dependabot-core 0.80.1 → 0.81.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4876570b3e1f43af321a0f7ed0f78080d5a46895ed94e38f0728c2d1db5da636
-  data.tar.gz: 43ddeb3dce5a0032d65d73d1022e0c9849ee88709843b5bf4b589a2a2159beb8
+  metadata.gz: d46b715b1f68703b62a2078d8937c31630c9c918b90221d758e50f39535607d9
+  data.tar.gz: 788de0506801b8bb803557348eac18c321cda7d3c0f4aa1b4f81c2fd8ca40fdf
 SHA512:
-  metadata.gz: 54ac485f972556393b816ac061e3af5743bb08882ec87c4422513cceee2128be116cf03ed3107d341d643b25f11631e6e509049a7ddca0d8c81b51a3fbc6c864
-  data.tar.gz: d85a8f9eaa459ebc9a4e95461e4c6b9b89c2ca46b16d939c68e1f7cc27da11b59e1938b167987ac34faa5c7789efc2fb3d209ee3c0fefe45090dd1d944b828b9
+  metadata.gz: 6ea4c222c5acef4126d5067acc657279b3d017e3f88db93dcfcaedefbcbbe423646ed476c3ebfc719f775250d326ffba099ad8ed59f817d0e2b63f096f4fa1fb
+  data.tar.gz: c8cffec6eb0256f1e57e1c6586d0c14c724d696b20c957cc6ff9868004faf5b6b5cbef06baeaf95fc9cde1b23a900768253695e114e201ce977544c039a4d839

data/CHANGELOG.md

@@ -1,3 +1,7 @@
+## v0.81.0, 10 December 2018
+
+- Extract Rust logic into a separate gem
+
 ## v0.80.1, 10 December 2018
 
 - Add another missing require

data/lib/dependabot/file_fetchers.rb

@@ -6,7 +6,6 @@ require "dependabot/file_fetchers/java/maven"
 require "dependabot/file_fetchers/java/gradle"
 require "dependabot/file_fetchers/php/composer"
 require "dependabot/file_fetchers/elixir/hex"
-require "dependabot/file_fetchers/rust/cargo"
 require "dependabot/file_fetchers/go/dep"
 require "dependabot/file_fetchers/go/modules"
 require "dependabot/file_fetchers/elm/elm_package"
@@ -20,7 +19,6 @@ module Dependabot
       "gradle" => FileFetchers::Java::Gradle,
       "composer" => FileFetchers::Php::Composer,
       "hex" => FileFetchers::Elixir::Hex,
-      "cargo" => FileFetchers::Rust::Cargo,
       "dep" => FileFetchers::Go::Dep,
       "go_modules" => FileFetchers::Go::Modules,
       "elm-package" => FileFetchers::Elm::ElmPackage

data/lib/dependabot/file_parsers.rb

@@ -6,7 +6,6 @@ require "dependabot/file_parsers/java/maven"
 require "dependabot/file_parsers/java/gradle"
 require "dependabot/file_parsers/php/composer"
 require "dependabot/file_parsers/elixir/hex"
-require "dependabot/file_parsers/rust/cargo"
 require "dependabot/file_parsers/go/dep"
 require "dependabot/file_parsers/go/modules"
 require "dependabot/file_parsers/elm/elm_package"
@@ -20,7 +19,6 @@ module Dependabot
       "gradle" => FileParsers::Java::Gradle,
       "composer" => FileParsers::Php::Composer,
       "hex" => FileParsers::Elixir::Hex,
-      "cargo" => FileParsers::Rust::Cargo,
       "dep" => FileParsers::Go::Dep,
       "go_modules" => FileParsers::Go::Modules,
       "elm-package" => FileParsers::Elm::ElmPackage

data/lib/dependabot/file_updaters.rb

@@ -6,7 +6,6 @@ require "dependabot/file_updaters/java/maven"
 require "dependabot/file_updaters/java/gradle"
 require "dependabot/file_updaters/php/composer"
 require "dependabot/file_updaters/elixir/hex"
-require "dependabot/file_updaters/rust/cargo"
 require "dependabot/file_updaters/go/dep"
 require "dependabot/file_updaters/go/modules"
 require "dependabot/file_updaters/elm/elm_package"
@@ -20,7 +19,6 @@ module Dependabot
       "gradle" => FileUpdaters::Java::Gradle,
       "composer" => FileUpdaters::Php::Composer,
       "hex" => FileUpdaters::Elixir::Hex,
-      "cargo" => FileUpdaters::Rust::Cargo,
       "dep" => FileUpdaters::Go::Dep,
       "go_modules" => FileUpdaters::Go::Modules,
       "elm-package" => FileUpdaters::Elm::ElmPackage

data/lib/dependabot/metadata_finders.rb

@@ -5,7 +5,6 @@ require "dependabot/metadata_finders/java_script/npm_and_yarn"
 require "dependabot/metadata_finders/java/maven"
 require "dependabot/metadata_finders/php/composer"
 require "dependabot/metadata_finders/elixir/hex"
-require "dependabot/metadata_finders/rust/cargo"
 require "dependabot/metadata_finders/go/dep"
 require "dependabot/metadata_finders/elm/elm_package"
 
@@ -18,7 +17,6 @@ module Dependabot
       "gradle" => MetadataFinders::Java::Maven,
       "composer" => MetadataFinders::Php::Composer,
       "hex" => MetadataFinders::Elixir::Hex,
-      "cargo" => MetadataFinders::Rust::Cargo,
       "dep" => MetadataFinders::Go::Dep,
       "go_modules" => MetadataFinders::Go::Dep,
       "elm-package" => MetadataFinders::Elm::ElmPackage

data/lib/dependabot/update_checkers.rb

@@ -6,7 +6,6 @@ require "dependabot/update_checkers/java/maven"
 require "dependabot/update_checkers/java/gradle"
 require "dependabot/update_checkers/php/composer"
 require "dependabot/update_checkers/elixir/hex"
-require "dependabot/update_checkers/rust/cargo"
 require "dependabot/update_checkers/go/dep"
 require "dependabot/update_checkers/go/modules"
 require "dependabot/update_checkers/elm/elm_package"
@@ -20,7 +19,6 @@ module Dependabot
       "gradle" => UpdateCheckers::Java::Gradle,
       "composer" => UpdateCheckers::Php::Composer,
       "hex" => UpdateCheckers::Elixir::Hex,
-      "cargo" => UpdateCheckers::Rust::Cargo,
       "dep" => UpdateCheckers::Go::Dep,
       "go_modules" => UpdateCheckers::Go::Modules,
       "elm-package" => UpdateCheckers::Elm::ElmPackage

data/lib/dependabot/utils.rb

@@ -4,7 +4,6 @@ require "dependabot/utils/elixir/version"
 require "dependabot/utils/java/version"
 require "dependabot/utils/java_script/version"
 require "dependabot/utils/php/version"
-require "dependabot/utils/rust/version"
 require "dependabot/utils/go/version"
 require "dependabot/utils/elm/version"
 
@@ -13,7 +12,6 @@ require "dependabot/utils/java/requirement"
 require "dependabot/utils/java_script/requirement"
 require "dependabot/utils/php/requirement"
 require "dependabot/utils/ruby/requirement"
-require "dependabot/utils/rust/requirement"
 require "dependabot/utils/go/requirement"
 require "dependabot/utils/elm/requirement"
 
@@ -30,7 +28,6 @@ module Dependabot
       "npm_and_yarn" => Utils::JavaScript::Version,
       "composer" => Utils::Php::Version,
       "hex" => Utils::Elixir::Version,
-      "cargo" => Utils::Rust::Version,
       "dep" => Utils::Go::Version,
       "go_modules" => Utils::Go::Version,
       "elm-package" => Utils::Elm::Version
@@ -56,7 +53,6 @@ module Dependabot
       "npm_and_yarn" => Utils::JavaScript::Requirement,
       "composer" => Utils::Php::Requirement,
       "hex" => Utils::Elixir::Requirement,
-      "cargo" => Utils::Rust::Requirement,
       "dep" => Utils::Go::Requirement,
       "go_modules" => Utils::Go::Requirement,
       "elm-package" => Utils::Elm::Requirement

data/lib/dependabot/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Dependabot
-  VERSION = "0.80.1"
+  VERSION = "0.81.0"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-core
 version: !ruby/object:Gem::Version
-  version: 0.80.1
+  version: 0.81.0
 platform: ruby
 authors:
 - Dependabot
@@ -389,7 +389,6 @@ files:
 - lib/dependabot/file_fetchers/ruby/bundler/child_gemfile_finder.rb
 - lib/dependabot/file_fetchers/ruby/bundler/path_gemspec_finder.rb
 - lib/dependabot/file_fetchers/ruby/bundler/require_relative_finder.rb
-- lib/dependabot/file_fetchers/rust/cargo.rb
 - lib/dependabot/file_parsers.rb
 - lib/dependabot/file_parsers/README.md
 - lib/dependabot/file_parsers/base.rb
@@ -410,7 +409,6 @@ files:
 - lib/dependabot/file_parsers/ruby/bundler.rb
 - lib/dependabot/file_parsers/ruby/bundler/file_preparer.rb
 - lib/dependabot/file_parsers/ruby/bundler/gemfile_checker.rb
-- lib/dependabot/file_parsers/rust/cargo.rb
 - lib/dependabot/file_updaters.rb
 - lib/dependabot/file_updaters/README.md
 - lib/dependabot/file_updaters/base.rb
@@ -443,6 +441,7 @@ files:
 - lib/dependabot/file_updaters/php/composer.rb
 - lib/dependabot/file_updaters/php/composer/lockfile_updater.rb
 - lib/dependabot/file_updaters/php/composer/manifest_updater.rb
+- lib/dependabot/file_updaters/ruby/.DS_Store
 - lib/dependabot/file_updaters/ruby/bundler.rb
 - lib/dependabot/file_updaters/ruby/bundler/gemfile_updater.rb
 - lib/dependabot/file_updaters/ruby/bundler/gemspec_dependency_name_finder.rb
@@ -452,9 +451,6 @@ files:
 - lib/dependabot/file_updaters/ruby/bundler/git_source_remover.rb
 - lib/dependabot/file_updaters/ruby/bundler/lockfile_updater.rb
 - lib/dependabot/file_updaters/ruby/bundler/requirement_replacer.rb
-- lib/dependabot/file_updaters/rust/cargo.rb
-- lib/dependabot/file_updaters/rust/cargo/lockfile_updater.rb
-- lib/dependabot/file_updaters/rust/cargo/manifest_updater.rb
 - lib/dependabot/git_commit_checker.rb
 - lib/dependabot/metadata_finders.rb
 - lib/dependabot/metadata_finders/README.md
@@ -470,7 +466,6 @@ files:
 - lib/dependabot/metadata_finders/java_script/npm_and_yarn.rb
 - lib/dependabot/metadata_finders/php/composer.rb
 - lib/dependabot/metadata_finders/ruby/bundler.rb
-- lib/dependabot/metadata_finders/rust/cargo.rb
 - lib/dependabot/pull_request_creator.rb
 - lib/dependabot/pull_request_creator/branch_namer.rb
 - lib/dependabot/pull_request_creator/commit_signer.rb
@@ -525,10 +520,6 @@ files:
 - lib/dependabot/update_checkers/ruby/bundler/ruby_requirement_setter.rb
 - lib/dependabot/update_checkers/ruby/bundler/shared_bundler_helpers.rb
 - lib/dependabot/update_checkers/ruby/bundler/version_resolver.rb
-- lib/dependabot/update_checkers/rust/cargo.rb
-- lib/dependabot/update_checkers/rust/cargo/file_preparer.rb
-- lib/dependabot/update_checkers/rust/cargo/requirements_updater.rb
-- lib/dependabot/update_checkers/rust/cargo/version_resolver.rb
 - lib/dependabot/utils.rb
 - lib/dependabot/utils/elixir/requirement.rb
 - lib/dependabot/utils/elixir/version.rb
@@ -545,8 +536,6 @@ files:
 - lib/dependabot/utils/php/requirement.rb
 - lib/dependabot/utils/php/version.rb
 - lib/dependabot/utils/ruby/requirement.rb
-- lib/dependabot/utils/rust/requirement.rb
-- lib/dependabot/utils/rust/version.rb
 - lib/dependabot/version.rb
 homepage: https://github.com/dependabot/dependabot-core
 licenses:
@@ -568,7 +557,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: 2.7.3
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.7.7
+rubygems_version: 2.7.6
 signing_key: 
 specification_version: 4
 summary: Automated dependency management

data/lib/dependabot/file_fetchers/rust/cargo.rb

@@ -1,240 +0,0 @@
-# frozen_string_literal: true
-
-require "pathname"
-require "toml-rb"
-
-require "dependabot/file_fetchers/base"
-require "dependabot/file_parsers/rust/cargo"
-
-# Docs on Cargo workspaces:
-# https://doc.rust-lang.org/cargo/reference/manifest.html#the-workspace-section
-module Dependabot
-  module FileFetchers
-    module Rust
-      class Cargo < Dependabot::FileFetchers::Base
-        def self.required_files_in?(filenames)
-          filenames.include?("Cargo.toml")
-        end
-
-        def self.required_files_message
-          "Repo must contain a Cargo.toml."
-        end
-
-        private
-
-        def fetch_files
-          fetched_files = []
-          fetched_files << cargo_toml
-          fetched_files << cargo_lock if cargo_lock
-          fetched_files << rust_toolchain if rust_toolchain
-          fetched_files += workspace_files
-          fetched_files += path_dependency_files
-          fetched_files
-        end
-
-        def workspace_files
-          @workspace_files ||=
-            fetch_workspace_files(
-              file: cargo_toml,
-              previously_fetched_files: []
-            )
-        end
-
-        def path_dependency_files
-          @path_dependency_files ||=
-            begin
-              fetched_path_dependency_files = []
-              [cargo_toml, *workspace_files].each do |file|
-                fetched_path_dependency_files +=
-                  fetch_path_dependency_files(
-                    file: file,
-                    previously_fetched_files: [cargo_toml, *workspace_files] +
-                                              fetched_path_dependency_files
-                  )
-              end
-
-              fetched_path_dependency_files
-            end
-        end
-
-        def fetch_workspace_files(file:, previously_fetched_files:)
-          current_dir = file.name.split("/")[0..-2].join("/")
-          current_dir = nil if current_dir == ""
-
-          workspace_dependency_paths_from_file(file).flat_map do |path|
-            path = File.join(current_dir, path) unless current_dir.nil?
-            path = Pathname.new(path).cleanpath.to_path
-
-            next if previously_fetched_files.map(&:name).include?(path)
-            next if file.name == path
-
-            fetched_file = fetch_file_from_host(path)
-            previously_fetched_files << fetched_file
-            grandchild_requirement_files =
-              fetch_workspace_files(
-                file: fetched_file,
-                previously_fetched_files: previously_fetched_files
-              )
-            [fetched_file, *grandchild_requirement_files]
-          end.compact
-        end
-
-        def fetch_path_dependency_files(
-          file:,
-          previously_fetched_files:
-        )
-          current_dir = file.name.split("/")[0..-2].join("/")
-          current_dir = nil if current_dir == ""
-
-          path_dependency_paths_from_file(file).flat_map do |path|
-            path = File.join(current_dir, path) unless current_dir.nil?
-            path = Pathname.new(path).cleanpath.to_path
-
-            next if previously_fetched_files.map(&:name).include?(path)
-            next if file.name == path
-
-            fetched_file = fetch_file_from_host(path, type: "path_dependency").
-                           tap { |f| f.support_file = true }
-            previously_fetched_files << fetched_file
-            grandchild_requirement_files =
-              fetch_path_dependency_files(
-                file: fetched_file,
-                previously_fetched_files: previously_fetched_files
-              )
-            [fetched_file, *grandchild_requirement_files]
-          rescue Dependabot::DependencyFileNotFound
-            raise if required_path?(file, path)
-          end.compact
-        end
-
-        def path_dependency_paths_from_file(file)
-          paths = []
-
-          # Paths specified in dependency declaration
-          FileParsers::Rust::Cargo::DEPENDENCY_TYPES.each do |type|
-            parsed_file(file).fetch(type, {}).each do |_, details|
-              next unless details.is_a?(Hash)
-              next unless details["path"]
-
-              paths << File.join(details["path"], "Cargo.toml")
-            end
-          end
-
-          # Paths specified for target-specific dependencies
-          parsed_file(file).fetch("target", {}).each do |_, t_details|
-            FileParsers::Rust::Cargo::DEPENDENCY_TYPES.each do |type|
-              t_details.fetch(type, {}).each do |_, details|
-                next unless details.is_a?(Hash)
-                next unless details["path"]
-
-                paths << File.join(details["path"], "Cargo.toml")
-              end
-            end
-          end
-
-          # Paths specified as replacements
-          parsed_file(file).fetch("replace", {}).each do |_, details|
-            next unless details.is_a?(Hash)
-            next unless details["path"]
-
-            paths << File.join(details["path"], "Cargo.toml")
-          end
-
-          paths
-        end
-
-        def workspace_dependency_paths_from_file(file)
-          workspace_paths = parsed_file(file).dig("workspace", "members")
-          return [] unless workspace_paths&.any?
-
-          # Expand any workspace paths that specify a `*`
-          workspace_paths = workspace_paths.flat_map do |path|
-            path.end_with?("*") ? expand_workspaces(path) : [path]
-          end
-
-          # Excluded paths, to be subtracted for the workspaces array
-          excluded_paths = parsed_file(file).dig("workspace", "excluded_paths")
-
-          (workspace_paths - (excluded_paths || [])).map do |path|
-            File.join(path, "Cargo.toml")
-          end
-        end
-
-        # Check whether a path is required or not. It will not be required if
-        # an alternative source (i.e., a git source) is also specified
-        # rubocop:disable Metrics/AbcSize
-        # rubocop:disable Metrics/CyclomaticComplexity
-        # rubocop:disable Metrics/PerceivedComplexity
-        def required_path?(file, path)
-          # Paths specified in dependency declaration
-          FileParsers::Rust::Cargo::DEPENDENCY_TYPES.each do |type|
-            parsed_file(file).fetch(type, {}).each do |_, details|
-              next unless details.is_a?(Hash)
-              next unless details["path"]
-              next unless path == File.join(details["path"], "Cargo.toml")
-
-              return true if details["git"].nil?
-            end
-          end
-
-          # Paths specified for target-specific dependencies
-          parsed_file(file).fetch("target", {}).each do |_, t_details|
-            FileParsers::Rust::Cargo::DEPENDENCY_TYPES.each do |type|
-              t_details.fetch(type, {}).each do |_, details|
-                next unless details.is_a?(Hash)
-                next unless details["path"]
-                next unless path == File.join(details["path"], "Cargo.toml")
-
-                return true if details["git"].nil?
-              end
-            end
-          end
-
-          # Paths specified as replacements
-          parsed_file(file).fetch("replace", {}).each do |_, details|
-            next unless details.is_a?(Hash)
-            next unless details["path"]
-            next unless path == File.join(details["path"], "Cargo.toml")
-
-            return true if details["git"].nil?
-          end
-
-          false
-        end
-        # rubocop:enable Metrics/AbcSize
-        # rubocop:enable Metrics/CyclomaticComplexity
-        # rubocop:enable Metrics/PerceivedComplexity
-
-        def expand_workspaces(path)
-          path = Pathname.new(path).cleanpath.to_path
-          dir = directory.gsub(%r{(^/|/$)}, "")
-          unglobbed_path = path.split("*").first.gsub(%r{(?<=/)[^/]*$}, "")
-
-          repo_contents(dir: unglobbed_path, raise_errors: false).
-            select { |file| file.type == "dir" }.
-            map { |f| f.path.gsub(%r{^/?#{Regexp.escape(dir)}/?}, "") }.
-            select { |filename| File.fnmatch?(path, filename) }
-        end
-
-        def parsed_file(file)
-          TomlRB.parse(file.content)
-        rescue TomlRB::ParseError
-          raise Dependabot::DependencyFileNotParseable, file.path
-        end
-
-        def cargo_toml
-          @cargo_toml ||= fetch_file_from_host("Cargo.toml")
-        end
-
-        def cargo_lock
-          @cargo_lock ||= fetch_file_if_present("Cargo.lock")
-        end
-
-        def rust_toolchain
-          @rust_toolchain ||= fetch_file_if_present("rust-toolchain")&.
-                              tap { |f| f.support_file = true }
-        end
-      end
-    end
-  end
-end