dependabot-common 0.230.0 → 0.231.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (74) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/clients/azure.rb +4 -3
  3. data/lib/dependabot/clients/bitbucket.rb +4 -3
  4. data/lib/dependabot/clients/bitbucket_with_retries.rb +4 -3
  5. data/lib/dependabot/clients/codecommit.rb +6 -5
  6. data/lib/dependabot/clients/github_with_retries.rb +11 -10
  7. data/lib/dependabot/clients/gitlab_with_retries.rb +11 -10
  8. data/lib/dependabot/config/file.rb +1 -0
  9. data/lib/dependabot/config/file_fetcher.rb +1 -0
  10. data/lib/dependabot/config/ignore_condition.rb +1 -0
  11. data/lib/dependabot/config/update_config.rb +10 -9
  12. data/lib/dependabot/config.rb +1 -0
  13. data/lib/dependabot/dependency.rb +11 -10
  14. data/lib/dependabot/dependency_file.rb +1 -0
  15. data/lib/dependabot/dependency_group.rb +1 -0
  16. data/lib/dependabot/errors.rb +1 -0
  17. data/lib/dependabot/experiments.rb +1 -0
  18. data/lib/dependabot/file_fetchers/base.rb +27 -26
  19. data/lib/dependabot/file_fetchers.rb +1 -0
  20. data/lib/dependabot/file_parsers/base/dependency_set.rb +1 -0
  21. data/lib/dependabot/file_parsers/base.rb +1 -0
  22. data/lib/dependabot/file_parsers.rb +1 -0
  23. data/lib/dependabot/file_updaters/artifact_updater.rb +1 -0
  24. data/lib/dependabot/file_updaters/base.rb +1 -0
  25. data/lib/dependabot/file_updaters/vendor_updater.rb +1 -0
  26. data/lib/dependabot/file_updaters.rb +1 -0
  27. data/lib/dependabot/git_commit_checker.rb +22 -21
  28. data/lib/dependabot/git_metadata_fetcher.rb +13 -12
  29. data/lib/dependabot/logger.rb +1 -0
  30. data/lib/dependabot/metadata_finders/base/changelog_finder.rb +26 -25
  31. data/lib/dependabot/metadata_finders/base/changelog_pruner.rb +2 -1
  32. data/lib/dependabot/metadata_finders/base/commits_finder.rb +44 -43
  33. data/lib/dependabot/metadata_finders/base/release_finder.rb +25 -24
  34. data/lib/dependabot/metadata_finders/base.rb +3 -2
  35. data/lib/dependabot/metadata_finders.rb +1 -0
  36. data/lib/dependabot/pull_request_creator/azure.rb +1 -0
  37. data/lib/dependabot/pull_request_creator/bitbucket.rb +1 -0
  38. data/lib/dependabot/pull_request_creator/branch_namer/base.rb +1 -0
  39. data/lib/dependabot/pull_request_creator/branch_namer/dependency_group_strategy.rb +1 -0
  40. data/lib/dependabot/pull_request_creator/branch_namer/solo_strategy.rb +36 -35
  41. data/lib/dependabot/pull_request_creator/branch_namer.rb +1 -0
  42. data/lib/dependabot/pull_request_creator/codecommit.rb +3 -2
  43. data/lib/dependabot/pull_request_creator/commit_signer.rb +1 -0
  44. data/lib/dependabot/pull_request_creator/github.rb +23 -27
  45. data/lib/dependabot/pull_request_creator/gitlab.rb +1 -0
  46. data/lib/dependabot/pull_request_creator/labeler.rb +18 -17
  47. data/lib/dependabot/pull_request_creator/message.rb +1 -0
  48. data/lib/dependabot/pull_request_creator/message_builder/issue_linker.rb +8 -7
  49. data/lib/dependabot/pull_request_creator/message_builder/link_and_mention_sanitizer.rb +1 -0
  50. data/lib/dependabot/pull_request_creator/message_builder/metadata_presenter.rb +7 -6
  51. data/lib/dependabot/pull_request_creator/message_builder.rb +18 -17
  52. data/lib/dependabot/pull_request_creator/pr_name_prefixer.rb +61 -60
  53. data/lib/dependabot/pull_request_creator.rb +7 -0
  54. data/lib/dependabot/pull_request_updater/azure.rb +1 -0
  55. data/lib/dependabot/pull_request_updater/github.rb +5 -4
  56. data/lib/dependabot/pull_request_updater/gitlab.rb +1 -0
  57. data/lib/dependabot/pull_request_updater.rb +1 -0
  58. data/lib/dependabot/registry_client.rb +1 -0
  59. data/lib/dependabot/security_advisory.rb +5 -4
  60. data/lib/dependabot/shared_helpers.rb +5 -4
  61. data/lib/dependabot/simple_instrumentor.rb +1 -0
  62. data/lib/dependabot/source.rb +5 -4
  63. data/lib/dependabot/update_checkers/base.rb +7 -6
  64. data/lib/dependabot/update_checkers/version_filters.rb +1 -0
  65. data/lib/dependabot/update_checkers.rb +1 -0
  66. data/lib/dependabot/utils.rb +1 -0
  67. data/lib/dependabot/version.rb +1 -0
  68. data/lib/dependabot/workspace/base.rb +1 -0
  69. data/lib/dependabot/workspace/change_attempt.rb +1 -0
  70. data/lib/dependabot/workspace/git.rb +1 -0
  71. data/lib/dependabot/workspace.rb +1 -0
  72. data/lib/dependabot.rb +2 -1
  73. data/lib/wildcard_matcher.rb +4 -3
  74. metadata +31 -3
@@ -1,3 +1,4 @@
1
+ # typed: false
1
2
  # frozen_string_literal: true
2
3
 
3
4
  module Dependabot
@@ -1,3 +1,4 @@
1
+ # typed: false
1
2
  # frozen_string_literal: true
2
3
 
3
4
  module Dependabot
@@ -133,12 +134,12 @@ module Dependabot
133
134
 
134
135
  case provider
135
136
  when "github", "gitlab"
136
- path = Pathname.new(File.join("tree/#{branch || 'HEAD'}", directory)).
137
- cleanpath.to_path
137
+ path = Pathname.new(File.join("tree/#{branch || 'HEAD'}", directory))
138
+ .cleanpath.to_path
138
139
  url + "/" + path
139
140
  when "bitbucket"
140
- path = Pathname.new(File.join("src/#{branch || 'default'}", directory)).
141
- cleanpath.to_path
141
+ path = Pathname.new(File.join("src/#{branch || 'default'}", directory))
142
+ .cleanpath.to_path
142
143
  url + "/" + path
143
144
  when "azure"
144
145
  url + "?path=#{directory}"
@@ -1,3 +1,4 @@
1
+ # typed: false
1
2
  # frozen_string_literal: true
2
3
 
3
4
  require "json"
@@ -299,12 +300,12 @@ module Dependabot
299
300
 
300
301
  def version_from_requirements
301
302
  @version_from_requirements ||=
302
- dependency.requirements.filter_map { |r| r.fetch(:requirement) }.
303
- flat_map { |req_str| requirement_class.requirements_array(req_str) }.
304
- flat_map(&:requirements).
305
- reject { |req_array| req_array.first.start_with?("<") }.
306
- map(&:last).
307
- max
303
+ dependency.requirements.filter_map { |r| r.fetch(:requirement) }
304
+ .flat_map { |req_str| requirement_class.requirements_array(req_str) }
305
+ .flat_map(&:requirements)
306
+ .reject { |req_array| req_array.first.start_with?("<") }
307
+ .map(&:last)
308
+ .max
308
309
  end
309
310
 
310
311
  def requirements_can_update?
@@ -1,3 +1,4 @@
1
+ # typed: false
1
2
  # frozen_string_literal: true
2
3
 
3
4
  module Dependabot
@@ -1,3 +1,4 @@
1
+ # typed: false
1
2
  # frozen_string_literal: true
2
3
 
3
4
  module Dependabot
@@ -1,3 +1,4 @@
1
+ # typed: false
1
2
  # frozen_string_literal: true
2
3
 
3
4
  require "tmpdir"
@@ -1,3 +1,4 @@
1
+ # typed: false
1
2
  # frozen_string_literal: true
2
3
 
3
4
  module Dependabot
@@ -1,3 +1,4 @@
1
+ # typed: false
1
2
  # frozen_string_literal: true
2
3
 
3
4
  module Dependabot
@@ -1,3 +1,4 @@
1
+ # typed: false
1
2
  # frozen_string_literal: true
2
3
 
3
4
  module Dependabot
@@ -1,3 +1,4 @@
1
+ # typed: false
1
2
  # frozen_string_literal: true
2
3
 
3
4
  require "dependabot/workspace/base"
@@ -1,3 +1,4 @@
1
+ # typed: false
1
2
  # frozen_string_literal: true
2
3
 
3
4
  require "dependabot/workspace/git"
data/lib/dependabot.rb CHANGED
@@ -1,5 +1,6 @@
1
+ # typed: false
1
2
  # frozen_string_literal: true
2
3
 
3
4
  module Dependabot
4
- VERSION = "0.230.0"
5
+ VERSION = "0.231.0"
5
6
  end
@@ -1,12 +1,13 @@
1
+ # typed: false
1
2
  # frozen_string_literal: true
2
3
 
3
4
  class WildcardMatcher
4
5
  def self.match?(wildcard_string, candidate_string)
5
6
  return false unless wildcard_string && candidate_string
6
7
 
7
- regex_string = "a#{wildcard_string.downcase}a".split("*").
8
- map { |p| Regexp.quote(p) }.
9
- join(".*").gsub(/^a|a$/, "")
8
+ regex_string = "a#{wildcard_string.downcase}a".split("*")
9
+ .map { |p| Regexp.quote(p) }
10
+ .join(".*").gsub(/^a|a$/, "")
10
11
  regex = /^#{regex_string}$/
11
12
  regex.match?(candidate_string.downcase)
12
13
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.230.0
4
+ version: 0.231.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-09-08 00:00:00.000000000 Z
11
+ date: 2023-09-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-codecommit
@@ -222,6 +222,20 @@ dependencies:
222
222
  - - "~>"
223
223
  - !ruby/object:Gem::Version
224
224
  version: '5.0'
225
+ - !ruby/object:Gem::Dependency
226
+ name: sorbet-runtime
227
+ requirement: !ruby/object:Gem::Requirement
228
+ requirements:
229
+ - - "~>"
230
+ - !ruby/object:Gem::Version
231
+ version: '0.5'
232
+ type: :runtime
233
+ prerelease: false
234
+ version_requirements: !ruby/object:Gem::Requirement
235
+ requirements:
236
+ - - "~>"
237
+ - !ruby/object:Gem::Version
238
+ version: '0.5'
225
239
  - !ruby/object:Gem::Dependency
226
240
  name: toml-rb
227
241
  requirement: !ruby/object:Gem::Requirement
@@ -354,6 +368,20 @@ dependencies:
354
368
  - - "~>"
355
369
  - !ruby/object:Gem::Version
356
370
  version: 1.19.0
371
+ - !ruby/object:Gem::Dependency
372
+ name: rubocop-sorbet
373
+ requirement: !ruby/object:Gem::Requirement
374
+ requirements:
375
+ - - "~>"
376
+ - !ruby/object:Gem::Version
377
+ version: 0.7.3
378
+ type: :development
379
+ prerelease: false
380
+ version_requirements: !ruby/object:Gem::Requirement
381
+ requirements:
382
+ - - "~>"
383
+ - !ruby/object:Gem::Version
384
+ version: 0.7.3
357
385
  - !ruby/object:Gem::Dependency
358
386
  name: stackprof
359
387
  requirement: !ruby/object:Gem::Requirement
@@ -486,7 +514,7 @@ licenses:
486
514
  - Nonstandard
487
515
  metadata:
488
516
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
489
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.230.0
517
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.231.0
490
518
  post_install_message:
491
519
  rdoc_options: []
492
520
  require_paths: