dependabot-cargo 0.230.0 → 0.232.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (16) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/cargo/file_fetcher.rb +11 -10
  3. data/lib/dependabot/cargo/file_parser.rb +12 -11
  4. data/lib/dependabot/cargo/file_updater/lockfile_updater.rb +27 -26
  5. data/lib/dependabot/cargo/file_updater/manifest_updater.rb +21 -20
  6. data/lib/dependabot/cargo/file_updater.rb +4 -3
  7. data/lib/dependabot/cargo/metadata_finder.rb +3 -2
  8. data/lib/dependabot/cargo/requirement.rb +3 -2
  9. data/lib/dependabot/cargo/update_checker/file_preparer.rb +20 -19
  10. data/lib/dependabot/cargo/update_checker/latest_version_finder.rb +9 -8
  11. data/lib/dependabot/cargo/update_checker/requirements_updater.rb +1 -0
  12. data/lib/dependabot/cargo/update_checker/version_resolver.rb +28 -27
  13. data/lib/dependabot/cargo/update_checker.rb +1 -0
  14. data/lib/dependabot/cargo/version.rb +1 -0
  15. data/lib/dependabot/cargo.rb +3 -2
  16. metadata +19 -5
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f1f7cc5e7bda4697ce73beb878b869af17e33df143fbf3c4a1dfe74ac6992ca3
4
- data.tar.gz: 32c54092ee85bb52a242654e9d7ae5fe37fd64bfdf88968e09c39b9c8ecc0273
3
+ metadata.gz: 31aded81a11f053add62fa9b25828784db4bd046b00e7b1ba87d497e6c572933
4
+ data.tar.gz: 0cda07722f350cf6ad0c0f73c5de7d530891b1577acb98e1979674c1e7b5eecf
5
5
  SHA512:
6
- metadata.gz: 82cb376ac5ef8281c196b6a4d722ad12b691d0b1d2b9572dc5a38ad0e7f7b948d7b79f5defe0ced9957c9044bf0c0672775999c94a77db63429ddb66c0bca572
7
- data.tar.gz: 9477da719bd18165aad6de55ddf9f52528bf6ef2dcfaccafb6fd01373229a705b16c287d61ea23b133eab39e478c2a2517d12426816d07779f3965ae154949d9
6
+ metadata.gz: bc111bbdfedf502a85486aed8543117fac358c66cd2404ad4ce5f26ef779f4316398638190b1adac17fe9f4527d3dc94c639bafea1470b640288eca739007969
7
+ data.tar.gz: 83d577dd0a2d6c1c8d8120c37a8e0a9581794168598454fd82e544b1d3f23ef1dd6b5e56a0e8638f5419d1fa47d1d3803f92c3a66e76153368ff462047194042
data/lib/dependabot/cargo/file_fetcher.rb CHANGED
@@ -1,3 +1,4 @@
1
+ # typed: false
1
2
  # frozen_string_literal: true
2
3
 
3
4
  require "pathname"
@@ -58,8 +59,8 @@ module Dependabot
58
59
 
59
60
  updated_files = fetched_files.reject(&:support_file?).uniq
60
61
  updated_files +=
61
- fetched_files.uniq.
62
- reject { |f| updated_files.map(&:name).include?(f.name) }
62
+ fetched_files.uniq
63
+ .reject { |f| updated_files.map(&:name).include?(f.name) }
63
64
 
64
65
  return updated_files if updated_files == files
65
66
 
@@ -131,8 +132,8 @@ module Dependabot
131
132
  next if previously_fetched_files.map(&:name).include?(path)
132
133
  next if file.name == path
133
134
 
134
- fetched_file = fetch_file_from_host(path, fetch_submodules: true).
135
- tap { |f| f.support_file = true }
135
+ fetched_file = fetch_file_from_host(path, fetch_submodules: true)
136
+ .tap { |f| f.support_file = true }
136
137
  previously_fetched_files << fetched_file
137
138
  grandchild_requirement_files =
138
139
  fetch_path_dependency_files(
@@ -295,10 +296,10 @@ module Dependabot
295
296
  dir = directory.gsub(%r{(^/|/$)}, "")
296
297
  unglobbed_path = path.split("*").first.gsub(%r{(?<=/)[^/]*$}, "")
297
298
 
298
- repo_contents(dir: unglobbed_path, raise_errors: false).
299
- select { |file| file.type == "dir" }.
300
- map { |f| f.path.gsub(%r{^/?#{Regexp.escape(dir)}/?}, "") }.
301
- select { |filename| File.fnmatch?(path, filename) }
299
+ repo_contents(dir: unglobbed_path, raise_errors: false)
300
+ .select { |file| file.type == "dir" }
301
+ .map { |f| f.path.gsub(%r{^/?#{Regexp.escape(dir)}/?}, "") }
302
+ .select { |filename| File.fnmatch?(path, filename) }
302
303
  end
303
304
 
304
305
  def parsed_file(file)
@@ -325,8 +326,8 @@ module Dependabot
325
326
  # Per https://rust-lang.github.io/rustup/overrides.html the file can
326
327
  # have a `.toml` extension, but the non-extension version is preferred.
327
328
  # Renaming here to simplify finding it later in the code.
328
- @rust_toolchain ||= fetch_support_file("rust-toolchain.toml")&.
329
- tap { |f| f.name = "rust-toolchain" }
329
+ @rust_toolchain ||= fetch_support_file("rust-toolchain.toml")
330
+ &.tap { |f| f.name = "rust-toolchain" }
330
331
  end
331
332
  end
332
333
  end
data/lib/dependabot/cargo/file_parser.rb CHANGED
@@ -1,3 +1,4 @@
1
+ # typed: true
1
2
  # frozen_string_literal: true
2
3
 
3
4
  require "toml-rb"
@@ -169,26 +170,26 @@ module Dependabot
169
170
  return unless lockfile
170
171
 
171
172
  candidate_packages =
172
- parsed_file(lockfile).fetch("package", []).
173
- select { |p| p["name"] == name }
173
+ parsed_file(lockfile).fetch("package", [])
174
+ .select { |p| p["name"] == name }
174
175
 
175
176
  if (req = requirement_from_declaration(declaration))
176
177
  req = Cargo::Requirement.new(req)
177
178
 
178
179
  candidate_packages =
179
- candidate_packages.
180
- select { |p| req.satisfied_by?(version_class.new(p["version"])) }
180
+ candidate_packages
181
+ .select { |p| req.satisfied_by?(version_class.new(p["version"])) }
181
182
  end
182
183
 
183
184
  candidate_packages =
184
- candidate_packages.
185
- select do |p|
185
+ candidate_packages
186
+ .select do |p|
186
187
  git_req?(declaration) ^ !p["source"]&.start_with?("git+")
187
188
  end
188
189
 
189
190
  package =
190
- candidate_packages.
191
- max_by { |p| version_class.new(p["version"]) }
191
+ candidate_packages
192
+ .max_by { |p| version_class.new(p["version"]) }
192
193
 
193
194
  return unless package
194
195
 
@@ -227,9 +228,9 @@ module Dependabot
227
228
 
228
229
  def manifest_files
229
230
  @manifest_files ||=
230
- dependency_files.
231
- select { |f| f.name.end_with?("Cargo.toml") }.
232
- reject(&:support_file?)
231
+ dependency_files
232
+ .select { |f| f.name.end_with?("Cargo.toml") }
233
+ .reject(&:support_file?)
233
234
  end
234
235
 
235
236
  def lockfile
data/lib/dependabot/cargo/file_updater/lockfile_updater.rb CHANGED
@@ -1,3 +1,4 @@
1
+ # typed: true
1
2
  # frozen_string_literal: true
2
3
 
3
4
  require "toml-rb"
@@ -72,8 +73,8 @@ module Dependabot
72
73
  return false if @custom_specification
73
74
  return false unless error.message.match?(/specification .* is ambigu/)
74
75
 
75
- spec_options = error.message.gsub(/.*following:\n/m, "").
76
- lines.map(&:strip)
76
+ spec_options = error.message.gsub(/.*following:\n/m, "")
77
+ .lines.map(&:strip)
77
78
 
78
79
  ver = if git_dependency? && git_previous_version
79
80
  git_previous_version
@@ -116,17 +117,17 @@ module Dependabot
116
117
  end
117
118
 
118
119
  def git_previous_version
119
- TomlRB.parse(lockfile.content).
120
- fetch("package", []).
121
- select { |p| p["name"] == dependency.name }.
122
- find { |p| p["source"].end_with?(dependency.previous_version) }.
123
- fetch("version")
120
+ TomlRB.parse(lockfile.content)
121
+ .fetch("package", [])
122
+ .select { |p| p["name"] == dependency.name }
123
+ .find { |p| p["source"].end_with?(dependency.previous_version) }
124
+ .fetch("version")
124
125
  end
125
126
 
126
127
  def git_source_url
127
- dependency.previous_requirements.
128
- find { |r| r.dig(:source, :type) == "git" }&.
129
- dig(:source, :url)
128
+ dependency.previous_requirements
129
+ .find { |r| r.dig(:source, :type) == "git" }
130
+ &.dig(:source, :url)
130
131
  end
131
132
 
132
133
  def desired_lockfile_content
@@ -325,11 +326,11 @@ module Dependabot
325
326
  lockfile_content.scan(LOCKFILE_ENTRY_REGEX) do
326
327
  lockfile_entries << Regexp.last_match.to_s
327
328
  end
328
- lockfile_entries.
329
- select { |e| lockfile_entries.count(e) > 1 }.uniq.
330
- each do |entry|
331
- (lockfile_entries.count(entry) - 1).
332
- times { lockfile_content = lockfile_content.sub(entry, "") }
329
+ lockfile_entries
330
+ .select { |e| lockfile_entries.count(e) > 1 }.uniq
331
+ .each do |entry|
332
+ (lockfile_entries.count(entry) - 1)
333
+ .times { lockfile_content = lockfile_content.sub(entry, "") }
333
334
  end
334
335
 
335
336
  # Loop through the lockfile checksums looking for duplicates. Replace
@@ -338,11 +339,11 @@ module Dependabot
338
339
  lockfile_content.scan(LOCKFILE_CHECKSUM_REGEX) do
339
340
  lockfile_checksums << Regexp.last_match.to_s
340
341
  end
341
- lockfile_checksums.
342
- select { |e| lockfile_checksums.count(e) > 1 }.uniq.
343
- each do |cs|
344
- (lockfile_checksums.count(cs) - 1).
345
- times { lockfile_content = lockfile_content.sub("\n#{cs}", "") }
342
+ lockfile_checksums
343
+ .select { |e| lockfile_checksums.count(e) > 1 }.uniq
344
+ .each do |cs|
345
+ (lockfile_checksums.count(cs) - 1)
346
+ .times { lockfile_content = lockfile_content.sub("\n#{cs}", "") }
346
347
  end
347
348
 
348
349
  lockfile_content
@@ -361,16 +362,16 @@ module Dependabot
361
362
 
362
363
  def manifest_files
363
364
  @manifest_files ||=
364
- dependency_files.
365
- select { |f| f.name.end_with?("Cargo.toml") }.
366
- reject(&:support_file?)
365
+ dependency_files
366
+ .select { |f| f.name.end_with?("Cargo.toml") }
367
+ .reject(&:support_file?)
367
368
  end
368
369
 
369
370
  def path_dependency_files
370
371
  @path_dependency_files ||=
371
- dependency_files.
372
- select { |f| f.name.end_with?("Cargo.toml") }.
373
- select(&:support_file?)
372
+ dependency_files
373
+ .select { |f| f.name.end_with?("Cargo.toml") }
374
+ .select(&:support_file?)
374
375
  end
375
376
 
376
377
  def lockfile
data/lib/dependabot/cargo/file_updater/manifest_updater.rb CHANGED
@@ -1,3 +1,4 @@
1
+ # typed: true
1
2
  # frozen_string_literal: true
2
3
 
3
4
  require "dependabot/cargo/file_updater"
@@ -12,9 +13,9 @@ module Dependabot
12
13
  end
13
14
 
14
15
  def updated_manifest_content
15
- dependencies.
16
- select { |dep| requirement_changed?(manifest, dep) }.
17
- reduce(manifest.content.dup) do |content, dep|
16
+ dependencies
17
+ .select { |dep| requirement_changed?(manifest, dep) }
18
+ .reduce(manifest.content.dup) do |content, dep|
18
19
  updated_content = content
19
20
 
20
21
  updated_content = update_requirements(
@@ -51,9 +52,9 @@ module Dependabot
51
52
 
52
53
  # The UpdateChecker ensures the order of requirements is preserved
53
54
  # when updating, so we can zip them together in new/old pairs.
54
- reqs = dependency.requirements.
55
- zip(dependency.previous_requirements).
56
- reject { |new_req, old_req| new_req == old_req }
55
+ reqs = dependency.requirements
56
+ .zip(dependency.previous_requirements)
57
+ .reject { |new_req, old_req| new_req == old_req }
57
58
 
58
59
  # Loop through each changed requirement
59
60
  reqs.each do |new_req, old_req|
@@ -74,14 +75,14 @@ module Dependabot
74
75
 
75
76
  def update_git_pin(content:, filename:, dependency:)
76
77
  updated_pin =
77
- dependency.requirements.
78
- find { |r| r[:file] == filename }&.
79
- dig(:source, :ref)
78
+ dependency.requirements
79
+ .find { |r| r[:file] == filename }
80
+ &.dig(:source, :ref)
80
81
 
81
82
  old_pin =
82
- dependency.previous_requirements.
83
- find { |r| r[:file] == filename }&.
84
- dig(:source, :ref)
83
+ dependency.previous_requirements
84
+ .find { |r| r[:file] == filename }
85
+ &.dig(:source, :ref)
85
86
 
86
87
  return content unless old_pin
87
88
 
@@ -94,8 +95,8 @@ module Dependabot
94
95
  end
95
96
 
96
97
  def update_manifest_req(content:, dep:, old_req:, new_req:)
97
- simple_declaration = content.scan(declaration_regex(dep)).
98
- find { |m| m.include?(old_req) }
98
+ simple_declaration = content.scan(declaration_regex(dep))
99
+ .find { |m| m.include?(old_req) }
99
100
 
100
101
  if simple_declaration
101
102
  simple_declaration_regex =
@@ -106,8 +107,8 @@ module Dependabot
106
107
  end
107
108
  elsif content.match?(feature_declaration_version_regex(dep))
108
109
  content.gsub(feature_declaration_version_regex(dep)) do |part|
109
- line = content.match(feature_declaration_version_regex(dep)).
110
- named_captures.fetch("version_declaration")
110
+ line = content.match(feature_declaration_version_regex(dep))
111
+ .named_captures.fetch("version_declaration")
111
112
  new_line = line.gsub(old_req, new_req)
112
113
  part.gsub(line, new_line)
113
114
  end
@@ -117,8 +118,8 @@ module Dependabot
117
118
  end
118
119
 
119
120
  def update_manifest_pin(content:, dep:, old_pin:, new_pin:)
120
- simple_declaration = content.scan(declaration_regex(dep)).
121
- find { |m| m.include?(old_pin) }
121
+ simple_declaration = content.scan(declaration_regex(dep))
122
+ .find { |m| m.include?(old_pin) }
122
123
 
123
124
  if simple_declaration
124
125
  simple_declaration_regex =
@@ -128,8 +129,8 @@ module Dependabot
128
129
  end
129
130
  elsif content.match?(feature_declaration_pin_regex(dep))
130
131
  content.gsub(feature_declaration_pin_regex(dep)) do |part|
131
- line = content.match(feature_declaration_pin_regex(dep)).
132
- named_captures.fetch("pin_declaration")
132
+ line = content.match(feature_declaration_pin_regex(dep))
133
+ .named_captures.fetch("pin_declaration")
133
134
  new_line = line.gsub(old_pin, new_pin)
134
135
  part.gsub(line, new_line)
135
136
  end
data/lib/dependabot/cargo/file_updater.rb CHANGED
@@ -1,3 +1,4 @@
1
+ # typed: true
1
2
  # frozen_string_literal: true
2
3
 
3
4
  require "toml-rb"
@@ -68,9 +69,9 @@ module Dependabot
68
69
 
69
70
  def manifest_files
70
71
  @manifest_files ||=
71
- dependency_files.
72
- select { |f| f.name.end_with?("Cargo.toml") }.
73
- reject(&:support_file?)
72
+ dependency_files
73
+ .select { |f| f.name.end_with?("Cargo.toml") }
74
+ .reject(&:support_file?)
74
75
  end
75
76
 
76
77
  def lockfile
data/lib/dependabot/cargo/metadata_finder.rb CHANGED
@@ -1,3 +1,4 @@
1
+ # typed: true
1
2
  # frozen_string_literal: true
2
3
 
3
4
  require "excon"
@@ -26,8 +27,8 @@ module Dependabot
26
27
 
27
28
  def find_source_from_crates_listing
28
29
  potential_source_urls =
29
- SOURCE_KEYS.
30
- filter_map { |key| crates_listing.dig("crate", key) }
30
+ SOURCE_KEYS
31
+ .filter_map { |key| crates_listing.dig("crate", key) }
31
32
 
32
33
  source_url = potential_source_urls.find { |url| Source.from_url(url) }
33
34
  Source.from_url(source_url)
data/lib/dependabot/cargo/requirement.rb CHANGED
@@ -1,3 +1,4 @@
1
+ # typed: true
1
2
  # frozen_string_literal: true
2
3
 
3
4
  ################################################################################
@@ -104,5 +105,5 @@ module Dependabot
104
105
  end
105
106
  end
106
107
 
107
- Dependabot::Utils.
108
- register_requirement_class("cargo", Dependabot::Cargo::Requirement)
108
+ Dependabot::Utils
109
+ .register_requirement_class("cargo", Dependabot::Cargo::Requirement)
data/lib/dependabot/cargo/update_checker/file_preparer.rb CHANGED
@@ -1,3 +1,4 @@
1
+ # typed: true
1
2
  # frozen_string_literal: true
2
3
 
3
4
  require "toml-rb"
@@ -167,8 +168,8 @@ module Dependabot
167
168
  next unless details.is_a?(Hash)
168
169
  next unless details["git"]
169
170
 
170
- details["git"] = details["git"].
171
- gsub(%r{ssh://git@(.*?)/}, 'https://\1/')
171
+ details["git"] = details["git"]
172
+ .gsub(%r{ssh://git@(.*?)/}, 'https://\1/')
172
173
  end
173
174
  end
174
175
 
@@ -176,9 +177,9 @@ module Dependabot
176
177
  end
177
178
 
178
179
  def temporary_requirement_for_resolution(filename)
179
- original_req = dependency.requirements.
180
- find { |r| r.fetch(:file) == filename }&.
181
- fetch(:requirement)
180
+ original_req = dependency.requirements
181
+ .find { |r| r.fetch(:file) == filename }
182
+ &.fetch(:requirement)
182
183
 
183
184
  lower_bound_req =
184
185
  if original_req && !unlock_requirement?
@@ -206,12 +207,12 @@ module Dependabot
206
207
  dependency.version
207
208
  else
208
209
  version_from_requirement =
209
- dependency.requirements.filter_map { |r| r.fetch(:requirement) }.
210
- flat_map { |req_str| Cargo::Requirement.new(req_str) }.
211
- flat_map(&:requirements).
212
- reject { |req_array| req_array.first.start_with?("<") }.
213
- map(&:last).
214
- max&.to_s
210
+ dependency.requirements.filter_map { |r| r.fetch(:requirement) }
211
+ .flat_map { |req_str| Cargo::Requirement.new(req_str) }
212
+ .flat_map(&:requirements)
213
+ .reject { |req_array| req_array.first.start_with?("<") }
214
+ .map(&:last)
215
+ .max&.to_s
215
216
 
216
217
  version_from_requirement || 0
217
218
  end
@@ -221,11 +222,11 @@ module Dependabot
221
222
  def git_dependency_version
222
223
  return unless lockfile
223
224
 
224
- TomlRB.parse(lockfile.content).
225
- fetch("package", []).
226
- select { |p| p["name"] == dependency.name }.
227
- find { |p| p["source"].end_with?(dependency.version) }.
228
- fetch("version")
225
+ TomlRB.parse(lockfile.content)
226
+ .fetch("package", [])
227
+ .select { |p| p["name"] == dependency.name }
228
+ .find { |p| p["source"].end_with?(dependency.version) }
229
+ .fetch("version")
229
230
  end
230
231
 
231
232
  def dependency_names_for_type(parsed_manifest, type)
@@ -274,9 +275,9 @@ module Dependabot
274
275
  end
275
276
 
276
277
  def git_dependency?
277
- GitCommitChecker.
278
- new(dependency: dependency, credentials: []).
279
- git_dependency?
278
+ GitCommitChecker
279
+ .new(dependency: dependency, credentials: [])
280
+ .git_dependency?
280
281
  end
281
282
  end
282
283
  end
data/lib/dependabot/cargo/update_checker/latest_version_finder.rb CHANGED
@@ -1,3 +1,4 @@
1
+ # typed: true
1
2
  # frozen_string_literal: true
2
3
 
3
4
  require "excon"
@@ -58,8 +59,8 @@ module Dependabot
58
59
  end
59
60
 
60
61
  def filter_ignored_versions(versions_array)
61
- filtered = versions_array.
62
- reject { |v| ignore_requirements.any? { |r| r.satisfied_by?(v) } }
62
+ filtered = versions_array
63
+ .reject { |v| ignore_requirements.any? { |r| r.satisfied_by?(v) } }
63
64
  if @raise_on_ignored && filter_lower_versions(filtered).empty? && filter_lower_versions(versions_array).any?
64
65
  raise Dependabot::AllVersionsIgnored
65
66
  end
@@ -70,15 +71,15 @@ module Dependabot
70
71
  def filter_lower_versions(versions_array)
71
72
  return versions_array unless dependency.numeric_version
72
73
 
73
- versions_array.
74
- select { |version| version > dependency.numeric_version }
74
+ versions_array
75
+ .select { |version| version > dependency.numeric_version }
75
76
  end
76
77
 
77
78
  def available_versions
78
- crates_listing.
79
- fetch("versions", []).
80
- reject { |v| v["yanked"] }.
81
- map { |v| version_class.new(v.fetch("num")) }
79
+ crates_listing
80
+ .fetch("versions", [])
81
+ .reject { |v| v["yanked"] }
82
+ .map { |v| version_class.new(v.fetch("num")) }
82
83
  end
83
84
 
84
85
  def crates_listing
data/lib/dependabot/cargo/update_checker/requirements_updater.rb CHANGED
@@ -1,3 +1,4 @@
1
+ # typed: true
1
2
  # frozen_string_literal: true
2
3
 
3
4
  ################################################################################
data/lib/dependabot/cargo/update_checker/version_resolver.rb CHANGED
@@ -1,3 +1,4 @@
1
+ # typed: true
1
2
  # frozen_string_literal: true
2
3
 
3
4
  require "toml-rb"
@@ -61,8 +62,8 @@ module Dependabot
61
62
  def fetch_version_from_new_lockfile
62
63
  check_rust_workspace_root unless File.exist?("Cargo.lock")
63
64
  lockfile_content = File.read("Cargo.lock")
64
- versions = TomlRB.parse(lockfile_content).fetch("package").
65
- select { |p| p["name"] == dependency.name }
65
+ versions = TomlRB.parse(lockfile_content).fetch("package")
66
+ .select { |p| p["name"] == dependency.name }
66
67
 
67
68
  updated_version =
68
69
  if dependency.top_level?
@@ -87,8 +88,8 @@ module Dependabot
87
88
  return false if @custom_specification
88
89
  return false unless error.message.match?(/specification .* is ambigu/)
89
90
 
90
- spec_options = error.message.gsub(/.*following:\n/m, "").
91
- lines.map(&:strip)
91
+ spec_options = error.message.gsub(/.*following:\n/m, "")
92
+ .lines.map(&:strip)
92
93
 
93
94
  ver = if git_dependency? && git_dependency_version
94
95
  git_dependency_version
@@ -168,9 +169,9 @@ module Dependabot
168
169
  end
169
170
 
170
171
  def check_rust_workspace_root
171
- cargo_toml = original_dependency_files.
172
- select { |f| f.name.end_with?("../Cargo.toml") }.
173
- max_by { |f| f.name.length }
172
+ cargo_toml = original_dependency_files
173
+ .select { |f| f.name.end_with?("../Cargo.toml") }
174
+ .max_by { |f| f.name.length }
174
175
  return unless TomlRB.parse(cargo_toml.content)["workspace"]
175
176
 
176
177
  msg = "This project is part of a Rust workspace but is not the " \
@@ -199,8 +200,8 @@ module Dependabot
199
200
  urls = unreachable_git_urls
200
201
 
201
202
  if urls.none?
202
- url = error.message.match(UNABLE_TO_UPDATE).
203
- named_captures.fetch("url").split(/[#?]/).first
203
+ url = error.message.match(UNABLE_TO_UPDATE)
204
+ .named_captures.fetch("url").split(/[#?]/).first
204
205
  raise if reachable_git_urls.include?(url)
205
206
 
206
207
  urls << url
@@ -266,8 +267,8 @@ module Dependabot
266
267
  )
267
268
  next unless checker.git_dependency?
268
269
 
269
- url = dep.requirements.find { |r| r.dig(:source, :type) == "git" }.
270
- fetch(:source).fetch(:url)
270
+ url = dep.requirements.find { |r| r.dig(:source, :type) == "git" }
271
+ .fetch(:source).fetch(:url)
271
272
 
272
273
  if checker.git_repo_reachable?
273
274
  @reachable_git_urls << url
@@ -356,17 +357,17 @@ module Dependabot
356
357
  def git_dependency_version
357
358
  return unless lockfile
358
359
 
359
- TomlRB.parse(lockfile.content).
360
- fetch("package", []).
361
- select { |p| p["name"] == dependency.name }.
362
- find { |p| p["source"].end_with?(dependency.version) }.
363
- fetch("version")
360
+ TomlRB.parse(lockfile.content)
361
+ .fetch("package", [])
362
+ .select { |p| p["name"] == dependency.name }
363
+ .find { |p| p["source"].end_with?(dependency.version) }
364
+ .fetch("version")
364
365
  end
365
366
 
366
367
  def git_source_url
367
- dependency.requirements.
368
- find { |r| r.dig(:source, :type) == "git" }&.
369
- dig(:source, :url)
368
+ dependency.requirements
369
+ .find { |r| r.dig(:source, :type) == "git" }
370
+ &.dig(:source, :url)
370
371
  end
371
372
 
372
373
  def dummy_app_content
@@ -391,24 +392,24 @@ module Dependabot
391
392
 
392
393
  def prepared_manifest_files
393
394
  @prepared_manifest_files ||=
394
- prepared_dependency_files.
395
- select { |f| f.name.end_with?("Cargo.toml") }
395
+ prepared_dependency_files
396
+ .select { |f| f.name.end_with?("Cargo.toml") }
396
397
  end
397
398
 
398
399
  def original_manifest_files
399
400
  @original_manifest_files ||=
400
- original_dependency_files.
401
- select { |f| f.name.end_with?("Cargo.toml") }
401
+ original_dependency_files
402
+ .select { |f| f.name.end_with?("Cargo.toml") }
402
403
  end
403
404
 
404
405
  def lockfile
405
- @lockfile ||= prepared_dependency_files.
406
- find { |f| f.name == "Cargo.lock" }
406
+ @lockfile ||= prepared_dependency_files
407
+ .find { |f| f.name == "Cargo.lock" }
407
408
  end
408
409
 
409
410
  def toolchain
410
- @toolchain ||= prepared_dependency_files.
411
- find { |f| f.name == "rust-toolchain" }
411
+ @toolchain ||= prepared_dependency_files
412
+ .find { |f| f.name == "rust-toolchain" }
412
413
  end
413
414
 
414
415
  def git_dependency?
data/lib/dependabot/cargo/update_checker.rb CHANGED
@@ -1,3 +1,4 @@
1
+ # typed: true
1
2
  # frozen_string_literal: true
2
3
 
3
4
  require "dependabot/git_commit_checker"
data/lib/dependabot/cargo/version.rb CHANGED
@@ -1,3 +1,4 @@
1
+ # typed: true
1
2
  # frozen_string_literal: true
2
3
 
3
4
  require "dependabot/version"
data/lib/dependabot/cargo.rb CHANGED
@@ -1,3 +1,4 @@
1
+ # typed: true
1
2
  # frozen_string_literal: true
2
3
 
3
4
  # These all need to be required so the various classes can be registered in a
@@ -11,8 +12,8 @@ require "dependabot/cargo/requirement"
11
12
  require "dependabot/cargo/version"
12
13
 
13
14
  require "dependabot/pull_request_creator/labeler"
14
- Dependabot::PullRequestCreator::Labeler.
15
- register_label_details("cargo", name: "rust", colour: "000000")
15
+ Dependabot::PullRequestCreator::Labeler
16
+ .register_label_details("cargo", name: "rust", colour: "000000")
16
17
 
17
18
  require "dependabot/dependency"
18
19
  Dependabot::Dependency.register_production_check("cargo", ->(_) { true })
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-cargo
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.230.0
4
+ version: 0.232.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-09-08 00:00:00.000000000 Z
11
+ date: 2023-09-14 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.230.0
19
+ version: 0.232.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.230.0
26
+ version: 0.232.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -136,6 +136,20 @@ dependencies:
136
136
  - - "~>"
137
137
  - !ruby/object:Gem::Version
138
138
  version: 1.19.0
139
+ - !ruby/object:Gem::Dependency
140
+ name: rubocop-sorbet
141
+ requirement: !ruby/object:Gem::Requirement
142
+ requirements:
143
+ - - "~>"
144
+ - !ruby/object:Gem::Version
145
+ version: 0.7.3
146
+ type: :development
147
+ prerelease: false
148
+ version_requirements: !ruby/object:Gem::Requirement
149
+ requirements:
150
+ - - "~>"
151
+ - !ruby/object:Gem::Version
152
+ version: 0.7.3
139
153
  - !ruby/object:Gem::Dependency
140
154
  name: stackprof
141
155
  requirement: !ruby/object:Gem::Requirement
@@ -205,7 +219,7 @@ licenses:
205
219
  - Nonstandard
206
220
  metadata:
207
221
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
208
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.230.0
222
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.232.0
209
223
  post_install_message:
210
224
  rdoc_options: []
211
225
  require_paths: