dependabot-cargo 0.124.8 → 0.125.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0e6042ef6736fe80b4149a2497d5b01b8bfc03b758c6981cb5297369dbd67891
-  data.tar.gz: fbdca6817f971e4b6fa45aa5751b7e78ae69f8e06d35145738f7c060edd867b5
+  metadata.gz: 7f43673501df4b1fb171fdf36a65f2b545c549fecfc6985537b4fc0a1be5fa26
+  data.tar.gz: 21e827a34ba50d6ad920164f0ed6d5b7f57f97d4b67ebd8f1a5ee1ca9f8c88c2
 SHA512:
-  metadata.gz: 022d03e2cd87ecb7f63aa2be1011e9e042223169caeb343203075bc3abc511fe952069b9c50d624cb402a69d4882f1cd11067bcb3ddab55000ca98b23791b0ff
-  data.tar.gz: 919bd4883669b709489b45fb30ae531ac4b359f8115462b6ba785bc04f839273af8c516c1f62411c4b6555a005bc5b1edf512bc60559e474663e90ee6a8f4018
+  metadata.gz: 03c43883512a0be91ac35ac14e5223652c5c4afa73d596d29f2a67d9257ad92c719f5f5edb8881aa85c6a958573a8f820864c713c140c8a98d8b2014cb5982db
+  data.tar.gz: 6fa03057b529b18e27f8516363e94e8ed8300222d514704be99eaac5c508c3032e907eb3389a8a43bd07f3ac6c1568425fc379a3f62da5402156f1906647cb25

data/lib/dependabot/cargo/file_parser.rb

@@ -130,30 +130,22 @@ module Dependabot
         if declaration.is_a?(String)
           return declaration == "" ? nil : declaration
         end
-        unless declaration.is_a?(Hash)
-          raise "Unexpected dependency declaration: #{declaration}"
-        end
-        if declaration["version"]&.is_a?(String) && declaration["version"] != ""
-          return declaration["version"]
-        end
+        raise "Unexpected dependency declaration: #{declaration}" unless declaration.is_a?(Hash)
+        return declaration["version"] if declaration["version"]&.is_a?(String) && declaration["version"] != ""
 
         nil
       end
 
       def name_from_declaration(name, declaration)
         return name if declaration.is_a?(String)
-        unless declaration.is_a?(Hash)
-          raise "Unexpected dependency declaration: #{declaration}"
-        end
+        raise "Unexpected dependency declaration: #{declaration}" unless declaration.is_a?(Hash)
 
         declaration.fetch("package", name)
       end
 
       def source_from_declaration(declaration)
         return if declaration.is_a?(String)
-        unless declaration.is_a?(Hash)
-          raise "Unexpected dependency declaration: #{declaration}"
-        end
+        raise "Unexpected dependency declaration: #{declaration}" unless declaration.is_a?(Hash)
 
         return git_source_details(declaration) if declaration["git"]
         return { type: "path" } if declaration["path"]
@@ -203,9 +195,7 @@ module Dependabot
       end
 
       def version_from_lockfile_details(package_details)
-        unless package_details["source"]&.start_with?("git+")
-          return package_details["version"]
-        end
+        return package_details["version"] unless package_details["source"]&.start_with?("git+")
 
         package_details["source"].split("#").last
       end

data/lib/dependabot/cargo/file_updater/lockfile_updater.rb

@@ -38,9 +38,7 @@ module Dependabot
             updated_lockfile = File.read("Cargo.lock")
             updated_lockfile = post_process_lockfile(updated_lockfile)
 
-            if updated_lockfile.include?(desired_lockfile_content)
-              next updated_lockfile
-            end
+            next updated_lockfile if updated_lockfile.include?(desired_lockfile_content)
 
             raise "Failed to update #{dependency.name}!"
           end
@@ -270,9 +268,7 @@ module Dependabot
 
         def remove_default_run_specification(content)
           parsed_manifest = TomlRB.parse(content)
-          if parsed_manifest.dig("package", "default-run")
-            parsed_manifest["package"].delete("default-run")
-          end
+          parsed_manifest["package"].delete("default-run") if parsed_manifest.dig("package", "default-run")
           TomlRB.dump(parsed_manifest)
         end
 

data/lib/dependabot/cargo/update_checker.rb

@@ -49,9 +49,7 @@ module Dependabot
       def lowest_resolvable_security_fix_version
         raise "Dependency not vulnerable!" unless vulnerable?
 
-        if defined?(@lowest_resolvable_security_fix_version)
-          return @lowest_resolvable_security_fix_version
-        end
+        return @lowest_resolvable_security_fix_version if defined?(@lowest_resolvable_security_fix_version)
 
         @lowest_resolvable_security_fix_version =
           fetch_lowest_resolvable_security_fix_version
@@ -125,9 +123,7 @@ module Dependabot
       def latest_git_version_sha
         # If the gem isn't pinned, the latest version is just the latest
         # commit for the specified branch.
-        unless git_commit_checker.pinned?
-          return git_commit_checker.head_commit_for_current_branch
-        end
+        return git_commit_checker.head_commit_for_current_branch unless git_commit_checker.pinned?
 
         # If the dependency is pinned to a tag that looks like a version then
         # we want to update that tag. The latest version will then be the SHA
@@ -145,9 +141,7 @@ module Dependabot
       def latest_resolvable_version_for_git_dependency
         # If the gem isn't pinned, the latest version is just the latest
         # commit for the specified branch.
-        unless git_commit_checker.pinned?
-          return latest_resolvable_commit_with_unchanged_git_source
-        end
+        return latest_resolvable_commit_with_unchanged_git_source unless git_commit_checker.pinned?
 
         # If the dependency is pinned to a tag that looks like a version then
         # we want to update that tag. The latest version will then be the SHA
@@ -221,9 +215,7 @@ module Dependabot
         fix_version = lowest_security_fix_version
         return latest_resolvable_version if fix_version.nil?
 
-        if path_dependency? || git_dependency? || git_subdependency?
-          return latest_resolvable_version
-        end
+        return latest_resolvable_version if path_dependency? || git_dependency? || git_subdependency?
 
         prepared_files = FilePreparer.new(
           dependency_files: dependency_files,

data/lib/dependabot/cargo/update_checker/file_preparer.rb

@@ -120,13 +120,9 @@ module Dependabot
               next unless req.is_a?(Hash)
               next unless [req["tag"], req["rev"]].compact.uniq.count == 1
 
-              if req["tag"]
-                parsed_manifest[type][name]["tag"] = replacement_git_pin
-              end
+              parsed_manifest[type][name]["tag"] = replacement_git_pin if req["tag"]
 
-              if req["rev"]
-                parsed_manifest[type][name]["rev"] = replacement_git_pin
-              end
+              parsed_manifest[type][name]["rev"] = replacement_git_pin if req["rev"]
             end
           end
 
@@ -255,9 +251,7 @@ module Dependabot
 
         def name_from_declaration(name, declaration)
           return name if declaration.is_a?(String)
-          unless declaration.is_a?(Hash)
-            raise "Unexpected dependency declaration: #{declaration}"
-          end
+          raise "Unexpected dependency declaration: #{declaration}" unless declaration.is_a?(Hash)
 
           declaration.fetch("package", name)
         end

data/lib/dependabot/cargo/update_checker/latest_version_finder.rb

@@ -56,9 +56,7 @@ module Dependabot
         def filter_ignored_versions(versions_array)
           filtered = versions_array.
                      reject { |v| ignore_reqs.any? { |r| r.satisfied_by?(v) } }
-          if @raise_on_ignored && filtered.empty? && versions_array.any?
-            raise Dependabot::AllVersionsIgnored
-          end
+          raise Dependabot::AllVersionsIgnored if @raise_on_ignored && filtered.empty? && versions_array.any?
 
           filtered
         end

data/lib/dependabot/cargo/update_checker/version_resolver.rb

@@ -214,9 +214,7 @@ module Dependabot
             raise Dependabot::GitDependencyReferenceNotFound, dependency_url
           end
 
-          if resolvability_error?(error.message)
-            raise Dependabot::DependencyFileNotResolvable, error.message
-          end
+          raise Dependabot::DependencyFileNotResolvable, error.message if resolvability_error?(error.message)
 
           if workspace_native_library_update_error?(error.message)
             # This happens when we're updating one part of a workspace which
@@ -373,16 +371,12 @@ module Dependabot
 
           object.delete("bin")
 
-          if object.dig("package", "default-run")
-            object["package"].delete("default-run")
-          end
+          object["package"].delete("default-run") if object.dig("package", "default-run")
 
           package_name = object.dig("package", "name")
           return TomlRB.dump(object) unless package_name&.match?(/[\{\}]/)
 
-          if lockfile
-            raise "Sanitizing name for pkg with lockfile. Investigate!"
-          end
+          raise "Sanitizing name for pkg with lockfile. Investigate!" if lockfile
 
           object["package"]["name"] = "sanitized"
           TomlRB.dump(object)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-cargo
 version: !ruby/object:Gem::Version
-  version: 0.124.8
+  version: 0.125.4
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-11-04 00:00:00.000000000 Z
+date: 2020-11-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.124.8
+        version: 0.125.4
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.124.8
+        version: 0.125.4
 - !ruby/object:Gem::Dependency
   name: byebug
   requirement: !ruby/object:Gem::Requirement
@@ -128,14 +128,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.7.2
+        version: 0.8.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.7.2
+        version: 0.8.0
 - !ruby/object:Gem::Dependency
   name: vcr
   requirement: !ruby/object:Gem::Requirement