dependabot-bundler 0.153.0 → 0.154.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (27) hide show
  1. checksums.yaml +4 -4
  2. data/helpers/v1/build +1 -1
  3. data/helpers/v1/lib/functions.rb +2 -2
  4. data/helpers/v1/lib/functions/dependency_source.rb +3 -1
  5. data/helpers/v1/lib/functions/file_parser.rb +5 -7
  6. data/helpers/v1/lib/functions/force_updater.rb +2 -0
  7. data/helpers/v1/lib/functions/lockfile_updater.rb +11 -11
  8. data/helpers/v1/lib/functions/version_resolver.rb +5 -7
  9. data/helpers/v1/monkey_patches/git_source_patch.rb +1 -3
  10. data/helpers/v1/run.rb +3 -3
  11. data/helpers/v1/spec/functions/dependency_source_spec.rb +8 -8
  12. data/helpers/v1/spec/native_spec_helper.rb +1 -3
  13. data/helpers/v2/build +1 -1
  14. data/helpers/v2/lib/functions.rb +0 -2
  15. data/helpers/v2/lib/functions/dependency_source.rb +3 -1
  16. data/helpers/v2/lib/functions/file_parser.rb +5 -7
  17. data/helpers/v2/lib/functions/force_updater.rb +2 -0
  18. data/helpers/v2/lib/functions/lockfile_updater.rb +4 -3
  19. data/helpers/v2/lib/functions/version_resolver.rb +5 -7
  20. data/helpers/v2/monkey_patches/git_source_patch.rb +1 -3
  21. data/helpers/v2/run.rb +4 -2
  22. data/helpers/v2/spec/functions/dependency_source_spec.rb +8 -8
  23. data/helpers/v2/spec/functions/file_parser_spec.rb +7 -7
  24. data/helpers/v2/spec/functions_spec.rb +1 -1
  25. data/helpers/v2/spec/native_spec_helper.rb +2 -5
  26. data/lib/dependabot/bundler/native_helpers.rb +1 -2
  27. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ec91f10e65aef27d7201abd0c2bf2bc1572c2d58df66cf2b45ea8d6d33763e3f
4
- data.tar.gz: 73cdc686c5e9e46c4415d55a2121c67c02357baf3d47da58fe1df3f1851ab3c6
3
+ metadata.gz: 5d3ee8258077d3709596e54c3cd01ef8dd994491f4a169adc14d740affa31ebb
4
+ data.tar.gz: fd867994910ef8b5683d9678ad56b43116a1a163a1f861154b638c7092f4e1bc
5
5
  SHA512:
6
- metadata.gz: 043c8707e4111cf0c824c99d2390c852a40a998aad11cafe2e6fe34a1f2c234a7644f90d2790911c35ec03721389a897b6f976a5eb32568dd443bde8f2381491
7
- data.tar.gz: 66e8c805e2146d22f56aa7b8f4a9740308ec27b488bf9c7b352a68f11fa3f128a76dba712f0d6f8910fa5f8e111f8bfc2c2ae788d7726927c51721da2cda851d
6
+ metadata.gz: a95ee6127330d8e867cca4a84b88beb808757a0cbf8cd08a2888797e025fa04863ce8f91a8cf4df49361fc498740d6bcaf4826dfb30ea4cf344cb439f4ae06ba
7
+ data.tar.gz: 88cbe52f19713ae20361a671d04128be49c12cbcd9907314f3df1f7286d8ff0c19505ca43dd35e0a6b936ee05df49510ffcc52588f55c93cac90f042a08cc1ea
data/helpers/v1/build CHANGED
@@ -20,6 +20,6 @@ cd "$install_dir"
20
20
 
21
21
  # NOTE: Sets `BUNDLED WITH` to match the installed v1 version in Gemfile.lock
22
22
  # forcing native helpers to run with the same version
23
- BUNDLER_VERSION=2 bundle config set --local path ".bundle"
23
+ BUNDLER_VERSION=1 bundle config set --local path ".bundle"
24
24
  BUNDLER_VERSION=1 bundle config set --local without "test"
25
25
  BUNDLER_VERSION=1 bundle install
data/helpers/v1/lib/functions.rb CHANGED
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require "functions/file_parser"
2
4
  require "functions/force_updater"
3
5
  require "functions/lockfile_updater"
@@ -124,8 +126,6 @@ module Functions
124
126
  ).conflicting_dependencies
125
127
  end
126
128
 
127
- private
128
-
129
129
  def self.set_bundler_flags_and_credentials(dir:, credentials:)
130
130
  dir = dir ? Pathname.new(dir) : dir
131
131
  Bundler.instance_variable_set(:@root, dir)
data/helpers/v1/lib/functions/dependency_source.rb CHANGED
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module Functions
2
4
  class DependencySource
3
5
  attr_reader :gemfile_name, :dependency_name
@@ -66,7 +68,7 @@ module Functions
66
68
  return @specified_source if defined? @specified_source
67
69
 
68
70
  @specified_source = definition.dependencies.
69
- find { |dep| dep.name == dependency_name }&.source
71
+ find { |dep| dep.name == dependency_name }&.source
70
72
  end
71
73
 
72
74
  def default_source
data/helpers/v1/lib/functions/file_parser.rb CHANGED
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module Functions
2
4
  class FileParser
3
5
  def initialize(lockfile_name:)
@@ -39,7 +41,7 @@ module Functions
39
41
  end
40
42
 
41
43
  def source_from_lockfile(dependency_name)
42
- parsed_lockfile&.specs.find { |s| s.name == dependency_name }&.source
44
+ parsed_lockfile&.specs&.find { |s| s.name == dependency_name }&.source
43
45
  end
44
46
 
45
47
  def source_for(dependency)
@@ -54,12 +56,8 @@ module Functions
54
56
  return nil if default_rubygems?(source)
55
57
 
56
58
  details = { type: source.class.name.split("::").last.downcase }
57
- if source.is_a?(Bundler::Source::Git)
58
- details.merge!(git_source_details(source))
59
- end
60
- if source.is_a?(Bundler::Source::Rubygems)
61
- details[:url] = source.remotes.first.to_s
62
- end
59
+ details.merge!(git_source_details(source)) if source.is_a?(Bundler::Source::Git)
60
+ details[:url] = source.remotes.first.to_s if source.is_a?(Bundler::Source::Rubygems)
63
61
  details
64
62
  end
65
63
 
data/helpers/v1/lib/functions/force_updater.rb CHANGED
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module Functions
2
4
  class ForceUpdater
3
5
  class TransitiveDependencyError < StandardError; end
data/helpers/v1/lib/functions/lockfile_updater.rb CHANGED
@@ -1,12 +1,14 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module Functions
2
4
  class LockfileUpdater
3
5
  RETRYABLE_ERRORS = [Bundler::HTTPError].freeze
4
6
  GEM_NOT_FOUND_ERROR_REGEX =
5
- /
6
- locked\sto\s(?<name>[^\s]+)\s\(|
7
- not\sfind\s(?<name>[^\s]+)-\d|
8
- has\s(?<name>[^\s]+)\slocked\sat
9
- /x.freeze
7
+ /
8
+ locked\sto\s(?<name>[^\s]+)\s\(|
9
+ not\sfind\s(?<name>[^\s]+)-\d|
10
+ has\s(?<name>[^\s]+)\slocked\sat
11
+ /x.freeze
10
12
 
11
13
  def initialize(gemfile_name:, lockfile_name:, dependencies:)
12
14
  @gemfile_name = gemfile_name
@@ -22,7 +24,7 @@ module Functions
22
24
 
23
25
  attr_reader :gemfile_name, :lockfile_name, :dependencies
24
26
 
25
- def generate_lockfile
27
+ def generate_lockfile # rubocop:disable Metrics/PerceivedComplexity
26
28
  dependencies_to_unlock = dependencies.map { |d| d.fetch("name") }
27
29
 
28
30
  begin
@@ -135,7 +137,7 @@ module Functions
135
137
  raise unless error.message.match?(GEM_NOT_FOUND_ERROR_REGEX)
136
138
 
137
139
  gem_name = error.message.match(GEM_NOT_FOUND_ERROR_REGEX).
138
- named_captures["name"]
140
+ named_captures["name"]
139
141
  raise if dependencies_to_unlock.include?(gem_name)
140
142
 
141
143
  dependencies_to_unlock << gem_name
@@ -161,9 +163,7 @@ module Functions
161
163
  end.compact.map(&:name)
162
164
 
163
165
  # If there are specific dependencies we can unlock, unlock them
164
- if potentials_deps.any?
165
- return dependencies_to_unlock.append(*potentials_deps)
166
- end
166
+ return dependencies_to_unlock.append(*potentials_deps) if potentials_deps.any?
167
167
 
168
168
  # Fall back to unlocking *all* sub-dependencies. This is required
169
169
  # because Bundler's VersionConflict objects don't include enough
@@ -205,7 +205,7 @@ module Functions
205
205
  defn_dep.source.is_a?(Bundler::Source::Git)
206
206
  defn_dep.source.unlock!
207
207
  elsif Gem::Version.correct?(dep.fetch("version"))
208
- new_req = Gem::Requirement.create("= #{dep.fetch("version")}")
208
+ new_req = Gem::Requirement.create("= #{dep.fetch('version')}")
209
209
  old_reqs[dep.fetch("name")] = defn_dep.requirement
210
210
  defn_dep.instance_variable_set(:@requirement, new_req)
211
211
  end
data/helpers/v1/lib/functions/version_resolver.rb CHANGED
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module Functions
2
4
  class VersionResolver
3
5
  GEM_NOT_FOUND_ERROR_REGEX = /locked to (?<name>[^\s]+) \(/.freeze
@@ -20,9 +22,7 @@ module Functions
20
22
  # included in a gemspec, it's because the Gemfile didn't import
21
23
  # the gemspec. This is unusual, but the correct behaviour if/when
22
24
  # it happens is to behave as if the repo was gemspec-only.
23
- if dep.nil? && dependency_requirements.any?
24
- return "latest"
25
- end
25
+ return "latest" if dep.nil? && dependency_requirements.any?
26
26
 
27
27
  # Otherwise, if the dependency wasn't found it's because it is a
28
28
  # subdependency that was removed when attempting to update it.
@@ -38,9 +38,7 @@ module Functions
38
38
  ruby_version: ruby_version,
39
39
  fetcher: fetcher_class(dep)
40
40
  }
41
- if dep.source.instance_of?(::Bundler::Source::Git)
42
- details[:commit_sha] = dep.source.revision
43
- end
41
+ details[:commit_sha] = dep.source.revision if dep.source.instance_of?(::Bundler::Source::Git)
44
42
  details
45
43
  end
46
44
 
@@ -92,7 +90,7 @@ module Functions
92
90
  end
93
91
 
94
92
  def build_definition(dependencies_to_unlock)
95
- # Note: we lock shared dependencies to avoid any top-level
93
+ # NOTE: we lock shared dependencies to avoid any top-level
96
94
  # dependencies getting unlocked (which would happen if they were
97
95
  # also subdependencies of the dependency being unlocked)
98
96
  ::Bundler::Definition.build(
data/helpers/v1/monkey_patches/git_source_patch.rb CHANGED
@@ -41,9 +41,7 @@ module Bundler
41
41
  $LOAD_PATH.shift until $LOAD_PATH.empty?
42
42
  reduced_load_paths.each { |p| $LOAD_PATH << p }
43
43
 
44
- if destination.relative?
45
- destination = destination.expand_path(Bundler.root)
46
- end
44
+ destination = destination.expand_path(Bundler.root) if destination.relative?
47
45
  Dir["#{destination}/#{@glob}"].each do |spec_path|
48
46
  # Evaluate gemspecs and cache the result. Gemspecs
49
47
  # in git might require git or other dependencies.
data/helpers/v1/run.rb CHANGED
@@ -13,7 +13,7 @@ require "git_source_patch"
13
13
 
14
14
  require "functions"
15
15
 
16
- MAX_BUNDLER_VERSION="2.0.0"
16
+ MAX_BUNDLER_VERSION = "2.0.0"
17
17
 
18
18
  def validate_bundler_version!
19
19
  return true if correct_bundler_version?
@@ -38,9 +38,9 @@ begin
38
38
  args = request["args"].transform_keys(&:to_sym)
39
39
 
40
40
  output({ result: Functions.send(function, **args) })
41
- rescue => error
41
+ rescue StandardError => e
42
42
  output(
43
- { error: error.message, error_class: error.class, trace: error.backtrace }
43
+ { error: e.message, error_class: e.class, trace: e.backtrace }
44
44
  )
45
45
  exit(1)
46
46
  end
data/helpers/v1/spec/functions/dependency_source_spec.rb CHANGED
@@ -40,10 +40,10 @@ RSpec.describe Functions::DependencySource do
40
40
 
41
41
  it "returns all versions from the private source" do
42
42
  is_expected.to eq([
43
- Gem::Version.new("1.5.0"),
44
- Gem::Version.new("1.9.0"),
45
- Gem::Version.new("1.10.0.beta")
46
- ])
43
+ Gem::Version.new("1.5.0"),
44
+ Gem::Version.new("1.9.0"),
45
+ Gem::Version.new("1.10.0.beta")
46
+ ])
47
47
  end
48
48
 
49
49
  context "specified as the default source" do
@@ -51,10 +51,10 @@ RSpec.describe Functions::DependencySource do
51
51
 
52
52
  it "returns all versions from the private source" do
53
53
  is_expected.to eq([
54
- Gem::Version.new("1.5.0"),
55
- Gem::Version.new("1.9.0"),
56
- Gem::Version.new("1.10.0.beta")
57
- ])
54
+ Gem::Version.new("1.5.0"),
55
+ Gem::Version.new("1.9.0"),
56
+ Gem::Version.new("1.10.0.beta")
57
+ ])
58
58
  end
59
59
  end
60
60
 
data/helpers/v1/spec/native_spec_helper.rb CHANGED
@@ -36,9 +36,7 @@ def project_dependency_files(project)
36
36
  files = files.select { |f| File.file?(f) }
37
37
  files.map do |filename|
38
38
  content = File.read(filename)
39
- if filename == "Gemfile.lock"
40
- content = content.gsub(LOCKFILE_ENDING, "")
41
- end
39
+ content = content.gsub(LOCKFILE_ENDING, "") if filename == "Gemfile.lock"
42
40
  {
43
41
  name: filename,
44
42
  content: content
data/helpers/v2/build CHANGED
@@ -18,7 +18,7 @@ cp -r \
18
18
 
19
19
  cd "$install_dir"
20
20
 
21
- # NOTE: Sets `BUNDLED WITH` to match the installed v1 version in Gemfile.lock
21
+ # NOTE: Sets `BUNDLED WITH` to match the installed v2 version in Gemfile.lock
22
22
  # forcing specs and native helpers to run with the same version
23
23
  BUNDLER_VERSION=2 bundle config set --local path ".bundle"
24
24
  BUNDLER_VERSION=2 bundle config set --local without "test"
data/helpers/v2/lib/functions.rb CHANGED
@@ -128,8 +128,6 @@ module Functions
128
128
  ).conflicting_dependencies
129
129
  end
130
130
 
131
- private
132
-
133
131
  def self.set_bundler_flags_and_credentials(dir:, credentials:)
134
132
  dir = dir ? Pathname.new(dir) : dir
135
133
  Bundler.instance_variable_set(:@root, dir)
data/helpers/v2/lib/functions/dependency_source.rb CHANGED
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module Functions
2
4
  class DependencySource
3
5
  attr_reader :gemfile_name, :dependency_name
@@ -66,7 +68,7 @@ module Functions
66
68
  return @specified_source if defined? @specified_source
67
69
 
68
70
  @specified_source = definition.dependencies.
69
- find { |dep| dep.name == dependency_name }&.source
71
+ find { |dep| dep.name == dependency_name }&.source
70
72
  end
71
73
 
72
74
  def default_source
data/helpers/v2/lib/functions/file_parser.rb CHANGED
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module Functions
2
4
  class FileParser
3
5
  def initialize(lockfile_name:)
@@ -39,7 +41,7 @@ module Functions
39
41
  end
40
42
 
41
43
  def source_from_lockfile(dependency_name)
42
- parsed_lockfile&.specs.find { |s| s.name == dependency_name }&.source
44
+ parsed_lockfile&.specs&.find { |s| s.name == dependency_name }&.source
43
45
  end
44
46
 
45
47
  def source_for(dependency)
@@ -54,12 +56,8 @@ module Functions
54
56
  return nil if default_rubygems?(source)
55
57
 
56
58
  details = { type: source.class.name.split("::").last.downcase }
57
- if source.is_a?(Bundler::Source::Git)
58
- details.merge!(git_source_details(source))
59
- end
60
- if source.is_a?(Bundler::Source::Rubygems)
61
- details[:url] = source.remotes.first.to_s
62
- end
59
+ details.merge!(git_source_details(source)) if source.is_a?(Bundler::Source::Git)
60
+ details[:url] = source.remotes.first.to_s if source.is_a?(Bundler::Source::Rubygems)
63
61
  details
64
62
  end
65
63
 
data/helpers/v2/lib/functions/force_updater.rb CHANGED
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module Functions
2
4
  class ForceUpdater
3
5
  class TransitiveDependencyError < StandardError; end
data/helpers/v2/lib/functions/lockfile_updater.rb CHANGED
@@ -9,6 +9,7 @@ module Functions
9
9
  not\sfind\s(?<name>[^\s]+)-\d|
10
10
  has\s(?<name>[^\s]+)\slocked\sat
11
11
  /x.freeze
12
+ DEPENDENCY_DROPPED = "_dependency_dropped_"
12
13
 
13
14
  def initialize(gemfile_name:, lockfile_name:, dependencies:)
14
15
  @gemfile_name = gemfile_name
@@ -24,7 +25,7 @@ module Functions
24
25
 
25
26
  attr_reader :gemfile_name, :lockfile_name, :dependencies
26
27
 
27
- def generate_lockfile
28
+ def generate_lockfile # rubocop:disable Metrics/PerceivedComplexity
28
29
  dependencies_to_unlock = dependencies.map { |d| d.fetch("name") }
29
30
 
30
31
  begin
@@ -36,7 +37,7 @@ module Functions
36
37
 
37
38
  old_reqs.each do |dep_name, old_req|
38
39
  d_dep = definition.dependencies.find { |d| d.name == dep_name }
39
- if old_req == :none then definition.dependencies.delete(d_dep)
40
+ if old_req.to_s == DEPENDENCY_DROPPED then definition.dependencies.delete(d_dep)
40
41
  else
41
42
  d_dep.instance_variable_set(:@requirement, old_req)
42
43
  end
@@ -200,7 +201,7 @@ module Functions
200
201
  if defn_dep.nil?
201
202
  definition.dependencies <<
202
203
  Bundler::Dependency.new(dep.fetch("name"), dep.fetch("version"))
203
- old_reqs[dep.fetch("name")] = :none
204
+ old_reqs[dep.fetch("name")] = DEPENDENCY_DROPPED
204
205
  elsif git_dependency?(dep) &&
205
206
  defn_dep.source.is_a?(Bundler::Source::Git)
206
207
  defn_dep.source.unlock!
data/helpers/v2/lib/functions/version_resolver.rb CHANGED
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module Functions
2
4
  class VersionResolver
3
5
  GEM_NOT_FOUND_ERROR_REGEX = /locked to (?<name>[^\s]+) \(/.freeze
@@ -20,9 +22,7 @@ module Functions
20
22
  # included in a gemspec, it's because the Gemfile didn't import
21
23
  # the gemspec. This is unusual, but the correct behaviour if/when
22
24
  # it happens is to behave as if the repo was gemspec-only.
23
- if dep.nil? && dependency_requirements.any?
24
- return "latest"
25
- end
25
+ return "latest" if dep.nil? && dependency_requirements.any?
26
26
 
27
27
  # Otherwise, if the dependency wasn't found it's because it is a
28
28
  # subdependency that was removed when attempting to update it.
@@ -38,9 +38,7 @@ module Functions
38
38
  ruby_version: ruby_version,
39
39
  fetcher: fetcher_class(dep)
40
40
  }
41
- if dep.source.instance_of?(::Bundler::Source::Git)
42
- details[:commit_sha] = dep.source.revision
43
- end
41
+ details[:commit_sha] = dep.source.revision if dep.source.instance_of?(::Bundler::Source::Git)
44
42
  details
45
43
  end
46
44
 
@@ -92,7 +90,7 @@ module Functions
92
90
  end
93
91
 
94
92
  def build_definition(dependencies_to_unlock)
95
- # Note: we lock shared dependencies to avoid any top-level
93
+ # NOTE: we lock shared dependencies to avoid any top-level
96
94
  # dependencies getting unlocked (which would happen if they were
97
95
  # also subdependencies of the dependency being unlocked)
98
96
  ::Bundler::Definition.build(
data/helpers/v2/monkey_patches/git_source_patch.rb CHANGED
@@ -40,9 +40,7 @@ module Bundler
40
40
  $LOAD_PATH.shift until $LOAD_PATH.empty?
41
41
  reduced_load_paths.each { |p| $LOAD_PATH << p }
42
42
 
43
- if destination.relative?
44
- destination = destination.expand_path(Bundler.root)
45
- end
43
+ destination = destination.expand_path(Bundler.root) if destination.relative?
46
44
  Dir["#{destination}/#{@glob}"].each do |spec_path|
47
45
  # Evaluate gemspecs and cache the result. Gemspecs
48
46
  # in git might require git or other dependencies.
data/helpers/v2/run.rb CHANGED
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require "bundler"
2
4
  require "json"
3
5
 
@@ -36,9 +38,9 @@ begin
36
38
  args = request["args"].transform_keys(&:to_sym)
37
39
 
38
40
  output({ result: Functions.send(function, **args) })
39
- rescue => error
41
+ rescue StandardError => e
40
42
  output(
41
- { error: error.message, error_class: error.class, trace: error.backtrace }
43
+ { error: e.message, error_class: e.class, trace: e.backtrace }
42
44
  )
43
45
  exit(1)
44
46
  end
data/helpers/v2/spec/functions/dependency_source_spec.rb CHANGED
@@ -40,10 +40,10 @@ RSpec.describe Functions::DependencySource do
40
40
 
41
41
  it "returns all versions from the private source" do
42
42
  is_expected.to eq([
43
- Gem::Version.new("1.5.0"),
44
- Gem::Version.new("1.9.0"),
45
- Gem::Version.new("1.10.0.beta")
46
- ])
43
+ Gem::Version.new("1.5.0"),
44
+ Gem::Version.new("1.9.0"),
45
+ Gem::Version.new("1.10.0.beta")
46
+ ])
47
47
  end
48
48
 
49
49
  context "specified as the default source" do
@@ -51,10 +51,10 @@ RSpec.describe Functions::DependencySource do
51
51
 
52
52
  it "returns all versions from the private source" do
53
53
  is_expected.to eq([
54
- Gem::Version.new("1.5.0"),
55
- Gem::Version.new("1.9.0"),
56
- Gem::Version.new("1.10.0.beta")
57
- ])
54
+ Gem::Version.new("1.5.0"),
55
+ Gem::Version.new("1.9.0"),
56
+ Gem::Version.new("1.10.0.beta")
57
+ ])
58
58
  end
59
59
  end
60
60
 
data/helpers/v2/spec/functions/file_parser_spec.rb CHANGED
@@ -54,7 +54,7 @@ RSpec.describe Functions::FileParser do
54
54
  branch: "master",
55
55
  ref: "a1b78a9",
56
56
  type: "git",
57
- url: "git@github.com:gocardless/business"
57
+ url: "git@github.com:dependabot-fixtures/business"
58
58
  },
59
59
  type: :runtime
60
60
  },
@@ -68,36 +68,36 @@ RSpec.describe Functions::FileParser do
68
68
  {
69
69
  groups: [:default],
70
70
  name: "prius",
71
- requirement: Gem::Requirement.new(">= 0"),
71
+ requirement: Gem::Requirement.new(">= 0"),
72
72
  source: {
73
73
  branch: "master",
74
74
  ref: "master",
75
75
  type: "git",
76
- url: "https://github.com/gocardless/prius"
76
+ url: "https://github.com/dependabot-fixtures/prius"
77
77
  },
78
78
  type: :runtime
79
79
  },
80
80
  {
81
81
  groups: [:default],
82
82
  name: "que",
83
- requirement: Gem::Requirement.new(">= 0"),
83
+ requirement: Gem::Requirement.new(">= 0"),
84
84
  source: {
85
85
  branch: "master",
86
86
  ref: "v0.11.6",
87
87
  type: "git",
88
- url: "git@github.com:chanks/que"
88
+ url: "git@github.com:dependabot-fixtures/que"
89
89
  },
90
90
  type: :runtime
91
91
  },
92
92
  {
93
93
  groups: [:default],
94
94
  name: "uk_phone_numbers",
95
- requirement: Gem::Requirement.new(">= 0"),
95
+ requirement: Gem::Requirement.new(">= 0"),
96
96
  source: {
97
97
  branch: "master",
98
98
  ref: "master",
99
99
  type: "git",
100
- url: "http://github.com/gocardless/uk_phone_numbers"
100
+ url: "http://github.com/dependabot-fixtures/uk_phone_numbers"
101
101
  },
102
102
  type: :runtime
103
103
  }
data/helpers/v2/spec/functions_spec.rb CHANGED
@@ -14,7 +14,7 @@ RSpec.describe Functions do
14
14
  jfrog_source = Functions.jfrog_source(
15
15
  dir: tmp_path,
16
16
  gemfile_name: "Gemfile",
17
- credentials: {},
17
+ credentials: {}
18
18
  )
19
19
 
20
20
  expect(jfrog_source).to eq("test.jfrog.io")
data/helpers/v2/spec/native_spec_helper.rb CHANGED
@@ -26,8 +26,7 @@ end
26
26
  LOCKFILE_ENDING = /(?<ending>\s*(?:RUBY VERSION|BUNDLED WITH).*)/m.freeze
27
27
 
28
28
  def project_dependency_files(project)
29
- # TODO: Retrieve files from bundler2 folder once it is fully up to date
30
- project_path = File.expand_path(File.join("../../spec/fixtures/projects/bundler1", project))
29
+ project_path = File.expand_path(File.join("../../spec/fixtures/projects/bundler2", project))
31
30
 
32
31
  raise "Fixture does not exist for project: '#{project}'" unless Dir.exist?(project_path)
33
32
 
@@ -37,9 +36,7 @@ def project_dependency_files(project)
37
36
  files = files.select { |f| File.file?(f) }
38
37
  files.map do |filename|
39
38
  content = File.read(filename)
40
- if filename == "Gemfile.lock"
41
- content = content.gsub(LOCKFILE_ENDING, "")
42
- end
39
+ content = content.gsub(LOCKFILE_ENDING, "") if filename == "Gemfile.lock"
43
40
  {
44
41
  name: filename,
45
42
  content: content
data/lib/dependabot/bundler/native_helpers.rb CHANGED
@@ -17,7 +17,6 @@ module Dependabot
17
17
  # Bundler will pick the matching installed major version
18
18
  "BUNDLER_VERSION" => bundler_version,
19
19
  "BUNDLE_GEMFILE" => File.join(versioned_helper_path(bundler_version: bundler_version), "Gemfile"),
20
- "BUNDLE_PATH" => File.join(versioned_helper_path(bundler_version: bundler_version), ".bundle"),
21
20
  # Prevent the GEM_HOME from being set to a folder owned by root
22
21
  "GEM_HOME" => File.join(versioned_helper_path(bundler_version: bundler_version), ".bundle")
23
22
  }
@@ -36,7 +35,7 @@ module Dependabot
36
35
  end
37
36
 
38
37
  def self.helper_path(bundler_version:)
39
- "ruby #{File.join(versioned_helper_path(bundler_version: bundler_version), 'run.rb')}"
38
+ "bundle exec ruby #{File.join(versioned_helper_path(bundler_version: bundler_version), 'run.rb')}"
40
39
  end
41
40
 
42
41
  def self.native_helpers_root
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-bundler
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.153.0
4
+ version: 0.154.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-06-14 00:00:00.000000000 Z
11
+ date: 2021-06-15 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.153.0
19
+ version: 0.154.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.153.0
26
+ version: 0.154.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement