dependabot-cargo 0.234.0 → 0.236.0
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: fe157ff314b277dc5b2e1efc398471a0696a3fa7bde8ceccbad47f84d60cbd27
|
|
4
|
+
data.tar.gz: 9bb539a7775b0b80e23a84312fce683a6ce0e5bd6109cc264ba4cd730a0c0636
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 4785527235f4a157f6252b40db1e064ac40e985e10f9ef5f8992d405cfffce9ea38fc38f4a2bbb20697598ee1dcda0f24a1e40c98d4a6ae65fff11609019e568
|
|
7
|
+
data.tar.gz: 3d80815dd340548ad584bb3a32f4ed1dc1022191665f66b099a8267699feba02164349dc9ddedb42d9e4e7586e2c5232b21b381f63f5e00b1d1b862cfc9411a9
|
|
@@ -146,7 +146,7 @@ module Dependabot
|
|
|
146
146
|
# returns a non-zero status
|
|
147
147
|
return if process.success?
|
|
148
148
|
|
|
149
|
-
if
|
|
149
|
+
if using_old_toolchain?(stdout)
|
|
150
150
|
raise Dependabot::DependencyFileNotEvaluatable, "Dependabot only supports toolchain 1.68 and up."
|
|
151
151
|
end
|
|
152
152
|
|
|
@@ -170,6 +170,15 @@ module Dependabot
|
|
|
170
170
|
)
|
|
171
171
|
end
|
|
172
172
|
|
|
173
|
+
def using_old_toolchain?(message)
|
|
174
|
+
return true if message.include?("usage of sparse registries requires `-Z sparse-registry`")
|
|
175
|
+
|
|
176
|
+
version_log = /rust version (?<version>\d.\d+)/.match(message)
|
|
177
|
+
return false unless version_log
|
|
178
|
+
|
|
179
|
+
version_class.new(version_log[:version]) < version_class.new("1.68")
|
|
180
|
+
end
|
|
181
|
+
|
|
173
182
|
def write_temporary_dependency_files
|
|
174
183
|
write_temporary_manifest_files
|
|
175
184
|
write_temporary_path_dependency_files
|
|
@@ -386,6 +395,10 @@ module Dependabot
|
|
|
386
395
|
def virtual_manifest?(file)
|
|
387
396
|
!file.content.include?("[package]")
|
|
388
397
|
end
|
|
398
|
+
|
|
399
|
+
def version_class
|
|
400
|
+
dependency.version_class
|
|
401
|
+
end
|
|
389
402
|
end
|
|
390
403
|
end
|
|
391
404
|
end
|
|
@@ -238,17 +238,26 @@ module Dependabot
|
|
|
238
238
|
return nil
|
|
239
239
|
end
|
|
240
240
|
|
|
241
|
-
if error.message
|
|
241
|
+
if using_old_toolchain?(error.message)
|
|
242
242
|
raise Dependabot::DependencyFileNotEvaluatable, "Dependabot only supports toolchain 1.68 and up."
|
|
243
243
|
end
|
|
244
244
|
|
|
245
245
|
raise Dependabot::DependencyFileNotResolvable, error.message if resolvability_error?(error.message)
|
|
246
246
|
|
|
247
|
-
raise
|
|
247
|
+
raise
|
|
248
248
|
end
|
|
249
249
|
# rubocop:enable Metrics/AbcSize
|
|
250
250
|
# rubocop:enable Metrics/PerceivedComplexity
|
|
251
251
|
|
|
252
|
+
def using_old_toolchain?(message)
|
|
253
|
+
return true if message.include?("usage of sparse registries requires `-Z sparse-registry`")
|
|
254
|
+
|
|
255
|
+
version_log = /rust version (?<version>\d.\d+)/.match(message)
|
|
256
|
+
return false unless version_log
|
|
257
|
+
|
|
258
|
+
version_class.new(version_log[:version]) < version_class.new("1.68")
|
|
259
|
+
end
|
|
260
|
+
|
|
252
261
|
def unreachable_git_urls
|
|
253
262
|
return @unreachable_git_urls if defined?(@unreachable_git_urls)
|
|
254
263
|
|
|
@@ -295,7 +304,11 @@ module Dependabot
|
|
|
295
304
|
return true if message.match?(/feature `[^\`]+` is required/)
|
|
296
305
|
return true if message.include?("unexpected end of input while parsing major version number")
|
|
297
306
|
|
|
298
|
-
|
|
307
|
+
original_requirements_resolvable = original_requirements_resolvable?
|
|
308
|
+
|
|
309
|
+
return false if original_requirements_resolvable == :unknown
|
|
310
|
+
|
|
311
|
+
!original_requirements_resolvable
|
|
299
312
|
end
|
|
300
313
|
|
|
301
314
|
def original_requirements_resolvable?
|
|
@@ -310,13 +323,15 @@ module Dependabot
|
|
|
310
323
|
|
|
311
324
|
true
|
|
312
325
|
rescue SharedHelpers::HelperSubprocessFailed => e
|
|
313
|
-
|
|
314
|
-
|
|
315
|
-
|
|
316
|
-
|
|
317
|
-
|
|
318
|
-
|
|
319
|
-
|
|
326
|
+
if e.message.include?("no matching version") ||
|
|
327
|
+
e.message.include?("failed to select a version") ||
|
|
328
|
+
e.message.include?("no matching package named") ||
|
|
329
|
+
e.message.include?("failed to parse manifest") ||
|
|
330
|
+
e.message.include?("failed to update submodule")
|
|
331
|
+
false
|
|
332
|
+
else
|
|
333
|
+
:unknown
|
|
334
|
+
end
|
|
320
335
|
end
|
|
321
336
|
|
|
322
337
|
def workspace_native_library_update_error?(message)
|
data/lib/dependabot/cargo.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-cargo
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.236.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-10-
|
|
11
|
+
date: 2023-10-26 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.236.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.236.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -219,7 +219,7 @@ licenses:
|
|
|
219
219
|
- Nonstandard
|
|
220
220
|
metadata:
|
|
221
221
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
222
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
222
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.236.0
|
|
223
223
|
post_install_message:
|
|
224
224
|
rdoc_options: []
|
|
225
225
|
require_paths:
|