dependabot-nuget 0.230.0 → 0.231.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fcbeaa88c97126a22d02f477c4a2545756b3b43967b47ae4186ad2a7862e0a88
-  data.tar.gz: 0ca6ee04360b67f2c1bf12a2d53e155b1c75ff066355edf2800b673ead4de82b
+  metadata.gz: 608f0d97c405be7a8f527e34e436ce218bf3e7921ef697352f96e9bb50e348b5
+  data.tar.gz: a57f339fabc51be6fb38520a14777b544a4318f695f654538f6e5974e3b19707
 SHA512:
-  metadata.gz: 61ccb7b282f7c59d76ad6bb0df15d3e69c6f90bb08836c9a2937249d9d7a637be0ad005050fe48b5af2b29282ec0971f6bbc4cc6e6bb8b6f1be448e49d7a660e
-  data.tar.gz: 1504d65aa04fbb9193b60b706d737e8b30f517abd794b5f2bd92c8d3c5a908c2f823ee1d33b6ba8c999e5b04395fb7fa24536b448688db319d8abb11dafbad20
+  metadata.gz: c519c1e1afeea8c81820fffab374e9b8943bb6bd6463b57ffb30fbe58b72a1a33a78480031498c10598e89dd95c5cd37c1f3ae3e5ccad6df3eac40f72e4392ae
+  data.tar.gz: e80994506a551c678d419b4e02962b7e257ad908f80e7b913b41ff83fd0367b5de8ea60c91d73d4b82917565c9d891c239dee26f7e70e93d4efd87477e3d2858

data/lib/dependabot/nuget/file_fetcher/import_paths_finder.rb

@@ -1,3 +1,4 @@
+# typed: false
 # frozen_string_literal: true
 
 require "nokogiri"

data/lib/dependabot/nuget/file_fetcher/sln_project_paths_finder.rb

@@ -1,3 +1,4 @@
+# typed: false
 # frozen_string_literal: true
 
 require "pathname"

data/lib/dependabot/nuget/file_fetcher.rb

@@ -1,3 +1,4 @@
+# typed: false
 # frozen_string_literal: true
 
 require "dependabot/file_fetchers"
@@ -77,8 +78,8 @@ module Dependabot
 
         @packages_config_files ||=
           candidate_paths.filter_map do |dir|
-            file = repo_contents(dir: dir).
-                   find { |f| f.name.casecmp("packages.config").zero? }
+            file = repo_contents(dir: dir)
+                   .find { |f| f.name.casecmp("packages.config").zero? }
             fetch_file_from_host(File.join(dir, file.name)) if file
           end
       end
@@ -90,9 +91,9 @@ module Dependabot
 
         # If there are no sln files but there is a src directory, check that dir
         if sln_files.none? && src_dir
-          sln_files = repo_contents(dir: "src").
-                      select { |f| f.name.end_with?(".sln") }.map(&:dup).
-                      map { |file| file.tap { |f| f.name = "src/" + f.name } }
+          sln_files = repo_contents(dir: "src")
+                      .select { |f| f.name.end_with?(".sln") }.map(&:dup)
+                      .map { |file| file.tap { |f| f.name = "src/" + f.name } }
         end
 
         # Return `nil` if no sln files were found
@@ -156,9 +157,9 @@ module Dependabot
         @sln_project_files ||=
           begin
             paths = sln_files.flat_map do |sln_file|
-              SlnProjectPathsFinder.
-                new(sln_file: sln_file).
-                project_paths
+              SlnProjectPathsFinder
+                .new(sln_file: sln_file)
+                .project_paths
             end
 
             paths.filter_map do |path|
@@ -177,9 +178,9 @@ module Dependabot
         return unless sln_file_names
 
         @sln_files ||=
-          sln_file_names.
-          map { |sln_file_name| fetch_file_from_host(sln_file_name) }.
-          select { |file| file.content.valid_encoding? }
+          sln_file_names
+          .map { |sln_file_name| fetch_file_from_host(sln_file_name) }
+          .select { |file| file.content.valid_encoding? }
       end
 
       def csproj_file
@@ -231,8 +232,8 @@ module Dependabot
           break if visited_directories.include?(dir)
 
           visited_directories << dir
-          file = repo_contents(dir: dir).
-                 find { |f| f.name.casecmp("nuget.config").zero? }
+          file = repo_contents(dir: dir)
+                 .find { |f| f.name.casecmp("nuget.config").zero? }
           if file
             file = fetch_file_from_host(File.join(dir, file.name))
             file&.tap { |f| f.support_file = true }

data/lib/dependabot/nuget/file_parser/dotnet_tools_json_parser.rb

@@ -1,3 +1,4 @@
+# typed: false
 # frozen_string_literal: true
 
 require "json"

data/lib/dependabot/nuget/file_parser/global_json_parser.rb

@@ -1,3 +1,4 @@
+# typed: false
 # frozen_string_literal: true
 
 require "json"

data/lib/dependabot/nuget/file_parser/packages_config_parser.rb

@@ -1,3 +1,4 @@
+# typed: false
 # frozen_string_literal: true
 
 require "nokogiri"

data/lib/dependabot/nuget/file_parser/project_file_parser.rb

@@ -1,3 +1,4 @@
+# typed: false
 # frozen_string_literal: true
 
 require "nokogiri"
@@ -127,8 +128,8 @@ module Dependabot
           if prop_name
             # Get the root property name unless no details could be found,
             # in which case use the top-level name to ease debugging
-            root_prop_name = details_for_property(prop_name, project_file)&.
-                             fetch(:root_property_name) || prop_name
+            root_prop_name = details_for_property(prop_name, project_file)
+                             &.fetch(:root_property_name) || prop_name
             requirement[:metadata] = { property_name: root_prop_name }
           end
 
@@ -185,9 +186,9 @@ module Dependabot
 
           return unless raw_requirement.match?(PROPERTY_REGEX)
 
-          raw_requirement.
-            match(PROPERTY_REGEX).
-            named_captures.fetch("property")
+          raw_requirement
+            .match(PROPERTY_REGEX)
+            .named_captures.fetch("property")
         end
 
         # rubocop:disable Metrics/PerceivedComplexity
@@ -206,8 +207,8 @@ module Dependabot
         def evaluated_value(value, project_file)
           return value unless value.match?(PROPERTY_REGEX)
 
-          property_name = value.match(PROPERTY_REGEX).
-                          named_captures.fetch("property")
+          property_name = value.match(PROPERTY_REGEX)
+                               .named_captures.fetch("property")
           property_details = details_for_property(property_name, project_file)
 
           # Don't halt parsing for a missing property value until we're
@@ -218,8 +219,8 @@ module Dependabot
         end
 
         def details_for_property(property_name, project_file)
-          property_value_finder.
-            property_details(
+          property_value_finder
+            .property_details(
               property_name: property_name,
               callsite_file: project_file
             )

data/lib/dependabot/nuget/file_parser/property_value_finder.rb

@@ -1,3 +1,4 @@
+# typed: false
 # frozen_string_literal: true
 
 require "dependabot/nuget/file_fetcher/import_paths_finder"
@@ -53,11 +54,11 @@ module Dependabot
         end
 
         def check_next_level_of_stack(node_details, stack)
-          property_name = node_details.fetch(:value).
-                          match(PROPERTY_REGEX).
-                          named_captures.fetch("property")
-          callsite_file = dependency_files.
-                          find { |f| f.name == node_details.fetch(:file) }
+          property_name = node_details.fetch(:value)
+                                      .match(PROPERTY_REGEX)
+                                      .named_captures.fetch("property")
+          callsite_file = dependency_files
+                          .find { |f| f.name == node_details.fetch(:file) }
 
           raise "Circular reference!" if stack.include?([property_name, callsite_file.name])
 
@@ -82,17 +83,17 @@ module Dependabot
 
           # Otherwise, we need to look in an imported file
           import_path_finder =
-            Nuget::FileFetcher::ImportPathsFinder.
-            new(project_file: file)
+            Nuget::FileFetcher::ImportPathsFinder
+            .new(project_file: file)
 
           import_paths = [
             *import_path_finder.import_paths,
             *import_path_finder.project_reference_paths
           ]
 
-          file = import_paths.
-                 filter_map { |p| dependency_files.find { |f| f.name == p } }.
-                 find { |f| deep_find_prop_node(property: property, file: f) }
+          file = import_paths
+                 .filter_map { |p| dependency_files.find { |f| f.name == p } }
+                 .find { |f| deep_find_prop_node(property: property, file: f) }
 
           return unless file
 
@@ -137,8 +138,8 @@ module Dependabot
             Pathname.new(base + "/Directory.Build.targets").cleanpath.to_path
           end.reverse + ["Directory.Build.targets"]
 
-          path = possible_paths.uniq.
-                 find { |p| dependency_files.find { |f| f.name == p } }
+          path = possible_paths.uniq
+                               .find { |p| dependency_files.find { |f| f.name == p } }
 
           dependency_files.find { |f| f.name == path }
         end
@@ -154,8 +155,8 @@ module Dependabot
           end.reverse + ["Directory.Build.props"]
 
           path =
-            possible_paths.uniq.
-            find { |p| dependency_files.find { |f| f.name.casecmp(p).zero? } }
+            possible_paths.uniq
+                          .find { |p| dependency_files.find { |f| f.name.casecmp(p).zero? } }
 
           dependency_files.find { |f| f.name == path }
         end
@@ -170,8 +171,8 @@ module Dependabot
             Pathname.new(base + "/Directory.Packages.props").cleanpath.to_path
           end.reverse + ["Directory.Packages.props"]
 
-          path = possible_paths.uniq.
-                 find { |p| dependency_files.find { |f| f.name == p } }
+          path = possible_paths.uniq
+                               .find { |p| dependency_files.find { |f| f.name == p } }
 
           dependency_files.find { |f| f.name == path }
         end

data/lib/dependabot/nuget/file_parser.rb

@@ -1,3 +1,4 @@
+# typed: false
 # frozen_string_literal: true
 
 require "nokogiri"

data/lib/dependabot/nuget/file_updater/packages_config_declaration_finder.rb

@@ -1,3 +1,4 @@
+# typed: false
 # frozen_string_literal: true
 
 require "nokogiri"
@@ -20,8 +21,8 @@ module Dependabot
           @packages_config        = packages_config
           @declaring_requirement  = declaring_requirement
 
-          if declaring_requirement[:file].split("/").last.
-             casecmp("packages.config").zero?
+          if declaring_requirement[:file].split("/").last
+                                         .casecmp("packages.config").zero?
             return
           end
 

data/lib/dependabot/nuget/file_updater/project_file_declaration_finder.rb

@@ -1,3 +1,4 @@
+# typed: false
 # frozen_string_literal: true
 
 require "nokogiri"

data/lib/dependabot/nuget/file_updater/property_value_updater.rb

@@ -1,3 +1,4 @@
+# typed: false
 # frozen_string_literal: true
 
 require "nokogiri"
@@ -17,8 +18,8 @@ module Dependabot
         def update_files_for_property_change(property_name:, updated_value:,
                                              callsite_file:)
           declaration_details =
-            property_value_finder.
-            property_details(
+            property_value_finder
+            .property_details(
               property_name: property_name,
               callsite_file: callsite_file
             )
@@ -47,8 +48,8 @@ module Dependabot
 
         def property_value_finder
           @property_value_finder ||=
-            Nuget::FileParser::PropertyValueFinder.
-            new(dependency_files: dependency_files)
+            Nuget::FileParser::PropertyValueFinder
+            .new(dependency_files: dependency_files)
         end
 
         def update_file(file:, content:)

data/lib/dependabot/nuget/file_updater.rb

@@ -1,3 +1,4 @@
+# typed: false
 # frozen_string_literal: true
 
 require "dependabot/file_updaters"
@@ -72,8 +73,8 @@ module Dependabot
       def update_files_for_dependency(files:, dependency:)
         # The UpdateChecker ensures the order of requirements is preserved
         # when updating, so we can zip them together in new/old pairs.
-        reqs = dependency.requirements.zip(dependency.previous_requirements).
-               reject { |new_req, old_req| new_req == old_req }
+        reqs = dependency.requirements.zip(dependency.previous_requirements)
+                         .reject { |new_req, old_req| new_req == old_req }
 
         # Loop through each changed requirement and update the files
         reqs.each do |new_req, old_req|
@@ -97,9 +98,9 @@ module Dependabot
         files = files.dup
         property_name = req.fetch(:metadata).fetch(:property_name)
 
-        PropertyValueUpdater.
-          new(dependency_files: files).
-          update_files_for_property_change(
+        PropertyValueUpdater
+          .new(dependency_files: files)
+          .update_files_for_property_change(
             property_name: property_name,
             updated_value: req.fetch(:requirement),
             callsite_file: file

data/lib/dependabot/nuget/metadata_finder.rb

@@ -1,3 +1,4 @@
+# typed: false
 # frozen_string_literal: true
 
 require "nokogiri"
@@ -55,10 +56,10 @@ module Dependabot
       end
 
       def extract_search_url(body)
-        JSON.parse(body).
-          fetch("resources", []).
-          find { |r| r.fetch("@type") == "SearchQueryService" }&.
-          fetch("@id")
+        JSON.parse(body)
+            .fetch("resources", [])
+            .find { |r| r.fetch("@type") == "SearchQueryService" }
+          &.fetch("@id")
       end
 
       def extract_source_repo(body)
@@ -80,8 +81,8 @@ module Dependabot
 
       def look_up_source_in_nuspec(nuspec)
         potential_source_urls = [
-          nuspec.at_css("package > metadata > repository")&.
-            attribute("url")&.value,
+          nuspec.at_css("package > metadata > repository")
+            &.attribute("url")&.value,
           nuspec.at_css("package > metadata > repository > url")&.content,
           nuspec.at_css("package > metadata > projectUrl")&.content,
           nuspec.at_css("package > metadata > licenseUrl")&.content
@@ -95,8 +96,8 @@ module Dependabot
 
       def source_from_anywhere_in_nuspec(nuspec)
         github_urls = []
-        nuspec.to_s.force_encoding(Encoding::UTF_8).
-          scan(Source::SOURCE_REGEX) do
+        nuspec.to_s.force_encoding(Encoding::UTF_8)
+              .scan(Source::SOURCE_REGEX) do
           github_urls << Regexp.last_match.to_s
         end
 
@@ -118,15 +119,15 @@ module Dependabot
       end
 
       def dependency_nuspec_url
-        source = dependency.requirements.
-                 find { |r| r&.fetch(:source) }&.fetch(:source)
+        source = dependency.requirements
+                           .find { |r| r&.fetch(:source) }&.fetch(:source)
 
         source.fetch(:nuspec_url) if source&.key?(:nuspec_url)
       end
 
       def dependency_source_url
-        source = dependency.requirements.
-                 find { |r| r&.fetch(:source) }&.fetch(:source)
+        source = dependency.requirements
+                           .find { |r| r&.fetch(:source) }&.fetch(:source)
 
         return unless source
         return source.fetch(:source_url) if source.key?(:source_url)
@@ -136,14 +137,14 @@ module Dependabot
 
       # rubocop:disable Metrics/PerceivedComplexity
       def auth_header
-        source = dependency.requirements.
-                 find { |r| r&.fetch(:source) }&.fetch(:source)
+        source = dependency.requirements
+                           .find { |r| r&.fetch(:source) }&.fetch(:source)
         url = source&.fetch(:url, nil) || source&.fetch("url")
 
-        token = credentials.
-                select { |cred| cred["type"] == "nuget_feed" }.
-                find { |cred| cred["url"] == url }&.
-                fetch("token", nil)
+        token = credentials
+                .select { |cred| cred["type"] == "nuget_feed" }
+                .find { |cred| cred["url"] == url }
+                &.fetch("token", nil)
 
         return {} unless token
 

data/lib/dependabot/nuget/requirement.rb

@@ -1,3 +1,4 @@
+# typed: false
 # frozen_string_literal: true
 
 require "dependabot/utils"
@@ -101,5 +102,5 @@ module Dependabot
   end
 end
 
-Dependabot::Utils.
-  register_requirement_class("nuget", Dependabot::Nuget::Requirement)
+Dependabot::Utils
+  .register_requirement_class("nuget", Dependabot::Nuget::Requirement)

data/lib/dependabot/nuget/update_checker/property_updater.rb

@@ -1,3 +1,4 @@
+# typed: false
 # frozen_string_literal: true
 
 require "dependabot/nuget/file_parser"
@@ -19,8 +20,8 @@ module Dependabot
           @ignored_versions = ignored_versions
           @raise_on_ignored = raise_on_ignored
           @target_version   = target_version_details&.fetch(:version)
-          @source_details   = target_version_details&.
-                              slice(:nuspec_url, :repo_url, :source_url)
+          @source_details   = target_version_details
+                              &.slice(:nuspec_url, :repo_url, :source_url)
         end
 
         def update_possible?
@@ -75,9 +76,9 @@ module Dependabot
         end
 
         def property_name
-          @property_name ||= dependency.requirements.
-                             find { |r| r.dig(:metadata, :property_name) }&.
-                             dig(:metadata, :property_name)
+          @property_name ||= dependency.requirements
+                                       .find { |r| r.dig(:metadata, :property_name) }
+                             &.dig(:metadata, :property_name)
 
           raise "No requirement with a property name!" unless @property_name
 

data/lib/dependabot/nuget/update_checker/repository_finder.rb

@@ -1,3 +1,4 @@
+# typed: false
 # frozen_string_literal: true
 
 require "excon"
@@ -77,25 +78,25 @@ module Dependabot
         end
 
         def base_url_from_v3_metadata(metadata)
-          metadata.
-            fetch("resources", []).
-            find { |r| r.fetch("@type") == "PackageBaseAddress/3.0.0" }&.
-            fetch("@id")
+          metadata
+            .fetch("resources", [])
+            .find { |r| r.fetch("@type") == "PackageBaseAddress/3.0.0" }
+            &.fetch("@id")
         end
 
         def search_url_from_v3_metadata(metadata)
-          metadata.
-            fetch("resources", []).
-            find { |r| r.fetch("@type") == "SearchQueryService" }&.
-            fetch("@id")
+          metadata
+            .fetch("resources", [])
+            .find { |r| r.fetch("@type") == "SearchQueryService" }
+            &.fetch("@id")
         end
 
         def build_v2_url(response, repo_details)
           doc = Nokogiri::XML(response.body)
 
           doc.remove_namespaces!
-          base_url = doc.at_xpath("service")&.attributes&.
-                     fetch("base", nil)&.value
+          base_url = doc.at_xpath("service")&.attributes
+                     &.fetch("base", nil)&.value
 
           base_url ||= repo_details.fetch(:url)
 
@@ -137,9 +138,9 @@ module Dependabot
 
         def credential_repositories
           @credential_repositories ||=
-            credentials.
-            select { |cred| cred["type"] == "nuget_feed" }.
-            map { |c| { url: c.fetch("url"), token: c["token"] } }
+            credentials
+            .select { |cred| cred["type"] == "nuget_feed" }
+            .map { |c| { url: c.fetch("url"), token: c["token"] } }
         end
 
         def config_file_repositories
@@ -226,13 +227,13 @@ module Dependabot
                                   "> #{tag} > add")
 
             username =
-              creds_nodes.
-              find { |n| n.attribute("key")&.value == "Username" }&.
-              attribute("value")&.value
+              creds_nodes
+              .find { |n| n.attribute("key")&.value == "Username" }
+              &.attribute("value")&.value
             password =
-              creds_nodes.
-              find { |n| n.attribute("key")&.value == "ClearTextPassword" }&.
-              attribute("value")&.value
+              creds_nodes
+              .find { |n| n.attribute("key")&.value == "ClearTextPassword" }
+              &.attribute("value")&.value
 
             # NOTE: We have to look for plain text passwords, as we have no
             # way of decrypting encrypted passwords. For the same reason we
@@ -250,9 +251,9 @@ module Dependabot
         # rubocop:enable Metrics/PerceivedComplexity
 
         def remove_wrapping_zero_width_chars(string)
-          string.force_encoding("UTF-8").encode.
-            gsub(/\A[\u200B-\u200D\uFEFF]/, "").
-            gsub(/[\u200B-\u200D\uFEFF]\Z/, "")
+          string.force_encoding("UTF-8").encode
+                .gsub(/\A[\u200B-\u200D\uFEFF]/, "")
+                .gsub(/[\u200B-\u200D\uFEFF]\Z/, "")
         end
 
         def auth_header_for_token(token)

data/lib/dependabot/nuget/update_checker/requirements_updater.rb

@@ -1,3 +1,4 @@
+# typed: false
 # frozen_string_literal: true
 
 #######################################################################

data/lib/dependabot/nuget/update_checker/version_finder.rb

@@ -1,3 +1,4 @@
+# typed: false
 # frozen_string_literal: true
 
 require "excon"
@@ -75,8 +76,8 @@ module Dependabot
           ignored_versions.each do |req|
             ignore_req = requirement_class.new(parse_requirement_string(req))
             filtered =
-              filtered.
-              reject { |v| ignore_req.satisfied_by?(v.fetch(:version)) }
+              filtered
+              .reject { |v| ignore_req.satisfied_by?(v.fetch(:version)) }
           end
 
           if @raise_on_ignored && filter_lower_versions(filtered).empty? &&
@@ -103,13 +104,13 @@ module Dependabot
 
         def available_v3_versions
           v3_nuget_listings.flat_map do |listing|
-            listing.
-              fetch("versions", []).
-              map do |v|
+            listing
+              .fetch("versions", [])
+              .map do |v|
                 listing_details = listing.fetch("listing_details")
-                nuspec_url = listing_details.
-                             fetch(:versions_url, nil)&.
-                  gsub(/index\.json$/, "#{v}/#{sanitized_name}.nuspec")
+                nuspec_url = listing_details
+                             .fetch(:versions_url, nil)
+                  &.gsub(/index\.json$/, "#{v}/#{sanitized_name}.nuspec")
 
                 {
                   version: version_class.new(v),
@@ -133,8 +134,8 @@ module Dependabot
 
               entry_details = dependency_details_from_v2_entry(entry)
               entry_details.merge(
-                repo_url: listing.fetch("listing_details").
-                          fetch(:repository_url)
+                repo_url: listing.fetch("listing_details")
+                          .fetch(:repository_url)
               )
             end
           end
@@ -173,9 +174,9 @@ module Dependabot
             return true if reqs.any?("*-*")
             next unless reqs.any? { |r| r.include?("-") }
 
-            requirement_class.
-              requirements_array(req.fetch(:requirement)).
-              any? do |r|
+            requirement_class
+              .requirements_array(req.fetch(:requirement))
+              .any? do |r|
                 r.requirements.any? { |a| a.last.release == version.release }
               end
           rescue Gem::Requirement::BadRequirementError
@@ -189,9 +190,9 @@ module Dependabot
           return @v3_nuget_listings unless @v3_nuget_listings.nil?
 
           @v3_nuget_listings ||=
-            dependency_urls.
-            select { |details| details.fetch(:repository_type) == "v3" }.
-            filter_map do |url_details|
+            dependency_urls
+            .select { |details| details.fetch(:repository_type) == "v3" }
+            .filter_map do |url_details|
               versions = versions_for_v3_repository(url_details)
               next unless versions
 
@@ -203,10 +204,10 @@ module Dependabot
           return @v2_nuget_listings unless @v2_nuget_listings.nil?
 
           @v2_nuget_listings ||=
-            dependency_urls.
-            select { |details| details.fetch(:repository_type) == "v2" }.
-            flat_map { |url_details| fetch_paginated_v2_nuget_listings(url_details) }.
-            filter_map do |url_details, response|
+            dependency_urls
+            .select { |details| details.fetch(:repository_type) == "v2" }
+            .flat_map { |url_details| fetch_paginated_v2_nuget_listings(url_details) }
+            .filter_map do |url_details, response|
               next unless response.status == 200
 
               {
@@ -277,10 +278,10 @@ module Dependabot
           return unless response.status == 200
 
           body = remove_wrapping_zero_width_chars(response.body)
-          JSON.parse(body).fetch("data").
-            find { |d| d.fetch("id").casecmp(sanitized_name).zero? }&.
-            fetch("versions")&.
-            map { |d| d.fetch("version") }
+          JSON.parse(body).fetch("data")
+              .find { |d| d.fetch("id").casecmp(sanitized_name).zero? }
+            &.fetch("versions")
+            &.map { |d| d.fetch("version") }
         rescue Excon::Error::Timeout, Excon::Error::Socket
           repo_url = repository_details[:repository_url]
           raise if repo_url == RepositoryFinder::DEFAULT_REPOSITORY_URL
@@ -315,9 +316,9 @@ module Dependabot
         end
 
         def remove_wrapping_zero_width_chars(string)
-          string.force_encoding("UTF-8").encode.
-            gsub(/\A[\u200B-\u200D\uFEFF]/, "").
-            gsub(/[\u200B-\u200D\uFEFF]\Z/, "")
+          string.force_encoding("UTF-8").encode
+                .gsub(/\A[\u200B-\u200D\uFEFF]/, "")
+                .gsub(/[\u200B-\u200D\uFEFF]\Z/, "")
         end
 
         def excon_options

data/lib/dependabot/nuget/update_checker.rb

@@ -1,3 +1,4 @@
+# typed: false
 # frozen_string_literal: true
 
 require "dependabot/nuget/file_parser"
@@ -41,8 +42,8 @@ module Dependabot
         RequirementsUpdater.new(
           requirements: dependency.requirements,
           latest_version: preferred_resolvable_version&.to_s,
-          source_details: preferred_version_details&.
-                          slice(:nuspec_url, :repo_url, :source_url)
+          source_details: preferred_version_details
+                          &.slice(:nuspec_url, :repo_url, :source_url)
         ).updated_requirements
       end
 
@@ -132,8 +133,8 @@ module Dependabot
 
       def declarations_using_a_property
         @declarations_using_a_property ||=
-          dependency.requirements.
-          select { |req| req.dig(:metadata, :property_name) }
+          dependency.requirements
+                    .select { |req| req.dig(:metadata, :property_name) }
       end
 
       def all_property_based_dependencies

data/lib/dependabot/nuget/version.rb

@@ -1,3 +1,4 @@
+# typed: false
 # frozen_string_literal: true
 
 require "dependabot/version"
@@ -51,15 +52,15 @@ module Dependabot
       # rubocop:disable Metrics/PerceivedComplexity
       def compare_prerelease_part(other)
         release_str = @version_string.split("-").first || ""
-        prerelease_string = @version_string.
-                            sub(release_str, "").
-                            sub("-", "")
+        prerelease_string = @version_string
+                            .sub(release_str, "")
+                            .sub("-", "")
         prerelease_string = nil if prerelease_string == ""
 
         other_release_str = other.to_s.split("-").first || ""
-        other_prerelease_string = other.to_s.
-                                  sub(other_release_str, "").
-                                  sub("-", "")
+        other_prerelease_string = other.to_s
+                                       .sub(other_release_str, "")
+                                       .sub("-", "")
         other_prerelease_string = nil if other_prerelease_string == ""
 
         return -1 if prerelease_string && !other_prerelease_string

data/lib/dependabot/nuget.rb

@@ -1,3 +1,4 @@
+# typed: false
 # frozen_string_literal: true
 
 # These all need to be required so the various classes can be registered in a
@@ -11,8 +12,8 @@ require "dependabot/nuget/requirement"
 require "dependabot/nuget/version"
 
 require "dependabot/pull_request_creator/labeler"
-Dependabot::PullRequestCreator::Labeler.
-  register_label_details("nuget", name: ".NET", colour: "7121c6")
+Dependabot::PullRequestCreator::Labeler
+  .register_label_details("nuget", name: ".NET", colour: "7121c6")
 
 require "dependabot/dependency"
 Dependabot::Dependency.register_production_check(

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-nuget
 version: !ruby/object:Gem::Version
-  version: 0.230.0
+  version: 0.231.0
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-09-08 00:00:00.000000000 Z
+date: 2023-09-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.230.0
+        version: 0.231.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.230.0
+        version: 0.231.0
 - !ruby/object:Gem::Dependency
   name: debug
   requirement: !ruby/object:Gem::Requirement
@@ -136,6 +136,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 1.19.0
+- !ruby/object:Gem::Dependency
+  name: rubocop-sorbet
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.7.3
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.7.3
 - !ruby/object:Gem::Dependency
   name: stackprof
   requirement: !ruby/object:Gem::Requirement
@@ -213,7 +227,7 @@ licenses:
 - Nonstandard
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.230.0
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.231.0
 post_install_message: 
 rdoc_options: []
 require_paths: