dependabot-pub 0.246.0 → 0.248.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/pub/helpers.rb +5 -4
- data/lib/dependabot/pub/update_checker.rb +11 -8
- data/lib/dependabot/pub/version.rb +7 -28
- metadata +19 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b4f8ff545c9900c79f579533364606ea5e54f45be25d29259d6271d7091d8619
|
|
4
|
+
data.tar.gz: cfa34000800b96a467a2853094166beaff98f26944a7e6d7a1114b2488162ff7
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6f85e150c942a1e363663d332e205696d128e017655205596e7810264ec9a1a504e54ab8dc60f1007db4aa170e077dd36a86e4cd4002b47ceb897f38fb3d1df9
|
|
7
|
+
data.tar.gz: da9d4188cc360691b6c1edf6702f362728cb7c05accc0caa48256755660ccf3be0b5010b8294885dc9308f4c439345ffb2c1bc21a84829ce0d69ab0b462f9e4d
|
|
@@ -7,8 +7,9 @@ require "digest"
|
|
|
7
7
|
|
|
8
8
|
require "dependabot/errors"
|
|
9
9
|
require "dependabot/logger"
|
|
10
|
-
require "dependabot/shared_helpers"
|
|
11
10
|
require "dependabot/pub/requirement"
|
|
11
|
+
require "dependabot/requirements_update_strategy"
|
|
12
|
+
require "dependabot/shared_helpers"
|
|
12
13
|
|
|
13
14
|
module Dependabot
|
|
14
15
|
module Pub
|
|
@@ -335,11 +336,11 @@ module Dependabot
|
|
|
335
336
|
# strategies.
|
|
336
337
|
def constraint_field_from_update_strategy(requirements_update_strategy)
|
|
337
338
|
case requirements_update_strategy
|
|
338
|
-
when
|
|
339
|
+
when RequirementsUpdateStrategy::WidenRanges
|
|
339
340
|
"constraintWidened"
|
|
340
|
-
when
|
|
341
|
+
when RequirementsUpdateStrategy::BumpVersions
|
|
341
342
|
"constraintBumped"
|
|
342
|
-
when
|
|
343
|
+
when RequirementsUpdateStrategy::BumpVersionsIfNecessary
|
|
343
344
|
"constraintBumpedIfNeeded"
|
|
344
345
|
end
|
|
345
346
|
end
|
|
@@ -1,12 +1,14 @@
|
|
|
1
1
|
# typed: true
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
|
+
require "sorbet-runtime"
|
|
5
|
+
require "yaml"
|
|
6
|
+
|
|
7
|
+
require "dependabot/pub/helpers"
|
|
8
|
+
require "dependabot/requirements_update_strategy"
|
|
4
9
|
require "dependabot/update_checkers"
|
|
5
10
|
require "dependabot/update_checkers/base"
|
|
6
11
|
require "dependabot/update_checkers/version_filters"
|
|
7
|
-
require "dependabot/pub/helpers"
|
|
8
|
-
require "sorbet-runtime"
|
|
9
|
-
require "yaml"
|
|
10
12
|
|
|
11
13
|
module Dependabot
|
|
12
14
|
module Pub
|
|
@@ -156,23 +158,24 @@ module Dependabot
|
|
|
156
158
|
|
|
157
159
|
def resolve_requirements_update_strategy
|
|
158
160
|
raise "Unexpected requirements_update_strategy #{requirements_update_strategy}" unless
|
|
159
|
-
[nil,
|
|
161
|
+
[nil, RequirementsUpdateStrategy::WidenRanges, RequirementsUpdateStrategy::BumpVersions,
|
|
162
|
+
RequirementsUpdateStrategy::BumpVersionsIfNecessary].include? requirements_update_strategy
|
|
160
163
|
|
|
161
164
|
if requirements_update_strategy.nil?
|
|
162
165
|
# Check for a version field in the pubspec.yaml. If it is present
|
|
163
166
|
# we assume the package is a library, and the requirement update
|
|
164
167
|
# strategy is widening. Otherwise we assume it is an application, and
|
|
165
|
-
# go for
|
|
168
|
+
# go for RequirementsUpdateStrategy::BumpVersions.
|
|
166
169
|
pubspec = T.must(dependency_files.find { |d| d.name == "pubspec.yaml" })
|
|
167
170
|
begin
|
|
168
171
|
parsed_pubspec = YAML.safe_load(T.must(pubspec.content), aliases: false)
|
|
169
172
|
rescue ScriptError
|
|
170
|
-
return
|
|
173
|
+
return RequirementsUpdateStrategy::BumpVersions
|
|
171
174
|
end
|
|
172
175
|
if parsed_pubspec["version"].nil? || parsed_pubspec["publish_to"] == "none"
|
|
173
|
-
|
|
176
|
+
RequirementsUpdateStrategy::BumpVersions
|
|
174
177
|
else
|
|
175
|
-
|
|
178
|
+
RequirementsUpdateStrategy::WidenRanges
|
|
176
179
|
end
|
|
177
180
|
else
|
|
178
181
|
requirements_update_strategy
|
|
@@ -25,20 +25,7 @@ module Dependabot
|
|
|
25
25
|
sig { returns(String) }
|
|
26
26
|
attr_reader :build_info
|
|
27
27
|
|
|
28
|
-
sig
|
|
29
|
-
override
|
|
30
|
-
.overridable
|
|
31
|
-
.params(
|
|
32
|
-
version: T.any(
|
|
33
|
-
String,
|
|
34
|
-
Integer,
|
|
35
|
-
Float,
|
|
36
|
-
Gem::Version,
|
|
37
|
-
NilClass
|
|
38
|
-
)
|
|
39
|
-
)
|
|
40
|
-
.void
|
|
41
|
-
end
|
|
28
|
+
sig { override.params(version: VersionParameter).void }
|
|
42
29
|
def initialize(version)
|
|
43
30
|
@version_string = T.let(version.to_s, String)
|
|
44
31
|
version, @build_info = version.to_s.split("+") if version.to_s.include?("+")
|
|
@@ -46,6 +33,11 @@ module Dependabot
|
|
|
46
33
|
super(T.must(version))
|
|
47
34
|
end
|
|
48
35
|
|
|
36
|
+
sig { override.params(version: VersionParameter).returns(Dependabot::Pub::Version) }
|
|
37
|
+
def self.new(version)
|
|
38
|
+
T.cast(super, Dependabot::Pub::Version)
|
|
39
|
+
end
|
|
40
|
+
|
|
49
41
|
sig { override.returns(String) }
|
|
50
42
|
def to_s
|
|
51
43
|
@version_string
|
|
@@ -56,20 +48,7 @@ module Dependabot
|
|
|
56
48
|
"#<#{self.class} #{@version_string}>"
|
|
57
49
|
end
|
|
58
50
|
|
|
59
|
-
sig
|
|
60
|
-
override
|
|
61
|
-
.overridable
|
|
62
|
-
.params(
|
|
63
|
-
version: T.any(
|
|
64
|
-
String,
|
|
65
|
-
Integer,
|
|
66
|
-
Float,
|
|
67
|
-
Gem::Version,
|
|
68
|
-
NilClass
|
|
69
|
-
)
|
|
70
|
-
)
|
|
71
|
-
.returns(T::Boolean)
|
|
72
|
-
end
|
|
51
|
+
sig { override.params(version: VersionParameter).returns(T::Boolean) }
|
|
73
52
|
def self.correct?(version)
|
|
74
53
|
return false if version.nil?
|
|
75
54
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-pub
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.248.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-03-
|
|
11
|
+
date: 2024-03-21 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.248.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.248.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -136,6 +136,20 @@ dependencies:
|
|
|
136
136
|
- - "~>"
|
|
137
137
|
- !ruby/object:Gem::Version
|
|
138
138
|
version: 1.19.0
|
|
139
|
+
- !ruby/object:Gem::Dependency
|
|
140
|
+
name: rubocop-rspec
|
|
141
|
+
requirement: !ruby/object:Gem::Requirement
|
|
142
|
+
requirements:
|
|
143
|
+
- - "~>"
|
|
144
|
+
- !ruby/object:Gem::Version
|
|
145
|
+
version: 2.27.1
|
|
146
|
+
type: :development
|
|
147
|
+
prerelease: false
|
|
148
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
149
|
+
requirements:
|
|
150
|
+
- - "~>"
|
|
151
|
+
- !ruby/object:Gem::Version
|
|
152
|
+
version: 2.27.1
|
|
139
153
|
- !ruby/object:Gem::Dependency
|
|
140
154
|
name: rubocop-sorbet
|
|
141
155
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -242,7 +256,7 @@ licenses:
|
|
|
242
256
|
- Nonstandard
|
|
243
257
|
metadata:
|
|
244
258
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
245
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
259
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.248.0
|
|
246
260
|
post_install_message:
|
|
247
261
|
rdoc_options: []
|
|
248
262
|
require_paths:
|