dependabot-pub 0.236.0 → 0.238.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/pub/file_fetcher.rb +7 -2
- data/lib/dependabot/pub/metadata_finder.rb +4 -1
- metadata +21 -7
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 186c0aa77bf1dbe6bc0ebf456d8cb9d5e774ee787cc48ad1884d18285c1492eb
|
|
4
|
+
data.tar.gz: 279ca04029a999dab50241c9eae902ee543af9f72e2603f28d4cc851bef32590
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: df61230a024f390c62dd5a4e54d11a0b88afe6c7f8ca92d250f13453954785e13f5feed0b35dcac506a0371b6032632c77b9475b04dfbfb58a8cf2b7b702d544
|
|
7
|
+
data.tar.gz: 9771f3df0581edc9942d60884e1e1d220658824c0ab0a4419bdca713eaa76102f9133e5df031cc54528a77ea4ce7d6238cdf3984cfa7dd868a9db00f6d391380
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
# typed: true
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
|
+
require "sorbet-runtime"
|
|
4
5
|
require "dependabot/file_fetchers"
|
|
5
6
|
require "dependabot/file_fetchers/base"
|
|
6
7
|
|
|
@@ -9,6 +10,9 @@ require "dependabot/file_fetchers/base"
|
|
|
9
10
|
module Dependabot
|
|
10
11
|
module Pub
|
|
11
12
|
class FileFetcher < Dependabot::FileFetchers::Base
|
|
13
|
+
extend T::Sig
|
|
14
|
+
extend T::Helpers
|
|
15
|
+
|
|
12
16
|
def self.required_files_in?(filenames)
|
|
13
17
|
filenames.include?("pubspec.yaml")
|
|
14
18
|
end
|
|
@@ -17,8 +21,7 @@ module Dependabot
|
|
|
17
21
|
"Repo must contain a pubspec.yaml."
|
|
18
22
|
end
|
|
19
23
|
|
|
20
|
-
|
|
21
|
-
|
|
24
|
+
sig { override.returns(T::Array[DependencyFile]) }
|
|
22
25
|
def fetch_files
|
|
23
26
|
fetched_files = []
|
|
24
27
|
fetched_files << pubspec_yaml
|
|
@@ -33,6 +36,8 @@ module Dependabot
|
|
|
33
36
|
fetched_files.uniq
|
|
34
37
|
end
|
|
35
38
|
|
|
39
|
+
private
|
|
40
|
+
|
|
36
41
|
def pubspec_yaml
|
|
37
42
|
@pubspec_yaml ||= fetch_file_from_host("pubspec.yaml")
|
|
38
43
|
end
|
|
@@ -2,19 +2,22 @@
|
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require "excon"
|
|
5
|
+
require "sorbet-runtime"
|
|
5
6
|
require "dependabot/metadata_finders"
|
|
6
7
|
require "dependabot/metadata_finders/base"
|
|
7
8
|
require "dependabot/registry_client"
|
|
8
9
|
|
|
9
10
|
module Dependabot
|
|
10
11
|
module Pub
|
|
12
|
+
extend T::Sig
|
|
13
|
+
|
|
11
14
|
class MetadataFinder < Dependabot::MetadataFinders::Base
|
|
12
15
|
private
|
|
13
16
|
|
|
14
17
|
def look_up_source
|
|
15
18
|
source = dependency.requirements&.first&.dig(:source)
|
|
16
19
|
if source&.dig("type") == "git"
|
|
17
|
-
result = Source.from_url(source.dig("description", "url"))
|
|
20
|
+
result = T.must(Source.from_url(source.dig("description", "url")))
|
|
18
21
|
result.directory = source.dig("description", "path")
|
|
19
22
|
result.commit = source.dig("description", "resolved-ref")
|
|
20
23
|
return result
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-pub
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.238.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-
|
|
11
|
+
date: 2023-12-07 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.238.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.238.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: webrick
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -108,20 +108,34 @@ dependencies:
|
|
|
108
108
|
- - "~>"
|
|
109
109
|
- !ruby/object:Gem::Version
|
|
110
110
|
version: '1.3'
|
|
111
|
+
- !ruby/object:Gem::Dependency
|
|
112
|
+
name: rspec-sorbet
|
|
113
|
+
requirement: !ruby/object:Gem::Requirement
|
|
114
|
+
requirements:
|
|
115
|
+
- - "~>"
|
|
116
|
+
- !ruby/object:Gem::Version
|
|
117
|
+
version: 1.9.2
|
|
118
|
+
type: :development
|
|
119
|
+
prerelease: false
|
|
120
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
121
|
+
requirements:
|
|
122
|
+
- - "~>"
|
|
123
|
+
- !ruby/object:Gem::Version
|
|
124
|
+
version: 1.9.2
|
|
111
125
|
- !ruby/object:Gem::Dependency
|
|
112
126
|
name: rubocop
|
|
113
127
|
requirement: !ruby/object:Gem::Requirement
|
|
114
128
|
requirements:
|
|
115
129
|
- - "~>"
|
|
116
130
|
- !ruby/object:Gem::Version
|
|
117
|
-
version: 1.
|
|
131
|
+
version: 1.57.2
|
|
118
132
|
type: :development
|
|
119
133
|
prerelease: false
|
|
120
134
|
version_requirements: !ruby/object:Gem::Requirement
|
|
121
135
|
requirements:
|
|
122
136
|
- - "~>"
|
|
123
137
|
- !ruby/object:Gem::Version
|
|
124
|
-
version: 1.
|
|
138
|
+
version: 1.57.2
|
|
125
139
|
- !ruby/object:Gem::Dependency
|
|
126
140
|
name: rubocop-performance
|
|
127
141
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -228,7 +242,7 @@ licenses:
|
|
|
228
242
|
- Nonstandard
|
|
229
243
|
metadata:
|
|
230
244
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
231
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
245
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.238.0
|
|
232
246
|
post_install_message:
|
|
233
247
|
rdoc_options: []
|
|
234
248
|
require_paths:
|