Dependabot doesn't recognize Gemfile "file:" directive for Ruby version

[bewuethr]

Is there an existing issue for this?

• I have searched the existing issues

Package ecosystem

Bundler

Package manager version

Bundler 2.4.22

Language version

Ruby 3.2.2

Manifest location and content before the Dependabot update

/Gemfile, contents:

source "https://rubygems.org"

ruby file: ".tool-versions"

gem "jekyll"
gem "jekyll-feed"
gem "jekyll-include-cache"
gem "jekyll-last-modified-at"
gem "jekyll-paginate-v2"
gem "jekyll-redirect-from"
gem "jekyll-remote-theme"
gem "jekyll-sitemap"
gem "jemoji"

dependabot.yml content

version: 2

updates:
  # GitHub Actions
  - package-ecosystem: github-actions
    directory: /
    schedule:
      interval: daily
      time: '08:00'  # yamllint disable-line rule:quoted-strings
      timezone: America/Toronto

  # Ruby Gems
  - package-ecosystem: bundler
    directory: /
    schedule:
      interval: daily
      time: '08:00'  # yamllint disable-line rule:quoted-strings
      timezone: America/Toronto

Updated dependency

n/a

What you expected to see, versus what you actually saw

Dependabot update jobs fail with this message:

Bundler::Dsl::DSLError with message: [!] There was an error parsing `Gemfile`: No such file or directory @ rb_sysopen - dependabot_tmp_dir/.tool-versions. Bundler cannot continue.

 #  from dependabot_tmp_dir/Gemfile:3
 #  -------------------------------------------
 #  
 >  ruby file: ".tool-versions"
 #  
 #  -------------------------------------------

Native package manager behavior

Bundler accesses the specified file .tool-versions to extract the Ruby version.

Images of the diff or a link to the PR, issue, or logs

• Dependabot update log: https://github.com/swissclubto/swissclubto.github.io/network/updates/758615140
• The ruby file: option is documented in the bundler docs
• Support was introduced in bundler-v2.4.20
• PR implementing it: Support ruby file: ".tool-versions" in Gemfile rubygems/rubygems#6898

Smallest manifest that reproduces the issue

Gemfile:

source "https://rubygems.org"

ruby file: ".tool-versions"

Gemfile.lock:

GEM
  remote: https://rubygems.org/
  specs:

PLATFORMS
  x86_64-linux

DEPENDENCIES

RUBY VERSION
   ruby 3.2.2p53

BUNDLED WITH
   2.4.22

.tool-versions:

ruby 3.2.2

[bewuethr]

It looks like if this method

dependabot-core/bundler/lib/dependabot/bundler/file_fetcher.rb

Lines 115 to 122 in ffb64af

	def ruby_version_file
	return unless gemfile
	return unless gemfile.content.include?(".ruby-version")
	@ruby_version_file ||=
	fetch_file_if_present(".ruby-version")
	&.tap { |f| f.support_file = true }
	end

also checked for .tool-versions, things might work?

[deivid-rodriguez]

Yeah, that sounds like it might work. Would you be willing to open a PR for it?

[bewuethr]

Yeah, that sounds like it might work. Would you be willing to open a PR for it?

I can try! I'll take a crack this weekend.

[grzuy]

I suspect this will be fixed by #9070

[bewuethr]

I suspect this will be fixed by #9070

Looks like it! Excellent 😃 My "crack" ended in the middle of trying to understand the docker setup 😅

[bewuethr]

I think #9070 fixed this! Thanks @kpumuk 😃