dependabot-bundler 0.136.0 → 0.137.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 393bf9b8a90811c0809226907cbff66998c3fb481f16d23115cbf4e22444ed8e
-  data.tar.gz: 7e334d28a93224445785f7f23215d782bc3b2c70b177faf9f35276604ff1adae
+  metadata.gz: 10624630c42401b86b141da992ab3c2aca5e2f59c82068ba338f26545e133283
+  data.tar.gz: 850b5758a654ce2326fabbf3cf50acd1e5aff2e0d6afec7e8dd14c698d412f30
 SHA512:
-  metadata.gz: efbd895bfb249b021160b2806b74449741d4d7dfb1e955436d3ef6919683b8465f8574708be01b9a3fca992dc5df06e055647d4236aea66b219fe3c5f48ade2f
-  data.tar.gz: 21d703a2ad5dfe9eeba687172f558ec0cf7abddd5e6b4f9dbf72d05dead39b6a5764857903982d2fa3809fa19b5acf75c2d3b006c5c5ce6e9fc80453f3f7460b
+  metadata.gz: c43fef6dcb5b1a57b696b29fd1c6936a2fa82a91edf00fa6f4a7fc573e5f4f4e452315bb4b5053017e1c3255c0e3a625857a4e78dd4e93790bc019ff86b3f538
+  data.tar.gz: 03d91ae8abfd4980c6517b65d8ccad37257bd269044c5373bd10804ffb3763a8aefd2c1d30b59520304eeed13db6cd7234cf9e460cf5fdf86f96dab77f46b0b5

data/helpers/v1/Gemfile

@@ -2,6 +2,11 @@
 
 source "https://rubygems.org"
 
-# NOTE: This is intentionally left blank as it's currently only used to force
-# bundler to use v1 when executing native helpers by pointing the BUNDLE_GEMFILE
-# env to this Gemfile in Dependabot::Bundler::NativeHelpers
+# NOTE: Used to run native helper specs
+group :test do
+  gem "byebug", "11.1.3"
+  gem "rspec", "3.10.0"
+  gem "rspec-its", "1.3.0"
+  gem "vcr", "6.0.0"
+  gem "webmock", "3.12.1"
+end

data/helpers/v1/build

@@ -20,5 +20,5 @@ cp -r \
 cd "$install_dir"
 
 # NOTE: Sets `BUNDLED WITH` to match the installed v1 version in Gemfile.lock
-# forcing specs and native helpers to run with the same version
-BUNDLER_VERSION=1 bundle install
+# forcing native helpers to run with the same version
+BUNDLER_VERSION=1 bundle install --without test

data/helpers/v1/spec/functions/conflicting_dependency_resolver_spec.rb

@@ -0,0 +1,133 @@
+# frozen_string_literal: true
+
+require "native_spec_helper"
+require "shared_contexts"
+
+RSpec.describe Functions::ConflictingDependencyResolver do
+  include_context "in a temporary bundler directory"
+
+  let(:conflicting_dependency_resolver) do
+    described_class.new(
+      dependency_name: dependency_name,
+      target_version: target_version,
+      lockfile_name: "Gemfile.lock"
+    )
+  end
+
+  let(:dependency_name) { "dummy-pkg-a" }
+  let(:target_version) { "2.0.0" }
+
+  let(:project_name) { "blocked_by_subdep" }
+
+  describe "#conflicting_dependencies" do
+    subject(:conflicting_dependencies) do
+      in_tmp_folder { conflicting_dependency_resolver.conflicting_dependencies }
+    end
+
+    it "returns a list of dependencies that block the update" do
+      expect(conflicting_dependencies).to eq(
+        [{
+          "explanation" => "dummy-pkg-b (1.0.0) requires dummy-pkg-a (< 2.0.0)",
+          "name" => "dummy-pkg-b",
+          "version" => "1.0.0",
+          "requirement" => "< 2.0.0"
+        }]
+      )
+    end
+
+    context "for nested transitive dependencies" do
+      let(:project_name) { "transitive_blocking" }
+      let(:dependency_name) { "activesupport" }
+      let(:target_version) { "6.0.0" }
+
+      it "returns a list of dependencies that block the update" do
+        expect(conflicting_dependencies).to match_array(
+          [
+            {
+              "explanation" => "rails (5.2.0) requires activesupport (= 5.2.0)",
+              "name" => "rails",
+              "requirement" => "= 5.2.0",
+              "version" => "5.2.0"
+            },
+            {
+              "explanation" => "rails (5.2.0) requires activesupport (= 5.2.0) via actionpack (5.2.0)",
+              "name" => "actionpack",
+              "version" => "5.2.0",
+              "requirement" => "= 5.2.0"
+            },
+            {
+              "explanation" => "rails (5.2.0) requires activesupport (= 5.2.0) via actionview (5.2.0)",
+              "name" => "actionview",
+              "version" => "5.2.0",
+              "requirement" => "= 5.2.0"
+            },
+            {
+              "explanation" => "rails (5.2.0) requires activesupport (= 5.2.0) via activejob (5.2.0)",
+              "name" => "activejob",
+              "version" => "5.2.0",
+              "requirement" => "= 5.2.0"
+            },
+            {
+              "explanation" => "rails (5.2.0) requires activesupport (= 5.2.0) via activemodel (5.2.0)",
+              "name" => "activemodel",
+              "version" => "5.2.0",
+              "requirement" => "= 5.2.0"
+            },
+            {
+              "explanation" => "rails (5.2.0) requires activesupport (= 5.2.0) via activerecord (5.2.0)",
+              "name" => "activerecord",
+              "version" => "5.2.0",
+              "requirement" => "= 5.2.0"
+            },
+            {
+              "explanation" => "rails (5.2.0) requires activesupport (= 5.2.0) via railties (5.2.0)",
+              "name" => "railties",
+              "version" => "5.2.0",
+              "requirement" => "= 5.2.0"
+            }
+          ]
+        )
+      end
+    end
+
+    context "with multiple blocking dependencies" do
+      let(:dependency_name) { "activesupport" }
+      let(:current_version) { "5.0.0" }
+      let(:target_version) { "6.0.0" }
+      let(:project_name) { "multiple_blocking" }
+
+      it "returns all of the blocking dependencies" do
+        expect(conflicting_dependencies).to match_array(
+          [
+            {
+              "explanation" => "actionmailer (5.0.0) requires activesupport (= 5.0.0) via actionpack (5.0.0)",
+              "name" => "actionpack",
+              "version" => "5.0.0",
+              "requirement" => "= 5.0.0"
+            },
+            {
+              "explanation" => "actionview (5.0.0) requires activesupport (= 5.0.0)",
+              "name" => "actionview",
+              "version" => "5.0.0",
+              "requirement" => "= 5.0.0"
+            },
+            {
+              "explanation" => "actionmailer (5.0.0) requires activesupport (= 5.0.0) via activejob (5.0.0)",
+              "name" => "activejob",
+              "version" => "5.0.0",
+              "requirement" => "= 5.0.0"
+            }
+          ]
+        )
+      end
+    end
+
+    context "without any blocking dependencies" do
+      let(:target_version) { "1.0.0" }
+
+      it "returns an empty list" do
+        expect(conflicting_dependencies).to eq([])
+      end
+    end
+  end
+end

data/helpers/v1/spec/functions/dependency_source_spec.rb

@@ -0,0 +1,187 @@
+# frozen_string_literal: true
+
+require "native_spec_helper"
+require "shared_contexts"
+
+RSpec.describe Functions::DependencySource do
+  include_context "in a temporary bundler directory"
+
+  let(:dependency_source) do
+    described_class.new(
+      gemfile_name: "Gemfile",
+      dependency_name: dependency_name
+    )
+  end
+
+  let(:dependency_name) { "business" }
+
+  let(:project_name) { "specified_source_no_lockfile" }
+  let(:registry_url) { "https://repo.fury.io/greysteil/" }
+  let(:gemfury_business_url) do
+    "https://repo.fury.io/greysteil/api/v1/dependencies?gems=business"
+  end
+
+  before do
+    stub_request(:get, registry_url + "versions").
+      with(basic_auth: ["SECRET_CODES", ""]).
+      to_return(status: 404)
+    stub_request(:get, registry_url + "api/v1/dependencies").
+      with(basic_auth: ["SECRET_CODES", ""]).
+      to_return(status: 200)
+    stub_request(:get, gemfury_business_url).
+      with(basic_auth: ["SECRET_CODES", ""]).
+      to_return(status: 200, body: fixture("ruby", "gemfury_response"))
+  end
+
+  describe "#private_registry_versions" do
+    subject(:private_registry_versions) do
+      in_tmp_folder { dependency_source.private_registry_versions }
+    end
+
+    it "returns all versions from the private source" do
+      is_expected.to eq([
+                          Gem::Version.new("1.5.0"),
+                          Gem::Version.new("1.9.0"),
+                          Gem::Version.new("1.10.0.beta")
+                        ])
+    end
+
+    context "specified as the default source" do
+      let(:project_name) { "specified_default_source_no_lockfile" }
+
+      it "returns all versions from the private source" do
+        is_expected.to eq([
+                            Gem::Version.new("1.5.0"),
+                            Gem::Version.new("1.9.0"),
+                            Gem::Version.new("1.10.0.beta")
+                          ])
+      end
+    end
+
+    context "that we don't have authentication details for" do
+      before do
+        stub_request(:get, registry_url + "versions").
+          with(basic_auth: ["SECRET_CODES", ""]).
+          to_return(status: 401)
+        stub_request(:get, registry_url + "api/v1/dependencies").
+          with(basic_auth: ["SECRET_CODES", ""]).
+          to_return(status: 401)
+        stub_request(:get, registry_url + "specs.4.8.gz").
+          with(basic_auth: ["SECRET_CODES", ""]).
+          to_return(status: 401)
+      end
+
+      it "blows up with a useful error" do
+        error_class = Bundler::Fetcher::AuthenticationRequiredError
+        error_message = "Authentication is required for repo.fury.io"
+        expect { private_registry_versions }.
+          to raise_error do |error|
+            expect(error).to be_a(error_class)
+            expect(error.message).to include(error_message)
+          end
+      end
+    end
+
+    context "that we have bad authentication details for" do
+      before do
+        stub_request(:get, registry_url + "versions").
+          with(basic_auth: ["SECRET_CODES", ""]).
+          to_return(status: 403)
+        stub_request(:get, registry_url + "api/v1/dependencies").
+          with(basic_auth: ["SECRET_CODES", ""]).
+          to_return(status: 403)
+        stub_request(:get, registry_url + "specs.4.8.gz").
+          with(basic_auth: ["SECRET_CODES", ""]).
+          to_return(status: 403)
+      end
+
+      it "blows up with a useful error" do
+        error_class = Bundler::Fetcher::BadAuthenticationError
+        expect { private_registry_versions }.
+          to raise_error do |error|
+            expect(error).to be_a(error_class)
+            expect(error.message).
+              to include("Bad username or password for")
+          end
+      end
+    end
+
+    context "that bad-requested, but was a private repo" do
+      before do
+        stub_request(:get, registry_url + "versions").
+          with(basic_auth: ["SECRET_CODES", ""]).
+          to_return(status: 400)
+        stub_request(:get, registry_url + "api/v1/dependencies").
+          with(basic_auth: ["SECRET_CODES", ""]).
+          to_return(status: 400)
+        stub_request(:get, registry_url + "specs.4.8.gz").
+          with(basic_auth: ["SECRET_CODES", ""]).
+          to_return(status: 400)
+      end
+
+      it "blows up with a useful error" do
+        expect { private_registry_versions }.
+          to raise_error do |error|
+            expect(error).to be_a(Bundler::HTTPError)
+            expect(error.message).
+              to include("Could not fetch specs from")
+          end
+      end
+    end
+
+    context "that doesn't have details of the gem" do
+      before do
+        stub_request(:get, gemfury_business_url).
+          with(basic_auth: ["SECRET_CODES", ""]).
+          to_return(status: 404)
+
+        # Stub indexes to return details of other gems (but not this one)
+        stub_request(:get, registry_url + "specs.4.8.gz").
+          to_return(
+            status: 200,
+            body: fixture("ruby", "contribsys_old_index_response")
+          )
+        stub_request(:get, registry_url + "prerelease_specs.4.8.gz").
+          to_return(
+            status: 200,
+            body: fixture("ruby", "contribsys_old_index_prerelease_response")
+          )
+      end
+
+      it { is_expected.to be_empty }
+    end
+
+    context "that only implements the old Bundler index format..." do
+      let(:project_name) { "sidekiq_pro" }
+      let(:dependency_name) { "sidekiq-pro" }
+      let(:registry_url) { "https://gems.contribsys.com/" }
+
+      before do
+        stub_request(:get, registry_url + "versions").
+          with(basic_auth: %w(username password)).
+          to_return(status: 404)
+        stub_request(:get, registry_url + "api/v1/dependencies").
+          with(basic_auth: %w(username password)).
+          to_return(status: 404)
+        stub_request(:get, registry_url + "specs.4.8.gz").
+          with(basic_auth: %w(username password)).
+          to_return(
+            status: 200,
+            body: fixture("ruby", "contribsys_old_index_response")
+          )
+        stub_request(:get, registry_url + "prerelease_specs.4.8.gz").
+          with(basic_auth: %w(username password)).
+          to_return(
+            status: 200,
+            body: fixture("ruby", "contribsys_old_index_prerelease_response")
+          )
+      end
+
+      it "returns all versions from the private source" do
+        expect(private_registry_versions.length).to eql(70)
+        expect(private_registry_versions.min).to eql(Gem::Version.new("1.0.0"))
+        expect(private_registry_versions.max).to eql(Gem::Version.new("3.5.2"))
+      end
+    end
+  end
+end

data/helpers/v1/spec/functions/file_parser_spec.rb

@@ -0,0 +1,77 @@
+# frozen_string_literal: true
+
+require "native_spec_helper"
+require "shared_contexts"
+
+RSpec.describe Functions::FileParser do
+  include_context "in a temporary bundler directory"
+
+  let(:dependency_source) do
+    described_class.new(
+      lockfile_name: "Gemfile.lock"
+    )
+  end
+
+  let(:project_name) { "gemfile" }
+
+  describe "#parsed_gemfile" do
+    subject(:parsed_gemfile) do
+      in_tmp_folder do
+        dependency_source.parsed_gemfile(gemfile_name: "Gemfile")
+      end
+    end
+
+    it "parses gemfile" do
+      parsed_gemfile = [
+        {
+          groups: [:default],
+          name: "business",
+          requirement: Gem::Requirement.new("~> 1.4.0"),
+          source: nil,
+          type: :runtime
+        },
+        {
+          groups: [:default],
+          name: "statesman",
+          requirement: Gem::Requirement.new("~> 1.2.0"),
+          source: nil,
+          type: :runtime
+        }
+      ]
+      is_expected.to eq(parsed_gemfile)
+    end
+  end
+
+  describe "#parsed_gemspec" do
+    let!(:gemspec_fixture) do
+      fixture("ruby", "gemspecs", "exact")
+    end
+
+    subject(:parsed_gemspec) do
+      in_tmp_folder do |tmp_path|
+        File.write(File.join(tmp_path, "test.gemspec"), gemspec_fixture)
+        dependency_source.parsed_gemspec(gemspec_name: "test.gemspec")
+      end
+    end
+
+    it "parses gemspec" do
+      parsed_gemspec = [
+        {
+          groups: nil,
+          name: "business",
+          requirement: Gem::Requirement.new("= 1.0.0"),
+          source: nil,
+          type: :runtime
+        },
+        {
+          groups: nil,
+          name: "statesman",
+          requirement: Gem::Requirement.new("= 1.0.0"),
+          source: nil,
+          type: :runtime
+        }
+      ]
+      is_expected.to eq(parsed_gemspec)
+    end
+  end
+end

data/helpers/v1/spec/functions/version_resolver_spec.rb

@@ -0,0 +1,97 @@
+# frozen_string_literal: true
+
+require "native_spec_helper"
+require "shared_contexts"
+
+RSpec.describe Functions::VersionResolver do
+  include_context "in a temporary bundler directory"
+  include_context "stub rubygems compact index"
+
+  let(:version_resolver) do
+    described_class.new(
+      dependency_name: dependency_name,
+      dependency_requirements: dependency_requirements,
+      gemfile_name: "Gemfile",
+      lockfile_name: "Gemfile.lock"
+    )
+  end
+
+  let(:dependency_name) { "business" }
+  let(:dependency_requirements) do
+    [{
+      file: "Gemfile",
+      requirement: requirement_string,
+      groups: [],
+      source: source
+    }]
+  end
+  let(:source) { nil }
+
+  let(:rubygems_url) { "https://index.rubygems.org/api/v1/" }
+  let(:old_index_url) { rubygems_url + "dependencies" }
+
+  describe "#version_details" do
+    subject do
+      in_tmp_folder { version_resolver.version_details }
+    end
+
+    let(:project_name) { "gemfile" }
+    let(:requirement_string) { " >= 0" }
+
+    its([:version]) { is_expected.to eq(Gem::Version.new("1.4.0")) }
+    its([:fetcher]) { is_expected.to eq("Bundler::Fetcher::CompactIndex") }
+
+    context "with a private gemserver source" do
+      include_context "stub rubygems compact index"
+
+      let(:project_name) { "specified_source" }
+      let(:requirement_string) { ">= 0" }
+
+      before do
+        gemfury_url = "https://repo.fury.io/greysteil/"
+        gemfury_deps_url = gemfury_url + "api/v1/dependencies"
+
+        stub_request(:get, gemfury_url + "versions").
+          to_return(status: 200, body: fixture("ruby", "gemfury-index"))
+        stub_request(:get, gemfury_url + "info/business").to_return(status: 404)
+        stub_request(:get, gemfury_deps_url).to_return(status: 200)
+        stub_request(:get, gemfury_deps_url + "?gems=business,statesman").
+          to_return(status: 200, body: fixture("ruby", "gemfury_response"))
+        stub_request(:get, gemfury_deps_url + "?gems=business").
+          to_return(status: 200, body: fixture("ruby", "gemfury_response"))
+        stub_request(:get, gemfury_deps_url + "?gems=statesman").
+          to_return(status: 200, body: fixture("ruby", "gemfury_response"))
+      end
+
+      its([:version]) { is_expected.to eq(Gem::Version.new("1.9.0")) }
+      its([:fetcher]) { is_expected.to eq("Bundler::Fetcher::Dependency") }
+    end
+
+    context "with a git source" do
+      let(:project_name) { "git_source" }
+
+      its([:version]) { is_expected.to eq(Gem::Version.new("1.6.0")) }
+      its([:fetcher]) { is_expected.to be_nil }
+    end
+
+    context "when Bundler's compact index is down" do
+      before do
+        stub_request(:get, "https://index.rubygems.org/versions").
+          to_return(status: 500, body: "We'll be back soon")
+        stub_request(:get, "https://index.rubygems.org/info/public_suffix").
+          to_return(status: 500, body: "We'll be back soon")
+        stub_request(:get, old_index_url).to_return(status: 200)
+        stub_request(:get, old_index_url + "?gems=business,statesman").
+          to_return(
+            status: 200,
+            body: fixture("ruby",
+                          "rubygems_responses",
+                          "dependencies-default-gemfile")
+          )
+      end
+
+      its([:version]) { is_expected.to eq(Gem::Version.new("1.4.0")) }
+      its([:fetcher]) { is_expected.to eq("Bundler::Fetcher::Dependency") }
+    end
+  end
+end

data/helpers/v1/spec/native_spec_helper.rb

@@ -0,0 +1,49 @@
+# frozen_string_literal: true
+
+require "rspec/its"
+require "webmock/rspec"
+require "byebug"
+
+$LOAD_PATH.unshift(File.expand_path("../lib", __dir__))
+$LOAD_PATH.unshift(File.expand_path("../monkey_patches", __dir__))
+
+# Bundler monkey patches
+require "definition_ruby_version_patch"
+require "definition_bundler_version_patch"
+require "git_source_patch"
+
+require "functions"
+
+RSpec.configure do |config|
+  config.color = true
+  config.order = :rand
+  config.mock_with(:rspec) { |mocks| mocks.verify_partial_doubles = true }
+  config.raise_errors_for_deprecations!
+end
+
+# Duplicated in lib/dependabot/bundler/file_updater/lockfile_updater.rb
+# TODO: Stop sanitizing the lockfile once we have bundler 2 installed
+LOCKFILE_ENDING = /(?<ending>\s*(?:RUBY VERSION|BUNDLED WITH).*)/m.freeze
+
+def project_dependency_files(project)
+  project_path = File.expand_path(File.join("../../spec/fixtures/projects/bundler1", project))
+  Dir.chdir(project_path) do
+    # NOTE: Include dotfiles (e.g. .npmrc)
+    files = Dir.glob("**/*", File::FNM_DOTMATCH)
+    files = files.select { |f| File.file?(f) }
+    files.map do |filename|
+      content = File.read(filename)
+      if filename == "Gemfile.lock"
+        content = content.gsub(LOCKFILE_ENDING, "")
+      end
+      {
+        name: filename,
+        content: content
+      }
+    end
+  end
+end
+
+def fixture(*name)
+  File.read(File.join("../../spec/fixtures", File.join(*name)))
+end

data/helpers/v1/spec/shared_contexts.rb

@@ -0,0 +1,59 @@
+# frozen_string_literal: true
+
+require "bundler/compact_index_client"
+require "bundler/compact_index_client/updater"
+
+TMP_DIR_PATH = File.expand_path("../tmp", __dir__)
+
+RSpec.shared_context "in a temporary bundler directory" do
+  let(:project_name) { "gemfile" }
+
+  let(:tmp_path) do
+    Dir.mkdir(TMP_DIR_PATH) unless Dir.exist?(TMP_DIR_PATH)
+    dir = Dir.mktmpdir("native_helper_spec_", TMP_DIR_PATH)
+    Pathname.new(dir).expand_path
+  end
+
+  before do
+    project_dependency_files(project_name).each do |file|
+      File.write(File.join(tmp_path, file[:name]), file[:content])
+    end
+  end
+
+  def in_tmp_folder(&block)
+    Dir.chdir(tmp_path, &block)
+  end
+end
+
+RSpec.shared_context "without caching rubygems" do
+  before do
+    # Stub Bundler to stop it using a cached versions of Rubygems
+    allow_any_instance_of(Bundler::CompactIndexClient::Updater).
+      to receive(:etag_for).and_return("")
+  end
+end
+
+RSpec.shared_context "stub rubygems compact index" do
+  include_context "without caching rubygems"
+
+  before do
+    # Stub the Rubygems index
+    stub_request(:get, "https://index.rubygems.org/versions").
+      to_return(
+        status: 200,
+        body: fixture("ruby", "rubygems_responses", "index")
+      )
+
+    # Stub the Rubygems response for each dependency we have a fixture for
+    fixtures =
+      Dir[File.join("../../spec", "fixtures", "ruby", "rubygems_responses", "info-*")]
+    fixtures.each do |path|
+      dep_name = path.split("/").last.gsub("info-", "")
+      stub_request(:get, "https://index.rubygems.org/info/#{dep_name}").
+        to_return(
+          status: 200,
+          body: fixture("ruby", "rubygems_responses", "info-#{dep_name}")
+        )
+    end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-bundler
 version: !ruby/object:Gem::Version
-  version: 0.136.0
+  version: 0.137.0
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-03-08 00:00:00.000000000 Z
+date: 2021-03-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.136.0
+        version: 0.137.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.136.0
+        version: 0.137.0
 - !ruby/object:Gem::Dependency
   name: byebug
   requirement: !ruby/object:Gem::Requirement
@@ -200,6 +200,12 @@ files:
 - helpers/v1/monkey_patches/definition_ruby_version_patch.rb
 - helpers/v1/monkey_patches/git_source_patch.rb
 - helpers/v1/run.rb
+- helpers/v1/spec/functions/conflicting_dependency_resolver_spec.rb
+- helpers/v1/spec/functions/dependency_source_spec.rb
+- helpers/v1/spec/functions/file_parser_spec.rb
+- helpers/v1/spec/functions/version_resolver_spec.rb
+- helpers/v1/spec/native_spec_helper.rb
+- helpers/v1/spec/shared_contexts.rb
 - lib/dependabot/bundler.rb
 - lib/dependabot/bundler/file_fetcher.rb
 - lib/dependabot/bundler/file_fetcher/child_gemfile_finder.rb