RubyGems - dependabot-bundler - Versions diffs - 0.254.0 → 0.255.0 - Mend

dependabot-bundler 0.254.0 → 0.255.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

checksums.yaml +4 -4
data/helpers/spec_helpers/gem_net_http_adapter.rb +239 -0
data/helpers/v1/build +2 -1
data/helpers/v1/monkey_patches/definition_ruby_version_patch.rb +1 -1
data/helpers/v1/monkey_patches/git_source_patch.rb +1 -1
data/helpers/v1/monkey_patches/object_untaint_patch.rb +17 -0
data/helpers/v1/patched_bundler +34 -0
data/helpers/v1/run.rb +1 -0
data/helpers/v1/spec/native_spec_helper.rb +3 -0
data/helpers/v2/monkey_patches/definition_ruby_version_patch.rb +1 -1
data/helpers/v2/monkey_patches/git_source_patch.rb +1 -1
data/helpers/v2/spec/native_spec_helper.rb +3 -0
metadata +23 -6

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cc5a16c08592e9c9fa5d20dbca8c0fcd139d2f59c5ae232ba96b68d2bf3131b1
-  data.tar.gz: 4b201b8e911ddf12fd8024a41cf41028ca91547f95ecb59675c2fc07f5d9feb9
+  metadata.gz: a5ed4679981b1dfbe38f4e9f52c81a010f53d6fde18b8cacaf7ce2df5d5d2903
+  data.tar.gz: 0f8dda3c38efa64636e65130a8a51b5e2cbd388ddf1261df69447c5f76b2f073
 SHA512:
-  metadata.gz: 1d7ee9a2b8de58ee7ff673e644cc8610e62685a510cc21070709fd24210065b4d1c5e0ee44cfe86cba6e1a70cde25b540cacdfd0a66db7ad4a60a5ddf82cecda
-  data.tar.gz: 1145d137c82464825be919d16fb9c18bf88cab1b521506ea97c2e9ee547e783a2ee8b210d7124d91fbf31d01cea2622ff8d42c21d9a704deff498c44df98765c
+  metadata.gz: 5bfded8fc81c2d7cdafdbbfe94f945e2cfe715ea0a7081bb44f9a4390a9f89f75e740d5faea1ca917f7f006675e77d544b3dd796bf6fa9d13254a86be171cff9
+  data.tar.gz: 28db82c001cb2ece09d732cc5460301d4ed59ff4455fbc0a1ca10129d17c021ce4a560222d00706dba08d45fa442b81c694147f9fca0276a54fb73a421856cdb

data/helpers/spec_helpers/gem_net_http_adapter.rb ADDED Viewed

@@ -0,0 +1,239 @@
+# typed: false
+# frozen_string_literal: true
+require "rubygems/vendored_net_http"
+module WebMock
+  module HttpLibAdapters
+    class GemNetHttpAdapter < HttpLibAdapter
+      adapter_for :gem_net_http
+      OriginalGemNetHTTP = ::Gem::Net::HTTP unless const_defined?(:OriginalGemNetHTTP)
+      def self.enable!
+        ::Gem::Net.send(:remove_const, :HTTP)
+        ::Gem::Net.send(:remove_const, :HTTPSession)
+        ::Gem::Net.send(:const_set, :HTTP, @webMockNetHTTP)
+        ::Gem::Net.send(:const_set, :HTTPSession, @webMockNetHTTP)
+      end
+      def self.disable!
+        ::Gem::Net.send(:remove_const, :HTTP)
+        ::Gem::Net.send(:remove_const, :HTTPSession)
+        ::Gem::Net.send(:const_set, :HTTP, OriginalGemNetHTTP)
+        ::Gem::Net.send(:const_set, :HTTPSession, OriginalGemNetHTTP)
+        # copy all constants from @webMockNetHTTP to original Net::HTTP
+        # in case any constants were added to @webMockNetHTTP instead of Net::HTTP
+        # after WebMock was enabled.
+        # i.e Net::HTTP::DigestAuth
+        @webMockNetHTTP.constants.each do |constant|
+          unless OriginalGemNetHTTP.constants.map(&:to_s).include?(constant.to_s)
+            OriginalGemNetHTTP.send(:const_set, constant, @webMockNetHTTP.const_get(constant))
+          end
+        end
+      end
+      @webMockNetHTTP = Class.new(::Gem::Net::HTTP) do
+        class << self
+          def socket_type
+            StubSocket
+          end
+          if Module.method(:const_defined?).arity == 1
+            def const_defined?(name)
+              super || superclass.const_defined?(name)
+            end
+          else
+            def const_defined?(name, inherit = true)
+              super || superclass.const_defined?(name, inherit)
+            end
+          end
+          if Module.method(:const_get).arity != 1
+            def const_get(name, inherit = true)
+              super
+            rescue NameError
+              superclass.const_get(name, inherit)
+            end
+          end
+          if Module.method(:constants).arity != 0
+            def constants(inherit = true)
+              (super + superclass.constants(inherit)).uniq
+            end
+          end
+        end
+        def request(request, body = nil, &block)
+          request_signature = WebMock::NetHTTPUtility.request_signature_from_request(self, request, body)
+          WebMock::RequestRegistry.instance.requested_signatures.put(request_signature)
+          if webmock_response = WebMock::StubRegistry.instance.response_for_request(request_signature)
+            @socket = ::Gem::Net::HTTP.socket_type.new
+            WebMock::CallbackRegistry.invoke_callbacks(
+              { lib: :net_http }, request_signature, webmock_response
+            )
+            build_net_http_response(webmock_response, request.uri, &block)
+          elsif WebMock.net_connect_allowed?(request_signature.uri)
+            check_right_http_connection
+            after_request = lambda do |response|
+              if WebMock::CallbackRegistry.any_callbacks?
+                webmock_response = build_webmock_response(response)
+                WebMock::CallbackRegistry.invoke_callbacks(
+                  { lib: :net_http, real_request: true }, request_signature, webmock_response
+                )
+              end
+              response.extend Net::WebMockHTTPResponse
+              yield response if block
+              response
+            end
+            super_with_after_request = lambda {
+              response = super(request, nil, &nil)
+              after_request.call(response)
+            }
+            if started?
+              ensure_actual_connection
+              super_with_after_request.call
+            else
+              start_with_connect do
+                super_with_after_request.call
+              end
+            end
+          else
+            raise WebMock::NetConnectNotAllowedError.new(request_signature)
+          end
+        end
+        def start_without_connect
+          raise IOError, "HTTP session already opened" if @started
+          if block_given?
+            begin
+              @socket = ::Gem::Net::HTTP.socket_type.new
+              @started = true
+              return yield(self)
+            ensure
+              do_finish
+            end
+          end
+          @socket = ::Gem::Net::HTTP.socket_type.new
+          @started = true
+          self
+        end
+        def ensure_actual_connection
+          return unless @socket.is_a?(StubSocket)
+          @socket&.close
+          @socket = nil
+          do_start
+        end
+        alias_method :start_with_connect, :start
+        def start(&block)
+          uri = Addressable::URI.parse(WebMock::NetHTTPUtility.get_uri(self))
+          if WebMock.net_http_connect_on_start?(uri)
+            super(&block)
+          else
+            start_without_connect(&block)
+          end
+        end
+        def build_net_http_response(webmock_response, request_uri)
+          response = ::Gem::Net::HTTPResponse.send(:response_class, webmock_response.status[0].to_s).new("1.0",
+                                                                                                         webmock_response.status[0].to_s, webmock_response.status[1])
+          body = webmock_response.body
+          body = nil if webmock_response.status[0].to_s == "204"
+          response.instance_variable_set(:@body, body)
+          webmock_response.headers.to_a.each do |name, values|
+            values = [values] unless values.is_a?(Array)
+            values.each do |value|
+              response.add_field(name, value)
+            end
+          end
+          response.instance_variable_set(:@read, true)
+          response.uri = request_uri
+          response.extend Net::WebMockHTTPResponse
+          raise Net::OpenTimeout, "execution expired" if webmock_response.should_timeout
+          webmock_response.raise_error_if_any
+          yield response if block_given?
+          response
+        end
+        def build_webmock_response(net_http_response)
+          webmock_response = WebMock::Response.new
+          webmock_response.status = [
+            net_http_response.code.to_i,
+            net_http_response.message
+          ]
+          webmock_response.headers = net_http_response.to_hash
+          webmock_response.body = net_http_response.body
+          webmock_response
+        end
+        def check_right_http_connection
+          return if @@alredy_checked_for_right_http_connection ||= false
+          WebMock::NetHTTPUtility.puts_warning_for_right_http_if_needed
+          @@alredy_checked_for_right_http_connection = true
+        end
+      end
+      @webMockNetHTTP.version_1_2
+      [
+        [:Get, ::Gem::Net::HTTP::Get],
+        [:Post, ::Gem::Net::HTTP::Post],
+        [:Put, ::Gem::Net::HTTP::Put],
+        [:Delete, ::Gem::Net::HTTP::Delete],
+        [:Head, ::Gem::Net::HTTP::Head],
+        [:Options, ::Gem::Net::HTTP::Options]
+      ].each do |c|
+        @webMockNetHTTP.const_set(c[0], c[1])
+      end
+    end
+  end
+  class StubSocket # :nodoc:
+    attr_accessor :read_timeout
+    attr_accessor :continue_timeout
+    attr_accessor :write_timeout
+    def initialize(*_args)
+      @closed = false
+    end
+    def closed?
+      @closed
+    end
+    def close
+      @closed = true
+      nil
+    end
+    def readuntil(*args); end
+    def io
+      @io ||= StubIO.new
+    end
+    class StubIO
+      def setsockopt(*args); end
+      def peer_cert; end
+      def peeraddr = ["AF_INET", 443, "127.0.0.1", "127.0.0.1"]
+      def ssl_version = "TLSv1.3"
+      def cipher = ["TLS_AES_128_GCM_SHA256", "TLSv1.3", 128, 128]
+    end
+  end
+end

data/helpers/v1/build CHANGED Viewed

@@ -14,6 +14,7 @@ else
     "$helpers_dir/lib" \
     "$helpers_dir/monkey_patches" \
     "$helpers_dir/run.rb" \
+    "$helpers_dir/patched_bundler" \
     "$install_dir"
 fi
@@ -24,5 +25,5 @@ export GEM_HOME=$install_dir/.bundle
 gem install bundler -v 1.17.3 --no-document
 if [ -z "$DEPENDABOT_NATIVE_HELPERS_PATH" ]; then
-  BUNDLER_VERSION=1.17.3 bundle install
+  BUNDLER_VERSION=1.17.3 ./patched_bundler install
 fi

data/helpers/v1/monkey_patches/definition_ruby_version_patch.rb CHANGED Viewed

@@ -12,7 +12,7 @@ module BundlerDefinitionRubyVersionPatch
           Gem::Specification.new("ruby\0", requested_version)
       end
-      %w(2.5.3p105 2.6.10p210 2.7.6p219 3.0.4p208).each do |version|
+      %w(2.5.3p105 2.6.10p210 2.7.6p219 3.0.7p220 3.1.5p252 3.2.4p170).each do |version|
         sources.metadata_source.specs << Gem::Specification.new("ruby\0", version)
       end
     end

data/helpers/v1/monkey_patches/git_source_patch.rb CHANGED Viewed

@@ -15,7 +15,7 @@ module Bundler
         def configured_uri_for(uri)
           uri = uri.gsub(%r{git@(.*?):/?}, 'https://\1/')
           if uri.match?(/https?:/)
-            remote = URI(uri)
+            remote = ::URI.parse(uri)
             config_auth =
               Bundler.settings[remote.to_s] || Bundler.settings[remote.host]
             remote.userinfo ||= config_auth

data/helpers/v1/monkey_patches/object_untaint_patch.rb ADDED Viewed

@@ -0,0 +1,17 @@
+# typed: false
+# frozen_string_literal: true
+# Bundler v1 uses the `untaint` method on objects in `Bundler::SharedHelpers`.
+# This method has been deprecated for a long time, and is actually a no-op in
+# ruby versions 2.7+. In Ruby 3.3 it was finally removed, and it's now causing
+# bundler v1 to error.
+#
+# In order to keep the old behavior, we're monkey patching `Object` to add a
+# no-op implementation of untaint.
+module ObjectUntaintPatch
+  def untaint
+    self
+  end
+end
+Object.prepend(ObjectUntaintPatch)

data/helpers/v1/patched_bundler ADDED Viewed

@@ -0,0 +1,34 @@
+#!/usr/local/bin/ruby
+#
+# This file was generated by RubyGems.
+# It was then patched by Dependabot to add `Object#untaint` back
+# in order to run bundler 1.17.3 using Ruby 3.3+.
+#
+# The application 'bundler' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+$LOAD_PATH.unshift(File.expand_path("./monkey_patches", __dir__))
+require "object_untaint_patch"
+require 'rubygems'
+version = ">= 0.a"
+str = ARGV.first
+if str
+  str = str.b[/\A_(.*)_\z/, 1]
+  if str and Gem::Version.correct?(str)
+    version = str
+    ENV['BUNDLER_VERSION'] = str
+    ARGV.shift
+  end
+end
+if Gem.respond_to?(:activate_bin_path)
+load Gem.activate_bin_path('bundler', 'bundle', version)
+else
+gem "bundler", version
+load Gem.bin_path("bundler", "bundle", version)
+end

data/helpers/v1/run.rb CHANGED Viewed

@@ -19,6 +19,7 @@ require "definition_bundler_version_patch"
 require "fileutils_keyword_splat_patch"
 require "git_source_patch"
 require "resolver_spec_group_sane_eql"
+require "object_untaint_patch"
 require "functions"

data/helpers/v1/spec/native_spec_helper.rb CHANGED Viewed

@@ -7,6 +7,7 @@ require "tmpdir"
 $LOAD_PATH.unshift(File.expand_path("../lib", __dir__))
 $LOAD_PATH.unshift(File.expand_path("../monkey_patches", __dir__))
+$LOAD_PATH.unshift(File.expand_path("../../spec_helpers", __dir__))
 # Bundler monkey patches
 require "definition_ruby_version_patch"
@@ -17,6 +18,8 @@ require "resolver_spec_group_sane_eql"
 require "functions"
+require "gem_net_http_adapter"
 RSpec.configure do |config|
   config.color = true
   config.order = :rand

data/helpers/v2/monkey_patches/definition_ruby_version_patch.rb CHANGED Viewed

@@ -26,7 +26,7 @@ module BundlerDefinitionRubyVersionPatch
         Gem::Specification.new("Ruby\0", requested_version)
     end
-    %w(2.5.3 2.6.10 2.7.7 3.0.5 3.2.1).each do |version|
+    %w(2.5.3 2.6.10 2.7.8 3.0.7 3.1.5 3.2.4).each do |version|
       sources.metadata_source.specs << Gem::Specification.new("Ruby\0", version)
     end

data/helpers/v2/monkey_patches/git_source_patch.rb CHANGED Viewed

@@ -19,7 +19,7 @@ module Bundler
         def configured_uri_for(uri)
           uri = uri.gsub(%r{git@(.*?):/?}, 'https://\1/')
           if /https?:/.match?(uri)
-            remote = Bundler::URI(uri)
+            remote = ::URI.parse(uri)
             config_auth = Bundler.settings[remote.to_s] || Bundler.settings[remote.host]
             remote.userinfo ||= config_auth
             remote.to_s

data/helpers/v2/spec/native_spec_helper.rb CHANGED Viewed

@@ -7,6 +7,7 @@ require "debug"
 $LOAD_PATH.unshift(File.expand_path("../lib", __dir__))
 $LOAD_PATH.unshift(File.expand_path("../monkey_patches", __dir__))
+$LOAD_PATH.unshift(File.expand_path("../../spec_helpers", __dir__))
 # Bundler monkey patches
 require "definition_ruby_version_patch"
@@ -15,6 +16,8 @@ require "git_source_patch"
 require "functions"
+require "gem_net_http_adapter"
 RSpec.configure do |config|
   config.color = true
   config.order = :rand

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-bundler
 version: !ruby/object:Gem::Version
-  version: 0.254.0
+  version: 0.255.0
 platform: ruby
 authors:
 - Dependabot
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-04-24 00:00:00.000000000 Z
+date: 2024-05-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.254.0
+        version: 0.255.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.254.0
+        version: 0.255.0
 - !ruby/object:Gem::Dependency
   name: parallel
   requirement: !ruby/object:Gem::Requirement
@@ -178,6 +178,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 0.8.1
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.22.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.22.0
 - !ruby/object:Gem::Dependency
   name: turbo_tests
   requirement: !ruby/object:Gem::Requirement
@@ -242,6 +256,7 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- helpers/spec_helpers/gem_net_http_adapter.rb
 - helpers/v1/.gitignore
 - helpers/v1/Gemfile
 - helpers/v1/build
@@ -256,7 +271,9 @@ files:
 - helpers/v1/monkey_patches/definition_ruby_version_patch.rb
 - helpers/v1/monkey_patches/fileutils_keyword_splat_patch.rb
 - helpers/v1/monkey_patches/git_source_patch.rb
+- helpers/v1/monkey_patches/object_untaint_patch.rb
 - helpers/v1/monkey_patches/resolver_spec_group_sane_eql.rb
+- helpers/v1/patched_bundler
 - helpers/v1/run.rb
 - helpers/v1/spec/functions/conflicting_dependency_resolver_spec.rb
 - helpers/v1/spec/functions/dependency_source_spec.rb
@@ -328,7 +345,7 @@ licenses:
 - Nonstandard
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.254.0
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.255.0
 post_install_message:
 rdoc_options: []
 require_paths:
@@ -344,7 +361,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: 3.1.0
 requirements: []
-rubygems_version: 3.3.26
+rubygems_version: 3.5.9
 signing_key:
 specification_version: 4
 summary: Provides Dependabot support for Ruby (bundler)