dependabot-bundler 0.265.0 → 0.267.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/helpers/v1/monkey_patches/resolver_spec_group_sane_eql.rb +1 -1
  3. data/helpers/v2/lib/functions/force_updater.rb +22 -11
  4. metadata +7 -7
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 1d837627e4b7f0b89fba5bf610da2537ff7c794c2bfa274e4107fb17a5cb6892
4
- data.tar.gz: bf2c9faaea5a3383fb132a00c1e0ad24422ebca868d08180b7bddc136060ffeb
3
+ metadata.gz: 1e357e6fc4d35510809265927eee0e2bb31f6a04e83193b5031966c53b6801f6
4
+ data.tar.gz: a6868142bd65fa6c78a9971d5e9cb6872408f4055e1e7fed655ef693a7d762d0
5
5
  SHA512:
6
- metadata.gz: c4d95df44cf030707e74a9cfe2c4c76efa26e8edbda9778f08befd5bb17daf1f913f13638ae977a70c5902cc48f304356570364b66fe212cd09868743e21d470
7
- data.tar.gz: ad22e17aa52f00e9ab78938781407da1f95d58b5002ee1a7923397cad80ea0ba2b76193ba9de2b5030fc34e7e90abd41fe46e117d7fc32202e80623d668b847c
6
+ metadata.gz: d508e07d23e23125d89b16d43d65ee637315e07a0e78029a6f40b96e167fbd36511803ef83275b303d3df4cdc251dce4ccc0696c0efe68967f461e0a2fb1c70f
7
+ data.tar.gz: 92c1f567ebe086f7749110704d3b21d38aacccdcc16f9b6b536505a95c44e19e5630aa4f32872c0dc15ab076ffa1ad758e09ddcd205569007e3a5647ec061d35
data/helpers/v1/monkey_patches/resolver_spec_group_sane_eql.rb CHANGED
@@ -11,7 +11,7 @@ module BundlerResolverSpecGroupSaneEql
11
11
  def eql?(other)
12
12
  return false unless other.is_a?(self.class)
13
13
 
14
- super(other)
14
+ super
15
15
  end
16
16
  end
17
17
 
data/helpers/v2/lib/functions/force_updater.rb CHANGED
@@ -3,7 +3,6 @@
3
3
 
4
4
  module Functions
5
5
  class ForceUpdater
6
- class TransitiveDependencyError < StandardError; end
7
6
  class TopLevelDependencyDowngradedError < StandardError; end
8
7
 
9
8
  def initialize(dependency_name:, target_version:, gemfile_name:,
@@ -120,16 +119,28 @@ module Functions
120
119
  dep = definition.dependencies
121
120
  .find { |d| d.name == dependency_name }
122
121
 
123
- # If the dependency is not found in the Gemfile it means this is a
124
- # transitive dependency that we can't force update.
125
- raise TransitiveDependencyError unless dep
126
-
127
- # Set the requirement for the gem we're forcing an update of
128
- new_req = Gem::Requirement.create("= #{target_version}")
129
- dep.instance_variable_set(:@requirement, new_req)
130
- dep.source = nil if dep.source.is_a?(Bundler::Source::Git)
131
-
132
- definition
122
+ if dep
123
+ # Set the requirement for the gem we're forcing an update of
124
+ new_req = Gem::Requirement.create("= #{target_version}")
125
+ dep.instance_variable_set(:@requirement, new_req)
126
+ dep.source = nil if dep.source.is_a?(Bundler::Source::Git)
127
+
128
+ definition
129
+ else
130
+ # If the dependency is not found in the Gemfile it means this is a
131
+ # transitive dependency. To force update it, we recreate a definition
132
+ # from the Gemfile, but add an extra dependency to it that pins the
133
+ # dependency we want to update.
134
+ gemfile = Pathname.new(gemfile_name).expand_path
135
+ builder = Bundler::Dsl.new
136
+ builder.eval_gemfile(gemfile)
137
+ builder.gem dependency_name, "= #{target_version}"
138
+ builder.to_definition(
139
+ lockfile_name,
140
+ gems: gems_to_unlock + subdependencies,
141
+ conservative: true
142
+ )
143
+ end
133
144
  end
134
145
 
135
146
  def lockfile
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-bundler
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.265.0
4
+ version: 0.267.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-07-11 00:00:00.000000000 Z
11
+ date: 2024-07-25 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.265.0
19
+ version: 0.267.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.265.0
26
+ version: 0.267.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: parallel
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -128,14 +128,14 @@ dependencies:
128
128
  requirements:
129
129
  - - "~>"
130
130
  - !ruby/object:Gem::Version
131
- version: 1.63.2
131
+ version: 1.65.0
132
132
  type: :development
133
133
  prerelease: false
134
134
  version_requirements: !ruby/object:Gem::Requirement
135
135
  requirements:
136
136
  - - "~>"
137
137
  - !ruby/object:Gem::Version
138
- version: 1.63.2
138
+ version: 1.65.0
139
139
  - !ruby/object:Gem::Dependency
140
140
  name: rubocop-performance
141
141
  requirement: !ruby/object:Gem::Requirement
@@ -345,7 +345,7 @@ licenses:
345
345
  - MIT
346
346
  metadata:
347
347
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
348
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.265.0
348
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.267.0
349
349
  post_install_message:
350
350
  rdoc_options: []
351
351
  require_paths: