diff --git a/bundler/lib/dependabot/bundler/file_parser.rb b/bundler/lib/dependabot/bundler/file_parser.rb index 4ff7cac3d8b..6a0e97897d8 100644 --- a/bundler/lib/dependabot/bundler/file_parser.rb +++ b/bundler/lib/dependabot/bundler/file_parser.rb @@ -23,6 +23,7 @@ def parse dependency_set += gemspec_dependencies dependency_set += lockfile_dependencies check_external_code(dependency_set.dependencies) + instrument_package_manager_version dependency_set.dependencies end @@ -42,6 +43,17 @@ def git_source?(dependencies) end end + def instrument_package_manager_version + version = Helpers.detected_bundler_version(lockfile) + Dependabot.instrument( + Notifications::FILE_PARSER_PACKAGE_MANAGER_VERSION_PARSED, + ecosystem: "bundler", + package_managers: { + "bundler" => version + } + ) + end + def gemfile_dependencies dependencies = DependencySet.new diff --git a/bundler/lib/dependabot/bundler/helpers.rb b/bundler/lib/dependabot/bundler/helpers.rb index ef1e6b7ebed..46b51689385 100644 --- a/bundler/lib/dependabot/bundler/helpers.rb +++ b/bundler/lib/dependabot/bundler/helpers.rb @@ -11,6 +11,13 @@ module Helpers def self.bundler_version(_lockfile) V1 end + + def self.detected_bundler_version(lockfile) + return "unknown" unless lockfile + return V2 if lockfile.content.match?(/BUNDLED WITH\s+2/m) + + V1 + end end end end diff --git a/bundler/spec/dependabot/bundler/file_parser_spec.rb b/bundler/spec/dependabot/bundler/file_parser_spec.rb index 133528b6640..2337edc1ae0 100644 --- a/bundler/spec/dependabot/bundler/file_parser_spec.rb +++ b/bundler/spec/dependabot/bundler/file_parser_spec.rb @@ -724,5 +724,18 @@ end end end + + it "instruments the package manager version" do + events = [] + Dependabot.subscribe(Dependabot::Notifications::FILE_PARSER_PACKAGE_MANAGER_VERSION_PARSED) do |*args| + events << ActiveSupport::Notifications::Event.new(*args) + end + + parser.parse + + expect(events.last.payload).to eq( + { ecosystem: "bundler", package_managers: { "bundler" => "1" } } + ) + end end end diff --git a/common/dependabot-common.gemspec b/common/dependabot-common.gemspec index 17265af0a3d..e7e78536234 100644 --- a/common/dependabot-common.gemspec +++ b/common/dependabot-common.gemspec @@ -21,6 +21,7 @@ Gem::Specification.new do |spec| spec.required_ruby_version = ">= 2.5.0" spec.required_rubygems_version = ">= 2.7.3" + spec.add_dependency "activesupport", ">= 6.0.0" spec.add_dependency "aws-sdk-codecommit", "~> 1.28" spec.add_dependency "aws-sdk-ecr", "~> 1.5" spec.add_dependency "bundler", ">= 1.16", "< 3.0.0" diff --git a/common/lib/dependabot/file_parsers/base.rb b/common/lib/dependabot/file_parsers/base.rb index 974e6fde114..857ee6bfc81 100644 --- a/common/lib/dependabot/file_parsers/base.rb +++ b/common/lib/dependabot/file_parsers/base.rb @@ -1,5 +1,7 @@ # frozen_string_literal: true +require "dependabot/notifications" + module Dependabot module FileParsers class Base diff --git a/common/lib/dependabot/notifications.rb b/common/lib/dependabot/notifications.rb new file mode 100644 index 00000000000..96531576dd9 --- /dev/null +++ b/common/lib/dependabot/notifications.rb @@ -0,0 +1,17 @@ +# frozen_string_literal: true + +require "active_support/notifications" + +module Dependabot + module Notifications + FILE_PARSER_PACKAGE_MANAGER_VERSION_PARSED = "dependabot.file_parser.package_manager_version_parsed" + end + + def self.instrument(name, payload = {}) + ActiveSupport::Notifications.instrument(name, payload) + end + + def self.subscribe(pattern = nil, callback = nil, &block) + ActiveSupport::Notifications.subscribe(pattern, callback, &block) + end +end