dependabot-bundler 0.315.0 → 0.316.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f3fe30e7a26afccaa2a525cee8a9cd922bed807daaf9b538ba6832eeb55958ca
|
|
4
|
+
data.tar.gz: 3222607755992756baccfc661c9046d0d0f531394eec15b356e7267d32302aae
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: aafc91ae080e5fce13ea3fcb87dfe1428698bcab4eddb66e40834a307c250fa38fc84ab8dcc6374a36e0adbfcdd9d8589f37a3a06d8a62fc86c68fdbd1b2a929
|
|
7
|
+
data.tar.gz: 9e1d96d3996858b3b2936a2239e3d22798c9a2af76671efe27c660c0e79199b1bb1a43cd79b27698229f425ab1c7dab959d8f0d6fea96b72d461a552bc1016e1
|
|
@@ -26,7 +26,7 @@ module BundlerDefinitionRubyVersionPatch
|
|
|
26
26
|
Gem::Specification.new("Ruby\0", requested_version)
|
|
27
27
|
end
|
|
28
28
|
|
|
29
|
-
%w(2.5.3 2.6.10 2.7.8 3.0.7 3.1.6 3.2.
|
|
29
|
+
%w(2.5.3 2.6.10 2.7.8 3.0.7 3.1.6 3.2.8 3.3.8).each do |version|
|
|
30
30
|
sources.metadata_source.specs << Gem::Specification.new("Ruby\0", version)
|
|
31
31
|
end
|
|
32
32
|
|
|
@@ -1,26 +1,34 @@
|
|
|
1
|
-
# typed:
|
|
1
|
+
# typed: strict
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require "parser/current"
|
|
5
|
+
require "sorbet-runtime"
|
|
6
|
+
|
|
5
7
|
require "dependabot/bundler/file_updater"
|
|
6
8
|
require "dependabot/bundler/requirement"
|
|
9
|
+
require "dependabot/bundler/version"
|
|
7
10
|
|
|
8
11
|
module Dependabot
|
|
9
12
|
module Bundler
|
|
10
13
|
class FileUpdater
|
|
11
14
|
class RubyRequirementSetter
|
|
15
|
+
extend T::Sig
|
|
16
|
+
|
|
12
17
|
RUBY_VERSIONS = %w(
|
|
13
|
-
1.8.7 1.9.3 2.0.0 2.1.10 2.2.10 2.3.8 2.4.10 2.5.9 2.6.9 2.7.6 3.0.6 3.1.6 3.2.
|
|
18
|
+
1.8.7 1.9.3 2.0.0 2.1.10 2.2.10 2.3.8 2.4.10 2.5.9 2.6.9 2.7.6 3.0.6 3.1.6 3.2.8 3.3.8 3.4.4
|
|
14
19
|
).freeze
|
|
15
20
|
|
|
16
21
|
LANGUAGE = "ruby"
|
|
17
22
|
|
|
23
|
+
sig { returns(Dependabot::DependencyFile) }
|
|
18
24
|
attr_reader :gemspec
|
|
19
25
|
|
|
26
|
+
sig { params(gemspec: Dependabot::DependencyFile).void }
|
|
20
27
|
def initialize(gemspec:)
|
|
21
28
|
@gemspec = gemspec
|
|
22
29
|
end
|
|
23
30
|
|
|
31
|
+
sig { params(content: String).returns(String) }
|
|
24
32
|
def rewrite(content)
|
|
25
33
|
return content unless gemspec_declares_ruby_requirement?
|
|
26
34
|
|
|
@@ -39,10 +47,12 @@ module Dependabot
|
|
|
39
47
|
|
|
40
48
|
private
|
|
41
49
|
|
|
50
|
+
sig { returns(T::Boolean) }
|
|
42
51
|
def gemspec_declares_ruby_requirement?
|
|
43
52
|
!ruby_requirement.nil?
|
|
44
53
|
end
|
|
45
54
|
|
|
55
|
+
sig { params(node: T.untyped).returns(T::Boolean) }
|
|
46
56
|
def declares_ruby_version?(node)
|
|
47
57
|
return false unless node.is_a?(Parser::AST::Node)
|
|
48
58
|
return true if node.type == :send && node.children[1] == :ruby
|
|
@@ -50,6 +60,7 @@ module Dependabot
|
|
|
50
60
|
node.children.any? { |cn| declares_ruby_version?(cn) }
|
|
51
61
|
end
|
|
52
62
|
|
|
63
|
+
sig { returns(Dependabot::Version) }
|
|
53
64
|
def ruby_version
|
|
54
65
|
requirement = if ruby_requirement.is_a?(Gem::Requirement)
|
|
55
66
|
ruby_requirement
|
|
@@ -74,6 +85,7 @@ module Dependabot
|
|
|
74
85
|
end
|
|
75
86
|
|
|
76
87
|
# rubocop:disable Security/Eval
|
|
88
|
+
sig { returns(T.untyped) }
|
|
77
89
|
def ruby_requirement
|
|
78
90
|
ast = Parser::CurrentRuby.parse(gemspec.content)
|
|
79
91
|
requirement_node = find_ruby_requirement_node(ast)
|
|
@@ -87,6 +99,7 @@ module Dependabot
|
|
|
87
99
|
end
|
|
88
100
|
# rubocop:enable Security/Eval
|
|
89
101
|
|
|
102
|
+
sig { params(node: T.untyped).returns(T.nilable(Parser::AST::Node)) }
|
|
90
103
|
def find_ruby_requirement_node(node)
|
|
91
104
|
return unless node.is_a?(Parser::AST::Node)
|
|
92
105
|
return node if declares_ruby_requirement?(node)
|
|
@@ -97,6 +110,7 @@ module Dependabot
|
|
|
97
110
|
end
|
|
98
111
|
end
|
|
99
112
|
|
|
113
|
+
sig { params(node: T.untyped).returns(T::Boolean) }
|
|
100
114
|
def declares_ruby_requirement?(node)
|
|
101
115
|
return false unless node.is_a?(Parser::AST::Node)
|
|
102
116
|
|
|
@@ -104,10 +118,14 @@ module Dependabot
|
|
|
104
118
|
end
|
|
105
119
|
|
|
106
120
|
class GemfileRewriter < Parser::TreeRewriter
|
|
121
|
+
extend T::Sig
|
|
122
|
+
|
|
123
|
+
sig { override.params(ruby_version: Dependabot::Version).void }
|
|
107
124
|
def initialize(ruby_version:)
|
|
108
125
|
@ruby_version = ruby_version
|
|
109
126
|
end
|
|
110
127
|
|
|
128
|
+
sig { override.params(node: T.untyped).void }
|
|
111
129
|
def on_send(node)
|
|
112
130
|
return unless declares_ruby_version?(node)
|
|
113
131
|
|
|
@@ -117,8 +135,10 @@ module Dependabot
|
|
|
117
135
|
|
|
118
136
|
private
|
|
119
137
|
|
|
138
|
+
sig { returns(Dependabot::Version) }
|
|
120
139
|
attr_reader :ruby_version
|
|
121
140
|
|
|
141
|
+
sig { params(node: T.untyped).returns(T::Boolean) }
|
|
122
142
|
def declares_ruby_version?(node)
|
|
123
143
|
return false unless node.is_a?(Parser::AST::Node)
|
|
124
144
|
return false unless node.type == :send
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-bundler
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.316.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -15,14 +15,14 @@ dependencies:
|
|
|
15
15
|
requirements:
|
|
16
16
|
- - '='
|
|
17
17
|
- !ruby/object:Gem::Version
|
|
18
|
-
version: 0.
|
|
18
|
+
version: 0.316.0
|
|
19
19
|
type: :runtime
|
|
20
20
|
prerelease: false
|
|
21
21
|
version_requirements: !ruby/object:Gem::Requirement
|
|
22
22
|
requirements:
|
|
23
23
|
- - '='
|
|
24
24
|
- !ruby/object:Gem::Version
|
|
25
|
-
version: 0.
|
|
25
|
+
version: 0.316.0
|
|
26
26
|
- !ruby/object:Gem::Dependency
|
|
27
27
|
name: parallel
|
|
28
28
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -322,7 +322,7 @@ licenses:
|
|
|
322
322
|
- MIT
|
|
323
323
|
metadata:
|
|
324
324
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
325
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
325
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.316.0
|
|
326
326
|
rdoc_options: []
|
|
327
327
|
require_paths:
|
|
328
328
|
- lib
|