RubyGems - dependabot-bundler - Versions diffs - 0.134.1 → 0.134.2 - Mend

dependabot-bundler 0.134.1 → 0.134.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (26) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: bd78c19685f05d6c7e43ce4c90534222628ae2643f85c0e9e782564ad9c103f5
-  data.tar.gz: d6d3b64c7fe549a55393b3f8fc7abc8f4ab47beeedff11693b55f3063dd574c1
+  metadata.gz: 2bcdbe551e6ff3f077707ac6d98f1ac1790ecc7cd9d1b2b022fece85020c518e
+  data.tar.gz: 7ca334b4843d2aabe419e39c688bd28d12f9af009a2741fc9fce3feffb98be45
 SHA512:
-  metadata.gz: fbd76caef56c07824885903d9d17f435143889e7e7e8923a11290ba1e532e80a7808de62f775eebf513e71620062bc70a9609b8e28d48310abcbde05dc79fcaa
-  data.tar.gz: c73e87e7383c1ea48dbd58e97dde9011c83eefb3f3730c4f98756c64793ae374e102577ca911418edc8d8553a629d72356663062c39d44678513c3f47e11a6b2
+  metadata.gz: d5c0a9ca7e54167e4fcadbf3b1a71fab53ce2eca2278fd51d02b6fba4d4c9251106f3a0ae50c6e7857b08779c7e304df95e31bef3afb6469a4f1da5e7968796e
+  data.tar.gz: 1cc1bc4e2877a324e2b5993dc2b4e4af17380fdf1112b464a73467377335a5de1e329142bef92e7b61cd8de7743c49513d0d3e9e5114eb7888b931a164b9e9b3

data/helpers/{v1/build → build} RENAMED Viewed

@@ -8,20 +8,11 @@ if [ -z "$install_dir" ]; then
   exit 1
 fi
-if [ ! -d "$install_dir" ]; then
-  mkdir -p "$install_dir"
-fi
 helpers_dir="$(dirname "${BASH_SOURCE[0]}")"
 cp -r \
   "$helpers_dir/lib" \
   "$helpers_dir/monkey_patches" \
   "$helpers_dir/run.rb" \
-  "$helpers_dir/Gemfile" \
   "$install_dir"
 cd "$install_dir"
-# NOTE: Sets `BUNDLED WITH` to match the installed v1 version in Gemfile.lock
-# forcing specs and native helpers to run with the same version
-BUNDLER_VERSION=1 bundle install

data/helpers/{v1/lib → lib}/functions.rb RENAMED Viewed

File without changes

data/helpers/{v1/lib → lib}/functions/conflicting_dependency_resolver.rb RENAMED Viewed

File without changes

data/helpers/{v1/lib → lib}/functions/dependency_source.rb RENAMED Viewed

File without changes

data/helpers/{v1/lib → lib}/functions/file_parser.rb RENAMED Viewed

File without changes

data/helpers/{v1/lib → lib}/functions/force_updater.rb RENAMED Viewed

File without changes

data/helpers/{v1/lib → lib}/functions/lockfile_updater.rb RENAMED Viewed

File without changes

data/helpers/{v1/lib → lib}/functions/version_resolver.rb RENAMED Viewed

File without changes

data/helpers/{v1/monkey_patches → monkey_patches}/definition_bundler_version_patch.rb RENAMED Viewed

File without changes

data/helpers/{v1/monkey_patches → monkey_patches}/definition_ruby_version_patch.rb RENAMED Viewed

File without changes

data/helpers/{v1/monkey_patches → monkey_patches}/git_source_patch.rb RENAMED Viewed

File without changes

data/helpers/{v1/run.rb → run.rb} RENAMED Viewed

File without changes

data/lib/dependabot/bundler/file_parser.rb CHANGED Viewed

@@ -5,7 +5,6 @@ require "dependabot/file_parsers"
 require "dependabot/file_parsers/base"
 require "dependabot/bundler/file_updater/lockfile_updater"
 require "dependabot/bundler/native_helpers"
-require "dependabot/bundler/helpers"
 require "dependabot/bundler/version"
 require "dependabot/shared_helpers"
 require "dependabot/errors"
@@ -130,8 +129,8 @@ module Dependabot
                                                       repo_contents_path) do
             write_temporary_dependency_files
-            NativeHelpers.run_bundler_subprocess(
-              bundler_version: bundler_version,
+            SharedHelpers.run_helper_subprocess(
+              command: NativeHelpers.helper_path,
               function: "parsed_gemfile",
               args: {
                 gemfile_name: gemfile.name,
@@ -160,8 +159,8 @@ module Dependabot
                                                       repo_contents_path) do
             write_temporary_dependency_files
-            NativeHelpers.run_bundler_subprocess(
-              bundler_version: bundler_version,
+            SharedHelpers.run_helper_subprocess(
+              command: NativeHelpers.helper_path,
               function: "parsed_gemspec",
               args: {
                 gemspec_name: file.name,
@@ -299,10 +298,6 @@ module Dependabot
           select { |f| f.name.end_with?(".rb") }.
           reject { |f| f.name == "gems.rb" }
       end
-      def bundler_version
-        @bundler_version ||= Helpers.bundler_version(lockfile)
-      end
     end
   end
 end

data/lib/dependabot/bundler/file_updater.rb CHANGED Viewed

@@ -3,7 +3,6 @@
 require "dependabot/file_updaters"
 require "dependabot/file_updaters/base"
 require "dependabot/bundler/native_helpers"
-require "dependabot/bundler/helpers"
 require "dependabot/file_updaters/vendor_updater"
 module Dependabot
@@ -76,8 +75,8 @@ module Dependabot
         return @vendor_cache_dir if defined?(@vendor_cache_dir)
         @vendor_cache_dir =
-          NativeHelpers.run_bundler_subprocess(
-            bundler_version: bundler_version,
+          SharedHelpers.run_helper_subprocess(
+            command: NativeHelpers.helper_path,
             function: "vendor_cache_dir",
             args: {
               dir: repo_contents_path
@@ -160,10 +159,6 @@ module Dependabot
           select { |file| file.name.end_with?(".gemspec") }.
           reject(&:support_file?)
       end
-      def bundler_version
-        @bundler_version ||= Helpers.bundler_version(lockfile)
-      end
     end
   end
 end

data/lib/dependabot/bundler/file_updater/lockfile_updater.rb CHANGED Viewed

@@ -6,7 +6,6 @@ require "dependabot/shared_helpers"
 require "dependabot/errors"
 require "dependabot/bundler/file_updater"
 require "dependabot/bundler/native_helpers"
-require "dependabot/bundler/helpers"
 module Dependabot
   module Bundler
@@ -65,8 +64,8 @@ module Dependabot
             ) do |tmp_dir|
               write_temporary_dependency_files
-              NativeHelpers.run_bundler_subprocess(
-                bundler_version: bundler_version,
+              SharedHelpers.run_helper_subprocess(
+                command: NativeHelpers.helper_path,
                 function: "update_lockfile",
                 args: {
                   gemfile_name: gemfile.name,
@@ -302,10 +301,6 @@ module Dependabot
           lockfile.content.match?(/BUNDLED WITH\s+2/m)
         end
-        def bundler_version
-          @bundler_version ||= Helpers.bundler_version(lockfile)
-        end
       end
     end
   end

data/lib/dependabot/bundler/native_helpers.rb CHANGED Viewed

@@ -1,39 +1,10 @@
 # frozen_string_literal: true
-require "dependabot/shared_helpers"
 module Dependabot
   module Bundler
     module NativeHelpers
-      def self.run_bundler_subprocess(function:, args:, bundler_version:)
-        SharedHelpers.run_helper_subprocess(
-          command: helper_path(bundler_version: bundler_version),
-          function: function,
-          args: args,
-          env: {
-            # Bundler will pick the matching installed major version
-            "BUNDLER_VERSION" => bundler_version,
-            # Force bundler to use the helper Gemfile that has been bundled with
-            # v1, otherwise it will point to core's bundler/Gemfile which will
-            # be bundled with v2 once it's installed
-            "BUNDLE_GEMFILE" => File.join(versioned_helper_path(bundler_version: bundler_version), "Gemfile"),
-            # Unset ruby env set by running dependabot-core with bundle exec,
-            # forcing bundler to reset them from helpers/v1
-            "RUBYLIB" => nil,
-            "RUBYOPT" => nil,
-            "GEM_PATH" => nil,
-            "GEM_HOME" => nil
-          }
-        )
-      end
-      def self.versioned_helper_path(bundler_version:)
-        native_helper_version = "v#{bundler_version}"
-        File.join(native_helpers_root, native_helper_version)
-      end
-      def self.helper_path(bundler_version:)
-        "bundle exec ruby #{File.join(versioned_helper_path(bundler_version: bundler_version), 'run.rb')}"
+      def self.helper_path
+        "bundle exec ruby #{File.join(native_helpers_root, 'run.rb')}"
       end
       def self.native_helpers_root

data/lib/dependabot/bundler/update_checker/conflicting_dependency_resolver.rb CHANGED Viewed

@@ -2,7 +2,6 @@
 require "dependabot/bundler/update_checker"
 require "dependabot/bundler/native_helpers"
-require "dependabot/bundler/helpers"
 require "dependabot/shared_helpers"
 module Dependabot
@@ -29,8 +28,8 @@ module Dependabot
         #   * requirement [String] the requirement on the target_dependency
         def conflicting_dependencies(dependency:, target_version:)
           in_a_native_bundler_context(error_handling: false) do |tmp_dir|
-            NativeHelpers.run_bundler_subprocess(
-              bundler_version: bundler_version,
+            SharedHelpers.run_helper_subprocess(
+              command: NativeHelpers.helper_path,
               function: "conflicting_dependencies",
               args: {
                 dir: tmp_dir,
@@ -43,12 +42,6 @@ module Dependabot
             )
           end
         end
-        private
-        def bundler_version
-          @bundler_version ||= Helpers.bundler_version(lockfile)
-        end
       end
     end
   end

data/lib/dependabot/bundler/update_checker/force_updater.rb CHANGED Viewed

@@ -3,7 +3,6 @@
 require "dependabot/bundler/file_parser"
 require "dependabot/bundler/file_updater/lockfile_updater"
 require "dependabot/bundler/native_helpers"
-require "dependabot/bundler/helpers"
 require "dependabot/bundler/update_checker"
 require "dependabot/bundler/update_checker/requirements_updater"
 require "dependabot/errors"
@@ -44,8 +43,8 @@ module Dependabot
         def force_update
           in_a_native_bundler_context(error_handling: false) do |tmp_dir|
-            updated_deps, specs = NativeHelpers.run_bundler_subprocess(
-              bundler_version: bundler_version,
+            updated_deps, specs = SharedHelpers.run_helper_subprocess(
+              command: NativeHelpers.helper_path,
               function: "force_update",
               args: {
                 dir: tmp_dir,
@@ -147,10 +146,6 @@ module Dependabot
           lockfile.content.match?(/BUNDLED WITH\s+2/m)
         end
-        def bundler_version
-          @bundler_version ||= Helpers.bundler_version(lockfile)
-        end
       end
     end
   end

data/lib/dependabot/bundler/update_checker/latest_version_finder/dependency_source.rb CHANGED Viewed

@@ -1,8 +1,5 @@
 # frozen_string_literal: true
-require "dependabot/bundler/native_helpers"
-require "dependabot/bundler/helpers"
 module Dependabot
   module Bundler
     class UpdateChecker
@@ -56,8 +53,8 @@ module Dependabot
             SharedHelpers.with_git_configured(credentials: credentials) do
               in_a_native_bundler_context do |tmp_dir|
-                NativeHelpers.run_bundler_subprocess(
-                  bundler_version: bundler_version,
+                SharedHelpers.run_helper_subprocess(
+                  command: NativeHelpers.helper_path,
                   function: "depencency_source_latest_git_version",
                   args: {
                     dir: tmp_dir,
@@ -101,8 +98,8 @@ module Dependabot
           def private_registry_versions
             @private_registry_versions ||=
               in_a_native_bundler_context do |tmp_dir|
-                NativeHelpers.run_bundler_subprocess(
-                  bundler_version: bundler_version,
+                SharedHelpers.run_helper_subprocess(
+                  command: NativeHelpers.helper_path,
                   function: "private_registry_versions",
                   args: {
                     dir: tmp_dir,
@@ -121,8 +118,8 @@ module Dependabot
             return @source_type = RUBYGEMS unless gemfile
             @source_type = in_a_native_bundler_context do |tmp_dir|
-              NativeHelpers.run_bundler_subprocess(
-                bundler_version: bundler_version,
+              SharedHelpers.run_helper_subprocess(
+                command: NativeHelpers.helper_path,
                 function: "dependency_source_type",
                 args: {
                   dir: tmp_dir,
@@ -138,15 +135,6 @@ module Dependabot
             dependency_files.find { |f| f.name == "Gemfile" } ||
               dependency_files.find { |f| f.name == "gems.rb" }
           end
-          def lockfile
-            dependency_files.find { |f| f.name == "Gemfile.lock" } ||
-              dependency_files.find { |f| f.name == "gems.locked" }
-          end
-          def bundler_version
-            @bundler_version ||= Helpers.bundler_version(lockfile)
-          end
         end
       end
     end

data/lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb CHANGED Viewed

@@ -4,7 +4,6 @@ require "excon"
 require "dependabot/bundler/update_checker"
 require "dependabot/bundler/native_helpers"
-require "dependabot/bundler/helpers"
 require "dependabot/shared_helpers"
 require "dependabot/errors"
@@ -164,8 +163,8 @@ module Dependabot
         def inaccessible_git_dependencies
           in_a_native_bundler_context(error_handling: false) do |tmp_dir|
-            git_specs = NativeHelpers.run_bundler_subprocess(
-              bundler_version: bundler_version,
+            git_specs = SharedHelpers.run_helper_subprocess(
+              command: NativeHelpers.helper_path,
               function: "git_specs",
               args: {
                 dir: tmp_dir,
@@ -188,8 +187,8 @@ module Dependabot
         def jfrog_source
           in_a_native_bundler_context(error_handling: false) do |dir|
-            NativeHelpers.run_bundler_subprocess(
-              bundler_version: bundler_version,
+            SharedHelpers.run_helper_subprocess(
+              command: NativeHelpers.helper_path,
               function: "jfrog_source",
               args: {
                 dir: dir,
@@ -237,10 +236,6 @@ module Dependabot
           lockfile.content.match?(/BUNDLED WITH\s+2/m)
         end
-        def bundler_version
-          @bundler_version ||= Helpers.bundler_version(lockfile)
-        end
       end
     end
   end

data/lib/dependabot/bundler/update_checker/version_resolver.rb CHANGED Viewed

@@ -2,7 +2,6 @@
 require "excon"
-require "dependabot/bundler/helpers"
 require "dependabot/bundler/update_checker"
 require "dependabot/bundler/file_updater/lockfile_updater"
 require "dependabot/bundler/requirement"
@@ -76,8 +75,8 @@ module Dependabot
             # some errors we want to handle specifically ourselves, including
             # potentially retrying in the case of the Ruby version being locked
             in_a_native_bundler_context(error_handling: false) do |tmp_dir|
-              details = NativeHelpers.run_bundler_subprocess(
-                bundler_version: bundler_version,
+              details =  SharedHelpers.run_helper_subprocess(
+                command: NativeHelpers.helper_path,
                 function: "resolve_version",
                 args: {
                   dependency_name: dependency.name,
@@ -219,10 +218,6 @@ module Dependabot
           lockfile.content.match?(/BUNDLED WITH\s+2/m)
         end
-        def bundler_version
-          @bundler_version ||= Helpers.bundler_version(lockfile)
-        end
       end
     end
   end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-bundler
 version: !ruby/object:Gem::Version
-  version: 0.134.1
+  version: 0.134.2
 platform: ruby
 authors:
 - Dependabot
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-03-02 00:00:00.000000000 Z
+date: 2021-03-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.134.1
+        version: 0.134.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.134.1
+        version: 0.134.2
 - !ruby/object:Gem::Dependency
   name: byebug
   requirement: !ruby/object:Gem::Requirement
@@ -100,14 +100,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.10.0
+        version: 1.11.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.10.0
+        version: 1.11.0
 - !ruby/object:Gem::Dependency
   name: simplecov
   requirement: !ruby/object:Gem::Requirement
@@ -185,20 +185,18 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- helpers/v1/.gitignore
-- helpers/v1/Gemfile
-- helpers/v1/build
-- helpers/v1/lib/functions.rb
-- helpers/v1/lib/functions/conflicting_dependency_resolver.rb
-- helpers/v1/lib/functions/dependency_source.rb
-- helpers/v1/lib/functions/file_parser.rb
-- helpers/v1/lib/functions/force_updater.rb
-- helpers/v1/lib/functions/lockfile_updater.rb
-- helpers/v1/lib/functions/version_resolver.rb
-- helpers/v1/monkey_patches/definition_bundler_version_patch.rb
-- helpers/v1/monkey_patches/definition_ruby_version_patch.rb
-- helpers/v1/monkey_patches/git_source_patch.rb
-- helpers/v1/run.rb
+- helpers/build
+- helpers/lib/functions.rb
+- helpers/lib/functions/conflicting_dependency_resolver.rb
+- helpers/lib/functions/dependency_source.rb
+- helpers/lib/functions/file_parser.rb
+- helpers/lib/functions/force_updater.rb
+- helpers/lib/functions/lockfile_updater.rb
+- helpers/lib/functions/version_resolver.rb
+- helpers/monkey_patches/definition_bundler_version_patch.rb
+- helpers/monkey_patches/definition_ruby_version_patch.rb
+- helpers/monkey_patches/git_source_patch.rb
+- helpers/run.rb
 - lib/dependabot/bundler.rb
 - lib/dependabot/bundler/file_fetcher.rb
 - lib/dependabot/bundler/file_fetcher/child_gemfile_finder.rb
@@ -218,7 +216,6 @@ files:
 - lib/dependabot/bundler/file_updater/lockfile_updater.rb
 - lib/dependabot/bundler/file_updater/requirement_replacer.rb
 - lib/dependabot/bundler/file_updater/ruby_requirement_setter.rb
-- lib/dependabot/bundler/helpers.rb
 - lib/dependabot/bundler/metadata_finder.rb
 - lib/dependabot/bundler/native_helpers.rb
 - lib/dependabot/bundler/requirement.rb

data/helpers/v1/.gitignore DELETED Viewed

@@ -1,8 +0,0 @@
-/.bundle/
-/.env
-/tmp
-/dependabot-*.gem
-Gemfile.lock
-spec/fixtures/projects/*/.bundle/
-!spec/fixtures/projects/**/Gemfile.lock
-!spec/fixtures/projects/**/vendor

data/helpers/v1/Gemfile DELETED Viewed

@@ -1,16 +0,0 @@
-# frozen_string_literal: true
-# TODO: Look into removing this. "find" used to get required from common's
-# gemspec so we've added it here for backwards compatability during bundler 2
-# rollout.
-#
-# NOTE: If we don't require it and a customers `.gemspec` uses Find without
-# requiring it, we'll start raising a DependencyFileNotEvaluatable error which
-# is probably the right thing to do
-require "find"
-source "https://rubygems.org"
-# NOTE: This is intentionally left blank as it's currently only used to force
-# bundler to use v1 when executing native helpers by pointing the BUNDLE_GEMFILE
-# env to this Gemfile in Dependabot::Bundler::NativeHelpers

data/lib/dependabot/bundler/helpers.rb DELETED Viewed

@@ -1,16 +0,0 @@
-# frozen_string_literal: true
-module Dependabot
-  module Bundler
-    module Helpers
-      V1 = "1"
-      V2 = "2"
-      # TODO: Add support for bundler v2
-      # return "v2" if lockfile.content.match?(/BUNDLED WITH\s+2/m)
-      def self.bundler_version(_lockfile)
-        V1
-      end
-    end
-  end
-end