dependabot-bundler 0.98.44 → 0.98.45
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/bundler/update_checker/version_resolver.rb +11 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9ea45b37a654508715c9632251f6a5283283c4168b89c8ef6ef4673d30947450
|
|
4
|
+
data.tar.gz: f48438372ae41c495375949f181f610d00f298edb2daea37cbcfbc11724c4411
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 5a1668e74f4f7a2af0db4e51e0bbc4467c30c9868c4d2b31e0e6810a48171b9276bf803ab2c00c827343c5f39fa768cbd2628713f74b6291fa8f5c2e07faf839
|
|
7
|
+
data.tar.gz: 6e99b17fb31c263b240b3d17c7f26a896cbff3e5287168e418746c7287ec6e771af4b0533353377e104efc4a449e096f85107af5f9cc18c288822d7422a8192a
|
|
@@ -103,7 +103,7 @@ module Dependabot
|
|
|
103
103
|
end
|
|
104
104
|
end
|
|
105
105
|
rescue Dependabot::DependencyFileNotResolvable => error
|
|
106
|
-
return if
|
|
106
|
+
return if error_due_to_restrictive_upper_bound?(error)
|
|
107
107
|
return if circular_dependency_at_new_version?(error)
|
|
108
108
|
raise unless ruby_lock_error?(error)
|
|
109
109
|
|
|
@@ -119,6 +119,16 @@ module Dependabot
|
|
|
119
119
|
error.message.include?("'#{dependency.name}'")
|
|
120
120
|
end
|
|
121
121
|
|
|
122
|
+
def error_due_to_restrictive_upper_bound?(error)
|
|
123
|
+
# We see this when the dependency doesn't appear in the lockfile and
|
|
124
|
+
# has an overly restricture upper bound that we've added, either due
|
|
125
|
+
# to an ignore condition or us missing that a pre-release is required
|
|
126
|
+
# (as another dependency places a pre-release requirement on the dep)
|
|
127
|
+
return false if dependency.appears_in_lockfile?
|
|
128
|
+
|
|
129
|
+
error.message.include?("#{dependency.name} ")
|
|
130
|
+
end
|
|
131
|
+
|
|
122
132
|
def ruby_lock_error?(error)
|
|
123
133
|
return false unless error.message.include?(" for gem \"ruby\0\"")
|
|
124
134
|
return false if @gemspec_ruby_unlocked
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-bundler
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.98.
|
|
4
|
+
version: 0.98.45
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-03-
|
|
11
|
+
date: 2019-03-28 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.98.
|
|
19
|
+
version: 0.98.45
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.98.
|
|
26
|
+
version: 0.98.45
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|