dependabot-bundler 0.253.0 → 0.254.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/bundler/file_parser/file_preparer.rb +3 -5
- data/lib/dependabot/bundler/metadata_finder.rb +1 -1
- data/lib/dependabot/bundler/update_checker/latest_version_finder/dependency_source.rb +2 -1
- data/lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb +2 -1
- data/lib/dependabot/bundler/update_checker/version_resolver.rb +2 -1
- metadata +15 -15
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: cc5a16c08592e9c9fa5d20dbca8c0fcd139d2f59c5ae232ba96b68d2bf3131b1
|
|
4
|
+
data.tar.gz: 4b201b8e911ddf12fd8024a41cf41028ca91547f95ecb59675c2fc07f5d9feb9
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1d7ee9a2b8de58ee7ff673e644cc8610e62685a510cc21070709fd24210065b4d1c5e0ee44cfe86cba6e1a70cde25b540cacdfd0a66db7ad4a60a5ddf82cecda
|
|
7
|
+
data.tar.gz: 1145d137c82464825be919d16fb9c18bf88cab1b521506ea97c2e9ee547e783a2ee8b210d7124d91fbf31d01cea2622ff8d42c21d9a704deff498c44df98765c
|
|
@@ -14,10 +14,8 @@ module Dependabot
|
|
|
14
14
|
end
|
|
15
15
|
|
|
16
16
|
def prepared_dependency_files
|
|
17
|
-
files =
|
|
18
|
-
|
|
19
|
-
gemspecs.compact.each do |file|
|
|
20
|
-
files << DependencyFile.new(
|
|
17
|
+
files = gemspecs.compact.map do |file|
|
|
18
|
+
DependencyFile.new(
|
|
21
19
|
name: file.name,
|
|
22
20
|
content: sanitize_gemspec_content(file.content),
|
|
23
21
|
directory: file.directory,
|
|
@@ -25,7 +23,7 @@ module Dependabot
|
|
|
25
23
|
)
|
|
26
24
|
end
|
|
27
25
|
|
|
28
|
-
files
|
|
26
|
+
files + [
|
|
29
27
|
gemfile,
|
|
30
28
|
*evaled_gemfiles,
|
|
31
29
|
lockfile,
|
|
@@ -142,7 +142,7 @@ module Dependabot
|
|
|
142
142
|
response =
|
|
143
143
|
Dependabot::RegistryClient.get(
|
|
144
144
|
url: "#{registry_url}api/v1/gems/#{dependency.name}.json",
|
|
145
|
-
headers: registry_auth_headers
|
|
145
|
+
headers: registry_auth_headers.merge({ "Accept-Encoding" => "gzip" })
|
|
146
146
|
)
|
|
147
147
|
return @rubygems_api_response = {} if response.status >= 400
|
|
148
148
|
|
|
@@ -191,7 +191,8 @@ module Dependabot
|
|
|
191
191
|
next false unless uri.scheme&.match?(/https?/o)
|
|
192
192
|
|
|
193
193
|
Dependabot::RegistryClient.get(
|
|
194
|
-
url: uri.to_s
|
|
194
|
+
url: uri.to_s,
|
|
195
|
+
headers: { "Accept-Encoding" => "gzip" }
|
|
195
196
|
).status == 200
|
|
196
197
|
rescue Excon::Error::Socket, Excon::Error::Timeout
|
|
197
198
|
false
|
|
@@ -200,7 +200,8 @@ module Dependabot
|
|
|
200
200
|
return false unless details[:ruby_version]
|
|
201
201
|
|
|
202
202
|
versions = Dependabot::RegistryClient.get(
|
|
203
|
-
url: "https://rubygems.org/api/v1/versions/#{dependency.name}.json"
|
|
203
|
+
url: "https://rubygems.org/api/v1/versions/#{dependency.name}.json",
|
|
204
|
+
headers: { "Accept-Encoding" => "gzip" }
|
|
204
205
|
)
|
|
205
206
|
|
|
206
207
|
# Give the benefit of the doubt if something goes wrong fetching
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-bundler
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.254.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-04-
|
|
11
|
+
date: 2024-04-24 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.254.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.254.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: parallel
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -44,14 +44,14 @@ dependencies:
|
|
|
44
44
|
requirements:
|
|
45
45
|
- - "~>"
|
|
46
46
|
- !ruby/object:Gem::Version
|
|
47
|
-
version: 1.
|
|
47
|
+
version: 1.9.2
|
|
48
48
|
type: :development
|
|
49
49
|
prerelease: false
|
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
|
51
51
|
requirements:
|
|
52
52
|
- - "~>"
|
|
53
53
|
- !ruby/object:Gem::Version
|
|
54
|
-
version: 1.
|
|
54
|
+
version: 1.9.2
|
|
55
55
|
- !ruby/object:Gem::Dependency
|
|
56
56
|
name: gpgme
|
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -128,56 +128,56 @@ dependencies:
|
|
|
128
128
|
requirements:
|
|
129
129
|
- - "~>"
|
|
130
130
|
- !ruby/object:Gem::Version
|
|
131
|
-
version: 1.
|
|
131
|
+
version: 1.63.2
|
|
132
132
|
type: :development
|
|
133
133
|
prerelease: false
|
|
134
134
|
version_requirements: !ruby/object:Gem::Requirement
|
|
135
135
|
requirements:
|
|
136
136
|
- - "~>"
|
|
137
137
|
- !ruby/object:Gem::Version
|
|
138
|
-
version: 1.
|
|
138
|
+
version: 1.63.2
|
|
139
139
|
- !ruby/object:Gem::Dependency
|
|
140
140
|
name: rubocop-performance
|
|
141
141
|
requirement: !ruby/object:Gem::Requirement
|
|
142
142
|
requirements:
|
|
143
143
|
- - "~>"
|
|
144
144
|
- !ruby/object:Gem::Version
|
|
145
|
-
version: 1.
|
|
145
|
+
version: 1.21.0
|
|
146
146
|
type: :development
|
|
147
147
|
prerelease: false
|
|
148
148
|
version_requirements: !ruby/object:Gem::Requirement
|
|
149
149
|
requirements:
|
|
150
150
|
- - "~>"
|
|
151
151
|
- !ruby/object:Gem::Version
|
|
152
|
-
version: 1.
|
|
152
|
+
version: 1.21.0
|
|
153
153
|
- !ruby/object:Gem::Dependency
|
|
154
154
|
name: rubocop-rspec
|
|
155
155
|
requirement: !ruby/object:Gem::Requirement
|
|
156
156
|
requirements:
|
|
157
157
|
- - "~>"
|
|
158
158
|
- !ruby/object:Gem::Version
|
|
159
|
-
version: 2.
|
|
159
|
+
version: 2.29.1
|
|
160
160
|
type: :development
|
|
161
161
|
prerelease: false
|
|
162
162
|
version_requirements: !ruby/object:Gem::Requirement
|
|
163
163
|
requirements:
|
|
164
164
|
- - "~>"
|
|
165
165
|
- !ruby/object:Gem::Version
|
|
166
|
-
version: 2.
|
|
166
|
+
version: 2.29.1
|
|
167
167
|
- !ruby/object:Gem::Dependency
|
|
168
168
|
name: rubocop-sorbet
|
|
169
169
|
requirement: !ruby/object:Gem::Requirement
|
|
170
170
|
requirements:
|
|
171
171
|
- - "~>"
|
|
172
172
|
- !ruby/object:Gem::Version
|
|
173
|
-
version: 0.
|
|
173
|
+
version: 0.8.1
|
|
174
174
|
type: :development
|
|
175
175
|
prerelease: false
|
|
176
176
|
version_requirements: !ruby/object:Gem::Requirement
|
|
177
177
|
requirements:
|
|
178
178
|
- - "~>"
|
|
179
179
|
- !ruby/object:Gem::Version
|
|
180
|
-
version: 0.
|
|
180
|
+
version: 0.8.1
|
|
181
181
|
- !ruby/object:Gem::Dependency
|
|
182
182
|
name: turbo_tests
|
|
183
183
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -328,7 +328,7 @@ licenses:
|
|
|
328
328
|
- Nonstandard
|
|
329
329
|
metadata:
|
|
330
330
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
331
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
331
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.254.0
|
|
332
332
|
post_install_message:
|
|
333
333
|
rdoc_options: []
|
|
334
334
|
require_paths:
|