dependabot-bundler 0.238.0 → 0.240.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 15ed934b702f4aa5f9486243fa05fb5ff8f25b228a94b28087f496adad2094df
4
- data.tar.gz: e608d86d64de0763edaa50de472dc8769b7edc796c119b1272674d789c428e77
3
+ metadata.gz: 184ec98271bdffb96143021278e853d243203749d328629cc92d42fa59ad0b7f
4
+ data.tar.gz: 1558b1c82b65090f3e452ca8fa109d4a7215914daca83df59f6e1e4155debe16
5
5
  SHA512:
6
- metadata.gz: 772fb2392a262c2c9db7bdbe3ecd6a8e817cc863796e015141497ed9ae43ac4d4cd0e98eb7c245000422eb07c11b3d92a76ca34630f3216190b79dc2d669d524
7
- data.tar.gz: 2cc4dc6fb2ff3a3c464a438ab0e4088e3660acdde352e5821d7609446d6f2ad539b1c4149bd98c683e669e5b0e8f8b6e7d2ff453bf5febfbc3ed415819cbe3e1
6
+ metadata.gz: b0135ab1575dd7348396524cfd2db5dd0a7d9aa9ff5e8ca0c5e2a16167deaecc4f4f548d9bc32c57dade64c72a02c774cbe61f60d696c8887a6acdae9de7d66d
7
+ data.tar.gz: 8cbe26699f6046cf6de8d6df572d679d6cccfdfbcf23b209aceefa02a734d2d22776afc2c61d3facad121cda3139cb9bdbbcc3564838cc1eacac1ef47d45fee3
@@ -0,0 +1,7 @@
1
+ # frozen_string_literal: true
2
+
3
+ source "https://rubygems.org"
4
+
5
+ gem "dependabot-common", path: "../../../common"
6
+
7
+ gemspec path: "../.."
data/helpers/v1/build CHANGED
@@ -1,4 +1,4 @@
1
- #!/bin/bash
1
+ #!/usr/bin/env bash
2
2
 
3
3
  set -e
4
4
 
@@ -24,18 +24,5 @@ export GEM_HOME=$install_dir/.bundle
24
24
  gem install bundler -v 1.17.3 --no-document
25
25
 
26
26
  if [ -z "$DEPENDABOT_NATIVE_HELPERS_PATH" ]; then
27
- # NOTE: For native helper specs, Bundler 2 happily reuses test gems installed
28
- # by the main spec suite, because Bundler automatically searches for Gemfiles
29
- # in parent directories, so we don't need any extra install for native helper
30
- # specs.
31
- #
32
- # However, Bundler 1 installs gems to a slightly different folder structure by
33
- # default, so we need to make sure to explicit install test gems with Bundler
34
- # 1 so that they can be found by Bundler 1. In addition to that, Bundler 1 is
35
- # very picky about the `BUNDLED WITH` section in the lockfile, which has been
36
- # generated with Bundler 2 for the main spec suite. So we also need to delete
37
- # the previously generated lockfile first, so that it has the format Bundler 1
38
- # likes.
39
- rm -f ../../Gemfile.lock
40
27
  BUNDLER_VERSION=1.17.3 bundle install
41
28
  fi
data/helpers/v1/run.rb CHANGED
@@ -1,4 +1,4 @@
1
- # typed: true
1
+ # typed: strict
2
2
  # frozen_string_literal: true
3
3
 
4
4
  gem "bundler", "~> 1.17"
@@ -22,19 +22,15 @@ require "resolver_spec_group_sane_eql"
22
22
 
23
23
  require "functions"
24
24
 
25
- def output(obj)
26
- print JSON.dump(obj)
27
- end
28
-
29
25
  begin
30
26
  request = JSON.parse($stdin.read)
31
27
 
32
28
  function = request["function"]
33
29
  args = request["args"].transform_keys(&:to_sym)
34
30
 
35
- output({ result: Functions.send(function, **args) })
31
+ print JSON.dump({ result: Functions.send(function, **args) })
36
32
  rescue StandardError => e
37
- output(
33
+ print JSON.dump(
38
34
  { error: e.message, error_class: e.class, trace: e.backtrace }
39
35
  )
40
36
  exit(1)
@@ -0,0 +1,7 @@
1
+ # frozen_string_literal: true
2
+
3
+ source "https://rubygems.org"
4
+
5
+ gem "dependabot-common", path: "../../../common"
6
+
7
+ gemspec path: "../.."
data/helpers/v2/build CHANGED
@@ -1,4 +1,4 @@
1
- #!/bin/bash
1
+ #!/usr/bin/env bash
2
2
 
3
3
  set -e
4
4
 
@@ -24,3 +24,7 @@ default_version=$(ruby -rbundler -e'print Bundler::VERSION')
24
24
  export GEM_HOME=$install_dir/.bundle
25
25
 
26
26
  gem install bundler -v "$default_version" --no-document
27
+
28
+ if [ -z "$DEPENDABOT_NATIVE_HELPERS_PATH" ]; then
29
+ bundle install
30
+ fi
@@ -27,17 +27,7 @@ RSpec.shared_context "in a temporary bundler directory" do
27
27
  end
28
28
  end
29
29
 
30
- RSpec.shared_context "without caching rubygems" do
31
- before do
32
- # Stub Bundler to stop it using a cached versions of Rubygems
33
- allow_any_instance_of(Bundler::CompactIndexClient::Updater)
34
- .to receive(:etag_for).and_return("")
35
- end
36
- end
37
-
38
30
  RSpec.shared_context "stub rubygems compact index" do
39
- include_context "without caching rubygems"
40
-
41
31
  before do
42
32
  # Stub the Rubygems index
43
33
  stub_request(:get, "https://index.rubygems.org/versions")
@@ -47,15 +47,7 @@ module Dependabot
47
47
  fetched_files += path_gemspecs
48
48
  fetched_files += require_relative_files(fetched_files)
49
49
 
50
- fetched_files = uniq_files(fetched_files)
51
-
52
- check_required_files_present
53
-
54
- unless self.class.required_files_in?(fetched_files.map(&:name))
55
- raise "Invalid set of files: #{fetched_files.map(&:name)}"
56
- end
57
-
58
- fetched_files
50
+ uniq_files(fetched_files)
59
51
  end
60
52
 
61
53
  private
@@ -66,14 +58,6 @@ module Dependabot
66
58
  .reject { |f| uniq_files.map(&:name).include?(f.name) }
67
59
  end
68
60
 
69
- def check_required_files_present
70
- return if gemfile || gemspecs.any?
71
-
72
- path = Pathname.new(File.join(directory, "Gemfile"))
73
- .cleanpath.to_path
74
- raise Dependabot::DependencyFileNotFound, path
75
- end
76
-
77
61
  def gemfile
78
62
  return @gemfile if defined?(@gemfile)
79
63
 
@@ -12,7 +12,7 @@ module Dependabot
12
12
  class RubyVersionNotFound < StandardError; end
13
13
 
14
14
  RUBY_VERSIONS = %w(
15
- 1.8.7 1.9.3 2.0.0 2.1.10 2.2.10 2.3.8 2.4.10 2.5.9 2.6.9 2.7.6 3.0.6 3.1.4 3.2.2
15
+ 1.8.7 1.9.3 2.0.0 2.1.10 2.2.10 2.3.8 2.4.10 2.5.9 2.6.9 2.7.6 3.0.6 3.1.4 3.2.2 3.3.0
16
16
  ).freeze
17
17
 
18
18
  attr_reader :gemspec
@@ -1,14 +1,20 @@
1
1
  # typed: true
2
2
  # frozen_string_literal: true
3
3
 
4
+ require "sorbet-runtime"
5
+
6
+ require "dependabot/requirement"
4
7
  require "dependabot/utils"
5
8
 
6
9
  module Dependabot
7
10
  module Bundler
8
- class Requirement < Gem::Requirement
11
+ class Requirement < Dependabot::Requirement
12
+ extend T::Sig
13
+
9
14
  # For consistency with other languages, we define a requirements array.
10
15
  # Ruby doesn't have an `OR` separator for requirements, so it always
11
16
  # contains a single element.
17
+ sig { override.params(requirement_string: T.nilable(String)).returns(T::Array[Requirement]) }
12
18
  def self.requirements_array(requirement_string)
13
19
  [new(requirement_string)]
14
20
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-bundler
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.238.0
4
+ version: 0.240.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-12-07 00:00:00.000000000 Z
11
+ date: 2024-01-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.238.0
19
+ version: 0.240.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.238.0
26
+ version: 0.240.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -114,14 +114,14 @@ dependencies:
114
114
  requirements:
115
115
  - - "~>"
116
116
  - !ruby/object:Gem::Version
117
- version: 1.57.2
117
+ version: 1.58.0
118
118
  type: :development
119
119
  prerelease: false
120
120
  version_requirements: !ruby/object:Gem::Requirement
121
121
  requirements:
122
122
  - - "~>"
123
123
  - !ruby/object:Gem::Version
124
- version: 1.57.2
124
+ version: 1.58.0
125
125
  - !ruby/object:Gem::Dependency
126
126
  name: rubocop-performance
127
127
  requirement: !ruby/object:Gem::Requirement
@@ -206,6 +206,20 @@ dependencies:
206
206
  - - "~>"
207
207
  - !ruby/object:Gem::Version
208
208
  version: '3.18'
209
+ - !ruby/object:Gem::Dependency
210
+ name: webrick
211
+ requirement: !ruby/object:Gem::Requirement
212
+ requirements:
213
+ - - ">="
214
+ - !ruby/object:Gem::Version
215
+ version: '1.7'
216
+ type: :development
217
+ prerelease: false
218
+ version_requirements: !ruby/object:Gem::Requirement
219
+ requirements:
220
+ - - ">="
221
+ - !ruby/object:Gem::Version
222
+ version: '1.7'
209
223
  description: Dependabot-Bundler provides support for bumping Ruby (bundler) gems via
210
224
  Dependabot. If you want support for multiple package managers, you probably want
211
225
  the meta-gem dependabot-omnibus.
@@ -215,6 +229,7 @@ extensions: []
215
229
  extra_rdoc_files: []
216
230
  files:
217
231
  - helpers/v1/.gitignore
232
+ - helpers/v1/Gemfile
218
233
  - helpers/v1/build
219
234
  - helpers/v1/lib/functions.rb
220
235
  - helpers/v1/lib/functions/conflicting_dependency_resolver.rb
@@ -237,6 +252,7 @@ files:
237
252
  - helpers/v1/spec/native_spec_helper.rb
238
253
  - helpers/v1/spec/shared_contexts.rb
239
254
  - helpers/v2/.gitignore
255
+ - helpers/v2/Gemfile
240
256
  - helpers/v2/build
241
257
  - helpers/v2/lib/functions.rb
242
258
  - helpers/v2/lib/functions/conflicting_dependency_resolver.rb
@@ -296,7 +312,7 @@ licenses:
296
312
  - Nonstandard
297
313
  metadata:
298
314
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
299
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.238.0
315
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.240.0
300
316
  post_install_message:
301
317
  rdoc_options: []
302
318
  require_paths: