dependabot-nuget 0.236.0 → 0.237.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7aefa443941f4d0d0ef21fe0d1378243669f27ca62dd32731fb0881120ffeea5
-  data.tar.gz: 5b8a246fc596421b5a44949a669038a2f209cad056a79e55a8310c3157b301f1
+  metadata.gz: d633bba8c781dee126f8f39e1646bf6fa77624c4154f599c379a7a2597ca2ab5
+  data.tar.gz: 1b6363c64e9ec7d3d9b44d3c5eb62a4065bbfe57da21e48e95a2b45a7ecd7c3e
 SHA512:
-  metadata.gz: 669395354dfa0e41d0d6e71ee23f8003eb092bbb8946595fa86453e8210363c2d14460dcaa348804fefd4445533024275792124e54a32de52d19ed39d4ce8f01
-  data.tar.gz: e9e6716d91819085aea460e7ade8b02bf88cabf3e5710bb1f6438d4a1974e5f1cc31f9e4a6e642705a5fa80d9782af7cb074f5f2cfc67b61d8bcfd2ec99001f8
+  metadata.gz: fbf7eb348c2a69d39eb4058efa0c68da4bfd8cac52646fa6230ed9dcc4efbe1c5ac216f03d67249b8fc48fe542790cac2e6b360e7725f7d2f8f7edb023d2cb4d
+  data.tar.gz: 9f96e9f0a24581bed453c8c16246d01c5f284e52e1972614be5b0dadea10c8de2351ec06d37c59872066bf07ea0e5605c0549437b53c883d1ebebf9689525ec8

data/lib/dependabot/nuget/file_fetcher.rb

@@ -4,10 +4,14 @@
 require "dependabot/file_fetchers"
 require "dependabot/file_fetchers/base"
 require "set"
+require "sorbet-runtime"
 
 module Dependabot
   module Nuget
     class FileFetcher < Dependabot::FileFetchers::Base
+      extend T::Sig
+      extend T::Helpers
+
       require_relative "file_fetcher/import_paths_finder"
       require_relative "file_fetcher/sln_project_paths_finder"
 
@@ -23,8 +27,7 @@ module Dependabot
         "Repo must contain a .(cs|vb|fs)proj file or a packages.config."
       end
 
-      private
-
+      sig { override.returns(T::Array[DependencyFile]) }
       def fetch_files
         fetched_files = []
         fetched_files += project_files
@@ -51,6 +54,8 @@ module Dependabot
         fetched_files
       end
 
+      private
+
       def project_files
         @project_files ||=
           begin

data/lib/dependabot/nuget/file_updater.rb

@@ -52,16 +52,16 @@ module Dependabot
 
       def packages_config_files
         dependency_files.select do |f|
-          f.name.split("/").last.casecmp("packages.config").zero?
+          T.must(T.must(f.name.split("/").last).casecmp("packages.config")).zero?
         end
       end
 
       def global_json
-        dependency_files.find { |f| f.name.casecmp("global.json").zero? }
+        dependency_files.find { |f| T.must(f.name.casecmp("global.json")).zero? }
       end
 
       def dotnet_tools_json
-        dependency_files.find { |f| f.name.casecmp(".config/dotnet-tools.json").zero? }
+        dependency_files.find { |f| T.must(f.name.casecmp(".config/dotnet-tools.json")).zero? }
       end
 
       def check_required_files

data/lib/dependabot/nuget/metadata_finder.rb

@@ -2,6 +2,7 @@
 # frozen_string_literal: true
 
 require "nokogiri"
+require "sorbet-runtime"
 require "dependabot/metadata_finders"
 require "dependabot/metadata_finders/base"
 require "dependabot/registry_client"
@@ -9,6 +10,8 @@ require "dependabot/registry_client"
 module Dependabot
   module Nuget
     class MetadataFinder < Dependabot::MetadataFinders::Base
+      extend T::Sig
+
       private
 
       def look_up_source
@@ -102,7 +105,7 @@ module Dependabot
         end
 
         github_urls.find do |url|
-          repo = Source.from_url(url).repo
+          repo = T.must(Source.from_url(url)).repo
           repo.downcase.end_with?(dependency.name.downcase)
         end
       end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-nuget
 version: !ruby/object:Gem::Version
-  version: 0.236.0
+  version: 0.237.0
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-10-26 00:00:00.000000000 Z
+date: 2023-11-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.236.0
+        version: 0.237.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.236.0
+        version: 0.237.0
 - !ruby/object:Gem::Dependency
   name: debug
   requirement: !ruby/object:Gem::Requirement
@@ -94,20 +94,34 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rspec-sorbet
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.9.2
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.9.2
 - !ruby/object:Gem::Dependency
   name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.56.0
+        version: 1.57.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.56.0
+        version: 1.57.2
 - !ruby/object:Gem::Dependency
   name: rubocop-performance
   requirement: !ruby/object:Gem::Requirement
@@ -227,7 +241,7 @@ licenses:
 - Nonstandard
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.236.0
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.237.0
 post_install_message: 
 rdoc_options: []
 require_paths: