::Version
-  version: 0.211.0
+  version: 0.212.0
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-08-23 00:00:00.000000000 Z
+date: 2022-09-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.211.0
+        version: 0.212.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.211.0
+        version: 0.212.0
 - !ruby/object:Gem::Dependency
   name: debase
   requirement: !ruby/object:Gem::Requirement
@@ -86,14 +86,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.11.1
+        version: 3.12.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.11.1
+        version: 3.12.0
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -142,14 +142,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.35.1
+        version: 1.36.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.35.1
+        version: 1.36.0
+- !ruby/object:Gem::Dependency
+  name: rubocop-performance
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.14.2
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.14.2
 - !ruby/object:Gem::Dependency
   name: ruby-debug-ide
   requirement: !ruby/object:Gem::Requirement