Add BunPackageManager

Co-authored-by: Ashcon Partovi <[email protected]>

npm_and_yarn/lib/dependabot/npm_and_yarn/bun_package_manager.rb

@@ -0,0 +1,46 @@
+# typed: strict
+# frozen_string_literal: true
+
+module Dependabot
+  module NpmAndYarn
+    class BunPackageManager < Ecosystem::VersionManager
+      extend T::Sig
+      NAME = "bun"
+      LOCKFILE_NAME = "bun.lock"
+
+      # In Bun 1.1.39, the lockfile format was changed from a binary bun.lockb to a text-based bun.lock.
+      # https://bun.sh/blog/bun-lock-text-lockfile
+      MIN_SUPPORTED_VERSION = Version.new("1.1.39")
+      SUPPORTED_VERSIONS = T.let([MIN_SUPPORTED_VERSION].freeze, T::Array[Dependabot::Version])
+      DEPRECATED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
+
+      sig do
+        params(
+          detected_version: T.nilable(String),
+          raw_version: T.nilable(String),
+          requirement: T.nilable(Dependabot::NpmAndYarn::Requirement)
+        ).void
+      end
+      def initialize(detected_version: nil, raw_version: nil, requirement: nil)
+        super(
+          name: NAME,
+          detected_version: detected_version ? Version.new(detected_version) : nil,
+          version: raw_version ? Version.new(raw_version) : nil,
+          deprecated_versions: DEPRECATED_VERSIONS,
+          supported_versions: SUPPORTED_VERSIONS,
+          requirement: requirement
+        )
+      end
+
+      sig { override.returns(T::Boolean) }
+      def deprecated?
+        false
+      end
+
+      sig { override.returns(T::Boolean) }
+      def unsupported?
+        supported_versions.all? { |supported| supported > version }
+      end
+    end
+  end
+end

npm_and_yarn/lib/dependabot/npm_and_yarn/package_manager.rb

@@ -9,6 +9,7 @@
 require "dependabot/npm_and_yarn/npm_package_manager"
 require "dependabot/npm_and_yarn/yarn_package_manager"
 require "dependabot/npm_and_yarn/pnpm_package_manager"
+require "dependabot/npm_and_yarn/bun_package_manager"
 require "dependabot/npm_and_yarn/language"
 
 module Dependabot

npm_and_yarn/spec/dependabot/npm_and_yarn/bun_package_manager_spec.rb

@@ -0,0 +1,65 @@
+# typed: false
+# frozen_string_literal: true
+
+require "dependabot/npm_and_yarn/package_manager"
+require "dependabot/ecosystem"
+require "spec_helper"
+
+RSpec.describe Dependabot::NpmAndYarn::BunPackageManager do
+  let(:package_manager) do
+    described_class.new(
+      detected_version: detected_version,
+      raw_version: raw_version
+    )
+  end
+
+  let(:detected_version) { "1" }
+  let(:raw_version) { "1.1.39" }
+
+  describe "#initialize" do
+    context "when version is a String" do
+      it "sets the version correctly" do
+        expect(package_manager.detected_version).to eq(Dependabot::Version.new(detected_version))
+        expect(package_manager.version).to eq(Dependabot::Version.new(raw_version))
+      end
+
+      it "sets the name correctly" do
+        expect(package_manager.name).to eq(Dependabot::NpmAndYarn::BunPackageManager::NAME)
+      end
+
+      it "sets the deprecated_versions correctly" do
+        expect(package_manager.deprecated_versions).to eq(
+          Dependabot::NpmAndYarn::BunPackageManager::DEPRECATED_VERSIONS
+        )
+      end
+
+      it "sets the supported_versions correctly" do
+        expect(package_manager.supported_versions).to eq(Dependabot::NpmAndYarn::BunPackageManager::SUPPORTED_VERSIONS)
+      end
+    end
+  end
+
+  describe "#deprecated?" do
+    it "returns false" do
+      expect(package_manager.deprecated?).to be false
+    end
+  end
+
+  describe "#unsupported?" do
+    context "when version is the minimum supported version" do
+      let(:detected_version) { Dependabot::NpmAndYarn::BunPackageManager::MIN_SUPPORTED_VERSION.to_s }
+
+      it "returns false" do
+        expect(package_manager.unsupported?).to be false
+      end
+    end
+
+    context "when version is unsupported" do
+      let(:raw_version) { "1.1.38" }
+
+      it "returns true" do
+        expect(package_manager.unsupported?).to be true
+      end
+    end
+  end
+end