dependabot-opentofu 0.381.0 → 0.383.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/opentofu/requirements_updater.rb +19 -13
  3. data/lib/dependabot/opentofu/update_checker.rb +1 -1
  4. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9efa83d2521520806e2c6cd3d6370dc8e1d49b6e68a93d219551dc3f2fa3ded6
4
- data.tar.gz: 7217d56fdd25eb1c25b0b0002cf8422b751319a595c63e44d785f6f0bf22c9f2
3
+ metadata.gz: fc4253cdce3171a37489fb046de7882875e655c15b56732bebf43a754546ab4a
4
+ data.tar.gz: ea6af31292e7683f9a0d5948efe78df36a4cdb1f77589bc86fb2f18e6a6bcb05
5
5
  SHA512:
6
- metadata.gz: 9d8763467a857b853c291d35e6cd778eb6f901f2097c9d1bc1e0e02603b02b1aa0c93d35d4c9afc0ea348f8a8c77d180acabec66e6d3280dc402587ce069ce63
7
- data.tar.gz: 02bbe67e8ebb9bc9385465c5cc68be15d1f410271490d4467338293c53e2fb2d612bd4a27ef87ffbbed1da5225ffba531a369d39a2e19348a4fb4d46edcefa37
6
+ metadata.gz: 7d9d8a564be61e229656b4d3e86a0bd366e07aa2cffdda3e244f067db8f5d2b640c8301cee04362eb60189674a5affe9c148a0408370884771667cd9bd3a7bc7
7
+ data.tar.gz: 3250c78283dbe1f3f045bec1e1be132464038696c9ddf16feab9b5181310a1f8fee05070e33cc9fd8dea179b99baf2ec39ba8e5eae5d26bc46cb13a4a50a6163
data/lib/dependabot/opentofu/requirements_updater.rb CHANGED
@@ -8,6 +8,7 @@
8
8
 
9
9
  require "sorbet-runtime"
10
10
 
11
+ require "dependabot/dependency_requirement"
11
12
  require "dependabot/opentofu/version"
12
13
  require "dependabot/opentofu/requirement"
13
14
 
@@ -50,18 +51,21 @@ module Dependabot
50
51
  class RequirementsUpdater
51
52
  extend T::Sig
52
53
 
53
- # @param requirements [Hash{Symbol => String, Array, Hash}]
54
+ # @param requirements [Array<Dependabot::DependencyRequirement>]
54
55
  # @param latest_version [Dependabot::Opentofu::Version]
55
56
  # @param tag_for_latest_version [String, NilClass]
56
57
  sig do
57
58
  params(
58
- requirements: T::Array[T::Hash[Symbol, T.untyped]],
59
+ requirements: T::Array[Dependabot::DependencyRequirement],
59
60
  latest_version: T.nilable(Dependabot::Version::VersionParameter),
60
61
  tag_for_latest_version: T.nilable(String)
61
62
  ).void
62
63
  end
63
64
  def initialize(requirements:, latest_version:, tag_for_latest_version:)
64
- @requirements = requirements
65
+ @requirements = T.let(
66
+ requirements.map { |req| Dependabot::DependencyRequirement.create(req) },
67
+ T::Array[Dependabot::DependencyRequirement]
68
+ )
65
69
  @tag_for_latest_version = tag_for_latest_version
66
70
 
67
71
  return unless latest_version
@@ -70,12 +74,12 @@ module Dependabot
70
74
  @latest_version = T.let(version_class.new(latest_version), Dependabot::Opentofu::Version)
71
75
  end
72
76
 
73
- # @return requirements [Hash{Symbol => String, Array, Hash}]
77
+ # @return requirements [Array<Dependabot::DependencyRequirement>]
74
78
  # * requirement [String, NilClass] the updated version constraint
75
79
  # * groups [Array] no-op for OpenTofu
76
80
  # * file [String] the file that specified this dependency
77
81
  # * source [Hash{Symbol => String}] The updated git or registry source details
78
- sig { returns(T::Array[T::Hash[Symbol, T.untyped]]) }
82
+ sig { returns(T::Array[Dependabot::DependencyRequirement]) }
79
83
  def updated_requirements
80
84
  # NOTE: Order is important here. The FileUpdater needs the updated
81
85
  # requirement at index `i` to correspond to the previous requirement
@@ -92,7 +96,7 @@ module Dependabot
92
96
 
93
97
  private
94
98
 
95
- sig { returns(T::Array[T::Hash[Symbol, T.untyped]]) }
99
+ sig { returns(T::Array[Dependabot::DependencyRequirement]) }
96
100
  attr_reader :requirements
97
101
 
98
102
  sig { returns(Dependabot::Opentofu::Version) }
@@ -101,15 +105,15 @@ module Dependabot
101
105
  sig { returns(T.nilable(String)) }
102
106
  attr_reader :tag_for_latest_version
103
107
 
104
- sig { params(req: T::Hash[Symbol, T.untyped]).returns(T::Hash[Symbol, T.untyped]) }
108
+ sig { params(req: Dependabot::DependencyRequirement).returns(Dependabot::DependencyRequirement) }
105
109
  def update_git_requirement(req)
106
110
  return req unless req.dig(:source, :ref)
107
111
  return req unless tag_for_latest_version
108
112
 
109
- req.merge(source: req[:source].merge(ref: tag_for_latest_version))
113
+ Dependabot::DependencyRequirement.create(req.merge(source: req[:source].merge(ref: tag_for_latest_version)))
110
114
  end
111
115
 
112
- sig { params(req: T::Hash[Symbol, T.untyped]).returns(T::Hash[Symbol, T.untyped]) }
116
+ sig { params(req: Dependabot::DependencyRequirement).returns(Dependabot::DependencyRequirement) }
113
117
  def update_oci_requirement(req)
114
118
  return req unless defined?(@latest_version) && @latest_version
115
119
  return req if req.dig(:source, :digest)
@@ -118,12 +122,14 @@ module Dependabot
118
122
  new_tag = latest_version.to_s
119
123
  return req if req.dig(:source, :tag) == new_tag
120
124
 
121
- req.merge(
122
- source: req[:source].merge(tag: new_tag, version: new_tag)
125
+ Dependabot::DependencyRequirement.create(
126
+ req.merge(
127
+ source: req[:source].merge(tag: new_tag, version: new_tag)
128
+ )
123
129
  )
124
130
  end
125
131
 
126
- sig { params(req: T::Hash[Symbol, T.untyped]).returns(T::Hash[Symbol, T.untyped]) }
132
+ sig { params(req: Dependabot::DependencyRequirement).returns(Dependabot::DependencyRequirement) }
127
133
  def update_registry_requirement(req)
128
134
  return req if req.fetch(:requirement).nil?
129
135
 
@@ -139,7 +145,7 @@ module Dependabot
139
145
  update_range(string_req).join(", ")
140
146
  end
141
147
 
142
- req.merge(requirement: new_req)
148
+ Dependabot::DependencyRequirement.create(req.merge(requirement: new_req))
143
149
  end
144
150
 
145
151
  # Updates the version in a "~>" constraint to allow the given version
data/lib/dependabot/opentofu/update_checker.rb CHANGED
@@ -46,7 +46,7 @@ module Dependabot
46
46
  nil
47
47
  end
48
48
 
49
- sig { override.returns(T::Array[T::Hash[Symbol, T.untyped]]) }
49
+ sig { override.returns(T::Array[Dependabot::DependencyRequirement]) }
50
50
  def updated_requirements
51
51
  RequirementsUpdater.new(
52
52
  requirements: dependency.requirements,
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-opentofu
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.381.0
4
+ version: 0.383.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
@@ -15,14 +15,14 @@ dependencies:
15
15
  requirements:
16
16
  - - '='
17
17
  - !ruby/object:Gem::Version
18
- version: 0.381.0
18
+ version: 0.383.0
19
19
  type: :runtime
20
20
  prerelease: false
21
21
  version_requirements: !ruby/object:Gem::Requirement
22
22
  requirements:
23
23
  - - '='
24
24
  - !ruby/object:Gem::Version
25
- version: 0.381.0
25
+ version: 0.383.0
26
26
  - !ruby/object:Gem::Dependency
27
27
  name: debug
28
28
  requirement: !ruby/object:Gem::Requirement
@@ -262,7 +262,7 @@ licenses:
262
262
  - MIT
263
263
  metadata:
264
264
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
265
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.381.0
265
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.383.0
266
266
  rdoc_options: []
267
267
  require_paths:
268
268
  - lib