dependabot-cargo 0.216.1 → 0.217.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 60cb4695acae2f3864eb492bbb986ac49bfe702eae65d566ad256a559ae9915c
-  data.tar.gz: 8ca9c6f5aae7889073e3d64f61d539d596262090b393d0f7d7079f311b17b27c
+  metadata.gz: d740f0d7d8a7ff60db32e174a9d297011ed4f9ecf61e2925f4adabd489e7eb29
+  data.tar.gz: 2da87dcfafed33ebe9baa38510979aceb65709cbc5c61f4b3bcce1d0745073d1
 SHA512:
-  metadata.gz: b7089e2510a3ae8be2e7a85137ba52412f08c427b1362a172d5a2438d585c264b4b1ebf34603391b21fa56ad1fd0d319bedd11340841029d5871b4a794e1eda1
-  data.tar.gz: b2bc27a454960015bfd7039a01f2180eb49b66241f8f5f93c80c802f7dbd45aa25c3cfae8cc815ef130a606cc1f0e69d578d33875c07e4d14aa74ac58f0142c9
+  metadata.gz: 9155ddc61023423975a9f4fe294a94e8234dd709192fdae64dafc97b58d1cf4c2186814f78bb9d682541921a0779069575dd41f1f0b144e84188825997b05d58
+  data.tar.gz: 508ad779126cf1a7722a538f79597949745c9bf328aaa6ea21e1f48afa351be04fcf8e4f936ad99d9181bbb6ebb214b537bfc2c3ce8c88fb07e45aacf95b40ef

data/lib/dependabot/cargo/file_fetcher.rb

@@ -33,6 +33,11 @@ module Dependabot
             "channel" => channel
           }
         }
+      rescue TomlRB::ParseError
+        raise Dependabot::DependencyFileNotParseable.new(
+          rust_toolchain.path,
+          "only rust-toolchain files formatted as TOML are supported, the non-TOML format was deprecated by Rust"
+        )
       end
 
       private

data/lib/dependabot/cargo/file_updater/lockfile_updater.rb

@@ -145,6 +145,19 @@ module Dependabot
           # returns a non-zero status
           return if process.success?
 
+          if stdout.include?("usage of sparse registries requires `-Z sparse-registry`")
+            raise Dependabot::DependencyFileNotEvaluatable, "Dependabot only supports toolchain 1.68 and up."
+          end
+
+          # package doesn't exist in the index
+          if (match = stdout.match(/no matching package named `([^`]+)` found/))
+            raise Dependabot::DependencyFileNotResolvable, match[1]
+          end
+
+          if (match = /error: no matching package found\nsearched package name: `([^`]+)`/m.match(stdout))
+            raise Dependabot::DependencyFileNotResolvable, match[1]
+          end
+
           raise SharedHelpers::HelperSubprocessFailed.new(
             message: stdout,
             error_context: {

data/lib/dependabot/cargo/update_checker/latest_version_finder.rb

@@ -102,13 +102,11 @@ module Dependabot
         end
 
         def version_class
-          Utils.version_class_for_package_manager(dependency.package_manager)
+          dependency.version_class
         end
 
         def requirement_class
-          Utils.requirement_class_for_package_manager(
-            dependency.package_manager
-          )
+          dependency.requirement_class
         end
       end
     end

data/lib/dependabot/cargo/update_checker/version_resolver.rb

@@ -422,7 +422,7 @@ module Dependabot
         end
 
         def version_class
-          Cargo::Version
+          dependency.version_class
         end
       end
     end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-cargo
 version: !ruby/object:Gem::Version
-  version: 0.216.1
+  version: 0.217.0
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-04-14 00:00:00.000000000 Z
+date: 2023-04-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.216.1
+        version: 0.217.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.216.1
+        version: 0.217.0
 - !ruby/object:Gem::Dependency
   name: debug
   requirement: !ruby/object:Gem::Requirement