dependabot-go_modules 0.381.0 → 0.382.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/helpers/go.mod +1 -1
  3. data/helpers/go.sum +2 -2
  4. data/lib/dependabot/go_modules/requirement.rb +1 -1
  5. data/lib/dependabot/go_modules/requirement_parser.rb +1 -1
  6. data/lib/dependabot/go_modules/update_checker.rb +4 -3
  7. data/lib/dependabot/go_modules/version.rb +7 -7
  8. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d755e1ec7cfcbaeba0c4078e462dda1c0dad5a8656671c6951f2bf015af2f181
4
- data.tar.gz: 604712cc627e5b5fa2510328fd4afc7d4e7833fb606ca98514a3dd81c5e8caa1
3
+ metadata.gz: 88add03f124cfee55538eed83a581d28c4056d1162fbb41d490763f891a69a69
4
+ data.tar.gz: 3ac8f0be34ae4d134fc2b7bab16b20348f5d974639efcded7d18442e987db719
5
5
  SHA512:
6
- metadata.gz: 84fa95d8b8db24e5ff30cc16b7a7231e26c88ab89b44f6832e75b3575b2fa40b0c4b95200713ebe35315293b64ea86219598c8cdc1776ef357da11e5c9979f22
7
- data.tar.gz: 1fa01e546e7fb67c4c88356d996046e6cd6c54eced985e3b7485e5295e16dc958fcfc3f6f227d5a720f8766f5da89e77e717f4b0c8362a78df2868ab8a5517cb
6
+ metadata.gz: 232898ddf9f694022d7ff47016e249c1f7db49b6627077d90a70154ac2c961bc7daa351043fe2cd748556ca817866c4b58cd99834a694a5bbde8909bb50aedae
7
+ data.tar.gz: eda15cb96be95e17a881f5ce6c0c4a2667a12aa44dd0d924f162aff40a28a02a1e65c9c3e0e371aa2e0676e73305cc2010d5fbede371b30a7948338ec331c65a
data/helpers/go.mod CHANGED
@@ -4,5 +4,5 @@ go 1.26.0
4
4
 
5
5
  require (
6
6
  github.com/Masterminds/vcs v1.13.3
7
- golang.org/x/mod v0.33.0
7
+ golang.org/x/mod v0.37.0
8
8
  )
data/helpers/go.sum CHANGED
@@ -1,4 +1,4 @@
1
1
  github.com/Masterminds/vcs v1.13.3 h1:IIA2aBdXvfbIM+yl/eTnL4hb1XwdpvuQLglAix1gweE=
2
2
  github.com/Masterminds/vcs v1.13.3/go.mod h1:TiE7xuEjl1N4j016moRd6vezp6e6Lz23gypeXfzXeW8=
3
- golang.org/x/mod v0.33.0 h1:tHFzIWbBifEmbwtGz65eaWyGiGZatSrT9prnU8DbVL8=
4
- golang.org/x/mod v0.33.0/go.mod h1:swjeQEj+6r7fODbD2cqrnje9PnziFuw4bmLbBZFrQ5w=
3
+ golang.org/x/mod v0.37.0 h1:vF1DjpVEshcIqoEaauuHebaLk1O1forxjxBaVn884JQ=
4
+ golang.org/x/mod v0.37.0/go.mod h1:m8S8VeM9r4dzDwjrKO0a1sZP3YjeMamRRlD+fmR2Q/0=
data/lib/dependabot/go_modules/requirement.rb CHANGED
@@ -30,7 +30,7 @@ module Dependabot
30
30
 
31
31
  # Use GoModules::Version rather than Gem::Version to ensure that
32
32
  # pre-release versions aren't transformed.
33
- sig { params(obj: T.untyped).returns([String, Gem::Version]) }
33
+ sig { params(obj: T.any(Gem::Version, String)).returns([String, Gem::Version]) }
34
34
  def self.parse(obj)
35
35
  return ["=", Version.new(obj.to_s)] if obj.is_a?(Gem::Version)
36
36
 
data/lib/dependabot/go_modules/requirement_parser.rb CHANGED
@@ -19,7 +19,7 @@ module Dependabot
19
19
  GO_DEP_WITHOUT_VERSION =
20
20
  /\A\s*(?<name>#{MODULE_PATH})\s*\z/x
21
21
 
22
- sig { params(dependency_string: String).returns(T.nilable(T::Hash[Symbol, T.untyped])) }
22
+ sig { params(dependency_string: String).returns(T.nilable(T::Hash[Symbol, T.nilable(String)])) }
23
23
  def self.parse(dependency_string)
24
24
  match = dependency_string.strip.match(GO_DEP_WITH_VERSION)
25
25
  return nil unless match
data/lib/dependabot/go_modules/update_checker.rb CHANGED
@@ -47,11 +47,12 @@ module Dependabot
47
47
  nil
48
48
  end
49
49
 
50
- sig { override.returns(T::Array[T::Hash[Symbol, T.untyped]]) }
50
+ sig { override.returns(T::Array[Dependabot::DependencyRequirement]) }
51
51
  def updated_requirements
52
- dependency.requirements.map do |req|
53
- req.merge(requirement: latest_version)
52
+ updated = dependency.requirements.map do |req|
53
+ req.merge(requirement: latest_version&.to_s)
54
54
  end
55
+ wrap_requirements(updated)
55
56
  end
56
57
 
57
58
  private
data/lib/dependabot/go_modules/version.rb CHANGED
@@ -71,15 +71,15 @@ module Dependabot
71
71
  # see https://github.com/golang/mod/blob/fa1ba4269bda724bb9f01ec381fbbaf031e45833/semver/semver.go#L333
72
72
  # rubocop:disable Metrics/CyclomaticComplexity
73
73
  # rubocop:disable Metrics/PerceivedComplexity
74
- sig { params(left: T.untyped, right: T.untyped).returns(Integer) }
74
+ sig { params(left: String, right: String).returns(Integer) }
75
75
  def compare_prerelease(left, right)
76
76
  return 0 if left == right
77
77
  return 1 if left == ""
78
78
  return -1 if right == ""
79
79
 
80
80
  while left != "" && right != ""
81
- left = left[1..-1] if left.start_with?(".", "-")
82
- right = right[1..-1] if right.start_with?(".", "-")
81
+ left = T.must(left[1..-1]) if left.start_with?(".", "-")
82
+ right = T.must(right[1..-1]) if right.start_with?(".", "-")
83
83
 
84
84
  dx, left = next_ident(left)
85
85
  dy, right = next_ident(right)
@@ -108,17 +108,17 @@ module Dependabot
108
108
  # rubocop:enable Metrics/CyclomaticComplexity
109
109
  # rubocop:enable Metrics/PerceivedComplexity
110
110
 
111
- sig { params(data: String).returns(T.untyped) }
111
+ sig { params(data: String).returns([String, String]) }
112
112
  def next_ident(data)
113
113
  i = 0
114
114
  i += 1 while i < data.length && data[i] != "."
115
- [data[0..i], data[i..-1]]
115
+ [T.must(data[0..i]), T.must(data[i..-1])]
116
116
  end
117
117
 
118
- sig { params(data: T.untyped).returns(T::Boolean) }
118
+ sig { params(data: String).returns(T::Boolean) }
119
119
  def num?(data)
120
120
  i = 0
121
- i += 1 while i < data.length && data[i] >= "0" && data[i] <= "9"
121
+ i += 1 while i < data.length && T.must(data[i]) >= "0" && T.must(data[i]) <= "9"
122
122
  i == data.length
123
123
  end
124
124
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-go_modules
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.381.0
4
+ version: 0.382.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
@@ -15,14 +15,14 @@ dependencies:
15
15
  requirements:
16
16
  - - '='
17
17
  - !ruby/object:Gem::Version
18
- version: 0.381.0
18
+ version: 0.382.0
19
19
  type: :runtime
20
20
  prerelease: false
21
21
  version_requirements: !ruby/object:Gem::Requirement
22
22
  requirements:
23
23
  - - '='
24
24
  - !ruby/object:Gem::Version
25
- version: 0.381.0
25
+ version: 0.382.0
26
26
  - !ruby/object:Gem::Dependency
27
27
  name: debug
28
28
  requirement: !ruby/object:Gem::Requirement
@@ -275,7 +275,7 @@ licenses:
275
275
  - MIT
276
276
  metadata:
277
277
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
278
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.381.0
278
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.382.0
279
279
  rdoc_options: []
280
280
  require_paths:
281
281
  - lib