dependabot-common 0.242.0 → 0.242.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/dependency.rb +5 -5
  3. data/lib/dependabot/file_parsers/base/dependency_set.rb +59 -19
  4. data/lib/dependabot/pull_request_creator.rb +1 -1
  5. data/lib/dependabot/shared_helpers.rb +1 -1
  6. data/lib/dependabot.rb +1 -1
  7. metadata +5 -11
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 8b85f6eea900488026cdee04e04dd5b51df99f8bafcff4c83ae83c5dfeb54c63
4
- data.tar.gz: 30a4355a110f4be117fd9ece16d437f8a28704e75a7e0a62e4a5a5055c63e0cd
3
+ metadata.gz: 6e3dfe956941c85f2831b149fa443058ce3165f68890a9cc2f8a47f171cf76cf
4
+ data.tar.gz: 1e02a3d9fbcb515af27fe62656748dcf14394707a71d2d2ca78e2f4c5323142b
5
5
  SHA512:
6
- metadata.gz: c928acaa28bf821c081dd80afda5aa16551a09ab031a28ea60241742d23ffeb54186087fca915317d811b88881bbe6ce99f3b343f45d8efd538aee1c9b7524cd
7
- data.tar.gz: a2a4d975f4010b24077d4b558f8d1e4806230411b0d98983c58c7df5be2dd41a2e39868c1a346132743de560fdf28a059cbbb5800bae3ac19333008db3504591
6
+ metadata.gz: 1d14e15ab94001ea6a2aa5625b23a0db71b13a3f533aca335d6f4a6035fdb14fb1b1600bd38628b5f41919883a4fc20754ccd329e0167c936a4fc68bc7b1031e
7
+ data.tar.gz: d31623ce8db6226701b3a4c8c5a49c2b5805d0c9e8723decdf15d275c87f5d6c519ca2add01ea796a607345ceebe498dbe71f4ad80310e916ef04e394748c8ae
data/lib/dependabot/dependency.rb CHANGED
@@ -88,15 +88,15 @@ module Dependabot
88
88
  sig do
89
89
  params(
90
90
  name: String,
91
- requirements: T::Array[T::Hash[String, String]],
91
+ requirements: T::Array[T::Hash[T.any(Symbol, String), T.untyped]],
92
92
  package_manager: String,
93
93
  # TODO: Make version a Dependabot::Version everywhere
94
94
  version: T.nilable(T.any(String, Dependabot::Version)),
95
95
  previous_version: T.nilable(String),
96
96
  previous_requirements: T.nilable(T::Array[T::Hash[String, String]]),
97
- subdependency_metadata: T.nilable(T::Array[T::Hash[String, String]]),
97
+ subdependency_metadata: T.nilable(T::Array[T::Hash[T.any(Symbol, String), String]]),
98
98
  removed: T::Boolean,
99
- metadata: T.nilable(T::Hash[String, String])
99
+ metadata: T.nilable(T::Hash[T.any(Symbol, String), String])
100
100
  ).void
101
101
  end
102
102
  def initialize(name:, requirements:, package_manager:, version: nil,
@@ -110,7 +110,7 @@ module Dependabot
110
110
  end,
111
111
  T.nilable(String)
112
112
  )
113
- @requirements = T.let(requirements.map { |req| symbolize_keys(req) }, T::Array[T::Hash[Symbol, String]])
113
+ @requirements = T.let(requirements.map { |req| symbolize_keys(req) }, T::Array[T::Hash[Symbol, T.untyped]])
114
114
  @previous_version = previous_version
115
115
  @previous_requirements = T.let(
116
116
  previous_requirements&.map { |req| symbolize_keys(req) },
@@ -391,7 +391,7 @@ module Dependabot
391
391
  end
392
392
  end
393
393
 
394
- sig { params(hash: T::Hash[String, T.untyped]).returns(T::Hash[Symbol, T.untyped]) }
394
+ sig { params(hash: T::Hash[T.any(Symbol, String), T.untyped]).returns(T::Hash[Symbol, T.untyped]) }
395
395
  def symbolize_keys(hash)
396
396
  hash.keys.to_h { |k| [k.to_sym, hash[k]] }
397
397
  end
data/lib/dependabot/file_parsers/base/dependency_set.rb CHANGED
@@ -1,6 +1,7 @@
1
- # typed: true
1
+ # typed: strong
2
2
  # frozen_string_literal: true
3
3
 
4
+ require "sorbet-runtime"
4
5
  require "dependabot/dependency"
5
6
  require "dependabot/file_parsers/base"
6
7
  require "dependabot/utils"
@@ -9,28 +10,36 @@ module Dependabot
9
10
  module FileParsers
10
11
  class Base
11
12
  class DependencySet
13
+ extend T::Sig
14
+
15
+ sig do
16
+ params(
17
+ dependencies: T::Array[Dependency],
18
+ case_sensitive: T::Boolean
19
+ )
20
+ .void
21
+ end
12
22
  def initialize(dependencies = [], case_sensitive: false)
13
- unless dependencies.is_a?(Array) &&
14
- dependencies.all?(Dependency)
15
- raise ArgumentError, "must be an array of Dependency objects"
16
- end
17
-
18
23
  @case_sensitive = case_sensitive
19
- @dependencies = Hash.new { |hsh, key| hsh[key] = DependencySlot.new }
24
+ @dependencies = T.let(
25
+ Hash.new { |hsh, key| hsh[key] = DependencySlot.new },
26
+ T::Hash[String, DependencySlot]
27
+ )
20
28
  dependencies.each { |dep| self << dep }
21
29
  end
22
30
 
31
+ sig { returns(T::Array[Dependency]) }
23
32
  def dependencies
24
33
  @dependencies.values.filter_map(&:combined)
25
34
  end
26
35
 
36
+ sig { params(dep: Dependabot::Dependency).returns(T.untyped) }
27
37
  def <<(dep)
28
- raise ArgumentError, "must be a Dependency object" unless dep.is_a?(Dependency)
29
-
30
- @dependencies[key_for_dependency(dep)] << dep
38
+ T.must(@dependencies[key_for_dependency(dep)]) << dep
31
39
  self
32
40
  end
33
41
 
42
+ sig { params(other: Object).returns(T.self_type) }
34
43
  def +(other)
35
44
  raise ArgumentError, "must be a DependencySet" unless other.is_a?(DependencySet)
36
45
 
@@ -43,26 +52,31 @@ module Dependabot
43
52
  self
44
53
  end
45
54
 
55
+ sig { params(name: String).returns(T::Array[Dependabot::Dependency]) }
46
56
  def all_versions_for_name(name)
47
57
  key = key_for_name(name)
48
- @dependencies.key?(key) ? @dependencies[key].all_versions : []
58
+ @dependencies.key?(key) ? T.must(@dependencies[key]).all_versions : []
49
59
  end
50
60
 
61
+ sig { params(name: String).returns(T.nilable(Dependabot::Dependency)) }
51
62
  def dependency_for_name(name)
52
63
  key = key_for_name(name)
53
- @dependencies.key?(key) ? @dependencies[key].combined : nil
64
+ @dependencies.key?(key) ? T.must(@dependencies[key]).combined : nil
54
65
  end
55
66
 
56
67
  private
57
68
 
69
+ sig { returns(T::Boolean) }
58
70
  def case_sensitive?
59
71
  @case_sensitive
60
72
  end
61
73
 
74
+ sig { params(name: String).returns(String) }
62
75
  def key_for_name(name)
63
76
  case_sensitive? ? name : name.downcase
64
77
  end
65
78
 
79
+ sig { params(dep: Dependabot::Dependency).returns(String) }
66
80
  def key_for_dependency(dep)
67
81
  key_for_name(dep.name)
68
82
  end
@@ -79,13 +93,21 @@ module Dependabot
79
93
  # `DependencySet#dependency_for_name`. The list of individual versions of the
80
94
  # dependency is accessible via `DependencySet#all_versions_for_name`.
81
95
  class DependencySlot
82
- attr_reader :all_versions, :combined
96
+ extend T::Sig
97
+
98
+ sig { returns(T::Array[Dependabot::Dependency]) }
99
+ attr_reader :all_versions
100
+
101
+ sig { returns(T.nilable(Dependabot::Dependency)) }
102
+ attr_reader :combined
83
103
 
104
+ sig { void }
84
105
  def initialize
85
- @all_versions = []
86
- @combined = nil
106
+ @all_versions = T.let([], T::Array[Dependabot::Dependency])
107
+ @combined = T.let(nil, T.nilable(Dependabot::Dependency))
87
108
  end
88
109
 
110
+ sig { params(dep: Dependabot::Dependency).returns(T.self_type) }
89
111
  def <<(dep)
90
112
  return self if @all_versions.include?(dep)
91
113
 
@@ -102,7 +124,7 @@ module Dependabot
102
124
  @all_versions << dep
103
125
  else
104
126
  same_version = @all_versions[index_of_same_version]
105
- @all_versions[index_of_same_version] = combined_dependency(same_version, dep)
127
+ @all_versions[index_of_same_version] = combined_dependency(T.must(same_version), dep)
106
128
  end
107
129
 
108
130
  self
@@ -114,6 +136,13 @@ module Dependabot
114
136
  # `new_dep`. Requirements and subdependency metadata will be combined and deduped.
115
137
  # The version of the combined dependency is determined by the
116
138
  # `#combined_version` method below.
139
+ sig do
140
+ params(
141
+ old_dep: Dependabot::Dependency,
142
+ new_dep: Dependabot::Dependency
143
+ )
144
+ .returns(Dependabot::Dependency)
145
+ end
117
146
  def combined_dependency(old_dep, new_dep)
118
147
  version = combined_version(old_dep, new_dep)
119
148
  requirements = (old_dep.requirements + new_dep.requirements).uniq
@@ -132,11 +161,18 @@ module Dependabot
132
161
  )
133
162
  end
134
163
 
164
+ sig do
165
+ params(
166
+ old_dep: Dependabot::Dependency,
167
+ new_dep: Dependabot::Dependency
168
+ )
169
+ .returns(T.nilable(String))
170
+ end
135
171
  def combined_version(old_dep, new_dep)
136
172
  if old_dep.version.nil? ^ new_dep.version.nil?
137
- [old_dep, new_dep].find(&:version).version
173
+ T.must([old_dep, new_dep].find(&:version)).version
138
174
  elsif old_dep.top_level? ^ new_dep.top_level? # Prefer a direct dependency over a transitive one
139
- [old_dep, new_dep].find(&:top_level?).version
175
+ T.must([old_dep, new_dep].find(&:top_level?)).version
140
176
  elsif !version_class.correct?(new_dep.version)
141
177
  old_dep.version
142
178
  elsif !version_class.correct?(old_dep.version)
@@ -148,8 +184,12 @@ module Dependabot
148
184
  end
149
185
  end
150
186
 
187
+ sig { returns(T.class_of(Gem::Version)) }
151
188
  def version_class
152
- @version_class ||= @combined.version_class
189
+ @version_class ||= T.let(
190
+ T.must(@combined).version_class,
191
+ T.nilable(T.class_of(Gem::Version))
192
+ )
153
193
  end
154
194
  end
155
195
  private_constant :DependencySlot
data/lib/dependabot/pull_request_creator.rb CHANGED
@@ -389,7 +389,7 @@ module Dependabot
389
389
  BranchNamer.new(
390
390
  dependencies: dependencies,
391
391
  files: files,
392
- target_branch: T.must(source.branch),
392
+ target_branch: source.branch,
393
393
  dependency_group: dependency_group,
394
394
  separator: branch_name_separator,
395
395
  prefix: branch_name_prefix,
data/lib/dependabot/shared_helpers.rb CHANGED
@@ -112,7 +112,7 @@ module Dependabot
112
112
  end
113
113
 
114
114
  sig { returns(T::Hash[Symbol, T.untyped]) }
115
- def raven_context
115
+ def sentry_context
116
116
  { fingerprint: [@fingerprint], extra: @error_context.except(:stderr_output, :fingerprint) }
117
117
  end
118
118
  end
data/lib/dependabot.rb CHANGED
@@ -2,5 +2,5 @@
2
2
  # frozen_string_literal: true
3
3
 
4
4
  module Dependabot
5
- VERSION = "0.242.0"
5
+ VERSION = "0.242.1"
6
6
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.242.0
4
+ version: 0.242.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-01-22 00:00:00.000000000 Z
11
+ date: 2024-01-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-codecommit
@@ -98,20 +98,14 @@ dependencies:
98
98
  requirements:
99
99
  - - "~>"
100
100
  - !ruby/object:Gem::Version
101
- version: '0.96'
102
- - - "<"
103
- - !ruby/object:Gem::Version
104
- version: '0.105'
101
+ version: '0.109'
105
102
  type: :runtime
106
103
  prerelease: false
107
104
  version_requirements: !ruby/object:Gem::Requirement
108
105
  requirements:
109
106
  - - "~>"
110
107
  - !ruby/object:Gem::Version
111
- version: '0.96'
112
- - - "<"
113
- - !ruby/object:Gem::Version
114
- version: '0.105'
108
+ version: '0.109'
115
109
  - !ruby/object:Gem::Dependency
116
110
  name: faraday
117
111
  requirement: !ruby/object:Gem::Requirement
@@ -572,7 +566,7 @@ licenses:
572
566
  - Nonstandard
573
567
  metadata:
574
568
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
575
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.242.0
569
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.242.1
576
570
  post_install_message:
577
571
  rdoc_options: []
578
572
  require_paths: