dependabot-gradle 0.262.0 → 0.264.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a030ae92a1ad242061604cdf1539a1e71ecd8da55cf8efebaed77cf933c7f3e4
4
- data.tar.gz: ea81ec27791890cff4e7c3552186ee9c2cc8c9004aff6fc3f6db1d0fe1026d0b
3
+ metadata.gz: d10eedea81449df321f09127a88f4c3be2aa317d8cb437a381825fd811e9fc2a
4
+ data.tar.gz: b3936158b65edb6c2027e361d76cd2aa78235fabae98d17a5d5ca24893f2a06f
5
5
  SHA512:
6
- metadata.gz: e47e3532b98a2d438d819d49dcf26a755adeff307b6f4f69e7e564c7a04bfc2b4a50d616991bd677d0fa38083c24e36c394cdfd9aa6df7232bd0a568d0cd4953
7
- data.tar.gz: 2450516acf431f0873cc90c5eadf602972a7a65c71805fb348ccf54f1c6d35c51b52f211d9c09caa2b0fa0bdfddab86e9e3374ca1c8d6a9563f340530a1f5988
6
+ metadata.gz: 50d579cc9c25840cd632d8507f90339c218ee81964d732b7b799cea740a6dd0ae8ab846bf111a701ccf4b8c40c56b08e64a46300cbed3a3ec73968e5b6b9b40f
7
+ data.tar.gz: 41e425cf72d56b615abefac4895d9bf897d07e99532fcfbf37ec14e330e5819152aabc96b32793b4bec4d9032f84770a0a7125ea884ff9933dc6c700ba786f18
@@ -1,4 +1,4 @@
1
- # typed: true
1
+ # typed: strong
2
2
  # frozen_string_literal: true
3
3
 
4
4
  require "sorbet-runtime"
@@ -11,53 +11,61 @@ module Dependabot
11
11
  class SettingsFileParser
12
12
  extend T::Sig
13
13
 
14
+ sig { params(settings_file: Dependabot::DependencyFile).void }
14
15
  def initialize(settings_file:)
15
16
  @settings_file = settings_file
16
17
  end
17
18
 
19
+ sig { returns(T::Array[String]) }
18
20
  def included_build_paths
19
21
  paths = []
20
- comment_free_content.scan(function_regex("includeBuild")) do
22
+ comment_free_content&.scan(function_regex("includeBuild")) do
21
23
  arg = T.must(Regexp.last_match).named_captures.fetch("args")
22
24
  paths << T.must(arg).gsub(/["']/, "").strip
23
25
  end
24
26
  paths.uniq
25
27
  end
26
28
 
29
+ sig { returns(T::Array[T.nilable(String)]) }
27
30
  def subproject_paths
28
31
  subprojects = T.let([], T::Array[String])
32
+ process_include_functions(subprojects)
33
+ subprojects.uniq.map { |name| process_subproject_name(name) }
34
+ end
35
+
36
+ private
29
37
 
30
- comment_free_content.scan(function_regex("include")) do
38
+ sig { params(subprojects: T::Array[String]).void }
39
+ def process_include_functions(subprojects)
40
+ comment_free_content&.scan(function_regex("include")) do
31
41
  args = T.must(Regexp.last_match).named_captures.fetch("args")
32
42
  args = T.must(args).split(",")
33
43
  args = args.filter_map { |p| p.gsub(/["']/, "").strip }
34
- subprojects += args
44
+ subprojects.concat(args)
35
45
  end
46
+ end
36
47
 
37
- subprojects = subprojects.uniq
38
-
39
- subproject_dirs = subprojects.map do |proj|
40
- if comment_free_content.match?(project_dir_regex(proj))
41
- comment_free_content.match(project_dir_regex(proj))
42
- .named_captures.fetch("path").sub(%r{^/}, "")
43
- else
44
- proj.tr(":", "/").sub(%r{^/}, "")
45
- end
48
+ sig { params(proj: String).returns(T.nilable(String)) }
49
+ def process_subproject_name(proj)
50
+ if comment_free_content&.match?(project_dir_regex(proj))
51
+ comment_free_content&.match(project_dir_regex(proj))
52
+ &.named_captures&.fetch("path")&.sub(%r{^/}, "")
53
+ else
54
+ proj.tr(":", "/").sub(%r{^/}, "")
46
55
  end
47
-
48
- subproject_dirs.uniq
49
56
  end
50
57
 
51
- private
52
-
58
+ sig { returns(Dependabot::DependencyFile) }
53
59
  attr_reader :settings_file
54
60
 
61
+ sig { returns(T.nilable(String)) }
55
62
  def comment_free_content
56
63
  settings_file.content
57
- .gsub(%r{(?<=^|\s)//.*$}, "\n")
58
- .gsub(%r{(?<=^|\s)/\*.*?\*/}m, "")
64
+ &.gsub(%r{(?<=^|\s)//.*$}, "\n")
65
+ &.gsub(%r{(?<=^|\s)/\*.*?\*/}m, "")
59
66
  end
60
67
 
68
+ sig { params(function_name: T.any(String, Symbol)).returns(Regexp) }
61
69
  def function_regex(function_name)
62
70
  /
63
71
  (?:^|\s)#{Regexp.quote(function_name)}(?:\s*\(|\s)
@@ -65,6 +73,7 @@ module Dependabot
65
73
  /mx
66
74
  end
67
75
 
76
+ sig { params(proj: String).returns(Regexp) }
68
77
  def project_dir_regex(proj)
69
78
  prefixed_proj = Regexp.quote(":#{proj.gsub(/^:/, '')}")
70
79
  /['"]#{prefixed_proj}['"].*dir\s*=.*['"](?<path>.*?)['"]/i
@@ -1,4 +1,4 @@
1
- # typed: true
1
+ # typed: strict
2
2
  # frozen_string_literal: true
3
3
 
4
4
  require "sorbet-runtime"
@@ -16,21 +16,39 @@ module Dependabot
16
16
  require_relative "file_fetcher/settings_file_parser"
17
17
 
18
18
  SUPPORTED_BUILD_FILE_NAMES =
19
- %w(build.gradle build.gradle.kts).freeze
19
+ T.let(%w(build.gradle build.gradle.kts).freeze, T::Array[String])
20
20
 
21
21
  SUPPORTED_SETTINGS_FILE_NAMES =
22
- %w(settings.gradle settings.gradle.kts).freeze
22
+ T.let(%w(settings.gradle settings.gradle.kts).freeze, T::Array[String])
23
23
 
24
24
  # For now Gradle only supports library .toml files in the main gradle folder
25
25
  SUPPORTED_VERSION_CATALOG_FILE_PATH =
26
- %w(/gradle/libs.versions.toml).freeze
26
+ T.let(%w(/gradle/libs.versions.toml).freeze, T::Array[String])
27
27
 
28
+ sig do
29
+ override
30
+ .params(
31
+ source: Dependabot::Source,
32
+ credentials: T::Array[Dependabot::Credential],
33
+ repo_contents_path: T.nilable(String),
34
+ options: T::Hash[String, String]
35
+ )
36
+ .void
37
+ end
38
+ def initialize(source:, credentials:, repo_contents_path: nil, options: {})
39
+ super
40
+
41
+ @buildfile_name = T.let(nil, T.nilable(String))
42
+ end
43
+
44
+ sig { override.params(filenames: T::Array[String]).returns(T::Boolean) }
28
45
  def self.required_files_in?(filenames)
29
46
  filenames.any? do |filename|
30
47
  SUPPORTED_BUILD_FILE_NAMES.any? { |supported| filename.end_with?(supported) }
31
48
  end
32
49
  end
33
50
 
51
+ sig { override.returns(String) }
34
52
  def self.required_files_message
35
53
  "Repo must contain a build.gradle / build.gradle.kts file."
36
54
  end
@@ -42,6 +60,7 @@ module Dependabot
42
60
 
43
61
  private
44
62
 
63
+ sig { params(root_dir: String).returns(T::Array[DependencyFile]) }
45
64
  def all_buildfiles_in_build(root_dir)
46
65
  files = [buildfile(root_dir), settings_file(root_dir), version_catalog_file(root_dir)].compact
47
66
  files += subproject_buildfiles(root_dir)
@@ -50,6 +69,7 @@ module Dependabot
50
69
  .flat_map { |dir| all_buildfiles_in_build(dir) }
51
70
  end
52
71
 
72
+ sig { params(root_dir: String).returns(T::Array[String]) }
53
73
  def included_builds(root_dir)
54
74
  builds = []
55
75
 
@@ -61,7 +81,7 @@ module Dependabot
61
81
  return builds unless settings_file(root_dir)
62
82
 
63
83
  builds += SettingsFileParser
64
- .new(settings_file: settings_file(root_dir))
84
+ .new(settings_file: T.must(settings_file(root_dir)))
65
85
  .included_build_paths
66
86
  .map { |p| clean_join([root_dir, p]) }
67
87
 
@@ -73,17 +93,19 @@ module Dependabot
73
93
  Pathname.new(File.join(parts)).cleanpath.to_path
74
94
  end
75
95
 
96
+ sig { params(root_dir: String).returns(T::Array[DependencyFile]) }
76
97
  def subproject_buildfiles(root_dir)
77
98
  return [] unless settings_file(root_dir)
78
99
 
79
100
  subproject_paths =
80
101
  SettingsFileParser
81
- .new(settings_file: settings_file(root_dir))
102
+ .new(settings_file: T.must(settings_file(root_dir)))
82
103
  .subproject_paths
83
104
 
84
105
  subproject_paths.filter_map do |path|
85
106
  if @buildfile_name
86
- fetch_file_from_host(File.join(root_dir, path, @buildfile_name))
107
+ buildfile_path = File.join(root_dir, path, @buildfile_name)
108
+ fetch_file_from_host(buildfile_path)
87
109
  else
88
110
  buildfile(File.join(root_dir, path))
89
111
  end
@@ -93,6 +115,7 @@ module Dependabot
93
115
  end
94
116
  end
95
117
 
118
+ sig { params(root_dir: String).returns(T.nilable(DependencyFile)) }
96
119
  def version_catalog_file(root_dir)
97
120
  return nil unless root_dir == "."
98
121
 
@@ -100,6 +123,7 @@ module Dependabot
100
123
  end
101
124
 
102
125
  # rubocop:disable Metrics/PerceivedComplexity
126
+ sig { params(root_dir: String).returns(T::Array[DependencyFile]) }
103
127
  def dependency_script_plugins(root_dir)
104
128
  return [] unless buildfile(root_dir)
105
129
 
@@ -123,6 +147,7 @@ module Dependabot
123
147
  end
124
148
  # rubocop:enable Metrics/PerceivedComplexity
125
149
 
150
+ sig { params(path: T.any(Pathname, String)).returns(T::Boolean) }
126
151
  def file_exists_in_submodule?(path)
127
152
  fetch_file_from_host(path, fetch_submodules: true)
128
153
  true
@@ -130,20 +155,24 @@ module Dependabot
130
155
  false
131
156
  end
132
157
 
158
+ sig { params(dir: String).returns(T.nilable(DependencyFile)) }
133
159
  def buildfile(dir)
134
160
  file = find_first(dir, SUPPORTED_BUILD_FILE_NAMES) || return
135
161
  @buildfile_name ||= File.basename(file.name)
136
162
  file
137
163
  end
138
164
 
165
+ sig { params(dir: String).returns(T.nilable(DependencyFile)) }
139
166
  def gradle_toml_file(dir)
140
167
  find_first(dir, SUPPORTED_VERSION_CATALOG_FILE_PATH)
141
168
  end
142
169
 
170
+ sig { params(dir: String).returns(T.nilable(DependencyFile)) }
143
171
  def settings_file(dir)
144
172
  find_first(dir, SUPPORTED_SETTINGS_FILE_NAMES)
145
173
  end
146
174
 
175
+ sig { params(dir: String, supported_names: T::Array[String]).returns(T.nilable(DependencyFile)) }
147
176
  def find_first(dir, supported_names)
148
177
  paths = supported_names
149
178
  .map { |name| clean_join([dir, name]) }
@@ -153,10 +182,12 @@ module Dependabot
153
182
  fetch_first_if_present(paths)
154
183
  end
155
184
 
185
+ sig { returns(T::Hash[String, DependencyFile]) }
156
186
  def cached_files
157
- @cached_files ||= {}
187
+ @cached_files ||= T.let({}, T.nilable(T::Hash[String, DependencyFile]))
158
188
  end
159
189
 
190
+ sig { params(paths: T::Array[String]).returns(T.nilable(DependencyFile)) }
160
191
  def fetch_first_if_present(paths)
161
192
  paths.each do |path|
162
193
  file = fetch_file_if_present(path) || next
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-gradle
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.262.0
4
+ version: 0.264.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-06-20 00:00:00.000000000 Z
11
+ date: 2024-07-05 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,28 +16,28 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.262.0
19
+ version: 0.264.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.262.0
26
+ version: 0.264.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: dependabot-maven
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
31
  - - '='
32
32
  - !ruby/object:Gem::Version
33
- version: 0.262.0
33
+ version: 0.264.0
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
38
  - - '='
39
39
  - !ruby/object:Gem::Version
40
- version: 0.262.0
40
+ version: 0.264.0
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: debug
43
43
  requirement: !ruby/object:Gem::Requirement
@@ -277,7 +277,7 @@ licenses:
277
277
  - MIT
278
278
  metadata:
279
279
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
280
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.262.0
280
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.264.0
281
281
  post_install_message:
282
282
  rdoc_options: []
283
283
  require_paths: