dependabot-common 0.245.0 → 0.247.0

data/lib/dependabot/clients/gitlab_with_retries.rb

@@ -1,12 +1,20 @@
-# typed: true
+# typed: strict
 # frozen_string_literal: true
 
 require "gitlab"
+require "sorbet-runtime"
+
+require "dependabot/credential"
 
 module Dependabot
   module Clients
     class GitlabWithRetries
-      RETRYABLE_ERRORS = [Gitlab::Error::BadGateway].freeze
+      extend T::Sig
+
+      RETRYABLE_ERRORS = T.let(
+        [Gitlab::Error::BadGateway].freeze,
+        T::Array[T.class_of(Gitlab::Error::ResponseError)]
+      )
 
       class ContentEncoding
         BASE64 = "base64"
@@ -17,6 +25,13 @@ module Dependabot
       # Constructor methods #
       #######################
 
+      sig do
+        params(
+          source: Dependabot::Source,
+          credentials: T::Array[Dependabot::Credential]
+        )
+          .returns(Dependabot::Clients::GitlabWithRetries)
+      end
       def self.for_source(source:, credentials:)
         access_token =
           credentials
@@ -31,6 +46,7 @@ module Dependabot
         )
       end
 
+      sig { params(credentials: T::Array[Dependabot::Credential]).returns(Dependabot::Clients::GitlabWithRetries) }
       def self.for_gitlab_dot_com(credentials:)
         access_token =
           credentials
@@ -49,10 +65,12 @@ module Dependabot
       # VCS Interface #
       #################
 
+      sig { params(repo: String, branch: String).returns(String) }
       def fetch_commit(repo, branch)
         T.unsafe(self).branch(repo, branch).commit.id
       end
 
+      sig { params(repo: String).returns(String) }
       def fetch_default_branch(repo)
         T.unsafe(self).project(repo).default_branch
       end
@@ -61,9 +79,10 @@ module Dependabot
       # Proxying #
       ############
 
+      sig { params(max_retries: T.nilable(Integer), args: T.untyped).void }
       def initialize(max_retries: 3, **args)
-        @max_retries = max_retries || 3
-        @client = ::Gitlab::Client.new(args)
+        @max_retries = T.let(max_retries || 3, Integer)
+        @client = T.let(::Gitlab::Client.new(args), ::Gitlab::Client)
       end
 
       # Create commit in gitlab repo with correctly mapped file actions
@@ -74,32 +93,63 @@ module Dependabot
       # @param [Array<Dependabot::DependencyFile>] files
       # @param [Hash] options
       # @return [Gitlab::ObjectifiedHash]
+      sig do
+        params(
+          repo: String,
+          branch_name: String,
+          commit_message: String,
+          files: T::Array[Dependabot::DependencyFile],
+          options: T.untyped
+        )
+          .returns(Gitlab::ObjectifiedHash)
+      end
       def create_commit(repo, branch_name, commit_message, files, **options)
         @client.create_commit(
           repo,
           branch_name,
           commit_message,
           file_actions(files),
-          **options
+          options
         )
       end
 
+      # TODO: Create all the methods that are called on the client
+      sig do
+        params(
+          method_name: T.any(Symbol, String),
+          args: T.untyped,
+          block: T.nilable(T.proc.returns(T.untyped))
+        )
+          .returns(T.untyped)
+      end
       def method_missing(method_name, *args, &block)
         retry_connection_failures do
           if @client.respond_to?(method_name)
             mutatable_args = args.map(&:dup)
-            @client.public_send(method_name, *mutatable_args, &block)
+            T.unsafe(@client).public_send(method_name, *mutatable_args, &block)
           else
             super
           end
         end
       end
 
+      sig do
+        params(
+          method_name: Symbol,
+          include_private: T::Boolean
+        )
+          .returns(T::Boolean)
+      end
       def respond_to_missing?(method_name, include_private = false)
         @client.respond_to?(method_name) || super
       end
 
-      def retry_connection_failures
+      sig do
+        type_parameters(:T)
+          .params(_blk: T.proc.returns(T.type_parameter(:T)))
+          .returns(T.type_parameter(:T))
+      end
+      def retry_connection_failures(&_blk)
         retry_attempt = 0
 
         begin
@@ -116,6 +166,7 @@ module Dependabot
       #
       # @param [Array<Dependabot::DependencyFile>] files
       # @return [Array<Hash>]
+      sig { params(files: T::Array[Dependabot::DependencyFile]).returns(T::Array[T::Hash[Symbol, T.untyped]]) }
       def file_actions(files)
         files.map do |file|
           {
@@ -131,6 +182,7 @@ module Dependabot
       #
       # @param [Dependabot::DependencyFile] file
       # @return [String]
+      sig { params(file: Dependabot::DependencyFile).returns(String) }
       def file_action(file)
         if file.operation == Dependabot::DependencyFile::Operation::DELETE
           "delete"
@@ -145,6 +197,7 @@ module Dependabot
       #
       # @param [Dependabot::DependencyFile] file
       # @return [String]
+      sig { params(file: Dependabot::DependencyFile).returns(String) }
       def file_encoding(file)
         return ContentEncoding::BASE64 if file.content_encoding == Dependabot::DependencyFile::ContentEncoding::BASE64
 

data/lib/dependabot/dependency.rb

@@ -93,7 +93,7 @@ module Dependabot
         # TODO: Make version a Dependabot::Version everywhere
         version: T.nilable(T.any(String, Dependabot::Version)),
         previous_version: T.nilable(String),
-        previous_requirements: T.nilable(T::Array[T::Hash[String, String]]),
+        previous_requirements: T.nilable(T::Array[T::Hash[T.any(Symbol, String), T.untyped]]),
         subdependency_metadata: T.nilable(T::Array[T::Hash[T.any(Symbol, String), String]]),
         removed: T::Boolean,
         metadata: T.nilable(T::Hash[T.any(Symbol, String), String])

data/lib/dependabot/errors.rb

@@ -7,6 +7,18 @@ require "dependabot/utils"
 module Dependabot
   extend T::Sig
 
+  module ErrorAttributes
+    BACKTRACE         = "error-backtrace"
+    CLASS             = "error-class"
+    DETAILS           = "error-details"
+    FINGERPRINT       = "fingerprint"
+    MESSAGE           = "error-message"
+    DEPENDENCIES      = "job-dependencies"
+    DEPENDENCY_GROUPS = "job-dependency-groups"
+    JOB_ID            = "job-id"
+    PACKAGE_MANAGER   = "package-manager"
+  end
+
   # rubocop:disable Metrics/MethodLength
   sig { params(error: StandardError).returns(T.nilable(T::Hash[Symbol, T.untyped])) }
   def self.fetcher_error_details(error)
@@ -48,7 +60,10 @@ module Dependabot
     when Dependabot::DependencyFileNotFound
       {
         "error-type": "dependency_file_not_found",
-        "error-detail": { "file-path": error.file_path }
+        "error-detail": {
+          message: error.message,
+          "file-path": error.file_path
+        }
       }
     when Dependabot::OutOfDisk
       {
@@ -108,7 +123,10 @@ module Dependabot
     when Dependabot::DependencyFileNotFound
       {
         "error-type": "dependency_file_not_found",
-        "error-detail": { "file-path": error.file_path }
+        "error-detail": {
+          message: error.message,
+          "file-path": error.file_path
+        }
       }
     when Dependabot::PathDependenciesNotReachable
       {

data/lib/dependabot/file_fetchers/base.rb

@@ -354,11 +354,6 @@ module Dependabot
         end
       end
 
-      sig { returns(T::Boolean) }
-      def recurse_submodules_when_cloning?
-        false
-      end
-
       sig do
         returns(
           T.any(
@@ -776,7 +771,6 @@ module Dependabot
       # rubocop:disable Metrics/MethodLength
       # rubocop:disable Metrics/PerceivedComplexity
       # rubocop:disable Metrics/BlockLength
-      # rubocop:disable Metrics/CyclomaticComplexity
       sig { params(target_directory: T.nilable(String)).returns(String) }
       def _clone_repo_contents(target_directory:)
         SharedHelpers.with_git_configured(credentials: credentials) do
@@ -789,11 +783,7 @@ module Dependabot
 
           clone_options = StringIO.new
           clone_options << "--no-tags --depth 1"
-          clone_options << if recurse_submodules_when_cloning?
-                             " --recurse-submodules --shallow-submodules"
-                           else
-                             " --no-recurse-submodules"
-                           end
+          clone_options << " --recurse-submodules --shallow-submodules"
           clone_options << " --branch #{source.branch} --single-branch" if source.branch
 
           submodule_cloning_failed = false
@@ -805,7 +795,7 @@ module Dependabot
               CMD
             )
 
-            @submodules = find_submodules(path) if recurse_submodules_when_cloning?
+            @submodules = find_submodules(path)
           rescue SharedHelpers::HelperSubprocessFailed => e
             if GIT_RETRYABLE_ERRORS.any? { |error| error.match?(e.message) } && retries < 5
               retries += 1
@@ -835,20 +825,20 @@ module Dependabot
             Dir.chdir(path) do
               fetch_options = StringIO.new
               fetch_options << "--depth 1"
-              fetch_options << if recurse_submodules_when_cloning? && !submodule_cloning_failed
-                                 " --recurse-submodules=on-demand"
-                               else
+              fetch_options << if submodule_cloning_failed
                                  " --no-recurse-submodules"
+                               else
+                                 " --recurse-submodules=on-demand"
                                end
               # Need to fetch the commit due to the --depth 1 above.
               SharedHelpers.run_shell_command("git fetch #{fetch_options.string} origin #{source.commit}")
 
               reset_options = StringIO.new
               reset_options << "--hard"
-              reset_options << if recurse_submodules_when_cloning? && !submodule_cloning_failed
-                                 " --recurse-submodules"
-                               else
+              reset_options << if submodule_cloning_failed
                                  " --no-recurse-submodules"
+                               else
+                                 " --recurse-submodules"
                                end
               # Set HEAD to this commit so later calls so git reset HEAD will work.
               SharedHelpers.run_shell_command("git reset #{reset_options.string} #{source.commit}")
@@ -862,7 +852,6 @@ module Dependabot
       # rubocop:enable Metrics/MethodLength
       # rubocop:enable Metrics/PerceivedComplexity
       # rubocop:enable Metrics/BlockLength
-      # rubocop:enable Metrics/CyclomaticComplexity
 
       sig { params(str: String).returns(String) }
       def decode_binary_string(str)

data/lib/dependabot/file_updaters/base.rb

@@ -2,6 +2,7 @@
 # frozen_string_literal: true
 
 require "sorbet-runtime"
+
 require "dependabot/credential"
 
 module Dependabot
@@ -9,6 +10,7 @@ module Dependabot
     class Base
       extend T::Sig
       extend T::Helpers
+
       abstract!
 
       sig { returns(T::Array[Dependabot::Dependency]) }

data/lib/dependabot/git_commit_checker.rb

@@ -367,7 +367,8 @@ module Dependabot
       client = Clients::GithubWithRetries
                .for_github_dot_com(credentials: credentials)
 
-      client.compare(listing_source_repo, ref1, ref2).status
+      # TODO: create this method instead of relying on method_missing
+      T.unsafe(client).compare(listing_source_repo, ref1, ref2).status
     end
 
     sig { params(ref1: String, ref2: String).returns(String) }
@@ -375,7 +376,7 @@ module Dependabot
       client = Clients::GitlabWithRetries
                .for_gitlab_dot_com(credentials: credentials)
 
-      comparison = client.compare(listing_source_repo, ref1, ref2)
+      comparison = T.unsafe(client).compare(listing_source_repo, ref1, ref2)
 
       if comparison.commits.none? then "behind"
       elsif comparison.compare_same_ref then "identical"

data/lib/dependabot/metadata_finders/base/changelog_finder.rb

@@ -460,7 +460,7 @@ module Dependabot
         def github_client
           @github_client ||=
             T.let(
-              Dependabot::Clients::GithubWithRetries.for_source(source: source, credentials: credentials),
+              Dependabot::Clients::GithubWithRetries.for_source(source: T.must(source), credentials: credentials),
               T.nilable(Dependabot::Clients::GithubWithRetries)
             )
         end

data/lib/dependabot/metadata_finders/base/commits_finder.rb

@@ -373,7 +373,7 @@ module Dependabot
         def github_client
           @github_client ||=
             T.let(
-              Dependabot::Clients::GithubWithRetries.for_source(source: source, credentials: credentials),
+              Dependabot::Clients::GithubWithRetries.for_source(source: T.must(source), credentials: credentials),
               T.nilable(Dependabot::Clients::GithubWithRetries)
             )
         end

data/lib/dependabot/metadata_finders/base/release_finder.rb

@@ -359,7 +359,7 @@ module Dependabot
         def github_client
           @github_client ||=
             T.let(
-              Dependabot::Clients::GithubWithRetries.for_source(source: source, credentials: credentials),
+              Dependabot::Clients::GithubWithRetries.for_source(source: T.must(source), credentials: credentials),
               T.nilable(Dependabot::Clients::GithubWithRetries)
             )
         end

data/lib/dependabot/pull_request_creator/azure.rb

@@ -1,21 +1,79 @@
-# typed: true
+# typed: strict
 # frozen_string_literal: true
 
+require "sorbet-runtime"
+
+require "dependabot/credential"
 require "dependabot/clients/azure"
 require "dependabot/pull_request_creator"
 
 module Dependabot
   class PullRequestCreator
     class Azure
-      attr_reader :source, :branch_name, :base_commit, :credentials,
-                  :files, :commit_message, :pr_description, :pr_name,
-                  :author_details, :labeler, :reviewers, :assignees, :work_item
+      extend T::Sig
+
+      sig { returns(Dependabot::Source) }
+      attr_reader :source
+
+      sig { returns(String) }
+      attr_reader :branch_name
+
+      sig { returns(String) }
+      attr_reader :base_commit
+
+      sig { returns(T::Array[Dependabot::Credential]) }
+      attr_reader :credentials
+
+      sig { returns(T::Array[Dependabot::DependencyFile]) }
+      attr_reader :files
+
+      sig { returns(String) }
+      attr_reader :commit_message
+
+      sig { returns(String) }
+      attr_reader :pr_description
+
+      sig { returns(String) }
+      attr_reader :pr_name
+
+      sig { returns(T.nilable(T::Hash[Symbol, String])) }
+      attr_reader :author_details
+
+      sig { returns(Dependabot::PullRequestCreator::Labeler) }
+      attr_reader :labeler
+
+      sig { returns(T.nilable(T::Array[String])) }
+      attr_reader :reviewers
+
+      sig { returns(T.nilable(T::Array[String])) }
+      attr_reader :assignees
+
+      sig { returns(T.nilable(Integer)) }
+      attr_reader :work_item
 
       # Azure DevOps limits PR descriptions to a max of 4,000 characters in UTF-16 encoding:
       # https://developercommunity.visualstudio.com/content/problem/608770/remove-4000-character-limit-on-pull-request-descri.html
       PR_DESCRIPTION_MAX_LENGTH = 3_999 # 0 based count
       PR_DESCRIPTION_ENCODING = Encoding::UTF_16
 
+      sig do
+        params(
+          source: Dependabot::Source,
+          branch_name: String,
+          base_commit: String,
+          credentials: T::Array[Dependabot::Credential],
+          files: T::Array[Dependabot::DependencyFile],
+          commit_message: String,
+          pr_description: String,
+          pr_name: String,
+          author_details: T.nilable(T::Hash[Symbol, String]),
+          labeler: Dependabot::PullRequestCreator::Labeler,
+          reviewers: T.nilable(T::Array[String]),
+          assignees: T.nilable(T::Array[String]),
+          work_item: T.nilable(Integer)
+        )
+          .void
+      end
       def initialize(source:, branch_name:, base_commit:, credentials:,
                      files:, commit_message:, pr_description:, pr_name:,
                      author_details:, labeler:, reviewers: nil, assignees: nil, work_item: nil)
@@ -34,6 +92,7 @@ module Dependabot
         @work_item      = work_item
       end
 
+      sig { returns(T.nilable(Excon::Response)) }
       def create
         return if branch_exists? && pull_request_exists?
 
@@ -46,20 +105,26 @@ module Dependabot
 
       private
 
+      sig { returns(Dependabot::Clients::Azure) }
       def azure_client_for_source
         @azure_client_for_source ||=
-          Dependabot::Clients::Azure.for_source(
-            source: source,
-            credentials: credentials
+          T.let(
+            Dependabot::Clients::Azure.for_source(
+              source: source,
+              credentials: credentials
+            ),
+            T.nilable(Dependabot::Clients::Azure)
           )
       end
 
+      sig { returns(T::Boolean) }
       def branch_exists?
-        azure_client_for_source.branch(branch_name)
+        !azure_client_for_source.branch(branch_name).nil?
       rescue ::Dependabot::Clients::Azure::NotFound
         false
       end
 
+      sig { returns(T::Boolean) }
       def pull_request_exists?
         azure_client_for_source.pull_requests(
           branch_name,
@@ -67,6 +132,7 @@ module Dependabot
         ).any?
       end
 
+      sig { void }
       def create_commit
         author = author_details&.slice(:name, :email, :date)
         author = nil unless author&.any?
@@ -80,6 +146,7 @@ module Dependabot
         )
       end
 
+      sig { returns(Excon::Response) }
       def create_pull_request
         azure_client_for_source.create_pull_request(
           pr_name,
@@ -93,9 +160,13 @@ module Dependabot
         )
       end
 
