RubyGems - dependabot-cargo - Versions diffs - 0.86.15 → 0.86.16 - Mend

dependabot-cargo 0.86.15 → 0.86.16

Files changed (3) hide show

checksums.yaml +4 -4
data/lib/dependabot/cargo/update_checker/version_resolver.rb +20 -3
metadata +3 -3

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ea0c28d05ee592c2ff334739e0274790c4d27fe8d3b33f38b83a3eb73eb4e419
-  data.tar.gz: 78f5cd24e8938250983dd45d900a28d73add9cf860f39b43d6add997aedf16ac
+  metadata.gz: 4907494f0239cbbdabc20ce45ad0cff957adb870316d056ab9300855080d191b
+  data.tar.gz: e7fcdf06233cb6209d580b5ab93d4ebea2604cbc433893b5db7169895424a9f7
 SHA512:
-  metadata.gz: 4bd048e360a7655efb231927c6b16745156f2589e5c689f9763fa89841378ff50b56e8c0a04550138ed86059e198057ab2dfe83cc77e7175a57e2cd0cec09c76
-  data.tar.gz: 718932385a3090edba8f27ff92fcb449ab7068e4b807f77bb954c4dadab4816c1596db26f8947ac74383da9d21f3e3e2e9f48719633e7a0ef6efffe92ffb82c5
+  metadata.gz: 51181331b2c04c5649f8a7926cc10622b32c9289d8ac0f5d218d304b6d474655bce18e7e266b34a22f847bfc86a608819dfcf28b462f33f89e7019fe5697e364
+  data.tar.gz: e573edf205d832d14a4b0c8cfd16857ba5f4dee2954c50e8f60bdbb5e9e42f2473f71f3ac3276329e3fa9173f852fde4f55ed71f782c14d4660db4850041e441

data/lib/dependabot/cargo/update_checker/version_resolver.rb CHANGED Viewed

@@ -46,8 +46,7 @@ module Dependabot
               run_cargo_command(command)
             end
-            new_lockfile_content = File.read("Cargo.lock")
-            updated_version = get_version_from_lockfile(new_lockfile_content)
+            updated_version = fetch_version_from_new_lockfile
             return if updated_version.nil?
             return updated_version if git_dependency?
@@ -58,7 +57,9 @@ module Dependabot
           handle_cargo_errors(error)
         end
-        def get_version_from_lockfile(lockfile_content)
+        def fetch_version_from_new_lockfile
+          check_rust_workspace_root unless File.exist?("Cargo.lock")
+          lockfile_content = File.read("Cargo.lock")
           versions = TomlRB.parse(lockfile_content).fetch("package").
                      select { |p| p["name"] == dependency.name }
@@ -111,6 +112,22 @@ module Dependabot
           File.write(toolchain.name, toolchain.content) if toolchain
         end
+        def check_rust_workspace_root
+          cargo_toml = original_dependency_files.
+                       select { |f| f.name.end_with?("../Cargo.toml") }.
+                       max_by { |f| f.name.length }
+          return unless TomlRB.parse(cargo_toml.content)["workspace"]
+          msg = "This project is part of a Rust workspace but is not the "\
+                "workspace root."\
+          if cargo_toml.directory != "/"
+            msg += "Please update your settings so Dependabot points at the "\
+                   "workspace root instead of #{cargo_toml.directory}."
+          end
+          raise Dependabot::DependencyFileNotResolvable, msg
+        end
         def handle_cargo_errors(error)
           if error.message.include?("does not have these features")
             # TODO: Ideally we should update the declaration not to ask

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-cargo
 version: !ruby/object:Gem::Version
-  version: 0.86.15
+  version: 0.86.16
 platform: ruby
 authors:
 - Dependabot
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.86.15
+        version: 0.86.16
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.86.15
+        version: 0.86.16
 - !ruby/object:Gem::Dependency
   name: byebug
   requirement: !ruby/object:Gem::Requirement