dependabot-cargo 0.279.0 → 0.281.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '0871338b76428223cb98db714e184c15f4be9e2ee1cc2531a4b8e214459dea6a'
-  data.tar.gz: a4840387735a066650131dbc216be3d2e81252ac3507bf83768190a3d8d12ef7
+  metadata.gz: ce1545319c2890f13ef33d55ea3f98cb4b87c8a0ff19a306ed21e9ab7edc1b1f
+  data.tar.gz: 0bba8d8904e3db5c3308ffb3ac3aa417ed36175ef75a12a41e27fd6b00570720
 SHA512:
-  metadata.gz: c49729555adaefc767a1260cc5853e398ab46f5adef2cb85bff6625520cd13f00daa0505427ef8381b64111989263ebe8a0f87ab06f512580de30876dbc40b6a
-  data.tar.gz: e8f00f80d174e66ea91c39f5ef4ae01beb98c07da9ac489399e6e8accf040914d14da4b2c428bbd79f3bbc079a619ba4be17159be93968fbb0279af0d1e06653
+  metadata.gz: 566f753bed9c80b614d243df61f8801f01e2f302a5630d06fee69ccffafe9c7a504c623b27baab5e113a350675d67cf301ac4937c9630eca52f0e94f5b8e0107
+  data.tar.gz: 8662d058892236edce20db993393b70a1110796b8062a843eaa97d2a9b3298afbc510554c874ae074e928acb06e1cb02f6fc277aaf8a409e7ab79982e59b9d58

data/lib/dependabot/cargo/update_checker/version_resolver.rb

@@ -20,6 +20,12 @@ module Dependabot
         REF_NOT_FOUND_REGEX = /#{UNABLE_TO_UPDATE}.*(#{REVSPEC_PATTERN}|#{OBJECT_PATTERN})/m
         GIT_REF_NOT_FOUND_REGEX = /Updating git repository `(?<url>[^`]*)`.*fatal: couldn't find remote ref/m
 
+        # Note that as of Rust 1.80, git error message handling in the `cargo update` command changed.
+        # This change causes the NOT_OUR_REF error to appear *before* the UNABLE_TO_UPDATE error.
+        # Issue filed in Cargo project: https://github.com/rust-lang/cargo/issues/14621
+        NOT_OUR_REF = /fatal: remote error: upload-pack: not our ref/
+        NOT_OUR_REF_REGEX = /#{NOT_OUR_REF}.*#{UNABLE_TO_UPDATE}/m
+
         def initialize(dependency:, credentials:,
                        original_dependency_files:, prepared_dependency_files:)
           @dependency = dependency
@@ -223,7 +229,7 @@ module Dependabot
             raise Dependabot::GitDependenciesNotReachable, urls
           end
 
-          [BRANCH_NOT_FOUND_REGEX, REF_NOT_FOUND_REGEX, GIT_REF_NOT_FOUND_REGEX].each do |regex|
+          [BRANCH_NOT_FOUND_REGEX, REF_NOT_FOUND_REGEX, GIT_REF_NOT_FOUND_REGEX, NOT_OUR_REF_REGEX].each do |regex|
             next unless error.message.match?(regex)
 
             dependency_url = error.message.match(regex).named_captures.fetch("url").split(/[#?]/).first

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-cargo
 version: !ruby/object:Gem::Version
-  version: 0.279.0
+  version: 0.281.0
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-10-03 00:00:00.000000000 Z
+date: 2024-10-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.279.0
+        version: 0.281.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.279.0
+        version: 0.281.0
 - !ruby/object:Gem::Dependency
   name: debug
   requirement: !ruby/object:Gem::Requirement
@@ -156,14 +156,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.8.1
+        version: 0.8.5
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.8.1
+        version: 0.8.5
 - !ruby/object:Gem::Dependency
   name: simplecov
   requirement: !ruby/object:Gem::Requirement
@@ -263,7 +263,7 @@ licenses:
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.279.0
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.281.0
 post_install_message: 
 rdoc_options: []
 require_paths: