dependabot-bundler 0.95.31 → 0.95.32
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/bundler/update_checker.rb +41 -21
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f459c79156c7d24d98b87e7c1663a080f987c6564e184f8ad6f7e313549f6faa
|
4
|
+
data.tar.gz: 4832ec5266b4b7aa2c3f85e90dcee0adea65d2d0ef160b32fbdbef576f244c61
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e751f19d519f106cdcde538ea8d1c9b75da9ad87f19eb260964ceef40bd4d374c6b0ca103d54eb8d2452cbacc746a5c61d0998b8f9247f0af2cfcb019394fce0
|
7
|
+
data.tar.gz: 0c1b4e9782feb2a1b9296562cacf9cd78aa6fac2d3f911335ae854d62cd4b38bf9a761276ed17c97713893006175b8ceff301c7420546e44f2de8c98ef35d43a
|
@@ -32,10 +32,8 @@ module Dependabot
|
|
32
32
|
return current_ver if git_dependency? && git_commit_checker.pinned?
|
33
33
|
|
34
34
|
@latest_resolvable_version_detail_with_no_unlock ||=
|
35
|
-
version_resolver(
|
36
|
-
|
37
|
-
unlock_requirement: false
|
38
|
-
).latest_resolvable_version_details
|
35
|
+
version_resolver(remove_git_source: false, unlock_requirement: false).
|
36
|
+
latest_resolvable_version_details
|
39
37
|
|
40
38
|
if git_dependency?
|
41
39
|
@latest_resolvable_version_detail_with_no_unlock&.fetch(:commit_sha)
|
@@ -45,14 +43,29 @@ module Dependabot
|
|
45
43
|
end
|
46
44
|
|
47
45
|
def updated_requirements
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
46
|
+
if updated_source&.fetch(:ref, nil) &&
|
47
|
+
updated_source.fetch(:ref) != dependency_source_details.fetch(:ref)
|
48
|
+
updated_version =
|
49
|
+
latest_resolvable_version_details_with_updated_git_source&.
|
50
|
+
fetch(:version)&.
|
51
|
+
to_s
|
52
|
+
RequirementsUpdater.new(
|
53
|
+
requirements: dependency.requirements,
|
54
|
+
update_strategy: requirements_update_strategy,
|
55
|
+
updated_source: updated_source,
|
56
|
+
latest_version: updated_version,
|
57
|
+
latest_resolvable_version: updated_version
|
58
|
+
).updated_requirements
|
59
|
+
else
|
60
|
+
RequirementsUpdater.new(
|
61
|
+
requirements: dependency.requirements,
|
62
|
+
update_strategy: requirements_update_strategy,
|
63
|
+
updated_source: updated_source,
|
64
|
+
latest_version: latest_version_details&.fetch(:version)&.to_s,
|
65
|
+
latest_resolvable_version:
|
66
|
+
latest_resolvable_version_details&.fetch(:version)&.to_s
|
67
|
+
).updated_requirements
|
68
|
+
end
|
56
69
|
end
|
57
70
|
|
58
71
|
def requirements_unlocked_or_can_be?
|
@@ -207,15 +220,7 @@ module Dependabot
|
|
207
220
|
|
208
221
|
return false if git_commit_checker.local_tag_for_latest_version.nil?
|
209
222
|
|
210
|
-
|
211
|
-
|
212
|
-
VersionResolver.new(
|
213
|
-
dependency: dependency,
|
214
|
-
unprepared_dependency_files: dependency_files,
|
215
|
-
credentials: credentials,
|
216
|
-
ignored_versions: ignored_versions,
|
217
|
-
replacement_git_pin: replacement_tag.fetch(:tag)
|
218
|
-
).latest_resolvable_version_details
|
223
|
+
latest_resolvable_version_details_with_updated_git_source
|
219
224
|
|
220
225
|
@git_tag_resolvable = true
|
221
226
|
rescue Dependabot::DependencyFileNotResolvable
|
@@ -281,6 +286,21 @@ module Dependabot
|
|
281
286
|
)
|
282
287
|
end
|
283
288
|
|
289
|
+
def latest_resolvable_version_details_with_updated_git_source
|
290
|
+
@latest_resolvable_version_details_with_updated_git_source ||=
|
291
|
+
begin
|
292
|
+
replacement_tag = git_commit_checker.local_tag_for_latest_version
|
293
|
+
|
294
|
+
VersionResolver.new(
|
295
|
+
dependency: dependency,
|
296
|
+
unprepared_dependency_files: dependency_files,
|
297
|
+
credentials: credentials,
|
298
|
+
ignored_versions: ignored_versions,
|
299
|
+
replacement_git_pin: replacement_tag.fetch(:tag)
|
300
|
+
).latest_resolvable_version_details
|
301
|
+
end
|
302
|
+
end
|
303
|
+
|
284
304
|
def version_resolver(remove_git_source:, unlock_requirement: true)
|
285
305
|
@version_resolver ||= {}
|
286
306
|
@version_resolver[remove_git_source] ||= {}
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-bundler
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.95.
|
4
|
+
version: 0.95.32
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.95.
|
19
|
+
version: 0.95.32
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.95.
|
26
|
+
version: 0.95.32
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: byebug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|