dependabot-bundler 0.98.44 → 0.98.45
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/bundler/update_checker/version_resolver.rb +11 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9ea45b37a654508715c9632251f6a5283283c4168b89c8ef6ef4673d30947450
|
|
4
|
+
data.tar.gz: f48438372ae41c495375949f181f610d00f298edb2daea37cbcfbc11724c4411
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 5a1668e74f4f7a2af0db4e51e0bbc4467c30c9868c4d2b31e0e6810a48171b9276bf803ab2c00c827343c5f39fa768cbd2628713f74b6291fa8f5c2e07faf839
|
|
7
|
+
data.tar.gz: 6e99b17fb31c263b240b3d17c7f26a896cbff3e5287168e418746c7287ec6e771af4b0533353377e104efc4a449e096f85107af5f9cc18c288822d7422a8192a
|
|
@@ -103,7 +103,7 @@ module Dependabot
|
|
|
103
103
|
end
|
|
104
104
|
end
|
|
105
105
|
rescue Dependabot::DependencyFileNotResolvable => error
|
|
106
|
-
return if
|
|
106
|
+
return if error_due_to_restrictive_upper_bound?(error)
|
|
107
107
|
return if circular_dependency_at_new_version?(error)
|
|
108
108
|
raise unless ruby_lock_error?(error)
|
|
109
109
|
|
|
@@ -119,6 +119,16 @@ module Dependabot
|
|
|
119
119
|
error.message.include?("'#{dependency.name}'")
|
|
120
120
|
end
|
|
121
121
|
|
|
122
|
+
def error_due_to_restrictive_upper_bound?(error)
|
|
123
|
+
# We see this when the dependency doesn't appear in the lockfile and
|
|
124
|
+
# has an overly restricture upper bound that we've added, either due
|
|
125
|
+
# to an ignore condition or us missing that a pre-release is required
|
|
126
|
+
# (as another dependency places a pre-release requirement on the dep)
|
|
127
|
+
return false if dependency.appears_in_lockfile?
|
|
128
|
+
|
|
129
|
+
error.message.include?("#{dependency.name} ")
|
|
130
|
+
end
|
|
131
|
+
|
|
122
132
|
def ruby_lock_error?(error)
|
|
123
133
|
return false unless error.message.include?(" for gem \"ruby\0\"")
|
|
124
134
|
return false if @gemspec_ruby_unlocked
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-bundler
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.98.
|
|
4
|
+
version: 0.98.45
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-03-
|
|
11
|
+
date: 2019-03-28 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.98.
|
|
19
|
+
version: 0.98.45
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.98.
|
|
26
|
+
version: 0.98.45
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|