dependabot-gradle 0.260.0 → 0.261.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e1d06e275b2914f81902c579e3be9813cd0e25e41a4aa54f5ca5ddd8340bdab7
4
- data.tar.gz: bcf85d46e164d8f0fd3e71eca7ac21588c093f7e767446adac73ec9082027adf
3
+ metadata.gz: 012f7f481737b3daaca6968c5b332cff8cc7bc9780563ce06f629f6bcadcb35d
4
+ data.tar.gz: 1e0c941457b999c73f4868afc467f2c77051391751141a9b9174a8d13457f230
5
5
  SHA512:
6
- metadata.gz: 7c6007c83c51ed0de37bb65d5194d3bb43ad2f43a0b38a03beb910580c07291e0519623b020e157b5c5600a85ea95962ea47c4441b1880ebd8adbfed05408491
7
- data.tar.gz: 7abb9fc65243534b542072569586a0bdb57bd0f462b052990c11deb3ee31007fb0f776a53c331af34a2fd2d5daae70b7d48e0904152ba6a5ab5d7f25fea366ab
6
+ metadata.gz: 1dc40e9b1f32678cc8e6e68cba8c61766bc8da6bd4aa8161c0205fa8b1a4d42f8155f150289193721c660978f08d9e4522ab673b28eca4247c09df285521ba24
7
+ data.tar.gz: aa37199e4d5a557112b4b6af845e413d516dfbd0cd12e3b557304052d67c9e2d1954a00fb36d70db63677c436685589c4179ba73bd508130919e7ecef818f4a3
@@ -1,12 +1,16 @@
1
- # typed: false
1
+ # typed: true
2
2
  # frozen_string_literal: true
3
3
 
4
+ require "sorbet-runtime"
5
+
4
6
  require "dependabot/gradle/file_fetcher"
5
7
 
6
8
  module Dependabot
7
9
  module Gradle
8
10
  class FileFetcher
9
11
  class SettingsFileParser
12
+ extend T::Sig
13
+
10
14
  def initialize(settings_file:)
11
15
  @settings_file = settings_file
12
16
  end
@@ -14,18 +18,18 @@ module Dependabot
14
18
  def included_build_paths
15
19
  paths = []
16
20
  comment_free_content.scan(function_regex("includeBuild")) do
17
- arg = Regexp.last_match.named_captures.fetch("args")
18
- paths << arg.gsub(/["']/, "").strip
21
+ arg = T.must(Regexp.last_match).named_captures.fetch("args")
22
+ paths << T.must(arg).gsub(/["']/, "").strip
19
23
  end
20
24
  paths.uniq
21
25
  end
22
26
 
23
27
  def subproject_paths
24
- subprojects = []
28
+ subprojects = T.let([], T::Array[String])
25
29
 
26
30
  comment_free_content.scan(function_regex("include")) do
27
- args = Regexp.last_match.named_captures.fetch("args")
28
- args = args.split(",")
31
+ args = T.must(Regexp.last_match).named_captures.fetch("args")
32
+ args = T.must(args).split(",")
29
33
  args = args.filter_map { |p| p.gsub(/["']/, "").strip }
30
34
  subprojects += args
31
35
  end
@@ -1,7 +1,8 @@
1
- # typed: false
1
+ # typed: true
2
2
  # frozen_string_literal: true
3
3
 
4
4
  require "sorbet-runtime"
5
+
5
6
  require "dependabot/file_fetchers"
6
7
  require "dependabot/file_fetchers/base"
7
8
 
@@ -55,20 +56,21 @@ module Dependabot
55
56
  # buildSrc is implicit: included but not declared in settings.gradle
56
57
  buildsrc = repo_contents(dir: root_dir, raise_errors: false)
57
58
  .find { |item| item.type == "dir" && item.name == "buildSrc" }
58
- builds << clean_join(root_dir, "buildSrc") if buildsrc
59
+ builds << clean_join([root_dir, "buildSrc"]) if buildsrc
59
60
 
60
61
  return builds unless settings_file(root_dir)
61
62
 
62
63
  builds += SettingsFileParser
63
64
  .new(settings_file: settings_file(root_dir))
64
65
  .included_build_paths
65
- .map { |p| clean_join(root_dir, p) }
66
+ .map { |p| clean_join([root_dir, p]) }
66
67
 
67
68
  builds.uniq
68
69
  end
69
70
 
70
- def clean_join(*parts)
71
- Pathname.new(File.join(*parts)).cleanpath.to_path
71
+ sig { params(parts: T::Array[String]).returns(String) }
72
+ def clean_join(parts)
73
+ Pathname.new(File.join(parts)).cleanpath.to_path
72
74
  end
73
75
 
74
76
  def subproject_buildfiles(root_dir)
@@ -144,7 +146,7 @@ module Dependabot
144
146
 
145
147
  def find_first(dir, supported_names)
146
148
  paths = supported_names
147
- .map { |name| clean_join(dir, name) }
149
+ .map { |name| clean_join([dir, name]) }
148
150
  .each do |path|
149
151
  return cached_files[path] || next
150
152
  end
@@ -1,12 +1,16 @@
1
- # typed: false
1
+ # typed: true
2
2
  # frozen_string_literal: true
3
3
 
4
+ require "sorbet-runtime"
5
+
4
6
  require "dependabot/gradle/file_parser"
5
7
 
6
8
  module Dependabot
7
9
  module Gradle
8
10
  class FileParser
9
11
  class PropertyValueFinder
12
+ extend T::Sig
13
+
10
14
  # rubocop:disable Layout/LineLength
11
15
  SUPPORTED_BUILD_FILE_NAMES = %w(build.gradle build.gradle.kts).freeze
12
16
 
@@ -129,8 +133,8 @@ module Dependabot
129
133
 
130
134
  prepared_content(buildfile).scan(SINGLE_PROPERTY_DECLARATION_REGEX) do
131
135
  declaration_string = Regexp.last_match.to_s.strip
132
- captures = Regexp.last_match.named_captures
133
- name = captures.fetch("name").sub(/^ext\./, "")
136
+ captures = T.must(Regexp.last_match).named_captures
137
+ name = T.must(captures.fetch("name")).sub(/^ext\./, "")
134
138
 
135
139
  unless properties.key?(name)
136
140
  properties[name] = {
@@ -149,13 +153,13 @@ module Dependabot
149
153
 
150
154
  prepared_content(buildfile)
151
155
  .scan(KOTLIN_BLOCK_PROPERTY_DECLARATION_REGEX) do
152
- captures = Regexp.last_match.named_captures
156
+ captures = T.must(Regexp.last_match).named_captures
153
157
  namespace = captures.fetch("namespace")
154
158
 
155
- captures.fetch("values")
156
- .scan(KOTLIN_SINGLE_PROPERTY_SET_REGEX) do
159
+ T.must(captures.fetch("values"))
160
+ .scan(KOTLIN_SINGLE_PROPERTY_SET_REGEX) do
157
161
  declaration_string = Regexp.last_match.to_s.strip
158
- sub_captures = Regexp.last_match.named_captures
162
+ sub_captures = T.must(Regexp.last_match).named_captures
159
163
  name = sub_captures.fetch("name")
160
164
  full_name = if namespace == "extra"
161
165
  name
@@ -178,12 +182,12 @@ module Dependabot
178
182
  properties = {}
179
183
 
180
184
  prepared_content(buildfile).scan(MULTI_PROPERTY_DECLARATION_REGEX) do
181
- captures = Regexp.last_match.named_captures
182
- namespace = captures.fetch("namespace").sub(/^ext\./, "")
185
+ captures = T.must(Regexp.last_match).named_captures
186
+ namespace = T.must(captures.fetch("namespace")).sub(/^ext\./, "")
183
187
 
184
- captures.fetch("values").scan(NAMESPACED_DECLARATION_REGEX) do
188
+ T.must(captures.fetch("values")).scan(NAMESPACED_DECLARATION_REGEX) do
185
189
  declaration_string = Regexp.last_match.to_s.strip
186
- sub_captures = Regexp.last_match.named_captures
190
+ sub_captures = T.must(Regexp.last_match).named_captures
187
191
  name = sub_captures.fetch("name")
188
192
  full_name = [namespace, name].join(".")
189
193
 
@@ -1,12 +1,16 @@
1
- # typed: false
1
+ # typed: true
2
2
  # frozen_string_literal: true
3
3
 
4
+ require "sorbet-runtime"
5
+
4
6
  require "dependabot/gradle/file_parser"
5
7
 
6
8
  module Dependabot
7
9
  module Gradle
8
10
  class FileParser
9
11
  class RepositoriesFinder
12
+ extend T::Sig
13
+
10
14
  SUPPORTED_BUILD_FILE_NAMES = %w(build.gradle build.gradle.kts).freeze
11
15
  SUPPORTED_SETTINGS_FILE_NAMES = %w(settings.gradle settings.gradle.kts).freeze
12
16
 
@@ -58,14 +62,14 @@ module Dependabot
58
62
  subproject_blocks = []
59
63
 
60
64
  buildfile_content.scan(/(?:^|\s)allprojects\s*\{/) do
61
- mtch = Regexp.last_match
65
+ mtch = T.must(Regexp.last_match)
62
66
  subproject_blocks <<
63
67
  mtch.post_match[0..closing_bracket_index(mtch.post_match)]
64
68
  end
65
69
 
66
70
  if top_level_buildfile != target_dependency_file
67
71
  buildfile_content.scan(/(?:^|\s)subprojects\s*\{/) do
68
- mtch = Regexp.last_match
72
+ mtch = T.must(Regexp.last_match)
69
73
  subproject_blocks <<
70
74
  mtch.post_match[0..closing_bracket_index(mtch.post_match)]
71
75
  end
@@ -82,7 +86,7 @@ module Dependabot
82
86
  own_buildfile_urls = []
83
87
 
84
88
  subproject_buildfile_content = buildfile_content.dup.scan(/(?:^|\s)subprojects\s*\{/) do
85
- mtch = Regexp.last_match
89
+ mtch = T.must(Regexp.last_match)
86
90
  buildfile_content.gsub(
87
91
  mtch.post_match[0..closing_bracket_index(mtch.post_match)],
88
92
  ""
@@ -101,7 +105,7 @@ module Dependabot
101
105
  dependency_resolution_management_repositories = []
102
106
 
103
107
  settings_file_content.scan(/(?:^|\s)dependencyResolutionManagement\s*\{/) do
104
- mtch = Regexp.last_match
108
+ mtch = T.must(Regexp.last_match)
105
109
  dependency_resolution_management_repositories <<
106
110
  mtch.post_match[0..closing_bracket_index(mtch.post_match)]
107
111
  end
@@ -114,7 +118,7 @@ module Dependabot
114
118
 
115
119
  repository_blocks = []
116
120
  buildfile_content.scan(REPOSITORIES_BLOCK_START) do
117
- mtch = Regexp.last_match
121
+ mtch = T.must(Regexp.last_match)
118
122
  repository_blocks <<
119
123
  mtch.post_match[0..closing_bracket_index(mtch.post_match)]
120
124
  end
@@ -129,7 +133,7 @@ module Dependabot
129
133
  repository_urls << GRADLE_PLUGINS_REPO if block.match?(/\sgradlePluginPortal\(/)
130
134
 
131
135
  block.scan(MAVEN_REPO_REGEX) do
132
- repository_urls << Regexp.last_match.named_captures.fetch("url")
136
+ repository_urls << T.must(Regexp.last_match).named_captures.fetch("url")
133
137
  end
134
138
  end
135
139
 
@@ -1,6 +1,7 @@
1
- # typed: false
1
+ # typed: true
2
2
  # frozen_string_literal: true
3
3
 
4
+ require "sorbet-runtime"
4
5
  require "toml-rb"
5
6
 
6
7
  require "dependabot/dependency"
@@ -18,6 +19,8 @@ require "dependabot/gradle/version"
18
19
  module Dependabot
19
20
  module Gradle
20
21
  class FileParser < Dependabot::FileParsers::Base
22
+ extend T::Sig
23
+
21
24
  require "dependabot/file_parsers/base/dependency_set"
22
25
  require_relative "file_parser/property_value_finder"
23
26
 
@@ -148,10 +151,10 @@ module Dependabot
148
151
  dependency_set = DependencySet.new
149
152
 
150
153
  prepared_content(buildfile).scan(DEPENDENCY_DECLARATION_REGEX) do
151
- declaration = Regexp.last_match.named_captures.fetch("declaration")
154
+ declaration = T.must(Regexp.last_match).named_captures.fetch("declaration")
152
155
 
153
- group, name, version = declaration.split(":")
154
- version, _packaging_type = version.split("@")
156
+ group, name, version = T.must(declaration).split(":")
157
+ version, _packaging_type = T.must(version).split("@")
155
158
  details = { group: group, name: name, version: version }
156
159
 
157
160
  dep = dependency_from(details_hash: details, buildfile: buildfile)
@@ -185,7 +188,7 @@ module Dependabot
185
188
  dependency_set_blocks = []
186
189
 
187
190
  prepared_content(buildfile).scan(DEPENDENCY_SET_DECLARATION_REGEX) do
188
- mch = Regexp.last_match
191
+ mch = T.must(Regexp.last_match)
189
192
  dependency_set_blocks <<
190
193
  {
191
194
  arguments: mch.named_captures.fetch("arguments"),
@@ -218,7 +221,7 @@ module Dependabot
218
221
  plugin_blocks = []
219
222
 
220
223
  prepared_content(buildfile).scan(PLUGIN_BLOCK_DECLARATION_REGEX) do
221
- mch = Regexp.last_match
224
+ mch = T.must(Regexp.last_match)
222
225
  plugin_blocks <<
223
226
  mch.post_match[0..closing_bracket_index(mch.post_match)]
224
227
  end
@@ -355,7 +358,7 @@ module Dependabot
355
358
  # Remove the dependencyVerification section added by Gradle Witness
356
359
  # (TODO: Support updating this in the FileUpdater)
357
360
  prepared_content.dup.scan(/dependencyVerification\s*{/) do
358
- mtch = Regexp.last_match
361
+ mtch = T.must(Regexp.last_match)
359
362
  block = mtch.post_match[0..closing_bracket_index(mtch.post_match)]
360
363
  prepared_content.gsub!(block, "")
361
364
  end
@@ -1,4 +1,4 @@
1
- # typed: strict
1
+ # typed: strong
2
2
  # frozen_string_literal: true
3
3
 
4
4
  require "sorbet-runtime"
@@ -1,6 +1,8 @@
1
- # typed: false
1
+ # typed: true
2
2
  # frozen_string_literal: true
3
3
 
4
+ require "sorbet-runtime"
5
+
4
6
  require "dependabot/file_updaters"
5
7
  require "dependabot/file_updaters/base"
6
8
  require "dependabot/gradle/file_parser"
@@ -8,6 +10,8 @@ require "dependabot/gradle/file_parser"
8
10
  module Dependabot
9
11
  module Gradle
10
12
  class FileUpdater < Dependabot::FileUpdaters::Base
13
+ extend T::Sig
14
+
11
15
  require_relative "file_updater/dependency_set_updater"
12
16
  require_relative "file_updater/property_value_updater"
13
17
 
@@ -159,7 +163,7 @@ module Dependabot
159
163
  result = string.dup
160
164
 
161
165
  string.scan(Gradle::FileParser::PROPERTY_REGEX) do
162
- prop_name = Regexp.last_match.named_captures.fetch("property_name")
166
+ prop_name = T.must(Regexp.last_match).named_captures.fetch("property_name")
163
167
  property_value = property_value_finder.property_value(
164
168
  property_name: prop_name,
165
169
  callsite_buildfile: buildfile
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-gradle
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.260.0
4
+ version: 0.261.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-06-06 00:00:00.000000000 Z
11
+ date: 2024-06-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,28 +16,28 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.260.0
19
+ version: 0.261.1
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.260.0
26
+ version: 0.261.1
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: dependabot-maven
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
31
  - - '='
32
32
  - !ruby/object:Gem::Version
33
- version: 0.260.0
33
+ version: 0.261.1
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
38
  - - '='
39
39
  - !ruby/object:Gem::Version
40
- version: 0.260.0
40
+ version: 0.261.1
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: debug
43
43
  requirement: !ruby/object:Gem::Requirement
@@ -277,7 +277,7 @@ licenses:
277
277
  - MIT
278
278
  metadata:
279
279
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
280
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.260.0
280
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.261.1
281
281
  post_install_message:
282
282
  rdoc_options: []
283
283
  require_paths: