dependabot-bundler 0.138.7 → 0.139.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/helpers/v2/run.rb +1 -1
- data/lib/dependabot/bundler/helpers.rb +23 -9
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 3c54dffe91f0389e710f63d92516f50b80d33c39f16ac16e5bf5d69dbf743cad
|
|
4
|
+
data.tar.gz: 2deecb17658d7f9f3833d54ae8359d1c177bd4840c771dd3eae175b455baec45
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e25cba7a7f5d7f1c234a431b5a2aa7539a99e50c2e6865b659d0aeb82cbd9a69a7ef0d32ec2fe1d552f154ea8482270ca7899a7989b3ef72509c6d699d065827
|
|
7
|
+
data.tar.gz: 3e4cb3481a025eda7bb85440dfcef2d12a1dd5413176555953c695c9bdb03371c196d7432d7e9ec23ed16b2c19a3261dccfc1fc0ed0713ec50a56537b2ebeca6
|
data/helpers/v2/run.rb
CHANGED
|
@@ -5,23 +5,37 @@ module Dependabot
|
|
|
5
5
|
module Helpers
|
|
6
6
|
V1 = "1"
|
|
7
7
|
V2 = "2"
|
|
8
|
+
# If we are updating a project with no Gemfile.lock, we default to the
|
|
9
|
+
# newest version we support
|
|
10
|
+
DEFAULT = V2
|
|
11
|
+
# If we are updating a project with a Gemfile.lock that does not specify
|
|
12
|
+
# the version it was bundled with, with failover to V1 on the assumption
|
|
13
|
+
# it was created with an old version that didn't add this information
|
|
14
|
+
FAILOVER = V1
|
|
8
15
|
|
|
9
|
-
|
|
10
|
-
def self.bundler_version(_lockfile, options:)
|
|
11
|
-
# For now, force V2 if bundler_2_available
|
|
12
|
-
return V2 if options[:bundler_2_available]
|
|
16
|
+
BUNDLER_MAJOR_VERSION_REGEX = /BUNDLED WITH\s+(?<version>\d+)\./m.freeze
|
|
13
17
|
|
|
14
|
-
|
|
15
|
-
|
|
18
|
+
# NOTE: options is a manditory argument to ensure we pass it from all calling classes
|
|
19
|
+
def self.bundler_version(lockfile, options:)
|
|
20
|
+
# TODO: Remove once bundler 2 is fully supported
|
|
21
|
+
return V1 unless options[:bundler_2_available]
|
|
22
|
+
return DEFAULT unless lockfile
|
|
16
23
|
|
|
17
|
-
|
|
24
|
+
if (matches = lockfile.content.match(BUNDLER_MAJOR_VERSION_REGEX))
|
|
25
|
+
matches[:version].to_i >= 2 ? V2 : V1
|
|
26
|
+
else
|
|
27
|
+
FAILOVER
|
|
28
|
+
end
|
|
18
29
|
end
|
|
19
30
|
|
|
20
31
|
def self.detected_bundler_version(lockfile)
|
|
21
32
|
return "unknown" unless lockfile
|
|
22
|
-
return V2 if lockfile.content.match?(/BUNDLED WITH\s+2/m)
|
|
23
33
|
|
|
24
|
-
|
|
34
|
+
if (matches = lockfile.content.match(BUNDLER_MAJOR_VERSION_REGEX))
|
|
35
|
+
matches[:version]
|
|
36
|
+
else
|
|
37
|
+
FAILOVER
|
|
38
|
+
end
|
|
25
39
|
end
|
|
26
40
|
end
|
|
27
41
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-bundler
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.139.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.139.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.139.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|