dependabot-github_actions 0.236.0 → 0.237.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 01da475f18da7673192a1e563c21dda76604fced7ad602af4d0bb7e65b1d1631
4
- data.tar.gz: 5b4a93873ab7bb6adbfe9cceaa22de7f61ba362ce44e50c73c18a7fd0c5512f5
3
+ metadata.gz: 9f21866075019c5a142acbc0f0c620a6bbfba50eb16a1bb59e37cd0474c0d88f
4
+ data.tar.gz: 70fec17d129dff3814b61e810d6238985ac08ed59e2aa99319cb6ae3c5eba4b3
5
5
  SHA512:
6
- metadata.gz: 0ba93e333392de5c3ca2cab8f4b0a9d546a5936e84de5de882b88ee8810152323793f1317f3d655db0b6dfd807ae716cc57c3f746a0565fe3fdb7624393bfd74
7
- data.tar.gz: a3aced79001e54320e0a3f037c3d38501c7d128dd51d5f5cff1f8d8f76fd8aba302cc2f23784900e7049fab1431102ebbdee9b18e50bcec4a0bbcc0e73b404ee
6
+ metadata.gz: c5eb1345d8690120321f69856e735d0aea769705105dc4168b2f007ea1ad97ed71b2c1c3e2df0ad1179d1c88327326b272e07ffe4e2fb55c305f70c14ee6957c
7
+ data.tar.gz: bb5ea0c6225529c1c07f6c2ca88d11a7b038d852084450b097fa46df1331e2ad3addc890b0189039445882ee7639e553f6598e9c95db5624646ac6f0b11177f4
@@ -1,12 +1,16 @@
1
1
  # typed: true
2
2
  # frozen_string_literal: true
3
3
 
4
+ require "sorbet-runtime"
4
5
  require "dependabot/file_fetchers"
5
6
  require "dependabot/file_fetchers/base"
6
7
 
7
8
  module Dependabot
8
9
  module GithubActions
9
10
  class FileFetcher < Dependabot::FileFetchers::Base
11
+ extend T::Sig
12
+ extend T::Helpers
13
+
10
14
  FILENAME_PATTERN = /^(\.github|action.ya?ml)$/
11
15
 
12
16
  def self.required_files_in?(filenames)
@@ -17,8 +21,7 @@ module Dependabot
17
21
  "Repo must contain a .github/workflows directory with YAML files or an action.yml file"
18
22
  end
19
23
 
20
- private
21
-
24
+ sig { override.returns(T::Array[DependencyFile]) }
22
25
  def fetch_files
23
26
  fetched_files = []
24
27
  fetched_files += correctly_encoded_workflow_files
@@ -45,6 +48,8 @@ module Dependabot
45
48
  end
46
49
  end
47
50
 
51
+ private
52
+
48
53
  def workflow_files
49
54
  return @workflow_files if defined? @workflow_files
50
55
 
@@ -1,6 +1,7 @@
1
1
  # typed: true
2
2
  # frozen_string_literal: true
3
3
 
4
+ require "sorbet-runtime"
4
5
  require "dependabot/update_checkers"
5
6
  require "dependabot/update_checkers/base"
6
7
  require "dependabot/update_checkers/version_filters"
@@ -11,6 +12,8 @@ require "dependabot/github_actions/requirement"
11
12
  module Dependabot
12
13
  module GithubActions
13
14
  class UpdateChecker < Dependabot::UpdateCheckers::Base
15
+ extend T::Sig
16
+
14
17
  def latest_version
15
18
  @latest_version ||= fetch_latest_version
16
19
  end
@@ -141,7 +144,7 @@ module Dependabot
141
144
  head_commit_for_ref_sha
142
145
  else
143
146
  url = git_commit_checker.dependency_source_details[:url]
144
- source = Source.from_url(url)
147
+ source = T.must(Source.from_url(url))
145
148
 
146
149
  SharedHelpers.in_a_temporary_directory(File.dirname(source.repo)) do |temp_dir|
147
150
  repo_contents_path = File.join(temp_dir, File.basename(source.repo))
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-github_actions
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.236.0
4
+ version: 0.237.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-10-26 00:00:00.000000000 Z
11
+ date: 2023-11-21 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.236.0
19
+ version: 0.237.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.236.0
26
+ version: 0.237.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -94,20 +94,34 @@ dependencies:
94
94
  - - "~>"
95
95
  - !ruby/object:Gem::Version
96
96
  version: '1.3'
97
+ - !ruby/object:Gem::Dependency
98
+ name: rspec-sorbet
99
+ requirement: !ruby/object:Gem::Requirement
100
+ requirements:
101
+ - - "~>"
102
+ - !ruby/object:Gem::Version
103
+ version: 1.9.2
104
+ type: :development
105
+ prerelease: false
106
+ version_requirements: !ruby/object:Gem::Requirement
107
+ requirements:
108
+ - - "~>"
109
+ - !ruby/object:Gem::Version
110
+ version: 1.9.2
97
111
  - !ruby/object:Gem::Dependency
98
112
  name: rubocop
99
113
  requirement: !ruby/object:Gem::Requirement
100
114
  requirements:
101
115
  - - "~>"
102
116
  - !ruby/object:Gem::Version
103
- version: 1.56.0
117
+ version: 1.57.2
104
118
  type: :development
105
119
  prerelease: false
106
120
  version_requirements: !ruby/object:Gem::Requirement
107
121
  requirements:
108
122
  - - "~>"
109
123
  - !ruby/object:Gem::Version
110
- version: 1.56.0
124
+ version: 1.57.2
111
125
  - !ruby/object:Gem::Dependency
112
126
  name: rubocop-performance
113
127
  requirement: !ruby/object:Gem::Requirement
@@ -213,7 +227,7 @@ licenses:
213
227
  - Nonstandard
214
228
  metadata:
215
229
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
216
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.236.0
230
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.237.0
217
231
  post_install_message:
218
232
  rdoc_options: []
219
233
  require_paths: