dependabot-common 0.233.0 → 0.235.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/errors.rb +10 -1
  3. data/lib/dependabot/file_fetchers/base.rb +3 -1
  4. data/lib/dependabot/file_updaters/base.rb +39 -7
  5. data/lib/dependabot/pull_request_creator/branch_namer/solo_strategy.rb +2 -2
  6. data/lib/dependabot/pull_request_creator/message_builder.rb +2 -2
  7. data/lib/dependabot/pull_request_creator/pr_name_prefixer.rb +2 -2
  8. data/lib/dependabot.rb +1 -1
  9. data/lib/wildcard_matcher.rb +2 -0
  10. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ba05ac04f06978df28a0ffbecc810d6671c19143b3269e9d4193de876c79468b
4
- data.tar.gz: 2bae619b79ec71ebc2374fb9aec7e97143b6c3feeac3cd0ebc76bf32ba3dbea9
3
+ metadata.gz: 0b22cec48025b20921f000f63975cfc9db22dac670fa8ef6710fda754c288f68
4
+ data.tar.gz: 901b6246fde924caa2adfdcba0bc19dbd86833133c6cf951967024b656f68918
5
5
  SHA512:
6
- metadata.gz: d8d4069e12c86a96b798f4ec75ecd60b86f6a48ac7062a8d26375712af2bc226539363cb4a9796d0e353b338205b01e2e926bd972a30724110ca610f7642e3aa
7
- data.tar.gz: e40dfea60323c3105a743afaa6a908637ee37e5fa5ea2fbc2d9892637e301f5aa44c489afd22ae7369739a4ba8a1510eda3614c048a35a4c4df3435720ea65a0
6
+ metadata.gz: 819445f789764166001ff2f6ce532e6bd60ecb1a644eb4bb20ec00a15c433c58608af56e3c75bbccba479c2f6b81fd415298083f9d4e74c24ba382881a35280c
7
+ data.tar.gz: 3b5f7aa169756240055ded3136f8daae04cc52129a42f0566eddc90232a302427b889ef512534f5e865609d7a7ba526f82deb7cea2b59138c4533e61fa01971a
data/lib/dependabot/errors.rb CHANGED
@@ -5,7 +5,7 @@ require "dependabot/utils"
5
5
 
6
6
  module Dependabot
7
7
  class DependabotError < StandardError
8
- BASIC_AUTH_REGEX = %r{://(?<auth>[^:]*:[^@%\s]+(@|%40))}
8
+ BASIC_AUTH_REGEX = %r{://(?<auth>[^:@]*:[^@%\s/]+(@|%40))}
9
9
  # Remove any path segment from fury.io sources
10
10
  FURY_IO_PATH_REGEX = %r{fury\.io/(?<path>.+)}
11
11
 
@@ -54,6 +54,15 @@ module Dependabot
54
54
  # Repo level errors #
55
55
  #####################
56
56
 
57
+ class DirectoryNotFound < DependabotError
58
+ attr_reader :directory_name
59
+
60
+ def initialize(directory_name, msg = nil)
61
+ @directory_name = directory_name
62
+ super(msg)
63
+ end
64
+ end
65
+
57
66
  class BranchNotFound < DependabotError
58
67
  attr_reader :branch_name
59
68
 
data/lib/dependabot/file_fetchers/base.rb CHANGED
@@ -194,7 +194,7 @@ module Dependabot
194
194
  def repo_contents(dir: ".", ignore_base_directory: false,
195
195
  raise_errors: true, fetch_submodules: false)
196
196
  dir = File.join(directory, dir) unless ignore_base_directory
197
- path = Pathname.new(File.join(dir)).cleanpath.to_path.gsub(%r{^/*}, "")
197
+ path = Pathname.new(dir).cleanpath.to_path.gsub(%r{^/*}, "")
198
198
 
199
199
  @repo_contents ||= {}
200
200
  @repo_contents[dir] ||= if repo_contents_path
@@ -309,6 +309,8 @@ module Dependabot
309
309
 
310
310
  _fetch_repo_contents_fully_specified(provider, repo, tmp_path, commit)
311
311
  rescue *CLIENT_NOT_FOUND_ERRORS
312
+ raise Dependabot::DirectoryNotFound, directory if path == directory.gsub(%r{^/*}, "")
313
+
312
314
  result = raise_errors ? -> { raise } : -> { [] }
313
315
  retrying ||= false
314
316
 
data/lib/dependabot/file_updaters/base.rb CHANGED
@@ -1,18 +1,45 @@
1
- # typed: true
1
+ # typed: strict
2
2
  # frozen_string_literal: true
3
3
 
4
+ require "sorbet-runtime"
5
+
4
6
  module Dependabot
5
7
  module FileUpdaters
6
8
  class Base
7
- attr_reader :dependencies, :dependency_files, :repo_contents_path,
8
- :credentials, :options
9
+ extend T::Sig
10
+ extend T::Helpers
11
+ abstract!
12
+
13
+ sig { returns(T::Array[Dependabot::Dependency]) }
14
+ attr_reader :dependencies
15
+
16
+ sig { returns(T::Array[Dependabot::DependencyFile]) }
17
+ attr_reader :dependency_files
18
+
19
+ sig { returns(T.nilable(String)) }
20
+ attr_reader :repo_contents_path
9
21
 
22
+ sig { returns(T::Array[T::Hash[String, String]]) }
23
+ attr_reader :credentials
24
+
25
+ sig { returns(T::Hash[Symbol, T.untyped]) }
26
+ attr_reader :options
27
+
28
+ sig { overridable.returns(String) }
10
29
  def self.updated_files_regex
11
30
  raise NotImplementedError
12
31
  end
13
32
 
14
- def initialize(dependencies:, dependency_files:, repo_contents_path: nil,
15
- credentials:, options: {})
33
+ sig do
34
+ params(
35
+ dependencies: T::Array[Dependabot::Dependency],
36
+ dependency_files: T::Array[Dependabot::DependencyFile],
37
+ credentials: T::Array[T::Hash[String, String]],
38
+ repo_contents_path: T.nilable(String),
39
+ options: T::Hash[Symbol, T.untyped]
40
+ ).void
41
+ end
42
+ def initialize(dependencies:, dependency_files:, credentials:, repo_contents_path: nil, options: {})
16
43
  @dependencies = dependencies
17
44
  @dependency_files = dependency_files
18
45
  @repo_contents_path = repo_contents_path
@@ -22,31 +49,36 @@ module Dependabot
22
49
  check_required_files
23
50
  end
24
51
 
52
+ sig { overridable.returns(T::Array[::Dependabot::DependencyFile]) }
25
53
  def updated_dependency_files
26
54
  raise NotImplementedError
27
55
  end
28
56
 
29
57
  private
30
58
 
59
+ sig { overridable.void }
31
60
  def check_required_files
32
61
  raise NotImplementedError
33
62
  end
34
63
 
64
+ sig { params(filename: String).returns(T.nilable(Dependabot::DependencyFile)) }
35
65
  def get_original_file(filename)
36
66
  dependency_files.find { |f| f.name == filename }
37
67
  end
38
68
 
69
+ sig { params(file: Dependabot::DependencyFile).returns(T::Boolean) }
39
70
  def file_changed?(file)
40
71
  dependencies.any? { |dep| requirement_changed?(file, dep) }
41
72
  end
42
73
 
74
+ sig { params(file: Dependabot::DependencyFile, dependency: Dependabot::Dependency).returns(T::Boolean) }
43
75
  def requirement_changed?(file, dependency)
44
- changed_requirements =
45
- dependency.requirements - dependency.previous_requirements
76
+ changed_requirements = dependency.requirements - dependency.previous_requirements
46
77
 
47
78
  changed_requirements.any? { |f| f[:file] == file.name }
48
79
  end
49
80
 
81
+ sig { params(file: Dependabot::DependencyFile, content: String).returns(Dependabot::DependencyFile) }
50
82
  def updated_file(file:, content:)
51
83
  updated_file = file.dup
52
84
  updated_file.content = content
data/lib/dependabot/pull_request_creator/branch_namer/solo_strategy.rb CHANGED
@@ -62,7 +62,7 @@ module Dependabot
62
62
  def property_name
63
63
  @property_name ||= dependencies.first.requirements
64
64
  .find { |r| r.dig(:metadata, :property_name) }
65
- &.dig(:metadata, :property_name)
65
+ &.dig(:metadata, :property_name)
66
66
 
67
67
  raise "No property name!" unless @property_name
68
68
 
@@ -72,7 +72,7 @@ module Dependabot
72
72
  def dependency_set
73
73
  @dependency_set ||= dependencies.first.requirements
74
74
  .find { |r| r.dig(:metadata, :dependency_set) }
75
- &.dig(:metadata, :dependency_set)
75
+ &.dig(:metadata, :dependency_set)
76
76
 
77
77
  raise "No dependency set!" unless @dependency_set
78
78
 
data/lib/dependabot/pull_request_creator/message_builder.rb CHANGED
@@ -416,7 +416,7 @@ module Dependabot
416
416
  def property_name
417
417
  @property_name ||= dependencies.first.requirements
418
418
  .find { |r| r.dig(:metadata, :property_name) }
419
- &.dig(:metadata, :property_name)
419
+ &.dig(:metadata, :property_name)
420
420
 
421
421
  raise "No property name!" unless @property_name
422
422
 
@@ -426,7 +426,7 @@ module Dependabot
426
426
  def dependency_set
427
427
  @dependency_set ||= dependencies.first.requirements
428
428
  .find { |r| r.dig(:metadata, :dependency_set) }
429
- &.dig(:metadata, :dependency_set)
429
+ &.dig(:metadata, :dependency_set)
430
430
 
431
431
  raise "No dependency set!" unless @dependency_set
432
432
 
data/lib/dependabot/pull_request_creator/pr_name_prefixer.rb CHANGED
@@ -393,8 +393,8 @@ module Dependabot
393
393
 
394
394
  @recent_codecommit_commit_messages.commits
395
395
  .find { |c| c.author.email == dependabot_email }
396
- &.message
397
- &.strip
396
+ &.message
397
+ &.strip
398
398
  end
399
399
 
400
400
  def azure_commit_author_email(commit)
data/lib/dependabot.rb CHANGED
@@ -2,5 +2,5 @@
2
2
  # frozen_string_literal: true
3
3
 
4
4
  module Dependabot
5
- VERSION = "0.233.0"
5
+ VERSION = "0.235.0"
6
6
  end
data/lib/wildcard_matcher.rb CHANGED
@@ -1,6 +1,8 @@
1
1
  # typed: strong
2
2
  # frozen_string_literal: true
3
3
 
4
+ require "sorbet-runtime"
5
+
4
6
  class WildcardMatcher
5
7
  extend T::Sig
6
8
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.233.0
4
+ version: 0.235.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-10-06 00:00:00.000000000 Z
11
+ date: 2023-10-19 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-codecommit
@@ -514,7 +514,7 @@ licenses:
514
514
  - Nonstandard
515
515
  metadata:
516
516
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
517
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.233.0
517
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.235.0
518
518
  post_install_message:
519
519
  rdoc_options: []
520
520
  require_paths: