dependabot-common 0.232.0 → 0.234.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (23) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/clients/azure.rb +32 -26
  3. data/lib/dependabot/clients/bitbucket.rb +1 -1
  4. data/lib/dependabot/clients/bitbucket_with_retries.rb +2 -2
  5. data/lib/dependabot/clients/codecommit.rb +3 -1
  6. data/lib/dependabot/clients/github_with_retries.rb +3 -3
  7. data/lib/dependabot/clients/gitlab_with_retries.rb +3 -3
  8. data/lib/dependabot/dependency_group.rb +1 -10
  9. data/lib/dependabot/errors.rb +14 -0
  10. data/lib/dependabot/file_fetchers.rb +9 -2
  11. data/lib/dependabot/file_parsers.rb +9 -2
  12. data/lib/dependabot/file_updaters.rb +9 -2
  13. data/lib/dependabot/git_commit_checker.rb +17 -16
  14. data/lib/dependabot/pull_request_creator/branch_namer/solo_strategy.rb +2 -2
  15. data/lib/dependabot/pull_request_creator/github.rb +1 -2
  16. data/lib/dependabot/pull_request_creator/message_builder.rb +2 -2
  17. data/lib/dependabot/pull_request_creator/pr_name_prefixer.rb +2 -2
  18. data/lib/dependabot/shared_helpers.rb +2 -2
  19. data/lib/dependabot/update_checkers.rb +9 -2
  20. data/lib/dependabot/utils.rb +15 -5
  21. data/lib/dependabot.rb +2 -2
  22. data/lib/wildcard_matcher.rb +4 -1
  23. metadata +19 -19
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 07f0955f06c02ad1e76f3fb987d63ad6eb391442e0bf51a66f51f20020437cf1
4
- data.tar.gz: 660dd52a79fc8529d621dec221849c0baa09de69a3e3cef6bc71d5c3ae322387
3
+ metadata.gz: 621688a92a0526cbe086c2fe30d824e0827ba4d98f7a7f4218560f80311579a2
4
+ data.tar.gz: 9643f1ea4eb456787c3b6db3962e0c5fe67cb793fff44415be1b4c6d1f6d79c0
5
5
  SHA512:
6
- metadata.gz: 42194277fe832e0590ecb48037a90d06943d33d514216f82fd028a4822215292042b6b1f0fb9dfce7728d2100e8b0ef1571b9d067fbbc7492807c0db371e860e
7
- data.tar.gz: 5f0397b9b76dc38c1adc68c86dd8ef37c16b516ff36f6a8ef0e2f94c285ecbc5586395ede542af9133a3137e24593304a5fcc3199cc7208e93f1dada63c06519
6
+ metadata.gz: a3461d4923d3826280c52e4ddbb936e55ec13e2f1d448b8a99b66a2f0d6996a5db592f06810084b8f8a9795c1d4d7070d40f24bbe3e444b1563ac61cc58cd35f
7
+ data.tar.gz: 9903829aa7321ee5c3f7840a62bc32baa9c6be48d3b4ad682c939b65a78d965d7ff0c6eefbe683a868b4af945aeb204d12c8c4a908fe9f597346a4ff08a4d6ce
data/lib/dependabot/clients/azure.rb CHANGED
@@ -1,12 +1,15 @@
1
- # typed: false
1
+ # typed: true
2
2
  # frozen_string_literal: true
3
3
 
4
4
  require "dependabot/shared_helpers"
5
5
  require "excon"
6
+ require "sorbet-runtime"
6
7
 
7
8
  module Dependabot
8
9
  module Clients
9
10
  class Azure
11
+ extend T::Sig
12
+
10
13
  class NotFound < StandardError; end
11
14
 
12
15
  class InternalServerError < StandardError; end
@@ -253,8 +256,9 @@ module Dependabot
253
256
  JSON.parse(response.body).fetch("value")
254
257
  end
255
258
 
259
+ sig { params(url: String).returns(Excon::Response) }
256
260
  def get(url)
257
- response = nil
261
+ response = T.let(nil, T.nilable(Excon::Response))
258
262
 
259
263
  retry_connection_failures do
260
264
  response = Excon.get(
@@ -267,20 +271,21 @@ module Dependabot
267
271
  )
268
272
  )
269
273
 
270
- raise InternalServerError if response.status == 500
271
- raise BadGateway if response.status == 502
272
- raise ServiceNotAvailable if response.status == 503
274
+ raise InternalServerError if response&.status == 500
275
+ raise BadGateway if response&.status == 502
276
+ raise ServiceNotAvailable if response&.status == 503
273
277
  end
274
278
 
275
- raise Unauthorized if response.status == 401
276
- raise Forbidden if response.status == 403
277
- raise NotFound if response.status == 404
279
+ raise Unauthorized if response&.status == 401
280
+ raise Forbidden if response&.status == 403
281
+ raise NotFound if response&.status == 404
278
282
 
279
- response
283
+ T.must(response)
280
284
  end
281
285
 
282
- def post(url, json)
283
- response = nil
286
+ sig { params(url: String, json: String).returns(Excon::Response) }
287
+ def post(url, json) # rubocop:disable Metrics/PerceivedComplexity
288
+ response = T.let(nil, T.nilable(Excon::Response))
284
289
 
285
290
  retry_connection_failures do
286
291
  response = Excon.post(
@@ -298,25 +303,26 @@ module Dependabot
298
303
  )
299
304
  )
300
305
 
301
- raise InternalServerError if response.status == 500
302
- raise BadGateway if response.status == 502
303
- raise ServiceNotAvailable if response.status == 503
306
+ raise InternalServerError if response&.status == 500
307
+ raise BadGateway if response&.status == 502
308
+ raise ServiceNotAvailable if response&.status == 503
304
309
  end
305
310
 
306
- raise Unauthorized if response.status == 401
311
+ raise Unauthorized if response&.status == 401
307
312
 
308
- if response.status == 403
313
+ if response&.status == 403
309
314
  raise TagsCreationForbidden if tags_creation_forbidden?(response)
310
315
 
311
316
  raise Forbidden
312
317
  end
313
- raise NotFound if response.status == 404
318
+ raise NotFound if response&.status == 404
314
319
 
315
- response
320
+ T.must(response)
316
321
  end
317
322
 
323
+ sig { params(url: String, json: String).returns(Excon::Response) }
318
324
  def patch(url, json)
319
- response = nil
325
+ response = T.let(nil, T.nilable(Excon::Response))
320
326
 
321
327
  retry_connection_failures do
322
328
  response = Excon.patch(
@@ -334,16 +340,16 @@ module Dependabot
334
340
  )
335
341
  )
336
342
 
337
- raise InternalServerError if response.status == 500
338
- raise BadGateway if response.status == 502
339
- raise ServiceNotAvailable if response.status == 503
343
+ raise InternalServerError if response&.status == 500
344
+ raise BadGateway if response&.status == 502
345
+ raise ServiceNotAvailable if response&.status == 503
340
346
  end
341
347
 
342
- raise Unauthorized if response.status == 401
343
- raise Forbidden if response.status == 403
344
- raise NotFound if response.status == 404
348
+ raise Unauthorized if response&.status == 401
349
+ raise Forbidden if response&.status == 403
350
+ raise NotFound if response&.status == 404
345
351
 
346
- response
352
+ T.must(response)
347
353
  end
348
354
 
349
355
  private
data/lib/dependabot/clients/bitbucket.rb CHANGED
@@ -1,4 +1,4 @@
1
- # typed: false
1
+ # typed: true
2
2
  # frozen_string_literal: true
3
3
 
4
4
  require "dependabot/shared_helpers"
data/lib/dependabot/clients/bitbucket_with_retries.rb CHANGED
@@ -1,4 +1,4 @@
1
- # typed: false
1
+ # typed: true
2
2
  # frozen_string_literal: true
3
3
 
4
4
  require_relative "bitbucket"
@@ -30,7 +30,7 @@ module Dependabot
30
30
 
31
31
  def initialize(max_retries: 3, **args)
32
32
  @max_retries = max_retries || 3
33
- @client = Bitbucket.new(**args)
33
+ @client = Bitbucket.new(**T.unsafe(args))
34
34
  end
35
35
 
36
36
  def method_missing(method_name, *args, &block)
data/lib/dependabot/clients/codecommit.rb CHANGED
@@ -1,4 +1,4 @@
1
- # typed: false
1
+ # typed: true
2
2
  # frozen_string_literal: true
3
3
 
4
4
  require "dependabot/shared_helpers"
@@ -6,6 +6,8 @@ require "dependabot/shared_helpers"
6
6
  module Dependabot
7
7
  module Clients
8
8
  class CodeCommit
9
+ extend T::Sig
10
+
9
11
  class NotFound < StandardError; end
10
12
 
11
13
  #######################
data/lib/dependabot/clients/github_with_retries.rb CHANGED
@@ -1,4 +1,4 @@
1
- # typed: false
1
+ # typed: true
2
2
  # frozen_string_literal: true
3
3
 
4
4
  require "octokit"
@@ -67,7 +67,7 @@ module Dependabot
67
67
  #################
68
68
 
69
69
  def fetch_commit(repo, branch)
70
- response = ref(repo, "heads/#{branch}")
70
+ response = T.unsafe(self).ref(repo, "heads/#{branch}")
71
71
 
72
72
  raise Octokit::NotFound if response.is_a?(Array)
73
73
 
@@ -75,7 +75,7 @@ module Dependabot
75
75
  end
76
76
 
77
77
  def fetch_default_branch(repo)
78
- repository(repo).default_branch
78
+ T.unsafe(self).repository(repo).default_branch
79
79
  end
80
80
 
81
81
  ############
data/lib/dependabot/clients/gitlab_with_retries.rb CHANGED
@@ -1,4 +1,4 @@
1
- # typed: false
1
+ # typed: true
2
2
  # frozen_string_literal: true
3
3
 
4
4
  require "gitlab"
@@ -50,11 +50,11 @@ module Dependabot
50
50
  #################
51
51
 
52
52
  def fetch_commit(repo, branch)
53
- branch(repo, branch).commit.id
53
+ T.unsafe(self).branch(repo, branch).commit.id
54
54
  end
55
55
 
56
56
  def fetch_default_branch(repo)
57
- project(repo).default_branch
57
+ T.unsafe(self).project(repo).default_branch
58
58
  end
59
59
 
60
60
  ############
data/lib/dependabot/dependency_group.rb CHANGED
@@ -10,21 +10,12 @@ require "yaml"
10
10
 
11
11
  module Dependabot
12
12
  class DependencyGroup
13
- attr_reader :name, :rules, :dependencies, :handled_dependencies
13
+ attr_reader :name, :rules, :dependencies
14
14
 
15
15
  def initialize(name:, rules:)
16
16
  @name = name
17
17
  @rules = rules
18
18
  @dependencies = []
19
- @handled_dependencies = Set.new
20
- end
21
-
22
- def add_to_handled(*dependencies)
23
- @handled_dependencies += dependencies.map(&:name)
24
- end
25
-
26
- def add_all_to_handled
27
- @handled_dependencies += dependencies.map(&:name)
28
19
  end
29
20
 
30
21
  def contains?(dependency)
data/lib/dependabot/errors.rb CHANGED
@@ -76,6 +76,20 @@ module Dependabot
76
76
  # File level errors #
77
77
  #####################
78
78
 
79
+ class ToolVersionNotSupported < DependabotError
80
+ attr_reader :tool_name, :detected_version, :supported_versions
81
+
82
+ def initialize(tool_name, detected_version, supported_versions)
83
+ @tool_name = tool_name
84
+ @detected_version = detected_version
85
+ @supported_versions = supported_versions
86
+
87
+ msg = "Dependabot detected the following #{tool_name} requirement for your project: '#{detected_version}'." \
88
+ "\n\nCurrently, the following #{tool_name} versions are supported in Dependabot: #{supported_versions}."
89
+ super(msg)
90
+ end
91
+ end
92
+
79
93
  class DependencyFileNotFound < DependabotError
80
94
  attr_reader :file_path
81
95
 
data/lib/dependabot/file_fetchers.rb CHANGED
@@ -1,10 +1,16 @@
1
- # typed: true
1
+ # typed: strong
2
2
  # frozen_string_literal: true
3
3
 
4
+ require "sorbet-runtime"
5
+ require "dependabot/file_fetchers/base"
6
+
4
7
  module Dependabot
5
8
  module FileFetchers
6
- @file_fetchers = {}
9
+ extend T::Sig
10
+
11
+ @file_fetchers = T.let({}, T::Hash[String, T.class_of(Dependabot::FileFetchers::Base)])
7
12
 
13
+ sig { params(package_manager: String).returns(T.class_of(Dependabot::FileFetchers::Base)) }
8
14
  def self.for_package_manager(package_manager)
9
15
  file_fetcher = @file_fetchers[package_manager]
10
16
  return file_fetcher if file_fetcher
@@ -12,6 +18,7 @@ module Dependabot
12
18
  raise "Unsupported package_manager #{package_manager}"
13
19
  end
14
20
 
21
+ sig { params(package_manager: String, file_fetcher: T.class_of(Dependabot::FileFetchers::Base)).void }
15
22
  def self.register(package_manager, file_fetcher)
16
23
  @file_fetchers[package_manager] = file_fetcher
17
24
  end
data/lib/dependabot/file_parsers.rb CHANGED
@@ -1,10 +1,16 @@
1
- # typed: true
1
+ # typed: strong
2
2
  # frozen_string_literal: true
3
3
 
4
+ require "sorbet-runtime"
5
+ require "dependabot/file_parsers/base"
6
+
4
7
  module Dependabot
5
8
  module FileParsers
6
- @file_parsers = {}
9
+ extend T::Sig
10
+
11
+ @file_parsers = T.let({}, T::Hash[String, T.class_of(Dependabot::FileParsers::Base)])
7
12
 
13
+ sig { params(package_manager: String).returns(T.class_of(Dependabot::FileParsers::Base)) }
8
14
  def self.for_package_manager(package_manager)
9
15
  file_parser = @file_parsers[package_manager]
10
16
  return file_parser if file_parser
@@ -12,6 +18,7 @@ module Dependabot
12
18
  raise "Unsupported package_manager #{package_manager}"
13
19
  end
14
20
 
21
+ sig { params(package_manager: String, file_parser: T.class_of(Dependabot::FileParsers::Base)).void }
15
22
  def self.register(package_manager, file_parser)
16
23
  @file_parsers[package_manager] = file_parser
17
24
  end
data/lib/dependabot/file_updaters.rb CHANGED
@@ -1,10 +1,16 @@
1
- # typed: true
1
+ # typed: strong
2
2
  # frozen_string_literal: true
3
3
 
4
+ require "sorbet-runtime"
5
+ require "dependabot/file_updaters/base"
6
+
4
7
  module Dependabot
5
8
  module FileUpdaters
6
- @file_updaters = {}
9
+ extend T::Sig
10
+
11
+ @file_updaters = T.let({}, T::Hash[String, T.class_of(Dependabot::FileUpdaters::Base)])
7
12
 
13
+ sig { params(package_manager: String).returns(T.class_of(Dependabot::FileUpdaters::Base)) }
8
14
  def self.for_package_manager(package_manager)
9
15
  file_updater = @file_updaters[package_manager]
10
16
  return file_updater if file_updater
@@ -12,6 +18,7 @@ module Dependabot
12
18
  raise "Unsupported package_manager #{package_manager}"
13
19
  end
14
20
 
21
+ sig { params(package_manager: String, file_updater: T.class_of(Dependabot::FileUpdaters::Base)).void }
15
22
  def self.register(package_manager, file_updater)
16
23
  @file_updaters[package_manager] = file_updater
17
24
  end
data/lib/dependabot/git_commit_checker.rb CHANGED
@@ -24,12 +24,13 @@ module Dependabot
24
24
 
25
25
  def initialize(dependency:, credentials:,
26
26
  ignored_versions: [], raise_on_ignored: false,
27
- consider_version_branches_pinned: false)
27
+ consider_version_branches_pinned: false, dependency_source_details: nil)
28
28
  @dependency = dependency
29
29
  @credentials = credentials
30
30
  @ignored_versions = ignored_versions
31
31
  @raise_on_ignored = raise_on_ignored
32
32
  @consider_version_branches_pinned = consider_version_branches_pinned
33
+ @dependency_source_details = dependency_source_details
33
34
  end
34
35
 
35
36
  def git_dependency?
@@ -65,7 +66,11 @@ module Dependabot
65
66
  end
66
67
 
67
68
  def pinned_ref_looks_like_commit_sha?
68
- ref_looks_like_commit_sha?(ref)
69
+ return false unless ref && ref_looks_like_commit_sha?(ref)
70
+
71
+ return false unless pinned?
72
+
73
+ local_repo_git_metadata_fetcher.head_commit_for_ref(ref).nil?
69
74
  end
70
75
 
71
76
  def head_commit_for_pinned_ref
@@ -73,11 +78,7 @@ module Dependabot
73
78
  end
74
79
 
75
80
  def ref_looks_like_commit_sha?(ref)
76
- return false unless ref&.match?(/^[0-9a-f]{6,40}$/)
77
-
78
- return false unless pinned?
79
-
80
- local_repo_git_metadata_fetcher.head_commit_for_ref(ref).nil?
81
+ ref.match?(/^[0-9a-f]{6,40}$/)
81
82
  end
82
83
 
83
84
  def branch_or_ref_in_release?(version)
@@ -160,7 +161,15 @@ module Dependabot
160
161
  end
161
162
 
162
163
  def dependency_source_details
163
- dependency.source_details(allowed_types: ["git"])
164
+ @dependency_source_details || dependency.source_details(allowed_types: ["git"])
165
+ end
166
+
167
+ def most_specific_version_tag_for_sha(commit_sha)
168
+ tags = local_tags.select { |t| t.commit_sha == commit_sha && version_class.correct?(t.name) }
169
+ .sort_by { |t| version_class.new(t.name) }
170
+ return if tags.empty?
171
+
172
+ tags[-1].name
164
173
  end
165
174
 
166
175
  private
@@ -188,14 +197,6 @@ module Dependabot
188
197
  version.split(".").length
189
198
  end
190
199
 
191
- def most_specific_version_tag_for_sha(commit_sha)
192
- tags = local_tags.select { |t| t.commit_sha == commit_sha && version_class.correct?(t.name) }
193
- .sort_by { |t| version_class.new(t.name) }
194
- return if tags.empty?
195
-
196
- tags[-1].name
197
- end
198
-
199
200
  def allowed_versions(local_tags)
200
201
  tags =
201
202
  local_tags
data/lib/dependabot/pull_request_creator/branch_namer/solo_strategy.rb CHANGED
@@ -62,7 +62,7 @@ module Dependabot
62
62
  def property_name
63
63
  @property_name ||= dependencies.first.requirements
64
64
  .find { |r| r.dig(:metadata, :property_name) }
65
- &.dig(:metadata, :property_name)
65
+ &.dig(:metadata, :property_name)
66
66
 
67
67
  raise "No property name!" unless @property_name
68
68
 
@@ -72,7 +72,7 @@ module Dependabot
72
72
  def dependency_set
73
73
  @dependency_set ||= dependencies.first.requirements
74
74
  .find { |r| r.dig(:metadata, :dependency_set) }
75
- &.dig(:metadata, :dependency_set)
75
+ &.dig(:metadata, :dependency_set)
76
76
 
77
77
  raise "No dependency set!" unless @dependency_set
78
78
 
data/lib/dependabot/pull_request_creator/github.rb CHANGED
@@ -247,8 +247,7 @@ module Dependabot
247
247
  @branch_name = ref.gsub(%r{^refs/heads/}, "")
248
248
  branch
249
249
  rescue Octokit::UnprocessableEntity => e
250
- # Return quietly in the case of a race
251
- return nil if e.message.match?(/Reference already exists/i)
250
+ raise if e.message.match?(/Reference already exists/i)
252
251
 
253
252
  retrying_branch_creation ||= false
254
253
  raise if retrying_branch_creation
data/lib/dependabot/pull_request_creator/message_builder.rb CHANGED
@@ -416,7 +416,7 @@ module Dependabot
416
416
  def property_name
417
417
  @property_name ||= dependencies.first.requirements
418
418
  .find { |r| r.dig(:metadata, :property_name) }
419
- &.dig(:metadata, :property_name)
419
+ &.dig(:metadata, :property_name)
420
420
 
421
421
  raise "No property name!" unless @property_name
422
422
 
@@ -426,7 +426,7 @@ module Dependabot
426
426
  def dependency_set
427
427
  @dependency_set ||= dependencies.first.requirements
428
428
  .find { |r| r.dig(:metadata, :dependency_set) }
429
- &.dig(:metadata, :dependency_set)
429
+ &.dig(:metadata, :dependency_set)
430
430
 
431
431
  raise "No dependency set!" unless @dependency_set
432
432
 
data/lib/dependabot/pull_request_creator/pr_name_prefixer.rb CHANGED
@@ -393,8 +393,8 @@ module Dependabot
393
393
 
394
394
  @recent_codecommit_commit_messages.commits
395
395
  .find { |c| c.author.email == dependabot_email }
396
- &.message
397
- &.strip
396
+ &.message
397
+ &.strip
398
398
  end
399
399
 
400
400
  def azure_commit_author_email(commit)
data/lib/dependabot/shared_helpers.rb CHANGED
@@ -64,7 +64,7 @@ module Dependabot
64
64
 
65
65
  def initialize(message:, error_context:, error_class: nil, trace: nil)
66
66
  super(message)
67
- @error_class = error_class || ""
67
+ @error_class = error_class || "HelperSubprocessFailed"
68
68
  @error_context = error_context
69
69
  @fingerprint = error_context[:fingerprint] || error_context[:command]
70
70
  @trace = trace
@@ -142,8 +142,8 @@ module Dependabot
142
142
  error_context: error_context
143
143
  )
144
144
  end
145
- # rubocop:enable Metrics/MethodLength
146
145
 
146
+ # rubocop:enable Metrics/MethodLength
147
147
  def self.check_out_of_memory_error(stderr, error_context)
148
148
  return unless stderr&.include?("JavaScript heap out of memory")
149
149
 
data/lib/dependabot/update_checkers.rb CHANGED
@@ -1,10 +1,16 @@
1
- # typed: true
1
+ # typed: strong
2
2
  # frozen_string_literal: true
3
3
 
4
+ require "sorbet-runtime"
5
+ require "dependabot/update_checkers/base"
6
+
4
7
  module Dependabot
5
8
  module UpdateCheckers
6
- @update_checkers = {}
9
+ extend T::Sig
10
+
11
+ @update_checkers = T.let({}, T::Hash[String, T.class_of(Dependabot::UpdateCheckers::Base)])
7
12
 
13
+ sig { params(package_manager: String).returns(T.class_of(Dependabot::UpdateCheckers::Base)) }
8
14
  def self.for_package_manager(package_manager)
9
15
  update_checker = @update_checkers[package_manager]
10
16
  return update_checker if update_checker
@@ -12,6 +18,7 @@ module Dependabot
12
18
  raise "Unsupported package_manager #{package_manager}"
13
19
  end
14
20
 
21
+ sig { params(package_manager: String, update_checker: T.class_of(Dependabot::UpdateCheckers::Base)).void }
15
22
  def self.register(package_manager, update_checker)
16
23
  @update_checkers[package_manager] = update_checker
17
24
  end
data/lib/dependabot/utils.rb CHANGED
@@ -1,18 +1,23 @@
1
- # typed: true
1
+ # typed: strong
2
2
  # frozen_string_literal: true
3
3
 
4
4
  require "tmpdir"
5
5
  require "set"
6
+ require "sorbet-runtime"
7
+ require "dependabot/version"
6
8
 
7
9
  # TODO: in due course, these "registries" should live in a wrapper gem, not
8
10
  # dependabot-core.
9
11
  module Dependabot
10
12
  module Utils
13
+ extend T::Sig
14
+
11
15
  BUMP_TMP_FILE_PREFIX = "dependabot_"
12
- BUMP_TMP_DIR_PATH = File.expand_path(Dir::Tmpname.create("", "tmp") { nil })
16
+ BUMP_TMP_DIR_PATH = T.let(File.expand_path(Dir::Tmpname.create("", "tmp") { nil }), String)
13
17
 
14
- @version_classes = {}
18
+ @version_classes = T.let({}, T::Hash[String, T.class_of(Dependabot::Version)])
15
19
 
20
+ sig { params(package_manager: String).returns(T.class_of(Dependabot::Version)) }
16
21
  def self.version_class_for_package_manager(package_manager)
17
22
  version_class = @version_classes[package_manager]
18
23
  return version_class if version_class
@@ -20,12 +25,14 @@ module Dependabot
20
25
  raise "Unsupported package_manager #{package_manager}"
21
26
  end
22
27
 
28
+ sig { params(package_manager: String, version_class: T.class_of(Dependabot::Version)).void }
23
29
  def self.register_version_class(package_manager, version_class)
24
30
  @version_classes[package_manager] = version_class
25
31
  end
26
32
 
27
- @requirement_classes = {}
33
+ @requirement_classes = T.let({}, T::Hash[String, T.class_of(Gem::Requirement)])
28
34
 
35
+ sig { params(package_manager: String).returns(T.class_of(Gem::Requirement)) }
29
36
  def self.requirement_class_for_package_manager(package_manager)
30
37
  requirement_class = @requirement_classes[package_manager]
31
38
  return requirement_class if requirement_class
@@ -33,16 +40,19 @@ module Dependabot
33
40
  raise "Unsupported package_manager #{package_manager}"
34
41
  end
35
42
 
43
+ sig { params(package_manager: String, requirement_class: T.class_of(Gem::Requirement)).void }
36
44
  def self.register_requirement_class(package_manager, requirement_class)
37
45
  @requirement_classes[package_manager] = requirement_class
38
46
  end
39
47
 
40
- @cloning_package_managers = Set[]
48
+ @cloning_package_managers = T.let(Set[], T::Set[String])
41
49
 
50
+ sig { params(package_manager: String).returns(T::Boolean) }
42
51
  def self.always_clone_for_package_manager?(package_manager)
43
52
  @cloning_package_managers.include?(package_manager)
44
53
  end
45
54
 
55
+ sig { params(package_manager: String).void }
46
56
  def self.register_always_clone(package_manager)
47
57
  @cloning_package_managers << package_manager
48
58
  end
data/lib/dependabot.rb CHANGED
@@ -1,6 +1,6 @@
1
- # typed: true
1
+ # typed: strong
2
2
  # frozen_string_literal: true
3
3
 
4
4
  module Dependabot
5
- VERSION = "0.232.0"
5
+ VERSION = "0.234.0"
6
6
  end
data/lib/wildcard_matcher.rb CHANGED
@@ -1,7 +1,10 @@
1
- # typed: true
1
+ # typed: strong
2
2
  # frozen_string_literal: true
3
3
 
4
4
  class WildcardMatcher
5
+ extend T::Sig
6
+
7
+ sig { params(wildcard_string: T.nilable(String), candidate_string: T.nilable(String)).returns(T::Boolean) }
5
8
  def self.match?(wildcard_string, candidate_string)
6
9
  return false unless wildcard_string && candidate_string
7
10
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.232.0
4
+ version: 0.234.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-09-14 00:00:00.000000000 Z
11
+ date: 2023-10-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-codecommit
@@ -228,14 +228,14 @@ dependencies:
228
228
  requirements:
229
229
  - - "~>"
230
230
  - !ruby/object:Gem::Version
231
- version: '0.5'
231
+ version: 0.5.11026
232
232
  type: :runtime
233
233
  prerelease: false
234
234
  version_requirements: !ruby/object:Gem::Requirement
235
235
  requirements:
236
236
  - - "~>"
237
237
  - !ruby/object:Gem::Version
238
- version: '0.5'
238
+ version: 0.5.11026
239
239
  - !ruby/object:Gem::Dependency
240
240
  name: toml-rb
241
241
  requirement: !ruby/object:Gem::Requirement
@@ -284,20 +284,6 @@ dependencies:
284
284
  - - "~>"
285
285
  - !ruby/object:Gem::Version
286
286
  version: '2.0'
287
- - !ruby/object:Gem::Dependency
288
- name: parallel_tests
289
- requirement: !ruby/object:Gem::Requirement
290
- requirements:
291
- - - "~>"
292
- - !ruby/object:Gem::Version
293
- version: 4.2.0
294
- type: :development
295
- prerelease: false
296
- version_requirements: !ruby/object:Gem::Requirement
297
- requirements:
298
- - - "~>"
299
- - !ruby/object:Gem::Version
300
- version: 4.2.0
301
287
  - !ruby/object:Gem::Dependency
302
288
  name: rake
303
289
  requirement: !ruby/object:Gem::Requirement
@@ -396,6 +382,20 @@ dependencies:
396
382
  - - "~>"
397
383
  - !ruby/object:Gem::Version
398
384
  version: 0.2.16
385
+ - !ruby/object:Gem::Dependency
386
+ name: turbo_tests
387
+ requirement: !ruby/object:Gem::Requirement
388
+ requirements:
389
+ - - "~>"
390
+ - !ruby/object:Gem::Version
391
+ version: 2.2.0
392
+ type: :development
393
+ prerelease: false
394
+ version_requirements: !ruby/object:Gem::Requirement
395
+ requirements:
396
+ - - "~>"
397
+ - !ruby/object:Gem::Version
398
+ version: 2.2.0
399
399
  - !ruby/object:Gem::Dependency
400
400
  name: vcr
401
401
  requirement: !ruby/object:Gem::Requirement
@@ -514,7 +514,7 @@ licenses:
514
514
  - Nonstandard
515
515
  metadata:
516
516
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
517
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.232.0
517
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.234.0
518
518
  post_install_message:
519
519
  rdoc_options: []
520
520
  require_paths: