Skip to content

Commit

Permalink
Merge branch 'main' into dependabot/nuget/nuget/helpers/lib/NuGetUpda…
Browse files Browse the repository at this point in the history 
…ter/xunit-2.9.3
  • Loading branch information
@abdulapopoola
abdulapopoola authored Jan 22, 2025
2 parents bd40d23 + 46fcd61 commit 2f26660
Show file tree
Hide file tree
Showing 118 changed files with 3,008 additions and 697 deletions.
84 changes: 42 additions & 42 deletions Gemfile.lock
View file
Original file line number Diff line number Diff line change
@@ -1,20 +1,20 @@
PATH
remote: bundler
specs:
dependabot-bundler (0.292.0)
dependabot-common (= 0.292.0)
dependabot-bundler (0.293.0)
dependabot-common (= 0.293.0)
parallel (~> 1.24)

PATH
remote: cargo
specs:
dependabot-cargo (0.292.0)
dependabot-common (= 0.292.0)
dependabot-cargo (0.293.0)
dependabot-common (= 0.293.0)

PATH
remote: common
specs:
dependabot-common (0.292.0)
dependabot-common (0.293.0)
aws-sdk-codecommit (~> 1.28)
aws-sdk-ecr (~> 1.5)
bundler (>= 1.16, < 3.0.0)
Expand All @@ -38,113 +38,113 @@ PATH
PATH
remote: composer
specs:
dependabot-composer (0.292.0)
dependabot-common (= 0.292.0)
dependabot-composer (0.293.0)
dependabot-common (= 0.293.0)

PATH
remote: devcontainers
specs:
dependabot-devcontainers (0.292.0)
dependabot-common (= 0.292.0)
dependabot-devcontainers (0.293.0)
dependabot-common (= 0.293.0)

PATH
remote: docker
specs:
dependabot-docker (0.292.0)
dependabot-common (= 0.292.0)
dependabot-docker (0.293.0)
dependabot-common (= 0.293.0)

PATH
remote: dotnet_sdk
specs:
dependabot-dotnet_sdk (0.292.0)
dependabot-common (= 0.292.0)
dependabot-dotnet_sdk (0.293.0)
dependabot-common (= 0.293.0)

PATH
remote: elm
specs:
dependabot-elm (0.292.0)
dependabot-common (= 0.292.0)
dependabot-elm (0.293.0)
dependabot-common (= 0.293.0)

PATH
remote: git_submodules
specs:
dependabot-git_submodules (0.292.0)
dependabot-common (= 0.292.0)
dependabot-git_submodules (0.293.0)
dependabot-common (= 0.293.0)
parseconfig (~> 1.0, < 1.1.0)

PATH
remote: github_actions
specs:
dependabot-github_actions (0.292.0)
dependabot-common (= 0.292.0)
dependabot-github_actions (0.293.0)
dependabot-common (= 0.293.0)

PATH
remote: go_modules
specs:
dependabot-go_modules (0.292.0)
dependabot-common (= 0.292.0)
dependabot-go_modules (0.293.0)
dependabot-common (= 0.293.0)

PATH
remote: gradle
specs:
dependabot-gradle (0.292.0)
dependabot-common (= 0.292.0)
dependabot-maven (= 0.292.0)
dependabot-gradle (0.293.0)
dependabot-common (= 0.293.0)
dependabot-maven (= 0.293.0)

PATH
remote: hex
specs:
dependabot-hex (0.292.0)
dependabot-common (= 0.292.0)
dependabot-hex (0.293.0)
dependabot-common (= 0.293.0)

PATH
remote: maven
specs:
dependabot-maven (0.292.0)
dependabot-common (= 0.292.0)
dependabot-maven (0.293.0)
dependabot-common (= 0.293.0)

PATH
remote: npm_and_yarn
specs:
dependabot-npm_and_yarn (0.292.0)
dependabot-common (= 0.292.0)
dependabot-npm_and_yarn (0.293.0)
dependabot-common (= 0.293.0)

PATH
remote: nuget
specs:
dependabot-nuget (0.292.0)
dependabot-common (= 0.292.0)
dependabot-nuget (0.293.0)
dependabot-common (= 0.293.0)
rubyzip (>= 2.3.2, < 3.0)

PATH
remote: pub
specs:
dependabot-pub (0.292.0)
dependabot-common (= 0.292.0)
dependabot-pub (0.293.0)
dependabot-common (= 0.293.0)

PATH
remote: python
specs:
dependabot-python (0.292.0)
dependabot-common (= 0.292.0)
dependabot-python (0.293.0)
dependabot-common (= 0.293.0)

PATH
remote: silent
specs:
dependabot-silent (0.292.0)
dependabot-common (= 0.292.0)
dependabot-silent (0.293.0)
dependabot-common (= 0.293.0)

PATH
remote: swift
specs:
dependabot-swift (0.292.0)
dependabot-common (= 0.292.0)
dependabot-swift (0.293.0)
dependabot-common (= 0.293.0)

PATH
remote: terraform
specs:
dependabot-terraform (0.292.0)
dependabot-common (= 0.292.0)
dependabot-terraform (0.293.0)
dependabot-common (= 0.293.0)

GEM
remote: https://rubygems.org/
Expand Down
4 changes: 4 additions & 0 deletions bin/dry-run.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -274,6 +274,10 @@
"Output pull request information metadata: title, description") do
$options[:pull_request] = true
end

opts.on("--enable-beta-ecosystems", "Enable beta ecosystems") do |_value|
$options[:updater_options] = { enable_beta_ecosystems: true }
end
end
# rubocop:enable Metrics/BlockLength

Expand Down
38 changes: 28 additions & 10 deletions bundler/lib/dependabot/bundler/file_updater/gemfile_updater.rb
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# typed: true
# typed: strict
# frozen_string_literal: true

require "dependabot/bundler/file_updater"
Expand All @@ -7,19 +7,23 @@ module Dependabot
module Bundler
class FileUpdater
class GemfileUpdater
extend T::Sig

GEMFILE_FILENAMES = %w(Gemfile gems.rb).freeze

require_relative "git_pin_replacer"
require_relative "git_source_remover"
require_relative "requirement_replacer"

sig { params(dependencies: T::Array[Dependabot::Dependency], gemfile: Dependabot::DependencyFile).void }
def initialize(dependencies:, gemfile:)
@dependencies = dependencies
@gemfile = gemfile
end

sig { returns(String) }
def updated_gemfile_content
content = gemfile.content
content = T.must(gemfile.content)

dependencies.each do |dependency|
content = replace_gemfile_version_requirement(
Expand All @@ -38,21 +42,27 @@ def updated_gemfile_content

private

sig { returns(T::Array[Dependabot::Dependency]) }
attr_reader :dependencies

sig { returns(Dependabot::DependencyFile) }
attr_reader :gemfile

sig do
params(dependency: Dependabot::Dependency, file: Dependabot::DependencyFile, content: String).returns(String)
end
def replace_gemfile_version_requirement(dependency, file, content)
return content unless requirement_changed?(file, dependency)

updated_requirement =
dependency.requirements
.find { |r| r[:file] == file.name }
.fetch(:requirement)
&.fetch(:requirement)

previous_requirement =
dependency.previous_requirements
.find { |r| r[:file] == file.name }
.fetch(:requirement)
&.find { |r| r[:file] == file.name }
&.fetch(:requirement)

RequirementReplacer.new(
dependency: dependency,
Expand All @@ -62,27 +72,30 @@ def replace_gemfile_version_requirement(dependency, file, content)
).rewrite(content)
end

sig { params(file: Dependabot::DependencyFile, dependency: Dependabot::Dependency).returns(T::Boolean) }
def requirement_changed?(file, dependency)
changed_requirements =
dependency.requirements - dependency.previous_requirements
dependency.requirements - T.must(dependency.previous_requirements)

changed_requirements.any? { |f| f[:file] == file.name }
end

sig { params(dependency: Dependabot::Dependency).returns(T::Boolean) }
def remove_git_source?(dependency)
old_gemfile_req =
dependency.previous_requirements
.find { |f| GEMFILE_FILENAMES.include?(f[:file]) }
&.find { |f| GEMFILE_FILENAMES.include?(f[:file]) }

return false unless old_gemfile_req&.dig(:source, :type) == "git"

new_gemfile_req =
dependency.requirements
.find { |f| GEMFILE_FILENAMES.include?(f[:file]) }

new_gemfile_req[:source].nil?
T.must(new_gemfile_req)[:source].nil?
end

sig { params(dependency: Dependabot::Dependency, file: Dependabot::DependencyFile).returns(T::Boolean) }
def update_git_pin?(dependency, file)
new_gemfile_req =
dependency.requirements
Expand All @@ -91,18 +104,23 @@ def update_git_pin?(dependency, file)

# If the new requirement is a git dependency with a ref then there's
# no harm in doing an update
new_gemfile_req.dig(:source, :ref)
!T.must(new_gemfile_req).dig(:source, :ref).nil?
end

sig { params(dependency: Dependabot::Dependency, content: String).returns(String) }
def remove_gemfile_git_source(dependency, content)
GitSourceRemover.new(dependency: dependency).rewrite(content)
end

sig do
params(dependency: Dependabot::Dependency, file: Dependabot::DependencyFile, content: String).returns(String)
end
def update_gemfile_git_pin(dependency, file, content)
new_pin =
dependency.requirements
.find { |f| f[:file] == file.name }
.fetch(:source).fetch(:ref)
&.fetch(:source)
&.fetch(:ref)

GitPinReplacer
.new(dependency: dependency, new_pin: new_pin)
Expand Down
11 changes: 10 additions & 1 deletion bundler/lib/dependabot/bundler/file_updater/gemspec_dependency_name_finder.rb
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# typed: true
# typed: strict
# frozen_string_literal: true

require "parser/current"
Expand All @@ -8,13 +8,20 @@ module Dependabot
module Bundler
class FileUpdater
class GemspecDependencyNameFinder
extend T::Sig

ChildNode = T.type_alias { T.nilable(T.any(Parser::AST::Node, Symbol, String)) }

sig { returns(String) }
attr_reader :gemspec_content

sig { params(gemspec_content: String).void }
def initialize(gemspec_content:)
@gemspec_content = gemspec_content
end

# rubocop:disable Security/Eval
sig { returns(T.nilable(String)) }
def dependency_name
ast = Parser::CurrentRuby.parse(gemspec_content)
dependency_name_node = find_dependency_name_node(ast)
Expand All @@ -30,6 +37,7 @@ def dependency_name

private

sig { params(node: ChildNode).returns(T.nilable(Parser::AST::Node)) }
def find_dependency_name_node(node)
return unless node.is_a?(Parser::AST::Node)
return node if declares_dependency_name?(node)
Expand All @@ -40,6 +48,7 @@ def find_dependency_name_node(node)
end
end

sig { params(node: ChildNode).returns(T::Boolean) }
def declares_dependency_name?(node)
return false unless node.is_a?(Parser::AST::Node)

Expand Down
Loading

0 comments on commit 2f26660

Please sign in to comment.