Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

enabled RSpec VerifiedDoubeReference rule #9981

Merged
merged 4 commits into from
Jun 13, 2024
Merged

enabled RSpec VerifiedDoubeReference rule #9981

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
d8d34de
enabled RSpec VerifiedDoubeReference rule
GarryHurleyJr Jun 12, 2024
0ee7ba1
enabled RSpec VerifiedDoubeReference rule
GarryHurleyJr Jun 12, 2024
24adb05
Merge branch 'GarryHurleyJr/enableRSpecVerifiedDoubleReference' of ht…
GarryHurleyJr Jun 13, 2024
1ca453b
Merge branch 'main' into GarryHurleyJr/enableRSpecVerifiedDoubleRefer…
GarryHurleyJr Jun 13, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 0 additions & 8 deletions .rubocop_todo.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -259,14 +259,6 @@ RSpec/UnspecifiedException:
Exclude:
- 'updater/spec/dependabot/job_spec.rb'

# Offense count: 3
# This cop supports unsafe autocorrection (--autocorrect-all).
# Configuration parameters: EnforcedStyle.
# SupportedStyles: constant, string
RSpec/VerifiedDoubleReference:
Exclude:
- 'updater/spec/dependabot/updater/operations/refresh_group_update_pull_request_spec.rb'

# Offense count: 26
# Configuration parameters: IgnoreNameless, IgnoreSymbolicNames.
RSpec/VerifiedDoubles:
Expand Down
5 changes: 3 additions & 2 deletions composer/helpers/v2/src/UpdateChecker.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ final class UpdateChecker
{
public static function getLatestResolvableVersion(array $args): ?string
{
[$workingDirectory, $dependencyName, $gitCredentials, $registryCredentials] = $args;
[$workingDirectory, $dependencyName, $gitCredentials, $registryCredentials, $latestAllowableVersion] = $args;
robaiken marked this conversation as resolved.
Show resolved Hide resolved

$httpBasicCredentials = [];

Expand Down Expand Up @@ -75,7 +75,8 @@ public static function getLatestResolvableVersion(array $args): ?string
// if no lock is present, we do not do a partial update as
// this is not supported by the Installer
if ($composer->getLocker()->isLocked()) {
$install->setUpdateAllowList([$dependencyName]);
$dependencyNameWithVersion = $dependencyName . ':' . $latestAllowableVersion;
$install->setUpdateAllowList([$dependencyNameWithVersion]);
}

$install->run();
Expand Down
3 changes: 2 additions & 1 deletion composer/lib/dependabot/composer/update_checker/version_resolver.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -148,7 +148,8 @@ def run_update_checker
Dir.pwd,
dependency.name.downcase,
git_credentials,
registry_credentials
registry_credentials,
@latest_allowable_version.to_s
]
)
end
Expand Down
12 changes: 4 additions & 8 deletions composer/spec/dependabot/composer/update_checker/version_resolver_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@
let(:dependency_version) { "2.0.4" }
let(:string_req) { "2.0.4" }

it { is_expected.to eq(Dependabot::Composer::Version.new("3.3.2")) }
it { is_expected.to eq(Dependabot::Composer::Version.new("2.0.4")) }
end

context "with an application using a >= PHP constraint" do
Expand Down Expand Up @@ -118,7 +118,7 @@
let(:dependency_version) { "1.0.2" }
let(:requirements_to_unlock) { :none }

it { is_expected.to eq(Dependabot::Composer::Version.new("1.25.1")) }
it { is_expected.to eq(Dependabot::Composer::Version.new("1.0.2")) }
end

context "with a library that requires itself" do
Expand Down Expand Up @@ -266,12 +266,8 @@
}]
end

it "raises a Dependabot::GitDependenciesNotReachable error" do
expect { resolver.latest_resolvable_version }
.to raise_error(Dependabot::GitDependenciesNotReachable) do |error|
expect(error.dependency_urls)
.to eq(["https://github.com/no-exist-sorry/monolog.git"])
end
it "does not raises an Dependabot::GitDependenciesNotReachable error, as there is no update." do
expect(subject).to eq(Dependabot::Composer::Version.new("1.0.1"))
end
end

Expand Down
66 changes: 23 additions & 43 deletions composer/spec/dependabot/composer/update_checker_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -198,7 +198,7 @@
expect(latest_resolvable_version.segments.count).to eq(3)
end

it { is_expected.to be >= Gem::Version.new("1.22.0") }
it { is_expected.to be >= Gem::Version.new("1.0.0") }

context "with a composer v1 lockfile" do
let(:project_name) { "v1/exact_version" }
Expand All @@ -209,11 +209,11 @@
context "when the user is ignoring the latest version" do
let(:ignored_versions) { [">= 1.22.0.a, < 4.0"] }

it { is_expected.to eq(Gem::Version.new("1.21.0")) }
it { is_expected.to eq(Gem::Version.new("1.0.1")) }
end

context "without a lockfile" do
it { is_expected.to be >= Gem::Version.new("1.22.0") }
it { is_expected.to be >= Gem::Version.new("1.0.1") }

context "when there are conflicts at the version specified" do
let(:project_name) { "conflicts" }
Expand Down Expand Up @@ -288,7 +288,7 @@
context "with a dev dependency" do
let(:project_name) { "development_dependencies" }

it { is_expected.to be >= Gem::Version.new("1.22.0") }
it { is_expected.to be >= Gem::Version.new("1.0.1") }
end

context "with a path source" do
Expand All @@ -300,7 +300,7 @@
end

context "when it is not the dependency we're checking" do
it { is_expected.to be >= Gem::Version.new("1.22.0") }
it { is_expected.to be >= Gem::Version.new("1.0.2") }
end

context "when it is the dependency we're checking" do
Expand Down Expand Up @@ -377,13 +377,8 @@
}]
end

it "raises a helpful error message" do
expect { checker.latest_resolvable_version }
.to raise_error do |error|
expect(error)
.to be_a(Dependabot::PrivateSourceAuthenticationFailure)
expect(error.source).to eq("php.fury.io")
end
it "does not raise an error as there is no request for version update" do
expect(latest_resolvable_version).to be >= Gem::Version.new("2.1.0")
end
end

Expand All @@ -397,13 +392,8 @@
}]
end

it "raises a helpful error message" do
expect { checker.latest_resolvable_version }
.to raise_error do |error|
expect(error)
.to be_a(Dependabot::PrivateSourceAuthenticationFailure)
expect(error.source).to eq("php.fury.io")
end
it "does not raise an error, as there is no update to the dependency" do
expect(latest_resolvable_version).to be >= Gem::Version.new("2.1.0")
end
end
end
Expand Down Expand Up @@ -489,7 +479,7 @@
let(:ignored_versions) { [">= 2.8.0"] }

it "is the highest resolvable version" do
expect(latest_resolvable_version).to eq(Gem::Version.new("2.1.7"))
expect(latest_resolvable_version).to eq(Gem::Version.new("2.1.5"))
end

context "when the blocking dependency is a git dependency" do
Expand Down Expand Up @@ -598,7 +588,7 @@
}]
end

it { is_expected.to be >= Gem::Version.new("1.3.0") }
it { is_expected.to be >= Gem::Version.new("1.0.1") }
end

context "with a git source dependency that's not the dependency we're checking with an alias" do
Expand All @@ -614,7 +604,7 @@
}]
end

it { is_expected.to be >= Gem::Version.new("1.3.0") }
it { is_expected.to be >= Gem::Version.new("1.0.1") }
end

context "with a git source dependency that's not the dependency we're checking with a stability flag" do
Expand Down Expand Up @@ -655,7 +645,7 @@
# fine - the below is just what we get with Composer at the moment
# because we disabled downloading the files in
# DependabotInstallationManager.
it { is_expected.to be >= Gem::Version.new("1.3.0") }
it { is_expected.to be >= Gem::Version.new("1.0.1") }
end

context "with a git source dependency that's not the dependency we're checking with a git URL" do
Expand All @@ -671,7 +661,7 @@
}]
end

it { is_expected.to be >= Gem::Version.new("1.3.0") }
it { is_expected.to be >= Gem::Version.new("1.0.1") }
end

context "with a git source dependency that's not the dependency we're checking that is unreachable" do
Expand All @@ -687,25 +677,15 @@
}]
end

it "raises a helpful error" do
expect { checker.latest_resolvable_version }
.to raise_error do |error|
expect(error).to be_a(Dependabot::GitDependenciesNotReachable)
expect(error.dependency_urls)
.to eq(["https://github.com/no-exist-sorry/monolog.git"])
end
it "does not raise an error as there is no request for dependency version update." do
expect(subject).to be >= Gem::Version.new("1.0.1")
end

context "with a git URL" do
let(:project_name) { "git_source_unreachable_git_url" }

it "raises a helpful error" do
expect { checker.latest_resolvable_version }
.to raise_error do |error|
expect(error).to be_a(Dependabot::GitDependenciesNotReachable)
expect(error.dependency_urls)
.to eq(["git@github.com:no-exist-sorry/monolog"])
end
it "does not raise an error as there is no request for dependency version update." do
expect(subject).to be >= Gem::Version.new("1.0.1")
end
end
end
Expand All @@ -731,7 +711,7 @@
)
end

it { is_expected.to be >= Gem::Version.new("3.0.2") }
it { is_expected.to be_nil }
end

context "when an autoload is specified" do
Expand All @@ -747,7 +727,7 @@
}]
end

it { is_expected.to be >= Gem::Version.new("5.2.30") }
it { is_expected.to be >= Gem::Version.new("5.2.7") }
end

context "when a sub-dependency would block the update" do
Expand All @@ -764,7 +744,7 @@
end

# 5.5.0 series and up require an update to illuminate/contracts
it { is_expected.to be >= Gem::Version.new("5.6.23") }
it { is_expected.to be >= Gem::Version.new("5.2.0") }
end

context "with an invalid composer.json file" do
Expand All @@ -781,7 +761,7 @@

let(:ignored_versions) { [">= 1.22.0.a, < 4.0"] }

it { is_expected.to eq(Gem::Version.new("1.21.0")) }
it { is_expected.to eq(Gem::Version.new("1.0.1")) }

context "with an insecure version" do
let(:dependency_version) { "1.0.1" }
Expand All @@ -795,7 +775,7 @@
]
end

it { is_expected.to eq(Gem::Version.new("1.16.0")) }
it { is_expected.to eq(Gem::Version.new("1.0.1")) }
end
end

Expand Down
6 changes: 3 additions & 3 deletions updater/spec/dependabot/updater/operations/refresh_group_update_pull_request_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -272,15 +272,15 @@
end

let(:group) do
instance_double("Dependabot::DependencyGroup", rules: { "update-types" => update_types })
instance_double(Dependabot::DependencyGroup, rules: { "update-types" => update_types })
end

let(:dependency) do
instance_double("Dependabot::Dependency", version: current_version)
instance_double(Dependabot::Dependency, version: current_version)
end

let(:checker) do
instance_double("Dependabot::UpdateCheckers::Base", latest_version: latest_version)
instance_double(Dependabot::UpdateCheckers::Base, latest_version: latest_version)
end

before do
Expand Down
Loading