Skip to content

Commit

Permalink
Strong type Dependabot::Version
Browse files Browse the repository at this point in the history
  • Loading branch information
JamieMagee committed Jan 7, 2024
1 parent 389cb8a commit a4a0ad9
Show file tree
Hide file tree
Showing 22 changed files with 179 additions and 42 deletions.
2 changes: 1 addition & 1 deletion Gemfile
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ gemspec path: "swift"
gemspec path: "terraform"

# Sorbet
gem "sorbet", "0.5.11156", group: :development
gem "sorbet", "0.5.11178", group: :development
gem "tapioca", "0.11.14", require: false, group: :development

common_gemspec = File.expand_path("common/dependabot-common.gemspec", __dir__)
Expand Down
22 changes: 11 additions & 11 deletions Gemfile.lock
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ PATH
opentelemetry-sdk (~> 1.3)
parser (>= 2.5, < 4.0)
psych (~> 5.0)
sorbet-runtime (~> 0.5.11026)
sorbet-runtime (~> 0.5.11178)
toml-rb (>= 1.1.2, < 3.0)

PATH
Expand Down Expand Up @@ -207,7 +207,7 @@ GEM
opentelemetry-api (~> 1.0)
parallel (1.24.0)
parseconfig (1.0.8)
parser (3.2.2.4)
parser (3.3.0.1)
ast (~> 2.4.1)
racc
prettier_print (1.2.1)
Expand All @@ -231,14 +231,14 @@ GEM
sawyer (0.9.2)
addressable (>= 2.3.5)
faraday (>= 0.17.3, < 3)
sorbet (0.5.11156)
sorbet-static (= 0.5.11156)
sorbet-runtime (0.5.11156)
sorbet-static (0.5.11156-universal-darwin)
sorbet-static (0.5.11156-x86_64-linux)
sorbet-static-and-runtime (0.5.11156)
sorbet (= 0.5.11156)
sorbet-runtime (= 0.5.11156)
sorbet (0.5.11178)
sorbet-static (= 0.5.11178)
sorbet-runtime (0.5.11178)
sorbet-static (0.5.11178-universal-darwin)
sorbet-static (0.5.11178-x86_64-linux)
sorbet-static-and-runtime (0.5.11178)
sorbet (= 0.5.11178)
sorbet-runtime (= 0.5.11178)
spoom (1.2.4)
erubi (>= 1.10.0)
sorbet-static-and-runtime (>= 0.5.10187)
Expand Down Expand Up @@ -300,7 +300,7 @@ DEPENDENCIES
dependabot-terraform!
gpgme (~> 2.0)
rake (~> 13)
sorbet (= 0.5.11156)
sorbet (= 0.5.11178)
stackprof (~> 0.2.16)
tapioca (= 0.11.14)
webmock (~> 3.18)
Expand Down
2 changes: 1 addition & 1 deletion cargo/lib/dependabot/cargo/requirement.rb
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ def self.parse(obj)

return DefaultRequirement if matches[1] == ">=" && matches[2] == "0"

[matches[1] || "=", Cargo::Version.new(matches[2])]
[matches[1] || "=", Cargo::Version.new(T.must(matches[2]))]
end

# For consistency with other languages, we define a requirements array.
Expand Down
2 changes: 1 addition & 1 deletion common/dependabot-common.gemspec
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ Gem::Specification.new do |spec|
spec.add_dependency "opentelemetry-sdk", "~> 1.3"
spec.add_dependency "parser", ">= 2.5", "< 4.0"
spec.add_dependency "psych", "~> 5.0"
spec.add_dependency "sorbet-runtime", "~> 0.5.11026"
spec.add_dependency "sorbet-runtime", "~> 0.5.11178"
spec.add_dependency "toml-rb", ">= 1.1.2", "< 3.0"

spec.add_development_dependency "debug", "~> 1.8.0"
Expand Down
4 changes: 2 additions & 2 deletions common/lib/dependabot/dependency.rb
Original file line number Diff line number Diff line change
Expand Up @@ -143,7 +143,7 @@ def removed?
def numeric_version
return unless version && version_class.correct?(version)

@numeric_version ||= T.let(version_class.new(version), T.nilable(Dependabot::Version))
@numeric_version ||= T.let(version_class.new(T.must(version)), T.nilable(Dependabot::Version))
end

sig { returns(T::Hash[String, T.untyped]) }
Expand Down Expand Up @@ -300,7 +300,7 @@ def specific_requirements
requirements.select { |r| requirement_class.new(r[:requirement]).specific? }
end

sig { returns(T.class_of(Gem::Requirement)) }
sig { returns(T.class_of(Dependabot::Requirement)) }
def requirement_class
Utils.requirement_class_for_package_manager(package_manager)
end
Expand Down
60 changes: 57 additions & 3 deletions common/lib/dependabot/version.rb
Original file line number Diff line number Diff line change
@@ -1,21 +1,75 @@
# typed: true
# typed: strong
# frozen_string_literal: true

require "sorbet-runtime"

module Dependabot
class Version < Gem::Version
extend T::Sig
extend T::Helpers

abstract!

sig do
override
.overridable
.params(
version: T.any(
String,
Integer,
Float,
Gem::Version,
NilClass
)
)
.void
end
def initialize(version)
@original_version = version
@original_version = T.let(version.to_s, String)

super
T.unsafe(super(version))
end

sig do
override
.overridable
.params(
version: T.any(
String,
Integer,
Float,
Gem::Version,
NilClass
)
)
.returns(Dependabot::Version)
end
def self.new(version)
T.cast(super, Dependabot::Version)
end

# Opt-in to Rubygems 4 behavior
sig do
override
.overridable
.params(
version: T.any(
String,
Integer,
Float,
Gem::Version,
NilClass
)
)
.returns(T::Boolean)
end
def self.correct?(version)
return false if version.nil?

version.to_s.match?(ANCHORED_VERSION_PATTERN)
end

sig { overridable.returns(String) }
def to_semver
@original_version
end
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -205,6 +205,7 @@ def lock_git_dependencies(content)
end

# rubocop:disable Metrics/PerceivedComplexity
# rubocop:disable Metrics/AbcSize
def updated_version_requirement_string
lower_bound =
if requirements_to_unlock == :none
Expand All @@ -218,7 +219,7 @@ def updated_version_requirement_string
.select { |req_string| req_string.match?(VERSION_REGEX) }
.map { |req_string| req_string.match(VERSION_REGEX) }
.select { |version| requirement_valid?(">= #{version}") }
.max_by { |version| Composer::Version.new(version) }
.max_by { |version| Composer::Version.new(version.to_s) }

">= #{version_for_requirement || 0}"
end
Expand All @@ -239,6 +240,7 @@ def updated_version_requirement_string
lower_bound + ", <= #{latest_allowable_version}"
end
# rubocop:enable Metrics/PerceivedComplexity
# rubocop:enable Metrics/AbcSize

# TODO: Extract error handling and share between the lockfile updater
#
Expand Down
2 changes: 1 addition & 1 deletion docker/lib/dependabot/docker/version.rb
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ def self.correct?(version)

release_part, = parsed_version[:version].split("_", 2)
release_part = Tag.new(release_part.chomp(".").chomp("-").chomp("_")).numeric_version || parsed_version
super(release_part)
super(release_part.to_s)
rescue ArgumentError
# if we can't instantiate a version, it can't be correct
false
Expand Down
2 changes: 1 addition & 1 deletion gradle/lib/dependabot/gradle/requirement.rb
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ def self.parse(obj)

return DefaultRequirement if matches[1] == ">=" && matches[2] == "0"

[matches[1] || "=", Gradle::Version.new(matches[2])]
[matches[1] || "=", Gradle::Version.new(T.must(matches[2]))]
end

sig { override.params(requirement_string: T.nilable(String)).returns(T::Array[Requirement]) }
Expand Down
2 changes: 1 addition & 1 deletion hex/lib/dependabot/hex/requirement.rb
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ def self.parse(obj)

return DefaultRequirement if matches[1] == ">=" && matches[2] == "0"

[matches[1] || "=", Hex::Version.new(matches[2])]
[matches[1] || "=", Hex::Version.new(T.must(matches[2]))]
end

def satisfied_by?(version)
Expand Down
2 changes: 1 addition & 1 deletion maven/lib/dependabot/maven/requirement.rb
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ def self.parse(obj)

return DefaultRequirement if matches[1] == ">=" && matches[2] == "0"

[matches[1] || "=", Maven::Version.new(matches[2])]
[matches[1] || "=", Maven::Version.new(T.must(matches[2]))]
end

sig { override.params(requirement_string: T.nilable(String)).returns(T::Array[Requirement]) }
Expand Down
2 changes: 1 addition & 1 deletion npm_and_yarn/lib/dependabot/npm_and_yarn/requirement.rb
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ def self.parse(obj)

return DefaultRequirement if matches[1] == ">=" && matches[2] == "0"

[matches[1] || "=", NpmAndYarn::Version.new(matches[2])]
[matches[1] || "=", NpmAndYarn::Version.new(T.must(matches[2]))]
end

# Returns an array of requirements. At least one requirement from the
Expand Down
54 changes: 48 additions & 6 deletions npm_and_yarn/lib/dependabot/npm_and_yarn/version.rb
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,20 @@ class Version < Dependabot::Version
VERSION_PATTERN = T.let(Gem::Version::VERSION_PATTERN + '(\+[0-9a-zA-Z\-.]+)?', String)
ANCHORED_VERSION_PATTERN = /\A\s*(#{VERSION_PATTERN})?\s*\z/

sig { override.params(version: T.nilable(T.any(String, Gem::Version))).returns(T::Boolean) }
sig do
override
.overridable
.params(
version: T.any(
String,
Integer,
Float,
Gem::Version,
NilClass
)
)
.returns(T::Boolean)
end
def self.correct?(version)
version = version.gsub(/^v/, "") if version.is_a?(String)

Expand All @@ -42,29 +55,58 @@ def self.semver_for(version)
version
end

sig { override.params(version: T.any(String, Gem::Version)).void }
sig do
override
.params(
version: T.any(
String,
Integer,
Float,
Gem::Version,
NilClass
)
)
.void
end
def initialize(version)
@version_string = T.let(version.to_s, String)
version = version.gsub(/^v/, "") if version.is_a?(String)

version, @build_info = version.to_s.split("+") if version.to_s.include?("+")

super
super(T.must(version))
end

sig do
override
.params(
version: T.any(
String,
Integer,
Float,
Gem::Version,
NilClass
)
)
.returns(Dependabot::NpmAndYarn::Version)
end
def self.new(version)
T.cast(super, Dependabot::NpmAndYarn::Version)
end

sig { returns(Integer) }
def major
@major ||= T.let(segments[0] || 0, T.nilable(Integer))
@major ||= T.let(segments[0].to_i, T.nilable(Integer))
end

sig { returns(Integer) }
def minor
@minor ||= T.let(segments[1] || 0, T.nilable(Integer))
@minor ||= T.let(segments[1].to_i, T.nilable(Integer))
end

sig { returns(Integer) }
def patch
@patch ||= T.let(segments[2] || 0, T.nilable(Integer))
@patch ||= T.let(segments[2].to_i, T.nilable(Integer))
end

sig { params(other: Dependabot::NpmAndYarn::Version).returns(T::Boolean) }
Expand Down
2 changes: 1 addition & 1 deletion nuget/lib/dependabot/nuget/requirement.rb
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ def self.parse(obj)

return DefaultRequirement if matches[1] == ">=" && matches[2] == "0"

[matches[1] || "=", Nuget::Version.new(matches[2])]
[matches[1] || "=", Nuget::Version.new(T.must(matches[2]))]
end

# For consistency with other languages, we define a requirements array.
Expand Down
2 changes: 1 addition & 1 deletion pub/lib/dependabot/pub/requirement.rb
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ def self.parse(obj)

return DefaultRequirement if matches[1] == ">=" && matches[2] == "0"

[matches[1] || "=", Pub::Version.new(matches[2])]
[matches[1] || "=", Pub::Version.new(T.must(matches[2]))]
end

# For consistency with other languages, we define a requirements array.
Expand Down
32 changes: 29 additions & 3 deletions pub/lib/dependabot/pub/version.rb
Original file line number Diff line number Diff line change
Expand Up @@ -25,12 +25,25 @@ class Version < Dependabot::Version
sig { returns(String) }
attr_reader :build_info

sig { override.params(version: T.any(String, Gem::Version)).void }
sig do
override
.overridable
.params(
version: T.any(
String,
Integer,
Float,
Gem::Version,
NilClass
)
)
.void
end
def initialize(version)
@version_string = T.let(version.to_s, String)
version, @build_info = version.to_s.split("+") if version.to_s.include?("+")

super
super(T.must(version))
end

sig { override.returns(String) }
Expand All @@ -43,7 +56,20 @@ def inspect # :nodoc:
"#<#{self.class} #{@version_string}>"
end

sig { override.params(version: T.any(String, Gem::Version)).returns(T::Boolean) }
sig do
override
.overridable
.params(
version: T.any(
String,
Integer,
Float,
Gem::Version,
NilClass
)
)
.returns(T::Boolean)
end
def self.correct?(version)
return false if version.nil?

Expand Down
Loading

0 comments on commit a4a0ad9

Please sign in to comment.