dependabot-cargo 0.86.15 → 0.86.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/cargo/update_checker/version_resolver.rb +20 -3
  3. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ea0c28d05ee592c2ff334739e0274790c4d27fe8d3b33f38b83a3eb73eb4e419
4
- data.tar.gz: 78f5cd24e8938250983dd45d900a28d73add9cf860f39b43d6add997aedf16ac
3
+ metadata.gz: 4907494f0239cbbdabc20ce45ad0cff957adb870316d056ab9300855080d191b
4
+ data.tar.gz: e7fcdf06233cb6209d580b5ab93d4ebea2604cbc433893b5db7169895424a9f7
5
5
  SHA512:
6
- metadata.gz: 4bd048e360a7655efb231927c6b16745156f2589e5c689f9763fa89841378ff50b56e8c0a04550138ed86059e198057ab2dfe83cc77e7175a57e2cd0cec09c76
7
- data.tar.gz: 718932385a3090edba8f27ff92fcb449ab7068e4b807f77bb954c4dadab4816c1596db26f8947ac74383da9d21f3e3e2e9f48719633e7a0ef6efffe92ffb82c5
6
+ metadata.gz: 51181331b2c04c5649f8a7926cc10622b32c9289d8ac0f5d218d304b6d474655bce18e7e266b34a22f847bfc86a608819dfcf28b462f33f89e7019fe5697e364
7
+ data.tar.gz: e573edf205d832d14a4b0c8cfd16857ba5f4dee2954c50e8f60bdbb5e9e42f2473f71f3ac3276329e3fa9173f852fde4f55ed71f782c14d4660db4850041e441
data/lib/dependabot/cargo/update_checker/version_resolver.rb CHANGED
@@ -46,8 +46,7 @@ module Dependabot
46
46
  run_cargo_command(command)
47
47
  end
48
48
 
49
- new_lockfile_content = File.read("Cargo.lock")
50
- updated_version = get_version_from_lockfile(new_lockfile_content)
49
+ updated_version = fetch_version_from_new_lockfile
51
50
 
52
51
  return if updated_version.nil?
53
52
  return updated_version if git_dependency?
@@ -58,7 +57,9 @@ module Dependabot
58
57
  handle_cargo_errors(error)
59
58
  end
60
59
 
61
- def get_version_from_lockfile(lockfile_content)
60
+ def fetch_version_from_new_lockfile
61
+ check_rust_workspace_root unless File.exist?("Cargo.lock")
62
+ lockfile_content = File.read("Cargo.lock")
62
63
  versions = TomlRB.parse(lockfile_content).fetch("package").
63
64
  select { |p| p["name"] == dependency.name }
64
65
 
@@ -111,6 +112,22 @@ module Dependabot
111
112
  File.write(toolchain.name, toolchain.content) if toolchain
112
113
  end
113
114
 
115
+ def check_rust_workspace_root
116
+ cargo_toml = original_dependency_files.
117
+ select { |f| f.name.end_with?("../Cargo.toml") }.
118
+ max_by { |f| f.name.length }
119
+ return unless TomlRB.parse(cargo_toml.content)["workspace"]
120
+
121
+ msg = "This project is part of a Rust workspace but is not the "\
122
+ "workspace root."\
123
+
124
+ if cargo_toml.directory != "/"
125
+ msg += "Please update your settings so Dependabot points at the "\
126
+ "workspace root instead of #{cargo_toml.directory}."
127
+ end
128
+ raise Dependabot::DependencyFileNotResolvable, msg
129
+ end
130
+
114
131
  def handle_cargo_errors(error)
115
132
  if error.message.include?("does not have these features")
116
133
  # TODO: Ideally we should update the declaration not to ask
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-cargo
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.86.15
4
+ version: 0.86.16
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.86.15
19
+ version: 0.86.16
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.86.15
26
+ version: 0.86.16
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement