dependabot-common 0.295.0 → 0.296.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8089a954a78a6c6c517bca5f73391485dc143ff053c607c55e822d2a0d1233a9
-  data.tar.gz: '08e8842b1209fd1d21f00d380a429ac9852345b2fc13f35f5c3ca4f3a89911ba'
+  metadata.gz: b37c3cc241cf0adeec6af8e18edcd2a467634710ad0e9b0c33dca7b67f4eb398
+  data.tar.gz: e86e292bd9ffddf62c69fbfef8baffdeed8ef811d02e6f90ccd91b4e5594a28b
 SHA512:
-  metadata.gz: 21e75ab998f9608d8da2cf5ed09b7cb9953659fe22b7c3a8a44e61d730b0ffe614141f7af175ad9621be06ab659519c42f1db24ee1ea191d8af2806269c8552e
-  data.tar.gz: c45ae338eff5f21fd8462d539c0367dd1fcb103c3bc013fcf1a4ef5579b9987317ea773e4a40e96f3cfec3f62899aed49bba236afc836fed35e29293f3b353dc
+  metadata.gz: 2950c408959e44770cfadd5135cc90aee61a72d70b124391d0751dfb6e9e10e0fee109ce365fdce8075ec50463a87be3528b1b257588f72997035ea80ae9dcca
+  data.tar.gz: 40fa3047565d88b58f7649d273fcf4f05832eb2be907166c8dcd40a8e13c90d8421802672df94b09abbfcc35b392a41ed343d4411b4dd87967f71d9856011942

data/lib/dependabot/config/file.rb

@@ -58,6 +58,7 @@ module Dependabot
       private
 
       PACKAGE_MANAGER_LOOKUP = T.let({
+        "bun" => "bun",
         "bundler" => "bundler",
         "cargo" => "cargo",
         "composer" => "composer",

data/lib/dependabot/errors.rb

@@ -4,6 +4,7 @@
 require "sorbet-runtime"
 require "dependabot/utils"
 
+# rubocop:disable Metrics/ModuleLength
 module Dependabot
   extend T::Sig
 
@@ -21,6 +22,7 @@ module Dependabot
   end
 
   # rubocop:disable Metrics/MethodLength
+  # rubocop:disable Metrics/CyclomaticComplexity
   sig { params(error: StandardError).returns(T.nilable(T::Hash[Symbol, T.untyped])) }
   def self.fetcher_error_details(error)
     case error
@@ -90,6 +92,11 @@ module Dependabot
         "error-type": "private_source_authentication_failure",
         "error-detail": { source: error.source }
       }
+    when Dependabot::PrivateSourceBadResponse
+      {
+        "error-type": "private_source_bad_response",
+        "error-detail": { source: error.source }
+      }
     when Octokit::Unauthorized
       { "error-type": "octokit_unauthorized" }
     when Octokit::ServerError
@@ -113,6 +120,7 @@ module Dependabot
       }
     end
   end
+  # rubocop:enable Metrics/CyclomaticComplexity
 
   sig { params(error: StandardError).returns(T.nilable(T::Hash[Symbol, T.untyped])) }
   def self.parser_error_details(error)
@@ -167,6 +175,11 @@ module Dependabot
         "error-type": "private_source_authentication_failure",
         "error-detail": { source: error.source }
       }
+    when Dependabot::PrivateSourceBadResponse
+      {
+        "error-type": "private_source_bad_response",
+        "error-detail": { source: error.source }
+      }
     when Dependabot::GitDependenciesNotReachable
       {
         "error-type": "git_dependencies_not_reachable",
@@ -238,6 +251,11 @@ module Dependabot
           "file-path": error.file_path
         }
       }
+    when Dependabot::DependencyFileContentNotChanged
+      {
+        "error-type": "dependency_file_content_not_changed",
+        "error-detail": { message: error.message }
+      }
     when Dependabot::ToolVersionNotSupported
       {
         "error-type": "tool_version_not_supported",
@@ -262,6 +280,11 @@ module Dependabot
         "error-type": "private_source_authentication_failure",
         "error-detail": { source: error.source }
       }
+    when Dependabot::PrivateSourceBadResponse
+      {
+        "error-type": "private_source_bad_response",
+        "error-detail": { source: error.source }
+      }
     when Dependabot::DependencyNotFound
       {
         "error-type": "dependency_not_found",
@@ -623,6 +646,8 @@ module Dependabot
 
   class DependencyFileNotSupported < DependabotError; end
 
+  class DependencyFileContentNotChanged < DependabotError; end
+
   class BadRequirementError < Gem::Requirement::BadRequirementError; end
 
   #######################
@@ -645,6 +670,20 @@ module Dependabot
     end
   end
 
+  class PrivateSourceBadResponse < DependabotError
+    extend T::Sig
+
+    sig { returns(String) }
+    attr_reader :source
+
+    sig { params(source: T.nilable(String)).void }
+    def initialize(source)
+      @source = T.let(sanitize_source(T.must(source)), String)
+      msg = "Bad response error while accessing source: #{@source}"
+      super(msg)
+    end
+  end
+
   class PrivateSourceTimedOut < DependabotError
     extend T::Sig
 
@@ -846,3 +885,4 @@ module Dependabot
     end
   end
 end
+# rubocop:enable Metrics/ModuleLength

data/lib/dependabot/metadata_finders/base.rb

@@ -15,7 +15,7 @@ module Dependabot
       require "dependabot/metadata_finders/base/release_finder"
       require "dependabot/metadata_finders/base/commits_finder"
 
-      PACKAGE_MANAGERS_WITH_RELIABLE_DIRECTORIES = T.let(%w(npm_and_yarn pub).freeze, T::Array[String])
+      PACKAGE_MANAGERS_WITH_RELIABLE_DIRECTORIES = T.let(%w(bun npm_and_yarn pub).freeze, T::Array[String])
 
       sig { returns(Dependabot::Dependency) }
       attr_reader :dependency

data/lib/dependabot.rb

@@ -2,5 +2,5 @@
 # frozen_string_literal: true
 
 module Dependabot
-  VERSION = "0.295.0"
+  VERSION = "0.296.1"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-common
 version: !ruby/object:Gem::Version
-  version: 0.295.0
+  version: 0.296.1
 platform: ruby
 authors:
 - Dependabot
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-01-30 00:00:00.000000000 Z
+date: 2025-02-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-codecommit
@@ -615,7 +615,7 @@ licenses:
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.295.0
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.296.1
 post_install_message:
 rdoc_options: []
 require_paths: