dependabot-cargo 0.106.19 → 0.106.20

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/cargo/file_parser.rb +2 -2
  3. data/lib/dependabot/cargo/update_checker/version_resolver.rb +7 -0
  4. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 77897c15f811fffcd4ca4c6a8655d5a4706aa662024374667d9a089ffb804060
4
- data.tar.gz: f5155dfa2741df885c212e7794b7a8f825dd12308653c67fd9f00395a3c1e49d
3
+ metadata.gz: 59c8fa278721ba6c1610974ca81f068d00b98512c87bf23d3b805aee0678bf02
4
+ data.tar.gz: f98ea502526b529b957c489f89fe769219e42cecc442bdce4efa1b4260796ec5
5
5
  SHA512:
6
- metadata.gz: 9cbcc2893922fd1ea280d8770adc599ac87abc0babbe18c7ce17043acf6aaab0341da80159bd10a7cc936d0c0d5c0c9389f0f5635aba9c6db2fdb5fa1a7d540e
7
- data.tar.gz: 68e702ee1bed4ccaf0f9fc9c0355cb984db3fb0984bc29435b8023c01b6b18a3adbe681eb7ebdc3cf7a67cb234d700fa508a5cc1ada943b6fd12ba77d0944126
6
+ metadata.gz: 3ef00901910bb72993b500202922ba444e3e39c9bff8a353117a652770b73d1beb988ae2a4efa1f53740fe2745c5acd0691a4a5f15784e790690312bbb5fc4f2
7
+ data.tar.gz: 9ebe2056943d5fa07e518fabb81740ff448311a6e359afc4f0fdff99b797b643f57bc9ed886224c114d2474b0e435e5d2bac4e3b71d84116177fc2362b68fcb5
data/lib/dependabot/cargo/file_parser.rb CHANGED
@@ -33,9 +33,9 @@ module Dependabot
33
33
  dependencies.reject! { |d| patched_dependencies.include?(d.name) }
34
34
 
35
35
  # TODO: Currently, Dependabot can't handle dependencies that have
36
- # multiple source types. Fix that!
36
+ # multiple sources. Fix that!
37
37
  dependencies.reject do |dep|
38
- dep.requirements.map { |r| r.dig(:source, :type) }.uniq.count > 1
38
+ dep.requirements.map { |r| r.fetch(:source) }.uniq.count > 1
39
39
  end
40
40
  end
41
41
 
data/lib/dependabot/cargo/update_checker/version_resolver.rb CHANGED
@@ -217,6 +217,13 @@ module Dependabot
217
217
  return nil
218
218
  end
219
219
 
220
+ if error.message.include?("all possible versions conflict")
221
+ # This happens when a top-level requirement locks us to an old
222
+ # patch release of a dependency that is a sub-dep of what we're
223
+ # updating. It's (probably) a Cargo bug.
224
+ return nil
225
+ end
226
+
220
227
  raise error
221
228
  end
222
229
  # rubocop:enable Metrics/AbcSize
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-cargo
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.106.19
4
+ version: 0.106.20
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.106.19
19
+ version: 0.106.20
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.106.19
26
+ version: 0.106.20
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement