RubyGems - dependabot-common - Versions diffs - 0.244.0 → 0.246.0 - Mend

dependabot-common 0.244.0 → 0.246.0

Files changed (28) hide show

checksums.yaml +4 -4
data/lib/dependabot/clients/bitbucket.rb +113 -5
data/lib/dependabot/clients/bitbucket_with_retries.rb +34 -10
data/lib/dependabot/clients/codecommit.rb +107 -12
data/lib/dependabot/clients/github_with_retries.rb +61 -19
data/lib/dependabot/clients/gitlab_with_retries.rb +60 -7
data/lib/dependabot/dependency.rb +1 -1
data/lib/dependabot/errors.rb +8 -2
data/lib/dependabot/git_commit_checker.rb +4 -3
data/lib/dependabot/metadata_finders/base/changelog_finder.rb +1 -1
data/lib/dependabot/metadata_finders/base/commits_finder.rb +1 -1
data/lib/dependabot/metadata_finders/base/release_finder.rb +1 -1
data/lib/dependabot/pull_request_creator/azure.rb +80 -9
data/lib/dependabot/pull_request_creator/bitbucket.rb +73 -9
data/lib/dependabot/pull_request_creator/codecommit.rb +96 -25
data/lib/dependabot/pull_request_creator/github.rb +162 -49
data/lib/dependabot/pull_request_creator/gitlab.rb +109 -21
data/lib/dependabot/pull_request_creator/message_builder.rb +239 -89
data/lib/dependabot/pull_request_creator/pr_name_prefixer.rb +11 -9
data/lib/dependabot/pull_request_creator.rb +32 -27
data/lib/dependabot/pull_request_updater/azure.rb +75 -11
data/lib/dependabot/pull_request_updater/github.rb +89 -28
data/lib/dependabot/pull_request_updater/gitlab.rb +61 -12
data/lib/dependabot/pull_request_updater.rb +1 -1
data/lib/dependabot/shared_helpers.rb +19 -1
data/lib/dependabot/update_checkers/base.rb +121 -31
data/lib/dependabot.rb +1 -1
metadata +3 -3

data/lib/dependabot/pull_request_creator/pr_name_prefixer.rb CHANGED Viewed

@@ -39,7 +39,7 @@ module Dependabot
           dependencies: T::Array[Dependency],
           credentials: T::Array[Dependabot::Credential],
           security_fix: T::Boolean,
-          commit_message_options: T::Hash[Symbol, T.untyped]
+          commit_message_options: T.nilable(T::Hash[Symbol, T.untyped])
         )
           .void
       end
@@ -80,7 +80,7 @@ module Dependabot
       sig { returns(T::Array[Dependabot::Credential]) }
       attr_reader :credentials
-      sig { returns(T::Hash[Symbol, T.untyped]) }
+      sig { returns(T.nilable(T::Hash[Symbol, T.untyped])) }
       attr_reader :commit_message_options
       sig { returns(T::Boolean) }
@@ -91,7 +91,7 @@ module Dependabot
       sig { returns(T.nilable(String)) }
       def commit_prefix
         # If a preferred prefix has been explicitly provided, use it
-        return prefix_from_explicitly_provided_details if commit_message_options.key?(:prefix)
+        return prefix_from_explicitly_provided_details if commit_message_options&.key?(:prefix)
         # Otherwise, if there is a previous Dependabot commit and it used a
         # known style, use that as our model for subsequent commits
@@ -107,24 +107,26 @@ module Dependabot
         prefix = explicitly_provided_prefix_string
         return if prefix.empty?
-        prefix += "(#{scope})" if commit_message_options[:include_scope]
+        prefix += "(#{scope})" if commit_message_options&.dig(:include_scope)
         prefix += ":" if prefix.match?(/[A-Za-z0-9\)\]]\Z/)
         prefix += " " unless prefix.end_with?(" ")
         prefix
       end
+      # rubocop:disable Metrics/PerceivedComplexity
       sig { returns(String) }
       def explicitly_provided_prefix_string
-        raise "No explicitly provided prefix!" unless commit_message_options.key?(:prefix)
+        raise "No explicitly provided prefix!" unless commit_message_options&.key?(:prefix)
         if dependencies.any?(&:production?)
-          commit_message_options[:prefix].to_s
-        elsif commit_message_options.key?(:prefix_development)
-          commit_message_options[:prefix_development].to_s
+          commit_message_options&.dig(:prefix).to_s
+        elsif commit_message_options&.key?(:prefix_development)
+          commit_message_options&.dig(:prefix_development).to_s
         else
-          commit_message_options[:prefix].to_s
+          commit_message_options&.dig(:prefix).to_s
         end
       end
+      # rubocop:enable Metrics/PerceivedComplexity
       sig { returns(String) }
       def prefix_for_last_dependabot_commit_style

data/lib/dependabot/pull_request_creator.rb CHANGED Viewed

@@ -101,7 +101,12 @@ module Dependabot
     sig { returns(T::Hash[String, String]) }
     attr_reader :vulnerabilities_fixed
-    sig { returns(T.nilable(T.any(T::Array[String], T::Hash[Symbol, T::Array[Integer]]))) }
+    AzureReviewers = T.type_alias { T.nilable(T::Array[String]) }
+    GithubReviewers = T.type_alias { T.nilable(T::Hash[String, T::Array[String]]) }
+    GitLabReviewers = T.type_alias { T.nilable(T::Hash[Symbol, T::Array[Integer]]) }
+    Reviewers = T.type_alias { T.any(AzureReviewers, GithubReviewers, GitLabReviewers) }
+    sig { returns(Reviewers) }
     attr_reader :reviewers
     sig { returns(T.nilable(T.any(T::Array[String], T::Array[Integer]))) }
@@ -151,7 +156,7 @@ module Dependabot
         signature_key: T.nilable(String),
         commit_message_options: T::Hash[Symbol, T.untyped],
         vulnerabilities_fixed: T::Hash[String, String],
-        reviewers: T.nilable(T.any(T::Array[String], T::Hash[Symbol, T::Array[Integer]])),
+        reviewers: Reviewers,
         assignees: T.nilable(T.any(T::Array[String], T::Array[Integer])),
         milestone: T.nilable(T.any(T::Array[String], Integer)),
         branch_name_separator: String,
@@ -265,15 +270,15 @@ module Dependabot
         base_commit: base_commit,
         credentials: credentials,
         files: files,
-        commit_message: message.commit_message,
-        pr_description: message.pr_message,
-        pr_name: message.pr_name,
+        commit_message: T.must(message.commit_message),
+        pr_description: T.must(message.pr_message),
+        pr_name: T.must(message.pr_name),
         author_details: author_details,
         signature_key: signature_key,
         labeler: labeler,
-        reviewers: reviewers,
-        assignees: assignees,
-        milestone: milestone,
+        reviewers: T.cast(reviewers, GithubReviewers),
+        assignees: T.cast(assignees, T.nilable(T::Array[String])),
+        milestone: T.cast(milestone, T.nilable(Integer)),
         custom_headers: custom_headers,
         require_up_to_date_base: require_up_to_date_base?
       )
@@ -287,15 +292,15 @@ module Dependabot
         base_commit: base_commit,
         credentials: credentials,
         files: files,
-        commit_message: message.commit_message,
-        pr_description: message.pr_message,
-        pr_name: message.pr_name,
+        commit_message: T.must(message.commit_message),
+        pr_description: T.must(message.pr_message),
+        pr_name: T.must(message.pr_name),
         author_details: author_details,
         labeler: labeler,
-        approvers: reviewers,
-        assignees: assignees,
+        approvers: T.cast(reviewers, T.nilable(T::Hash[Symbol, T::Array[Integer]])),
+        assignees: T.cast(assignees, T.nilable(T::Array[Integer])),
         milestone: milestone,
-        target_project_id: provider_metadata&.fetch(:target_project_id, nil)
+        target_project_id: T.cast(provider_metadata&.fetch(:target_project_id, nil), T.nilable(Integer))
       )
     end
@@ -307,14 +312,14 @@ module Dependabot
         base_commit: base_commit,
         credentials: credentials,
         files: files,
-        commit_message: message.commit_message,
-        pr_description: message.pr_message,
-        pr_name: message.pr_name,
+        commit_message: T.must(message.commit_message),
+        pr_description: T.must(message.pr_message),
+        pr_name: T.must(message.pr_name),
         author_details: author_details,
         labeler: labeler,
-        reviewers: reviewers,
-        assignees: assignees,
-        work_item: provider_metadata&.fetch(:work_item, nil)
+        reviewers: T.cast(reviewers, AzureReviewers),
+        assignees: T.cast(assignees, T.nilable(T::Array[String])),
+        work_item: T.cast(provider_metadata&.fetch(:work_item, nil), T.nilable(Integer))
       )
     end
@@ -326,12 +331,12 @@ module Dependabot
         base_commit: base_commit,
         credentials: credentials,
         files: files,
-        commit_message: message.commit_message,
-        pr_description: message.pr_message,
-        pr_name: message.pr_name,
+        commit_message: T.must(message.commit_message),
+        pr_description: T.must(message.pr_message),
+        pr_name: T.must(message.pr_name),
         author_details: author_details,
         labeler: nil,
-        work_item: provider_metadata&.fetch(:work_item, nil)
+        work_item: T.cast(provider_metadata&.fetch(:work_item, nil), T.nilable(Integer))
       )
     end
@@ -343,9 +348,9 @@ module Dependabot
         base_commit: base_commit,
         credentials: credentials,
         files: files,
-        commit_message: message.commit_message,
-        pr_description: message.pr_message,
-        pr_name: message.pr_name,
+        commit_message: T.must(message.commit_message),
+        pr_description: T.must(message.pr_message),
+        pr_name: T.must(message.pr_name),
         author_details: author_details,
         labeler: labeler,
         require_up_to_date_base: require_up_to_date_base?

data/lib/dependabot/pull_request_updater/azure.rb CHANGED Viewed

@@ -1,19 +1,53 @@
-# typed: true
+# typed: strict
 # frozen_string_literal: true
-require "dependabot/clients/azure"
 require "securerandom"
+require "sorbet-runtime"
+require "dependabot/clients/azure"
 module Dependabot
   class PullRequestUpdater
     class Azure
+      extend T::Sig
       class PullRequestUpdateFailed < Dependabot::DependabotError; end
       OBJECT_ID_FOR_BRANCH_DELETE = "0000000000000000000000000000000000000000"
-      attr_reader :source, :files, :base_commit, :old_commit, :credentials,
-                  :pull_request_number, :author_details
+      sig { returns(Dependabot::Source) }
+      attr_reader :source
+      sig { returns(T::Array[Dependabot::DependencyFile]) }
+      attr_reader :files
+      sig { returns(String) }
+      attr_reader :base_commit
+      sig { returns(String) }
+      attr_reader :old_commit
+      sig { returns(T::Array[Dependabot::Credential]) }
+      attr_reader :credentials
+      sig { returns(Integer) }
+      attr_reader :pull_request_number
+      sig { returns(T.nilable(T::Hash[Symbol, String])) }
+      attr_reader :author_details
+      sig do
+        params(
+          source: Dependabot::Source,
+          files: T::Array[Dependabot::DependencyFile],
+          base_commit: String,
+          old_commit: String,
+          credentials: T::Array[Dependabot::Credential],
+          pull_request_number: Integer,
+          author_details: T.nilable(T::Hash[Symbol, String])
+        )
+          .void
+      end
       def initialize(source:, files:, base_commit:, old_commit:,
                      credentials:, pull_request_number:, author_details: nil)
         @source = source
@@ -25,6 +59,7 @@ module Dependabot
         @author_details = author_details
       end
+      sig { returns(NilClass) }
       def update
         return unless pull_request_exists? && source_branch_exists?
@@ -33,28 +68,37 @@ module Dependabot
       private
+      sig { returns(Dependabot::Clients::Azure) }
       def azure_client_for_source
         @azure_client_for_source ||=
-          Dependabot::Clients::Azure.for_source(
-            source: source,
-            credentials: credentials
+          T.let(
+            Dependabot::Clients::Azure.for_source(
+              source: source,
+              credentials: credentials
+            ),
+            T.nilable(Dependabot::Clients::Azure)
           )
       end
+      sig { returns(T::Boolean) }
       def pull_request_exists?
         pull_request
+        true
       rescue Dependabot::Clients::Azure::NotFound
         false
       end
+      sig { returns(T::Boolean) }
       def source_branch_exists?
         azure_client_for_source.branch(source_branch_name)
+        true
       rescue Dependabot::Clients::Azure::NotFound
         false
       end
       # Currently the PR diff in ADO shows difference in commits instead of actual diff in files.
       # This workaround puts the target branch commit history on the source branch along with the file changes.
+      sig { returns(NilClass) }
       def update_source_branch
         # 1) Push the file changes to a newly created temporary branch (from base commit)
         new_commit = create_temp_branch
@@ -66,15 +110,24 @@ module Dependabot
         raise PullRequestUpdateFailed, response.fetch("customMessage", nil) unless response.fetch("success", false)
       end
+      sig { returns(T.nilable(T::Hash[String, T.untyped])) }
       def pull_request
         @pull_request ||=
-          azure_client_for_source.pull_request(pull_request_number.to_s)
+          T.let(
+            azure_client_for_source.pull_request(pull_request_number.to_s),
+            T.nilable(T::Hash[String, T.untyped])
+          )
       end
+      sig { returns(String) }
       def source_branch_name
-        @source_branch_name ||= pull_request&.fetch("sourceRefName")&.gsub("refs/heads/", "")
+        @source_branch_name ||= T.let(
+          pull_request&.fetch("sourceRefName")&.gsub("refs/heads/", ""),
+          T.nilable(String)
+        )
       end
+      sig { returns(String) }
       def create_temp_branch
         author = author_details&.slice(:name, :email, :date)
         author = nil unless author&.any?
@@ -90,11 +143,16 @@ module Dependabot
         JSON.parse(response.body).fetch("refUpdates").first.fetch("newObjectId")
       end
+      sig { returns(String) }
       def temp_branch_name
         @temp_branch_name ||=
-          "#{source_branch_name}-temp-#{SecureRandom.uuid[0..6]}"
+          T.let(
+            "#{source_branch_name}-temp-#{SecureRandom.uuid[0..6]}",
+            T.nilable(String)
+          )
       end
+      sig { params(branch_name: String, old_commit: String, new_commit: String).returns(T::Hash[String, T.untyped]) }
       def update_branch(branch_name, old_commit, new_commit)
         azure_client_for_source.update_ref(
           branch_name,
@@ -104,15 +162,21 @@ module Dependabot
       end
       # For updating source branch, we require the latest commit for the source branch.
+      sig { returns(T::Hash[String, T.untyped]) }
       def commit_being_updated
         @commit_being_updated ||=
-          azure_client_for_source.commits(source_branch_name).first
+          T.let(
+            T.must(azure_client_for_source.commits(source_branch_name).first),
+            T.nilable(T::Hash[String, T.untyped])
+          )
       end
+      sig { returns(String) }
       def old_source_branch_commit
         commit_being_updated.fetch("commitId")
       end
+      sig { returns(String) }
       def commit_message
         commit_being_updated.fetch("comment")
       end

data/lib/dependabot/pull_request_updater/github.rb CHANGED Viewed

@@ -1,7 +1,9 @@
-# typed: true
+# typed: strict
 # frozen_string_literal: true
 require "octokit"
+require "sorbet-runtime"
 require "dependabot/clients/github_with_retries"
 require "dependabot/pull_request_creator/commit_signer"
 require "dependabot/pull_request_updater"
@@ -9,9 +11,45 @@ require "dependabot/pull_request_updater"
 module Dependabot
   class PullRequestUpdater
     class Github
-      attr_reader :source, :files, :base_commit, :old_commit, :credentials,
-                  :pull_request_number, :author_details, :signature_key
+      extend T::Sig
+      sig { returns(Dependabot::Source) }
+      attr_reader :source
+      sig { returns(T::Array[Dependabot::DependencyFile]) }
+      attr_reader :files
+      sig { returns(String) }
+      attr_reader :base_commit
+      sig { returns(String) }
+      attr_reader :old_commit
+      sig { returns(T::Array[Dependabot::Credential]) }
+      attr_reader :credentials
+      sig { returns(Integer) }
+      attr_reader :pull_request_number
+      sig { returns(T.nilable(T::Hash[Symbol, T.untyped])) }
+      attr_reader :author_details
+      sig { returns(T.nilable(String)) }
+      attr_reader :signature_key
+      sig do
+        params(
+          source: Dependabot::Source,
+          base_commit: String,
+          old_commit: String,
+          files: T::Array[Dependabot::DependencyFile],
+          credentials: T::Array[Dependabot::Credential],
+          pull_request_number: Integer,
+          author_details: T.nilable(T::Hash[Symbol, T.untyped]),
+          signature_key: T.nilable(String)
+        )
+          .void
+      end
       def initialize(source:, base_commit:, old_commit:, files:,
                      credentials:, pull_request_number:,
                      author_details: nil, signature_key: nil)
@@ -25,6 +63,7 @@ module Dependabot
         @signature_key       = signature_key
       end
+      sig { returns(T.nilable(Sawyer::Resource)) }
       def update
         return unless pull_request_exists?
         return unless branch_exists?(pull_request.head.ref)
@@ -37,11 +76,12 @@ module Dependabot
       private
+      sig { void }
       def update_pull_request_target_branch
         target_branch = source.branch || pull_request.base.repo.default_branch
         return if target_branch == pull_request.base.ref
-        github_client_for_source.update_pull_request(
+        T.unsafe(github_client_for_source).update_pull_request(
           source.repo,
           pull_request_number,
           base: target_branch
@@ -50,6 +90,7 @@ module Dependabot
         handle_pr_update_error(e)
       end
+      sig { params(error: Octokit::Error).void }
       def handle_pr_update_error(error)
         # Return quietly if the PR has been closed
         return if error.message.match?(/closed pull request/i)
@@ -57,19 +98,24 @@ module Dependabot
         # Ignore cases where the target branch has been deleted
         return if error.message.include?("field: base") &&
                   source.branch &&
-                  !branch_exists?(source.branch)
+                  !branch_exists?(T.must(source.branch))
         raise error
       end
+      sig { returns(Dependabot::Clients::GithubWithRetries) }
       def github_client_for_source
         @github_client_for_source ||=
-          Dependabot::Clients::GithubWithRetries.for_source(
-            source: source,
-            credentials: credentials
+          T.let(
+            Dependabot::Clients::GithubWithRetries.for_source(
+              source: source,
+              credentials: credentials
+            ),
+            T.nilable(Dependabot::Clients::GithubWithRetries)
           )
       end
+      sig { returns(T::Boolean) }
       def pull_request_exists?
         pull_request
         true
@@ -77,20 +123,27 @@ module Dependabot
         false
       end
+      sig { returns(T.untyped) }
       def pull_request
         @pull_request ||=
-          github_client_for_source.pull_request(
-            source.repo,
-            pull_request_number
+          T.let(
+            T.unsafe(github_client_for_source).pull_request(
+              source.repo,
+              pull_request_number
+            ),
+            T.untyped
           )
       end
+      sig { params(name: String).returns(T::Boolean) }
       def branch_exists?(name)
-        github_client_for_source.branch(source.repo, name)
+        T.unsafe(github_client_for_source).branch(source.repo, name)
+        true
       rescue Octokit::NotFound
         false
       end
+      sig { returns(T.untyped) }
       def create_commit
         tree = create_tree
@@ -102,7 +155,7 @@ module Dependabot
         end
         begin
-          github_client_for_source.create_commit(
+          T.unsafe(github_client_for_source).create_commit(
             source.repo,
             commit_message,
             tree.sha,
@@ -123,6 +176,7 @@ module Dependabot
         end
       end
+      sig { returns(T.untyped) }
       def create_tree
         file_trees = files.map do |file|
           if file.type == "submodule"
@@ -136,7 +190,7 @@ module Dependabot
             content = if file.operation == Dependabot::DependencyFile::Operation::DELETE
                         { sha: nil }
                       elsif file.binary?
-                        sha = github_client_for_source.create_blob(
+                        sha = T.unsafe(github_client_for_source).create_blob(
                           source.repo, file.content, "base64"
                         )
                         { sha: sha }
@@ -152,15 +206,16 @@ module Dependabot
           end
         end
-        github_client_for_source.create_tree(
+        T.unsafe(github_client_for_source).create_tree(
           source.repo,
           file_trees,
           base_tree: base_commit
         )
       end
+      sig { params(commit: T.untyped).returns(T.untyped) }
       def update_branch(commit)
-        github_client_for_source.update_ref(
+        T.unsafe(github_client_for_source).update_ref(
           source.repo,
           "heads/" + pull_request.head.ref,
           commit.sha,
@@ -181,6 +236,7 @@ module Dependabot
         raise
       end
+      sig { returns(String) }
       def commit_message
         fallback_message =
           "#{pull_request.title}" \
@@ -193,30 +249,35 @@ module Dependabot
         commit_being_updated&.message || fallback_message
       end
+      sig { returns(T.untyped) }
       def commit_being_updated
         return @commit_being_updated if defined?(@commit_being_updated)
         @commit_being_updated =
-          if pull_request.commits == 1
-            github_client_for_source
-              .git_commit(source.repo, pull_request.head.sha)
-          else
-            commits =
-              github_client_for_source
-              .pull_request_commits(source.repo, pull_request_number)
-            commit = commits.find { |c| c.sha == old_commit }
-            commit&.commit
-          end
+          T.let(
+            if pull_request.commits == 1
+              T.unsafe(github_client_for_source)
+               .git_commit(source.repo, pull_request.head.sha)
+            else
+              commits =
+                T.unsafe(github_client_for_source)
+                 .pull_request_commits(source.repo, pull_request_number)
+              commit = commits.find { |c| c.sha == old_commit }
+              commit&.commit
+            end,
+            T.untyped
+          )
       end
+      sig { params(tree: T.untyped, author_details_with_date: T::Hash[Symbol, T.untyped]).returns(String) }
       def commit_signature(tree, author_details_with_date)
         PullRequestCreator::CommitSigner.new(
           author_details: author_details_with_date,
           commit_message: commit_message,
           tree_sha: tree.sha,
           parent_sha: base_commit,
-          signature_key: signature_key
+          signature_key: T.must(signature_key)
         ).signature
       end
     end