dependabot-bundler 0.247.0 → 0.249.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (24) hide show
  1. checksums.yaml +4 -4
  2. data/helpers/v1/lib/functions/conflicting_dependency_resolver.rb +3 -1
  3. data/helpers/v1/lib/functions/dependency_source.rb +2 -1
  4. data/helpers/v1/lib/functions/force_updater.rb +6 -3
  5. data/helpers/v1/lib/functions/lockfile_updater.rb +3 -1
  6. data/helpers/v1/lib/functions/version_resolver.rb +4 -2
  7. data/helpers/v2/lib/functions/conflicting_dependency_resolver.rb +3 -1
  8. data/helpers/v2/lib/functions/dependency_source.rb +2 -1
  9. data/helpers/v2/lib/functions/force_updater.rb +6 -3
  10. data/helpers/v2/lib/functions/lockfile_updater.rb +3 -1
  11. data/helpers/v2/lib/functions/version_resolver.rb +4 -2
  12. data/lib/dependabot/bundler/file_updater/gemfile_updater.rb +2 -1
  13. data/lib/dependabot/bundler/file_updater/gemspec_updater.rb +2 -1
  14. data/lib/dependabot/bundler/file_updater/git_pin_replacer.rb +4 -2
  15. data/lib/dependabot/bundler/file_updater/lockfile_updater.rb +5 -2
  16. data/lib/dependabot/bundler/file_updater/requirement_replacer.rb +7 -3
  17. data/lib/dependabot/bundler/update_checker/file_preparer.rb +4 -2
  18. data/lib/dependabot/bundler/update_checker/force_updater.rb +7 -3
  19. data/lib/dependabot/bundler/update_checker/latest_version_finder/dependency_source.rb +5 -2
  20. data/lib/dependabot/bundler/update_checker/latest_version_finder.rb +7 -3
  21. data/lib/dependabot/bundler/update_checker/requirements_updater.rb +5 -3
  22. data/lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb +3 -1
  23. data/lib/dependabot/bundler/update_checker/version_resolver.rb +8 -4
  24. metadata +5 -5
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: dcd4f16b3bd7636cd65c77255a1d3b37888a0b3b0294ac4974035e9642debd02
4
- data.tar.gz: 011fb6db795058131d051d1533973d0df2c61a5bb976bfc7b6a15d4ca337206b
3
+ metadata.gz: 50db9496d0a2c1f3ecfb49e52507a415b6e358decd88c34193657d1a2ab6dc73
4
+ data.tar.gz: b429248eb9208ac6a41531d629b982460d8b26e2cdd076c5825e18e75cfcd16c
5
5
  SHA512:
6
- metadata.gz: 9a59aa6f31d04899347ea046f1b94211d1816bae26a23f7ef228adc8ed2204e8835dc456de2047b467a7d0a5a8f7532b2aa148a554d7d988094b8055aa824bd4
7
- data.tar.gz: b2896086152ffa5138f47e1eea0b628869eab812348c7e988f834b5aa69c54f1971d7937251670ee08453f93e6d3e03df54ccec309d229768435f36d951a83cd
6
+ metadata.gz: 4d859f27c4d5b3795decbfc0b544bfe1c78a283d8a1ae8164180903da6d62a26160b4e37db30b9abadd21fb43d6dc3b777d8a1f5e39fecd81d020719a5cb99ed
7
+ data.tar.gz: f1891f3e228c16c200ae5f5a699009ba6efdce98dbe64020693f1735b6eeb0d40d03fca41037a52d27f9b936c7bd22fb737dc981b74e3a68da964b284f1c95d7
@@ -34,7 +34,9 @@ module Functions
34
34
 
35
35
  private
36
36
 
37
- attr_reader :dependency_name, :target_version, :lockfile_name
37
+ attr_reader :dependency_name
38
+ attr_reader :target_version
39
+ attr_reader :lockfile_name
38
40
 
39
41
  def parent_specs
40
42
  version = Gem::Version.new(target_version)
@@ -3,7 +3,8 @@
3
3
 
4
4
  module Functions
5
5
  class DependencySource
6
- attr_reader :gemfile_name, :dependency_name
6
+ attr_reader :gemfile_name
7
+ attr_reader :dependency_name
7
8
 
8
9
  RUBYGEMS = "rubygems"
9
10
  PRIVATE_REGISTRY = "private"
@@ -56,9 +56,12 @@ module Functions
56
56
 
57
57
  private
58
58
 
59
- attr_reader :dependency_name, :target_version, :gemfile_name,
60
- :lockfile_name, :credentials,
61
- :update_multiple_dependencies
59
+ attr_reader :dependency_name
60
+ attr_reader :target_version
61
+ attr_reader :gemfile_name
62
+ attr_reader :lockfile_name
63
+ attr_reader :credentials
64
+ attr_reader :update_multiple_dependencies
62
65
  alias update_multiple_dependencies? update_multiple_dependencies
63
66
 
64
67
  def new_dependencies_to_unlock_from(error:, already_unlocked:)
@@ -25,7 +25,9 @@ module Functions
25
25
 
26
26
  private
27
27
 
28
- attr_reader :gemfile_name, :lockfile_name, :dependencies
28
+ attr_reader :gemfile_name
29
+ attr_reader :lockfile_name
30
+ attr_reader :dependencies
29
31
 
30
32
  def generate_lockfile # rubocop:disable Metrics/PerceivedComplexity
31
33
  dependencies_to_unlock = dependencies.map { |d| d.fetch("name") }
@@ -5,8 +5,10 @@ module Functions
5
5
  class VersionResolver
6
6
  GEM_NOT_FOUND_ERROR_REGEX = /locked to (?<name>[^\s]+) \(/
7
7
 
8
- attr_reader :dependency_name, :dependency_requirements,
9
- :gemfile_name, :lockfile_name
8
+ attr_reader :dependency_name
9
+ attr_reader :dependency_requirements
10
+ attr_reader :gemfile_name
11
+ attr_reader :lockfile_name
10
12
 
11
13
  def initialize(dependency_name:, dependency_requirements:,
12
14
  gemfile_name:, lockfile_name:)
@@ -32,7 +32,9 @@ module Functions
32
32
 
33
33
  private
34
34
 
35
- attr_reader :dependency_name, :target_version, :lockfile_name
35
+ attr_reader :dependency_name
36
+ attr_reader :target_version
37
+ attr_reader :lockfile_name
36
38
 
37
39
  def parent_specs
38
40
  version = Gem::Version.new(target_version)
@@ -3,7 +3,8 @@
3
3
 
4
4
  module Functions
5
5
  class DependencySource
6
- attr_reader :gemfile_name, :dependency_name
6
+ attr_reader :gemfile_name
7
+ attr_reader :dependency_name
7
8
 
8
9
  RUBYGEMS = "rubygems"
9
10
  PRIVATE_REGISTRY = "private"
@@ -57,9 +57,12 @@ module Functions
57
57
 
58
58
  private
59
59
 
60
- attr_reader :dependency_name, :target_version, :gemfile_name,
61
- :lockfile_name, :credentials,
62
- :update_multiple_dependencies
60
+ attr_reader :dependency_name
61
+ attr_reader :target_version
62
+ attr_reader :gemfile_name
63
+ attr_reader :lockfile_name
64
+ attr_reader :credentials
65
+ attr_reader :update_multiple_dependencies
63
66
  alias update_multiple_dependencies? update_multiple_dependencies
64
67
 
65
68
  def extra_top_level_deps(specs)
@@ -26,7 +26,9 @@ module Functions
26
26
 
27
27
  private
28
28
 
29
- attr_reader :gemfile_name, :lockfile_name, :dependencies
29
+ attr_reader :gemfile_name
30
+ attr_reader :lockfile_name
31
+ attr_reader :dependencies
30
32
 
31
33
  def generate_lockfile # rubocop:disable Metrics/PerceivedComplexity
32
34
  dependencies_to_unlock = dependencies.map { |d| d.fetch("name") }
@@ -5,8 +5,10 @@ module Functions
5
5
  class VersionResolver
6
6
  GEM_NOT_FOUND_ERROR_REGEX = /locked to (?<name>[^\s]+) \(/
7
7
 
8
- attr_reader :dependency_name, :dependency_requirements,
9
- :gemfile_name, :lockfile_name
8
+ attr_reader :dependency_name
9
+ attr_reader :dependency_requirements
10
+ attr_reader :gemfile_name
11
+ attr_reader :lockfile_name
10
12
 
11
13
  def initialize(dependency_name:, dependency_requirements:,
12
14
  gemfile_name:, lockfile_name:)
@@ -38,7 +38,8 @@ module Dependabot
38
38
 
39
39
  private
40
40
 
41
- attr_reader :dependencies, :gemfile
41
+ attr_reader :dependencies
42
+ attr_reader :gemfile
42
43
 
43
44
  def replace_gemfile_version_requirement(dependency, file, content)
44
45
  return content unless requirement_changed?(file, dependency)
@@ -28,7 +28,8 @@ module Dependabot
28
28
 
29
29
  private
30
30
 
31
- attr_reader :dependencies, :gemspec
31
+ attr_reader :dependencies
32
+ attr_reader :gemspec
32
33
 
33
34
  def replace_gemspec_version_requirement(gemspec, dependency, content)
34
35
  return content unless requirement_changed?(gemspec, dependency)
@@ -8,7 +8,8 @@ module Dependabot
8
8
  module Bundler
9
9
  class FileUpdater
10
10
  class GitPinReplacer
11
- attr_reader :dependency, :new_pin
11
+ attr_reader :dependency
12
+ attr_reader :new_pin
12
13
 
13
14
  def initialize(dependency:, new_pin:)
14
15
  @dependency = dependency
@@ -27,7 +28,8 @@ module Dependabot
27
28
 
28
29
  class Rewriter < Parser::TreeRewriter
29
30
  PIN_KEYS = %i(ref tag).freeze
30
- attr_reader :dependency, :new_pin
31
+ attr_reader :dependency
32
+ attr_reader :new_pin
31
33
 
32
34
  def initialize(dependency:, new_pin:)
33
35
  @dependency = dependency
@@ -54,8 +54,11 @@ module Dependabot
54
54
 
55
55
  private
56
56
 
57
- attr_reader :dependencies, :dependency_files, :repo_contents_path,
58
- :credentials, :options
57
+ attr_reader :dependencies
58
+ attr_reader :dependency_files
59
+ attr_reader :repo_contents_path
60
+ attr_reader :credentials
61
+ attr_reader :options
59
62
 
60
63
  def build_updated_lockfile
61
64
  base_dir = dependency_files.first.directory
@@ -8,8 +8,10 @@ module Dependabot
8
8
  module Bundler
9
9
  class FileUpdater
10
10
  class RequirementReplacer
11
- attr_reader :dependency, :file_type, :updated_requirement,
12
- :previous_requirement
11
+ attr_reader :dependency
12
+ attr_reader :file_type
13
+ attr_reader :updated_requirement
14
+ attr_reader :previous_requirement
13
15
 
14
16
  def initialize(dependency:, file_type:, updated_requirement:,
15
17
  previous_requirement: nil, insert_if_bare: false)
@@ -115,7 +117,9 @@ module Dependabot
115
117
 
116
118
  private
117
119
 
118
- attr_reader :dependency, :file_type, :updated_requirement
120
+ attr_reader :dependency
121
+ attr_reader :file_type
122
+ attr_reader :updated_requirement
119
123
 
120
124
  def insert_if_bare?
121
125
  @insert_if_bare
@@ -102,8 +102,10 @@ module Dependabot
102
102
 
103
103
  private
104
104
 
105
- attr_reader :dependency_files, :dependency, :replacement_git_pin,
106
- :latest_allowable_version
105
+ attr_reader :dependency_files
106
+ attr_reader :dependency
107
+ attr_reader :replacement_git_pin
108
+ attr_reader :latest_allowable_version
107
109
 
108
110
  def remove_git_source?
109
111
  @remove_git_source
@@ -38,9 +38,13 @@ module Dependabot
38
38
 
39
39
  private
40
40
 
41
- attr_reader :dependency, :dependency_files, :repo_contents_path,
42
- :credentials, :target_version, :requirements_update_strategy,
43
- :options
41
+ attr_reader :dependency
42
+ attr_reader :dependency_files
43
+ attr_reader :repo_contents_path
44
+ attr_reader :credentials
45
+ attr_reader :target_version
46
+ attr_reader :requirements_update_strategy
47
+ attr_reader :options
44
48
 
45
49
  def update_multiple_dependencies?
46
50
  @update_multiple_dependencies
@@ -21,8 +21,11 @@ module Dependabot
21
21
  GIT = "git"
22
22
  OTHER = "other"
23
23
 
24
- attr_reader :dependency, :dependency_files, :repo_contents_path,
25
- :credentials, :options
24
+ attr_reader :dependency
25
+ attr_reader :dependency_files
26
+ attr_reader :repo_contents_path
27
+ attr_reader :credentials
28
+ attr_reader :options
26
29
 
27
30
  def initialize(dependency:,
28
31
  dependency_files:,
@@ -41,9 +41,13 @@ module Dependabot
41
41
 
42
42
  private
43
43
 
44
- attr_reader :dependency, :dependency_files, :repo_contents_path,
45
- :credentials, :ignored_versions, :security_advisories,
46
- :options
44
+ attr_reader :dependency
45
+ attr_reader :dependency_files
46
+ attr_reader :repo_contents_path
47
+ attr_reader :credentials
48
+ attr_reader :ignored_versions
49
+ attr_reader :security_advisories
50
+ attr_reader :options
47
51
 
48
52
  def fetch_latest_version_details
49
53
  return dependency_source.latest_git_version_details if dependency_source.git?
@@ -54,9 +54,11 @@ module Dependabot
54
54
 
55
55
  private
56
56
 
57
- attr_reader :requirements, :updated_source,
58
- :latest_version, :latest_resolvable_version,
59
- :update_strategy
57
+ attr_reader :requirements
58
+ attr_reader :updated_source
59
+ attr_reader :latest_version
60
+ attr_reader :latest_resolvable_version
61
+ attr_reader :update_strategy
60
62
 
61
63
  def check_update_strategy
62
64
  return if ALLOWED_UPDATE_STRATEGIES.include?(update_strategy)
@@ -41,7 +41,9 @@ module Dependabot
41
41
  Bundler::Fetcher::FallbackError
42
42
  ).freeze
43
43
 
44
- attr_reader :dependency_files, :repo_contents_path, :credentials
44
+ attr_reader :dependency_files
45
+ attr_reader :repo_contents_path
46
+ attr_reader :credentials
45
47
 
46
48
  #########################
47
49
  # Bundler context setup #
@@ -53,10 +53,14 @@ module Dependabot
53
53
 
54
54
  private
55
55
 
56
- attr_reader :dependency, :unprepared_dependency_files,
57
- :repo_contents_path, :credentials, :ignored_versions,
58
- :replacement_git_pin, :latest_allowable_version,
59
- :options
56
+ attr_reader :dependency
57
+ attr_reader :unprepared_dependency_files
58
+ attr_reader :repo_contents_path
59
+ attr_reader :credentials
60
+ attr_reader :ignored_versions
61
+ attr_reader :replacement_git_pin
62
+ attr_reader :latest_allowable_version
63
+ attr_reader :options
60
64
 
61
65
  def remove_git_source?
62
66
  @remove_git_source
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-bundler
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.247.0
4
+ version: 0.249.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-03-14 00:00:00.000000000 Z
11
+ date: 2024-03-28 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.247.0
19
+ version: 0.249.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.247.0
26
+ version: 0.249.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -327,7 +327,7 @@ licenses:
327
327
  - Nonstandard
328
328
  metadata:
329
329
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
330
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.247.0
330
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.249.0
331
331
  post_install_message:
332
332
  rdoc_options: []
333
333
  require_paths: