RubyGems - dependabot-pub - Versions diffs - 0.211.0 → 0.213.0 - Mend

dependabot-pub 0.211.0 → 0.213.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/lib/dependabot/pub/helpers.rb +63 -33
data/lib/dependabot/pub/requirement.rb +4 -4
data/lib/dependabot/pub/version.rb +1 -1
metadata +19 -33

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6a982693e5e8916b1432adf5d8d37621cb645ca5c2a04b4fe82f68137ec7c286
-  data.tar.gz: 4b052daf1c0d4256b49e7b79a31235ff7e32157a2d4ac718f4ec9414fff8149e
+  metadata.gz: ae1319638c70bd17c82c7349b142a5e9047f002ca604fd5313107dc6d177801a
+  data.tar.gz: 1ca50d4cbd430e77fe396ac66a78d3d4f2c39b01aaaf725e64a5bda701898d30
 SHA512:
-  metadata.gz: e4dd8b081534cb1415f75db9f5ac43b0cd4916e40eb57e9946b7fbc778c54a28d0200d04c804af382f93049ee0bd79b5d9f4950dfa5a6bf0630968d9482a5b66
-  data.tar.gz: ce8df6bbbfbb706a472dfea47f26b47644eaf1616ca9b21b7b70f67417497d65b5ce836c7b012aed3f79fc8bdd783122a80aa276049a1a320262c9662f1f7a60
+  metadata.gz: 15352fd4cb4558b9828c34b1f183ecc77a9e18c2e2249f34b86584cca9c2b6c3dadf07bbc94c26849dd5e561bcb4917d329c5825e9a62a993828856c7f3c607d
+  data.tar.gz: 7f646b209b0031d4c5e9e56afa716ff1877e7d1143c22e4a2866e366d1d1d320fa2672675f82d956640d4c9cabd2e615df4477cedf1689a7fbc0af30649a47b3

data/lib/dependabot/pub/helpers.rb CHANGED Viewed

@@ -5,6 +5,7 @@ require "open3"
 require "digest"
 require "dependabot/errors"
+require "dependabot/logger"
 require "dependabot/shared_helpers"
 require "dependabot/pub/requirement"
@@ -12,7 +13,7 @@ module Dependabot
   module Pub
     module Helpers
       def self.pub_helpers_path
-        File.join(ENV["DEPENDABOT_NATIVE_HELPERS_PATH"], "pub")
+        File.join(ENV.fetch("DEPENDABOT_NATIVE_HELPERS_PATH", nil), "pub")
       end
       def self.run_infer_sdk_versions(url: nil)
@@ -35,7 +36,7 @@ module Dependabot
       def dependency_services_report
         sha256 = Digest::SHA256.new
         dependency_files.each do |f|
-          sha256 << f.path + "\n" + f.content + "\n"
+          sha256 << (f.path + "\n" + f.content + "\n")
         end
         hash = sha256.hexdigest
@@ -61,6 +62,7 @@ module Dependabot
       def ensure_flutter_repo
         return if File.directory?("/tmp/flutter/.git")
+        Dependabot.logger.info "Cloning the flutter repo https://github.com/flutter/flutter."
         # Make a flutter checkout
         _, stderr, status = Open3.capture3(
           {},
@@ -76,6 +78,7 @@ module Dependabot
       # Will ensure that /tmp/flutter contains the flutter repo checked out at `ref`.
       def check_out_flutter_ref(ref)
         ensure_flutter_repo
+        Dependabot.logger.info "Checking out Flutter version #{ref}"
         # Ensure we have the right version (by tag)
         _, stderr, status = Open3.capture3(
           {},
@@ -106,43 +109,70 @@ module Dependabot
       def ensure_right_flutter_release
         @ensure_right_flutter_release ||= begin
           versions = Helpers.run_infer_sdk_versions url: options[:flutter_releases_url]
-          flutter_ref = if versions
-                          "refs/tags/#{versions['flutter']}"
-                        else
-                          # Choose the 'stable' version if the tool failed to infer a version.
-                          "stable"
-                        end
+          flutter_ref =
+            if versions
+              Dependabot.logger.info(
+                "Installing the Flutter SDK version: #{versions['flutter']} " \
+                "from channel #{versions['channel']} with Dart #{versions['dart']}"
+              )
+              "refs/tags/#{versions['flutter']}"
+            else
+              Dependabot.logger.info(
+                "Failed to infer the flutter version. Attempting to use latest stable release."
+              )
+              # Choose the 'stable' version if the tool failed to infer a version.
+              "stable"
+            end
           check_out_flutter_ref flutter_ref
+          run_flutter_doctor
+          run_flutter_version
+        end
+      end
-          # Run `flutter --version` to make Flutter download engine artifacts and create flutter/version.
-          _, stderr, status = Open3.capture3(
-            {},
-            "/tmp/flutter/bin/flutter",
-            "doctor",
-            chdir: "/tmp/flutter/"
-          )
-          raise Dependabot::DependabotError, "Running 'flutter doctor' failed: #{stderr}" unless status.success?
+      def run_flutter_doctor
+        Dependabot.logger.info(
+          "Running `flutter doctor` to install artifacts and create flutter/version."
+        )
+        _, stderr, status = Open3.capture3(
+          {},
+          "/tmp/flutter/bin/flutter",
+          "doctor",
+          chdir: "/tmp/flutter/"
+        )
+        raise Dependabot::DependabotError, "Running 'flutter doctor' failed: #{stderr}" unless status.success?
+      end
-          # Run `flutter --version --machine` to get the current flutter version.
-          stdout, stderr, status = Open3.capture3(
-            {},
-            "/tmp/flutter/bin/flutter",
-            "--version",
-            "--machine",
-            chdir: "/tmp/flutter/"
-          )
-          unless status.success?
-            raise Dependabot::DependabotError,
-                  "Running 'flutter --version --machine' failed: #{stderr}"
-          end
+      # Runs `flutter version` and returns the dart and flutter version numbers in a map.
+      def run_flutter_version
+        Dependabot.logger.info "Running `flutter --version`"
+        # Run `flutter --version --machine` to get the current flutter version.
+        stdout, stderr, status = Open3.capture3(
+          {},
+          "/tmp/flutter/bin/flutter",
+          "--version",
+          "--machine",
+          chdir: "/tmp/flutter/"
+        )
+        unless status.success?
+          raise Dependabot::DependabotError,
+                "Running 'flutter --version --machine' failed: #{stderr}"
+        end
-          parsed = JSON.parse(stdout)
-          {
-            "flutter" => parsed["frameworkVersion"],
-            "dart" => parsed["dartSdkVersion"].split.first
-          }
+        parsed = JSON.parse(stdout)
+        flutter_version = parsed["frameworkVersion"]
+        dart_version = parsed["dartSdkVersion"]&.split&.first
+        unless flutter_version && dart_version
+          raise Dependabot::DependabotError,
+                "Bad output from `flutter --version`: #{stdout}"
         end
+        Dependabot.logger.info(
+          "Installed the Flutter SDK version: #{flutter_version} with Dart #{dart_version}."
+        )
+        {
+          "flutter" => flutter_version,
+          "dart" => dart_version
+        }
       end
       def run_dependency_services(command, stdin_data: nil)

data/lib/dependabot/pub/requirement.rb CHANGED Viewed

@@ -14,8 +14,8 @@ module Dependabot
       quoted = OPS.keys.map { |k| Regexp.quote(k) }.join("|")
       version_pattern = Pub::Version::VERSION_PATTERN
-      PATTERN_RAW = "\\s*(#{quoted})?\\s*(#{version_pattern})\\s*"
-      PATTERN = /\A#{PATTERN_RAW}\z/.freeze
+      PATTERN_RAW = "\\s*(#{quoted})?\\s*(#{version_pattern})\\s*".freeze
+      PATTERN = /\A#{PATTERN_RAW}\z/
       # Use Pub::Version rather than Gem::Version to ensure that
       # pre-release versions aren't transformed.
@@ -32,7 +32,7 @@ module Dependabot
         [matches[1] || "=", Pub::Version.new(matches[2])]
       end
-      # For consistency with other langauges, we define a requirements array.
+      # For consistency with other languages, we define a requirements array.
       # Dart doesn't have an `OR` separator for requirements, so it always
       # contains a single element.
       def self.requirements_array(requirement_string)
@@ -78,7 +78,7 @@ module Dependabot
       def convert_range_req(req_string)
         req_string.scan(
-          /((?:>|<|=|<=|>=)\s*#{Pub::Version::VERSION_PATTERN})\s*/
+          /((?:>|<|=|<=|>=)\s*#{Pub::Version::VERSION_PATTERN})\s*/o
         ).map { |x| x[0].strip }
       end

data/lib/dependabot/pub/version.rb CHANGED Viewed

@@ -17,7 +17,7 @@ module Dependabot
   module Pub
     class Version < Gem::Version
       VERSION_PATTERN = Gem::Version::VERSION_PATTERN + "(\\+[0-9a-zA-Z\\-.]+)?"
-      ANCHORED_VERSION_PATTERN = /\A\s*(#{VERSION_PATTERN})?\s*\z/.freeze
+      ANCHORED_VERSION_PATTERN = /\A\s*(#{VERSION_PATTERN})?\s*\z/
       attr_reader :build_info

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-pub
 version: !ruby/object:Gem::Version
-  version: 0.211.0
+  version: 0.213.0
 platform: ruby
 authors:
 - Dependabot
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-08-23 00:00:00.000000000 Z
+date: 2022-10-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,42 +16,28 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.211.0
+        version: 0.213.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.211.0
+        version: 0.213.0
 - !ruby/object:Gem::Dependency
-  name: debase
+  name: webrick
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.2.3
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.2.3
-- !ruby/object:Gem::Dependency
-  name: debase-ruby_core_source
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.10.16
+        version: '1.7'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.10.16
+        version: '1.7'
 - !ruby/object:Gem::Dependency
   name: debug
   requirement: !ruby/object:Gem::Requirement
@@ -86,14 +72,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.11.1
+        version: 3.13.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.11.1
+        version: 3.13.0
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -142,28 +128,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.35.1
+        version: 1.37.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.35.1
+        version: 1.37.1
 - !ruby/object:Gem::Dependency
-  name: ruby-debug-ide
+  name: rubocop-performance
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.7.3
+        version: 1.15.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.7.3
+        version: 1.15.0
 - !ruby/object:Gem::Dependency
   name: simplecov
   requirement: !ruby/object:Gem::Requirement
@@ -262,14 +248,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.7.0
+      version: 3.1.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.7.0
+      version: 3.1.0
 requirements: []
-rubygems_version: 3.1.6
+rubygems_version: 3.3.7
 signing_key:
 specification_version: 4
 summary: Dart (pub) support for dependabot