dependabot-bundler 0.95.31 → 0.95.32
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/bundler/update_checker.rb +41 -21
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f459c79156c7d24d98b87e7c1663a080f987c6564e184f8ad6f7e313549f6faa
|
|
4
|
+
data.tar.gz: 4832ec5266b4b7aa2c3f85e90dcee0adea65d2d0ef160b32fbdbef576f244c61
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e751f19d519f106cdcde538ea8d1c9b75da9ad87f19eb260964ceef40bd4d374c6b0ca103d54eb8d2452cbacc746a5c61d0998b8f9247f0af2cfcb019394fce0
|
|
7
|
+
data.tar.gz: 0c1b4e9782feb2a1b9296562cacf9cd78aa6fac2d3f911335ae854d62cd4b38bf9a761276ed17c97713893006175b8ceff301c7420546e44f2de8c98ef35d43a
|
|
@@ -32,10 +32,8 @@ module Dependabot
|
|
|
32
32
|
return current_ver if git_dependency? && git_commit_checker.pinned?
|
|
33
33
|
|
|
34
34
|
@latest_resolvable_version_detail_with_no_unlock ||=
|
|
35
|
-
version_resolver(
|
|
36
|
-
|
|
37
|
-
unlock_requirement: false
|
|
38
|
-
).latest_resolvable_version_details
|
|
35
|
+
version_resolver(remove_git_source: false, unlock_requirement: false).
|
|
36
|
+
latest_resolvable_version_details
|
|
39
37
|
|
|
40
38
|
if git_dependency?
|
|
41
39
|
@latest_resolvable_version_detail_with_no_unlock&.fetch(:commit_sha)
|
|
@@ -45,14 +43,29 @@ module Dependabot
|
|
|
45
43
|
end
|
|
46
44
|
|
|
47
45
|
def updated_requirements
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
46
|
+
if updated_source&.fetch(:ref, nil) &&
|
|
47
|
+
updated_source.fetch(:ref) != dependency_source_details.fetch(:ref)
|
|
48
|
+
updated_version =
|
|
49
|
+
latest_resolvable_version_details_with_updated_git_source&.
|
|
50
|
+
fetch(:version)&.
|
|
51
|
+
to_s
|
|
52
|
+
RequirementsUpdater.new(
|
|
53
|
+
requirements: dependency.requirements,
|
|
54
|
+
update_strategy: requirements_update_strategy,
|
|
55
|
+
updated_source: updated_source,
|
|
56
|
+
latest_version: updated_version,
|
|
57
|
+
latest_resolvable_version: updated_version
|
|
58
|
+
).updated_requirements
|
|
59
|
+
else
|
|
60
|
+
RequirementsUpdater.new(
|
|
61
|
+
requirements: dependency.requirements,
|
|
62
|
+
update_strategy: requirements_update_strategy,
|
|
63
|
+
updated_source: updated_source,
|
|
64
|
+
latest_version: latest_version_details&.fetch(:version)&.to_s,
|
|
65
|
+
latest_resolvable_version:
|
|
66
|
+
latest_resolvable_version_details&.fetch(:version)&.to_s
|
|
67
|
+
).updated_requirements
|
|
68
|
+
end
|
|
56
69
|
end
|
|
57
70
|
|
|
58
71
|
def requirements_unlocked_or_can_be?
|
|
@@ -207,15 +220,7 @@ module Dependabot
|
|
|
207
220
|
|
|
208
221
|
return false if git_commit_checker.local_tag_for_latest_version.nil?
|
|
209
222
|
|
|
210
|
-
|
|
211
|
-
|
|
212
|
-
VersionResolver.new(
|
|
213
|
-
dependency: dependency,
|
|
214
|
-
unprepared_dependency_files: dependency_files,
|
|
215
|
-
credentials: credentials,
|
|
216
|
-
ignored_versions: ignored_versions,
|
|
217
|
-
replacement_git_pin: replacement_tag.fetch(:tag)
|
|
218
|
-
).latest_resolvable_version_details
|
|
223
|
+
latest_resolvable_version_details_with_updated_git_source
|
|
219
224
|
|
|
220
225
|
@git_tag_resolvable = true
|
|
221
226
|
rescue Dependabot::DependencyFileNotResolvable
|
|
@@ -281,6 +286,21 @@ module Dependabot
|
|
|
281
286
|
)
|
|
282
287
|
end
|
|
283
288
|
|
|
289
|
+
def latest_resolvable_version_details_with_updated_git_source
|
|
290
|
+
@latest_resolvable_version_details_with_updated_git_source ||=
|
|
291
|
+
begin
|
|
292
|
+
replacement_tag = git_commit_checker.local_tag_for_latest_version
|
|
293
|
+
|
|
294
|
+
VersionResolver.new(
|
|
295
|
+
dependency: dependency,
|
|
296
|
+
unprepared_dependency_files: dependency_files,
|
|
297
|
+
credentials: credentials,
|
|
298
|
+
ignored_versions: ignored_versions,
|
|
299
|
+
replacement_git_pin: replacement_tag.fetch(:tag)
|
|
300
|
+
).latest_resolvable_version_details
|
|
301
|
+
end
|
|
302
|
+
end
|
|
303
|
+
|
|
284
304
|
def version_resolver(remove_git_source:, unlock_requirement: true)
|
|
285
305
|
@version_resolver ||= {}
|
|
286
306
|
@version_resolver[remove_git_source] ||= {}
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-bundler
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.95.
|
|
4
|
+
version: 0.95.32
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.95.
|
|
19
|
+
version: 0.95.32
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.95.
|
|
26
|
+
version: 0.95.32
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|