dependabot-bundler 0.98.72 → 0.98.73
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/bundler/update_checker/force_updater.rb +23 -2
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6c1a4dcd5046c1222343b23c16bfdae7154244ff39594789d7fa5ea1458b57e8
|
4
|
+
data.tar.gz: b4008f0857a88ad092432cdc72265bef37006523c70a9e5c4a2614426adad1d1
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b7d2c90f9888bebb17249a492cb4524c09ffe7c41167bfd0ba8ce01fabeebdd1fd9835471f103b701b5178968ae7a8349c8730f0ed166661de01773a31c04442
|
7
|
+
data.tar.gz: 9c2af0c292c8be3d0ca2cb600b1b30a9c94d07dae312e5ca3deaa174cddfb4350dabfbb8433ac62ea043bef2df682fc2578bacc8be856a9ada12d88bd668bdc3
|
@@ -98,12 +98,18 @@ module Dependabot
|
|
98
98
|
|
99
99
|
def new_dependencies_to_unlock_from(error:, already_unlocked:)
|
100
100
|
potentials_deps =
|
101
|
-
error.
|
101
|
+
relevant_conflicts(error, already_unlocked).
|
102
102
|
flat_map(&:requirement_trees).
|
103
103
|
reject do |tree|
|
104
|
-
|
104
|
+
# If the final requirement wasn't specific, it can't be binding
|
105
|
+
next true if tree.last.requirement == Gem::Requirement.new(">= 0")
|
106
|
+
|
107
|
+
# If the conflict wasn't for the dependency we're updating then
|
108
|
+
# we don't have enough info to reject it
|
105
109
|
next false unless tree.last.name == dependency.name
|
106
110
|
|
111
|
+
# If the final requirement *was* for the dependency we're updating
|
112
|
+
# then we can ignore the tree if it permits the target version
|
107
113
|
tree.last.requirement.satisfied_by?(
|
108
114
|
Gem::Version.new(target_version)
|
109
115
|
)
|
@@ -115,6 +121,21 @@ module Dependabot
|
|
115
121
|
uniq
|
116
122
|
end
|
117
123
|
|
124
|
+
def relevant_conflicts(error, dependencies_being_unlocked)
|
125
|
+
names = [*dependencies_being_unlocked.map(&:name), dependency.name]
|
126
|
+
|
127
|
+
# For a conflict to be relevant to the updates we're making it must be
|
128
|
+
# 1) caused by a new requirement introduced by our unlocking, or
|
129
|
+
# 2) caused by an old requirement that prohibits the update.
|
130
|
+
# Hence, we look at the beginning and end of the requirement trees
|
131
|
+
error.cause.conflicts.values.
|
132
|
+
select do |conflict|
|
133
|
+
conflict.requirement_trees.any? do |t|
|
134
|
+
names.include?(t.last.name) || names.include?(t.first.name)
|
135
|
+
end
|
136
|
+
end
|
137
|
+
end
|
138
|
+
|
118
139
|
def raise_unresolvable_error(error)
|
119
140
|
msg = error.error_class + " with message: " + error.error_message
|
120
141
|
raise Dependabot::DependencyFileNotResolvable, msg
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-bundler
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.98.
|
4
|
+
version: 0.98.73
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.98.
|
19
|
+
version: 0.98.73
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.98.
|
26
|
+
version: 0.98.73
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: byebug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|