dependabot-common 0.235.0 → 0.237.0

data/lib/dependabot/utils.rb

@@ -5,6 +5,7 @@ require "tmpdir"
 require "set"
 require "sorbet-runtime"
 require "dependabot/version"
+require "dependabot/config/file"
 
 # TODO: in due course, these "registries" should live in a wrapper gem, not
 #       dependabot-core.
@@ -22,11 +23,13 @@ module Dependabot
       version_class = @version_classes[package_manager]
       return version_class if version_class
 
-      raise "Unsupported package_manager #{package_manager}"
+      raise "Unregistered package_manager #{package_manager}"
     end
 
     sig { params(package_manager: String, version_class: T.class_of(Dependabot::Version)).void }
     def self.register_version_class(package_manager, version_class)
+      validate_package_manager!(package_manager)
+
       @version_classes[package_manager] = version_class
     end
 
@@ -37,11 +40,13 @@ module Dependabot
       requirement_class = @requirement_classes[package_manager]
       return requirement_class if requirement_class
 
-      raise "Unsupported package_manager #{package_manager}"
+      raise "Unregistered package_manager #{package_manager}"
     end
 
     sig { params(package_manager: String, requirement_class: T.class_of(Gem::Requirement)).void }
     def self.register_requirement_class(package_manager, requirement_class)
+      validate_package_manager!(package_manager)
+
       @requirement_classes[package_manager] = requirement_class
     end
 
@@ -54,7 +59,21 @@ module Dependabot
 
     sig { params(package_manager: String).void }
     def self.register_always_clone(package_manager)
+      validate_package_manager!(package_manager)
+
       @cloning_package_managers << package_manager
     end
+
+    sig { params(package_manager: String).void }
+    def self.validate_package_manager!(package_manager)
+      # Official package manager
+      return if Config::File::PACKAGE_MANAGER_LOOKUP.invert.key?(package_manager)
+
+      # Used by specs
+      return if package_manager == "dummy"
+
+      raise "Unsupported package_manager #{package_manager}"
+    end
+    private_class_method :validate_package_manager!
   end
 end

data/lib/dependabot/workspace/base.rb

@@ -1,29 +1,53 @@
-# typed: false
+# typed: strict
 # frozen_string_literal: true
 
+require "sorbet-runtime"
+
 module Dependabot
   module Workspace
     class Base
-      attr_reader :change_attempts, :path
+      extend T::Sig
+      extend T::Helpers
+      extend T::Generic
+
+      abstract!
+
+      sig { returns(T::Array[Dependabot::Workspace::ChangeAttempt]) }
+      attr_reader :change_attempts
 
+      sig { returns(T.any(Pathname, String)) }
+      attr_reader :path
+
+      sig { params(path: T.any(Pathname, String)).void }
       def initialize(path)
         @path = path
-        @change_attempts = []
+        @change_attempts = T.let([], T::Array[Dependabot::Workspace::ChangeAttempt])
       end
 
+      sig { returns(T::Boolean) }
       def changed?
         changes.any?
       end
 
+      sig { returns(T::Array[Dependabot::Workspace::ChangeAttempt]) }
       def changes
         change_attempts.select(&:success?)
       end
 
+      sig { returns(T::Array[Dependabot::Workspace::ChangeAttempt]) }
       def failed_change_attempts
         change_attempts.select(&:error?)
       end
 
-      def change(memo = nil)
+      sig do
+        type_parameters(:T)
+          .params(
+            memo: T.nilable(String),
+            _blk: T.proc.params(arg0: T.any(Pathname, String)).returns(T.type_parameter(:T))
+          )
+          .returns(T.type_parameter(:T))
+      end
+      def change(memo = nil, &_blk)
         Dir.chdir(path) { yield(path) }
       rescue StandardError => e
         capture_failed_change_attempt(memo, e)
@@ -31,17 +55,28 @@ module Dependabot
         raise e
       end
 
+      sig do
+        abstract.params(memo: T.nilable(String)).returns(T.nilable(T::Array[Dependabot::Workspace::ChangeAttempt]))
+      end
       def store_change(memo = nil); end
 
-      def to_patch
-        ""
-      end
+      sig { abstract.returns(String) }
+      def to_patch; end
 
+      sig { abstract.returns(NilClass) }
       def reset!; end
 
       protected
 
+      sig do
+        abstract
+          .params(memo: T.nilable(String), error: T.nilable(StandardError))
+          .returns(T.nilable(T::Array[Dependabot::Workspace::ChangeAttempt]))
+      end
       def capture_failed_change_attempt(memo = nil, error = nil); end
+
+      sig { abstract.returns(String) }
+      def clean; end
     end
   end
 end

data/lib/dependabot/workspace/change_attempt.rb

@@ -1,11 +1,37 @@
-# typed: true
+# typed: strong
 # frozen_string_literal: true
 
+require "sorbet-runtime"
+
 module Dependabot
   module Workspace
     class ChangeAttempt
-      attr_reader :diff, :error, :id, :memo, :workspace
+      extend T::Sig
+
+      sig { returns(T.nilable(String)) }
+      attr_reader :diff
+
+      sig { returns(T.nilable(StandardError)) }
+      attr_reader :error
+
+      sig { returns(String) }
+      attr_reader :id
 
+      sig { returns(T.nilable(String)) }
+      attr_reader :memo
+
+      sig { returns(Dependabot::Workspace::Base) }
+      attr_reader :workspace
+
+      sig do
+        params(
+          workspace: Dependabot::Workspace::Base,
+          id: String,
+          memo: T.nilable(String),
+          diff: T.nilable(String),
+          error: T.nilable(StandardError)
+        ).void
+      end
       def initialize(workspace, id:, memo:, diff: nil, error: nil)
         @workspace = workspace
         @id = id
@@ -14,12 +40,14 @@ module Dependabot
         @error = error
       end
 
+      sig { returns(T::Boolean) }
       def success?
         error.nil?
       end
 
+      sig { returns(T::Boolean) }
       def error?
-        error
+        !error.nil?
       end
     end
   end

data/lib/dependabot/workspace/git.rb

@@ -1,31 +1,40 @@
-# typed: false
+# typed: strict
 # frozen_string_literal: true
 
+require "sorbet-runtime"
 require "dependabot/workspace/base"
 require "dependabot/workspace/change_attempt"
 
 module Dependabot
   module Workspace
     class Git < Base
+      extend T::Sig
+      extend T::Helpers
+
       USER = "dependabot[bot]"
-      EMAIL = "#{USER}@users.noreply.github.com".freeze
+      EMAIL = T.let("#{USER}@users.noreply.github.com".freeze, String)
 
+      sig { returns(String) }
       attr_reader :initial_head_sha
 
+      sig { params(path: T.any(Pathname, String)).void }
       def initialize(path)
         super(path)
-        @initial_head_sha = head_sha
+        @initial_head_sha = T.let(head_sha, String)
         configure_git
       end
 
+      sig { returns(T::Boolean) }
       def changed?
         changes.any? || !changed_files.empty?
       end
 
+      sig { override.returns(String) }
       def to_patch
         run_shell_command("git diff --patch #{@initial_head_sha}.. .")
       end
 
+      sig { override.returns(NilClass) }
       def reset!
         reset(initial_head_sha)
         clean
@@ -35,6 +44,11 @@ module Dependabot
         nil
       end
 
+      sig do
+        override
+          .params(memo: T.nilable(String))
+          .returns(T.nilable(T::Array[Dependabot::Workspace::ChangeAttempt]))
+      end
       def store_change(memo = nil)
         return nil if changed_files.empty?
 
@@ -48,6 +62,11 @@ module Dependabot
 
       protected
 
+      sig do
+        override
+          .params(memo: T.nilable(String), error: T.nilable(StandardError))
+          .returns(T.nilable(T::Array[Dependabot::Workspace::ChangeAttempt]))
+      end
       def capture_failed_change_attempt(memo = nil, error = nil)
         return nil if changed_files(ignored_mode: "matching").empty? && error.nil?
 
@@ -57,19 +76,23 @@ module Dependabot
 
       private
 
+      sig { returns(String) }
       def configure_git
         run_shell_command(%(git config user.name "#{USER}"), allow_unsafe_shell_command: true)
         run_shell_command(%(git config user.email "#{EMAIL}"), allow_unsafe_shell_command: true)
       end
 
+      sig { returns(String) }
       def head_sha
         run_shell_command("git rev-parse HEAD").strip
       end
 
+      sig { returns(String) }
       def last_stash_sha
         run_shell_command("git rev-parse refs/stash").strip
       end
 
+      sig { returns(String) }
       def current_commit
         # Avoid emiting the user's commit message to logs if Dependabot hasn't made any changes
         return "Initial SHA: #{initial_head_sha}" if changes.empty?
@@ -78,10 +101,12 @@ module Dependabot
         run_shell_command(%(git log -1 --pretty="%h% B"), allow_unsafe_shell_command: true).strip
       end
 
+      sig { params(ignored_mode: String).returns(String) }
       def changed_files(ignored_mode: "traditional")
         run_shell_command("git status --untracked-files=all --ignored=#{ignored_mode} --short .").strip
       end
 
+      sig { params(memo: T.nilable(String)).returns([String, String]) }
       def stash(memo = nil)
         msg = memo || "workspace change attempt"
         run_shell_command("git add --all --force .")
@@ -93,6 +118,7 @@ module Dependabot
         [sha, diff]
       end
 
+      sig { params(memo: T.nilable(String)).returns([String, String]) }
       def commit(memo = nil)
         run_shell_command("git add #{path}")
         diff = run_shell_command("git diff --cached .")
@@ -103,18 +129,22 @@ module Dependabot
         [head_sha, diff]
       end
 
+      sig { params(sha: String).returns(String) }
       def reset(sha)
         run_shell_command("git reset --hard #{sha}")
       end
 
+      sig { override.returns(String) }
       def clean
         run_shell_command("git clean -fx .")
       end
 
+      sig { params(args: String, kwargs: T::Boolean).returns(String) }
       def run_shell_command(*args, **kwargs)
-        Dir.chdir(path) { SharedHelpers.run_shell_command(*args, **kwargs) }
+        Dir.chdir(path) { T.unsafe(SharedHelpers).run_shell_command(*args, **kwargs) }
       end
 
+      sig { params(message: String).void }
       def debug(message)
         Dependabot.logger.debug("[workspace] #{message}")
       end

data/lib/dependabot/workspace.rb

@@ -1,16 +1,28 @@
-# typed: true
+# typed: strong
 # frozen_string_literal: true
 
+require "sorbet-runtime"
 require "dependabot/workspace/git"
 
 module Dependabot
   module Workspace
-    @active_workspace = nil
+    extend T::Sig
+
+    @active_workspace = T.let(nil, T.nilable(Dependabot::Workspace::Git))
 
     class << self
+      extend T::Sig
+
+      sig { returns(T.nilable(Dependabot::Workspace::Git)) }
       attr_accessor :active_workspace
     end
 
+    sig do
+      params(
+        repo_contents_path: String,
+        directory: T.any(Pathname, String)
+      ).void
+    end
     def self.setup(repo_contents_path:, directory:)
       Dependabot.logger.debug("Setting up workspace in #{repo_contents_path}")
 
@@ -22,6 +34,7 @@ module Dependabot
       @active_workspace = Dependabot::Workspace::Git.new(full_path)
     end
 
+    sig { params(memo: T.nilable(String)).returns(T.nilable(T::Array[Dependabot::Workspace::ChangeAttempt])) }
     def self.store_change(memo:)
       return unless @active_workspace
 
@@ -30,6 +43,7 @@ module Dependabot
       @active_workspace.store_change(memo)
     end
 
+    sig { void }
     def self.cleanup!
       return unless @active_workspace
 

data/lib/dependabot.rb

@@ -2,5 +2,5 @@
 # frozen_string_literal: true
 
 module Dependabot
-  VERSION = "0.235.0"
+  VERSION = "0.237.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-common
 version: !ruby/object:Gem::Version
-  version: 0.235.0
+  version: 0.237.0
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-10-19 00:00:00.000000000 Z
+date: 2023-11-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-codecommit
@@ -101,7 +101,7 @@ dependencies:
         version: '0.96'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '0.103'
+        version: '0.105'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -111,21 +111,21 @@ dependencies:
         version: '0.96'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '0.103'
+        version: '0.105'
 - !ruby/object:Gem::Dependency
   name: faraday
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.7.10
+        version: 2.7.11
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.7.10
+        version: 2.7.11
 - !ruby/object:Gem::Dependency
   name: faraday-retry
   requirement: !ruby/object:Gem::Requirement
@@ -188,6 +188,20 @@ dependencies:
     - - "<"
       - !ruby/object:Gem::Version
         version: '7.0'
+- !ruby/object:Gem::Dependency
+  name: opentelemetry-sdk
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
 - !ruby/object:Gem::Dependency
   name: parser
   requirement: !ruby/object:Gem::Requirement
@@ -326,20 +340,34 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rspec-sorbet
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.9.2
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.9.2
 - !ruby/object:Gem::Dependency
   name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.56.0
+        version: 1.57.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.56.0
+        version: 1.57.2
 - !ruby/object:Gem::Dependency
   name: rubocop-performance
   requirement: !ruby/object:Gem::Requirement
@@ -514,7 +542,7 @@ licenses:
 - Nonstandard
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.235.0
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.237.0
 post_install_message: 
 rdoc_options: []
 require_paths: