dependabot-cargo 0.275.0 → 0.276.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/cargo/file_fetcher.rb +1 -65
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c3da05094e1f13927a7c26aed56c5267bb605ad2a5abec28cbfef40512491ec7
|
|
4
|
+
data.tar.gz: 30593eb84b807669d60be403bea3e1fbb6cda755c139bb6e2c62629b5a4eba32
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 47499e0d269f7c334443716302a796bbbad554116f8ee9c3c6f0b09e073354e200405b7c21e413f6e491f197f71fe117cc4e3b87392c132ab6e58d764402b408
|
|
7
|
+
data.tar.gz: 855a03795e16ab9f59fd8f4fcd61ed3e8cf37297c02509d55ec57b86656b9f5a58437c09eddc1f4911f93c6792b5b51bd57f37dc0d137796e502d41ee9f6190f
|
|
@@ -146,13 +146,7 @@ module Dependabot
|
|
|
146
146
|
file: fetched_file,
|
|
147
147
|
previously_fetched_files: previously_fetched_files
|
|
148
148
|
)
|
|
149
|
-
|
|
150
|
-
# If this path dependency file is a workspace member that inherits from
|
|
151
|
-
# its root workspace, we search for the root to include it so Cargo can
|
|
152
|
-
# resolve the path dependency file manifest properly.
|
|
153
|
-
root = find_workspace_root(fetched_file, file) if workspace_member?(parsed_file(fetched_file))
|
|
154
|
-
|
|
155
|
-
[fetched_file, *grandchild_requirement_files, root]
|
|
149
|
+
[fetched_file, *grandchild_requirement_files]
|
|
156
150
|
rescue Dependabot::DependencyFileNotFound
|
|
157
151
|
next unless required_path?(file, path)
|
|
158
152
|
|
|
@@ -224,64 +218,6 @@ module Dependabot
|
|
|
224
218
|
paths
|
|
225
219
|
end
|
|
226
220
|
|
|
227
|
-
# See if this Cargo manifest inherits any property from a workspace
|
|
228
|
-
# (e.g. edition = { workspace = true }).
|
|
229
|
-
def workspace_member?(hash)
|
|
230
|
-
hash.each do |key, value|
|
|
231
|
-
if key == "workspace" && value == true
|
|
232
|
-
return true
|
|
233
|
-
elsif value.is_a?(Hash)
|
|
234
|
-
return workspace_member?(value)
|
|
235
|
-
end
|
|
236
|
-
end
|
|
237
|
-
false
|
|
238
|
-
end
|
|
239
|
-
|
|
240
|
-
# Find workspace root of this workspace member, first via package.workspace
|
|
241
|
-
# manifest key if present, otherwise resort to searching parent directories
|
|
242
|
-
# up till the repository root.
|
|
243
|
-
#
|
|
244
|
-
# original_manifest used for providing a useful error message.
|
|
245
|
-
sig do
|
|
246
|
-
params(workspace_member: Dependabot::DependencyFile,
|
|
247
|
-
original_manifest: Dependabot::DependencyFile).returns(T.nilable(Dependabot::DependencyFile))
|
|
248
|
-
end
|
|
249
|
-
def find_workspace_root(workspace_member, original_manifest)
|
|
250
|
-
current_dir = workspace_member.name.rpartition("/").first
|
|
251
|
-
|
|
252
|
-
workspace_root_dir = parsed_file(workspace_member).dig("package", "workspace")
|
|
253
|
-
unless workspace_root_dir.nil?
|
|
254
|
-
workspace_root = fetch_file_from_host(
|
|
255
|
-
File.join(current_dir, workspace_root_dir, "Cargo.toml"),
|
|
256
|
-
fetch_submodules: true
|
|
257
|
-
)
|
|
258
|
-
return workspace_root if parsed_file(workspace_root)["workspace"]
|
|
259
|
-
|
|
260
|
-
msg = "Could not resolve workspace root for path dependency " \
|
|
261
|
-
"#{workspace_member.path} of #{original_manifest.path}"
|
|
262
|
-
raise Dependabot::DependencyFileNotEvaluatable, msg
|
|
263
|
-
end
|
|
264
|
-
|
|
265
|
-
parent_dirs = current_dir.scan("/").length - 1
|
|
266
|
-
while parent_dirs >= 0
|
|
267
|
-
current_dir = File.join(current_dir, "..")
|
|
268
|
-
begin
|
|
269
|
-
parent_manifest = fetch_file_from_host(
|
|
270
|
-
File.join(current_dir, "Cargo.toml"),
|
|
271
|
-
fetch_submodules: true
|
|
272
|
-
)
|
|
273
|
-
return parent_manifest if parsed_file(parent_manifest)["workspace"]
|
|
274
|
-
rescue Dependabot::DependencyFileNotFound
|
|
275
|
-
# Cargo.toml not found in this parent, keep searching up
|
|
276
|
-
end
|
|
277
|
-
parent_dirs -= 1
|
|
278
|
-
end
|
|
279
|
-
|
|
280
|
-
msg = "Could not resolve workspace root for path dependency " \
|
|
281
|
-
"#{workspace_member.path} of #{original_manifest.path}"
|
|
282
|
-
raise Dependabot::DependencyFileNotEvaluatable, msg
|
|
283
|
-
end
|
|
284
|
-
|
|
285
221
|
def workspace_dependency_paths_from_file(file)
|
|
286
222
|
if parsed_file(file)["workspace"] &&
|
|
287
223
|
!parsed_file(file)["workspace"].key?("members")
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-cargo
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.276.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-09-
|
|
11
|
+
date: 2024-09-19 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.276.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.276.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -263,7 +263,7 @@ licenses:
|
|
|
263
263
|
- MIT
|
|
264
264
|
metadata:
|
|
265
265
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
266
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
266
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.276.0
|
|
267
267
|
post_install_message:
|
|
268
268
|
rdoc_options: []
|
|
269
269
|
require_paths:
|