Merge pull request #3283 from dependabot/jurre/instrument-package-man…

…ager-versions Instrument bundler version
dependabot · Mar 17, 2021 · 07346a5 · 07346a5
2 parents cda7112 + c3071cf
commit 07346a5
Show file tree

Hide file tree

Showing 6 changed files with 52 additions and 0 deletions.
diff --git a/bundler/lib/dependabot/bundler/file_parser.rb b/bundler/lib/dependabot/bundler/file_parser.rb
@@ -23,6 +23,7 @@ def parse
         dependency_set += gemspec_dependencies
         dependency_set += lockfile_dependencies
         check_external_code(dependency_set.dependencies)
+        instrument_package_manager_version
         dependency_set.dependencies
       end
 
@@ -42,6 +43,17 @@ def git_source?(dependencies)
         end
       end
 
+      def instrument_package_manager_version
+        version = Helpers.detected_bundler_version(lockfile)
+        Dependabot.instrument(
+          Notifications::FILE_PARSER_PACKAGE_MANAGER_VERSION_PARSED,
+          ecosystem: "bundler",
+          package_managers: {
+            "bundler" => version
+          }
+        )
+      end
+
       def gemfile_dependencies
         dependencies = DependencySet.new
 

diff --git a/bundler/lib/dependabot/bundler/helpers.rb b/bundler/lib/dependabot/bundler/helpers.rb
@@ -16,6 +16,13 @@ def self.bundler_version(_lockfile, options:)
 
         V1
       end
+
+      def self.detected_bundler_version(lockfile)
+        return "unknown" unless lockfile
+        return V2 if lockfile.content.match?(/BUNDLED WITH\s+2/m)
+
+        V1
+      end
     end
   end
 end
diff --git a/bundler/spec/dependabot/bundler/file_parser_spec.rb b/bundler/spec/dependabot/bundler/file_parser_spec.rb
@@ -724,6 +724,19 @@
         end
       end
     end
+
+    it "instruments the package manager version" do
+      events = []
+      Dependabot.subscribe(Dependabot::Notifications::FILE_PARSER_PACKAGE_MANAGER_VERSION_PARSED) do |*args|
+        events << ActiveSupport::Notifications::Event.new(*args)
+      end
+
+      parser.parse
+
+      expect(events.last.payload).to eq(
+        { ecosystem: "bundler", package_managers: { "bundler" => "1" } }
+      )
+    end
   end
 
   context "with bundler 2 support enabled" do

diff --git a/common/dependabot-common.gemspec b/common/dependabot-common.gemspec
@@ -21,6 +21,7 @@ Gem::Specification.new do |spec|
   spec.required_ruby_version = ">= 2.5.0"
   spec.required_rubygems_version = ">= 2.7.3"
 
+  spec.add_dependency "activesupport", ">= 6.0.0"
   spec.add_dependency "aws-sdk-codecommit", "~> 1.28"
   spec.add_dependency "aws-sdk-ecr", "~> 1.5"
   spec.add_dependency "bundler", ">= 1.16", "< 3.0.0"

diff --git a/common/lib/dependabot/file_parsers/base.rb b/common/lib/dependabot/file_parsers/base.rb
@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require "dependabot/notifications"
+
 module Dependabot
   module FileParsers
     class Base

diff --git a/common/lib/dependabot/notifications.rb b/common/lib/dependabot/notifications.rb
@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+require "active_support/notifications"
+
+module Dependabot
+  module Notifications
+    FILE_PARSER_PACKAGE_MANAGER_VERSION_PARSED = "dependabot.file_parser.package_manager_version_parsed"
+  end
+
+  def self.instrument(name, payload = {})
+    ActiveSupport::Notifications.instrument(name, payload)
+  end
+
+  def self.subscribe(pattern = nil, callback = nil, &block)
+    ActiveSupport::Notifications.subscribe(pattern, callback, &block)
+  end
+end