dependabot-common 0.242.0 → 0.242.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/dependency.rb +5 -5
  3. data/lib/dependabot/file_parsers/base/dependency_set.rb +59 -19
  4. data/lib/dependabot/pull_request_creator.rb +1 -1
  5. data/lib/dependabot/shared_helpers.rb +1 -1
  6. data/lib/dependabot.rb +1 -1
  7. metadata +5 -11
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 8b85f6eea900488026cdee04e04dd5b51df99f8bafcff4c83ae83c5dfeb54c63
4
- data.tar.gz: 30a4355a110f4be117fd9ece16d437f8a28704e75a7e0a62e4a5a5055c63e0cd
3
+ metadata.gz: 6e3dfe956941c85f2831b149fa443058ce3165f68890a9cc2f8a47f171cf76cf
4
+ data.tar.gz: 1e02a3d9fbcb515af27fe62656748dcf14394707a71d2d2ca78e2f4c5323142b
5
5
  SHA512:
6
- metadata.gz: c928acaa28bf821c081dd80afda5aa16551a09ab031a28ea60241742d23ffeb54186087fca915317d811b88881bbe6ce99f3b343f45d8efd538aee1c9b7524cd
7
- data.tar.gz: a2a4d975f4010b24077d4b558f8d1e4806230411b0d98983c58c7df5be2dd41a2e39868c1a346132743de560fdf28a059cbbb5800bae3ac19333008db3504591
6
+ metadata.gz: 1d14e15ab94001ea6a2aa5625b23a0db71b13a3f533aca335d6f4a6035fdb14fb1b1600bd38628b5f41919883a4fc20754ccd329e0167c936a4fc68bc7b1031e
7
+ data.tar.gz: d31623ce8db6226701b3a4c8c5a49c2b5805d0c9e8723decdf15d275c87f5d6c519ca2add01ea796a607345ceebe498dbe71f4ad80310e916ef04e394748c8ae
data/lib/dependabot/dependency.rb CHANGED
@@ -88,15 +88,15 @@ module Dependabot
88
88
  sig do
89
89
  params(
90
90
  name: String,
91
- requirements: T::Array[T::Hash[String, String]],
91
+ requirements: T::Array[T::Hash[T.any(Symbol, String), T.untyped]],
92
92
  package_manager: String,
93
93
  # TODO: Make version a Dependabot::Version everywhere
94
94
  version: T.nilable(T.any(String, Dependabot::Version)),
95
95
  previous_version: T.nilable(String),
96
96
  previous_requirements: T.nilable(T::Array[T::Hash[String, String]]),
97
- subdependency_metadata: T.nilable(T::Array[T::Hash[String, String]]),
97
+ subdependency_metadata: T.nilable(T::Array[T::Hash[T.any(Symbol, String), String]]),
98
98
  removed: T::Boolean,
99
- metadata: T.nilable(T::Hash[String, String])
99
+ metadata: T.nilable(T::Hash[T.any(Symbol, String), String])
100
100
  ).void
101
101
  end
102
102
  def initialize(name:, requirements:, package_manager:, version: nil,
@@ -110,7 +110,7 @@ module Dependabot
110
110
  end,
111
111
  T.nilable(String)
112
112
  )
113
- @requirements = T.let(requirements.map { |req| symbolize_keys(req) }, T::Array[T::Hash[Symbol, String]])
113
+ @requirements = T.let(requirements.map { |req| symbolize_keys(req) }, T::Array[T::Hash[Symbol, T.untyped]])
114
114
  @previous_version = previous_version
115
115
  @previous_requirements = T.let(
116
116
  previous_requirements&.map { |req| symbolize_keys(req) },
@@ -391,7 +391,7 @@ module Dependabot
391
391
  end
392
392
  end
393
393
 
394
- sig { params(hash: T::Hash[String, T.untyped]).returns(T::Hash[Symbol, T.untyped]) }
394
+ sig { params(hash: T::Hash[T.any(Symbol, String), T.untyped]).returns(T::Hash[Symbol, T.untyped]) }
395
395
  def symbolize_keys(hash)
396
396
  hash.keys.to_h { |k| [k.to_sym, hash[k]] }
397
397
  end
data/lib/dependabot/file_parsers/base/dependency_set.rb CHANGED
@@ -1,6 +1,7 @@
1
- # typed: true
1
+ # typed: strong
2
2
  # frozen_string_literal: true
3
3
 
4
+ require "sorbet-runtime"
4
5
  require "dependabot/dependency"
5
6
  require "dependabot/file_parsers/base"
6
7
  require "dependabot/utils"
@@ -9,28 +10,36 @@ module Dependabot
9
10
  module FileParsers
10
11
  class Base
11
12
  class DependencySet
13
+ extend T::Sig
14
+
15
+ sig do
16
+ params(
17
+ dependencies: T::Array[Dependency],
18
+ case_sensitive: T::Boolean
19
+ )
20
+ .void
21
+ end
12
22
  def initialize(dependencies = [], case_sensitive: false)
13
- unless dependencies.is_a?(Array) &&
14
- dependencies.all?(Dependency)
15
- raise ArgumentError, "must be an array of Dependency objects"
16
- end
17
-
18
23
  @case_sensitive = case_sensitive
19
- @dependencies = Hash.new { |hsh, key| hsh[key] = DependencySlot.new }
24
+ @dependencies = T.let(
25
+ Hash.new { |hsh, key| hsh[key] = DependencySlot.new },
26
+ T::Hash[String, DependencySlot]
27
+ )
20
28
  dependencies.each { |dep| self << dep }
21
29
  end
22
30
 
31
+ sig { returns(T::Array[Dependency]) }
23
32
  def dependencies
24
33
  @dependencies.values.filter_map(&:combined)
25
34
  end
26
35
 
36
+ sig { params(dep: Dependabot::Dependency).returns(T.untyped) }
27
37
  def <<(dep)
28
- raise ArgumentError, "must be a Dependency object" unless dep.is_a?(Dependency)
29
-
30
- @dependencies[key_for_dependency(dep)] << dep
38
+ T.must(@dependencies[key_for_dependency(dep)]) << dep
31
39
  self
32
40
  end
33
41
 
42
+ sig { params(other: Object).returns(T.self_type) }
34
43
  def +(other)
35
44
  raise ArgumentError, "must be a DependencySet" unless other.is_a?(DependencySet)
36
45
 
@@ -43,26 +52,31 @@ module Dependabot
43
52
  self
44
53
  end
45
54
 
55
+ sig { params(name: String).returns(T::Array[Dependabot::Dependency]) }
46
56
  def all_versions_for_name(name)
47
57
  key = key_for_name(name)
48
- @dependencies.key?(key) ? @dependencies[key].all_versions : []
58
+ @dependencies.key?(key) ? T.must(@dependencies[key]).all_versions : []
49
59
  end
50
60
 
61
+ sig { params(name: String).returns(T.nilable(Dependabot::Dependency)) }
51
62
  def dependency_for_name(name)
52
63
  key = key_for_name(name)
53
- @dependencies.key?(key) ? @dependencies[key].combined : nil
64
+ @dependencies.key?(key) ? T.must(@dependencies[key]).combined : nil
54
65
  end
55
66
 
56
67
  private
57
68
 
69
+ sig { returns(T::Boolean) }
58
70
  def case_sensitive?
59
71
  @case_sensitive
60
72
  end
61
73
 
74
+ sig { params(name: String).returns(String) }
62
75
  def key_for_name(name)
63
76
  case_sensitive? ? name : name.downcase
64
77
  end
65
78
 
79
+ sig { params(dep: Dependabot::Dependency).returns(String) }
66
80
  def key_for_dependency(dep)
67
81
  key_for_name(dep.name)
68
82
  end
@@ -79,13 +93,21 @@ module Dependabot
79
93
  # `DependencySet#dependency_for_name`. The list of individual versions of the
80
94
  # dependency is accessible via `DependencySet#all_versions_for_name`.
81
95
  class DependencySlot
82
- attr_reader :all_versions, :combined
96
+ extend T::Sig
97
+
98
+ sig { returns(T::Array[Dependabot::Dependency]) }
99
+ attr_reader :all_versions
100
+
101
+ sig { returns(T.nilable(Dependabot::Dependency)) }
102
+ attr_reader :combined
83
103
 
104
+ sig { void }
84
105
  def initialize
85
- @all_versions = []
86
- @combined = nil
106
+ @all_versions = T.let([], T::Array[Dependabot::Dependency])
107
+ @combined = T.let(nil, T.nilable(Dependabot::Dependency))
87
108
  end
88
109
 
110
+ sig { params(dep: Dependabot::Dependency).returns(T.self_type) }
89
111
  def <<(dep)
90
112
  return self if @all_versions.include?(dep)
91
113
 
@@ -102,7 +124,7 @@ module Dependabot
102
124
  @all_versions << dep
103
125
  else
104
126
  same_version = @all_versions[index_of_same_version]
105
- @all_versions[index_of_same_version] = combined_dependency(same_version, dep)
127
+ @all_versions[index_of_same_version] = combined_dependency(T.must(same_version), dep)
106
128
  end
107
129
 
108
130
  self
@@ -114,6 +136,13 @@ module Dependabot
114
136
  # `new_dep`. Requirements and subdependency metadata will be combined and deduped.
115
137
  # The version of the combined dependency is determined by the
116
138
  # `#combined_version` method below.
139
+ sig do
140
+ params(
141
+ old_dep: Dependabot::Dependency,
142
+ new_dep: Dependabot::Dependency
143
+ )
144
+ .returns(Dependabot::Dependency)
145
+ end
117
146
  def combined_dependency(old_dep, new_dep)
118
147
  version = combined_version(old_dep, new_dep)
119
148
  requirements = (old_dep.requirements + new_dep.requirements).uniq
@@ -132,11 +161,18 @@ module Dependabot
132
161
  )
133
162
  end
134
163
 
164
+ sig do
165
+ params(
166
+ old_dep: Dependabot::Dependency,
167
+ new_dep: Dependabot::Dependency
168
+ )
169
+ .returns(T.nilable(String))
170
+ end
135
171
  def combined_version(old_dep, new_dep)
136
172
  if old_dep.version.nil? ^ new_dep.version.nil?
137
- [old_dep, new_dep].find(&:version).version
173
+ T.must([old_dep, new_dep].find(&:version)).version
138
174
  elsif old_dep.top_level? ^ new_dep.top_level? # Prefer a direct dependency over a transitive one
139
- [old_dep, new_dep].find(&:top_level?).version
175
+ T.must([old_dep, new_dep].find(&:top_level?)).version
140
176
  elsif !version_class.correct?(new_dep.version)
141
177
  old_dep.version
142
178
  elsif !version_class.correct?(old_dep.version)
@@ -148,8 +184,12 @@ module Dependabot
148
184
  end
149
185
  end
150
186
 
187
+ sig { returns(T.class_of(Gem::Version)) }
151
188
  def version_class
152
- @version_class ||= @combined.version_class
189
+ @version_class ||= T.let(
190
+ T.must(@combined).version_class,
191
+ T.nilable(T.class_of(Gem::Version))
192
+ )
153
193
  end
154
194
  end
155
195
  private_constant :DependencySlot
data/lib/dependabot/pull_request_creator.rb CHANGED
@@ -389,7 +389,7 @@ module Dependabot
389
389
  BranchNamer.new(
390
390
  dependencies: dependencies,
391
391
  files: files,
392
- target_branch: T.must(source.branch),
392
+ target_branch: source.branch,
393
393
  dependency_group: dependency_group,
394
394
  separator: branch_name_separator,
395
395
  prefix: branch_name_prefix,
data/lib/dependabot/shared_helpers.rb CHANGED
@@ -112,7 +112,7 @@ module Dependabot
112
112
  end
113
113
 
114
114
  sig { returns(T::Hash[Symbol, T.untyped]) }
115
- def raven_context
115
+ def sentry_context
116
116
  { fingerprint: [@fingerprint], extra: @error_context.except(:stderr_output, :fingerprint) }
117
117
  end
118
118
  end
data/lib/dependabot.rb CHANGED
@@ -2,5 +2,5 @@
2
2
  # frozen_string_literal: true
3
3
 
4
4
  module Dependabot
5
- VERSION = "0.242.0"
5
+ VERSION = "0.242.1"
6
6
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.242.0
4
+ version: 0.242.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-01-22 00:00:00.000000000 Z
11
+ date: 2024-01-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-codecommit
@@ -98,20 +98,14 @@ dependencies:
98
98
  requirements:
99
99
  - - "~>"
100
100
  - !ruby/object:Gem::Version
101
- version: '0.96'
102
- - - "<"
103
- - !ruby/object:Gem::Version
104
- version: '0.105'
101
+ version: '0.109'
105
102
  type: :runtime
106
103
  prerelease: false
107
104
  version_requirements: !ruby/object:Gem::Requirement
108
105
  requirements:
109
106
  - - "~>"
110
107
  - !ruby/object:Gem::Version
111
- version: '0.96'
112
- - - "<"
113
- - !ruby/object:Gem::Version
114
- version: '0.105'
108
+ version: '0.109'
115
109
  - !ruby/object:Gem::Dependency
116
110
  name: faraday
117
111
  requirement: !ruby/object:Gem::Requirement
@@ -572,7 +566,7 @@ licenses:
572
566
  - Nonstandard
573
567
  metadata:
574
568
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
575
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.242.0
569
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.242.1
576
570
  post_install_message:
577
571
  rdoc_options: []
578
572
  require_paths: