dependabot-bundler 0.226.0 → 0.228.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. data/helpers/v1/lib/functions/force_updater.rb +2 -2
  3. data/helpers/v1/lib/functions/lockfile_updater.rb +3 -5
  4. data/helpers/v1/lib/functions/version_resolver.rb +2 -2
  5. data/helpers/v1/lib/functions.rb +1 -1
  6. data/helpers/v1/monkey_patches/resolver_spec_group_sane_eql.rb +1 -1
  7. data/helpers/v2/lib/functions/lockfile_updater.rb +3 -3
  8. data/helpers/v2/lib/functions/version_resolver.rb +2 -2
  9. data/helpers/v2/lib/functions.rb +1 -1
  10. data/lib/dependabot/bundler/native_helpers.rb +3 -1
  11. metadata +9 -9
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 62e7833c9a64fc684512d74fa39ce224e18754731dddb5208d7984f920c54467
4
- data.tar.gz: c598beadef625a3c4789a34cc52066bd96cc2b9b5a17e4c47b38ae3e2d96641c
3
+ metadata.gz: ebac6a7c9946a6ae4f667692707a5ffe26f8e6e2fa835313ae5b572d2996d3c3
4
+ data.tar.gz: 4169bdf566aeea7ca0b2015c0a2aaabb2a92881d7846b307fe8fe3f61bcc7489
5
5
  SHA512:
6
- metadata.gz: 0d86274e3b7f9e971b6add631c155b67843fe5adbbf719b73934517b73824feca2eeb41ca37ab9557c9bb5737b67208f039cc7e852e73d97f3d1b40d4e77a0af
7
- data.tar.gz: 105562225882a8b562ff3afdd2851a2fc05d7a0ee0ff61993b9688e4e5df0f6dffcb1f077e6b43a75150758d5ea1960eda2dbb30963a08bded17980d65b339c1
6
+ metadata.gz: 13014772dbb1504f74623f0a31c456b7110d5fc481159888a6d0a21247152dfb8871839fba07c554632ba9d6f7ce8d893a917b864d865d6c6196f9c1e506a351
7
+ data.tar.gz: 7337fb4b3d6bee80b1ace3de1d6a43cecdf5d266294cec46b51b7c61510693e7ead810a3203b516f3e9871eaecb00a6cff3fbb6fff0301b4083df90f5aa0bf95
data/helpers/v1/lib/functions/force_updater.rb CHANGED
@@ -147,10 +147,10 @@ module Functions
147
147
  return [] unless lockfile
148
148
 
149
149
  all_deps = Bundler::LockfileParser.new(lockfile).
150
- specs.map(&:name).map(&:to_s)
150
+ specs.map { |x| x.name.to_s }
151
151
  top_level = Bundler::Definition.
152
152
  build(gemfile_name, lockfile_name, {}).
153
- dependencies.map(&:name).map(&:to_s)
153
+ dependencies.map { |x| x.name.to_s }
154
154
 
155
155
  all_deps - top_level
156
156
  end
data/helpers/v1/lib/functions/lockfile_updater.rb CHANGED
@@ -136,12 +136,11 @@ module Functions
136
136
  dependencies_to_unlock << gem_name
137
137
  end
138
138
 
139
- # rubocop:disable Metrics/PerceivedComplexity
140
139
  def unlock_blocking_subdeps(dependencies_to_unlock, error)
141
140
  all_deps = Bundler::LockfileParser.new(lockfile).
142
- specs.map(&:name).map(&:to_s)
141
+ specs.map { |x| x.name.to_s }
143
142
  top_level = build_definition([]).dependencies.
144
- map(&:name).map(&:to_s)
143
+ map { |x| x.name.to_s }
145
144
  allowed_new_unlocks = all_deps - top_level - dependencies_to_unlock
146
145
 
147
146
  raise if allowed_new_unlocks.none?
@@ -163,7 +162,6 @@ module Functions
163
162
  # information to chart the full path through all conflicts unwound
164
163
  dependencies_to_unlock.append(*allowed_new_unlocks)
165
164
  end
166
- # rubocop:enable Metrics/PerceivedComplexity
167
165
 
168
166
  def build_definition(dependencies_to_unlock)
169
167
  defn = Bundler::Definition.build(
@@ -177,7 +175,7 @@ module Functions
177
175
  # subdeps unlocked, like they were in the UpdateChecker, so we
178
176
  # mutate the unlocked gems array.
179
177
  unlocked = defn.instance_variable_get(:@unlock).fetch(:gems)
180
- must_not_unlock = defn.dependencies.map(&:name).map(&:to_s) -
178
+ must_not_unlock = defn.dependencies.map { |x| x.name.to_s } -
181
179
  dependencies_to_unlock
182
180
  unlocked.reject! { |n| must_not_unlock.include?(n) }
183
181
 
data/helpers/v1/lib/functions/version_resolver.rb CHANGED
@@ -82,9 +82,9 @@ module Functions
82
82
  return [] unless lockfile
83
83
 
84
84
  all_deps = ::Bundler::LockfileParser.new(lockfile).
85
- specs.map(&:name).map(&:to_s).uniq
85
+ specs.map { |x| x.name.to_s }.uniq
86
86
  top_level = build_definition([]).dependencies.
87
- map(&:name).map(&:to_s)
87
+ map { |x| x.name.to_s }
88
88
 
89
89
  all_deps - top_level
90
90
  end
data/helpers/v1/lib/functions.rb CHANGED
@@ -127,7 +127,7 @@ module Functions
127
127
  end
128
128
 
129
129
  def self.set_bundler_flags_and_credentials(dir:, credentials:)
130
- dir = dir ? Pathname.new(dir) : dir
130
+ dir = Pathname.new(dir) if dir
131
131
  Bundler.instance_variable_set(:@root, dir)
132
132
 
133
133
  # Remove installed gems from the default Rubygems index
data/helpers/v1/monkey_patches/resolver_spec_group_sane_eql.rb CHANGED
@@ -8,7 +8,7 @@ require "bundler/resolver/spec_group"
8
8
 
9
9
  module BundlerResolverSpecGroupSaneEql
10
10
  def eql?(other)
11
- return unless other.is_a?(self.class)
11
+ return false unless other.is_a?(self.class)
12
12
 
13
13
  super(other)
14
14
  end
data/helpers/v2/lib/functions/lockfile_updater.rb CHANGED
@@ -144,9 +144,9 @@ module Functions
144
144
  end
145
145
 
146
146
  def unlock_blocking_subdeps(dependencies_to_unlock, error)
147
- all_deps = lockfile_specs.map(&:name).map(&:to_s)
147
+ all_deps = lockfile_specs.map { |x| x.name.to_s }
148
148
  top_level = build_definition([]).dependencies.
149
- map(&:name).map(&:to_s)
149
+ map { |x| x.name.to_s }
150
150
  allowed_new_unlocks = all_deps - top_level - dependencies_to_unlock
151
151
 
152
152
  raise if allowed_new_unlocks.none?
@@ -187,7 +187,7 @@ module Functions
187
187
  # subdeps unlocked, like they were in the UpdateChecker, so we
188
188
  # mutate the unlocked gems array.
189
189
  unlocked = defn.instance_variable_get(:@unlock).fetch(:gems)
190
- must_not_unlock = defn.dependencies.map(&:name).map(&:to_s) -
190
+ must_not_unlock = defn.dependencies.map { |x| x.name.to_s } -
191
191
  dependencies_to_unlock
192
192
  unlocked.reject! { |n| must_not_unlock.include?(n) }
193
193
 
data/helpers/v2/lib/functions/version_resolver.rb CHANGED
@@ -82,9 +82,9 @@ module Functions
82
82
  return [] unless lockfile
83
83
 
84
84
  all_deps = ::Bundler::LockfileParser.new(lockfile).
85
- specs.map(&:name).map(&:to_s).uniq
85
+ specs.map { |x| x.name.to_s }.uniq
86
86
  top_level = build_definition([]).dependencies.
87
- map(&:name).map(&:to_s)
87
+ map { |x| x.name.to_s }
88
88
 
89
89
  all_deps - top_level
90
90
  end
data/helpers/v2/lib/functions.rb CHANGED
@@ -129,7 +129,7 @@ module Functions
129
129
  end
130
130
 
131
131
  def self.set_bundler_flags_and_credentials(dir:, credentials:)
132
- dir = dir ? Pathname.new(dir) : dir
132
+ dir = Pathname.new(dir) if dir
133
133
  Bundler.instance_variable_set(:@root, dir)
134
134
 
135
135
  # Remove installed gems from the default Rubygems index
data/lib/dependabot/bundler/native_helpers.rb CHANGED
@@ -45,7 +45,9 @@ module Dependabot
45
45
  function: function,
46
46
  args: args,
47
47
  env: {
48
- # Prevent the GEM_HOME from being set to a folder owned by root
48
+ # Set BUNDLE_PATH to a thread-safe location
49
+ "BUNDLE_PATH" => File.join(Dependabot::Utils::BUMP_TMP_DIR_PATH, ".bundle"),
50
+ # Set GEM_HOME to where the proper version of Bundler is installed
49
51
  "GEM_HOME" => File.join(helpers_path, ".bundle")
50
52
  }
51
53
  )
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-bundler
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.226.0
4
+ version: 0.228.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-08-11 00:00:00.000000000 Z
11
+ date: 2023-08-25 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.226.0
19
+ version: 0.228.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.226.0
26
+ version: 0.228.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -114,28 +114,28 @@ dependencies:
114
114
  requirements:
115
115
  - - "~>"
116
116
  - !ruby/object:Gem::Version
117
- version: 1.50.0
117
+ version: 1.56.0
118
118
  type: :development
119
119
  prerelease: false
120
120
  version_requirements: !ruby/object:Gem::Requirement
121
121
  requirements:
122
122
  - - "~>"
123
123
  - !ruby/object:Gem::Version
124
- version: 1.50.0
124
+ version: 1.56.0
125
125
  - !ruby/object:Gem::Dependency
126
126
  name: rubocop-performance
127
127
  requirement: !ruby/object:Gem::Requirement
128
128
  requirements:
129
129
  - - "~>"
130
130
  - !ruby/object:Gem::Version
131
- version: 1.18.0
131
+ version: 1.19.0
132
132
  type: :development
133
133
  prerelease: false
134
134
  version_requirements: !ruby/object:Gem::Requirement
135
135
  requirements:
136
136
  - - "~>"
137
137
  - !ruby/object:Gem::Version
138
- version: 1.18.0
138
+ version: 1.19.0
139
139
  - !ruby/object:Gem::Dependency
140
140
  name: stackprof
141
141
  requirement: !ruby/object:Gem::Requirement
@@ -268,7 +268,7 @@ licenses:
268
268
  - Nonstandard
269
269
  metadata:
270
270
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
271
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.226.0
271
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.228.0
272
272
  post_install_message:
273
273
  rdoc_options: []
274
274
  require_paths: