Merge pull request #11267 from dependabot/markhallen/add-bun-package-…

…manager

Add bun package manager

npm_and_yarn/lib/dependabot/npm_and_yarn/bun_package_manager.rb

@@ -0,0 +1,46 @@
+# typed: strong
+# frozen_string_literal: true
+
+module Dependabot
+  module NpmAndYarn
+    class BunPackageManager < Ecosystem::VersionManager
+      extend T::Sig
+      NAME = "bun"
+      LOCKFILE_NAME = "bun.lock"
+
+      # In Bun 1.1.39, the lockfile format was changed from a binary bun.lockb to a text-based bun.lock.
+      # https://bun.sh/blog/bun-lock-text-lockfile
+      MIN_SUPPORTED_VERSION = Version.new("1.1.39")
+      SUPPORTED_VERSIONS = T.let([MIN_SUPPORTED_VERSION].freeze, T::Array[Dependabot::Version])
+      DEPRECATED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
+
+      sig do
+        params(
+          detected_version: T.nilable(String),
+          raw_version: T.nilable(String),
+          requirement: T.nilable(Dependabot::NpmAndYarn::Requirement)
+        ).void
+      end
+      def initialize(detected_version: nil, raw_version: nil, requirement: nil)
+        super(
+          name: NAME,
+          detected_version: detected_version ? Version.new(detected_version) : nil,
+          version: raw_version ? Version.new(raw_version) : nil,
+          deprecated_versions: DEPRECATED_VERSIONS,
+          supported_versions: SUPPORTED_VERSIONS,
+          requirement: requirement
+        )
+      end
+
+      sig { override.returns(T::Boolean) }
+      def deprecated?
+        false
+      end
+
+      sig { override.returns(T::Boolean) }
+      def unsupported?
+        supported_versions.all? { |supported| supported > version }
+      end
+    end
+  end
+end

npm_and_yarn/lib/dependabot/npm_and_yarn/language.rb

@@ -0,0 +1,45 @@
+# typed: strong
+# frozen_string_literal: true
+
+require "dependabot/npm_and_yarn/package_manager"
+
+module Dependabot
+  module NpmAndYarn
+    class Language < Ecosystem::VersionManager
+      extend T::Sig
+      NAME = "node"
+
+      SUPPORTED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
+
+      DEPRECATED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
+
+      sig do
+        params(
+          detected_version: T.nilable(String),
+          raw_version: T.nilable(String),
+          requirement: T.nilable(Dependabot::NpmAndYarn::Requirement)
+        ).void
+      end
+      def initialize(detected_version: nil, raw_version: nil, requirement: nil)
+        super(
+          name: NAME,
+          detected_version: detected_version ? Version.new(detected_version) : nil,
+          version: raw_version ? Version.new(raw_version) : nil,
+          deprecated_versions: DEPRECATED_VERSIONS,
+          supported_versions: SUPPORTED_VERSIONS,
+          requirement: requirement
+        )
+      end
+
+      sig { override.returns(T::Boolean) }
+      def deprecated?
+        false
+      end
+
+      sig { override.returns(T::Boolean) }
+      def unsupported?
+        false
+      end
+    end
+  end
+end

npm_and_yarn/lib/dependabot/npm_and_yarn/npm_package_manager.rb

@@ -0,0 +1,70 @@
+# typed: strong
+# frozen_string_literal: true
+
+require "dependabot/npm_and_yarn/package_manager"
+
+module Dependabot
+  module NpmAndYarn
+    class NpmPackageManager < Ecosystem::VersionManager
+      extend T::Sig
+      NAME = "npm"
+      RC_FILENAME = ".npmrc"
+      LOCKFILE_NAME = "package-lock.json"
+      SHRINKWRAP_LOCKFILE_NAME = "npm-shrinkwrap.json"
+
+      NPM_V6 = "6"
+      NPM_V7 = "7"
+      NPM_V8 = "8"
+      NPM_V9 = "9"
+      NPM_V10 = "10"
+
+      # Keep versions in ascending order
+      SUPPORTED_VERSIONS = T.let([
+        Version.new(NPM_V7),
+        Version.new(NPM_V8),
+        Version.new(NPM_V9),
+        Version.new(NPM_V10)
+      ].freeze, T::Array[Dependabot::Version])
+
+      DEPRECATED_VERSIONS = T.let([Version.new(NPM_V6)].freeze, T::Array[Dependabot::Version])
+
+      sig do
+        params(
+          detected_version: T.nilable(String),
+          raw_version: T.nilable(String),
+          requirement: T.nilable(Dependabot::NpmAndYarn::Requirement)
+        ).void
+      end
+      def initialize(detected_version: nil, raw_version: nil, requirement: nil)
+        super(
+          name: NAME,
+          detected_version: detected_version ? Version.new(detected_version) : nil,
+          version: raw_version ? Version.new(raw_version) : nil,
+          deprecated_versions: DEPRECATED_VERSIONS,
+          supported_versions: SUPPORTED_VERSIONS,
+          requirement: requirement
+        )
+      end
+
+      sig { override.returns(T::Boolean) }
+      def deprecated?
+        return false unless detected_version
+
+        return false if unsupported?
+
+        return false unless Dependabot::Experiments.enabled?(:npm_v6_deprecation_warning)
+
+        deprecated_versions.include?(detected_version)
+      end
+
+      sig { override.returns(T::Boolean) }
+      def unsupported?
+        return false unless detected_version
+
+        return false unless Dependabot::Experiments.enabled?(:npm_v6_unsupported_error)
+
+        supported_versions.all? { |supported| supported > detected_version }
+      end
+    end
+  end
+end

npm_and_yarn/lib/dependabot/npm_and_yarn/package_manager.rb

@@ -6,6 +6,11 @@
 require "dependabot/npm_and_yarn/requirement"
 require "dependabot/npm_and_yarn/version_selector"
 require "dependabot/npm_and_yarn/registry_helper"
+require "dependabot/npm_and_yarn/npm_package_manager"
+require "dependabot/npm_and_yarn/yarn_package_manager"
+require "dependabot/npm_and_yarn/pnpm_package_manager"
+require "dependabot/npm_and_yarn/bun_package_manager"
+require "dependabot/npm_and_yarn/language"
 
 module Dependabot
   module NpmAndYarn
@@ -47,163 +52,6 @@ module NpmAndYarn
     MANIFEST_PACKAGE_MANAGER_KEY = "packageManager"
     MANIFEST_ENGINES_KEY = "engines"
 
-    class NpmPackageManager < Ecosystem::VersionManager
-      extend T::Sig
-      NAME = "npm"
-      RC_FILENAME = ".npmrc"
-      LOCKFILE_NAME = "package-lock.json"
-      SHRINKWRAP_LOCKFILE_NAME = "npm-shrinkwrap.json"
-
-      NPM_V6 = "6"
-      NPM_V7 = "7"
-      NPM_V8 = "8"
-      NPM_V9 = "9"
-      NPM_V10 = "10"
-
-      # Keep versions in ascending order
-      SUPPORTED_VERSIONS = T.let([
-        Version.new(NPM_V7),
-        Version.new(NPM_V8),
-        Version.new(NPM_V9),
-        Version.new(NPM_V10)
-      ].freeze, T::Array[Dependabot::Version])
-
-      DEPRECATED_VERSIONS = T.let([Version.new(NPM_V6)].freeze, T::Array[Dependabot::Version])
-
-      sig do
-        params(
-          detected_version: T.nilable(String),
-          raw_version: T.nilable(String),
-          requirement: T.nilable(Dependabot::NpmAndYarn::Requirement)
-        ).void
-      end
-      def initialize(detected_version: nil, raw_version: nil, requirement: nil)
-        super(
-          name: NAME,
-          detected_version: detected_version ? Version.new(detected_version) : nil,
-          version: raw_version ? Version.new(raw_version) : nil,
-          deprecated_versions: DEPRECATED_VERSIONS,
-          supported_versions: SUPPORTED_VERSIONS,
-          requirement: requirement
-        )
-      end
-
-      sig { override.returns(T::Boolean) }
-      def deprecated?
-        return false unless detected_version
-
-        return false if unsupported?
-
-        return false unless Dependabot::Experiments.enabled?(:npm_v6_deprecation_warning)
-
-        deprecated_versions.include?(detected_version)
-      end
-
-      sig { override.returns(T::Boolean) }
-      def unsupported?
-        return false unless detected_version
-
-        return false unless Dependabot::Experiments.enabled?(:npm_v6_unsupported_error)
-
-        supported_versions.all? { |supported| supported > detected_version }
-      end
-    end
-
-    class YarnPackageManager < Ecosystem::VersionManager
-      extend T::Sig
-      NAME = "yarn"
-      RC_FILENAME = ".yarnrc"
-      RC_YML_FILENAME = ".yarnrc.yml"
-      LOCKFILE_NAME = "yarn.lock"
-
-      YARN_V1 = "1"
-      YARN_V2 = "2"
-      YARN_V3 = "3"
-
-      SUPPORTED_VERSIONS = T.let([
-        Version.new(YARN_V1),
-        Version.new(YARN_V2),
-        Version.new(YARN_V3)
-      ].freeze, T::Array[Dependabot::Version])
-
-      DEPRECATED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
-
-      sig do
-        params(
-          detected_version: T.nilable(String),
-          raw_version: T.nilable(String),
-          requirement: T.nilable(Dependabot::NpmAndYarn::Requirement)
-        ).void
-      end
-      def initialize(detected_version: nil, raw_version: nil, requirement: nil)
-        super(
-          name: NAME,
-          detected_version: detected_version ? Version.new(detected_version) : nil,
-          version: raw_version ? Version.new(raw_version) : nil,
-          deprecated_versions: DEPRECATED_VERSIONS,
-          supported_versions: SUPPORTED_VERSIONS,
-          requirement: requirement
-        )
-      end
-
-      sig { override.returns(T::Boolean) }
-      def deprecated?
-        false
-      end
-
-      sig { override.returns(T::Boolean) }
-      def unsupported?
-        false
-      end
-    end
-
-    class PNPMPackageManager < Ecosystem::VersionManager
-      extend T::Sig
-      NAME = "pnpm"
-      LOCKFILE_NAME = "pnpm-lock.yaml"
-      PNPM_WS_YML_FILENAME = "pnpm-workspace.yaml"
-
-      PNPM_V7 = "7"
-      PNPM_V8 = "8"
-      PNPM_V9 = "9"
-
-      SUPPORTED_VERSIONS = T.let([
-        Version.new(PNPM_V7),
-        Version.new(PNPM_V8),
-        Version.new(PNPM_V9)
-      ].freeze, T::Array[Dependabot::Version])
-
-      DEPRECATED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
-
-      sig do
-        params(
-          detected_version: T.nilable(String),
-          raw_version: T.nilable(String),
-          requirement: T.nilable(Dependabot::NpmAndYarn::Requirement)
-        ).void
-      end
-      def initialize(detected_version: nil, raw_version: nil, requirement: nil)
-        super(
-          name: NAME,
-          detected_version: detected_version ? Version.new(detected_version) : nil,
-          version: raw_version ? Version.new(raw_version) : nil,
-          deprecated_versions: DEPRECATED_VERSIONS,
-          supported_versions: SUPPORTED_VERSIONS,
-          requirement: requirement
-        )
-      end
-
-      sig { override.returns(T::Boolean) }
-      def deprecated?
-        false
-      end
-
-      sig { override.returns(T::Boolean) }
-      def unsupported?
-        false
-      end
-    end
-
     DEFAULT_PACKAGE_MANAGER = NpmPackageManager::NAME
 
     # Define a type alias for the expected class interface
@@ -288,43 +136,6 @@ def name_from_engines
       end
     end
 
-    class Language < Ecosystem::VersionManager
-      extend T::Sig
-      NAME = "node"
-
-      SUPPORTED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
-
-      DEPRECATED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
-
-      sig do
-        params(
-          detected_version: T.nilable(String),
-          raw_version: T.nilable(String),
-          requirement: T.nilable(Dependabot::NpmAndYarn::Requirement)
-        ).void
-      end
-      def initialize(detected_version: nil, raw_version: nil, requirement: nil)
-        super(
-          name: NAME,
-          detected_version: detected_version ? Version.new(detected_version) : nil,
-          version: raw_version ? Version.new(raw_version) : nil,
-          deprecated_versions: DEPRECATED_VERSIONS,
-          supported_versions: SUPPORTED_VERSIONS,
-          requirement: requirement
-        )
-      end
-
-      sig { override.returns(T::Boolean) }
-      def deprecated?
-        false
-      end
-
-      sig { override.returns(T::Boolean) }
-      def unsupported?
-        false
-      end
-    end
-
     class PackageManagerHelper
       extend T::Sig
       extend T::Helpers