RubyGems - dependabot-bazel - Versions diffs - 0.351.0 → 0.352.0 - Mend

dependabot-bazel 0.351.0 → 0.352.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

checksums.yaml +4 -4
data/lib/dependabot/bazel/file_fetcher/include_extractor.rb +105 -0
data/lib/dependabot/bazel/file_fetcher.rb +63 -15
metadata +5 -4

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3719498872307185ea49214b1b7ac4d9be385e1f88de3dd475243e1e6828a43e
-  data.tar.gz: d4e6d299e8d7f66a35ef8dd53dc90b6d072cd7c4b7f26b3d1c5154ecb9434722
+  metadata.gz: cd981b081bfe5c8a8ac42323cd14af68ad628b9ea27b5b419d99ec1310bb92b2
+  data.tar.gz: abce68ad678338fb6c3694edad9aa2f5921632a686a317b61645490af9434dc9
 SHA512:
-  metadata.gz: 0e3ebcbd2e1d19c4d3bb1c27e3230ea5a881294891db33e8e844321157b31ff8a72f1fb7db198c5a5e4c8d3f1c3fcd137d42e5d8902099e5500c9609344749fd
-  data.tar.gz: 90609272d6e1707e079c13d3a2648c9dd85892207193dbb926fa8644fbfcd511deacc60b4c16b57dfd022b7b9445fe09fb5057d9e264d0f0695d686cabc5048d
+  metadata.gz: b3d9642e5a57c726d7a3ea48c57d6e18e54c7e5e3a709b4b5f4fff4d45dffd7e31e96460f86d2e1dbf02f240c05d664394035488a685add01f9323afbce1dc17
+  data.tar.gz: 37787ec309abb2c145663290224edc33921f3a9d79391d4f8db76f5ebd92fea2c59c5289641fb524012c19e1e25071c4decd3723f85bb7bccefc3d8d9fceff70

data/lib/dependabot/bazel/file_fetcher/include_extractor.rb ADDED Viewed

@@ -0,0 +1,105 @@
+# typed: strict
+# frozen_string_literal: true
+require "dependabot/bazel/file_fetcher"
+require "dependabot/bazel/file_fetcher/path_converter"
+require "sorbet-runtime"
+module Dependabot
+  module Bazel
+    class FileFetcher < Dependabot::FileFetchers::Base
+      # Extracts include() statements from MODULE.bazel files and fetches the included files.
+      # Bazel's include() directive allows splitting MODULE.bazel content across multiple files.
+      # The include() statement uses Bazel label syntax: include("//path:file.MODULE.bazel")
+      # See https://bazel.build/rules/lib/globals/module#include
+      class IncludeExtractor
+        extend T::Sig
+        sig do
+          params(
+            module_file: DependencyFile,
+            fetcher: FileFetcher
+          ).void
+        end
+        def initialize(module_file:, fetcher:)
+          @module_file = module_file
+          @fetcher = fetcher
+          @visited_files = T.let(Set.new, T::Set[String])
+        end
+        # Fetches all files included via include() statements, recursively.
+        sig { returns([T::Array[DependencyFile], T::Set[String]]) }
+        def fetch_included_files
+          files = T.let([], T::Array[DependencyFile])
+          directories = T.let(Set.new, T::Set[String])
+          content = T.must(@module_file.content)
+          include_paths = extract_include_paths(content)
+          include_paths.each do |path|
+            next if @visited_files.include?(path)
+            @visited_files.add(path)
+            fetched_file = @fetcher.send(:fetch_file_if_present, path)
+            next unless fetched_file
+            files << fetched_file
+            dir = File.dirname(path)
+            directories.add(dir) unless dir == "."
+            nested_files, nested_dirs = fetch_nested_includes(fetched_file)
+            files.concat(nested_files)
+            nested_dirs.each { |d| directories.add(d) }
+          end
+          [files, directories]
+        end
+        private
+        sig { returns(DependencyFile) }
+        attr_reader :module_file
+        sig { returns(FileFetcher) }
+        attr_reader :fetcher
+        sig { returns(T::Set[String]) }
+        attr_reader :visited_files
+        # Extracts file paths from include() statements.
+        # Only extracts workspace-relative paths (//...) and filters out external repositories.
+        sig { params(content: String).returns(T::Array[String]) }
+        def extract_include_paths(content)
+          paths = []
+          # Match include("//path:file") and include("//path/to:file.MODULE.bazel")
+          content.scan(%r{include\s*\(\s*"(//[^"]+)"}) do |match|
+            label = match[0]
+            path = PathConverter.label_to_path(label)
+            paths << path unless path.empty?
+          end
+          # Match include(":file") for same-directory includes
+          content.scan(/include\s*\(\s*"(:[^"]+)"/) do |match|
+            label = match[0]
+            context_dir = File.dirname(@module_file.name)
+            context_dir = nil if context_dir == "."
+            path = PathConverter.label_to_path(label, context_dir: context_dir)
+            paths << path unless path.empty?
+          end
+          paths.uniq
+        end
+        sig { params(included_file: DependencyFile).returns([T::Array[DependencyFile], T::Set[String]]) }
+        def fetch_nested_includes(included_file)
+          nested_extractor = IncludeExtractor.new(module_file: included_file, fetcher: @fetcher)
+          nested_extractor.instance_variable_set(:@visited_files, @visited_files)
+          nested_extractor.fetch_included_files
+        end
+      end
+    end
+  end
+end

data/lib/dependabot/bazel/file_fetcher.rb CHANGED Viewed

@@ -14,6 +14,7 @@ module Dependabot
       require_relative "file_fetcher/module_path_extractor"
       require_relative "file_fetcher/directory_tree_fetcher"
       require_relative "file_fetcher/downloader_config_fetcher"
+      require_relative "file_fetcher/include_extractor"
       WORKSPACE_FILES = T.let(%w(WORKSPACE WORKSPACE.bazel).freeze, T::Array[String])
       MODULE_FILE = T.let("MODULE.bazel", String)
@@ -126,35 +127,82 @@ module Dependabot
       # Fetches files referenced in MODULE.bazel and their associated BUILD files.
       # Bazel requires BUILD files to recognize directories as valid packages.
+      # Also fetches files included via include() statements.
       sig { returns(T::Array[DependencyFile]) }
       def referenced_files_from_modules
         files = T.let([], T::Array[DependencyFile])
         directories_with_files = T.let(Set.new, T::Set[String])
         local_override_directories = T.let(Set.new, T::Set[String])
+        included_module_files = fetch_included_module_files(directories_with_files)
+        files += included_module_files
+        all_module_files = module_files + included_module_files
+        all_module_files.each do |module_file|
+          module_refs = fetch_module_referenced_files(module_file, directories_with_files)
+          files += module_refs[:files]
+          module_refs[:local_override_dirs].each { |dir| local_override_directories.add(dir) }
+        end
         tree_fetcher = DirectoryTreeFetcher.new(fetcher: self)
+        files += tree_fetcher.fetch_build_files_for_directories(directories_with_files)
+        files += fetch_local_override_directory_trees(local_override_directories)
-        module_files.each do |module_file|
-          extractor = ModulePathExtractor.new(module_file: module_file)
-          file_paths, directory_paths = extractor.extract_paths
+        files
+      end
-          bzl_fetcher = BzlFileFetcher.new(module_file: module_file, fetcher: self)
-          bzl_files = bzl_fetcher.fetch_bzl_files
+      # Fetches files referenced by a single MODULE.bazel file.
+      sig do
+        params(
+          module_file: DependencyFile,
+          directories_with_files: T::Set[String]
+        ).returns(T::Hash[Symbol, T.untyped])
+      end
+      def fetch_module_referenced_files(module_file, directories_with_files)
+        files = T.let([], T::Array[DependencyFile])
+        local_override_dirs = T.let([], T::Array[String])
-          bzl_files.each do |file|
-            dir = File.dirname(file.name)
-            directories_with_files.add(dir) unless dir == "."
-          end
+        extractor = ModulePathExtractor.new(module_file: module_file)
+        file_paths, directory_paths = extractor.extract_paths
-          files += bzl_files
-          files += fetch_paths_and_track_directories(file_paths, directories_with_files)
+        bzl_fetcher = BzlFileFetcher.new(module_file: module_file, fetcher: self)
+        bzl_files = bzl_fetcher.fetch_bzl_files
-          directory_paths.each { |dir| local_override_directories.add(dir) unless dir == "." }
+        bzl_files.each do |file|
+          dir = File.dirname(file.name)
+          directories_with_files.add(dir) unless dir == "."
         end
-        files += tree_fetcher.fetch_build_files_for_directories(directories_with_files)
-        files += fetch_local_override_directory_trees(local_override_directories)
+        files += bzl_files
+        files += fetch_paths_and_track_directories(file_paths, directories_with_files)
-        files
+        directory_paths.each { |dir| local_override_dirs << dir unless dir == "." }
+        { files: files, local_override_dirs: local_override_dirs }
+      end
+      # Fetches all files included via include() statements from module files.
+      sig { params(directories: T::Set[String]).returns(T::Array[DependencyFile]) }
+      def fetch_included_module_files(directories)
+        included_files = T.let([], T::Array[DependencyFile])
+        visited = T.let(Set.new, T::Set[String])
+        module_files.each do |module_file|
+          visited.add(module_file.name)
+          include_extractor = IncludeExtractor.new(module_file: module_file, fetcher: self)
+          new_files, include_dirs = include_extractor.fetch_included_files
+          new_files.each do |file|
+            unless visited.include?(file.name)
+              included_files << file
+              visited.add(file.name)
+            end
+          end
+          include_dirs.each { |dir| directories.add(dir) }
+        end
+        included_files
       end
       # Fetches files and tracks their directories for BUILD file resolution.

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-bazel
 version: !ruby/object:Gem::Version
-  version: 0.351.0
+  version: 0.352.0
 platform: ruby
 authors:
 - Dependabot
@@ -15,14 +15,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.351.0
+        version: 0.352.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.351.0
+        version: 0.352.0
 - !ruby/object:Gem::Dependency
   name: debug
   requirement: !ruby/object:Gem::Requirement
@@ -246,6 +246,7 @@ files:
 - lib/dependabot/bazel/file_fetcher/bzl_file_fetcher.rb
 - lib/dependabot/bazel/file_fetcher/directory_tree_fetcher.rb
 - lib/dependabot/bazel/file_fetcher/downloader_config_fetcher.rb
+- lib/dependabot/bazel/file_fetcher/include_extractor.rb
 - lib/dependabot/bazel/file_fetcher/module_path_extractor.rb
 - lib/dependabot/bazel/file_fetcher/path_converter.rb
 - lib/dependabot/bazel/file_parser.rb
@@ -268,7 +269,7 @@ licenses:
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.351.0
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.352.0
 rdoc_options: []
 require_paths:
 - lib