dependabot-pub 0.176.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 55f5860d255487229cc4277f0efc5cdc7811ca4e541ec722a9d657d4212b7f3e
+  data.tar.gz: a263996e7b0081a8557a20ee97f20fc09635a88733c80c4250ba89611e81bf26
+SHA512:
+  metadata.gz: 3befba7ade7037906a01793ada0cb3736e101c689bb877486d151b8fcac1b6d5c041227b0a1360c9f823026ebcd0e86625d76fd309f15acc616b78cb4dc35b20
+  data.tar.gz: 65555682c69b9360e6aa9a3ea82bda54047ebd245545289299aa59348f25796df749e235c6f18f114584139e1f7b2004771a8a3f564a49caaa3b5d9f1842eae3

data/lib/dependabot/pub/file_fetcher.rb

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+
+require "dependabot/file_fetchers"
+require "dependabot/file_fetchers/base"
+
+# For details on pub packages, see:
+# https://dart.dev/tools/pub/package-layout#the-pubspec
+module Dependabot
+  module Pub
+    class FileFetcher < Dependabot::FileFetchers::Base
+      def self.required_files_in?(filenames)
+        filenames.include?("pubspec.yaml")
+      end
+
+      def self.required_files_message
+        "Repo must contain a pubspec.yaml."
+      end
+
+      private
+
+      def fetch_files
+        fetched_files = []
+        fetched_files << pubspec_yaml
+        fetched_files << pubspec_lock if pubspec_lock
+        # Fetch any additional pubspec.yamls in the same git repo for resolving
+        # local path-dependencies.
+        extra_pubspecs = Dir.glob("**/pubspec.yaml", base: clone_repo_contents)
+        fetched_files += extra_pubspecs.map do |pubspec|
+          relative_name = Pathname.new("/#{pubspec}").relative_path_from(directory)
+          fetch_file_from_host(relative_name)
+        end
+        fetched_files.uniq
+      end
+
+      def pubspec_yaml
+        @pubspec_yaml ||= fetch_file_from_host("pubspec.yaml")
+      end
+
+      def pubspec_lock
+        @pubspec_lock ||= fetch_file_if_present("pubspec.lock")
+      end
+    end
+  end
+end
+
+Dependabot::FileFetchers.register("pub", Dependabot::Pub::FileFetcher)

data/lib/dependabot/pub/file_parser.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+require "dependabot/file_parsers"
+require "dependabot/file_parsers/base"
+require "dependabot/dependency"
+require "dependabot/pub/version"
+require "dependabot/pub/helpers"
+
+module Dependabot
+  module Pub
+    class FileParser < Dependabot::FileParsers::Base
+      require "dependabot/file_parsers/base/dependency_set"
+      include Dependabot::Pub::Helpers
+
+      def parse
+        dependency_set = DependencySet.new
+        list.map do |d|
+          dependency_set << to_dependency(d)
+        end
+        dependency_set.dependencies.sort_by(&:name)
+      end
+
+      private
+
+      def check_required_files
+        raise "No pubspec.yaml!" unless get_original_file("pubspec.yaml")
+      end
+
+      def list
+        @list ||= dependency_services_list
+      end
+    end
+  end
+end
+
+Dependabot::FileParsers.register("pub", Dependabot::Pub::FileParser)

data/lib/dependabot/pub/file_updater.rb

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+require "dependabot/file_updaters"
+require "dependabot/file_updaters/base"
+require "dependabot/pub/helpers"
+
+module Dependabot
+  module Pub
+    class FileUpdater < Dependabot::FileUpdaters::Base
+      include Dependabot::Pub::Helpers
+
+      def self.updated_files_regex
+        [
+          /^pubspec\.yaml$/,
+          /^pubspec\.lock$/
+        ]
+      end
+
+      def updated_dependency_files
+        dependency_services_apply(@dependencies)
+      end
+
+      private
+
+      def check_required_files
+        raise "No pubspec.yaml!" unless get_original_file("pubspec.yaml")
+      end
+    end
+  end
+end
+
+Dependabot::FileUpdaters.register("pub", Dependabot::Pub::FileUpdater)

data/lib/dependabot/pub/helpers.rb

@@ -0,0 +1,135 @@
+# frozen_string_literal: true
+
+require "json"
+require "open3"
+require "digest"
+
+require "dependabot/errors"
+require "dependabot/shared_helpers"
+require "dependabot/pub/requirement"
+
+module Dependabot
+  module Pub
+    module Helpers
+      private
+
+      def dependency_services_list
+        JSON.parse(run_dependency_services("list"))["dependencies"]
+      end
+
+      def dependency_services_report
+        sha256 = Digest::SHA256.new
+        dependency_files.each do |f|
+          sha256 << f.path + "\n" + f.content + "\n"
+        end
+        hash = sha256.hexdigest
+
+        cache_file = "/tmp/report-#{hash}-pid-#{Process.pid}.json"
+        return JSON.parse(File.read(cache_file)) if File.file?(cache_file)
+
+        report = JSON.parse(run_dependency_services("report"))["dependencies"]
+        File.write(cache_file, JSON.generate(report))
+        report
+      end
+
+      def dependency_services_apply(dependency_changes)
+        run_dependency_services("apply", stdin_data: dependencies_to_json(dependency_changes)) do
+          dependency_files.map do |f|
+            updated_file = f.dup
+            updated_file.content = File.read(f.name)
+            updated_file
+          end
+        end
+      end
+
+      def run_dependency_services(command, stdin_data: nil)
+        SharedHelpers.in_a_temporary_directory do
+          dependency_files.each do |f|
+            in_path_name = File.join(Dir.pwd, f.directory, f.name)
+            FileUtils.mkdir_p File.dirname(in_path_name)
+            File.write(in_path_name, f.content)
+          end
+          SharedHelpers.with_git_configured(credentials: credentials) do
+            env = {
+              "CI" => "true",
+              "PUB_ENVIRONMENT" => "dependabot",
+              "FLUTTER_ROOT" => "/opt/dart/flutter",
+              "PUB_HOSTED_URL" => options[:pub_hosted_url]
+            }
+            Dir.chdir File.join(Dir.pwd, dependency_files.first.directory) do
+              stdout, stderr, status = Open3.capture3(
+                env.compact,
+                "dart",
+                "--no-analytics",
+                "pub",
+                "global",
+                "run",
+                "pub:dependency_services",
+                command,
+                stdin_data: stdin_data
+              )
+              raise Dependabot::DependabotError, "dart pub failed: #{stderr}" unless status.success?
+              return stdout unless block_given?
+
+              yield
+            end
+          end
+        end
+      end
+
+      def to_dependency(json)
+        params = {
+          name: json["name"],
+          version: json["version"],
+          package_manager: "pub",
+          requirements: []
+        }
+        if json["kind"] != "transitive" && !json["constraint"].nil?
+          constraint = json["constraint"]
+          params[:requirements] << {
+            requirement: constraint,
+            groups: [json["kind"]],
+            source: nil, # TODO: Expose some information about the source
+            file: "pubspec.yaml"
+          }
+        end
+        if json["previousVersion"]
+          params = {
+            **params,
+            previous_version: json["previousVersion"],
+            previous_requirements: []
+          }
+          if json["kind"] != "transitive" && !json["previousConstraint"].nil?
+            constraint = json["previousConstraint"]
+            params[:previous_requirements] << {
+              requirement: constraint,
+              groups: [json["kind"]],
+              source: nil, # TODO: Expose some information about the source
+              file: "pubspec.yaml"
+            }
+          end
+        end
+        Dependency.new(**params)
+      end
+
+      def dependencies_to_json(dependencies)
+        if dependencies.nil?
+          nil
+        else
+          deps = dependencies.map do |d|
+            obj = {
+              "name" => d.name,
+              "version" => d.version
+            }
+
+            obj["constraint"] = d.requirements[0][:requirement].to_s unless d.requirements.nil? || d.requirements.empty?
+            obj
+          end
+          JSON.generate({
+            "dependencyChanges" => deps
+          })
+        end
+      end
+    end
+  end
+end

data/lib/dependabot/pub/metadata_finder.rb

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+require "excon"
+require "dependabot/metadata_finders"
+require "dependabot/metadata_finders/base"
+require "dependabot/shared_helpers"
+
+module Dependabot
+  module Pub
+    class MetadataFinder < Dependabot::MetadataFinders::Base
+      private
+
+      def look_up_source
+        repo = pub_listing.dig("latest", "pubspec", "repository")
+        return nil unless repo
+
+        Source.from_url(repo)
+      end
+
+      def pub_listing
+        return @pub_listing unless @pub_listing.nil?
+
+        response = Excon.get(
+          "https://pub.dev/api/packages/#{dependency.name}",
+          idempotent: true,
+          **SharedHelpers.excon_defaults
+        )
+
+        @pub_listing = JSON.parse(response.body)
+      end
+    end
+  end
+end
+
+Dependabot::MetadataFinders.register("pub", Dependabot::Pub::MetadataFinder)

data/lib/dependabot/pub/requirement.rb

@@ -0,0 +1,122 @@
+# frozen_string_literal: true
+
+# For details on pub version constraints see:
+# https://github.com/dart-lang/pub_semver
+
+###################################################################
+
+require "dependabot/utils"
+require "dependabot/pub/version"
+
+module Dependabot
+  module Pub
+    class Requirement < Gem::Requirement
+      quoted = OPS.keys.map { |k| Regexp.quote(k) }.join("|")
+      version_pattern = Pub::Version::VERSION_PATTERN
+
+      PATTERN_RAW = "\\s*(#{quoted})?\\s*(#{version_pattern})\\s*"
+      PATTERN = /\A#{PATTERN_RAW}\z/.freeze
+
+      # Use Pub::Version rather than Gem::Version to ensure that
+      # pre-release versions aren't transformed.
+      def self.parse(obj)
+        return ["=", Pub::Version.new(obj.to_s)] if obj.is_a?(Gem::Version)
+
+        unless (matches = PATTERN.match(obj.to_s))
+          msg = "Illformed requirement [#{obj.inspect}]"
+          raise BadRequirementError, msg
+        end
+
+        return DefaultRequirement if matches[1] == ">=" && matches[2] == "0"
+
+        [matches[1] || "=", Pub::Version.new(matches[2])]
+      end
+
+      # For consistency with other langauges, we define a requirements array.
+      # Dart doesn't have an `OR` separator for requirements, so it always
+      # contains a single element.
+      def self.requirements_array(requirement_string)
+        [new(requirement_string)]
+      end
+
+      def initialize(*requirements, raw_constraint: nil)
+        requirements = requirements.flatten.flat_map do |req_string|
+          req_string.split(",").map(&:strip).map do |r|
+            convert_dart_constraint_to_ruby_constraint(r.strip)
+          end
+        end
+        super(requirements)
+
+        @raw_constraint = raw_constraint
+      end
+
+      def to_s
+        if @raw_constraint.nil?
+          as_list.join ", "
+        else
+          @raw_constraint
+        end
+      end
+
+      private
+
+      def convert_dart_constraint_to_ruby_constraint(req_string)
+        if req_string.empty? || req_string == "any" then ">= 0"
+        elsif req_string.match?(/^~[^>]/) then convert_tilde_req(req_string)
+        elsif req_string.match?(/^\^/) then convert_caret_req(req_string)
+        elsif req_string.match?(/[<=>]/) then convert_range_req(req_string)
+        else
+          ruby_range(req_string)
+        end
+      end
+
+      def convert_tilde_req(req_string)
+        version = req_string.gsub(/^~/, "")
+        parts = version.split(".")
+        "~> #{parts.join('.')}"
+      end
+
+      def convert_range_req(req_string)
+        req_string.scan(
+          /((?:>|<|=|<=|>=)\s*#{Pub::Version::VERSION_PATTERN})\s*/
+        ).map { |x| x[0].strip }
+      end
+
+      def ruby_range(req_string)
+        parts = req_string.split(".")
+
+        # If we have three or more parts then this is an exact match
+        return req_string if parts.count >= 3
+
+        # If we have no parts then the version is completely unlocked
+        return ">= 0" if parts.count.zero?
+
+        # If we have fewer than three parts we do a partial match
+        parts << "0"
+        "~> #{parts.join('.')}"
+      end
+
+      def convert_caret_req(req_string)
+        # Copied from Cargo::Requirement which allows less than 3 components
+        # so we could be more strict in the parsing here.
+        version = req_string.gsub(/^\^/, "")
+        parts = version.split(".")
+        first_non_zero = parts.find { |d| d != "0" }
+        first_non_zero_index =
+          first_non_zero ? parts.index(first_non_zero) : parts.count - 1
+        upper_bound = parts.map.with_index do |part, i|
+          if i < first_non_zero_index then part
+          elsif i == first_non_zero_index then (part.to_i + 1).to_s
+          else
+            0
+          end
+        end.join(".")
+
+        [">= #{version}", "< #{upper_bound}"]
+      end
+    end
+  end
+end
+
+Dependabot::Utils.
+  register_requirement_class("pub", Dependabot::Pub::Requirement)

data/lib/dependabot/pub/update_checker.rb

@@ -0,0 +1,85 @@
+# frozen_string_literal: true
+
+require "dependabot/update_checkers"
+require "dependabot/update_checkers/base"
+require "dependabot/pub/helpers"
+
+module Dependabot
+  module Pub
+    class UpdateChecker < Dependabot::UpdateCheckers::Base
+      include Dependabot::Pub::Helpers
+
+      def latest_version
+        Dependabot::Pub::Version.new(current_report["latest"])
+      end
+
+      def latest_resolvable_version_with_no_unlock
+        # Version we can get if we're not allowed to change pubspec.yaml, but we
+        # allow changes in the pubspec.lock file.
+        entry = current_report["compatible"].find { |d| d["name"] == dependency.name }
+        return nil unless entry
+
+        new_version = Dependabot::Pub::Version.new(entry["version"])
+        # We ignore this solution, if any of the requirements in
+        # ignored_versions satisfy the version we're proposing as an upgrade
+        # target.
+        return nil if ignore_requirements.any? { |r| r.satisfied_by?(new_version) }
+
+        new_version
+      end
+
+      def latest_resolvable_version
+        # Latest version we can get if we're allowed to unlock the current
+        # package in pubspec.yaml
+        entry = current_report["singleBreaking"].find { |d| d["name"] == dependency.name }
+        return nil unless entry
+
+        new_version = Dependabot::Pub::Version.new(entry["version"])
+        # We ignore this solution, if any of the requirements in
+        # ignored_versions satisfy the version we're proposing as an upgrade
+        # target.
+        return nil if ignore_requirements.any? { |r| r.satisfied_by?(new_version) }
+
+        new_version
+      end
+
+      def updated_requirements
+        # Requirements that need to be changed, if obtain:
+        # latest_resolvable_version
+        entry = current_report["singleBreaking"].find { |d| d["name"] == dependency.name }
+        return unless entry
+
+        to_dependency(entry).requirements
+      end
+
+      private
+
+      def latest_version_resolvable_with_full_unlock?
+        entry = current_report["multiBreaking"].find { |d| d["name"] == dependency.name }
+        # This a bit dumb, but full-unlock is only considered if we can get the
+        # latest version!
+        entry && latest_version == Dependabot::Pub::Version.new(entry["version"])
+      end
+
+      def updated_dependencies_after_full_unlock
+        # We only expose non-transitive dependencies here...
+        direct_deps = current_report["multiBreaking"].reject do |d|
+          d["kind"] == "transitive"
+        end
+        direct_deps.map do |d|
+          to_dependency(d)
+        end
+      end
+
+      def report
+        @report ||= dependency_services_report
+      end
+
+      def current_report
+        report.find { |d| d["name"] == dependency.name }
+      end
+    end
+  end
+end
+
+Dependabot::UpdateCheckers.register("pub", Dependabot::Pub::UpdateChecker)

data/lib/dependabot/pub/version.rb

@@ -0,0 +1,48 @@
+# frozen_string_literal: true
+
+require "dependabot/utils"
+require "rubygems_version_patch"
+
+# Dart pre-release versions use 1.0.1-rc1 syntax, which Gem::Version
+# converts into 1.0.1.pre.rc1. We override the `to_s` method to stop that
+# alteration.
+#
+# For details on versions syntax supported by pub, see:
+# https://semver.org/spec/v2.0.0-rc.1.html
+#
+# For details on semantics of version ranges as understood by pub, see:
+# https://github.com/dart-lang/pub_semver
+
+module Dependabot
+  module Pub
+    class Version < Gem::Version
+      VERSION_PATTERN = Gem::Version::VERSION_PATTERN + "(\\+[0-9a-zA-Z\\-.]+)?"
+      ANCHORED_VERSION_PATTERN = /\A\s*(#{VERSION_PATTERN})?\s*\z/.freeze
+
+      attr_reader :build_info
+
+      def initialize(version)
+        @version_string = version.to_s
+        version, @build_info = version.to_s.split("+") if version.to_s.include?("+")
+
+        super
+      end
+
+      def to_s
+        @version_string
+      end
+
+      def inspect # :nodoc:
+        "#<#{self.class} #{@version_string}>"
+      end
+
+      def self.correct?(version)
+        return false if version.nil?
+
+        version.to_s.match?(ANCHORED_VERSION_PATTERN)
+      end
+    end
+  end
+end
+
+Dependabot::Utils.register_version_class("pub", Dependabot::Pub::Version)

data/lib/dependabot/pub.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+# These all need to be required so the various classes can be registered in a
+# lookup table of package manager names to concrete classes.
+require "dependabot/pub/file_fetcher"
+require "dependabot/pub/file_parser"
+require "dependabot/pub/update_checker"
+require "dependabot/pub/file_updater"
+require "dependabot/pub/metadata_finder"
+require "dependabot/pub/requirement"
+require "dependabot/pub/version"
+
+require "dependabot/pull_request_creator/labeler"
+Dependabot::PullRequestCreator::Labeler.
+  register_label_details("pub", name: "dart", colour: "000000")
+
+require "dependabot/dependency"
+Dependabot::Dependency.register_production_check("pub", ->(_) { true })
+
+require "dependabot/utils"
+Dependabot::Utils.register_always_clone("pub")

metadata

@@ -0,0 +1,220 @@
+--- !ruby/object:Gem::Specification
+name: dependabot-pub
+version: !ruby/object:Gem::Version
+  version: 0.176.0
+platform: ruby
+authors:
+- Dependabot
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2022-02-28 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: dependabot-common
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.176.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.176.0
+- !ruby/object:Gem::Dependency
+  name: debug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.0.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.0.0
+- !ruby/object:Gem::Dependency
+  name: gpgme
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '13'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '13'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.8'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.8'
+- !ruby/object:Gem::Dependency
+  name: rspec-its
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.2'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.2'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.23.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.23.0
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.21.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.21.0
+- !ruby/object:Gem::Dependency
+  name: simplecov-console
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.9.1
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.9.1
+- !ruby/object:Gem::Dependency
+  name: stackprof
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.2.16
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.2.16
+- !ruby/object:Gem::Dependency
+  name: vcr
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 6.0.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 6.0.0
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.4'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.4'
+description: Automated dependency management for Ruby, JavaScript, Python, PHP, Elixir,
+  Rust, Java, .NET, Elm and Go
+email: support@dependabot.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/dependabot/pub.rb
+- lib/dependabot/pub/file_fetcher.rb
+- lib/dependabot/pub/file_parser.rb
+- lib/dependabot/pub/file_updater.rb
+- lib/dependabot/pub/helpers.rb
+- lib/dependabot/pub/metadata_finder.rb
+- lib/dependabot/pub/requirement.rb
+- lib/dependabot/pub/update_checker.rb
+- lib/dependabot/pub/version.rb
+homepage: https://github.com/dependabot/dependabot-core
+licenses:
+- Nonstandard
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.5.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.5.0
+requirements: []
+rubygems_version: 3.1.4
+signing_key:
+specification_version: 4
+summary: Dart (pub) support for dependabot
+test_files: []