dependabot-gradle 0.236.0 → 0.237.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: be59ab42a4118ef71b198db0499ec33a0d45196013b1d09ade6f8e83ddb3e3b0
-  data.tar.gz: 52c0288c9678a0d79e67669a94842bb3f1cb78d530060c0500d0cf9a6db253d7
+  metadata.gz: 985d1b809eb50f71ddc79529a1f5350bfbf52f4a754b5cf8686dcf8fe4bfed91
+  data.tar.gz: 31d0b2d659e74b7b8e23bfaa35b700e0e55a84b120e958bab5a3f7bdce15798d
 SHA512:
-  metadata.gz: ad73291e552817ddb59f4b2f9e98f4c607834dde8f029c0b56ce8c014ef84d6ab672d2fa7c33504b43faae72090d5d514757fb766e5ad349df345150d0bc2f2f
-  data.tar.gz: d2ba0530b4abdc8510b148cbe9b8347e03e53535ebfe2ba8da5ed2c8fb3100db07060dab6401f42de4f813b8f99bc99f15e2c7c5423c86b5f232e875c7846654
+  metadata.gz: d9126ce6ba683381892767b20315e40a3151727d08b6bc43abe5c21298bbdf7ac30228792232e3f2eccb40406849f62a23f3c422c02d48a4141c71d91ff35c19
+  data.tar.gz: a7a4f77c2231d1bf8b74734a63c72796edaea09310784ae2c77c7ac9f7aced0d4c335ee111ba0b9ba21d0990d8796dc250fcba6c67f29e3c7e639a5a1c4f3dee

data/lib/dependabot/gradle/file_fetcher.rb

@@ -1,12 +1,16 @@
 # typed: false
 # frozen_string_literal: true
 
+require "sorbet-runtime"
 require "dependabot/file_fetchers"
 require "dependabot/file_fetchers/base"
 
 module Dependabot
   module Gradle
     class FileFetcher < Dependabot::FileFetchers::Base
+      extend T::Sig
+      extend T::Helpers
+
       require_relative "file_parser"
       require_relative "file_fetcher/settings_file_parser"
 
@@ -30,14 +34,15 @@ module Dependabot
         "Repo must contain a build.gradle / build.gradle.kts file."
       end
 
-      private
-
+      sig { override.returns(T::Array[DependencyFile]) }
       def fetch_files
         files = all_buildfiles_in_build(".")
         check_required_files_present(files)
         files
       end
 
+      private
+
       def all_buildfiles_in_build(root_dir)
         files = [buildfile(root_dir), settings_file(root_dir), version_catalog_file(root_dir)].compact
         files += subproject_buildfiles(root_dir)

data/lib/dependabot/gradle/metadata_finder.rb

@@ -2,6 +2,7 @@
 # frozen_string_literal: true
 
 require "nokogiri"
+require "sorbet-runtime"
 require "dependabot/metadata_finders"
 require "dependabot/metadata_finders/base"
 require "dependabot/file_fetchers/base"
@@ -12,6 +13,8 @@ require "dependabot/registry_client"
 module Dependabot
   module Gradle
     class MetadataFinder < Dependabot::MetadataFinders::Base
+      extend T::Sig
+
       DOT_SEPARATOR_REGEX = %r{\.(?!\d+([.\/_\-]|$)+)}
       PROPERTY_REGEX      = /\$\{(?<property>.*?)\}/
       KOTLIN_PLUGIN_REPO_PREFIX = "org.jetbrains.kotlin"
@@ -39,7 +42,7 @@ module Dependabot
 
         artifact = dependency.name.split(":").last
         fetcher =
-          FileFetchers::Base.new(source: tmp_source, credentials: credentials)
+          Dependabot::Gradle::FileFetcher.new(source: tmp_source, credentials: credentials)
 
         @repo_has_subdir_for_dep[tmp_source] =
           fetcher.send(:repo_contents, raise_errors: false)
@@ -97,7 +100,7 @@ module Dependabot
         end
 
         github_urls.find do |url|
-          repo = Source.from_url(url).repo
+          repo = T.must(Source.from_url(url)).repo
           repo.end_with?(dependency.name.split(":").last)
         end
       end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-gradle
 version: !ruby/object:Gem::Version
-  version: 0.236.0
+  version: 0.237.0
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-10-26 00:00:00.000000000 Z
+date: 2023-11-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,28 +16,28 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.236.0
+        version: 0.237.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.236.0
+        version: 0.237.0
 - !ruby/object:Gem::Dependency
   name: dependabot-maven
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.236.0
+        version: 0.237.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.236.0
+        version: 0.237.0
 - !ruby/object:Gem::Dependency
   name: debug
   requirement: !ruby/object:Gem::Requirement
@@ -108,20 +108,34 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rspec-sorbet
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.9.2
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.9.2
 - !ruby/object:Gem::Dependency
   name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.56.0
+        version: 1.57.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.56.0
+        version: 1.57.2
 - !ruby/object:Gem::Dependency
   name: rubocop-performance
   requirement: !ruby/object:Gem::Requirement
@@ -235,7 +249,7 @@ licenses:
 - Nonstandard
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.236.0
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.237.0
 post_install_message: 
 rdoc_options: []
 require_paths: