Open THETCR opened 1 year ago
We're adding support for Bundler 2.4 at #6303. I guess this should get fixed after that, since you seem to be running Bundler 2.4?
@deivid-rodriguez
Same result with Bundler 2.3.26
.
Alright, can you then post the exact error you're getting, and exact steps so that we can reproduce this error ourselves?
It actually works just fine for me when consumed directly from a branch.
It was able to bump sha version just fine. The only difference is that I also set the branch
parameter explicitly in the Gemfile
Any update @THETCR ?
Otherwise we'll need to close due to lack of information.
@jeffwidman
It seems the issue is not only with Git sources.
The same issue is also happening in the CI/CD of the dependabot-script
repository.
As shown here:
https://github.com/dependabot/dependabot-script/actions/runs/5050327896/jobs/9060910598?pr=921
This happens regardless of the Bundler
version used.
It results in the native helper returning an empty String. The same as discussed here: https://github.com/dependabot/dependabot-core/pull/6521
@deivid-rodriguez
As stated above. The exact same issue is happening in the official dependabot-script
repository.
So this does not only apply to Gems sourced from Git, but Bundler in general.
@deivid-rodriguez @jeffwidman
It explicitly broke with the following commit: 7fccc8d
When Bundler is loading the spec files it searches for the vendored Dependabot gems in the .bundle/ruby/3.1.0/bundler/gems/
directory, starting from the directory with the package manifest.
Subsequently throwing an error that the Dependabot gem is not installed yet.
Thank you @THETCR for persisting on figuring this out. Unfortunately I lack the time to dig into this right now, but since you seem to now understand the problem better, feel free to create a PR to fix this. That should speed up resolution of this issue.
Is there an existing issue for this?
Package ecosystem
Bundler
Package manager version
2.4.7
Language version
3.1.3
Manifest location and content before the Dependabot update
dependabot.yml content
No response
Updated dependency
No response
What you expected to see, versus what you actually saw
Dependabot::DependencyFileNotEvaluatable
, failure to parse the manifest with aJSON::ParserError
.Native package manager behavior
Works as stipulated in the
Bundler
documentation.Images of the diff or a link to the PR, issue, or logs
No response
Smallest manifest that reproduces the issue
No response