Restore Bundler 1 behavior regarding libraries & gemspecs

Up until the Bundler 2 upgrade, when in the context of updating a library, dependabot would first try locking the Ruby version according to the minimum ruby requirement specified in the gemspec (if any). If that fail, dependabot would retry without any ruby version locking by detecting a specific error message raised by Bundler. This feature was introduced by fcd5682. However, when the upgrade to Bundler 2 happened, the related spec started failing, because the string to look for within Bundler's error message was not updated to match what Bundler 2 was raising (error message was changed upstream at rubygems/bundler#6647). Instead, the spec was updated to match the new result (see dependabot#3319 (comment)). In the spec, dependabot is updating a Gemfile including ```ruby gem 'statesman', "~> 3.0.0" ``` in combination with a gemspec including ```ruby required_ruby_version ">= 1.9.3" ``` Statesman 3.0.0 has a Ruby ">= 2.2" requirement, so it does not support Ruby 1.9.3 already. The original dependabot behaviour was to ignore the preexisting mismatch and move on. That makes sense to me, there's some reasons why a library main have this situation. In my case, I have several Gemfiles testing different major versions of my dependencies (Rails, in particular), and some of them don't support the oldest Ruby supported by my gem (my Rails 7 gemfile does not support my oldest supported Ruby, 2.6). On a more pragmatic point of view, the old behavior didn't cause any reported issues that I know of, while the new behavior did bite my particular case. So this commit changes the expectation to what it used to be and updates the strings to look for in error messages to support both Bundler 1 and Bundler 2 error messages.
deivid-rodriguez · Mar 18, 2022 · 49c863e · 49c863e
1 parent 16b32f1
commit 49c863e
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 5 deletions.
diff --git a/bundler/lib/dependabot/bundler/update_checker/version_resolver.rb b/bundler/lib/dependabot/bundler/update_checker/version_resolver.rb
@@ -139,7 +139,8 @@ def error_due_to_restrictive_upper_bound?(error)
         end
 
         def ruby_lock_error?(error)
-          return false unless error.message.include?(" for gem \"ruby\0\"")
+          return false unless error.message.include?(" for the Ruby\0 version") || # Bundler 2
+                              error.message.include?(" for gem \"ruby\0\"") # Bundler 1
           return false if @gemspec_ruby_unlocked
 
           dependency_files.any? { |f| f.name.end_with?(".gemspec") }

diff --git a/bundler/spec/dependabot/bundler/update_checker/version_resolver_spec.rb b/bundler/spec/dependabot/bundler/update_checker/version_resolver_spec.rb
@@ -462,15 +462,15 @@
             to eq(Gem::Version.new("2.0.1"))
         end
 
-        context "that isn't satisfied by the dependencies", :bundler_v2_only do
+        context "that isn't satisfied by the dependencies" do
           let(:dependency_files) do
             bundler_project_dependency_files("imports_gemspec_version_clash_old_required_ruby_no_lockfile")
           end
           let(:current_version) { "3.0.1" }
 
-          it "raises a DependencyFileNotResolvable error" do
-            expect { subject }.
-              to raise_error(Dependabot::DependencyFileNotResolvable)
+          it "ignores the minimum ruby version in the gemspec" do
+            expect(resolver.latest_resolvable_version_details[:version]).
+              to eq(Gem::Version.new("7.2.0"))
           end
         end
       end