dependabot-hex 0.262.0 → 0.263.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2c7b10874d65b3bd0e8b7cc88ba4a2febed59db868e6e55fec137eb1b14ecd16
-  data.tar.gz: f3111b9e7068dfa42498c3fbc0ee8a8a71dfa8b5c3f0298d9dbf90c1d8c16b63
+  metadata.gz: c2616cdd2af9c1e91a12d85abb82fcdc47ccc27ec270d837c60c3a9d035b5fa7
+  data.tar.gz: 8a5e0ba936625eac56641e7b8354fbff58f28db8ec5bf94b373b0371b9d19bc3
 SHA512:
-  metadata.gz: 98412810e4e250bbf74f78e9802d9c1562f68341b9aeb542d1c492a997255ec04c1da47e801e928c463e98ea7c165e787285c954bc12d30d55df3f27a1f42584
-  data.tar.gz: e3af2ecbfd1e171def22e8d3164dd2a54b682db124709e7d2377e212c579b7f02a69f3f77d22170144fdbc51e8298eb3851de68e66877a2282db54d3306ffd45
+  metadata.gz: 5c199f8f993def433c74a545056f73610cb0e3510e855e6c666fa82da8f11c80ceaab116f863d36f049e263273de246ccb8c293aa1c802924ed1fd9db5ecacda
+  data.tar.gz: ee4777cd89c4eafdf2d0b0ee32925a29d5e359b92dc6273060ba36f821eab066b566e094a244527a8c9b9b639f867a95b2d533ab1c0efc342ceed060473322c8

data/lib/dependabot/hex/file_fetcher.rb

@@ -1,4 +1,4 @@
-# typed: true
+# typed: strict
 # frozen_string_literal: true
 
 require "sorbet-runtime"
@@ -13,14 +13,16 @@ module Dependabot
 
       APPS_PATH_REGEX = /apps_path:\s*"(?<path>.*?)"/m
       STRING_ARG = %{(?:["'](.*?)["'])}
-      SUPPORTED_METHODS = %w(eval_file require_file).join("|").freeze
+      SUPPORTED_METHODS = T.let(%w(eval_file require_file).join("|").freeze, String)
       SUPPORT_FILE = /Code\.(?:#{SUPPORTED_METHODS})\(#{STRING_ARG}(?:\s*,\s*#{STRING_ARG})?\)/
       PATH_DEPS_REGEX = /{.*path: ?#{STRING_ARG}.*}/
 
+      sig { override.params(filenames: T::Array[String]).returns(T::Boolean) }
       def self.required_files_in?(filenames)
         filenames.include?("mix.exs")
       end
 
+      sig { override.returns(String) }
       def self.required_files_message
         "Repo must contain a mix.exs."
       end
@@ -37,25 +39,28 @@ module Dependabot
 
       private
 
+      sig { returns(T.nilable(DependencyFile)) }
       def mixfile
-        @mixfile ||= fetch_file_from_host("mix.exs")
+        @mixfile ||= T.let(fetch_file_from_host("mix.exs"), T.nilable(Dependabot::DependencyFile))
+        fetch_file_from_host("mix.exs")
       end
 
+      sig { returns(T.nilable(Dependabot::DependencyFile)) }
       def lockfile
-        return @lockfile if defined?(@lockfile)
-
-        @lockfile = fetch_lockfile
+        @lockfile ||= T.let(fetch_lockfile, T.nilable(DependencyFile))
       end
 
+      sig { returns(T.nilable(Dependabot::DependencyFile)) }
       def fetch_lockfile
         fetch_file_from_host("mix.lock")
       rescue Dependabot::DependencyFileNotFound
         nil
       end
 
+      sig { returns(T::Array[String]) }
       def umbrella_app_directories
-        apps_path = mixfile.content.match(APPS_PATH_REGEX)
-                           &.named_captures&.fetch("path")
+        apps_path = T.must(T.must(mixfile).content).match(APPS_PATH_REGEX)
+                     &.named_captures&.fetch("path")
         return [] unless apps_path
 
         repo_contents(dir: apps_path)
@@ -63,10 +68,12 @@ module Dependabot
           .map { |f| File.join(apps_path, f.name) }
       end
 
+      sig { returns(T::Array[String]) }
       def sub_project_directories
-        mixfile.content.scan(PATH_DEPS_REGEX).flatten
+        T.must(T.must(mixfile).content).scan(PATH_DEPS_REGEX).flatten
       end
 
+      sig { returns(T::Array[Dependabot::DependencyFile]) }
       def subapp_mixfiles
         subapp_directories = []
         subapp_directories += umbrella_app_directories
@@ -86,15 +93,17 @@ module Dependabot
         []
       end
 
+      sig { returns(T::Array[T.nilable(Dependabot::DependencyFile)]) }
       def support_files
         mixfiles = [mixfile] + subapp_mixfiles
 
         mixfiles.flat_map do |mixfile|
-          mixfile_dir = mixfile.path.to_s.delete_prefix("/").delete_suffix("/mix.exs")
+          mixfile_dir = mixfile&.path&.to_s&.delete_prefix("/")&.delete_suffix("/mix.exs")
 
-          mixfile.content.gsub("__DIR__", "\"#{mixfile_dir}\"").scan(SUPPORT_FILE).map do |support_file_args|
-            path = Pathname.new(File.join(*support_file_args.compact.reverse))
-                           .cleanpath.to_path
+          mixfile&.content&.gsub("__DIR__", "\"#{mixfile_dir}\"")&.scan(SUPPORT_FILE)&.map do |support_file_args|
+            path = Pathname.new(File.join(Array(support_file_args).compact.reverse))
+                           .cleanpath
+                           .to_path
             fetch_file_from_host(path).tap { |f| f.support_file = true }
           end
         end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-hex
 version: !ruby/object:Gem::Version
-  version: 0.262.0
+  version: 0.263.0
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-06-20 00:00:00.000000000 Z
+date: 2024-06-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.262.0
+        version: 0.263.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.262.0
+        version: 0.263.0
 - !ruby/object:Gem::Dependency
   name: debug
   requirement: !ruby/object:Gem::Requirement
@@ -272,7 +272,7 @@ licenses:
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.262.0
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.263.0
 post_install_message: 
 rdoc_options: []
 require_paths: