dependabot-common 0.244.0 → 0.246.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7aa21cb81796cffb973cf4ff58644678588c40d9c6efc0cd81d514a3a894cbce
-  data.tar.gz: b786777a6d7509b002bdef262c441197dad93a31767599885e2202b299040b2e
+  metadata.gz: afa14b1e2f804f1713004ae03cf9ba9ac2ed546794d736bbeedef24d18f8be7b
+  data.tar.gz: 012a72964c4ae5f6140ab6a81d101f227bd84445a2e04b77395252ae66771bc8
 SHA512:
-  metadata.gz: 78eb059c3184e4329102ffb76b91339bb42ec740a97c622f4c1a67d5694c14fb0b44a40c08b6fba5e4712b0a83a9d745b099ec7685e8eb95f667a670625345a5
-  data.tar.gz: 7c08bebb791070f134fbc4b40c3cff32431fb6342f02137e5803bb6f2439bfdf5f199f5b5b71e99d9398842da38b5f6c84eb5e0c61912f8212352052321da888
+  metadata.gz: 367510a477d1b7a1d362f69a8a4a8bdcfb1d89f355f442291d3640c247391e924612b51bbe3393b146dcfb621d1faf53ab7dc364bf4eba134c17389a781d4ba0
+  data.tar.gz: ae0d0af76bbea879c4cf4faec7c1be85067cec9918c1c7ad2818b60c160d5da93bcb11a5c3bd9287d4b9f11256de46eb0758f56db98ef2586ec2c3d4e514ed17

data/lib/dependabot/clients/bitbucket.rb

@@ -1,12 +1,16 @@
-# typed: true
+# typed: strict
 # frozen_string_literal: true
 
-require "dependabot/shared_helpers"
 require "excon"
+require "sorbet-runtime"
+
+require "dependabot/shared_helpers"
 
 module Dependabot
   module Clients
     class Bitbucket
+      extend T::Sig
+
       class NotFound < StandardError; end
 
       class Unauthorized < StandardError; end
@@ -19,6 +23,13 @@ module Dependabot
       # Constructor methods #
       #######################
 
+      sig do
+        params(
+          source: Dependabot::Source,
+          credentials: T::Array[Dependabot::Credential]
+        )
+          .returns(Dependabot::Clients::Bitbucket)
+      end
       def self.for_source(source:, credentials:)
         credential =
           credentials
@@ -32,11 +43,13 @@ module Dependabot
       # Client #
       ##########
 
+      sig { params(credentials: T.nilable(Dependabot::Credential)).void }
       def initialize(credentials:)
         @credentials = credentials
-        @auth_header = auth_header_for(credentials&.fetch("token", nil))
+        @auth_header = T.let(auth_header_for(credentials&.fetch("token", nil)), T::Hash[String, String])
       end
 
+      sig { params(repo: String, branch: String).returns(String) }
       def fetch_commit(repo, branch)
         path = "#{repo}/refs/branches/#{branch}"
         response = get(base_url + path)
@@ -44,12 +57,21 @@ module Dependabot
         JSON.parse(response.body).fetch("target").fetch("hash")
       end
 
+      sig { params(repo: String).returns(String) }
       def fetch_default_branch(repo)
         response = get(base_url + repo)
 
         JSON.parse(response.body).fetch("mainbranch").fetch("name")
       end
 
+      sig do
+        params(
+          repo: String,
+          commit: T.nilable(String),
+          path: T.nilable(String)
+        )
+          .returns(T::Array[T::Hash[String, T.untyped]])
+      end
       def fetch_repo_contents(repo, commit = nil, path = nil)
         raise "Commit is required if path provided!" if commit.nil? && path
 
@@ -62,6 +84,14 @@ module Dependabot
         JSON.parse(response.body).fetch("values")
       end
 
+      sig do
+        params(
+          repo: String,
+          commit: String,
+          path: String
+        )
+          .returns(String)
+      end
       def fetch_file_contents(repo, commit, path)
         path = "#{repo}/src/#{commit}/#{path.gsub(%r{/+$}, '')}"
         response = get(base_url + path)
@@ -69,12 +99,26 @@ module Dependabot
         response.body
       end
 
+      sig do
+        params(
+          repo: String,
+          branch_name: T.nilable(String)
+        )
+          .returns(T::Enumerator[T::Hash[String, T.untyped]])
+      end
       def commits(repo, branch_name = nil)
         commits_path = "#{repo}/commits/#{branch_name}?pagelen=100"
         next_page_url = base_url + commits_path
         paginate({ "next" => next_page_url })
       end
 
+      sig do
+        params(
+          repo: String,
+          branch_name: String
+        )
+          .returns(T::Hash[String, T.untyped])
+      end
       def branch(repo, branch_name)
         branch_path = "#{repo}/refs/branches/#{branch_name}"
         response = get(base_url + branch_path)
@@ -82,6 +126,15 @@ module Dependabot
         JSON.parse(response.body)
       end
 
+      sig do
+        params(
+          repo: String,
+          source_branch: T.nilable(String),
+          target_branch: T.nilable(String),
+          status: T::Array[String]
+        )
+          .returns(T::Array[T::Hash[String, T.untyped]])
+      end
       def pull_requests(repo, source_branch, target_branch, status = %w(OPEN MERGED DECLINED SUPERSEDED))
         pr_path = "#{repo}/pullrequests?"
         # Get pull requests with given status
@@ -104,6 +157,17 @@ module Dependabot
       end
 
       # rubocop:disable Metrics/ParameterLists
+      sig do
+        params(
+          repo: String,
+          branch_name: String,
+          base_commit: String,
+          commit_message: String,
+          files: T::Array[Dependabot::DependencyFile],
+          author_details: T::Hash[Symbol, String]
+        )
+          .void
+      end
       def create_commit(repo, branch_name, base_commit, commit_message, files,
                         author_details)
         parameters = {
@@ -125,6 +189,18 @@ module Dependabot
       # rubocop:enable Metrics/ParameterLists
 
       # rubocop:disable Metrics/ParameterLists
+      sig do
+        params(
+          repo: String,
+          pr_name: String,
+          source_branch: String,
+          target_branch: String,
+          pr_description: String,
+          _labels: T.nilable(T::Array[String]),
+          _work_item: T.nilable(Integer)
+        )
+          .void
+      end
       def create_pull_request(repo, pr_name, source_branch, target_branch,
                               pr_description, _labels, _work_item = nil)
         reviewers = default_reviewers(repo)
@@ -151,6 +227,7 @@ module Dependabot
       end
       # rubocop:enable Metrics/ParameterLists
 
+      sig { params(repo: String, pr_id: Integer, comment: T.nilable(String)).void }
       def decline_pull_request(repo, pr_id, comment = nil)
         # https://developer.atlassian.com/cloud/bitbucket/rest/api-group-pullrequests/
         decline_path = "#{repo}/pullrequests/#{pr_id}/decline"
@@ -168,14 +245,16 @@ module Dependabot
         post(base_url + comment_path, content.to_json)
       end
 
+      sig { returns(T.nilable(String)) }
       def current_user
         base_url = "https://api.bitbucket.org/2.0/user?fields=uuid"
         response = get(base_url)
         JSON.parse(response.body).fetch("uuid")
       rescue Unauthorized
-        [nil]
+        nil
       end
 
+      sig { params(repo: String).returns(T::Array[T::Hash[String, String]]) }
       def default_reviewers(repo)
         current_uuid = current_user
         path = "#{repo}/default-reviewers?pagelen=100&fields=values.uuid,next"
@@ -192,6 +271,7 @@ module Dependabot
         reviewer_data
       end
 
+      sig { params(repo: String).returns(T::Array[T::Hash[String, String]]) }
       def tags(repo)
         path = "#{repo}/refs/tags?pagelen=100"
         response = get(base_url + path)
@@ -199,6 +279,14 @@ module Dependabot
         JSON.parse(response.body).fetch("values")
       end
 
+      sig do
+        params(
+          repo: String,
+          previous_tag: String,
+          new_tag: String
+        )
+          .returns(T::Array[T::Hash[String, T.untyped]])
+      end
       def compare(repo, previous_tag, new_tag)
         path = "#{repo}/commits/?include=#{new_tag}&exclude=#{previous_tag}"
         response = get(base_url + path)
@@ -206,6 +294,7 @@ module Dependabot
         JSON.parse(response.body).fetch("values")
       end
 
+      sig { params(url: String).returns(Excon::Response) }
       def get(url)
         response = Excon.get(
           URI::DEFAULT_PARSER.escape(url),
@@ -230,6 +319,14 @@ module Dependabot
         response
       end
 
+      sig do
+        params(
+          url: String,
+          body: String,
+          content_type: String
+        )
+          .returns(Excon::Response)
+      end
       def post(url, body, content_type = "application/json")
         headers = auth_header
 
@@ -259,12 +356,14 @@ module Dependabot
 
       private
 
+      sig { params(token: T.nilable(String)).returns(T::Hash[String, String]) }
       def auth_header_for(token)
         return {} unless token
 
         { "Authorization" => "Bearer #{token}" }
       end
 
+      sig { params(parameters: T::Hash[String, String]).returns(String) }
       def encode_form_parameters(parameters)
         parameters.map do |key, value|
           URI.encode_www_form_component(key.to_s) + "=" + URI.encode_www_form_component(value.to_s)
@@ -284,6 +383,11 @@ module Dependabot
       #     response = post(url, body)
       #     first_page = JSON.parse(response.body)
       #     paginate(first_page)
+      sig do
+        type_parameters(:T)
+          .params(page: T.all(T.type_parameter(:T), T::Hash[String, T.untyped]))
+          .returns(T::Enumerator[T.type_parameter(:T)])
+      end
       def paginate(page)
         Enumerator.new do |yielder|
           loop do
@@ -291,14 +395,18 @@ module Dependabot
             break unless page.key?("next")
 
             next_page_url = page.fetch("next")
-            page = JSON.parse(get(next_page_url).body)
+            page = T.cast(JSON.parse(get(next_page_url).body), T.all(T::Hash[String, T.untyped], T.type_parameter(:T)))
           end
         end
       end
 
+      sig { returns(T::Hash[String, String]) }
       attr_reader :auth_header
+
+      sig { returns(T.nilable(Dependabot::Credential)) }
       attr_reader :credentials
 
+      sig { returns(String) }
       def base_url
         # TODO: Make this configurable when we support enterprise Bitbucket
         "https://api.bitbucket.org/2.0/repositories/"

data/lib/dependabot/clients/bitbucket_with_retries.rb

@@ -1,4 +1,4 @@
-# typed: true
+# typed: strict
 # frozen_string_literal: true
 
 require_relative "bitbucket"
@@ -6,15 +6,18 @@ require_relative "bitbucket"
 module Dependabot
   module Clients
     class BitbucketWithRetries
-      RETRYABLE_ERRORS = [
-        Excon::Error::Timeout,
-        Excon::Error::Socket
-      ].freeze
+      extend T::Sig
+
+      RETRYABLE_ERRORS = T.let(
+        [Excon::Error::Timeout, Excon::Error::Socket].freeze,
+        T::Array[T.class_of(Excon::Error)]
+      )
 
       #######################
       # Constructor methods #
       #######################
 
+      sig { params(credentials: T::Array[Dependabot::Credential]).returns(BitbucketWithRetries) }
       def self.for_bitbucket_dot_org(credentials:)
         credential =
           credentials
@@ -28,27 +31,48 @@ module Dependabot
       # Proxying #
       ############
 
-      def initialize(max_retries: 3, **args)
-        @max_retries = max_retries || 3
-        @client = Bitbucket.new(**T.unsafe(args))
+      sig { params(credentials: T.nilable(Dependabot::Credential), max_retries: T.nilable(Integer)).void }
+      def initialize(credentials:, max_retries: 3)
+        @max_retries = T.let(max_retries || 3, Integer)
+        @client = T.let(Bitbucket.new(credentials: credentials), Dependabot::Clients::Bitbucket)
       end
 
+      sig do
+        params(
+          method_name: T.any(Symbol, String),
+          args: T.untyped,
+          block: T.nilable(T.proc.returns(T.untyped))
+        )
+          .returns(T.untyped)
+      end
       def method_missing(method_name, *args, &block)
         retry_connection_failures do
           if @client.respond_to?(method_name)
             mutatable_args = args.map(&:dup)
-            @client.public_send(method_name, *mutatable_args, &block)
+            T.unsafe(@client).public_send(method_name, *mutatable_args, &block)
           else
             super
           end
         end
       end
 
+      sig do
+        params(
+          method_name: Symbol,
+          include_private: T::Boolean
+        )
+          .returns(T::Boolean)
+      end
       def respond_to_missing?(method_name, include_private = false)
         @client.respond_to?(method_name) || super
       end
 
-      def retry_connection_failures
+      sig do
+        type_parameters(:T)
+          .params(_blk: T.proc.returns(T.type_parameter(:T)))
+          .returns(T.type_parameter(:T))
+      end
+      def retry_connection_failures(&_blk)
         retry_attempt = 0
 
         begin

data/lib/dependabot/clients/codecommit.rb

@@ -1,7 +1,9 @@
-# typed: true
+# typed: strict
 # frozen_string_literal: true
 
 require "aws-sdk-codecommit"
+require "sorbet-runtime"
+
 require "dependabot/shared_helpers"
 
 module Dependabot
@@ -15,6 +17,13 @@ module Dependabot
       # Constructor methods #
       #######################
 
+      sig do
+        params(
+          source: Dependabot::Source,
+          credentials: T::Array[Dependabot::Credential]
+        )
+          .returns(Dependabot::Clients::CodeCommit)
+      end
       def self.for_source(source:, credentials:)
         credential =
           credentials
@@ -28,20 +37,32 @@ module Dependabot
       # Client #
       ##########
 
+      sig do
+        params(
+          source: Dependabot::Source,
+          credentials: T.nilable(Dependabot::Credential)
+        )
+          .void
+      end
       def initialize(source, credentials)
         @source = source
         @cc_client =
-          if credentials
-            Aws::CodeCommit::Client.new(
-              access_key_id: credentials.fetch("username"),
-              secret_access_key: credentials.fetch("password"),
-              region: credentials.fetch("region")
-            )
-          else
-            Aws::CodeCommit::Client.new
-          end
+          T.let(
+            if credentials
+              Aws::CodeCommit::Client.new(
+                access_key_id: credentials.fetch("username"),
+                secret_access_key: credentials.fetch("password"),
+                region: credentials.fetch("region")
+              )
+            else
+              Aws::CodeCommit::Client.new
+            end,
+            Aws::CodeCommit::Client
+          )
       end
 
+      # TODO: Should repo be required?
+      sig { params(repo: T.nilable(String), branch: String).returns(String) }
       def fetch_commit(repo, branch)
         cc_client.get_branch(
           branch_name: branch,
@@ -49,12 +70,20 @@ module Dependabot
         ).branch.commit_id
       end
 
+      sig { params(repo: String).returns(String) }
       def fetch_default_branch(repo)
         cc_client.get_repository(
           repository_name: repo
         ).repository_metadata.default_branch
       end
 
+      sig do
+        params(
+          repo: String, commit: T.nilable(String),
+          path: T.nilable(String)
+        )
+          .returns(Aws::CodeCommit::Types::GetFolderOutput)
+      end
       def fetch_repo_contents(repo, commit = nil, path = nil)
         actual_path = path
         actual_path = "/" if path.to_s.empty?
@@ -66,6 +95,14 @@ module Dependabot
         )
       end
 
+      sig do
+        params(
+          repo: String,
+          commit: String,
+          path: String
+        )
+          .returns(String)
+      end
       def fetch_file_contents(repo, commit, path)
         cc_client.get_file(
           repository_name: repo,
@@ -76,6 +113,12 @@ module Dependabot
           raise NotFound
       end
 
+      sig do
+        params(
+          branch_name: String
+        )
+          .returns(String)
+      end
       def branch(branch_name)
         cc_client.get_branch(
           repository_name: source.unscoped_repo,
@@ -84,6 +127,14 @@ module Dependabot
       end
 
       # work around b/c codecommit doesn't have a 'get all commits' api..
+      sig do
+        params(
+          repo: String,
+          branch_name: String,
+          result_count: Integer
+        )
+          .returns(T::Array[String])
+      end
       def fetch_commits(repo, branch_name, result_count)
         top_commit = fetch_commit(repo, branch_name)
         retrieved_commits = []
@@ -123,7 +174,14 @@ module Dependabot
         result
       end
 
-      def commits(repo, branch_name = source.branch)
+      sig do
+        params(
+          repo: String,
+          branch_name: String
+        )
+          .returns(Aws::CodeCommit::Types::Commit)
+      end
+      def commits(repo, branch_name = T.must(source.branch))
         retrieved_commits = fetch_commits(repo, branch_name, 5)
 
         result = @cc_client.batch_get_commits(
@@ -136,6 +194,14 @@ module Dependabot
         result
       end
 
+      sig do
+        params(
+          repo: String,
+          state: String,
+          branch: String
+        )
+          .returns(T::Array[Aws::CodeCommit::Types::PullRequest])
+      end
       def pull_requests(repo, state, branch)
         pull_request_ids = @cc_client.list_pull_requests(
           repository_name: repo,
@@ -158,6 +224,14 @@ module Dependabot
         result
       end
 
+      sig do
+        params(
+          repo: String,
+          branch_name: String,
+          commit_id: String
+        )
+          .returns(Aws::CodeCommit::Types::BranchInfo)
+      end
       def create_branch(repo, branch_name, commit_id)
         cc_client.create_branch(
           repository_name: repo,
@@ -166,6 +240,16 @@ module Dependabot
         )
       end
 
+      sig do
+        params(
+          branch_name: String,
+          author_name: String,
+          base_commit: String,
+          commit_message: String,
+          files: T::Array[Dependabot::DependencyFile]
+        )
+          .returns(Aws::CodeCommit::Types::CreateCommitOutput)
+      end
       def create_commit(branch_name, author_name, base_commit, commit_message,
                         files)
         cc_client.create_commit(
@@ -184,6 +268,15 @@ module Dependabot
         )
       end
 
+      sig do
+        params(
+          pr_name: String,
+          target_branch: String,
+          source_branch: String,
+          pr_description: String
+        )
+          .returns(T.nilable(Aws::CodeCommit::Types::CreatePullRequestOutput))
+      end
       def create_pull_request(pr_name, target_branch, source_branch,
                               pr_description)
         cc_client.create_pull_request(
@@ -199,8 +292,10 @@ module Dependabot
 
       private
 
-      attr_reader :credentials
+      sig { returns(Dependabot::Source) }
       attr_reader :source
+
+      sig { returns(Aws::CodeCommit::Client) }
       attr_reader :cc_client
     end
   end