dependabot-pub 0.263.0 → 0.265.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: bb3e8b020709a5af01e82ae675ffb36d5fce01d07746e29b8100f7a6755c88b2
4
- data.tar.gz: 06d7eed27c3f2f3b17a5ca01b0b29461b8157d1389156038d1a9229dd5214fe3
3
+ metadata.gz: 1ff67319598cc88610c0f9d8c4fb72ef2e859d974b953b3a4cf44e7f8363865d
4
+ data.tar.gz: da3645b2454ef5dfd6f592d7dc4c547c97b3fef57681ee87dae7c6f53ee4ff18
5
5
  SHA512:
6
- metadata.gz: 67a4926854e15c9a6c21cbd899b2b769021e11b7b85233d48fa9a7a58a67467fdbe744a5708ca860f34ad5df5f9765327ca391259c0b0bae67595c098ab44679
7
- data.tar.gz: d6a68ce90f75be9b0460184e3ad0d60564827a3823a313991de92346a1f33fb95d23dc8d2ae639d8f73ef0a19342680e1ff71fdb4b3a4edbfd54d1b173086897
6
+ metadata.gz: 70330bcd1086311ef806697e46171556592ba39ad1728729c670395dbf2b8c84e6185e573280457778e8eae4a7cbd9710ffc3f3ec19a25b2d4aca6ad72b9cf50
7
+ data.tar.gz: 3d10cb7afffc04b48a3d1700dfcdcd1ca60d681ecb8b6de173a98a473b4ed55ae9e18d4cd274da8b78aa899c8957f7ab9177f73640321083dcefa6e356efe41f
@@ -1,4 +1,4 @@
1
- # typed: true
1
+ # typed: strong
2
2
  # frozen_string_literal: true
3
3
 
4
4
  require "sorbet-runtime"
@@ -13,10 +13,12 @@ module Dependabot
13
13
  extend T::Sig
14
14
  extend T::Helpers
15
15
 
16
+ sig { override.params(filenames: T::Array[String]).returns(T::Boolean) }
16
17
  def self.required_files_in?(filenames)
17
18
  filenames.include?("pubspec.yaml")
18
19
  end
19
20
 
21
+ sig { override.returns(String) }
20
22
  def self.required_files_message
21
23
  "Repo must contain a pubspec.yaml."
22
24
  end
@@ -38,14 +40,16 @@ module Dependabot
38
40
 
39
41
  private
40
42
 
43
+ sig { returns(DependencyFile) }
41
44
  def pubspec_yaml
42
- @pubspec_yaml ||= fetch_file_from_host("pubspec.yaml")
45
+ @pubspec_yaml ||= T.let(fetch_file_from_host("pubspec.yaml"), T.nilable(Dependabot::DependencyFile))
43
46
  end
44
47
 
48
+ sig { returns(T.nilable(DependencyFile)) }
45
49
  def pubspec_lock
46
50
  return @pubspec_lock if defined?(@pubspec_lock)
47
51
 
48
- @pubspec_lock = fetch_file_if_present("pubspec.lock")
52
+ @pubspec_lock = T.let(fetch_file_if_present("pubspec.lock"), T.nilable(Dependabot::DependencyFile))
49
53
  end
50
54
  end
51
55
  end
@@ -1,4 +1,4 @@
1
- # typed: true
1
+ # typed: strict
2
2
  # frozen_string_literal: true
3
3
 
4
4
  # For details on pub version constraints see:
@@ -20,11 +20,16 @@ module Dependabot
20
20
  quoted = OPS.keys.map { |k| Regexp.quote(k) }.join("|")
21
21
  version_pattern = Pub::Version::VERSION_PATTERN
22
22
 
23
- PATTERN_RAW = "\\s*(#{quoted})?\\s*(#{version_pattern})\\s*".freeze
23
+ PATTERN_RAW = T.let("\\s*(#{quoted})?\\s*(#{version_pattern})\\s*".freeze, String)
24
24
  PATTERN = /\A#{PATTERN_RAW}\z/
25
25
 
26
26
  # Use Pub::Version rather than Gem::Version to ensure that
27
27
  # pre-release versions aren't transformed.
28
+ sig do
29
+ params(
30
+ obj: T.any(String, Gem::Version, Pub::Version)
31
+ ).returns(T::Array[T.any(String, Pub::Version)])
32
+ end
28
33
  def self.parse(obj)
29
34
  return ["=", Pub::Version.new(obj.to_s)] if obj.is_a?(Gem::Version)
30
35
 
@@ -43,9 +48,10 @@ module Dependabot
43
48
  # contains a single element.
44
49
  sig { override.params(requirement_string: T.nilable(String)).returns(T::Array[Requirement]) }
45
50
  def self.requirements_array(requirement_string)
46
- [new(requirement_string)]
51
+ [new(T.must(requirement_string))]
47
52
  end
48
53
 
54
+ sig { params(requirements: T.any(String, T::Array[String]), raw_constraint: T.nilable(String)).void }
49
55
  def initialize(*requirements, raw_constraint: nil)
50
56
  requirements = requirements.flatten.flat_map do |req_string|
51
57
  req_string.split(",").map(&:strip).map do |r|
@@ -57,6 +63,7 @@ module Dependabot
57
63
  @raw_constraint = raw_constraint
58
64
  end
59
65
 
66
+ sig { returns(String) }
60
67
  def to_s
61
68
  if @raw_constraint.nil?
62
69
  as_list.join " "
@@ -67,6 +74,7 @@ module Dependabot
67
74
 
68
75
  private
69
76
 
77
+ sig { params(req_string: String).returns(T.any(String, T::Array[T.nilable(String)])) }
70
78
  def convert_dart_constraint_to_ruby_constraint(req_string)
71
79
  if req_string.empty? || req_string == "any" then ">= 0"
72
80
  elsif req_string.match?(/^~[^>]/) then convert_tilde_req(req_string)
@@ -77,18 +85,21 @@ module Dependabot
77
85
  end
78
86
  end
79
87
 
88
+ sig { params(req_string: String).returns(String) }
80
89
  def convert_tilde_req(req_string)
81
90
  version = req_string.gsub(/^~/, "")
82
91
  parts = version.split(".")
83
92
  "~> #{parts.join('.')}"
84
93
  end
85
94
 
95
+ sig { params(req_string: String).returns(T::Array[T.nilable(String)]) }
86
96
  def convert_range_req(req_string)
87
97
  req_string.scan(
88
98
  /((?:>|<|=|<=|>=)\s*#{Pub::Version::VERSION_PATTERN})\s*/o
89
- ).map { |x| x[0].strip }
99
+ ).map { |x| x[0]&.strip }
90
100
  end
91
101
 
102
+ sig { params(req_string: String).returns(String) }
92
103
  def ruby_range(req_string)
93
104
  parts = req_string.split(".")
94
105
 
@@ -103,6 +114,7 @@ module Dependabot
103
114
  "~> #{parts.join('.')}"
104
115
  end
105
116
 
117
+ sig { params(req_string: String).returns(T::Array[String]) }
106
118
  def convert_caret_req(req_string)
107
119
  # Copied from Cargo::Requirement which allows less than 3 components
108
120
  # so we could be more strict in the parsing here.
@@ -112,7 +124,7 @@ module Dependabot
112
124
  first_non_zero_index =
113
125
  first_non_zero ? parts.index(first_non_zero) : parts.count - 1
114
126
  upper_bound = parts.map.with_index do |part, i|
115
- if i < first_non_zero_index then part
127
+ if i < T.must(first_non_zero_index) then part
116
128
  elsif i == first_non_zero_index then (part.to_i + 1).to_s
117
129
  else
118
130
  0
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-pub
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.263.0
4
+ version: 0.265.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-06-27 00:00:00.000000000 Z
11
+ date: 2024-07-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.263.0
19
+ version: 0.265.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.263.0
26
+ version: 0.265.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -256,7 +256,7 @@ licenses:
256
256
  - MIT
257
257
  metadata:
258
258
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
259
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.263.0
259
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.265.0
260
260
  post_install_message:
261
261
  rdoc_options: []
262
262
  require_paths: