dependabot-cargo 0.117.8 → 0.118.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/cargo/file_updater/lockfile_updater.rb +2 -0
  3. data/lib/dependabot/cargo/update_checker.rb +1 -0
  4. data/lib/dependabot/cargo/update_checker/latest_version_finder.rb +11 -4
  5. data/lib/dependabot/cargo/update_checker/version_resolver.rb +2 -0
  6. metadata +6 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 43c0053134f3743c27ffff575dfe6598fd17a88006cb095dbb9fc01f13cfdf7c
4
- data.tar.gz: 7321b8e2f2731325133030fa8e1ff99e6d7ac197c57e8504b8d513470f32e0cb
3
+ metadata.gz: a756e18862c9085726a2be98f05aa1961a511d9acedd039b60b2f956ff00b975
4
+ data.tar.gz: f33632428ab0671539c291ba5c50f7db58cb8458409a8619ba03ea610300d015
5
5
  SHA512:
6
- metadata.gz: 2ebe3aae54605c8ef0b7a34977099d3fa0174306ab99d4e15e8de88a41abd2a09bbad6dc14129e20cec42ca8a02fc6d85dfc21cabd2a704c42ca9a2edb88411b
7
- data.tar.gz: 47b576a2ddb5e65f07b8e1218699a03777856329b64e5b89f2d453bd07d1afdc83a8bdd2af24d263c5e271e959419fb50af3864ea4e05f58be4ff69f2bfd074f
6
+ metadata.gz: c63e86d36dc2a68b8a2c25808809dd0f4c3f46261d4d72fb473035bb6bbfb2af1bbe576b2ff6df9ef1339dabe3087717aed92120df6f15fdf4409c7d171c9ee9
7
+ data.tar.gz: 79f65b90a7558b2460a173c722e41726de170f56dddf8440aecaef3e3d66a99635ecb48830cee06f5aff0a27d9d67d7bea001fe69023c6b70e8c1286d259c184
data/lib/dependabot/cargo/file_updater/lockfile_updater.rb CHANGED
@@ -170,6 +170,8 @@ module Dependabot
170
170
 
171
171
  next if virtual_manifest?(file)
172
172
 
173
+ File.write(File.join(dir, "build.rs"), dummy_app_content)
174
+
173
175
  FileUtils.mkdir_p(File.join(dir, "src"))
174
176
  File.write(File.join(dir, "src/lib.rs"), dummy_app_content)
175
177
  File.write(File.join(dir, "src/main.rs"), dummy_app_content)
data/lib/dependabot/cargo/update_checker.rb CHANGED
@@ -109,6 +109,7 @@ module Dependabot
109
109
  dependency_files: dependency_files,
110
110
  credentials: credentials,
111
111
  ignored_versions: ignored_versions,
112
+ raise_on_ignored: raise_on_ignored,
112
113
  security_advisories: security_advisories
113
114
  )
114
115
  end
data/lib/dependabot/cargo/update_checker/latest_version_finder.rb CHANGED
@@ -8,11 +8,13 @@ module Dependabot
8
8
  class UpdateChecker
9
9
  class LatestVersionFinder
10
10
  def initialize(dependency:, dependency_files:, credentials:,
11
- ignored_versions:, security_advisories:)
11
+ ignored_versions:, raise_on_ignored: false,
12
+ security_advisories:)
12
13
  @dependency = dependency
13
14
  @dependency_files = dependency_files
14
15
  @credentials = credentials
15
16
  @ignored_versions = ignored_versions
17
+ @raise_on_ignored = raise_on_ignored
16
18
  @security_advisories = security_advisories
17
19
  end
18
20
 
@@ -39,8 +41,8 @@ module Dependabot
39
41
  def fetch_lowest_security_fix_version
40
42
  versions = available_versions
41
43
  versions = filter_prerelease_versions(versions)
42
- versions = filter_ignored_versions(versions)
43
44
  versions = filter_vulnerable_versions(versions)
45
+ versions = filter_ignored_versions(versions)
44
46
  versions = filter_lower_versions(versions)
45
47
  versions.min
46
48
  end
@@ -52,8 +54,13 @@ module Dependabot
52
54
  end
53
55
 
54
56
  def filter_ignored_versions(versions_array)
55
- versions_array.
56
- reject { |v| ignore_reqs.any? { |r| r.satisfied_by?(v) } }
57
+ filtered = versions_array.
58
+ reject { |v| ignore_reqs.any? { |r| r.satisfied_by?(v) } }
59
+ if @raise_on_ignored && filtered.empty? && versions_array.any?
60
+ raise Dependabot::AllVersionsIgnored
61
+ end
62
+
63
+ filtered
57
64
  end
58
65
 
59
66
  def filter_vulnerable_versions(versions_array)
data/lib/dependabot/cargo/update_checker/version_resolver.rb CHANGED
@@ -337,6 +337,8 @@ module Dependabot
337
337
 
338
338
  next if virtual_manifest?(file)
339
339
 
340
+ File.write(File.join(dir, "build.rs"), dummy_app_content)
341
+
340
342
  FileUtils.mkdir_p(File.join(dir, "src"))
341
343
  File.write(File.join(dir, "src/lib.rs"), dummy_app_content)
342
344
  File.write(File.join(dir, "src/main.rs"), dummy_app_content)
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-cargo
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.117.8
4
+ version: 0.118.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-05-12 00:00:00.000000000 Z
11
+ date: 2020-06-04 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.117.8
19
+ version: 0.118.1
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.117.8
26
+ version: 0.118.1
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -114,14 +114,14 @@ dependencies:
114
114
  requirements:
115
115
  - - "~>"
116
116
  - !ruby/object:Gem::Version
117
- version: 0.82.0
117
+ version: 0.83.0
118
118
  type: :development
119
119
  prerelease: false
120
120
  version_requirements: !ruby/object:Gem::Requirement
121
121
  requirements:
122
122
  - - "~>"
123
123
  - !ruby/object:Gem::Version
124
- version: 0.82.0
124
+ version: 0.83.0
125
125
  - !ruby/object:Gem::Dependency
126
126
  name: vcr
127
127
  requirement: !ruby/object:Gem::Requirement