dependabot-common 0.242.0 → 0.242.1
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6e3dfe956941c85f2831b149fa443058ce3165f68890a9cc2f8a47f171cf76cf
|
4
|
+
data.tar.gz: 1e02a3d9fbcb515af27fe62656748dcf14394707a71d2d2ca78e2f4c5323142b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 1d14e15ab94001ea6a2aa5625b23a0db71b13a3f533aca335d6f4a6035fdb14fb1b1600bd38628b5f41919883a4fc20754ccd329e0167c936a4fc68bc7b1031e
|
7
|
+
data.tar.gz: d31623ce8db6226701b3a4c8c5a49c2b5805d0c9e8723decdf15d275c87f5d6c519ca2add01ea796a607345ceebe498dbe71f4ad80310e916ef04e394748c8ae
|
@@ -88,15 +88,15 @@ module Dependabot
|
|
88
88
|
sig do
|
89
89
|
params(
|
90
90
|
name: String,
|
91
|
-
requirements: T::Array[T::Hash[String,
|
91
|
+
requirements: T::Array[T::Hash[T.any(Symbol, String), T.untyped]],
|
92
92
|
package_manager: String,
|
93
93
|
# TODO: Make version a Dependabot::Version everywhere
|
94
94
|
version: T.nilable(T.any(String, Dependabot::Version)),
|
95
95
|
previous_version: T.nilable(String),
|
96
96
|
previous_requirements: T.nilable(T::Array[T::Hash[String, String]]),
|
97
|
-
subdependency_metadata: T.nilable(T::Array[T::Hash[String, String]]),
|
97
|
+
subdependency_metadata: T.nilable(T::Array[T::Hash[T.any(Symbol, String), String]]),
|
98
98
|
removed: T::Boolean,
|
99
|
-
metadata: T.nilable(T::Hash[String, String])
|
99
|
+
metadata: T.nilable(T::Hash[T.any(Symbol, String), String])
|
100
100
|
).void
|
101
101
|
end
|
102
102
|
def initialize(name:, requirements:, package_manager:, version: nil,
|
@@ -110,7 +110,7 @@ module Dependabot
|
|
110
110
|
end,
|
111
111
|
T.nilable(String)
|
112
112
|
)
|
113
|
-
@requirements = T.let(requirements.map { |req| symbolize_keys(req) }, T::Array[T::Hash[Symbol,
|
113
|
+
@requirements = T.let(requirements.map { |req| symbolize_keys(req) }, T::Array[T::Hash[Symbol, T.untyped]])
|
114
114
|
@previous_version = previous_version
|
115
115
|
@previous_requirements = T.let(
|
116
116
|
previous_requirements&.map { |req| symbolize_keys(req) },
|
@@ -391,7 +391,7 @@ module Dependabot
|
|
391
391
|
end
|
392
392
|
end
|
393
393
|
|
394
|
-
sig { params(hash: T::Hash[String, T.untyped]).returns(T::Hash[Symbol, T.untyped]) }
|
394
|
+
sig { params(hash: T::Hash[T.any(Symbol, String), T.untyped]).returns(T::Hash[Symbol, T.untyped]) }
|
395
395
|
def symbolize_keys(hash)
|
396
396
|
hash.keys.to_h { |k| [k.to_sym, hash[k]] }
|
397
397
|
end
|
@@ -1,6 +1,7 @@
|
|
1
|
-
# typed:
|
1
|
+
# typed: strong
|
2
2
|
# frozen_string_literal: true
|
3
3
|
|
4
|
+
require "sorbet-runtime"
|
4
5
|
require "dependabot/dependency"
|
5
6
|
require "dependabot/file_parsers/base"
|
6
7
|
require "dependabot/utils"
|
@@ -9,28 +10,36 @@ module Dependabot
|
|
9
10
|
module FileParsers
|
10
11
|
class Base
|
11
12
|
class DependencySet
|
13
|
+
extend T::Sig
|
14
|
+
|
15
|
+
sig do
|
16
|
+
params(
|
17
|
+
dependencies: T::Array[Dependency],
|
18
|
+
case_sensitive: T::Boolean
|
19
|
+
)
|
20
|
+
.void
|
21
|
+
end
|
12
22
|
def initialize(dependencies = [], case_sensitive: false)
|
13
|
-
unless dependencies.is_a?(Array) &&
|
14
|
-
dependencies.all?(Dependency)
|
15
|
-
raise ArgumentError, "must be an array of Dependency objects"
|
16
|
-
end
|
17
|
-
|
18
23
|
@case_sensitive = case_sensitive
|
19
|
-
@dependencies =
|
24
|
+
@dependencies = T.let(
|
25
|
+
Hash.new { |hsh, key| hsh[key] = DependencySlot.new },
|
26
|
+
T::Hash[String, DependencySlot]
|
27
|
+
)
|
20
28
|
dependencies.each { |dep| self << dep }
|
21
29
|
end
|
22
30
|
|
31
|
+
sig { returns(T::Array[Dependency]) }
|
23
32
|
def dependencies
|
24
33
|
@dependencies.values.filter_map(&:combined)
|
25
34
|
end
|
26
35
|
|
36
|
+
sig { params(dep: Dependabot::Dependency).returns(T.untyped) }
|
27
37
|
def <<(dep)
|
28
|
-
|
29
|
-
|
30
|
-
@dependencies[key_for_dependency(dep)] << dep
|
38
|
+
T.must(@dependencies[key_for_dependency(dep)]) << dep
|
31
39
|
self
|
32
40
|
end
|
33
41
|
|
42
|
+
sig { params(other: Object).returns(T.self_type) }
|
34
43
|
def +(other)
|
35
44
|
raise ArgumentError, "must be a DependencySet" unless other.is_a?(DependencySet)
|
36
45
|
|
@@ -43,26 +52,31 @@ module Dependabot
|
|
43
52
|
self
|
44
53
|
end
|
45
54
|
|
55
|
+
sig { params(name: String).returns(T::Array[Dependabot::Dependency]) }
|
46
56
|
def all_versions_for_name(name)
|
47
57
|
key = key_for_name(name)
|
48
|
-
@dependencies.key?(key) ? @dependencies[key].all_versions : []
|
58
|
+
@dependencies.key?(key) ? T.must(@dependencies[key]).all_versions : []
|
49
59
|
end
|
50
60
|
|
61
|
+
sig { params(name: String).returns(T.nilable(Dependabot::Dependency)) }
|
51
62
|
def dependency_for_name(name)
|
52
63
|
key = key_for_name(name)
|
53
|
-
@dependencies.key?(key) ? @dependencies[key].combined : nil
|
64
|
+
@dependencies.key?(key) ? T.must(@dependencies[key]).combined : nil
|
54
65
|
end
|
55
66
|
|
56
67
|
private
|
57
68
|
|
69
|
+
sig { returns(T::Boolean) }
|
58
70
|
def case_sensitive?
|
59
71
|
@case_sensitive
|
60
72
|
end
|
61
73
|
|
74
|
+
sig { params(name: String).returns(String) }
|
62
75
|
def key_for_name(name)
|
63
76
|
case_sensitive? ? name : name.downcase
|
64
77
|
end
|
65
78
|
|
79
|
+
sig { params(dep: Dependabot::Dependency).returns(String) }
|
66
80
|
def key_for_dependency(dep)
|
67
81
|
key_for_name(dep.name)
|
68
82
|
end
|
@@ -79,13 +93,21 @@ module Dependabot
|
|
79
93
|
# `DependencySet#dependency_for_name`. The list of individual versions of the
|
80
94
|
# dependency is accessible via `DependencySet#all_versions_for_name`.
|
81
95
|
class DependencySlot
|
82
|
-
|
96
|
+
extend T::Sig
|
97
|
+
|
98
|
+
sig { returns(T::Array[Dependabot::Dependency]) }
|
99
|
+
attr_reader :all_versions
|
100
|
+
|
101
|
+
sig { returns(T.nilable(Dependabot::Dependency)) }
|
102
|
+
attr_reader :combined
|
83
103
|
|
104
|
+
sig { void }
|
84
105
|
def initialize
|
85
|
-
@all_versions = []
|
86
|
-
@combined = nil
|
106
|
+
@all_versions = T.let([], T::Array[Dependabot::Dependency])
|
107
|
+
@combined = T.let(nil, T.nilable(Dependabot::Dependency))
|
87
108
|
end
|
88
109
|
|
110
|
+
sig { params(dep: Dependabot::Dependency).returns(T.self_type) }
|
89
111
|
def <<(dep)
|
90
112
|
return self if @all_versions.include?(dep)
|
91
113
|
|
@@ -102,7 +124,7 @@ module Dependabot
|
|
102
124
|
@all_versions << dep
|
103
125
|
else
|
104
126
|
same_version = @all_versions[index_of_same_version]
|
105
|
-
@all_versions[index_of_same_version] = combined_dependency(same_version, dep)
|
127
|
+
@all_versions[index_of_same_version] = combined_dependency(T.must(same_version), dep)
|
106
128
|
end
|
107
129
|
|
108
130
|
self
|
@@ -114,6 +136,13 @@ module Dependabot
|
|
114
136
|
# `new_dep`. Requirements and subdependency metadata will be combined and deduped.
|
115
137
|
# The version of the combined dependency is determined by the
|
116
138
|
# `#combined_version` method below.
|
139
|
+
sig do
|
140
|
+
params(
|
141
|
+
old_dep: Dependabot::Dependency,
|
142
|
+
new_dep: Dependabot::Dependency
|
143
|
+
)
|
144
|
+
.returns(Dependabot::Dependency)
|
145
|
+
end
|
117
146
|
def combined_dependency(old_dep, new_dep)
|
118
147
|
version = combined_version(old_dep, new_dep)
|
119
148
|
requirements = (old_dep.requirements + new_dep.requirements).uniq
|
@@ -132,11 +161,18 @@ module Dependabot
|
|
132
161
|
)
|
133
162
|
end
|
134
163
|
|
164
|
+
sig do
|
165
|
+
params(
|
166
|
+
old_dep: Dependabot::Dependency,
|
167
|
+
new_dep: Dependabot::Dependency
|
168
|
+
)
|
169
|
+
.returns(T.nilable(String))
|
170
|
+
end
|
135
171
|
def combined_version(old_dep, new_dep)
|
136
172
|
if old_dep.version.nil? ^ new_dep.version.nil?
|
137
|
-
[old_dep, new_dep].find(&:version).version
|
173
|
+
T.must([old_dep, new_dep].find(&:version)).version
|
138
174
|
elsif old_dep.top_level? ^ new_dep.top_level? # Prefer a direct dependency over a transitive one
|
139
|
-
[old_dep, new_dep].find(&:top_level?).version
|
175
|
+
T.must([old_dep, new_dep].find(&:top_level?)).version
|
140
176
|
elsif !version_class.correct?(new_dep.version)
|
141
177
|
old_dep.version
|
142
178
|
elsif !version_class.correct?(old_dep.version)
|
@@ -148,8 +184,12 @@ module Dependabot
|
|
148
184
|
end
|
149
185
|
end
|
150
186
|
|
187
|
+
sig { returns(T.class_of(Gem::Version)) }
|
151
188
|
def version_class
|
152
|
-
@version_class ||=
|
189
|
+
@version_class ||= T.let(
|
190
|
+
T.must(@combined).version_class,
|
191
|
+
T.nilable(T.class_of(Gem::Version))
|
192
|
+
)
|
153
193
|
end
|
154
194
|
end
|
155
195
|
private_constant :DependencySlot
|
@@ -389,7 +389,7 @@ module Dependabot
|
|
389
389
|
BranchNamer.new(
|
390
390
|
dependencies: dependencies,
|
391
391
|
files: files,
|
392
|
-
target_branch:
|
392
|
+
target_branch: source.branch,
|
393
393
|
dependency_group: dependency_group,
|
394
394
|
separator: branch_name_separator,
|
395
395
|
prefix: branch_name_prefix,
|
data/lib/dependabot.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-common
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.242.
|
4
|
+
version: 0.242.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-01-
|
11
|
+
date: 2024-01-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-codecommit
|
@@ -98,20 +98,14 @@ dependencies:
|
|
98
98
|
requirements:
|
99
99
|
- - "~>"
|
100
100
|
- !ruby/object:Gem::Version
|
101
|
-
version: '0.
|
102
|
-
- - "<"
|
103
|
-
- !ruby/object:Gem::Version
|
104
|
-
version: '0.105'
|
101
|
+
version: '0.109'
|
105
102
|
type: :runtime
|
106
103
|
prerelease: false
|
107
104
|
version_requirements: !ruby/object:Gem::Requirement
|
108
105
|
requirements:
|
109
106
|
- - "~>"
|
110
107
|
- !ruby/object:Gem::Version
|
111
|
-
version: '0.
|
112
|
-
- - "<"
|
113
|
-
- !ruby/object:Gem::Version
|
114
|
-
version: '0.105'
|
108
|
+
version: '0.109'
|
115
109
|
- !ruby/object:Gem::Dependency
|
116
110
|
name: faraday
|
117
111
|
requirement: !ruby/object:Gem::Requirement
|
@@ -572,7 +566,7 @@ licenses:
|
|
572
566
|
- Nonstandard
|
573
567
|
metadata:
|
574
568
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
575
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.242.
|
569
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.242.1
|
576
570
|
post_install_message:
|
577
571
|
rdoc_options: []
|
578
572
|
require_paths:
|