dependabot-common 0.244.0 → 0.246.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (28) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/clients/bitbucket.rb +113 -5
  3. data/lib/dependabot/clients/bitbucket_with_retries.rb +34 -10
  4. data/lib/dependabot/clients/codecommit.rb +107 -12
  5. data/lib/dependabot/clients/github_with_retries.rb +61 -19
  6. data/lib/dependabot/clients/gitlab_with_retries.rb +60 -7
  7. data/lib/dependabot/dependency.rb +1 -1
  8. data/lib/dependabot/errors.rb +8 -2
  9. data/lib/dependabot/git_commit_checker.rb +4 -3
  10. data/lib/dependabot/metadata_finders/base/changelog_finder.rb +1 -1
  11. data/lib/dependabot/metadata_finders/base/commits_finder.rb +1 -1
  12. data/lib/dependabot/metadata_finders/base/release_finder.rb +1 -1
  13. data/lib/dependabot/pull_request_creator/azure.rb +80 -9
  14. data/lib/dependabot/pull_request_creator/bitbucket.rb +73 -9
  15. data/lib/dependabot/pull_request_creator/codecommit.rb +96 -25
  16. data/lib/dependabot/pull_request_creator/github.rb +162 -49
  17. data/lib/dependabot/pull_request_creator/gitlab.rb +109 -21
  18. data/lib/dependabot/pull_request_creator/message_builder.rb +239 -89
  19. data/lib/dependabot/pull_request_creator/pr_name_prefixer.rb +11 -9
  20. data/lib/dependabot/pull_request_creator.rb +32 -27
  21. data/lib/dependabot/pull_request_updater/azure.rb +75 -11
  22. data/lib/dependabot/pull_request_updater/github.rb +89 -28
  23. data/lib/dependabot/pull_request_updater/gitlab.rb +61 -12
  24. data/lib/dependabot/pull_request_updater.rb +1 -1
  25. data/lib/dependabot/shared_helpers.rb +19 -1
  26. data/lib/dependabot/update_checkers/base.rb +121 -31
  27. data/lib/dependabot.rb +1 -1
  28. metadata +3 -3
data/lib/dependabot/pull_request_creator/pr_name_prefixer.rb CHANGED
@@ -39,7 +39,7 @@ module Dependabot
39
39
  dependencies: T::Array[Dependency],
40
40
  credentials: T::Array[Dependabot::Credential],
41
41
  security_fix: T::Boolean,
42
- commit_message_options: T::Hash[Symbol, T.untyped]
42
+ commit_message_options: T.nilable(T::Hash[Symbol, T.untyped])
43
43
  )
44
44
  .void
45
45
  end
@@ -80,7 +80,7 @@ module Dependabot
80
80
  sig { returns(T::Array[Dependabot::Credential]) }
81
81
  attr_reader :credentials
82
82
 
83
- sig { returns(T::Hash[Symbol, T.untyped]) }
83
+ sig { returns(T.nilable(T::Hash[Symbol, T.untyped])) }
84
84
  attr_reader :commit_message_options
85
85
 
86
86
  sig { returns(T::Boolean) }
@@ -91,7 +91,7 @@ module Dependabot
91
91
  sig { returns(T.nilable(String)) }
92
92
  def commit_prefix
93
93
  # If a preferred prefix has been explicitly provided, use it
94
- return prefix_from_explicitly_provided_details if commit_message_options.key?(:prefix)
94
+ return prefix_from_explicitly_provided_details if commit_message_options&.key?(:prefix)
95
95
 
96
96
  # Otherwise, if there is a previous Dependabot commit and it used a
97
97
  # known style, use that as our model for subsequent commits
@@ -107,24 +107,26 @@ module Dependabot
107
107
  prefix = explicitly_provided_prefix_string
108
108
  return if prefix.empty?
109
109
 
110
- prefix += "(#{scope})" if commit_message_options[:include_scope]
110
+ prefix += "(#{scope})" if commit_message_options&.dig(:include_scope)
111
111
  prefix += ":" if prefix.match?(/[A-Za-z0-9\)\]]\Z/)
112
112
  prefix += " " unless prefix.end_with?(" ")
113
113
  prefix
114
114
  end
115
115
 
116
+ # rubocop:disable Metrics/PerceivedComplexity
116
117
  sig { returns(String) }
117
118
  def explicitly_provided_prefix_string
118
- raise "No explicitly provided prefix!" unless commit_message_options.key?(:prefix)
119
+ raise "No explicitly provided prefix!" unless commit_message_options&.key?(:prefix)
119
120
 
120
121
  if dependencies.any?(&:production?)
121
- commit_message_options[:prefix].to_s
122
- elsif commit_message_options.key?(:prefix_development)
123
- commit_message_options[:prefix_development].to_s
122
+ commit_message_options&.dig(:prefix).to_s
123
+ elsif commit_message_options&.key?(:prefix_development)
124
+ commit_message_options&.dig(:prefix_development).to_s
124
125
  else
125
- commit_message_options[:prefix].to_s
126
+ commit_message_options&.dig(:prefix).to_s
126
127
  end
127
128
  end
129
+ # rubocop:enable Metrics/PerceivedComplexity
128
130
 
129
131
  sig { returns(String) }
130
132
  def prefix_for_last_dependabot_commit_style
data/lib/dependabot/pull_request_creator.rb CHANGED
@@ -101,7 +101,12 @@ module Dependabot
101
101
  sig { returns(T::Hash[String, String]) }
102
102
  attr_reader :vulnerabilities_fixed
103
103
 
104
- sig { returns(T.nilable(T.any(T::Array[String], T::Hash[Symbol, T::Array[Integer]]))) }
104
+ AzureReviewers = T.type_alias { T.nilable(T::Array[String]) }
105
+ GithubReviewers = T.type_alias { T.nilable(T::Hash[String, T::Array[String]]) }
106
+ GitLabReviewers = T.type_alias { T.nilable(T::Hash[Symbol, T::Array[Integer]]) }
107
+ Reviewers = T.type_alias { T.any(AzureReviewers, GithubReviewers, GitLabReviewers) }
108
+
109
+ sig { returns(Reviewers) }
105
110
  attr_reader :reviewers
106
111
 
107
112
  sig { returns(T.nilable(T.any(T::Array[String], T::Array[Integer]))) }
@@ -151,7 +156,7 @@ module Dependabot
151
156
  signature_key: T.nilable(String),
152
157
  commit_message_options: T::Hash[Symbol, T.untyped],
153
158
  vulnerabilities_fixed: T::Hash[String, String],
154
- reviewers: T.nilable(T.any(T::Array[String], T::Hash[Symbol, T::Array[Integer]])),
159
+ reviewers: Reviewers,
155
160
  assignees: T.nilable(T.any(T::Array[String], T::Array[Integer])),
156
161
  milestone: T.nilable(T.any(T::Array[String], Integer)),
157
162
  branch_name_separator: String,
@@ -265,15 +270,15 @@ module Dependabot
265
270
  base_commit: base_commit,
266
271
  credentials: credentials,
267
272
  files: files,
268
- commit_message: message.commit_message,
269
- pr_description: message.pr_message,
270
- pr_name: message.pr_name,
273
+ commit_message: T.must(message.commit_message),
274
+ pr_description: T.must(message.pr_message),
275
+ pr_name: T.must(message.pr_name),
271
276
  author_details: author_details,
272
277
  signature_key: signature_key,
273
278
  labeler: labeler,
274
- reviewers: reviewers,
275
- assignees: assignees,
276
- milestone: milestone,
279
+ reviewers: T.cast(reviewers, GithubReviewers),
280
+ assignees: T.cast(assignees, T.nilable(T::Array[String])),
281
+ milestone: T.cast(milestone, T.nilable(Integer)),
277
282
  custom_headers: custom_headers,
278
283
  require_up_to_date_base: require_up_to_date_base?
279
284
  )
@@ -287,15 +292,15 @@ module Dependabot
287
292
  base_commit: base_commit,
288
293
  credentials: credentials,
289
294
  files: files,
290
- commit_message: message.commit_message,
291
- pr_description: message.pr_message,
292
- pr_name: message.pr_name,
295
+ commit_message: T.must(message.commit_message),
296
+ pr_description: T.must(message.pr_message),
297
+ pr_name: T.must(message.pr_name),
293
298
  author_details: author_details,
294
299
  labeler: labeler,
295
- approvers: reviewers,
296
- assignees: assignees,
300
+ approvers: T.cast(reviewers, T.nilable(T::Hash[Symbol, T::Array[Integer]])),
301
+ assignees: T.cast(assignees, T.nilable(T::Array[Integer])),
297
302
  milestone: milestone,
298
- target_project_id: provider_metadata&.fetch(:target_project_id, nil)
303
+ target_project_id: T.cast(provider_metadata&.fetch(:target_project_id, nil), T.nilable(Integer))
299
304
  )
300
305
  end
301
306
 
@@ -307,14 +312,14 @@ module Dependabot
307
312
  base_commit: base_commit,
308
313
  credentials: credentials,
309
314
  files: files,
310
- commit_message: message.commit_message,
311
- pr_description: message.pr_message,
312
- pr_name: message.pr_name,
315
+ commit_message: T.must(message.commit_message),
316
+ pr_description: T.must(message.pr_message),
317
+ pr_name: T.must(message.pr_name),
313
318
  author_details: author_details,
314
319
  labeler: labeler,
315
- reviewers: reviewers,
316
- assignees: assignees,
317
- work_item: provider_metadata&.fetch(:work_item, nil)
320
+ reviewers: T.cast(reviewers, AzureReviewers),
321
+ assignees: T.cast(assignees, T.nilable(T::Array[String])),
322
+ work_item: T.cast(provider_metadata&.fetch(:work_item, nil), T.nilable(Integer))
318
323
  )
319
324
  end
320
325
 
@@ -326,12 +331,12 @@ module Dependabot
326
331
  base_commit: base_commit,
327
332
  credentials: credentials,
328
333
  files: files,
329
- commit_message: message.commit_message,
330
- pr_description: message.pr_message,
331
- pr_name: message.pr_name,
334
+ commit_message: T.must(message.commit_message),
335
+ pr_description: T.must(message.pr_message),
336
+ pr_name: T.must(message.pr_name),
332
337
  author_details: author_details,
333
338
  labeler: nil,
334
- work_item: provider_metadata&.fetch(:work_item, nil)
339
+ work_item: T.cast(provider_metadata&.fetch(:work_item, nil), T.nilable(Integer))
335
340
  )
336
341
  end
337
342
 
@@ -343,9 +348,9 @@ module Dependabot
343
348
  base_commit: base_commit,
344
349
  credentials: credentials,
345
350
  files: files,
346
- commit_message: message.commit_message,
347
- pr_description: message.pr_message,
348
- pr_name: message.pr_name,
351
+ commit_message: T.must(message.commit_message),
352
+ pr_description: T.must(message.pr_message),
353
+ pr_name: T.must(message.pr_name),
349
354
  author_details: author_details,
350
355
  labeler: labeler,
351
356
  require_up_to_date_base: require_up_to_date_base?
data/lib/dependabot/pull_request_updater/azure.rb CHANGED
@@ -1,19 +1,53 @@
1
- # typed: true
1
+ # typed: strict
2
2
  # frozen_string_literal: true
3
3
 
4
- require "dependabot/clients/azure"
5
4
  require "securerandom"
5
+ require "sorbet-runtime"
6
+
7
+ require "dependabot/clients/azure"
6
8
 
7
9
  module Dependabot
8
10
  class PullRequestUpdater
9
11
  class Azure
12
+ extend T::Sig
13
+
10
14
  class PullRequestUpdateFailed < Dependabot::DependabotError; end
11
15
 
12
16
  OBJECT_ID_FOR_BRANCH_DELETE = "0000000000000000000000000000000000000000"
13
17
 
14
- attr_reader :source, :files, :base_commit, :old_commit, :credentials,
15
- :pull_request_number, :author_details
18
+ sig { returns(Dependabot::Source) }
19
+ attr_reader :source
20
+
21
+ sig { returns(T::Array[Dependabot::DependencyFile]) }
22
+ attr_reader :files
23
+
24
+ sig { returns(String) }
25
+ attr_reader :base_commit
26
+
27
+ sig { returns(String) }
28
+ attr_reader :old_commit
29
+
30
+ sig { returns(T::Array[Dependabot::Credential]) }
31
+ attr_reader :credentials
16
32
 
33
+ sig { returns(Integer) }
34
+ attr_reader :pull_request_number
35
+
36
+ sig { returns(T.nilable(T::Hash[Symbol, String])) }
37
+ attr_reader :author_details
38
+
39
+ sig do
40
+ params(
41
+ source: Dependabot::Source,
42
+ files: T::Array[Dependabot::DependencyFile],
43
+ base_commit: String,
44
+ old_commit: String,
45
+ credentials: T::Array[Dependabot::Credential],
46
+ pull_request_number: Integer,
47
+ author_details: T.nilable(T::Hash[Symbol, String])
48
+ )
49
+ .void
50
+ end
17
51
  def initialize(source:, files:, base_commit:, old_commit:,
18
52
  credentials:, pull_request_number:, author_details: nil)
19
53
  @source = source
@@ -25,6 +59,7 @@ module Dependabot
25
59
  @author_details = author_details
26
60
  end
27
61
 
62
+ sig { returns(NilClass) }
28
63
  def update
29
64
  return unless pull_request_exists? && source_branch_exists?
30
65
 
@@ -33,28 +68,37 @@ module Dependabot
33
68
 
34
69
  private
35
70
 
71
+ sig { returns(Dependabot::Clients::Azure) }
36
72
  def azure_client_for_source
37
73
  @azure_client_for_source ||=
38
- Dependabot::Clients::Azure.for_source(
39
- source: source,
40
- credentials: credentials
74
+ T.let(
75
+ Dependabot::Clients::Azure.for_source(
76
+ source: source,
77
+ credentials: credentials
78
+ ),
79
+ T.nilable(Dependabot::Clients::Azure)
41
80
  )
42
81
  end
43
82
 
83
+ sig { returns(T::Boolean) }
44
84
  def pull_request_exists?
45
85
  pull_request
86
+ true
46
87
  rescue Dependabot::Clients::Azure::NotFound
47
88
  false
48
89
  end
49
90
 
91
+ sig { returns(T::Boolean) }
50
92
  def source_branch_exists?
51
93
  azure_client_for_source.branch(source_branch_name)
94
+ true
52
95
  rescue Dependabot::Clients::Azure::NotFound
53
96
  false
54
97
  end
55
98
 
56
99
  # Currently the PR diff in ADO shows difference in commits instead of actual diff in files.
57
100
  # This workaround puts the target branch commit history on the source branch along with the file changes.
101
+ sig { returns(NilClass) }
58
102
  def update_source_branch
59
103
  # 1) Push the file changes to a newly created temporary branch (from base commit)
60
104
  new_commit = create_temp_branch
@@ -66,15 +110,24 @@ module Dependabot
66
110
  raise PullRequestUpdateFailed, response.fetch("customMessage", nil) unless response.fetch("success", false)
67
111
  end
68
112
 
113
+ sig { returns(T.nilable(T::Hash[String, T.untyped])) }
69
114
  def pull_request
70
115
  @pull_request ||=
71
- azure_client_for_source.pull_request(pull_request_number.to_s)
116
+ T.let(
117
+ azure_client_for_source.pull_request(pull_request_number.to_s),
118
+ T.nilable(T::Hash[String, T.untyped])
119
+ )
72
120
  end
73
121
 
122
+ sig { returns(String) }
74
123
  def source_branch_name
75
- @source_branch_name ||= pull_request&.fetch("sourceRefName")&.gsub("refs/heads/", "")
124
+ @source_branch_name ||= T.let(
125
+ pull_request&.fetch("sourceRefName")&.gsub("refs/heads/", ""),
126
+ T.nilable(String)
127
+ )
76
128
  end
77
129
 
130
+ sig { returns(String) }
78
131
  def create_temp_branch
79
132
  author = author_details&.slice(:name, :email, :date)
80
133
  author = nil unless author&.any?
@@ -90,11 +143,16 @@ module Dependabot
90
143
  JSON.parse(response.body).fetch("refUpdates").first.fetch("newObjectId")
91
144
  end
92
145
 
146
+ sig { returns(String) }
93
147
  def temp_branch_name
94
148
  @temp_branch_name ||=
95
- "#{source_branch_name}-temp-#{SecureRandom.uuid[0..6]}"
149
+ T.let(
150
+ "#{source_branch_name}-temp-#{SecureRandom.uuid[0..6]}",
151
+ T.nilable(String)
152
+ )
96
153
  end
97
154
 
155
+ sig { params(branch_name: String, old_commit: String, new_commit: String).returns(T::Hash[String, T.untyped]) }
98
156
  def update_branch(branch_name, old_commit, new_commit)
99
157
  azure_client_for_source.update_ref(
100
158
  branch_name,
@@ -104,15 +162,21 @@ module Dependabot
104
162
  end
105
163
 
106
164
  # For updating source branch, we require the latest commit for the source branch.
165
+ sig { returns(T::Hash[String, T.untyped]) }
107
166
  def commit_being_updated
108
167
  @commit_being_updated ||=
109
- azure_client_for_source.commits(source_branch_name).first
168
+ T.let(
169
+ T.must(azure_client_for_source.commits(source_branch_name).first),
170
+ T.nilable(T::Hash[String, T.untyped])
171
+ )
110
172
  end
111
173
 
174
+ sig { returns(String) }
112
175
  def old_source_branch_commit
113
176
  commit_being_updated.fetch("commitId")
114
177
  end
115
178
 
179
+ sig { returns(String) }
116
180
  def commit_message
117
181
  commit_being_updated.fetch("comment")
118
182
  end
data/lib/dependabot/pull_request_updater/github.rb CHANGED
@@ -1,7 +1,9 @@
1
- # typed: true
1
+ # typed: strict
2
2
  # frozen_string_literal: true
3
3
 
4
4
  require "octokit"
5
+ require "sorbet-runtime"
6
+
5
7
  require "dependabot/clients/github_with_retries"
6
8
  require "dependabot/pull_request_creator/commit_signer"
7
9
  require "dependabot/pull_request_updater"
@@ -9,9 +11,45 @@ require "dependabot/pull_request_updater"
9
11
  module Dependabot
10
12
  class PullRequestUpdater
11
13
  class Github
12
- attr_reader :source, :files, :base_commit, :old_commit, :credentials,
13
- :pull_request_number, :author_details, :signature_key
14
+ extend T::Sig
15
+
16
+ sig { returns(Dependabot::Source) }
17
+ attr_reader :source
18
+
19
+ sig { returns(T::Array[Dependabot::DependencyFile]) }
20
+ attr_reader :files
21
+
22
+ sig { returns(String) }
23
+ attr_reader :base_commit
24
+
25
+ sig { returns(String) }
26
+ attr_reader :old_commit
27
+
28
+ sig { returns(T::Array[Dependabot::Credential]) }
29
+ attr_reader :credentials
30
+
31
+ sig { returns(Integer) }
32
+ attr_reader :pull_request_number
33
+
34
+ sig { returns(T.nilable(T::Hash[Symbol, T.untyped])) }
35
+ attr_reader :author_details
36
+
37
+ sig { returns(T.nilable(String)) }
38
+ attr_reader :signature_key
14
39
 
40
+ sig do
41
+ params(
42
+ source: Dependabot::Source,
43
+ base_commit: String,
44
+ old_commit: String,
45
+ files: T::Array[Dependabot::DependencyFile],
46
+ credentials: T::Array[Dependabot::Credential],
47
+ pull_request_number: Integer,
48
+ author_details: T.nilable(T::Hash[Symbol, T.untyped]),
49
+ signature_key: T.nilable(String)
50
+ )
51
+ .void
52
+ end
15
53
  def initialize(source:, base_commit:, old_commit:, files:,
16
54
  credentials:, pull_request_number:,
17
55
  author_details: nil, signature_key: nil)
@@ -25,6 +63,7 @@ module Dependabot
25
63
  @signature_key = signature_key
26
64
  end
27
65
 
66
+ sig { returns(T.nilable(Sawyer::Resource)) }
28
67
  def update
29
68
  return unless pull_request_exists?
30
69
  return unless branch_exists?(pull_request.head.ref)
@@ -37,11 +76,12 @@ module Dependabot
37
76
 
38
77
  private
39
78
 
79
+ sig { void }
40
80
  def update_pull_request_target_branch
41
81
  target_branch = source.branch || pull_request.base.repo.default_branch
42
82
  return if target_branch == pull_request.base.ref
43
83
 
44
- github_client_for_source.update_pull_request(
84
+ T.unsafe(github_client_for_source).update_pull_request(
45
85
  source.repo,
46
86
  pull_request_number,
47
87
  base: target_branch
@@ -50,6 +90,7 @@ module Dependabot
50
90
  handle_pr_update_error(e)
51
91
  end
52
92
 
93
+ sig { params(error: Octokit::Error).void }
53
94
  def handle_pr_update_error(error)
54
95
  # Return quietly if the PR has been closed
55
96
  return if error.message.match?(/closed pull request/i)
@@ -57,19 +98,24 @@ module Dependabot
57
98
  # Ignore cases where the target branch has been deleted
58
99
  return if error.message.include?("field: base") &&
59
100
  source.branch &&
60
- !branch_exists?(source.branch)
101
+ !branch_exists?(T.must(source.branch))
61
102
 
62
103
  raise error
63
104
  end
64
105
 
106
+ sig { returns(Dependabot::Clients::GithubWithRetries) }
65
107
  def github_client_for_source
66
108
  @github_client_for_source ||=
67
- Dependabot::Clients::GithubWithRetries.for_source(
68
- source: source,
69
- credentials: credentials
109
+ T.let(
110
+ Dependabot::Clients::GithubWithRetries.for_source(
111
+ source: source,
112
+ credentials: credentials
113
+ ),
114
+ T.nilable(Dependabot::Clients::GithubWithRetries)
70
115
  )
71
116
  end
72
117
 
118
+ sig { returns(T::Boolean) }
73
119
  def pull_request_exists?
74
120
  pull_request
75
121
  true
@@ -77,20 +123,27 @@ module Dependabot
77
123
  false
78
124
  end
79
125
 
126
+ sig { returns(T.untyped) }
80
127
  def pull_request
81
128
  @pull_request ||=
82
- github_client_for_source.pull_request(
83
- source.repo,
84
- pull_request_number
129
+ T.let(
130
+ T.unsafe(github_client_for_source).pull_request(
131
+ source.repo,
132
+ pull_request_number
133
+ ),
134
+ T.untyped
85
135
  )
86
136
  end
87
137
 
138
+ sig { params(name: String).returns(T::Boolean) }
88
139
  def branch_exists?(name)
89
- github_client_for_source.branch(source.repo, name)
140
+ T.unsafe(github_client_for_source).branch(source.repo, name)
141
+ true
90
142
  rescue Octokit::NotFound
91
143
  false
92
144
  end
93
145
 
146
+ sig { returns(T.untyped) }
94
147
  def create_commit
95
148
  tree = create_tree
96
149
 
@@ -102,7 +155,7 @@ module Dependabot
102
155
  end
103
156
 
104
157
  begin
105
- github_client_for_source.create_commit(
158
+ T.unsafe(github_client_for_source).create_commit(
106
159
  source.repo,
107
160
  commit_message,
108
161
  tree.sha,
@@ -123,6 +176,7 @@ module Dependabot
123
176
  end
124
177
  end
125
178
 
179
+ sig { returns(T.untyped) }
126
180
  def create_tree
127
181
  file_trees = files.map do |file|
128
182
  if file.type == "submodule"
@@ -136,7 +190,7 @@ module Dependabot
136
190
  content = if file.operation == Dependabot::DependencyFile::Operation::DELETE
137
191
  { sha: nil }
138
192
  elsif file.binary?
139
- sha = github_client_for_source.create_blob(
193
+ sha = T.unsafe(github_client_for_source).create_blob(
140
194
  source.repo, file.content, "base64"
141
195
  )
142
196
  { sha: sha }
@@ -152,15 +206,16 @@ module Dependabot
152
206
  end
153
207
  end
154
208
 
155
- github_client_for_source.create_tree(
209
+ T.unsafe(github_client_for_source).create_tree(
156
210
  source.repo,
157
211
  file_trees,
158
212
  base_tree: base_commit
159
213
  )
160
214
  end
161
215
 
216
+ sig { params(commit: T.untyped).returns(T.untyped) }
162
217
  def update_branch(commit)
163
- github_client_for_source.update_ref(
218
+ T.unsafe(github_client_for_source).update_ref(
164
219
  source.repo,
165
220
  "heads/" + pull_request.head.ref,
166
221
  commit.sha,
@@ -181,6 +236,7 @@ module Dependabot
181
236
  raise
182
237
  end
183
238
 
239
+ sig { returns(String) }
184
240
  def commit_message
185
241
  fallback_message =
186
242
  "#{pull_request.title}" \
@@ -193,30 +249,35 @@ module Dependabot
193
249
  commit_being_updated&.message || fallback_message
194
250
  end
195
251
 
252
+ sig { returns(T.untyped) }
196
253
  def commit_being_updated
197
254
  return @commit_being_updated if defined?(@commit_being_updated)
198
255
 
199
256
  @commit_being_updated =
200
- if pull_request.commits == 1
201
- github_client_for_source
202
- .git_commit(source.repo, pull_request.head.sha)
203
- else
204
- commits =
205
- github_client_for_source
206
- .pull_request_commits(source.repo, pull_request_number)
207
-
208
- commit = commits.find { |c| c.sha == old_commit }
209
- commit&.commit
210
- end
257
+ T.let(
258
+ if pull_request.commits == 1
259
+ T.unsafe(github_client_for_source)
260
+ .git_commit(source.repo, pull_request.head.sha)
261
+ else
262
+ commits =
263
+ T.unsafe(github_client_for_source)
264
+ .pull_request_commits(source.repo, pull_request_number)
265
+
266
+ commit = commits.find { |c| c.sha == old_commit }
267
+ commit&.commit
268
+ end,
269
+ T.untyped
270
+ )
211
271
  end
212
272
 
273
+ sig { params(tree: T.untyped, author_details_with_date: T::Hash[Symbol, T.untyped]).returns(String) }
213
274
  def commit_signature(tree, author_details_with_date)
214
275
  PullRequestCreator::CommitSigner.new(
215
276
  author_details: author_details_with_date,
216
277
  commit_message: commit_message,
217
278
  tree_sha: tree.sha,
218
279
  parent_sha: base_commit,
219
- signature_key: signature_key
280
+ signature_key: T.must(signature_key)
220
281
  ).signature
221
282
  end
222
283
  end