dependabot-pub 0.246.0 → 0.248.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/pub/helpers.rb +5 -4
- data/lib/dependabot/pub/update_checker.rb +11 -8
- data/lib/dependabot/pub/version.rb +7 -28
- metadata +19 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b4f8ff545c9900c79f579533364606ea5e54f45be25d29259d6271d7091d8619
|
|
4
|
+
data.tar.gz: cfa34000800b96a467a2853094166beaff98f26944a7e6d7a1114b2488162ff7
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6f85e150c942a1e363663d332e205696d128e017655205596e7810264ec9a1a504e54ab8dc60f1007db4aa170e077dd36a86e4cd4002b47ceb897f38fb3d1df9
|
|
7
|
+
data.tar.gz: da9d4188cc360691b6c1edf6702f362728cb7c05accc0caa48256755660ccf3be0b5010b8294885dc9308f4c439345ffb2c1bc21a84829ce0d69ab0b462f9e4d
|
|
@@ -7,8 +7,9 @@ require "digest"
|
|
|
7
7
|
|
|
8
8
|
require "dependabot/errors"
|
|
9
9
|
require "dependabot/logger"
|
|
10
|
-
require "dependabot/shared_helpers"
|
|
11
10
|
require "dependabot/pub/requirement"
|
|
11
|
+
require "dependabot/requirements_update_strategy"
|
|
12
|
+
require "dependabot/shared_helpers"
|
|
12
13
|
|
|
13
14
|
module Dependabot
|
|
14
15
|
module Pub
|
|
@@ -335,11 +336,11 @@ module Dependabot
|
|
|
335
336
|
# strategies.
|
|
336
337
|
def constraint_field_from_update_strategy(requirements_update_strategy)
|
|
337
338
|
case requirements_update_strategy
|
|
338
|
-
when
|
|
339
|
+
when RequirementsUpdateStrategy::WidenRanges
|
|
339
340
|
"constraintWidened"
|
|
340
|
-
when
|
|
341
|
+
when RequirementsUpdateStrategy::BumpVersions
|
|
341
342
|
"constraintBumped"
|
|
342
|
-
when
|
|
343
|
+
when RequirementsUpdateStrategy::BumpVersionsIfNecessary
|
|
343
344
|
"constraintBumpedIfNeeded"
|
|
344
345
|
end
|
|
345
346
|
end
|
|
@@ -1,12 +1,14 @@
|
|
|
1
1
|
# typed: true
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
|
+
require "sorbet-runtime"
|
|
5
|
+
require "yaml"
|
|
6
|
+
|
|
7
|
+
require "dependabot/pub/helpers"
|
|
8
|
+
require "dependabot/requirements_update_strategy"
|
|
4
9
|
require "dependabot/update_checkers"
|
|
5
10
|
require "dependabot/update_checkers/base"
|
|
6
11
|
require "dependabot/update_checkers/version_filters"
|
|
7
|
-
require "dependabot/pub/helpers"
|
|
8
|
-
require "sorbet-runtime"
|
|
9
|
-
require "yaml"
|
|
10
12
|
|
|
11
13
|
module Dependabot
|
|
12
14
|
module Pub
|
|
@@ -156,23 +158,24 @@ module Dependabot
|
|
|
156
158
|
|
|
157
159
|
def resolve_requirements_update_strategy
|
|
158
160
|
raise "Unexpected requirements_update_strategy #{requirements_update_strategy}" unless
|
|
159
|
-
[nil,
|
|
161
|
+
[nil, RequirementsUpdateStrategy::WidenRanges, RequirementsUpdateStrategy::BumpVersions,
|
|
162
|
+
RequirementsUpdateStrategy::BumpVersionsIfNecessary].include? requirements_update_strategy
|
|
160
163
|
|
|
161
164
|
if requirements_update_strategy.nil?
|
|
162
165
|
# Check for a version field in the pubspec.yaml. If it is present
|
|
163
166
|
# we assume the package is a library, and the requirement update
|
|
164
167
|
# strategy is widening. Otherwise we assume it is an application, and
|
|
165
|
-
# go for
|
|
168
|
+
# go for RequirementsUpdateStrategy::BumpVersions.
|
|
166
169
|
pubspec = T.must(dependency_files.find { |d| d.name == "pubspec.yaml" })
|
|
167
170
|
begin
|
|
168
171
|
parsed_pubspec = YAML.safe_load(T.must(pubspec.content), aliases: false)
|
|
169
172
|
rescue ScriptError
|
|
170
|
-
return
|
|
173
|
+
return RequirementsUpdateStrategy::BumpVersions
|
|
171
174
|
end
|
|
172
175
|
if parsed_pubspec["version"].nil? || parsed_pubspec["publish_to"] == "none"
|
|
173
|
-
|
|
176
|
+
RequirementsUpdateStrategy::BumpVersions
|
|
174
177
|
else
|
|
175
|
-
|
|
178
|
+
RequirementsUpdateStrategy::WidenRanges
|
|
176
179
|
end
|
|
177
180
|
else
|
|
178
181
|
requirements_update_strategy
|
|
@@ -25,20 +25,7 @@ module Dependabot
|
|
|
25
25
|
sig { returns(String) }
|
|
26
26
|
attr_reader :build_info
|
|
27
27
|
|
|
28
|
-
sig
|
|
29
|
-
override
|
|
30
|
-
.overridable
|
|
31
|
-
.params(
|
|
32
|
-
version: T.any(
|
|
33
|
-
String,
|
|
34
|
-
Integer,
|
|
35
|
-
Float,
|
|
36
|
-
Gem::Version,
|
|
37
|
-
NilClass
|
|
38
|
-
)
|
|
39
|
-
)
|
|
40
|
-
.void
|
|
41
|
-
end
|
|
28
|
+
sig { override.params(version: VersionParameter).void }
|
|
42
29
|
def initialize(version)
|
|
43
30
|
@version_string = T.let(version.to_s, String)
|
|
44
31
|
version, @build_info = version.to_s.split("+") if version.to_s.include?("+")
|
|
@@ -46,6 +33,11 @@ module Dependabot
|
|
|
46
33
|
super(T.must(version))
|
|
47
34
|
end
|
|
48
35
|
|
|
36
|
+
sig { override.params(version: VersionParameter).returns(Dependabot::Pub::Version) }
|
|
37
|
+
def self.new(version)
|
|
38
|
+
T.cast(super, Dependabot::Pub::Version)
|
|
39
|
+
end
|
|
40
|
+
|
|
49
41
|
sig { override.returns(String) }
|
|
50
42
|
def to_s
|
|
51
43
|
@version_string
|
|
@@ -56,20 +48,7 @@ module Dependabot
|
|
|
56
48
|
"#<#{self.class} #{@version_string}>"
|
|
57
49
|
end
|
|
58
50
|
|
|
59
|
-
sig
|
|
60
|
-
override
|
|
61
|
-
.overridable
|
|
62
|
-
.params(
|
|
63
|
-
version: T.any(
|
|
64
|
-
String,
|
|
65
|
-
Integer,
|
|
66
|
-
Float,
|
|
67
|
-
Gem::Version,
|
|
68
|
-
NilClass
|
|
69
|
-
)
|
|
70
|
-
)
|
|
71
|
-
.returns(T::Boolean)
|
|
72
|
-
end
|
|
51
|
+
sig { override.params(version: VersionParameter).returns(T::Boolean) }
|
|
73
52
|
def self.correct?(version)
|
|
74
53
|
return false if version.nil?
|
|
75
54
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-pub
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.248.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-03-
|
|
11
|
+
date: 2024-03-21 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.248.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.248.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -136,6 +136,20 @@ dependencies:
|
|
|
136
136
|
- - "~>"
|
|
137
137
|
- !ruby/object:Gem::Version
|
|
138
138
|
version: 1.19.0
|
|
139
|
+
- !ruby/object:Gem::Dependency
|
|
140
|
+
name: rubocop-rspec
|
|
141
|
+
requirement: !ruby/object:Gem::Requirement
|
|
142
|
+
requirements:
|
|
143
|
+
- - "~>"
|
|
144
|
+
- !ruby/object:Gem::Version
|
|
145
|
+
version: 2.27.1
|
|
146
|
+
type: :development
|
|
147
|
+
prerelease: false
|
|
148
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
149
|
+
requirements:
|
|
150
|
+
- - "~>"
|
|
151
|
+
- !ruby/object:Gem::Version
|
|
152
|
+
version: 2.27.1
|
|
139
153
|
- !ruby/object:Gem::Dependency
|
|
140
154
|
name: rubocop-sorbet
|
|
141
155
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -242,7 +256,7 @@ licenses:
|
|
|
242
256
|
- Nonstandard
|
|
243
257
|
metadata:
|
|
244
258
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
245
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
259
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.248.0
|
|
246
260
|
post_install_message:
|
|
247
261
|
rdoc_options: []
|
|
248
262
|
require_paths:
|