Remove Bundler v1 Deprecation and Unsupported Feature Flags and Deact…

…ivate Bundler v1 CI Tests (#10796)

Remove Bundler v1 deprecation flags and deactivate Bundler v1 CI tests, setting Bundler v2 as the default.

.github/workflows/ci.yml

@@ -15,8 +15,7 @@ jobs:
       fail-fast: false
       matrix:
         suite:
-          - { path: bundler, name: bundler1, ecosystem: bundler }
-          - { path: bundler, name: bundler2, ecosystem: bundler }
+          - { path: bundler, name: bundler, ecosystem: bundler }
           - { path: cargo, name: cargo, ecosystem: cargo }
           - { path: common, name: common, ecosystem: common}
           - { path: composer, name: composer, ecosystem: composer }

bin/ci-test

@@ -10,17 +10,15 @@ function print_usage() {
 
 function handle_args() {
   export SUITE_NAME=$1
-  case $SUITE_NAME in
-    bundler1 | bundler2)
-      export MODULE=bundler
-      ;;
-    "")
-      print_usage
-      exit 1
-      ;;
-    *)
-      export MODULE=$SUITE_NAME
-  esac
+
+  # Only allow "bundler" as a valid SUITE_NAME
+  if [[ "$SUITE_NAME" != "bundler" ]]; then
+    echo "Error: Only 'bundler' is allowed as SUITE_NAME."
+    print_usage
+    exit 1
+  fi
+
+  export MODULE="bundler"
 
   if ! [ -d "$MODULE" ]; then
     print_usage

bundler/Dockerfile

@@ -3,8 +3,7 @@ FROM ghcr.io/dependabot/dependabot-updater-core
 USER dependabot
 
 COPY --chown=dependabot:dependabot bundler/helpers /opt/bundler/helpers
-RUN bash /opt/bundler/helpers/v1/build \
-  && bash /opt/bundler/helpers/v2/build
+RUN bash /opt/bundler/helpers/v2/build
 
 COPY --chown=dependabot:dependabot bundler $DEPENDABOT_HOME/bundler
 COPY --chown=dependabot:dependabot common $DEPENDABOT_HOME/common

bundler/lib/dependabot/bundler/helpers.rb

@@ -20,23 +20,11 @@ def self.bundler_version(lockfile)
 
         if (matches = lockfile.content&.match(BUNDLER_MAJOR_VERSION_REGEX))
           matches[:version].to_i >= 2 ? V2 : V1
-        elsif Dependabot::Experiments.enabled?(:bundler_v1_unsupported_error)
-          DEFAULT
         else
-          failover_version
+          DEFAULT
         end
       end
 
-      # If we are updating a project with a Gemfile.lock that does not specify
-      # the version it was bundled with, we failover to V1 on the assumption
-      # it was created with an old version that didn't add this information
-      sig { returns(String) }
-      def self.failover_version
-        return V2 if Dependabot::Experiments.enabled?(:bundler_v1_unsupported_error)
-
-        V1
-      end
-
       sig { params(lockfile: T.nilable(Dependabot::DependencyFile)).returns(String) }
       def self.detected_bundler_version(lockfile)
         return "unknown" unless lockfile

bundler/lib/dependabot/bundler/package_manager.rb

@@ -12,9 +12,11 @@ module Bundler
     # Keep versions in ascending order
     SUPPORTED_BUNDLER_VERSIONS = T.let([Version.new("2")].freeze, T::Array[Dependabot::Version])
 
-    DEPRECATED_BUNDLER_VERSIONS = T.let([
-      Version.new("1")
-    ].freeze, T::Array[Dependabot::Version])
+    # Currently, we don't support any deprecated versions of Bundler
+    # When a version is going to be unsupported, it will be added here for a while to give users time to upgrade
+    # Example for deprecation:
+    # DEPRECATED_BUNDLER_VERSIONS = T.let([Version.new("1")].freeze, T::Array[Dependabot::Version])
+    DEPRECATED_BUNDLER_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
 
     class PackageManager < PackageManagerBase
       extend T::Sig
@@ -41,9 +43,7 @@ def initialize(version)
 
       sig { override.returns(T::Boolean) }
       def unsupported?
-        # Check if the feature flag for Bundler v1 unsupported error is enabled.
-        return false unless Dependabot::Experiments.enabled?(:bundler_v1_unsupported_error)
-
+        # Check if the version is not supported
         supported_versions.all? { |supported| supported > version }
       end
     end

bundler/lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb

@@ -31,8 +31,7 @@ module SharedBundlerHelpers
         PATH_REGEX = /The path `(?<path>.*)` does not exist/
 
         module BundlerErrorPatterns
-          # The `set --global` optional part can be made required when Bundler 1 support is dropped
-          MISSING_AUTH_REGEX = /bundle config (?:set --global )?(?<source>.*) username:password/
+          MISSING_AUTH_REGEX = /bundle config set --global (?<source>.*) username:password/
 
           BAD_AUTH_REGEX = /Bad username or password for (?<source>.*)\.$/
           FORBIDDEN_AUTH_REGEX = /Access token could not be authenticated for (?<source>.*)\.$/

bundler/script/ci-test

@@ -8,14 +8,7 @@ bundle exec turbo_tests --verbose
 # NOTE: Don't use `if` branches without `else` part, since the code in some of
 # then seems to not abort the script regardless of `set -e`
 
-if [[ "$SUITE_NAME" == "bundler1" ]]; then
-  # shellcheck source=../helpers/v1/build
-  DEPENDABOT_NATIVE_HELPERS_PATH="" source helpers/v1/build \
-    && BUNDLER_VERSION=1.17.3 ./patched_bundler exec rspec spec\
-    && cd -
-else
-  # shellcheck source=../helpers/v2/build
-  DEPENDABOT_NATIVE_HELPERS_PATH="" source helpers/v2/build \
-    && bundle exec rspec spec \
-    && cd -
-fi
+# shellcheck source=../helpers/v2/build
+DEPENDABOT_NATIVE_HELPERS_PATH="" source helpers/v2/build \
+  && bundle exec rspec spec \
+  && cd -

bundler/spec/dependabot/bundler/file_parser/file_preparer_spec.rb

@@ -19,15 +19,7 @@
       its(:content) { is_expected.to include('gem "business", "~> 1.4.0"') }
     end
 
-    describe "the updated lockfile", :bundler_v1_only do
-      subject do
-        prepared_dependency_files.find { |f| f.name == "Gemfile.lock" }
-      end
-
-      its(:content) { is_expected.to include("1.10.6") }
-    end
-
-    describe "the updated lockfile", :bundler_v2_only do
+    describe "the updated lockfile" do
       subject do
         prepared_dependency_files.find { |f| f.name == "Gemfile.lock" }
       end

bundler/spec/dependabot/bundler/file_parser_spec.rb

@@ -172,32 +172,7 @@
 
       its(:length) { is_expected.to eq(5) }
 
-      describe "an untagged dependency", :bundler_v1_only do
-        subject { dependencies.find { |d| d.name == "uk_phone_numbers" } }
-
-        let(:expected_requirements) do
-          [{
-            requirement: ">= 0",
-            file: "Gemfile",
-            source: {
-              type: "git",
-              url: "https://github.com/dependabot-fixtures/uk_phone_numbers",
-              branch: nil,
-              ref: "master"
-            },
-            groups: [:default]
-          }]
-        end
-
-        it { is_expected.to be_a(Dependabot::Dependency) }
-        its(:requirements) { is_expected.to eq(expected_requirements) }
-
-        its(:version) do
-          is_expected.to eq("1530024bd6a68d36ac18e04836ce110e0d433c36")
-        end
-      end
-
-      describe "an untagged dependency", :bundler_v2_only do
+      describe "an untagged dependency" do
         subject { dependencies.find { |d| d.name == "uk_phone_numbers" } }
 
         let(:expected_requirements) do
@@ -247,34 +222,7 @@
         end
       end
 
-      describe "a github dependency", :bundler_v1_only do
-        subject { dependencies.find { |d| d.name == "business" } }
-
-        let(:dependency_files) { bundler_project_dependency_files("github_source") }
-
-        let(:expected_requirements) do
-          [{
-            requirement: ">= 0",
-            file: "Gemfile",
-            source: {
-              type: "git",
-              url: "https://github.com/dependabot-fixtures/business.git",
-              branch: nil,
-              ref: "master"
-            },
-            groups: [:default]
-          }]
-        end
-
-        it { is_expected.to be_a(Dependabot::Dependency) }
-        its(:requirements) { is_expected.to eq(expected_requirements) }
-
-        its(:version) do
-          is_expected.to eq("d31e445215b5af70c1604715d97dd953e868380e")
-        end
-      end
-
-      describe "a github dependency", :bundler_v2_only do
+      describe "a github dependency" do
         subject { dependencies.find { |d| d.name == "business" } }
 
         let(:dependency_files) { bundler_project_dependency_files("github_source") }
@@ -301,31 +249,7 @@
         end
       end
 
-      context "with a subdependency of a git source", :bundler_v1_only do
-        subject { dependencies.find { |d| d.name == "kaminari-actionview" } }
-
-        let(:dependency_files) { bundler_project_dependency_files("git_source_undeclared") }
-
-        let(:expected_requirements) do
-          [{
-            requirement: ">= 0",
-            file: "Gemfile",
-            source: {
-              type: "git",
-              url: "https://github.com/dependabot-fixtures/kaminari",
-              branch: nil,
-              ref: "master"
-            },
-            groups: [:default]
-          }]
-        end
-
-        it { is_expected.to be_a(Dependabot::Dependency) }
-        its(:name) { is_expected.to eq("kaminari-actionview") }
-        its(:requirements) { is_expected.to eq(expected_requirements) }
-      end
-
-      context "with a subdependency of a git source", :bundler_v2_only do
+      context "with a subdependency of a git source" do
         subject { dependencies.find { |d| d.name == "kaminari-actionview" } }
 
         let(:dependency_files) { bundler_project_dependency_files("git_source_undeclared") }
@@ -589,48 +513,6 @@
         end
       end
 
-      context "with an unparseable git dep that also appears in the gemspec", :bundler_v1_only do
-        let(:dependency_files) { bundler_project_dependency_files("git_source_unparseable") }
-
-        it "includes source details on the gemspec requirement" do
-          expect(dependencies.map(&:name)).to match_array(%w(business))
-          expect(dependencies.first.name).to eq("business")
-          expect(dependencies.first.version)
-            .to eq("1378a2b0b446d991b7567efbc7eeeed2720e4d8f")
-          expect(dependencies.first.requirements)
-            .to contain_exactly({
-              file: "example.gemspec",
-              requirement: "~> 1.0",
-              groups: ["runtime"],
-              source: {
-                type: "git",
-                url: "git@github.com:dependabot-fixtures/business",
-                branch: nil,
-                ref: "master"
-              }
-            })
-        end
-
-        it "includes source details on the gemspec requirement", :bundler_v2_only do
-          expect(dependencies.map(&:name)).to match_array(%w(business))
-          expect(dependencies.first.name).to eq("business")
-          expect(dependencies.first.version)
-            .to eq("1378a2b0b446d991b7567efbc7eeeed2720e4d8f")
-          expect(dependencies.first.requirements)
-            .to contain_exactly({
-              file: "example.gemspec",
-              requirement: "~> 1.0",
-              groups: ["runtime"],
-              source: {
-                type: "git",
-                url: "git@github.com:dependabot-fixtures/business",
-                branch: nil,
-                ref: nil
-              }
-            })
-        end
-      end
-
       context "with two gemspecs" do
         let(:dependency_files) { bundler_project_dependency_files("imports_two_gemspecs") }
 

bundler/spec/dependabot/bundler/file_updater_spec.rb

@@ -378,11 +378,7 @@
             expect(file.content).to include("statesman (1.3.1)")
           end
 
-          it "locks the yanked gem to the latest version allowed by the Gemfile", :bundler_v1_only do
-            expect(file.content).to include("business (1.18.0)")
-          end
-
-          it "does not touch the yanked gem", :bundler_v2_only do
+          it "does not touch the yanked gem" do
             expect(file.content).to include("business (1.4.1)")
           end
         end
@@ -399,11 +395,7 @@
           expect(file.content).to include("statesman (1.2.1)")
         end
 
-        it "preserves the BUNDLED WITH line in the lockfile", :bundler_v1_only do
-          expect(file.content).to include("BUNDLED WITH\n   1.10.6")
-        end
-
-        it "preserves the BUNDLED WITH line in the lockfile", :bundler_v2_only do
+        it "preserves the BUNDLED WITH line in the lockfile" do
           expect(file.content).to include("BUNDLED WITH\n   2.2.0")
         end
 
@@ -1513,11 +1505,7 @@
         }]
       end
 
-      it "raises an error", :bundler_v1_only do
-        expect { updated_gemfile }.to raise_error(/Bundler could not find compatible versions for gem "bundler"/)
-      end
-
-      it "returns the latest version", :bundler_v2_only do
+      it "returns the latest version" do
         expect(updated_gemfile.content).to include("\"guard-bundler\", \"~> 2.2.1\"")
       end
     end

bundler/spec/dependabot/bundler/helper_spec.rb

@@ -50,8 +50,8 @@ def described_method(lockfile)
       expect(described_method(no_lockfile)).to eql("2")
     end
 
-    it "is 1 if there is no bundled with string" do
-      expect(described_method(lockfile_bundled_with_missing)).to eql("1")
+    it "is 2 if there is no bundled with string" do
+      expect(described_method(lockfile_bundled_with_missing)).to eql("2")
     end
 
     it "is 1 if it was bundled with a v1.x version" do