RubyGems - dependabot-cargo - Versions diffs - 0.217.0 → 0.218.0 - Mend

dependabot-cargo 0.217.0 → 0.218.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/lib/dependabot/cargo/update_checker/requirements_updater.rb +3 -1
data/lib/dependabot/cargo/update_checker/version_resolver.rb +4 -0
data/lib/dependabot/cargo/update_checker.rb +8 -0
metadata +6 -6

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d740f0d7d8a7ff60db32e174a9d297011ed4f9ecf61e2925f4adabd489e7eb29
-  data.tar.gz: 2da87dcfafed33ebe9baa38510979aceb65709cbc5c61f4b3bcce1d0745073d1
+  metadata.gz: 2c83798b8a90a4313601ee5f327fa0dd66484a043db61ad3c57aa86426271595
+  data.tar.gz: 49a71d28c9286c8e2f24bfd26b18ee56d43c42c3a13acaf03035e2d4d44bf674
 SHA512:
-  metadata.gz: 9155ddc61023423975a9f4fe294a94e8234dd709192fdae64dafc97b58d1cf4c2186814f78bb9d682541921a0779069575dd41f1f0b144e84188825997b05d58
-  data.tar.gz: 508ad779126cf1a7722a538f79597949745c9bf328aaa6ea21e1f48afa351be04fcf8e4f936ad99d9181bbb6ebb214b537bfc2c3ce8c88fb07e45aacf95b40ef
+  metadata.gz: b7d18918a78419993518c36bbe58ced8fdc0a63bc770cf4f76861dd481d03019506c26594bd888440a8c0e56d5435abfd6ee012dfc7f3bd15afc7ac3c43c8ef9
+  data.tar.gz: 83cbb618d7d6bbc1c6af007e5f5d90e4a30a257820adad8e9c08eb8cbdaca569321c9bdd0e1e01eb115115e1576b803750b48ed1a9d562a3417dbadd9300c072

data/lib/dependabot/cargo/update_checker/requirements_updater.rb CHANGED Viewed

@@ -18,7 +18,7 @@ module Dependabot
         VERSION_REGEX = /[0-9]+(?:\.[A-Za-z0-9\-*]+)*/
         ALLOWED_UPDATE_STRATEGIES =
-          %i(bump_versions bump_versions_if_necessary).freeze
+          %i(lockfile_only bump_versions bump_versions_if_necessary).freeze
         def initialize(requirements:, updated_source:, update_strategy:,
                        target_version:)
@@ -34,6 +34,8 @@ module Dependabot
         end
         def updated_requirements
+          return requirements if update_strategy == :lockfile_only
           # NOTE: Order is important here. The FileUpdater needs the updated
           # requirement at index `i` to correspond to the previous requirement
           # at the same index.

data/lib/dependabot/cargo/update_checker/version_resolver.rb CHANGED Viewed

@@ -237,6 +237,10 @@ module Dependabot
             return nil
           end
+          if error.message.include?("usage of sparse registries requires `-Z sparse-registry`")
+            raise Dependabot::DependencyFileNotEvaluatable, "Dependabot only supports toolchain 1.68 and up."
+          end
           raise Dependabot::DependencyFileNotResolvable, error.message if resolvability_error?(error.message)
           raise error

data/lib/dependabot/cargo/update_checker.rb CHANGED Viewed

@@ -75,7 +75,15 @@ module Dependabot
         ).updated_requirements
       end
+      def requirements_unlocked_or_can_be?
+        requirements_update_strategy != :lockfile_only
+      end
       def requirements_update_strategy
+        # If passed in as an option (in the base class) honour that option
+        return @requirements_update_strategy.to_sym if @requirements_update_strategy
+        # Otherwise, widen ranges for libraries and bump versions for apps
         library? ? :bump_versions_if_necessary : :bump_versions
       end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-cargo
 version: !ruby/object:Gem::Version
-  version: 0.217.0
+  version: 0.218.0
 platform: ruby
 authors:
 - Dependabot
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-04-24 00:00:00.000000000 Z
+date: 2023-05-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.217.0
+        version: 0.218.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.217.0
+        version: 0.218.0
 - !ruby/object:Gem::Dependency
   name: debug
   requirement: !ruby/object:Gem::Requirement
@@ -232,8 +232,8 @@ homepage: https://github.com/dependabot/dependabot-core
 licenses:
 - Nonstandard
 metadata:
-  issue_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG.md
+  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.218.0
 post_install_message:
 rdoc_options: []
 require_paths: