dependabot-bundler 0.111.55 → 0.111.56
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/bundler/file_fetcher.rb +3 -4
- data/lib/dependabot/bundler/file_parser/file_preparer.rb +7 -1
- data/lib/dependabot/bundler/file_parser.rb +1 -0
- data/lib/dependabot/bundler/file_updater/lockfile_updater.rb +11 -0
- data/lib/dependabot/bundler/file_updater.rb +1 -0
- data/lib/dependabot/bundler/update_checker/file_preparer.rb +11 -1
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 30aa64b87532695481e1d9de1ebed56f7ae4ca05c287973d001753a50b0637e0
|
4
|
+
data.tar.gz: dc78680bd6c11e1ab87344247d0a7935ea57c3e9e8ac9bd615b35db461382888
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 071b3e836140f90d717699f5b113d65935b53963ef036443b7f64c1efebc25ce2f8c872de3f54c5c6d74664f567a54b37794c3b19eec2c83491a2dcd7725ee01
|
7
|
+
data.tar.gz: b4b72924be60499b496dcbdccdc0dd2ab3095168896f3ec392e1506766a2fe07b00018174b1cc1c478e2ace1cc131fca3a31c9bfc1e5bcf1d20f475d578e2077
|
@@ -159,16 +159,15 @@ module Dependabot
|
|
159
159
|
|
160
160
|
def fetch_gemspecs_from_directory(dir_path)
|
161
161
|
repo_contents(dir: dir_path, fetch_submodules: true).
|
162
|
-
select { |f| f.name.end_with?(".gemspec") }.
|
162
|
+
select { |f| f.name.end_with?(".gemspec", ".specification") }.
|
163
163
|
map { |f| File.join(dir_path, f.name) }.
|
164
164
|
map { |fp| fetch_file_from_host(fp, fetch_submodules: true) }
|
165
165
|
end
|
166
166
|
|
167
167
|
def fetch_path_gemspec_paths
|
168
168
|
if lockfile
|
169
|
-
parsed_lockfile = ::Bundler::LockfileParser.
|
170
|
-
|
171
|
-
)
|
169
|
+
parsed_lockfile = ::Bundler::LockfileParser.
|
170
|
+
new(sanitized_lockfile_content)
|
172
171
|
parsed_lockfile.specs.
|
173
172
|
select { |s| s.source.instance_of?(::Bundler::Source::Path) }.
|
174
173
|
map { |s| s.source.path }.uniq
|
@@ -29,7 +29,8 @@ module Dependabot
|
|
29
29
|
*evaled_gemfiles,
|
30
30
|
lockfile,
|
31
31
|
ruby_version_file,
|
32
|
-
*imported_ruby_files
|
32
|
+
*imported_ruby_files,
|
33
|
+
*specification_files
|
33
34
|
].compact
|
34
35
|
end
|
35
36
|
|
@@ -45,6 +46,7 @@ module Dependabot
|
|
45
46
|
def evaled_gemfiles
|
46
47
|
dependency_files.
|
47
48
|
reject { |f| f.name.end_with?(".gemspec") }.
|
49
|
+
reject { |f| f.name.end_with?(".specification") }.
|
48
50
|
reject { |f| f.name.end_with?(".lock") }.
|
49
51
|
reject { |f| f.name.end_with?(".ruby-version") }.
|
50
52
|
reject { |f| f.name == "Gemfile" }.
|
@@ -52,6 +54,10 @@ module Dependabot
|
|
52
54
|
reject { |f| f.name == "gems.locked" }
|
53
55
|
end
|
54
56
|
|
57
|
+
def specification_files
|
58
|
+
dependency_files.select { |f| f.name.end_with?(".specification") }
|
59
|
+
end
|
60
|
+
|
55
61
|
def lockfile
|
56
62
|
dependency_files.find { |f| f.name == "Gemfile.lock" } ||
|
57
63
|
dependency_files.find { |f| f.name == "gems.locked" }
|
@@ -265,6 +265,7 @@ module Dependabot
|
|
265
265
|
def evaled_gemfiles
|
266
266
|
dependency_files.
|
267
267
|
reject { |f| f.name.end_with?(".gemspec") }.
|
268
|
+
reject { |f| f.name.end_with?(".specification") }.
|
268
269
|
reject { |f| f.name.end_with?(".lock") }.
|
269
270
|
reject { |f| f.name.end_with?(".ruby-version") }.
|
270
271
|
reject { |f| f.name == "Gemfile" }.
|
@@ -247,6 +247,12 @@ module Dependabot
|
|
247
247
|
FileUtils.mkdir_p(Pathname.new(path).dirname)
|
248
248
|
File.write(path, sanitized_gemspec_content(file.content))
|
249
249
|
end
|
250
|
+
|
251
|
+
specification_files.each do |file|
|
252
|
+
path = file.name
|
253
|
+
FileUtils.mkdir_p(Pathname.new(path).dirname)
|
254
|
+
File.write(path, file.content)
|
255
|
+
end
|
250
256
|
end
|
251
257
|
|
252
258
|
def write_imported_ruby_files
|
@@ -403,6 +409,7 @@ module Dependabot
|
|
403
409
|
@evaled_gemfiles ||=
|
404
410
|
dependency_files.
|
405
411
|
reject { |f| f.name.end_with?(".gemspec") }.
|
412
|
+
reject { |f| f.name.end_with?(".specification") }.
|
406
413
|
reject { |f| f.name.end_with?(".lock") }.
|
407
414
|
reject { |f| f.name.end_with?(".ruby-version") }.
|
408
415
|
reject { |f| f.name == "Gemfile" }.
|
@@ -411,6 +418,10 @@ module Dependabot
|
|
411
418
|
reject(&:support_file?)
|
412
419
|
end
|
413
420
|
|
421
|
+
def specification_files
|
422
|
+
dependency_files.select { |f| f.name.end_with?(".specification") }
|
423
|
+
end
|
424
|
+
|
414
425
|
def git_dependency?(dep)
|
415
426
|
GitCommitChecker.new(
|
416
427
|
dependency: dep,
|
@@ -82,6 +82,7 @@ module Dependabot
|
|
82
82
|
@evaled_gemfiles ||=
|
83
83
|
dependency_files.
|
84
84
|
reject { |f| f.name.end_with?(".gemspec") }.
|
85
|
+
reject { |f| f.name.end_with?(".specification") }.
|
85
86
|
reject { |f| f.name.end_with?(".lock") }.
|
86
87
|
reject { |f| f.name.end_with?(".ruby-version") }.
|
87
88
|
reject { |f| f.name == "Gemfile" }.
|
@@ -89,7 +89,12 @@ module Dependabot
|
|
89
89
|
end
|
90
90
|
|
91
91
|
# No editing required for lockfile or Ruby version file
|
92
|
-
files += [
|
92
|
+
files += [
|
93
|
+
lockfile,
|
94
|
+
ruby_version_file,
|
95
|
+
*imported_ruby_files,
|
96
|
+
*specification_files
|
97
|
+
].compact
|
93
98
|
end
|
94
99
|
# rubocop:enable Metrics/AbcSize
|
95
100
|
# rubocop:enable Metrics/MethodLength
|
@@ -119,6 +124,7 @@ module Dependabot
|
|
119
124
|
def evaled_gemfiles
|
120
125
|
dependency_files.
|
121
126
|
reject { |f| f.name.end_with?(".gemspec") }.
|
127
|
+
reject { |f| f.name.end_with?(".specification") }.
|
122
128
|
reject { |f| f.name.end_with?(".lock") }.
|
123
129
|
reject { |f| f.name.end_with?(".ruby-version") }.
|
124
130
|
reject { |f| f.name == "Gemfile" }.
|
@@ -131,6 +137,10 @@ module Dependabot
|
|
131
137
|
dependency_files.find { |f| f.name == "gems.locked" }
|
132
138
|
end
|
133
139
|
|
140
|
+
def specification_files
|
141
|
+
dependency_files.select { |f| f.name.end_with?(".specification") }
|
142
|
+
end
|
143
|
+
|
134
144
|
def top_level_gemspecs
|
135
145
|
dependency_files.
|
136
146
|
select { |f| f.name.end_with?(".gemspec") }.
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-bundler
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.111.
|
4
|
+
version: 0.111.56
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.111.
|
19
|
+
version: 0.111.56
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.111.
|
26
|
+
version: 0.111.56
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: byebug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|