+      sig { returns(String) }
       def default_branch
         @default_branch ||=
-          azure_client_for_source.fetch_default_branch(source.repo)
+          T.let(
+            azure_client_for_source.fetch_default_branch(source.repo),
+            T.nilable(String)
+          )
       end
     end
   end

data/lib/dependabot/pull_request_creator/bitbucket.rb

@@ -1,19 +1,70 @@
-# typed: true
+# typed: strict
 # frozen_string_literal: true
 
+require "sorbet-runtime"
+
 require "dependabot/clients/bitbucket"
+require "dependabot/credential"
+require "dependabot/dependency_file"
 require "dependabot/pull_request_creator"
 
 module Dependabot
   class PullRequestCreator
     class Bitbucket
-      attr_reader :source, :branch_name, :base_commit, :credentials,
-                  :files, :commit_message, :pr_description, :pr_name,
-                  :author_details, :labeler, :work_item
+      extend T::Sig
+
+      sig { returns(Dependabot::Source) }
+      attr_reader :source
+
+      sig { returns(String) }
+      attr_reader :branch_name
+
+      sig { returns(String) }
+      attr_reader :base_commit
+
+      sig { returns(T::Array[Dependabot::Credential]) }
+      attr_reader :credentials
+
+      sig { returns(T::Array[Dependabot::DependencyFile]) }
+      attr_reader :files
+
+      sig { returns(String) }
+      attr_reader :commit_message
+
+      sig { returns(String) }
+      attr_reader :pr_description
+
+      sig { returns(String) }
+      attr_reader :pr_name
+
+      sig { returns(T.nilable(T::Hash[Symbol, String])) }
+      attr_reader :author_details
+
+      sig { returns(T.nilable(Dependabot::PullRequestCreator::Labeler)) }
+      attr_reader :labeler
+
+      sig { returns(T.nilable(Integer)) }
+      attr_reader :work_item
 
       # BitBucket Cloud accepts > 1MB characters, but they display poorly in the UI, so limiting to 4x 65,536
       PR_DESCRIPTION_MAX_LENGTH = 262_143 # 0 based count
 
+      sig do
+        params(
+          source: Dependabot::Source,
+          branch_name: String,
+          base_commit: String,
+          credentials: T::Array[Dependabot::Credential],
+          files: T::Array[Dependabot::DependencyFile],
+          commit_message: String,
+          pr_description: String,
+          pr_name: String,
+          author_details: T.nilable(T::Hash[Symbol, String]),
+          labeler: T.nilable(Dependabot::PullRequestCreator::Labeler),
+          work_item: T.nilable(Integer)
+        )
+          .void
+      end
       def initialize(source:, branch_name:, base_commit:, credentials:,
                      files:, commit_message:, pr_description:, pr_name:,
                      author_details:, labeler: nil, work_item: nil)
@@ -30,6 +81,7 @@ module Dependabot
         @work_item      = work_item
       end
 
+      sig { void }
       def create
         return if branch_exists? && pull_request_exists?
 
@@ -43,20 +95,26 @@ module Dependabot
 
       private
 
+      sig { returns(Dependabot::Clients::Bitbucket) }
       def bitbucket_client_for_source
         @bitbucket_client_for_source ||=
-          Dependabot::Clients::Bitbucket.for_source(
-            source: source,
-            credentials: credentials
+          T.let(
+            Dependabot::Clients::Bitbucket.for_source(
+              source: source,
+              credentials: credentials
+            ),
+            T.nilable(Dependabot::Clients::Bitbucket)
           )
       end
 
+      sig { returns(T::Boolean) }
       def branch_exists?
-        bitbucket_client_for_source.branch(source.repo, branch_name)
+        !bitbucket_client_for_source.branch(source.repo, branch_name).nil?
       rescue Clients::Bitbucket::NotFound
         false
       end
 
+      sig { returns(T::Boolean) }
       def pull_request_exists?
         bitbucket_client_for_source.pull_requests(
           source.repo,
@@ -65,6 +123,7 @@ module Dependabot
         ).any?
       end
 
+      sig { void }
       def create_commit
         author = author_details&.slice(:name, :email)
         author = nil unless author&.any?
@@ -79,6 +138,7 @@ module Dependabot
         )
       end
 
+      sig { void }
       def create_pull_request
         bitbucket_client_for_source.create_pull_request(
           source.repo,
@@ -91,9 +151,13 @@ module Dependabot
         )
       end
 
+      sig { returns(String) }
       def default_branch
         @default_branch ||=
-          bitbucket_client_for_source.fetch_default_branch(source.repo)
+          T.let(
+            bitbucket_client_for_source.fetch_default_branch(source.repo),
+            T.nilable(String)
+          )
       end
     end
   end

data/lib/dependabot/pull_request_creator/branch_namer/solo_strategy.rb

@@ -46,7 +46,7 @@ module Dependabot
           [
             prefix,
             package_manager,
-            T.must(files.first).directory.tr(" ", "-"),
+            files.first&.directory&.tr(" ", "-"),
             target_branch
           ].compact
         end