RubyGems - dependabot-cargo - Versions diffs - 0.306.0 → 0.309.0 - Mend

dependabot-cargo 0.306.0 → 0.309.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

checksums.yaml +4 -4
data/lib/dependabot/cargo/update_checker/latest_version_finder.rb +29 -18
data/lib/dependabot/cargo/update_checker.rb +10 -8
metadata +6 -9

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 72b4039f8ac30bc8421818e11b43de5d2d9997cd5fdb5a4e53bba00b3bc7df15
-  data.tar.gz: c4a81d07aecd06538167a7c628e17c4f1aea1e0214816e5a8aaf29cad9796dc3
+  metadata.gz: 1c4a5a9c8b93aa864400eba7d8e9f51fae3cce71fcd7ccd14c35686eeb23497b
+  data.tar.gz: fd5ec3bfc4c57378d7641727f6dfbc2b3bc801487ee383745e26e24ca9d2e244
 SHA512:
-  metadata.gz: 0730b405c1f82cecdd1f1efb647e6eea37420b9d241fe46c6225bd41dd329388bff05b007051e6f901e110b27cd567b8a5dbe7a86600056f5f78d6dd657a4155
-  data.tar.gz: eb7cfa179819ae14421be61f9c847d1e79c94590ba90b0063d74a6c314e7b56740a2d9a3b9ef54ca68abeae8c2de72079426702ef641da9293dd1a4eab5c0df2
+  metadata.gz: 55681667ecff17e2e2cbd9660a65c700b36d21714c9ee0201912d4071c1c1bea61c07d13a73baa125ff304fee0e31e63c0b7adb24bf0cd51d94d83ea80b426d9
+  data.tar.gz: efd51669f1c7643876b6a8dcd7f203f2daafe3b16e5a16d709edde5ca092d50fb750e0f66ed8a8a74501de05d9211986ae5831fbe50225f35e8b81c040c2791f

data/lib/dependabot/cargo/update_checker/latest_version_finder.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-# typed: true
+# typed: strict
 # frozen_string_literal: true
 require "excon"
@@ -15,17 +15,6 @@ module Dependabot
       class LatestVersionFinder < Dependabot::Package::PackageLatestVersionFinder
         extend T::Sig
-        def initialize(dependency:, dependency_files:, credentials:,
-                       ignored_versions:, raise_on_ignored: false,
-                       security_advisories:)
-          @dependency          = dependency
-          @dependency_files    = dependency_files
-          @credentials         = credentials
-          @ignored_versions    = ignored_versions
-          @raise_on_ignored    = raise_on_ignored
-          @security_advisories = security_advisories
-        end
         sig do
           override.returns(T.nilable(Dependabot::Package::PackageDetails))
         end
@@ -37,12 +26,20 @@ module Dependabot
           ).fetch
         end
-        def latest_version
-          @latest_version ||= fetch_latest_version
+        sig do
+          override.params(language_version: T.nilable(T.any(String, Dependabot::Version)))
+                  .returns(T.nilable(Dependabot::Version))
+        end
+        def latest_version(language_version: nil)
+          @latest_version ||= fetch_latest_version(language_version: language_version)
         end
-        def lowest_security_fix_version
-          @lowest_security_fix_version ||= fetch_lowest_security_fix_version(language_version: nil)
+        sig do
+          override.params(language_version: T.nilable(T.any(String, Dependabot::Version)))
+                  .returns(T.nilable(Dependabot::Version))
+        end
+        def lowest_security_fix_version(language_version: nil)
+          @lowest_security_fix_version ||= fetch_lowest_security_fix_version(language_version: language_version)
         end
         protected
@@ -57,16 +54,30 @@ module Dependabot
           end
         end
+        sig { override.returns(T::Boolean) }
+        def cooldown_enabled?
+          Dependabot::Experiments.enabled?(:enable_cooldown_for_cargo)
+        end
         private
+        sig { returns(Dependabot::Dependency) }
         attr_reader :dependency
+        sig { returns(T::Array[Dependabot::DependencyFile]) }
         attr_reader :dependency_files
+        sig { returns(T::Array[Dependabot::Credential]) }
         attr_reader :credentials
+        sig { returns(T::Array[String]) }
         attr_reader :ignored_versions
+        sig { returns(T::Array[Dependabot::SecurityAdvisory]) }
         attr_reader :security_advisories
-        def apply_post_fetch_lowest_security_fix_versions_filter(versions)
-          filter_prerelease_versions(versions)
+        sig do
+          override.params(releases: T::Array[Dependabot::Package::PackageRelease])
+                  .returns(T::Array[Dependabot::Package::PackageRelease])
+        end
+        def apply_post_fetch_lowest_security_fix_versions_filter(releases)
+          filter_prerelease_versions(releases)
         end
       end
     end

data/lib/dependabot/cargo/update_checker.rb CHANGED Viewed

@@ -116,14 +116,16 @@ module Dependabot
       end
       def latest_version_finder
-        @latest_version_finder ||= LatestVersionFinder.new(
-          dependency: dependency,
-          dependency_files: dependency_files,
-          credentials: credentials,
-          ignored_versions: ignored_versions,
-          raise_on_ignored: raise_on_ignored,
-          security_advisories: security_advisories
-        )
+        @latest_version_finder ||=
+          LatestVersionFinder.new(
+            dependency: dependency,
+            dependency_files: dependency_files,
+            credentials: credentials,
+            ignored_versions: ignored_versions,
+            security_advisories: security_advisories,
+            cooldown_options: update_cooldown,
+            raise_on_ignored: raise_on_ignored
+          )
       end
       def latest_version_for_git_dependency

metadata CHANGED Viewed

@@ -1,14 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-cargo
 version: !ruby/object:Gem::Version
-  version: 0.306.0
+  version: 0.309.0
 platform: ruby
 authors:
 - Dependabot
-autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-04-10 00:00:00.000000000 Z
+date: 2025-04-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +15,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.306.0
+        version: 0.309.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.306.0
+        version: 0.309.0
 - !ruby/object:Gem::Dependency
   name: debug
   requirement: !ruby/object:Gem::Requirement
@@ -266,8 +265,7 @@ licenses:
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.306.0
-post_install_message:
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.309.0
 rdoc_options: []
 require_paths:
 - lib
@@ -282,8 +280,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: 3.1.0
 requirements: []
-rubygems_version: 3.5.22
-signing_key:
+rubygems_version: 3.6.3
 specification_version: 4
 summary: Provides Dependabot support for Rust (Cargo)
 test_files: []