From 71ad8ddd68bb393e33893a09971a588927beaa10 Mon Sep 17 00:00:00 2001
From: Mark Allen <markhallen@gmail.com>
Date: Fri, 10 Jan 2025 12:28:39 +0000
Subject: [PATCH] Add BunPackageManager

Co-authored-by: Ashcon Partovi <ashcon@partovi.ne>
---
 .../npm_and_yarn/bun_package_manager.rb       | 46 +++++++++++++
 .../npm_and_yarn/package_manager.rb           |  1 +
 .../npm_and_yarn/bun_package_manager_spec.rb  | 65 +++++++++++++++++++
 3 files changed, 112 insertions(+)
 create mode 100644 npm_and_yarn/lib/dependabot/npm_and_yarn/bun_package_manager.rb
 create mode 100644 npm_and_yarn/spec/dependabot/npm_and_yarn/bun_package_manager_spec.rb

diff --git a/npm_and_yarn/lib/dependabot/npm_and_yarn/bun_package_manager.rb b/npm_and_yarn/lib/dependabot/npm_and_yarn/bun_package_manager.rb
new file mode 100644
index 0000000000..a44150c023
--- /dev/null
+++ b/npm_and_yarn/lib/dependabot/npm_and_yarn/bun_package_manager.rb
@@ -0,0 +1,46 @@
+# typed: strong
+# frozen_string_literal: true
+
+module Dependabot
+  module NpmAndYarn
+    class BunPackageManager < Ecosystem::VersionManager
+      extend T::Sig
+      NAME = "bun"
+      LOCKFILE_NAME = "bun.lock"
+
+      # In Bun 1.1.39, the lockfile format was changed from a binary bun.lockb to a text-based bun.lock.
+      # https://bun.sh/blog/bun-lock-text-lockfile
+      MIN_SUPPORTED_VERSION = Version.new("1.1.39")
+      SUPPORTED_VERSIONS = T.let([MIN_SUPPORTED_VERSION].freeze, T::Array[Dependabot::Version])
+      DEPRECATED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
+
+      sig do
+        params(
+          detected_version: T.nilable(String),
+          raw_version: T.nilable(String),
+          requirement: T.nilable(Dependabot::NpmAndYarn::Requirement)
+        ).void
+      end
+      def initialize(detected_version: nil, raw_version: nil, requirement: nil)
+        super(
+          name: NAME,
+          detected_version: detected_version ? Version.new(detected_version) : nil,
+          version: raw_version ? Version.new(raw_version) : nil,
+          deprecated_versions: DEPRECATED_VERSIONS,
+          supported_versions: SUPPORTED_VERSIONS,
+          requirement: requirement
+        )
+      end
+
+      sig { override.returns(T::Boolean) }
+      def deprecated?
+        false
+      end
+
+      sig { override.returns(T::Boolean) }
+      def unsupported?
+        supported_versions.all? { |supported| supported > version }
+      end
+    end
+  end
+end
diff --git a/npm_and_yarn/lib/dependabot/npm_and_yarn/package_manager.rb b/npm_and_yarn/lib/dependabot/npm_and_yarn/package_manager.rb
index 013b2c91d4..25ae857dd2 100644
--- a/npm_and_yarn/lib/dependabot/npm_and_yarn/package_manager.rb
+++ b/npm_and_yarn/lib/dependabot/npm_and_yarn/package_manager.rb
@@ -9,6 +9,7 @@
 require "dependabot/npm_and_yarn/npm_package_manager"
 require "dependabot/npm_and_yarn/yarn_package_manager"
 require "dependabot/npm_and_yarn/pnpm_package_manager"
+require "dependabot/npm_and_yarn/bun_package_manager"
 require "dependabot/npm_and_yarn/language"
 
 module Dependabot
diff --git a/npm_and_yarn/spec/dependabot/npm_and_yarn/bun_package_manager_spec.rb b/npm_and_yarn/spec/dependabot/npm_and_yarn/bun_package_manager_spec.rb
new file mode 100644
index 0000000000..189bc0f1e2
--- /dev/null
+++ b/npm_and_yarn/spec/dependabot/npm_and_yarn/bun_package_manager_spec.rb
@@ -0,0 +1,65 @@
+# typed: false
+# frozen_string_literal: true
+
+require "dependabot/npm_and_yarn/package_manager"
+require "dependabot/ecosystem"
+require "spec_helper"
+
+RSpec.describe Dependabot::NpmAndYarn::BunPackageManager do
+  let(:package_manager) do
+    described_class.new(
+      detected_version: detected_version,
+      raw_version: raw_version
+    )
+  end
+
+  let(:detected_version) { "1" }
+  let(:raw_version) { "1.1.39" }
+
+  describe "#initialize" do
+    context "when version is a String" do
+      it "sets the version correctly" do
+        expect(package_manager.detected_version).to eq(Dependabot::Version.new(detected_version))
+        expect(package_manager.version).to eq(Dependabot::Version.new(raw_version))
+      end
+
+      it "sets the name correctly" do
+        expect(package_manager.name).to eq(Dependabot::NpmAndYarn::BunPackageManager::NAME)
+      end
+
+      it "sets the deprecated_versions correctly" do
+        expect(package_manager.deprecated_versions).to eq(
+          Dependabot::NpmAndYarn::BunPackageManager::DEPRECATED_VERSIONS
+        )
+      end
+
+      it "sets the supported_versions correctly" do
+        expect(package_manager.supported_versions).to eq(Dependabot::NpmAndYarn::BunPackageManager::SUPPORTED_VERSIONS)
+      end
+    end
+  end
+
+  describe "#deprecated?" do
+    it "returns false" do
+      expect(package_manager.deprecated?).to be false
+    end
+  end
+
+  describe "#unsupported?" do
+    context "when version is the minimum supported version" do
+      let(:detected_version) { Dependabot::NpmAndYarn::BunPackageManager::MIN_SUPPORTED_VERSION.to_s }
+
+      it "returns false" do
+        expect(package_manager.unsupported?).to be false
+      end
+    end
+
+    context "when version is unsupported" do
+      let(:raw_version) { "1.1.38" }
+
+      it "returns true" do
+        expect(package_manager.unsupported?).to be true
+      end
+    end
+  end
+end