dependabot-cargo 0.275.0 → 0.276.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 88ead33a9ecc42b00e85c742c721796a698ca447ce43d893a29afa39300a4fc5
4
- data.tar.gz: 52248ac1890611b456d2efe0c33b9c8a255924fd1c6143a977e82339b2261af5
3
+ metadata.gz: c3da05094e1f13927a7c26aed56c5267bb605ad2a5abec28cbfef40512491ec7
4
+ data.tar.gz: 30593eb84b807669d60be403bea3e1fbb6cda755c139bb6e2c62629b5a4eba32
5
5
  SHA512:
6
- metadata.gz: cd6070b4b328b36b5490d9f33067bfcf72a94afaed9484fed5ae7197330954d4dfa5bb3ac7a3bfdee01f8084688e9aabd2652c4b99271f89c612a402b841e96e
7
- data.tar.gz: 3738e3502eacc7c1ccd6fd1df0facc57a0d0026027c0092831c1d146146a1a33131324f419ea0a6993f47e052235e0646c37ada41d37e8d4462e9c2df7786a95
6
+ metadata.gz: 47499e0d269f7c334443716302a796bbbad554116f8ee9c3c6f0b09e073354e200405b7c21e413f6e491f197f71fe117cc4e3b87392c132ab6e58d764402b408
7
+ data.tar.gz: 855a03795e16ab9f59fd8f4fcd61ed3e8cf37297c02509d55ec57b86656b9f5a58437c09eddc1f4911f93c6792b5b51bd57f37dc0d137796e502d41ee9f6190f
@@ -146,13 +146,7 @@ module Dependabot
146
146
  file: fetched_file,
147
147
  previously_fetched_files: previously_fetched_files
148
148
  )
149
-
150
- # If this path dependency file is a workspace member that inherits from
151
- # its root workspace, we search for the root to include it so Cargo can
152
- # resolve the path dependency file manifest properly.
153
- root = find_workspace_root(fetched_file, file) if workspace_member?(parsed_file(fetched_file))
154
-
155
- [fetched_file, *grandchild_requirement_files, root]
149
+ [fetched_file, *grandchild_requirement_files]
156
150
  rescue Dependabot::DependencyFileNotFound
157
151
  next unless required_path?(file, path)
158
152
 
@@ -224,64 +218,6 @@ module Dependabot
224
218
  paths
225
219
  end
226
220
 
227
- # See if this Cargo manifest inherits any property from a workspace
228
- # (e.g. edition = { workspace = true }).
229
- def workspace_member?(hash)
230
- hash.each do |key, value|
231
- if key == "workspace" && value == true
232
- return true
233
- elsif value.is_a?(Hash)
234
- return workspace_member?(value)
235
- end
236
- end
237
- false
238
- end
239
-
240
- # Find workspace root of this workspace member, first via package.workspace
241
- # manifest key if present, otherwise resort to searching parent directories
242
- # up till the repository root.
243
- #
244
- # original_manifest used for providing a useful error message.
245
- sig do
246
- params(workspace_member: Dependabot::DependencyFile,
247
- original_manifest: Dependabot::DependencyFile).returns(T.nilable(Dependabot::DependencyFile))
248
- end
249
- def find_workspace_root(workspace_member, original_manifest)
250
- current_dir = workspace_member.name.rpartition("/").first
251
-
252
- workspace_root_dir = parsed_file(workspace_member).dig("package", "workspace")
253
- unless workspace_root_dir.nil?
254
- workspace_root = fetch_file_from_host(
255
- File.join(current_dir, workspace_root_dir, "Cargo.toml"),
256
- fetch_submodules: true
257
- )
258
- return workspace_root if parsed_file(workspace_root)["workspace"]
259
-
260
- msg = "Could not resolve workspace root for path dependency " \
261
- "#{workspace_member.path} of #{original_manifest.path}"
262
- raise Dependabot::DependencyFileNotEvaluatable, msg
263
- end
264
-
265
- parent_dirs = current_dir.scan("/").length - 1
266
- while parent_dirs >= 0
267
- current_dir = File.join(current_dir, "..")
268
- begin
269
- parent_manifest = fetch_file_from_host(
270
- File.join(current_dir, "Cargo.toml"),
271
- fetch_submodules: true
272
- )
273
- return parent_manifest if parsed_file(parent_manifest)["workspace"]
274
- rescue Dependabot::DependencyFileNotFound
275
- # Cargo.toml not found in this parent, keep searching up
276
- end
277
- parent_dirs -= 1
278
- end
279
-
280
- msg = "Could not resolve workspace root for path dependency " \
281
- "#{workspace_member.path} of #{original_manifest.path}"
282
- raise Dependabot::DependencyFileNotEvaluatable, msg
283
- end
284
-
285
221
  def workspace_dependency_paths_from_file(file)
286
222
  if parsed_file(file)["workspace"] &&
287
223
  !parsed_file(file)["workspace"].key?("members")
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-cargo
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.275.0
4
+ version: 0.276.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-09-12 00:00:00.000000000 Z
11
+ date: 2024-09-19 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.275.0
19
+ version: 0.276.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.275.0
26
+ version: 0.276.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -263,7 +263,7 @@ licenses:
263
263
  - MIT
264
264
  metadata:
265
265
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
266
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.275.0
266
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.276.0
267
267
  post_install_message:
268
268
  rdoc_options: []
269
269
  require_paths: