RubyGems - dependabot-elm - Versions diffs - 0.302.0 → 0.303.0 - Mend

dependabot-elm 0.302.0 → 0.303.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/lib/dependabot/elm/file_parser.rb +19 -2
data/lib/dependabot/elm/file_updater.rb +9 -2
data/lib/dependabot/elm/metadata_finder.rb +6 -1
metadata +7 -7

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4aaa00c5a8bcdb403e3b119676733a06a903538d055ed96a8fdde91d656e645c
-  data.tar.gz: c125302b4f1a04454b4e22d4395c67116c2e72f6706de38178bb370869f08d37
+  metadata.gz: f599abfc9246cc39740573e6cdac0b6a71f8fab0937affdd7f0236f9cda90844
+  data.tar.gz: 3a7d68355aa1e6d7ebc9bf60325b5078ef4dee3f0cbf0d32971692db9955ea6c
 SHA512:
-  metadata.gz: 8faa39e45a0e1b4b25faccc66aa1d2a4d64307e04992f59e149fd537092abc3b638ef1f31264319f6b92f0376f49d3226affceef140af26d90215fc7692351c7
-  data.tar.gz: 9b9ddc6e6d726d68756dd9470c4837d9cd7291b8513c85de8500ddb4cc6825acf8370dda9da95bec0cf0910bed175ed45d1127cbefe14f326c2e607079b1d6eb
+  metadata.gz: cfad6242b44c08638886c4fa0c4fcb6949244165454201b0c7c29faad4b530aee497bc7f822aa85e83f690dd669d21609bcd508d6f53802b953af234afadcc10
+  data.tar.gz: 6a6b2d1acb4c282b593765003c4e84aeb499e5f2f1bfa8a609807599dcd945c822d57c88ac1a7d8395817afbc8e451aa636fc14023d5a526114b1159cf35b3c1

data/lib/dependabot/elm/file_parser.rb CHANGED Viewed

@@ -1,6 +1,8 @@
-# typed: true
+# typed: strict
 # frozen_string_literal: true
+require "sorbet-runtime"
 require "dependabot/dependency"
 require "dependabot/errors"
 require "dependabot/file_parsers"
@@ -12,10 +14,12 @@ require "dependabot/elm/package_manager"
 module Dependabot
   module Elm
     class FileParser < Dependabot::FileParsers::Base
+      extend T::Sig
       require "dependabot/file_parsers/base/dependency_set"
       DEPENDENCY_TYPES = %w(dependencies test-dependencies).freeze
+      sig { override.returns(T::Array[Dependabot::Dependency]) }
       def parse
         dependency_set = DependencySet.new
@@ -101,6 +105,7 @@ module Dependabot
       # For docs on elm.json, see:
       # https://github.com/elm/compiler/blob/master/docs/elm.json/application.md
       # https://github.com/elm/compiler/blob/master/docs/elm.json/package.md
+      sig { returns(Dependabot::FileParsers::Base::DependencySet) }
       def elm_json_dependencies
         dependency_set = DependencySet.new
@@ -131,6 +136,15 @@ module Dependabot
         dependency_set
       end
+      sig do
+        params(
+          name: String,
+          group: String,
+          requirement: String,
+          direct: T::Boolean
+        )
+          .returns(Dependabot::Dependency)
+      end
       def build_elm_json_dependency(name:, group:, requirement:, direct:)
         requirements = [{
           requirement: requirement,
@@ -159,6 +173,7 @@ module Dependabot
         raise "No #{MANIFEST_FILE}!"
       end
+      sig { params(version_requirement: String).returns(T.nilable(Gem::Version)) }
       def version_for(version_requirement)
         req = Dependabot::Elm::Requirement.new(version_requirement)
@@ -167,12 +182,14 @@ module Dependabot
         req.requirements.first.last
       end
+      sig { returns(T::Hash[String, T.untyped]) }
       def parsed_elm_json
-        @parsed_elm_json ||= JSON.parse(elm_json.content)
+        @parsed_elm_json ||= T.let(JSON.parse(T.must(elm_json&.content)), T.nilable(T::Hash[String, T.untyped]))
       rescue JSON::ParserError
         raise Dependabot::DependencyFileNotParseable, elm_json&.path || MANIFEST_FILE
       end
+      sig { returns(T.nilable(Dependabot::DependencyFile)) }
       def elm_json
         @elm_json ||= T.let(
           get_original_file(MANIFEST_FILE),

data/lib/dependabot/elm/file_updater.rb CHANGED Viewed

@@ -1,6 +1,8 @@
-# typed: true
+# typed: strong
 # frozen_string_literal: true
+require "sorbet-runtime"
 require "dependabot/file_updaters"
 require "dependabot/file_updaters/base"
@@ -9,12 +11,14 @@ module Dependabot
     class FileUpdater < Dependabot::FileUpdaters::Base
       require_relative "file_updater/elm_json_updater"
+      sig { override.returns(T::Array[Regexp]) }
       def self.updated_files_regex
         [
           /^elm\.json$/
         ]
       end
+      sig { override.returns(T::Array[Dependabot::DependencyFile]) }
       def updated_dependency_files
         updated_files = []
@@ -24,7 +28,7 @@ module Dependabot
           updated_files <<
             updated_file(
               file: file,
-              content: updated_elm_json_content(file)
+              content: T.must(updated_elm_json_content(file))
             )
         end
@@ -35,12 +39,14 @@ module Dependabot
       private
+      sig { override.void }
       def check_required_files
         return if elm_json_files.any?
         raise "No #{MANIFEST_FILE}"
       end
+      sig { params(file: Dependabot::DependencyFile).returns(T.nilable(String)) }
       def updated_elm_json_content(file)
         ElmJsonUpdater.new(
           dependencies: dependencies,
@@ -48,6 +54,7 @@ module Dependabot
         ).updated_content
       end
+      sig { returns(T::Array[Dependabot::DependencyFile]) }
       def elm_json_files
         dependency_files.select { |f| f.name.end_with?(MANIFEST_FILE) }
       end

data/lib/dependabot/elm/metadata_finder.rb CHANGED Viewed

@@ -1,6 +1,8 @@
-# typed: true
+# typed: strong
 # frozen_string_literal: true
+require "sorbet-runtime"
 require "dependabot/metadata_finders"
 require "dependabot/metadata_finders/base"
 require "dependabot/source"
@@ -8,8 +10,11 @@ require "dependabot/source"
 module Dependabot
   module Elm
     class MetadataFinder < Dependabot::MetadataFinders::Base
+      extend T::Sig
       private
+      sig { override.returns(T.nilable(Dependabot::Source)) }
       def look_up_source
         # For Elm 0.18 an elm-package is guaranteed to be `owner/name`
         # on github. For 0.19 a lot will change, including the name of

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-elm
 version: !ruby/object:Gem::Version
-  version: 0.302.0
+  version: 0.303.0
 platform: ruby
 authors:
 - Dependabot
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-03-20 00:00:00.000000000 Z
+date: 2025-03-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.302.0
+        version: 0.303.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.302.0
+        version: 0.303.0
 - !ruby/object:Gem::Dependency
   name: debug
   requirement: !ruby/object:Gem::Requirement
@@ -156,14 +156,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.8.5
+        version: 0.8.7
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.8.5
+        version: 0.8.7
 - !ruby/object:Gem::Dependency
   name: simplecov
   requirement: !ruby/object:Gem::Requirement
@@ -261,7 +261,7 @@ licenses:
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.302.0
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.303.0
 post_install_message:
 rdoc_options: []
 require_paths: