dependabot-bundler 0.282.0 → 0.284.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: dc2a519df49ba5e70d775ecd33a8c6f37b8d6e5d72a1edef00263ffb32ac6083
4
- data.tar.gz: 434dde152114da717c54335e4cbb41695ace56364546d6c3f0c6bd4b518d547f
3
+ metadata.gz: 48a9435c67c8a6b58134c7a80486d74ab609273e937c10eed74191426d6cded8
4
+ data.tar.gz: a139d9cc839fddffc0e0ca6ef3b8a7ab87d9a1ae2d82e5404e16b1823502cf2e
5
5
  SHA512:
6
- metadata.gz: c30ef3bf34f65c77382d32d7ff15ec235d2e5aa7695d68113cc355522da4a1cd653981647ccd371ebca4d2a73e54408e1861b6fa18536fec5ebee43f4942f2d2
7
- data.tar.gz: 34ab8e4487a0673ac05c03f621387d46f4f8c4bd7a0e41d0a95cda85d7ffc0234a7cead32653877ce4dad6300f90ac50a7ae3b3cc494b220d3d9adca2242b9ec
6
+ metadata.gz: 9612d984f30f3e0cfa5079a1c34be49112fe4de0e93aabca848a70f5438ae722acd958746950f7ff94404f66ce14bc50ec8604014e933e7877d7fb0cdf013bdc
7
+ data.tar.gz: c2edeee8f3df7b37c19b747b4e54a6d34846efde4ab76a26d14302124432b77901c57afedc3cad21a95695c619f445b7d08e10dfa72e882fe8fc7688367b5e9c
@@ -32,13 +32,24 @@ module Dependabot
32
32
  dependency_set.dependencies
33
33
  end
34
34
 
35
- sig { returns(PackageManagerBase) }
36
- def package_manager
37
- PackageManager.new(bundler_version)
35
+ sig { returns(Ecosystem) }
36
+ def ecosystem
37
+ @ecosystem ||= T.let(
38
+ Ecosystem.new(
39
+ name: ECOSYSTEM,
40
+ package_manager: package_manager
41
+ ),
42
+ T.nilable(Ecosystem)
43
+ )
38
44
  end
39
45
 
40
46
  private
41
47
 
48
+ sig { returns(Ecosystem::VersionManager) }
49
+ def package_manager
50
+ PackageManager.new(bundler_version)
51
+ end
52
+
42
53
  def check_external_code(dependencies)
43
54
  return unless @reject_external_code
44
55
  return unless git_source?(dependencies)
@@ -309,12 +320,14 @@ module Dependabot
309
320
  .select { |file| file.name.end_with?(".gemspec") }
310
321
  end
311
322
 
323
+ sig { returns(T::Array[Dependabot::DependencyFile]) }
312
324
  def imported_ruby_files
313
325
  dependency_files
314
326
  .select { |f| f.name.end_with?(".rb") }
315
327
  .reject { |f| f.name == "gems.rb" }
316
328
  end
317
329
 
330
+ sig { returns(String) }
318
331
  def bundler_version
319
332
  @bundler_version ||= Helpers.bundler_version(lockfile)
320
333
  end
@@ -3,10 +3,11 @@
3
3
 
4
4
  require "sorbet-runtime"
5
5
  require "dependabot/bundler/version"
6
- require "dependabot/package_manager"
6
+ require "dependabot/ecosystem"
7
7
 
8
8
  module Dependabot
9
9
  module Bundler
10
+ ECOSYSTEM = "bundler"
10
11
  PACKAGE_MANAGER = "bundler"
11
12
 
12
13
  # Keep versions in ascending order
@@ -18,33 +19,17 @@ module Dependabot
18
19
  # DEPRECATED_BUNDLER_VERSIONS = T.let([Version.new("1")].freeze, T::Array[Dependabot::Version])
19
20
  DEPRECATED_BUNDLER_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
20
21
 
21
- class PackageManager < PackageManagerBase
22
+ class PackageManager < Dependabot::Ecosystem::VersionManager
22
23
  extend T::Sig
23
24
 
24
- sig { params(version: T.any(String, Dependabot::Version)).void }
25
- def initialize(version)
26
- @version = T.let(Version.new(version), Dependabot::Version)
27
- @name = T.let(PACKAGE_MANAGER, String)
28
- @deprecated_versions = T.let(DEPRECATED_BUNDLER_VERSIONS, T::Array[Dependabot::Version])
29
- @supported_versions = T.let(SUPPORTED_BUNDLER_VERSIONS, T::Array[Dependabot::Version])
30
- end
31
-
32
- sig { override.returns(String) }
33
- attr_reader :name
34
-
35
- sig { override.returns(Dependabot::Version) }
36
- attr_reader :version
37
-
38
- sig { override.returns(T::Array[Dependabot::Version]) }
39
- attr_reader :deprecated_versions
40
-
41
- sig { override.returns(T::Array[Dependabot::Version]) }
42
- attr_reader :supported_versions
43
-
44
- sig { override.returns(T::Boolean) }
45
- def unsupported?
46
- # Check if the version is not supported
47
- supported_versions.all? { |supported| supported > version }
25
+ sig { params(raw_version: String).void }
26
+ def initialize(raw_version)
27
+ super(
28
+ PACKAGE_MANAGER,
29
+ Version.new(raw_version),
30
+ DEPRECATED_BUNDLER_VERSIONS,
31
+ SUPPORTED_BUNDLER_VERSIONS,
32
+ )
48
33
  end
49
34
  end
50
35
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-bundler
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.282.0
4
+ version: 0.284.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-10-24 00:00:00.000000000 Z
11
+ date: 2024-11-05 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.282.0
19
+ version: 0.284.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.282.0
26
+ version: 0.284.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: parallel
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -321,7 +321,7 @@ licenses:
321
321
  - MIT
322
322
  metadata:
323
323
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
324
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.282.0
324
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.284.0
325
325
  post_install_message:
326
326
  rdoc_options: []
327
327
  require_paths: