dependabot-pub 0.263.0 → 0.264.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/pub/file_fetcher.rb +7 -3
- data/lib/dependabot/pub/requirement.rb +17 -5
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 0c380e747352c449e86cb2557960c70d94980e45cb38ce52b09e587b77c5ba01
|
|
4
|
+
data.tar.gz: b34e347352e1e6251c129b414a526f9660df5c76ef5fc7e25148c6db043ebf60
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 474510bfcee5004bc2cd792e6208e608b506a985d77878a92478afbf3116b3aaf855f8e352cf1dad0453cbb468a5fe0a64cfeb874e76788e3c3addaf3e7b3eb4
|
|
7
|
+
data.tar.gz: fca0366574c74effb8f7da3e682e61ce2d0045821930dc9c75867ad559516f324e7f175c798a8d4504059406ddb957d5ccf30473d6c0f623af59a9ea6bdb4f43
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# typed:
|
|
1
|
+
# typed: strong
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require "sorbet-runtime"
|
|
@@ -13,10 +13,12 @@ module Dependabot
|
|
|
13
13
|
extend T::Sig
|
|
14
14
|
extend T::Helpers
|
|
15
15
|
|
|
16
|
+
sig { override.params(filenames: T::Array[String]).returns(T::Boolean) }
|
|
16
17
|
def self.required_files_in?(filenames)
|
|
17
18
|
filenames.include?("pubspec.yaml")
|
|
18
19
|
end
|
|
19
20
|
|
|
21
|
+
sig { override.returns(String) }
|
|
20
22
|
def self.required_files_message
|
|
21
23
|
"Repo must contain a pubspec.yaml."
|
|
22
24
|
end
|
|
@@ -38,14 +40,16 @@ module Dependabot
|
|
|
38
40
|
|
|
39
41
|
private
|
|
40
42
|
|
|
43
|
+
sig { returns(DependencyFile) }
|
|
41
44
|
def pubspec_yaml
|
|
42
|
-
@pubspec_yaml ||= fetch_file_from_host("pubspec.yaml")
|
|
45
|
+
@pubspec_yaml ||= T.let(fetch_file_from_host("pubspec.yaml"), T.nilable(Dependabot::DependencyFile))
|
|
43
46
|
end
|
|
44
47
|
|
|
48
|
+
sig { returns(T.nilable(DependencyFile)) }
|
|
45
49
|
def pubspec_lock
|
|
46
50
|
return @pubspec_lock if defined?(@pubspec_lock)
|
|
47
51
|
|
|
48
|
-
@pubspec_lock = fetch_file_if_present("pubspec.lock")
|
|
52
|
+
@pubspec_lock = T.let(fetch_file_if_present("pubspec.lock"), T.nilable(Dependabot::DependencyFile))
|
|
49
53
|
end
|
|
50
54
|
end
|
|
51
55
|
end
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# typed:
|
|
1
|
+
# typed: strict
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
# For details on pub version constraints see:
|
|
@@ -20,11 +20,16 @@ module Dependabot
|
|
|
20
20
|
quoted = OPS.keys.map { |k| Regexp.quote(k) }.join("|")
|
|
21
21
|
version_pattern = Pub::Version::VERSION_PATTERN
|
|
22
22
|
|
|
23
|
-
PATTERN_RAW = "\\s*(#{quoted})?\\s*(#{version_pattern})\\s*".freeze
|
|
23
|
+
PATTERN_RAW = T.let("\\s*(#{quoted})?\\s*(#{version_pattern})\\s*".freeze, String)
|
|
24
24
|
PATTERN = /\A#{PATTERN_RAW}\z/
|
|
25
25
|
|
|
26
26
|
# Use Pub::Version rather than Gem::Version to ensure that
|
|
27
27
|
# pre-release versions aren't transformed.
|
|
28
|
+
sig do
|
|
29
|
+
params(
|
|
30
|
+
obj: T.any(String, Gem::Version, Pub::Version)
|
|
31
|
+
).returns(T::Array[T.any(String, Pub::Version)])
|
|
32
|
+
end
|
|
28
33
|
def self.parse(obj)
|
|
29
34
|
return ["=", Pub::Version.new(obj.to_s)] if obj.is_a?(Gem::Version)
|
|
30
35
|
|
|
@@ -43,9 +48,10 @@ module Dependabot
|
|
|
43
48
|
# contains a single element.
|
|
44
49
|
sig { override.params(requirement_string: T.nilable(String)).returns(T::Array[Requirement]) }
|
|
45
50
|
def self.requirements_array(requirement_string)
|
|
46
|
-
[new(requirement_string)]
|
|
51
|
+
[new(T.must(requirement_string))]
|
|
47
52
|
end
|
|
48
53
|
|
|
54
|
+
sig { params(requirements: T.any(String, T::Array[String]), raw_constraint: T.nilable(String)).void }
|
|
49
55
|
def initialize(*requirements, raw_constraint: nil)
|
|
50
56
|
requirements = requirements.flatten.flat_map do |req_string|
|
|
51
57
|
req_string.split(",").map(&:strip).map do |r|
|
|
@@ -57,6 +63,7 @@ module Dependabot
|
|
|
57
63
|
@raw_constraint = raw_constraint
|
|
58
64
|
end
|
|
59
65
|
|
|
66
|
+
sig { returns(String) }
|
|
60
67
|
def to_s
|
|
61
68
|
if @raw_constraint.nil?
|
|
62
69
|
as_list.join " "
|
|
@@ -67,6 +74,7 @@ module Dependabot
|
|
|
67
74
|
|
|
68
75
|
private
|
|
69
76
|
|
|
77
|
+
sig { params(req_string: String).returns(T.any(String, T::Array[T.nilable(String)])) }
|
|
70
78
|
def convert_dart_constraint_to_ruby_constraint(req_string)
|
|
71
79
|
if req_string.empty? || req_string == "any" then ">= 0"
|
|
72
80
|
elsif req_string.match?(/^~[^>]/) then convert_tilde_req(req_string)
|
|
@@ -77,18 +85,21 @@ module Dependabot
|
|
|
77
85
|
end
|
|
78
86
|
end
|
|
79
87
|
|
|
88
|
+
sig { params(req_string: String).returns(String) }
|
|
80
89
|
def convert_tilde_req(req_string)
|
|
81
90
|
version = req_string.gsub(/^~/, "")
|
|
82
91
|
parts = version.split(".")
|
|
83
92
|
"~> #{parts.join('.')}"
|
|
84
93
|
end
|
|
85
94
|
|
|
95
|
+
sig { params(req_string: String).returns(T::Array[T.nilable(String)]) }
|
|
86
96
|
def convert_range_req(req_string)
|
|
87
97
|
req_string.scan(
|
|
88
98
|
/((?:>|<|=|<=|>=)\s*#{Pub::Version::VERSION_PATTERN})\s*/o
|
|
89
|
-
).map { |x| x[0]
|
|
99
|
+
).map { |x| x[0]&.strip }
|
|
90
100
|
end
|
|
91
101
|
|
|
102
|
+
sig { params(req_string: String).returns(String) }
|
|
92
103
|
def ruby_range(req_string)
|
|
93
104
|
parts = req_string.split(".")
|
|
94
105
|
|
|
@@ -103,6 +114,7 @@ module Dependabot
|
|
|
103
114
|
"~> #{parts.join('.')}"
|
|
104
115
|
end
|
|
105
116
|
|
|
117
|
+
sig { params(req_string: String).returns(T::Array[String]) }
|
|
106
118
|
def convert_caret_req(req_string)
|
|
107
119
|
# Copied from Cargo::Requirement which allows less than 3 components
|
|
108
120
|
# so we could be more strict in the parsing here.
|
|
@@ -112,7 +124,7 @@ module Dependabot
|
|
|
112
124
|
first_non_zero_index =
|
|
113
125
|
first_non_zero ? parts.index(first_non_zero) : parts.count - 1
|
|
114
126
|
upper_bound = parts.map.with_index do |part, i|
|
|
115
|
-
if i < first_non_zero_index then part
|
|
127
|
+
if i < T.must(first_non_zero_index) then part
|
|
116
128
|
elsif i == first_non_zero_index then (part.to_i + 1).to_s
|
|
117
129
|
else
|
|
118
130
|
0
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-pub
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.264.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-
|
|
11
|
+
date: 2024-07-05 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.264.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.264.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -256,7 +256,7 @@ licenses:
|
|
|
256
256
|
- MIT
|
|
257
257
|
metadata:
|
|
258
258
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
259
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
259
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.264.0
|
|
260
260
|
post_install_message:
|
|
261
261
|
rdoc_options: []
|
|
262
262
|
require_paths:
|