diff --git a/.rubocop.yml b/.rubocop.yml index 7ee56eb6077..1d5710b4aa2 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -1,4 +1,6 @@ --- +require: rubocop-performance + AllCops: DisplayCopNames: true Exclude: @@ -122,6 +124,102 @@ Metrics/PerceivedComplexity: Max: 10 Naming/FileName: Enabled: false +Performance/AncestorsInclude: + Enabled: true +Performance/BigDecimalWithNumericArgument: + Enabled: true +Performance/BindCall: + Enabled: true +Performance/BlockGivenWithExplicitBlock: + Enabled: true +Performance/Caller: + Enabled: true +Performance/CaseWhenSplat: + Enabled: true +Performance/Casecmp: + Enabled: true +Performance/ChainArrayAllocation: + Enabled: false +Performance/CollectionLiteralInLoop: + Enabled: true +Performance/CompareWithBlock: + Enabled: true +Performance/ConcurrentMonotonicTime: + Enabled: true +Performance/ConstantRegexp: + Enabled: true +Performance/Count: + Enabled: true +Performance/DeletePrefix: + Enabled: true +Performance/DeleteSuffix: + Enabled: true +Performance/Detect: + Enabled: true +Performance/DoubleStartEndWith: + Enabled: true +Performance/EndWith: + Enabled: true +Performance/FixedSize: + Enabled: true +Performance/FlatMap: + Enabled: true +Performance/InefficientHashSearch: + Enabled: true +Performance/IoReadlines: + Enabled: true +Performance/MapCompact: + Enabled: true +Performance/MethodObjectAsBlock: + Enabled: true +Performance/OpenStruct: + Enabled: false +Performance/RangeInclude: + Enabled: true +Performance/RedundantBlockCall: + Enabled: true +Performance/RedundantEqualityComparisonBlock: + Enabled: true +Performance/RedundantMatch: + Enabled: true +Performance/RedundantMerge: + Enabled: true +Performance/RedundantSortBlock: + Enabled: true +Performance/RedundantSplitRegexpArgument: + Enabled: true +Performance/RedundantStringChars: + Enabled: true +Performance/RegexpMatch: + Enabled: true +Performance/ReverseEach: + Enabled: true +Performance/ReverseFirst: + Enabled: true +Performance/SelectMap: + Enabled: false +Performance/Size: + Enabled: true +Performance/SortReverse: + Enabled: true +Performance/Squeeze: + Enabled: true +Performance/StartWith: + Enabled: true +Performance/StringIdentifierArgument: + Enabled: true +Performance/StringInclude: + Enabled: true +Performance/StringReplacement: + Enabled: true +Performance/Sum: + Enabled: true +Performance/TimesMap: + Enabled: true +Performance/UnfreezeString: + Enabled: true +Performance/UriDefaultParser: + Enabled: true Style/AccessorGrouping: Enabled: false Style/ArgumentsForwarding: @@ -170,6 +268,8 @@ Style/KeywordParametersOrder: Enabled: false Style/MultilineInPatternThen: Enabled: true +Style/MultipleComparison: + Enabled: false Style/NegatedIfElseCondition: Enabled: true Style/NilLambda: diff --git a/bundler/helpers/v1/lib/functions/file_parser.rb b/bundler/helpers/v1/lib/functions/file_parser.rb index cc3c02f7ef9..a0308fc1ad5 100644 --- a/bundler/helpers/v1/lib/functions/file_parser.rb +++ b/bundler/helpers/v1/lib/functions/file_parser.rb @@ -14,13 +14,13 @@ def parsed_gemfile(gemfile_name:) Bundler::Definition.build(gemfile_name, nil, {}). dependencies.select(&:current_platform?). reject { |dep| dep.source.is_a?(Bundler::Source::Gemspec) }. - map(&method(:serialize_bundler_dependency)) + map { |dep| serialize_bundler_dependency(dep) } end def parsed_gemspec(gemspec_name:) Bundler.load_gemspec_uncached(gemspec_name). dependencies. - map(&method(:serialize_bundler_dependency)) + map { |dep| serialize_bundler_dependency(dep) } end private @@ -71,15 +71,17 @@ def git_source_details(source) } end + RUBYGEMS_HOSTS = [ + "rubygems.org", + "www.rubygems.org" + ].freeze + def default_rubygems?(source) return true if source.nil? return false unless source.is_a?(Bundler::Source::Rubygems) source.remotes.any? do |r| - [ - "rubygems.org", - "www.rubygems.org" - ].include?(URI(r.to_s).host) + RUBYGEMS_HOSTS.include?(URI(r.to_s).host) end end diff --git a/bundler/helpers/v1/lib/functions/lockfile_updater.rb b/bundler/helpers/v1/lib/functions/lockfile_updater.rb index 16c76a9b0b2..90075e98906 100644 --- a/bundler/helpers/v1/lib/functions/lockfile_updater.rb +++ b/bundler/helpers/v1/lib/functions/lockfile_updater.rb @@ -160,9 +160,9 @@ def unlock_blocking_subdeps(dependencies_to_unlock, error) potentials_deps = error.cause.conflicts.values. flat_map(&:requirement_trees). - map do |tree| + filter_map do |tree| tree.find { |req| allowed_new_unlocks.include?(req.name) } - end.compact.map(&:name) + end.map(&:name) # If there are specific dependencies we can unlock, unlock them return dependencies_to_unlock.append(*potentials_deps) if potentials_deps.any? diff --git a/bundler/helpers/v1/monkey_patches/fileutils_keyword_splat_patch.rb b/bundler/helpers/v1/monkey_patches/fileutils_keyword_splat_patch.rb index 419f565e6b8..0bc75505bf4 100644 --- a/bundler/helpers/v1/monkey_patches/fileutils_keyword_splat_patch.rb +++ b/bundler/helpers/v1/monkey_patches/fileutils_keyword_splat_patch.rb @@ -11,7 +11,7 @@ def entries opts = {} opts[:encoding] = ::Encoding::UTF_8 if fu_windows? Dir.entries(path, **opts). - reject { |n| [".", ".."].include?(n) }. + reject { |n| n == "." || n == ".." }. map { |n| self.class.new(prefix, join(rel, n.untaint)) } end end diff --git a/bundler/helpers/v2/lib/functions/file_parser.rb b/bundler/helpers/v2/lib/functions/file_parser.rb index 342a70274fd..927f6f9c0f7 100644 --- a/bundler/helpers/v2/lib/functions/file_parser.rb +++ b/bundler/helpers/v2/lib/functions/file_parser.rb @@ -14,13 +14,13 @@ def parsed_gemfile(gemfile_name:) Bundler::Definition.build(gemfile_name, nil, {}). dependencies.select(&:current_platform?). reject { |dep| dep.source.is_a?(Bundler::Source::Gemspec) }. - map(&method(:serialize_bundler_dependency)) + map { |dep| serialize_bundler_dependency(dep) } end def parsed_gemspec(gemspec_name:) Bundler.load_gemspec_uncached(gemspec_name). dependencies. - map(&method(:serialize_bundler_dependency)) + map { |dep| serialize_bundler_dependency(dep) } end private @@ -72,15 +72,17 @@ def git_source_details(source) } end + RUBYGEMS_HOSTS = [ + "rubygems.org", + "www.rubygems.org" + ].freeze + def default_rubygems?(source) return true if source.nil? return false unless source.is_a?(Bundler::Source::Rubygems) source.remotes.any? do |r| - [ - "rubygems.org", - "www.rubygems.org" - ].include?(URI(r.to_s).host) + RUBYGEMS_HOSTS.include?(URI(r.to_s).host) end end diff --git a/bundler/helpers/v2/lib/functions/lockfile_updater.rb b/bundler/helpers/v2/lib/functions/lockfile_updater.rb index bb69cf7f095..523410178f6 100644 --- a/bundler/helpers/v2/lib/functions/lockfile_updater.rb +++ b/bundler/helpers/v2/lib/functions/lockfile_updater.rb @@ -161,9 +161,9 @@ def unlock_blocking_subdeps(dependencies_to_unlock, error) potentials_deps = error.cause.conflicts.values. flat_map(&:requirement_trees). - map do |tree| + filter_map do |tree| tree.find { |req| allowed_new_unlocks.include?(req.name) } - end.compact.map(&:name) + end.map(&:name) # If there are specific dependencies we can unlock, unlock them return dependencies_to_unlock.append(*potentials_deps) if potentials_deps.any? diff --git a/bundler/helpers/v2/monkey_patches/git_source_patch.rb b/bundler/helpers/v2/monkey_patches/git_source_patch.rb index 5c229bc2215..1b8c5df7179 100644 --- a/bundler/helpers/v2/monkey_patches/git_source_patch.rb +++ b/bundler/helpers/v2/monkey_patches/git_source_patch.rb @@ -13,7 +13,7 @@ class GitProxy # Instead, we convert all `git@github.com:` URLs to use HTTPS. def configured_uri_for(uri) uri = uri.gsub(%r{git@(.*?):/?}, 'https://\1/') - if /https?:/ =~ uri + if /https?:/.match?(uri) remote = Bundler::URI(uri) config_auth = Bundler.settings[remote.to_s] || Bundler.settings[remote.host] remote.userinfo ||= config_auth diff --git a/bundler/helpers/v2/spec/functions_spec.rb b/bundler/helpers/v2/spec/functions_spec.rb index 130bd3a6aa7..0b01398b8ef 100644 --- a/bundler/helpers/v2/spec/functions_spec.rb +++ b/bundler/helpers/v2/spec/functions_spec.rb @@ -38,7 +38,7 @@ def expect_specs(count) expect(git_specs.size).to eq(count) git_specs.each do |gs| uri = URI.parse(gs[:auth_uri]) - expect(uri.scheme).to(satisfy { |s| %w(http https).include?(s) }) + expect(uri.scheme).to(satisfy { |s| s.match?(/https?/o) }) end end diff --git a/bundler/lib/dependabot/bundler/file_updater/gemfile_updater.rb b/bundler/lib/dependabot/bundler/file_updater/gemfile_updater.rb index 66cb237fb21..327a94fc374 100644 --- a/bundler/lib/dependabot/bundler/file_updater/gemfile_updater.rb +++ b/bundler/lib/dependabot/bundler/file_updater/gemfile_updater.rb @@ -6,6 +6,8 @@ module Dependabot module Bundler class FileUpdater class GemfileUpdater + GEMFILE_FILENAMES = %w(Gemfile gems.rb).freeze + require_relative "git_pin_replacer" require_relative "git_source_remover" require_relative "requirement_replacer" @@ -68,13 +70,13 @@ def requirement_changed?(file, dependency) def remove_git_source?(dependency) old_gemfile_req = dependency.previous_requirements. - find { |f| %w(Gemfile gems.rb).include?(f[:file]) } + find { |f| GEMFILE_FILENAMES.include?(f[:file]) } return false unless old_gemfile_req&.dig(:source, :type) == "git" new_gemfile_req = dependency.requirements. - find { |f| %w(Gemfile gems.rb).include?(f[:file]) } + find { |f| GEMFILE_FILENAMES.include?(f[:file]) } new_gemfile_req[:source].nil? end @@ -82,7 +84,7 @@ def remove_git_source?(dependency) def update_git_pin?(dependency) new_gemfile_req = dependency.requirements. - find { |f| %w(Gemfile gems.rb).include?(f[:file]) } + find { |f| GEMFILE_FILENAMES.include?(f[:file]) } return false unless new_gemfile_req&.dig(:source, :type) == "git" # If the new requirement is a git dependency with a ref then there's diff --git a/bundler/lib/dependabot/bundler/metadata_finder.rb b/bundler/lib/dependabot/bundler/metadata_finder.rb index 26da84b2c2b..357f7304731 100644 --- a/bundler/lib/dependabot/bundler/metadata_finder.rb +++ b/bundler/lib/dependabot/bundler/metadata_finder.rb @@ -76,7 +76,7 @@ def find_source_from_rubygems_api_response end def find_source_from_git_url - info = dependency.requirements.map { |r| r[:source] }.compact.first + info = dependency.requirements.filter_map { |r| r[:source] }.first url = info[:url] || info.fetch("url") Source.from_url(url) @@ -198,7 +198,7 @@ def augment_private_response_if_appropriate(response_body) def registry_url return "https://rubygems.org/" if new_source_type == "default" - info = dependency.requirements.map { |r| r[:source] }.compact.first + info = dependency.requirements.filter_map { |r| r[:source] }.first info[:url] || info.fetch("url") end diff --git a/bundler/lib/dependabot/bundler/update_checker/force_updater.rb b/bundler/lib/dependabot/bundler/update_checker/force_updater.rb index f0252957f75..c14558c41d9 100644 --- a/bundler/lib/dependabot/bundler/update_checker/force_updater.rb +++ b/bundler/lib/dependabot/bundler/update_checker/force_updater.rb @@ -85,7 +85,7 @@ def dependencies_from(updated_deps, specs) # # This is kind of a bug in Bundler, and we should try to fix it, # but resolving it won't necessarily be easy. - updated_deps.map do |dep| + updated_deps.filter_map do |dep| original_dep = original_dependencies.find { |d| d.name == dep.fetch("name") } spec = specs.find { |d| d.fetch("name") == dep.fetch("name") } @@ -93,7 +93,7 @@ def dependencies_from(updated_deps, specs) next if spec.fetch("version") == original_dep.version build_dependency(original_dep, spec) - end.compact + end end def build_dependency(original_dep, updated_spec) diff --git a/bundler/lib/dependabot/bundler/update_checker/requirements_updater.rb b/bundler/lib/dependabot/bundler/update_checker/requirements_updater.rb index b3d168940c9..9ae4bd1e051 100644 --- a/bundler/lib/dependabot/bundler/update_checker/requirements_updater.rb +++ b/bundler/lib/dependabot/bundler/update_checker/requirements_updater.rb @@ -28,7 +28,7 @@ def initialize(requirements:, update_strategy:, updated_source:, def updated_requirements requirements.map do |req| - if req[:file].match?(/\.gemspec/) + if req[:file].include?(".gemspec") update_gemspec_requirement(req) else # If a requirement doesn't come from a gemspec, it must be from diff --git a/bundler/lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb b/bundler/lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb index d70edd00db9..c4f9b280121 100644 --- a/bundler/lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb +++ b/bundler/lib/dependabot/bundler/update_checker/shared_bundler_helpers.rb @@ -181,7 +181,7 @@ def inaccessible_git_dependencies ) git_specs.reject do |spec| uri = URI.parse(spec.fetch("auth_uri")) - next false unless %w(http https).include?(uri.scheme) + next false unless uri.scheme&.match?(/https?/o) Dependabot::RegistryClient.get( url: uri.to_s diff --git a/bundler/spec/dependabot/bundler/file_parser_spec.rb b/bundler/spec/dependabot/bundler/file_parser_spec.rb index 2be47e85dea..02ae05d8347 100644 --- a/bundler/spec/dependabot/bundler/file_parser_spec.rb +++ b/bundler/spec/dependabot/bundler/file_parser_spec.rb @@ -555,11 +555,11 @@ let(:dependency_files) { bundler_project_dependency_files("imports_gemspec_imports_gemspec_large") } it "includes details of each declaration" do - expect(dependencies.select(&:top_level?).count).to eq(13) + expect(dependencies.count(&:top_level?)).to eq(13) end it "includes details of each sub-dependency" do - expect(dependencies.reject(&:top_level?).count).to eq(23) + expect(dependencies.count { |dep| !dep.top_level? }).to eq(23) diff_lcs = dependencies.find { |d| d.name == "diff-lcs" } expect(diff_lcs.subdependency_metadata).to eq([{ production: false }]) @@ -607,7 +607,7 @@ let(:dependency_files) { bundler_project_dependency_files("imports_gemspec_with_require") } it "includes details of each declaration" do - expect(dependencies.select(&:top_level?).count).to eq(13) + expect(dependencies.count(&:top_level?)).to eq(13) end end diff --git a/cargo/lib/dependabot/cargo/metadata_finder.rb b/cargo/lib/dependabot/cargo/metadata_finder.rb index a2e885cf970..0d6ac9940ad 100644 --- a/cargo/lib/dependabot/cargo/metadata_finder.rb +++ b/cargo/lib/dependabot/cargo/metadata_finder.rb @@ -33,15 +33,14 @@ def new_source_type def find_source_from_crates_listing potential_source_urls = SOURCE_KEYS. - map { |key| crates_listing.dig("crate", key) }. - compact + filter_map { |key| crates_listing.dig("crate", key) } source_url = potential_source_urls.find { |url| Source.from_url(url) } Source.from_url(source_url) end def find_source_from_git_url - info = dependency.requirements.map { |r| r[:source] }.compact.first + info = dependency.requirements.filter_map { |r| r[:source] }.first url = info[:url] || info.fetch("url") Source.from_url(url) diff --git a/cargo/lib/dependabot/cargo/update_checker/file_preparer.rb b/cargo/lib/dependabot/cargo/update_checker/file_preparer.rb index a3610c1e552..6f29dc86483 100644 --- a/cargo/lib/dependabot/cargo/update_checker/file_preparer.rb +++ b/cargo/lib/dependabot/cargo/update_checker/file_preparer.rb @@ -206,8 +206,7 @@ def lower_bound_version dependency.version else version_from_requirement = - dependency.requirements.map { |r| r.fetch(:requirement) }. - compact. + dependency.requirements.filter_map { |r| r.fetch(:requirement) }. flat_map { |req_str| Cargo::Requirement.new(req_str) }. flat_map(&:requirements). reject { |req_array| req_array.first.start_with?("<") }. diff --git a/cargo/spec/dependabot/cargo/file_parser_spec.rb b/cargo/spec/dependabot/cargo/file_parser_spec.rb index ad176930e44..d1b3676b76b 100644 --- a/cargo/spec/dependabot/cargo/file_parser_spec.rb +++ b/cargo/spec/dependabot/cargo/file_parser_spec.rb @@ -732,7 +732,7 @@ let(:lockfile_fixture_name) { "feature_dependency" } describe "the first dependency" do - subject(:dependency) { dependencies.select(&:top_level?).first } + subject(:dependency) { dependencies.find(&:top_level?) } it "has the right details" do expect(dependency).to be_a(Dependabot::Dependency) @@ -753,7 +753,7 @@ let(:manifest_fixture_name) { "feature_dependency_no_version" } describe "the first dependency" do - subject(:dependency) { dependencies.select(&:top_level?).first } + subject(:dependency) { dependencies.find(&:top_level?) } it "has the right details" do expect(dependency).to be_a(Dependabot::Dependency) diff --git a/common/dependabot-common.gemspec b/common/dependabot-common.gemspec index d3f337b0635..0bd74988bc8 100644 --- a/common/dependabot-common.gemspec +++ b/common/dependabot-common.gemspec @@ -44,6 +44,7 @@ Gem::Specification.new do |spec| spec.add_development_dependency "rspec", "~> 3.8" spec.add_development_dependency "rspec-its", "~> 1.2" spec.add_development_dependency "rubocop", "~> 1.35.1" + spec.add_development_dependency "rubocop-performance", "~> 1.14.2" spec.add_development_dependency "ruby-debug-ide", "~> 0.7.3" spec.add_development_dependency "simplecov", "~> 0.21.0" spec.add_development_dependency "simplecov-console", "~> 0.9.1" diff --git a/common/lib/dependabot/clients/azure.rb b/common/lib/dependabot/clients/azure.rb index ac876b19291..b6904bab2f6 100644 --- a/common/lib/dependabot/clients/azure.rb +++ b/common/lib/dependabot/clients/azure.rb @@ -310,7 +310,7 @@ def truncate_pr_description(pr_description) # https://developercommunity.visualstudio.com/content/problem/608770/remove-4000-character-limit-on-pull-request-descri.html pr_description = pr_description.dup.force_encoding(Encoding::UTF_16) if pr_description.length > MAX_PR_DESCRIPTION_LENGTH - truncated_msg = "...\n\n_Description has been truncated_".dup.force_encoding(Encoding::UTF_16) + truncated_msg = (+"...\n\n_Description has been truncated_").force_encoding(Encoding::UTF_16) truncate_length = MAX_PR_DESCRIPTION_LENGTH - truncated_msg.length pr_description = (pr_description[0..truncate_length] + truncated_msg) end diff --git a/common/lib/dependabot/config/ignore_condition.rb b/common/lib/dependabot/config/ignore_condition.rb index aaf0fe68314..29f9f52d3f6 100644 --- a/common/lib/dependabot/config/ignore_condition.rb +++ b/common/lib/dependabot/config/ignore_condition.rb @@ -28,7 +28,7 @@ def ignored_versions(dependency, security_updates_only) private def transformed_update_types - update_types.map(&:downcase).map(&:strip).compact + update_types.map(&:downcase).filter_map(&:strip) end def versions_by_type(dependency) diff --git a/common/lib/dependabot/dependency.rb b/common/lib/dependabot/dependency.rb index 0ada3266a0d..d1e773b11ab 100644 --- a/common/lib/dependabot/dependency.rb +++ b/common/lib/dependabot/dependency.rb @@ -120,9 +120,7 @@ def eql?(other) private def check_values - if [version, previous_version].any? { |v| v == "" } - raise ArgumentError, "blank strings must not be provided as versions" - end + raise ArgumentError, "blank strings must not be provided as versions" if [version, previous_version].any?("") check_requirement_fields check_subdependency_metadata @@ -130,8 +128,8 @@ def check_values def check_requirement_fields requirement_fields = [requirements, previous_requirements].compact - unless requirement_fields.all? { |r| r.is_a?(Array) } && - requirement_fields.flatten.all? { |r| r.is_a?(Hash) } + unless requirement_fields.all?(Array) && + requirement_fields.flatten.all?(Hash) raise ArgumentError, "requirements must be an array of hashes" end @@ -154,7 +152,7 @@ def check_subdependency_metadata return unless subdependency_metadata unless subdependency_metadata.is_a?(Array) && - subdependency_metadata.all? { |r| r.is_a?(Hash) } + subdependency_metadata.all?(Hash) raise ArgumentError, "subdependency_metadata must be an array of hashes" end end diff --git a/common/lib/dependabot/file_fetchers/base.rb b/common/lib/dependabot/file_fetchers/base.rb index 7ffe49ee8cd..024f66a3475 100644 --- a/common/lib/dependabot/file_fetchers/base.rb +++ b/common/lib/dependabot/file_fetchers/base.rb @@ -233,8 +233,8 @@ def _cloned_repo_contents(relative_path) repo_path = File.join(clone_repo_contents, relative_path) return [] unless Dir.exist?(repo_path) - Dir.entries(repo_path).map do |name| - next if [".", ".."].include?(name) + Dir.entries(repo_path).filter_map do |name| + next if name == "." || name == ".." absolute_path = File.join(repo_path, name) type = if File.symlink?(absolute_path) @@ -251,7 +251,7 @@ def _cloned_repo_contents(relative_path) type: type, size: 0 # NOTE: added for parity with github contents API ) - end.compact + end end def update_linked_paths(repo, path, commit, github_response) diff --git a/common/lib/dependabot/file_parsers/base/dependency_set.rb b/common/lib/dependabot/file_parsers/base/dependency_set.rb index c59ea05b20c..9d199942750 100644 --- a/common/lib/dependabot/file_parsers/base/dependency_set.rb +++ b/common/lib/dependabot/file_parsers/base/dependency_set.rb @@ -10,7 +10,7 @@ class Base class DependencySet def initialize(dependencies = [], case_sensitive: false) unless dependencies.is_a?(Array) && - dependencies.all? { |dep| dep.is_a?(Dependency) } + dependencies.all?(Dependency) raise ArgumentError, "must be an array of Dependency objects" end diff --git a/common/lib/dependabot/file_updaters/vendor_updater.rb b/common/lib/dependabot/file_updaters/vendor_updater.rb index 6e72dcb0b22..b108940371b 100644 --- a/common/lib/dependabot/file_updaters/vendor_updater.rb +++ b/common/lib/dependabot/file_updaters/vendor_updater.rb @@ -18,7 +18,9 @@ def updated_vendor_cache_files(base_directory:) return [] unless repo_contents_path && vendor_dir Dir.chdir(repo_contents_path) do + # rubocop:disable Performance/DeletePrefix relative_dir = Pathname.new(base_directory).sub(%r{\A/}, "").join(vendor_dir) + # rubocop:enable Performance/DeletePrefix status = SharedHelpers.run_shell_command( "git status --untracked-files all --porcelain v1 #{relative_dir}" diff --git a/common/lib/dependabot/metadata_finders/base/changelog_finder.rb b/common/lib/dependabot/metadata_finders/base/changelog_finder.rb index 481b304bc33..e3322791302 100644 --- a/common/lib/dependabot/metadata_finders/base/changelog_finder.rb +++ b/common/lib/dependabot/metadata_finders/base/changelog_finder.rb @@ -239,7 +239,7 @@ def fetch_github_file_list(ref) files += github_client.contents(source.repo, opts) files.uniq.each do |f| - next unless %w(doc docs).include?(f.name) && f.type == "dir" + next unless f.type == "dir" && f.name.match?(/docs?/o) opts = { path: f.path, ref: ref }.compact files += github_client.contents(source.repo, opts) @@ -300,16 +300,16 @@ def new_version end def previous_ref - previous_refs = dependency.previous_requirements.map do |r| + previous_refs = dependency.previous_requirements.filter_map do |r| r.dig(:source, "ref") || r.dig(:source, :ref) - end.compact.uniq + end.uniq return previous_refs.first if previous_refs.count == 1 end def new_ref - new_refs = dependency.requirements.map do |r| + new_refs = dependency.requirements.filter_map do |r| r.dig(:source, "ref") || r.dig(:source, :ref) - end.compact.uniq + end.uniq return new_refs.first if new_refs.count == 1 end diff --git a/common/lib/dependabot/metadata_finders/base/changelog_pruner.rb b/common/lib/dependabot/metadata_finders/base/changelog_pruner.rb index 1039b2d8f17..1c6a1de007c 100644 --- a/common/lib/dependabot/metadata_finders/base/changelog_pruner.rb +++ b/common/lib/dependabot/metadata_finders/base/changelog_pruner.rb @@ -137,16 +137,16 @@ def new_version end def previous_ref - previous_refs = dependency.previous_requirements.map do |r| + previous_refs = dependency.previous_requirements.filter_map do |r| r.dig(:source, "ref") || r.dig(:source, :ref) - end.compact.uniq + end.uniq return previous_refs.first if previous_refs.count == 1 end def new_ref - new_refs = dependency.requirements.map do |r| + new_refs = dependency.requirements.filter_map do |r| r.dig(:source, "ref") || r.dig(:source, :ref) - end.compact.uniq + end.uniq return new_refs.first if new_refs.count == 1 end diff --git a/common/lib/dependabot/metadata_finders/base/commits_finder.rb b/common/lib/dependabot/metadata_finders/base/commits_finder.rb index b7e5c0059fb..fed88a55f77 100644 --- a/common/lib/dependabot/metadata_finders/base/commits_finder.rb +++ b/common/lib/dependabot/metadata_finders/base/commits_finder.rb @@ -136,18 +136,18 @@ def ref_changed? def previous_ref return unless git_source?(dependency.previous_requirements) - previous_refs = dependency.previous_requirements.map do |r| + previous_refs = dependency.previous_requirements.filter_map do |r| r.dig(:source, "ref") || r.dig(:source, :ref) - end.compact.uniq + end.uniq return previous_refs.first if previous_refs.count == 1 end def new_ref return unless git_source?(dependency.previous_requirements) - new_refs = dependency.requirements.map do |r| + new_refs = dependency.requirements.filter_map do |r| r.dig(:source, "ref") || r.dig(:source, :ref) - end.compact.uniq + end.uniq return new_refs.first if new_refs.count == 1 end diff --git a/common/lib/dependabot/metadata_finders/base/release_finder.rb b/common/lib/dependabot/metadata_finders/base/release_finder.rb index 58d6ac54ad5..01d31f69385 100644 --- a/common/lib/dependabot/metadata_finders/base/release_finder.rb +++ b/common/lib/dependabot/metadata_finders/base/release_finder.rb @@ -275,16 +275,16 @@ def new_version end def previous_ref - previous_refs = dependency.previous_requirements.map do |r| + previous_refs = dependency.previous_requirements.filter_map do |r| r.dig(:source, "ref") || r.dig(:source, :ref) - end.compact.uniq + end.uniq return previous_refs.first if previous_refs.count == 1 end def new_ref - new_refs = dependency.requirements.map do |r| + new_refs = dependency.requirements.filter_map do |r| r.dig(:source, "ref") || r.dig(:source, :ref) - end.compact.uniq + end.uniq return new_refs.first if new_refs.count == 1 end diff --git a/common/lib/dependabot/pull_request_creator/branch_namer.rb b/common/lib/dependabot/pull_request_creator/branch_namer.rb index 713266aae65..503bd05d1a6 100644 --- a/common/lib/dependabot/pull_request_creator/branch_namer.rb +++ b/common/lib/dependabot/pull_request_creator/branch_namer.rb @@ -127,24 +127,24 @@ def new_version(dependency) elsif dependency.version == dependency.previous_version && package_manager == "docker" dependency.requirements. - map { |r| r.dig(:source, "digest") || r.dig(:source, :digest) }. - compact.first.split(":").last[0..6] + filter_map { |r| r.dig(:source, "digest") || r.dig(:source, :digest) }. + first.split(":").last[0..6] else dependency.version end end def previous_ref(dependency) - previous_refs = dependency.previous_requirements.map do |r| + previous_refs = dependency.previous_requirements.filter_map do |r| r.dig(:source, "ref") || r.dig(:source, :ref) - end.compact.uniq + end.uniq return previous_refs.first if previous_refs.count == 1 end def new_ref(dependency) - new_refs = dependency.requirements.map do |r| + new_refs = dependency.requirements.filter_map do |r| r.dig(:source, "ref") || r.dig(:source, :ref) - end.compact.uniq + end.uniq return new_refs.first if new_refs.count == 1 end @@ -185,11 +185,7 @@ def sanitize_ref(ref) # Remove forbidden characters (those not already replaced elsewhere) gsub(%r{[^A-Za-z0-9/\-_.(){}]}, ""). # Slashes can't be followed by periods - gsub(%r{/\.}, "/dot-"). - # Two or more sequential periods are forbidden - gsub(/\.+/, "."). - # Two or more sequential slashes are forbidden - gsub(%r{/+}, "/"). + gsub(%r{/\.}, "/dot-").squeeze(".").squeeze("/"). # Trailing periods are forbidden sub(/\.$/, "") end diff --git a/common/lib/dependabot/pull_request_creator/labeler.rb b/common/lib/dependabot/pull_request_creator/labeler.rb index e78a05ab886..96c020ca7d0 100644 --- a/common/lib/dependabot/pull_request_creator/labeler.rb +++ b/common/lib/dependabot/pull_request_creator/labeler.rb @@ -105,7 +105,9 @@ def precision new_version_parts = version(dep).split(/[.+]/) old_version_parts = previous_version(dep)&.split(/[.+]/) || [] all_parts = new_version_parts.first(3) + old_version_parts.first(3) + # rubocop:disable Performance/RedundantEqualityComparisonBlock next 0 unless all_parts.all? { |part| part.to_i.to_s == part } + # rubocop:enable Performance/RedundantEqualityComparisonBlock next 1 if new_version_parts[0] != old_version_parts[0] next 2 if new_version_parts[1] != old_version_parts[1] diff --git a/common/lib/dependabot/pull_request_creator/message_builder.rb b/common/lib/dependabot/pull_request_creator/message_builder.rb index 702911ab768..51004e8976a 100644 --- a/common/lib/dependabot/pull_request_creator/message_builder.rb +++ b/common/lib/dependabot/pull_request_creator/message_builder.rb @@ -427,21 +427,21 @@ def new_version(dependency) def docker_digest_from_reqs(requirements) requirements. - map { |r| r.dig(:source, "digest") || r.dig(:source, :digest) }. - compact.first + filter_map { |r| r.dig(:source, "digest") || r.dig(:source, :digest) }. + first end def previous_ref(dependency) - previous_refs = dependency.previous_requirements.map do |r| + previous_refs = dependency.previous_requirements.filter_map do |r| r.dig(:source, "ref") || r.dig(:source, :ref) - end.compact.uniq + end.uniq return previous_refs.first if previous_refs.count == 1 end def new_ref(dependency) - new_refs = dependency.requirements.map do |r| + new_refs = dependency.requirements.filter_map do |r| r.dig(:source, "ref") || r.dig(:source, :ref) - end.compact.uniq + end.uniq return new_refs.first if new_refs.count == 1 end diff --git a/common/lib/dependabot/pull_request_creator/message_builder/metadata_presenter.rb b/common/lib/dependabot/pull_request_creator/message_builder/metadata_presenter.rb index e8f695bc8ca..21dba15674c 100644 --- a/common/lib/dependabot/pull_request_creator/message_builder/metadata_presenter.rb +++ b/common/lib/dependabot/pull_request_creator/message_builder/metadata_presenter.rb @@ -112,7 +112,7 @@ def commits_cascade msg = "" - commits.reverse.first(10).each do |commit| + commits.last(10).reverse_each do |commit| title = commit[:message].strip.split("\n").first title = title.slice(0..76) + "..." if title && title.length > 80 title = title&.gsub(/(?<=[^\w.-])([_*`~])/, '\\1') diff --git a/common/lib/dependabot/pull_request_creator/pr_name_prefixer.rb b/common/lib/dependabot/pull_request_creator/pr_name_prefixer.rb index 5b73b6e8167..6b2cea79585 100644 --- a/common/lib/dependabot/pull_request_creator/pr_name_prefixer.rb +++ b/common/lib/dependabot/pull_request_creator/pr_name_prefixer.rb @@ -280,8 +280,7 @@ def recent_github_commit_messages reject { |c| c.author&.type == "Bot" }. reject { |c| c.commit&.message&.start_with?("Merge") }. map(&:commit). - map(&:message). - compact. + filter_map(&:message). map(&:strip) end @@ -292,8 +291,7 @@ def recent_gitlab_commit_messages @recent_gitlab_commit_messages. reject { |c| c.author_email == dependabot_email }. reject { |c| c.message&.start_with?("merge !") }. - map(&:message). - compact. + filter_map(&:message). map(&:strip) end @@ -304,8 +302,7 @@ def recent_azure_commit_messages @recent_azure_commit_messages. reject { |c| azure_commit_author_email(c) == dependabot_email }. reject { |c| c.fetch("comment")&.start_with?("Merge") }. - map { |c| c.fetch("comment") }. - compact. + filter_map { |c| c.fetch("comment") }. map(&:strip) end @@ -315,8 +312,7 @@ def recent_bitbucket_commit_messages @recent_bitbucket_commit_messages. reject { |c| bitbucket_commit_author_email(c) == dependabot_email }. - map { |c| c.fetch("message", nil) }. - compact. + filter_map { |c| c.fetch("message", nil) }. reject { |m| m.start_with?("Merge") }. map(&:strip) end @@ -327,8 +323,7 @@ def recent_codecommit_commit_messages @recent_codecommit_commit_messages.commits. reject { |c| c.author.email == dependabot_email }. reject { |c| c.message&.start_with?("Merge") }. - map(&:message). - compact. + filter_map(&:message). map(&:strip) end diff --git a/common/lib/dependabot/pull_request_updater/github.rb b/common/lib/dependabot/pull_request_updater/github.rb index 9f3316d0495..d8e79b55065 100644 --- a/common/lib/dependabot/pull_request_updater/github.rb +++ b/common/lib/dependabot/pull_request_updater/github.rb @@ -173,7 +173,7 @@ def update_branch(commit) if e.message.match?(/protected branch/i) || e.message.match?(/not authorized to push/i) || - e.message.match?(/must not contain merge commits/) || + e.message.include?("must not contain merge commits") || e.message.match?(/required status check/i) raise BranchProtected end diff --git a/common/lib/dependabot/security_advisory.rb b/common/lib/dependabot/security_advisory.rb index df1e0befe2b..b5e26ad0300 100644 --- a/common/lib/dependabot/security_advisory.rb +++ b/common/lib/dependabot/security_advisory.rb @@ -51,7 +51,7 @@ def vulnerable?(version) # @return [Boolean] def fixed_by?(dependency) # Handle case mismatch between the security advisory and parsed name - return false unless dependency_name.downcase == dependency.name.downcase + return false unless dependency_name.casecmp(dependency.name).zero? return false unless package_manager == dependency.package_manager # TODO: Support no previous version to the same level as dependency graph # and security alerts. We currently ignore dependency updates without a diff --git a/common/lib/dependabot/update_checkers/base.rb b/common/lib/dependabot/update_checkers/base.rb index 474d62b7ea8..e012c3a6805 100644 --- a/common/lib/dependabot/update_checkers/base.rb +++ b/common/lib/dependabot/update_checkers/base.rb @@ -287,7 +287,7 @@ def changed_requirements def version_from_requirements @version_from_requirements ||= - dependency.requirements.map { |r| r.fetch(:requirement) }.compact. + dependency.requirements.filter_map { |r| r.fetch(:requirement) }. flat_map { |req_str| requirement_class.requirements_array(req_str) }. flat_map(&:requirements). reject { |req_array| req_array.first.start_with?("<") }. diff --git a/common/spec/dependabot/file_updaters/vendor_updater_spec.rb b/common/spec/dependabot/file_updaters/vendor_updater_spec.rb index 661ff547bed..7a5d199a774 100644 --- a/common/spec/dependabot/file_updaters/vendor_updater_spec.rb +++ b/common/spec/dependabot/file_updaters/vendor_updater_spec.rb @@ -179,6 +179,6 @@ private def in_cloned_repository(repo_contents_path, &block) - Dir.chdir(repo_contents_path) { block.call } + Dir.chdir(repo_contents_path, &block) end end diff --git a/common/spec/dependabot/shared_helpers_spec.rb b/common/spec/dependabot/shared_helpers_spec.rb index fa54077f24c..d970688c542 100644 --- a/common/spec/dependabot/shared_helpers_spec.rb +++ b/common/spec/dependabot/shared_helpers_spec.rb @@ -268,7 +268,7 @@ def existing_tmp_folders (| \+https://github.com/dependabot/|dependabot-core| )| - }x + }xo ) end @@ -356,7 +356,7 @@ def alternatives(host) let(:credentials) { [] } def with_git_configured(&block) - Dependabot::SharedHelpers.with_git_configured(credentials: credentials) { block.call } + Dependabot::SharedHelpers.with_git_configured(credentials: credentials, &block) end let(:configured_git_config) { with_git_configured { `cat ~/.gitconfig` } } diff --git a/common/spec/dummy_package_manager/version.rb b/common/spec/dummy_package_manager/version.rb index 96d584d5c0e..ebda49213a3 100644 --- a/common/spec/dummy_package_manager/version.rb +++ b/common/spec/dummy_package_manager/version.rb @@ -12,7 +12,7 @@ def initialize(version) def self.remove_leading_v(version) return version unless version.to_s.match?(/\Av([0-9])/) - version.to_s.gsub(/\Av/, "") + version.to_s.delete_prefix("v") end def self.correct?(version) diff --git a/composer/lib/dependabot/composer/file_fetcher.rb b/composer/lib/dependabot/composer/file_fetcher.rb index 26b1a6af1b2..e483fc51b81 100644 --- a/composer/lib/dependabot/composer/file_fetcher.rb +++ b/composer/lib/dependabot/composer/file_fetcher.rb @@ -93,13 +93,13 @@ def path_sources end def build_unfetchable_deps(unfetchable_deps) - unfetchable_deps.map do |path| + unfetchable_deps.filter_map do |path| PathDependencyBuilder.new( path: path, directory: directory, lockfile: composer_lock ).dependency_file - end.compact + end end def expand_path(path) diff --git a/composer/lib/dependabot/composer/file_updater/lockfile_updater.rb b/composer/lib/dependabot/composer/file_updater/lockfile_updater.rb index f5d0f9463e3..3eb6b0e8388 100644 --- a/composer/lib/dependabot/composer/file_updater/lockfile_updater.rb +++ b/composer/lib/dependabot/composer/file_updater/lockfile_updater.rb @@ -185,8 +185,7 @@ def handle_composer_errors(error) # NOTE: This matches an error message from composer plugins used to install ACF PRO # https://github.com/PhilippBaschke/acf-pro-installer/blob/772cec99c6ef8bc67ba6768419014cc60d141b27/src/ACFProInstaller/Exceptions/MissingKeyException.php#L14 # https://github.com/pivvenit/acf-pro-installer/blob/f2d4812839ee2c333709b0ad4c6c134e4c25fd6d/src/Exceptions/MissingKeyException.php#L25 - if error.message.start_with?("Could not find a key for ACF PRO") || - error.message.start_with?("Could not find a license key for ACF PRO") + if error.message.start_with?("Could not find a key for ACF PRO", "Could not find a license key for ACF PRO") raise MissingEnvironmentVariable, "ACF_PRO_KEY" end diff --git a/composer/lib/dependabot/composer/metadata_finder.rb b/composer/lib/dependabot/composer/metadata_finder.rb index a652571e9b1..6478355ae78 100644 --- a/composer/lib/dependabot/composer/metadata_finder.rb +++ b/composer/lib/dependabot/composer/metadata_finder.rb @@ -18,7 +18,7 @@ def look_up_source def source_from_dependency source_url = dependency.requirements. - map { |r| r.fetch(:source) }.compact. + filter_map { |r| r.fetch(:source) }. first&.fetch(:url, nil) Source.from_url(source_url) diff --git a/composer/lib/dependabot/composer/update_checker/latest_version_finder.rb b/composer/lib/dependabot/composer/update_checker/latest_version_finder.rb index ddd0112a108..ff78a89799c 100644 --- a/composer/lib/dependabot/composer/update_checker/latest_version_finder.rb +++ b/composer/lib/dependabot/composer/update_checker/latest_version_finder.rb @@ -104,7 +104,7 @@ def registry_version_details urls = repositories. select { |h| h["type"] == "composer" }. - map { |h| h["url"] }.compact. + filter_map { |h| h["url"] }. map { |url| url.gsub(%r{\/$}, "") + "/packages.json" } unless repositories.any? { |rep| rep["packagist.org"] == false } diff --git a/composer/lib/dependabot/composer/update_checker/version_resolver.rb b/composer/lib/dependabot/composer/update_checker/version_resolver.rb index 0ca4f0fdd38..2558597bf8d 100644 --- a/composer/lib/dependabot/composer/update_checker/version_resolver.rb +++ b/composer/lib/dependabot/composer/update_checker/version_resolver.rb @@ -198,7 +198,6 @@ def lock_git_dependencies(content) end # rubocop:disable Metrics/PerceivedComplexity - # rubocop:disable Metrics/AbcSize def updated_version_requirement_string lower_bound = if requirements_to_unlock == :none @@ -207,7 +206,7 @@ def updated_version_requirement_string ">= #{dependency.version}" else version_for_requirement = - dependency.requirements.map { |r| r[:requirement] }.compact. + dependency.requirements.filter_map { |r| r[:requirement] }. reject { |req_string| req_string.start_with?("<") }. select { |req_string| req_string.match?(VERSION_REGEX) }. map { |req_string| req_string.match(VERSION_REGEX) }. @@ -232,7 +231,6 @@ def updated_version_requirement_string lower_bound + ", <= #{latest_allowable_version}" end - # rubocop:enable Metrics/AbcSize # rubocop:enable Metrics/PerceivedComplexity # TODO: Extract error handling and share between the lockfile updater @@ -317,7 +315,7 @@ def handle_composer_errors(error) source = url.gsub(%r{/packages.json$}, "") raise Dependabot::PrivateSourceTimedOut, source - elsif error.message.start_with?("Allowed memory size") || error.message.start_with?("Out of memory") + elsif error.message.start_with?("Allowed memory size", "Out of memory") raise Dependabot::OutOfMemory elsif error.error_context[:process_termsig] == Dependabot::SharedHelpers::SIGKILL # If the helper was SIGKILL-ed, assume the OOMKiller did it diff --git a/elm/lib/dependabot/elm/update_checker/elm_19_version_resolver.rb b/elm/lib/dependabot/elm/update_checker/elm_19_version_resolver.rb index 5370974d815..db9f9490139 100644 --- a/elm/lib/dependabot/elm/update_checker/elm_19_version_resolver.rb +++ b/elm/lib/dependabot/elm/update_checker/elm_19_version_resolver.rb @@ -36,7 +36,7 @@ def latest_resolvable_version(unlock_requirement:) def updated_dependencies_after_full_unlock changed_deps = install_metadata - original_dependency_details.map do |original_dep| + original_dependency_details.filter_map do |original_dep| new_version = changed_deps.fetch(original_dep.name, nil) next unless new_version @@ -60,7 +60,7 @@ def updated_dependencies_after_full_unlock previous_requirements: original_dep.requirements, package_manager: original_dep.package_manager ) - end.compact + end end private @@ -158,10 +158,8 @@ def updated_elm_json_content(content) # `elm install ` to generate the install plan %w(dependencies test-dependencies).each do |type| json[type].delete(dependency.name) if json.dig(type, dependency.name) - - %w(direct indirect).each do |category| - json[type][category].delete(dependency.name) if json.dig(type, category, dependency.name) - end + json[type]["direct"].delete(dependency.name) if json.dig(type, "direct", dependency.name) + json[type]["indirect"].delete(dependency.name) if json.dig(type, "indirect", dependency.name) end json["source-directories"] = [] diff --git a/github_actions/lib/dependabot/github_actions/file_parser.rb b/github_actions/lib/dependabot/github_actions/file_parser.rb index ca3de292272..8b2e5a291de 100644 --- a/github_actions/lib/dependabot/github_actions/file_parser.rb +++ b/github_actions/lib/dependabot/github_actions/file_parser.rb @@ -109,7 +109,7 @@ def deep_fetch_uses_from_hash(json_object) steps = json_object.fetch("steps", []) uses_strings = - if steps.is_a?(Array) && steps.all? { |s| s.is_a?(Hash) } + if steps.is_a?(Array) && steps.all?(Hash) steps. map { |step| step.fetch("uses", nil) }. select { |use| use.is_a?(String) } diff --git a/github_actions/lib/dependabot/github_actions/metadata_finder.rb b/github_actions/lib/dependabot/github_actions/metadata_finder.rb index 38c918ef2d6..2f0ce61c908 100644 --- a/github_actions/lib/dependabot/github_actions/metadata_finder.rb +++ b/github_actions/lib/dependabot/github_actions/metadata_finder.rb @@ -9,7 +9,7 @@ class MetadataFinder < Dependabot::MetadataFinders::Base private def look_up_source - info = dependency.requirements.map { |r| r[:source] }.compact.first + info = dependency.requirements.filter_map { |r| r[:source] }.first url = if info.nil? diff --git a/github_actions/lib/dependabot/github_actions/version.rb b/github_actions/lib/dependabot/github_actions/version.rb index 9856087db99..bfc5b0e944a 100644 --- a/github_actions/lib/dependabot/github_actions/version.rb +++ b/github_actions/lib/dependabot/github_actions/version.rb @@ -13,7 +13,7 @@ def initialize(version) def self.remove_leading_v(version) return version unless version.to_s.match?(/\Av([0-9])/) - version.to_s.gsub(/\Av/, "") + version.to_s.delete_prefix("v") end def self.correct?(version) diff --git a/go_modules/lib/dependabot/go_modules/file_updater/go_mod_updater.rb b/go_modules/lib/dependabot/go_modules/file_updater/go_mod_updater.rb index f3e7c86b91a..d00df743d87 100644 --- a/go_modules/lib/dependabot/go_modules/file_updater/go_mod_updater.rb +++ b/go_modules/lib/dependabot/go_modules/file_updater/go_mod_updater.rb @@ -188,9 +188,7 @@ def parse_manifest def in_repo_path(&block) SharedHelpers.in_a_temporary_repo_directory(directory, repo_contents_path) do - SharedHelpers.with_git_configured(credentials: credentials) do - block.call - end + SharedHelpers.with_git_configured(credentials: credentials, &block) end end diff --git a/go_modules/lib/dependabot/go_modules/replace_stubber.rb b/go_modules/lib/dependabot/go_modules/replace_stubber.rb index 5ed6d562d5a..d9de7e3b7bc 100644 --- a/go_modules/lib/dependabot/go_modules/replace_stubber.rb +++ b/go_modules/lib/dependabot/go_modules/replace_stubber.rb @@ -17,8 +17,7 @@ def initialize(repo_contents_path) def stub_paths(manifest, directory) (manifest["Replace"] || []). - map { |r| r["New"]["Path"] }. - compact. + filter_map { |r| r["New"]["Path"] }. select { |p| stub_replace_path?(p, directory) }. to_h { |p| [p, "./" + Digest::SHA2.hexdigest(p)] } end @@ -43,7 +42,7 @@ def absolute_path?(path) def relative_replacement_path?(path) # https://golang.org/ref/mod#go-mod-file-replace - path.start_with?("./") || path.start_with?("../") + path.start_with?("./", "../") end def module_pathname(directory) diff --git a/go_modules/lib/dependabot/go_modules/update_checker/latest_version_finder.rb b/go_modules/lib/dependabot/go_modules/update_checker/latest_version_finder.rb index 680f552fdfb..a32faba022c 100644 --- a/go_modules/lib/dependabot/go_modules/update_checker/latest_version_finder.rb +++ b/go_modules/lib/dependabot/go_modules/update_checker/latest_version_finder.rb @@ -52,7 +52,7 @@ def lowest_security_fix_version attr_reader :dependency, :dependency_files, :credentials, :ignored_versions, :security_advisories def fetch_latest_version - return dependency.version if dependency.version =~ PSEUDO_VERSION_REGEX + return dependency.version if PSEUDO_VERSION_REGEX.match?(dependency.version) candidate_versions = available_versions candidate_versions = filter_prerelease_versions(candidate_versions) @@ -62,7 +62,7 @@ def fetch_latest_version end def fetch_lowest_security_fix_version - return dependency.version if dependency.version =~ PSEUDO_VERSION_REGEX + return dependency.version if PSEUDO_VERSION_REGEX.match?(dependency.version) relevant_versions = available_versions relevant_versions = filter_prerelease_versions(relevant_versions) @@ -110,7 +110,7 @@ def available_versions def handle_subprocess_error(error) if RESOLVABILITY_ERROR_REGEXES.any? { |rgx| error.message =~ rgx } ResolvabilityErrors.handle(error.message, credentials: credentials, goprivate: @goprivate) - elsif INVALID_VERSION_REGEX =~ error.message + elsif INVALID_VERSION_REGEX.match?(error.message) raise Dependabot::DependencyFileNotResolvable, error.message end diff --git a/gradle/lib/dependabot/gradle/file_fetcher.rb b/gradle/lib/dependabot/gradle/file_fetcher.rb index 4ba630e9ea7..437c0e70ef0 100644 --- a/gradle/lib/dependabot/gradle/file_fetcher.rb +++ b/gradle/lib/dependabot/gradle/file_fetcher.rb @@ -53,7 +53,7 @@ def subproject_buildfiles new(settings_file: settings_file). subproject_paths - subproject_paths.map do |path| + subproject_paths.filter_map do |path| if @buildfile_name fetch_file_from_host(File.join(path, @buildfile_name)) else @@ -62,7 +62,7 @@ def subproject_buildfiles rescue Dependabot::DependencyFileNotFound # Gradle itself doesn't worry about missing subprojects, so we don't nil - end.compact + end end end @@ -78,14 +78,14 @@ def dependency_script_plugins map { |path| path.gsub("$rootDir", ".") }. uniq - dependency_plugin_paths.map do |path| + dependency_plugin_paths.filter_map do |path| fetch_file_from_host(path) rescue Dependabot::DependencyFileNotFound next nil if file_exists_in_submodule?(path) next nil if path.include?("${") raise - end.compact + end end # rubocop:enable Metrics/PerceivedComplexity diff --git a/gradle/lib/dependabot/gradle/file_fetcher/settings_file_parser.rb b/gradle/lib/dependabot/gradle/file_fetcher/settings_file_parser.rb index f433343427e..dc37df4e92c 100644 --- a/gradle/lib/dependabot/gradle/file_fetcher/settings_file_parser.rb +++ b/gradle/lib/dependabot/gradle/file_fetcher/settings_file_parser.rb @@ -16,7 +16,7 @@ def subproject_paths comment_free_content.scan(function_regex("include")) do args = Regexp.last_match.named_captures.fetch("args") args = args.split(",") - args = args.map { |p| p.gsub(/["']/, "").strip }.compact + args = args.filter_map { |p| p.gsub(/["']/, "").strip } subprojects += args end diff --git a/gradle/lib/dependabot/gradle/file_parser.rb b/gradle/lib/dependabot/gradle/file_parser.rb index 586868c1ed6..0f56a4e9de6 100644 --- a/gradle/lib/dependabot/gradle/file_parser.rb +++ b/gradle/lib/dependabot/gradle/file_parser.rb @@ -59,8 +59,7 @@ def self.find_include_names(buildfile) def self.find_includes(buildfile, dependency_files) FileParser.find_include_names(buildfile). - map { |f| dependency_files.find { |bf| bf.name == f } }. - compact + filter_map { |f| dependency_files.find { |bf| bf.name == f } } end private @@ -161,9 +160,9 @@ def plugin_dependencies(buildfile) plugin_blocks.each do |blk| blk.lines.each do |line| - name_regex = /(id|kotlin)(\s+#{PLUGIN_ID_REGEX}|\(#{PLUGIN_ID_REGEX}\))/ + name_regex = /(id|kotlin)(\s+#{PLUGIN_ID_REGEX}|\(#{PLUGIN_ID_REGEX}\))/o name = line.match(name_regex)&.named_captures&.fetch("id") - version_regex = /version\s+['"](?#{VSN_PART})['"]/ + version_regex = /version\s+['"](?#{VSN_PART})['"]/o version = line.match(version_regex)&.named_captures&. fetch("version") next unless name && version @@ -178,7 +177,7 @@ def plugin_dependencies(buildfile) end def extra_groups(line) - line.match(/kotlin(\s+#{PLUGIN_ID_REGEX}|\(#{PLUGIN_ID_REGEX}\))/) ? ["kotlin"] : [] + line.match?(/kotlin(\s+#{PLUGIN_ID_REGEX}|\(#{PLUGIN_ID_REGEX}\))/o) ? ["kotlin"] : [] end def argument_from_string(string, arg_name) diff --git a/gradle/lib/dependabot/gradle/update_checker/version_finder.rb b/gradle/lib/dependabot/gradle/update_checker/version_finder.rb index 4b46a5322e6..3691d513f3e 100644 --- a/gradle/lib/dependabot/gradle/update_checker/version_finder.rb +++ b/gradle/lib/dependabot/gradle/update_checker/version_finder.rb @@ -185,7 +185,7 @@ def repository_urls end def check_response(response, repository_url) - return unless [401, 403].include?(response.status) + return unless response.status == 401 || response.status == 403 return if @forbidden_urls.include?(repository_url) return if central_repo_urls.include?(repository_url) diff --git a/gradle/lib/dependabot/gradle/version.rb b/gradle/lib/dependabot/gradle/version.rb index 61f60e74686..cc86188dc98 100644 --- a/gradle/lib/dependabot/gradle/version.rb +++ b/gradle/lib/dependabot/gradle/version.rb @@ -117,11 +117,11 @@ def fill_tokens(version) end def trim_version(version) - version.split("-").map do |v| + version.split("-").filter_map do |v| parts = v.split(".") parts = parts[0..-2] while NULL_VALUES.include?(parts&.last) parts&.join(".") - end.compact.reject(&:empty?).join("-") + end.reject(&:empty?).join("-") end def convert_dates(version, other_version) diff --git a/gradle/spec/dependabot/gradle/file_updater_spec.rb b/gradle/spec/dependabot/gradle/file_updater_spec.rb index aff2cf993b3..821805be908 100644 --- a/gradle/spec/dependabot/gradle/file_updater_spec.rb +++ b/gradle/spec/dependabot/gradle/file_updater_spec.rb @@ -64,7 +64,7 @@ describe "the updated build.gradle file" do subject(:updated_buildfile) do updated_files.find do |f| - %w(build.gradle build.gradle.kts).include?(f.name) + Dependabot::Gradle::FileUpdater::SUPPORTED_BUILD_FILE_NAMES.include?(f.name) end end diff --git a/hex/lib/dependabot/hex/file_fetcher.rb b/hex/lib/dependabot/hex/file_fetcher.rb index 46a15174b68..efda2276b42 100644 --- a/hex/lib/dependabot/hex/file_fetcher.rb +++ b/hex/lib/dependabot/hex/file_fetcher.rb @@ -64,14 +64,14 @@ def subapp_mixfiles subapp_directories += umbrella_app_directories subapp_directories += sub_project_directories - subapp_directories.map do |dir| + subapp_directories.filter_map do |dir| fetch_file_from_host("#{dir}/mix.exs") rescue Dependabot::DependencyFileNotFound # If the folder doesn't have a mix.exs it *might* be because it's # not an app. Ignore the fact we couldn't fetch one and proceed with # updating (it will blow up later if there are problems) nil - end.compact + end rescue Octokit::NotFound, Gitlab::Error::NotFound # If the path specified in apps_path doesn't exist then it's not being # used. We can just return an empty array of subapp files. @@ -82,7 +82,7 @@ def support_files mixfiles = [mixfile] + subapp_mixfiles mixfiles.flat_map do |mixfile| - mixfile_dir = mixfile.path.sub("/mix.exs", "").delete_prefix("/") + mixfile_dir = mixfile.path.to_s.delete_prefix("/").delete_suffix("/mix.exs") mixfile.content.gsub(/__DIR__/, "\"#{mixfile_dir}\"").scan(SUPPORT_FILE).map do |support_file_args| path = Pathname.new(File.join(*support_file_args.compact.reverse)). diff --git a/hex/lib/dependabot/hex/file_updater/mixfile_sanitizer.rb b/hex/lib/dependabot/hex/file_updater/mixfile_sanitizer.rb index 4e005473b52..a47114aaffe 100644 --- a/hex/lib/dependabot/hex/file_updater/mixfile_sanitizer.rb +++ b/hex/lib/dependabot/hex/file_updater/mixfile_sanitizer.rb @@ -23,11 +23,13 @@ def initialize(mixfile_content:) PIPED_VERSION_FILE_READ_BANG = /#{VERSION_FILE}[[:space:]]+#{PIPE}[[:space:]]+#{FILE_READ_BANG}/.freeze + # rubocop:disable Performance/MethodObjectAsBlock def sanitized_content mixfile_content. then(&method(:prevent_version_file_loading)). then(&method(:prevent_config_path_loading)) end + # rubocop:enable Performance/MethodObjectAsBlock private diff --git a/hex/lib/dependabot/hex/metadata_finder.rb b/hex/lib/dependabot/hex/metadata_finder.rb index 93926d72840..6fc9ca9ab6a 100644 --- a/hex/lib/dependabot/hex/metadata_finder.rb +++ b/hex/lib/dependabot/hex/metadata_finder.rb @@ -38,15 +38,14 @@ def new_source_type def find_source_from_hex_listing potential_source_urls = SOURCE_KEYS. - map { |key| hex_listing.dig("meta", "links", key) }. - compact + filter_map { |key| hex_listing.dig("meta", "links", key) } source_url = potential_source_urls.find { |url| Source.from_url(url) } Source.from_url(source_url) end def find_source_from_git_url - info = dependency.requirements.map { |r| r[:source] }.compact.first + info = dependency.requirements.filter_map { |r| r[:source] }.first url = info[:url] || info.fetch("url") Source.from_url(url) diff --git a/hex/lib/dependabot/hex/update_checker/file_preparer.rb b/hex/lib/dependabot/hex/update_checker/file_preparer.rb index 56e6b503843..75ba1625f69 100644 --- a/hex/lib/dependabot/hex/update_checker/file_preparer.rb +++ b/hex/lib/dependabot/hex/update_checker/file_preparer.rb @@ -99,7 +99,7 @@ def updated_version_req_lower_bound(filename) elsif dependency.version then ">= #{dependency.version}" else version_for_requirement = - dependency.requirements.map { |r| r[:requirement] }.compact. + dependency.requirements.filter_map { |r| r[:requirement] }. reject { |req_string| req_string.start_with?("<") }. select { |req_string| req_string.match?(version_regex) }. map { |req_string| req_string.match(version_regex) }. diff --git a/maven/lib/dependabot/maven/file_parser.rb b/maven/lib/dependabot/maven/file_parser.rb index edc8e0a0546..baca862b5b6 100644 --- a/maven/lib/dependabot/maven/file_parser.rb +++ b/maven/lib/dependabot/maven/file_parser.rb @@ -283,7 +283,7 @@ def extensionfiles def internal_dependency_names @internal_dependency_names ||= - dependency_files.map do |pom| + dependency_files.filter_map do |pom| doc = Nokogiri::XML(pom.content) group_id = doc.at_css("project > groupId") || doc.at_css("project > parent > groupId") @@ -292,7 +292,7 @@ def internal_dependency_names next unless group_id && artifact_id [group_id.content.strip, artifact_id.content.strip].join(":") - end.compact + end end def check_required_files diff --git a/maven/lib/dependabot/maven/file_updater.rb b/maven/lib/dependabot/maven/file_updater.rb index d56d9140e2b..699c67de4c0 100644 --- a/maven/lib/dependabot/maven/file_updater.rb +++ b/maven/lib/dependabot/maven/file_updater.rb @@ -31,7 +31,7 @@ def updated_dependency_files ) end - updated_files.select! { |f| f.name.end_with?("pom.xml") || f.name.end_with?("extensions.xml") } + updated_files.select! { |f| f.name.end_with?("pom.xml", "extensions.xml") } updated_files.reject! { |f| dependency_files.include?(f) } raise "No files changed!" if updated_files.none? diff --git a/maven/lib/dependabot/maven/file_updater/property_value_updater.rb b/maven/lib/dependabot/maven/file_updater/property_value_updater.rb index a65393b6787..ccf1dd197db 100644 --- a/maven/lib/dependabot/maven/file_updater/property_value_updater.rb +++ b/maven/lib/dependabot/maven/file_updater/property_value_updater.rb @@ -28,7 +28,7 @@ def update_pomfiles_for_property_change(property_name:, callsite_pom:, \s*#{Regexp.quote(node.content)}\s* }xm property_text = node.to_s - if pom_to_update.content =~ property_re + if pom_to_update.content&.match?(property_re) updated_content = pom_to_update.content.sub( property_re, "<#{node.name}>#{updated_value}" diff --git a/maven/lib/dependabot/maven/version.rb b/maven/lib/dependabot/maven/version.rb index f7d77f990cb..530c7e24fda 100644 --- a/maven/lib/dependabot/maven/version.rb +++ b/maven/lib/dependabot/maven/version.rb @@ -117,11 +117,11 @@ def fill_tokens(version) end def trim_version(version) - version.split("-").map do |v| + version.split("-").filter_map do |v| parts = v.split(".") parts = parts[0..-2] while NULL_VALUES.include?(parts&.last) parts&.join(".") - end.compact.reject(&:empty?).join("-") + end.reject(&:empty?).join("-") end def convert_dates(version, other_version) diff --git a/npm_and_yarn/lib/dependabot/npm_and_yarn/file_fetcher.rb b/npm_and_yarn/lib/dependabot/npm_and_yarn/file_fetcher.rb index ee032af6be0..dac831f1cdd 100644 --- a/npm_and_yarn/lib/dependabot/npm_and_yarn/file_fetcher.rb +++ b/npm_and_yarn/lib/dependabot/npm_and_yarn/file_fetcher.rb @@ -200,7 +200,7 @@ def path_dependency_details_from_manifest(file) resolution_objects = parsed_manifest.values_at("resolutions").compact manifest_objects = dependency_objects + resolution_objects - raise Dependabot::DependencyFileNotParseable, file.path unless manifest_objects.all? { |o| o.is_a?(Hash) } + raise Dependabot::DependencyFileNotParseable, file.path unless manifest_objects.all?(Hash) resolution_deps = resolution_objects.flat_map(&:to_a). map do |path, value| diff --git a/npm_and_yarn/lib/dependabot/npm_and_yarn/file_parser.rb b/npm_and_yarn/lib/dependabot/npm_and_yarn/file_parser.rb index 93a2727cc3f..541872046fb 100644 --- a/npm_and_yarn/lib/dependabot/npm_and_yarn/file_parser.rb +++ b/npm_and_yarn/lib/dependabot/npm_and_yarn/file_parser.rb @@ -159,7 +159,7 @@ def aliased_package_name?(name) def workspace_package_names @workspace_package_names ||= - package_files.map { |f| JSON.parse(f.content)["name"] }.compact + package_files.filter_map { |f| JSON.parse(f.content)["name"] } end def version_for(name, requirement, manifest_name) diff --git a/npm_and_yarn/lib/dependabot/npm_and_yarn/file_parser/lockfile_parser.rb b/npm_and_yarn/lib/dependabot/npm_and_yarn/file_parser/lockfile_parser.rb index ad036b437f3..27e2920c9cd 100644 --- a/npm_and_yarn/lib/dependabot/npm_and_yarn/file_parser/lockfile_parser.rb +++ b/npm_and_yarn/lib/dependabot/npm_and_yarn/file_parser/lockfile_parser.rb @@ -48,8 +48,7 @@ def potential_lockfiles_for_manifest(manifest_filename) %w(yarn.lock package-lock.json npm-shrinkwrap.json) possible_lockfile_names.uniq. - map { |nm| dependency_files.find { |f| f.name == nm } }. - compact + filter_map { |nm| dependency_files.find { |f| f.name == nm } } end def npm_lockfile_details(lockfile, dependency_name, manifest_name) diff --git a/npm_and_yarn/lib/dependabot/npm_and_yarn/file_updater.rb b/npm_and_yarn/lib/dependabot/npm_and_yarn/file_updater.rb index d37108e6806..125deeb60cd 100644 --- a/npm_and_yarn/lib/dependabot/npm_and_yarn/file_updater.rb +++ b/npm_and_yarn/lib/dependabot/npm_and_yarn/file_updater.rb @@ -123,12 +123,12 @@ def shrinkwrap_changed?(shrinkwrap) end def updated_manifest_files - package_files.map do |file| + package_files.filter_map do |file| updated_content = updated_package_json_content(file) next if updated_content == file.content updated_file(file: file, content: updated_content) - end.compact + end end def updated_lockfiles diff --git a/npm_and_yarn/lib/dependabot/npm_and_yarn/file_updater/npmrc_builder.rb b/npm_and_yarn/lib/dependabot/npm_and_yarn/file_updater/npmrc_builder.rb index e073105b116..3a877afa140 100644 --- a/npm_and_yarn/lib/dependabot/npm_and_yarn/file_updater/npmrc_builder.rb +++ b/npm_and_yarn/lib/dependabot/npm_and_yarn/file_updater/npmrc_builder.rb @@ -89,7 +89,7 @@ def dependency_urls if package_lock @dependency_urls += parsed_package_lock.fetch("dependencies", {}). - map { |_, details| details["resolved"] }.compact. + filter_map { |_, details| details["resolved"] }. select { |url| url.is_a?(String) }. reject { |url| url.start_with?("git") } end @@ -166,8 +166,7 @@ def npmrc_scoped_registries @npmrc_scoped_registries ||= npmrc_file.content.lines.select { |line| line.match?(SCOPED_REGISTRY) }. - map { |line| line.match(SCOPED_REGISTRY)&.named_captures&.fetch("registry") }. - compact + filter_map { |line| line.match(SCOPED_REGISTRY)&.named_captures&.fetch("registry") } end # rubocop:disable Metrics/PerceivedComplexity diff --git a/npm_and_yarn/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb b/npm_and_yarn/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb index ef64274b5c8..054ab957e46 100644 --- a/npm_and_yarn/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb +++ b/npm_and_yarn/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb @@ -155,11 +155,11 @@ def run_yarn_subdependency_updater(lockfile_name:) def requirements_for_path(requirements, path) return requirements if path.to_s == "." - requirements.map do |r| + requirements.filter_map do |r| next unless r[:file].start_with?("#{path}/") r.merge(file: r[:file].gsub(/^#{Regexp.quote("#{path}/")}/, "")) - end.compact + end end # rubocop:disable Metrics/AbcSize diff --git a/npm_and_yarn/lib/dependabot/npm_and_yarn/metadata_finder.rb b/npm_and_yarn/lib/dependabot/npm_and_yarn/metadata_finder.rb index ce45eb3b74b..c0e1c402d3b 100644 --- a/npm_and_yarn/lib/dependabot/npm_and_yarn/metadata_finder.rb +++ b/npm_and_yarn/lib/dependabot/npm_and_yarn/metadata_finder.rb @@ -64,7 +64,7 @@ def previous_releasers all_version_listings. reject { |v, _| Time.parse(times[v]) > cutoff }. - map { |_, d| d.fetch("_npmUser", nil)&.fetch("name", nil) }.compact + filter_map { |_, d| d.fetch("_npmUser", nil)&.fetch("name", nil) } end def find_source_from_registry diff --git a/npm_and_yarn/lib/dependabot/npm_and_yarn/update_checker.rb b/npm_and_yarn/lib/dependabot/npm_and_yarn/update_checker.rb index d2479ecc150..3bfb17259c4 100644 --- a/npm_and_yarn/lib/dependabot/npm_and_yarn/update_checker.rb +++ b/npm_and_yarn/lib/dependabot/npm_and_yarn/update_checker.rb @@ -214,11 +214,11 @@ def build_updated_dependency(update_details) end def latest_resolvable_version_with_no_unlock_for_git_dependency - reqs = dependency.requirements.map do |r| + reqs = dependency.requirements.filter_map do |r| next if r.fetch(:requirement).nil? requirement_class.requirements_array(r.fetch(:requirement)) - end.compact + end current_version = if existing_version_is_sha? || diff --git a/npm_and_yarn/lib/dependabot/npm_and_yarn/update_checker/latest_version_finder.rb b/npm_and_yarn/lib/dependabot/npm_and_yarn/update_checker/latest_version_finder.rb index 92ffc78854c..2f377dfc1b8 100644 --- a/npm_and_yarn/lib/dependabot/npm_and_yarn/update_checker/latest_version_finder.rb +++ b/npm_and_yarn/lib/dependabot/npm_and_yarn/update_checker/latest_version_finder.rb @@ -121,9 +121,9 @@ def filter_ignored_versions(versions_array) end def filter_out_of_range_versions(versions_array) - reqs = dependency.requirements.map do |r| + reqs = dependency.requirements.filter_map do |r| NpmAndYarn::Requirement.requirements_array(r.fetch(:requirement)) - end.compact + end versions_array. select { |v| reqs.all? { |r| r.any? { |o| o.satisfied_by?(v) } } } diff --git a/npm_and_yarn/lib/dependabot/npm_and_yarn/update_checker/requirements_updater.rb b/npm_and_yarn/lib/dependabot/npm_and_yarn/update_checker/requirements_updater.rb index 12bb3176e89..634295aab65 100644 --- a/npm_and_yarn/lib/dependabot/npm_and_yarn/update_checker/requirements_updater.rb +++ b/npm_and_yarn/lib/dependabot/npm_and_yarn/update_checker/requirements_updater.rb @@ -63,7 +63,7 @@ def check_update_strategy def updating_from_git_to_npm? return false unless updated_source.nil? - original_source = requirements.map { |r| r[:source] }.compact.first + original_source = requirements.filter_map { |r| r[:source] }.first original_source&.fetch(:type) == "git" end diff --git a/npm_and_yarn/lib/dependabot/npm_and_yarn/update_checker/version_resolver.rb b/npm_and_yarn/lib/dependabot/npm_and_yarn/update_checker/version_resolver.rb index 81318254768..dc466fbbbd5 100644 --- a/npm_and_yarn/lib/dependabot/npm_and_yarn/update_checker/version_resolver.rb +++ b/npm_and_yarn/lib/dependabot/npm_and_yarn/update_checker/version_resolver.rb @@ -157,7 +157,7 @@ def resolve_latest_previous_version(dep, updated_version) relevant_versions = latest_version_finder(dependency). possible_previous_versions_with_details. map(&:first) - reqs = dep.requirements.map { |r| r[:requirement] }.compact. + reqs = dep.requirements.filter_map { |r| r[:requirement] }. map { |r| requirement_class.requirements_array(r) } # Pick the lowest version from the max possible version from all @@ -355,7 +355,7 @@ def error_details_from_captures(captures) requirement_name: captures.fetch("required_dep").sub(/@[^@]+$/, ""), requirement_version: - captures.fetch("required_dep").split("@").last.gsub('"', ""), + captures.fetch("required_dep").split("@").last.delete('"'), requiring_dep_name: captures.fetch("requiring_dep").sub(/@[^@]+$/, "") } @@ -543,11 +543,11 @@ def version_install_arg(version:) def requirements_for_path(requirements, path) return requirements if path.to_s == "." - requirements.map do |r| + requirements.filter_map do |r| next unless r[:file].start_with?("#{path}/") r.merge(file: r[:file].gsub(/^#{Regexp.quote("#{path}/")}/, "")) - end.compact + end end # Top level dependencies are required in the peer dep checker @@ -581,7 +581,7 @@ def dependency_files_builder def version_for_dependency(dep) return version_class.new(dep.version) if dep.version && version_class.correct?(dep.version) - dep.requirements.map { |r| r[:requirement] }.compact. + dep.requirements.filter_map { |r| r[:requirement] }. reject { |req_string| req_string.start_with?("<") }. select { |req_string| req_string.match?(version_regex) }. map { |req_string| req_string.match(version_regex) }. diff --git a/nuget/lib/dependabot/nuget/file_fetcher.rb b/nuget/lib/dependabot/nuget/file_fetcher.rb index 96b480aa385..62fec6b0d4e 100644 --- a/nuget/lib/dependabot/nuget/file_fetcher.rb +++ b/nuget/lib/dependabot/nuget/file_fetcher.rb @@ -73,11 +73,11 @@ def packages_config_files [*project_files.map { |f| File.dirname(f.name) }, "."].uniq @packages_config_files ||= - candidate_paths.map do |dir| + candidate_paths.filter_map do |dir| file = repo_contents(dir: dir). find { |f| f.name.casecmp("packages.config").zero? } fetch_file_from_host(File.join(dir, file.name)) if file - end.compact + end end # rubocop:disable Metrics/PerceivedComplexity @@ -157,7 +157,7 @@ def sln_project_files project_paths end - paths.map do |path| + paths.filter_map do |path| fetch_file_from_host(path) rescue Dependabot::DependencyFileNotFound => e @missing_sln_project_file_errors ||= [] @@ -165,7 +165,7 @@ def sln_project_files # Don't worry about missing files too much for now (at least # until we start resolving properties) nil - end.compact + end end end @@ -209,12 +209,12 @@ def nuget_config_files [*project_files.map { |f| File.dirname(f.name) }, "."].uniq @nuget_config_files ||= - candidate_paths.map do |dir| + candidate_paths.filter_map do |dir| file = repo_contents(dir: dir). find { |f| f.name.casecmp("nuget.config").zero? } file = fetch_file_from_host(File.join(dir, file.name)) if file file&.tap { |f| f.support_file = true } - end.compact + end end def global_json diff --git a/nuget/lib/dependabot/nuget/file_parser/packages_config_parser.rb b/nuget/lib/dependabot/nuget/file_parser/packages_config_parser.rb index 8e3dc1323b9..dce8c2c40d8 100644 --- a/nuget/lib/dependabot/nuget/file_parser/packages_config_parser.rb +++ b/nuget/lib/dependabot/nuget/file_parser/packages_config_parser.rb @@ -61,7 +61,7 @@ def dependency_version(dependency_node) def dependency_type(dependency_node) val = dependency_node.attribute("developmentDependency")&.value&.strip || dependency_node.at_xpath("./developmentDependency")&.content&.strip - val.to_s.downcase == "true" ? "devDependencies" : "dependencies" + val.to_s.casecmp("true").zero? ? "devDependencies" : "dependencies" end end end diff --git a/nuget/lib/dependabot/nuget/file_parser/property_value_finder.rb b/nuget/lib/dependabot/nuget/file_parser/property_value_finder.rb index 9f6cc4fddba..bdd6f4850f8 100644 --- a/nuget/lib/dependabot/nuget/file_parser/property_value_finder.rb +++ b/nuget/lib/dependabot/nuget/file_parser/property_value_finder.rb @@ -47,7 +47,7 @@ def property_details(property_name:, callsite_file:, stack: []) find_property_in_packages_props(property: property_name) return unless node_details - return node_details unless node_details[:value] =~ PROPERTY_REGEX + return node_details unless PROPERTY_REGEX.match?(node_details[:value]) check_next_level_of_stack(node_details, stack) end @@ -91,8 +91,7 @@ def deep_find_prop_node(property:, file:) ] file = import_paths. - map { |p| dependency_files.find { |f| f.name == p } }. - compact. + filter_map { |p| dependency_files.find { |f| f.name == p } }. find { |f| deep_find_prop_node(property: property, file: f) } return unless file diff --git a/nuget/lib/dependabot/nuget/metadata_finder.rb b/nuget/lib/dependabot/nuget/metadata_finder.rb index 9a37b6ff1bd..9af91cfdd14 100644 --- a/nuget/lib/dependabot/nuget/metadata_finder.rb +++ b/nuget/lib/dependabot/nuget/metadata_finder.rb @@ -63,7 +63,7 @@ def extract_search_url(body) def extract_source_repo(body) JSON.parse(body).fetch("data", []).each do |search_result| - next unless search_result["id"].downcase == dependency.name.downcase + next unless search_result["id"].casecmp(dependency.name).zero? if search_result.key?("projectUrl") source = Source.from_url(search_result.fetch("projectUrl")) diff --git a/nuget/lib/dependabot/nuget/update_checker/requirements_updater.rb b/nuget/lib/dependabot/nuget/update_checker/requirements_updater.rb index 7494288a2b8..1fa28770064 100644 --- a/nuget/lib/dependabot/nuget/update_checker/requirements_updater.rb +++ b/nuget/lib/dependabot/nuget/update_checker/requirements_updater.rb @@ -38,7 +38,7 @@ def updated_requirements # replace anything that looks like a version with the new # version req[:requirement].sub( - /#{Nuget::Version::VERSION_PATTERN}/, + /#{Nuget::Version::VERSION_PATTERN}/o, latest_version.to_s ) end diff --git a/nuget/lib/dependabot/nuget/update_checker/version_finder.rb b/nuget/lib/dependabot/nuget/update_checker/version_finder.rb index c9b9faaa257..36858b7006b 100644 --- a/nuget/lib/dependabot/nuget/update_checker/version_finder.rb +++ b/nuget/lib/dependabot/nuget/update_checker/version_finder.rb @@ -127,7 +127,7 @@ def available_v2_versions doc = Nokogiri::XML(body) doc.remove_namespaces! - doc.xpath("/feed/entry").map do |entry| + doc.xpath("/feed/entry").filter_map do |entry| listed = entry.at_xpath("./properties/Listed")&.content&.strip next if listed&.casecmp("false")&.zero? @@ -136,7 +136,7 @@ def available_v2_versions repo_url: listing.fetch("listing_details"). fetch(:repository_url) ) - end.compact + end end end @@ -172,7 +172,7 @@ def related_to_current_pre?(version) dependency.requirements.any? do |req| reqs = parse_requirement_string(req.fetch(:requirement) || "") - return true if reqs.any? { |r| r == "*-*" } + return true if reqs.any?("*-*") next unless reqs.any? { |r| r.include?("-") } requirement_class. @@ -193,12 +193,12 @@ def v3_nuget_listings @v3_nuget_listings ||= dependency_urls. select { |details| details.fetch(:repository_type) == "v3" }. - map do |url_details| + filter_map do |url_details| versions = versions_for_v3_repository(url_details) next unless versions { "versions" => versions, "listing_details" => url_details } - end.compact + end end def v2_nuget_listings @@ -208,14 +208,14 @@ def v2_nuget_listings dependency_urls. select { |details| details.fetch(:repository_type) == "v2" }. flat_map { |url_details| fetch_paginated_v2_nuget_listings(url_details) }. - map do |url_details, response| + filter_map do |url_details, response| next unless response.status == 200 { "xml_body" => response.body, "listing_details" => url_details } - end.compact + end end def fetch_paginated_v2_nuget_listings(url_details, results = {}) diff --git a/pub/lib/dependabot/pub/requirement.rb b/pub/lib/dependabot/pub/requirement.rb index e1d4cebff03..9721eee7e02 100644 --- a/pub/lib/dependabot/pub/requirement.rb +++ b/pub/lib/dependabot/pub/requirement.rb @@ -78,7 +78,7 @@ def convert_tilde_req(req_string) def convert_range_req(req_string) req_string.scan( - /((?:>|<|=|<=|>=)\s*#{Pub::Version::VERSION_PATTERN})\s*/ + /((?:>|<|=|<=|>=)\s*#{Pub::Version::VERSION_PATTERN})\s*/o ).map { |x| x[0].strip } end diff --git a/python/lib/dependabot/python/file_fetcher.rb b/python/lib/dependabot/python/file_fetcher.rb index c5b797437e3..14f93c4d9ec 100644 --- a/python/lib/dependabot/python/file_fetcher.rb +++ b/python/lib/dependabot/python/file_fetcher.rb @@ -13,6 +13,7 @@ module Python class FileFetcher < Dependabot::FileFetchers::Base CHILD_REQUIREMENT_REGEX = /^-r\s?(?.*\.(?:txt|in))/.freeze CONSTRAINT_REGEX = /^-c\s?(?.*\.(?:txt|in))/.freeze + DEPENDENCY_TYPES = %w(packages dev-packages).freeze def self.required_files_in?(filenames) return true if filenames.any? { |name| name.end_with?(".txt", ".in") } @@ -372,7 +373,7 @@ def pipfile_path_setup_file_paths return [] unless pipfile paths = [] - %w(packages dev-packages).each do |dep_type| + DEPENDENCY_TYPES.each do |dep_type| next unless parsed_pipfile[dep_type] parsed_pipfile[dep_type].each do |_, req| diff --git a/python/lib/dependabot/python/file_parser/poetry_files_parser.rb b/python/lib/dependabot/python/file_parser/poetry_files_parser.rb index abdaca8dad5..f604718f8f6 100644 --- a/python/lib/dependabot/python/file_parser/poetry_files_parser.rb +++ b/python/lib/dependabot/python/file_parser/poetry_files_parser.rb @@ -61,7 +61,7 @@ def pyproject_dependencies # @param req can be an Array, Hash or String that represents the constraints for a dependency def parse_requirements_from(req, type) - [req].flatten.compact.map do |requirement| + [req].flatten.compact.filter_map do |requirement| next if requirement.is_a?(Hash) && (UNSUPPORTED_DEPENDENCY_TYPES & requirement.keys).any? check_requirements(requirement) @@ -72,7 +72,7 @@ def parse_requirements_from(req, type) source: nil, groups: [type] } - end.compact + end end # Create a DependencySet where each element has no requirement. Any @@ -81,8 +81,9 @@ def parse_requirements_from(req, type) def lockfile_dependencies dependencies = Dependabot::FileParsers::Base::DependencySet.new + source_types = %w(directory git url) parsed_lockfile.fetch("package", []).each do |details| - next if %w(directory git url).include?(details.dig("source", "type")) + next if source_types.include?(details.dig("source", "type")) dependencies << Dependency.new( diff --git a/python/lib/dependabot/python/file_parser/python_requirement_parser.rb b/python/lib/dependabot/python/file_parser/python_requirement_parser.rb index 231f80fd5c7..c9bf228735a 100644 --- a/python/lib/dependabot/python/file_parser/python_requirement_parser.rb +++ b/python/lib/dependabot/python/file_parser/python_requirement_parser.rb @@ -33,8 +33,7 @@ def imputed_requirements requirement_files.flat_map do |file| file.content.lines. select { |l| l.include?(";") && l.include?("python") }. - map { |l| l.match(/python_version(?.*?["'].*?['"])/) }. - compact. + filter_map { |l| l.match(/python_version(?.*?["'].*?['"])/) }. map { |re| re.named_captures.fetch("req").gsub(/['"]/, "") }. select { |r| valid_requirement?(r) } end diff --git a/python/lib/dependabot/python/file_updater.rb b/python/lib/dependabot/python/file_updater.rb index e877634aa3e..75414ec0a96 100644 --- a/python/lib/dependabot/python/file_updater.rb +++ b/python/lib/dependabot/python/file_updater.rb @@ -60,8 +60,8 @@ def resolver_type # Otherwise, this is a top-level dependency, and we can figure out # which resolver to use based on the filename of its requirements - return :pipfile if changed_req_files.any? { |f| f == "Pipfile" } - return :poetry if changed_req_files.any? { |f| f == "pyproject.toml" } + return :pipfile if changed_req_files.any?("Pipfile") + return :poetry if changed_req_files.any?("pyproject.toml") return :pip_compile if changed_req_files.any? { |f| f.end_with?(".in") } :requirements diff --git a/python/lib/dependabot/python/file_updater/pip_compile_file_updater.rb b/python/lib/dependabot/python/file_updater/pip_compile_file_updater.rb index 28fc2f0e8c2..27708dc948a 100644 --- a/python/lib/dependabot/python/file_updater/pip_compile_file_updater.rb +++ b/python/lib/dependabot/python/file_updater/pip_compile_file_updater.rb @@ -92,7 +92,7 @@ def compile_new_requirement_files # Remove any .python-version file before parsing the reqs FileUtils.remove_entry(".python-version", true) - dependency_files.map do |file| + dependency_files.filter_map do |file| next unless file.name.end_with?(".txt") updated_content = File.read(file.name) @@ -102,12 +102,12 @@ def compile_new_requirement_files next if updated_content == file.content file.dup.tap { |f| f.content = updated_content } - end.compact + end end end def update_manifest_files - dependency_files.map do |file| + dependency_files.filter_map do |file| next unless file.name.end_with?(".in") file = file.dup @@ -116,7 +116,7 @@ def update_manifest_files file.content = updated_content file - end.compact + end end def update_uncompiled_files(updated_files) @@ -352,7 +352,7 @@ def update_hashes_if_required(updated_content, original_content) end def deps_to_augment_hashes_for(updated_content, original_content) - regex = /^#{RequirementParser::INSTALL_REQ_WITH_REQUIREMENT}/ + regex = /^#{RequirementParser::INSTALL_REQ_WITH_REQUIREMENT}/o new_matches = [] updated_content.scan(regex) { new_matches << Regexp.last_match } diff --git a/python/lib/dependabot/python/file_updater/pipfile_file_updater.rb b/python/lib/dependabot/python/file_updater/pipfile_file_updater.rb index 34a13b85a69..81fd384a271 100644 --- a/python/lib/dependabot/python/file_updater/pipfile_file_updater.rb +++ b/python/lib/dependabot/python/file_updater/pipfile_file_updater.rb @@ -18,6 +18,8 @@ class PipfileFileUpdater require_relative "pipfile_manifest_updater" require_relative "setup_file_sanitizer" + DEPENDENCY_TYPES = %w(packages dev-packages).freeze + attr_reader :dependencies, :dependency_files, :credentials def initialize(dependencies:, dependency_files:, credentials:) @@ -145,7 +147,7 @@ def freeze_dependencies_being_updated(pipfile_content) pipfile_object = TomlRB.parse(pipfile_content) dependencies.each do |dep| - %w(packages dev-packages).each do |type| + DEPENDENCY_TYPES.each do |type| names = pipfile_object[type]&.keys || [] pkg_name = names.find { |nm| normalise(nm) == dep.name } next unless pkg_name || subdep_type?(type) diff --git a/python/lib/dependabot/python/file_updater/pyproject_preparer.rb b/python/lib/dependabot/python/file_updater/pyproject_preparer.rb index 3d4a2f44b80..72fd1649664 100644 --- a/python/lib/dependabot/python/file_updater/pyproject_preparer.rb +++ b/python/lib/dependabot/python/file_updater/pyproject_preparer.rb @@ -55,6 +55,7 @@ def freeze_top_level_dependencies_except(dependencies) Dependabot::Python::FileParser::PoetryFilesParser::POETRY_DEPENDENCY_TYPES.each do |key| next unless poetry_object[key] + source_types = %w(directory file url) poetry_object.fetch(key).each do |dep_name, _| next if excluded_names.include?(normalise(dep_name)) @@ -62,7 +63,7 @@ def freeze_top_level_dependencies_except(dependencies) next unless (locked_version = locked_details&.fetch("version")) - next if %w(directory file url).include?(locked_details&.dig("source", "type")) + next if source_types.include?(locked_details&.dig("source", "type")) if locked_details&.dig("source", "type") == "git" poetry_object[key][dep_name] = { diff --git a/python/lib/dependabot/python/file_updater/requirement_file_updater.rb b/python/lib/dependabot/python/file_updater/requirement_file_updater.rb index 905cc647509..40c5f5e96de 100644 --- a/python/lib/dependabot/python/file_updater/requirement_file_updater.rb +++ b/python/lib/dependabot/python/file_updater/requirement_file_updater.rb @@ -36,7 +36,7 @@ def dependency def fetch_updated_dependency_files reqs = dependency.requirements.zip(dependency.previous_requirements) - reqs.map do |(new_req, old_req)| + reqs.filter_map do |(new_req, old_req)| next if new_req == old_req file = get_original_file(new_req.fetch(:file)).dup @@ -46,7 +46,7 @@ def fetch_updated_dependency_files file.content = updated_content file - end.compact + end end def updated_requirement_or_setup_file_content(new_req, old_req) diff --git a/python/lib/dependabot/python/file_updater/requirement_replacer.rb b/python/lib/dependabot/python/file_updater/requirement_replacer.rb index 5a91af8208b..36e047abcde 100644 --- a/python/lib/dependabot/python/file_updater/requirement_replacer.rb +++ b/python/lib/dependabot/python/file_updater/requirement_replacer.rb @@ -52,7 +52,7 @@ def updated_requirement_string if add_space_after_operators? new_req_string = new_req_string. - gsub(/(#{RequirementParser::COMPARISON})\s*(?=\d)/, '\1 ') + gsub(/(#{RequirementParser::COMPARISON})\s*(?=\d)/o, '\1 ') end new_req_string @@ -92,7 +92,7 @@ def add_space_after_commas? def add_space_after_operators? original_dependency_declaration_string(old_requirement). match(RequirementParser::REQUIREMENTS). - to_s.match?(/#{RequirementParser::COMPARISON}\s+\d/) + to_s.match?(/#{RequirementParser::COMPARISON}\s+\d/o) end def original_declaration_replacement_regex diff --git a/python/lib/dependabot/python/file_updater/setup_file_sanitizer.rb b/python/lib/dependabot/python/file_updater/setup_file_sanitizer.rb index 5c67ac9a726..e83b3d30e6d 100644 --- a/python/lib/dependabot/python/file_updater/setup_file_sanitizer.rb +++ b/python/lib/dependabot/python/file_updater/setup_file_sanitizer.rb @@ -38,22 +38,22 @@ def include_pbr? def install_requires_array @install_requires_array ||= - parsed_setup_file.dependencies.map do |dep| + parsed_setup_file.dependencies.filter_map do |dep| next unless dep.requirements.first[:groups]. include?("install_requires") dep.name + dep.requirements.first[:requirement].to_s - end.compact + end end def setup_requires_array @setup_requires_array ||= - parsed_setup_file.dependencies.map do |dep| + parsed_setup_file.dependencies.filter_map do |dep| next unless dep.requirements.first[:groups]. include?("setup_requires") dep.name + dep.requirements.first[:requirement].to_s - end.compact + end end def extras_require_hash diff --git a/python/lib/dependabot/python/update_checker.rb b/python/lib/dependabot/python/update_checker.rb index 4529012b91e..ef673477d86 100644 --- a/python/lib/dependabot/python/update_checker.rb +++ b/python/lib/dependabot/python/update_checker.rb @@ -132,7 +132,6 @@ def fetch_lowest_resolvable_security_fix_version resolver.resolvable?(version: fix_version) ? fix_version : nil end - # rubocop:disable Metrics/PerceivedComplexity def resolver_type reqs = dependency.requirements req_files = reqs.map { |r| r.fetch(:file) } @@ -144,8 +143,8 @@ def resolver_type # Otherwise, this is a top-level dependency, and we can figure out # which resolver to use based on the filename of its requirements - return :pipenv if req_files.any? { |f| f == "Pipfile" } - return :poetry if req_files.any? { |f| f == "pyproject.toml" } + return :pipenv if req_files.any?("Pipfile") + return :poetry if req_files.any?("pyproject.toml") return :pip_compile if req_files.any? { |f| f.end_with?(".in") } if dependency.version && !exact_requirement?(reqs) @@ -154,7 +153,6 @@ def resolver_type :requirements end end - # rubocop:enable Metrics/PerceivedComplexity def subdependency_resolver return :pipenv if pipfile_lock @@ -238,7 +236,7 @@ def updated_version_req_lower_bound return ">= #{dependency.version}" if dependency.version version_for_requirement = - dependency.requirements.map { |r| r[:requirement] }.compact. + dependency.requirements.filter_map { |r| r[:requirement] }. reject { |req_string| req_string.start_with?("<") }. select { |req_string| req_string.match?(VERSION_REGEX) }. map { |req_string| req_string.match(VERSION_REGEX) }. diff --git a/python/lib/dependabot/python/update_checker/index_finder.rb b/python/lib/dependabot/python/update_checker/index_finder.rb index b68d64c2307..ce74363c821 100644 --- a/python/lib/dependabot/python/update_checker/index_finder.rb +++ b/python/lib/dependabot/python/update_checker/index_finder.rb @@ -171,7 +171,7 @@ def clean_check_and_remove_environment_variables(url) authed_url = config_variable_urls.find { |u| u.match?(regexp) } return authed_url if authed_url - cleaned_url = url.gsub(%r{#{ENVIRONMENT_VARIABLE_REGEX}/?}, "") + cleaned_url = url.gsub(%r{#{ENVIRONMENT_VARIABLE_REGEX}/?}o, "") authed_url = authed_base_url(cleaned_url) return authed_url if credential_for(cleaned_url) diff --git a/python/lib/dependabot/python/update_checker/latest_version_finder.rb b/python/lib/dependabot/python/update_checker/latest_version_finder.rb index f59f8d46183..40aa389f864 100644 --- a/python/lib/dependabot/python/update_checker/latest_version_finder.rb +++ b/python/lib/dependabot/python/update_checker/latest_version_finder.rb @@ -85,14 +85,14 @@ def filter_yanked_versions(versions_array) end def filter_unsupported_versions(versions_array, python_version) - versions_array.map do |details| + versions_array.filter_map do |details| python_requirement = details.fetch(:python_requirement) next details.fetch(:version) unless python_version next details.fetch(:version) unless python_requirement next unless python_requirement.satisfied_by?(python_version) details.fetch(:version) - end.compact + end end def filter_prerelease_versions(versions_array) @@ -118,9 +118,9 @@ def filter_lower_versions(versions_array) end def filter_out_of_range_versions(versions_array) - reqs = dependency.requirements.map do |r| + reqs = dependency.requirements.filter_map do |r| requirement_class.requirements_array(r.fetch(:requirement)) - end.compact + end versions_array. select { |v| reqs.all? { |r| r.any? { |o| o.satisfied_by?(v) } } } @@ -144,11 +144,14 @@ def available_versions @available_versions ||= index_urls.flat_map do |index_url| sanitized_url = index_url.gsub(%r{(?<=//).*(?=@)}, "redacted") + index_response = registry_response_for_dependency(index_url) + if index_response.status == 401 || index_response.status == 403 + registry_index_response = registry_index_response(index_url) - if [401, 403].include?(index_response.status) && - [401, 403].include?(registry_index_response(index_url).status) - raise PrivateSourceAuthenticationFailure, sanitized_url + if registry_index_response.status == 401 || registry_index_response.status == 403 + raise PrivateSourceAuthenticationFailure, sanitized_url + end end version_links = [] diff --git a/python/lib/dependabot/python/update_checker/pipenv_version_resolver.rb b/python/lib/dependabot/python/update_checker/pipenv_version_resolver.rb index 416a9aedeab..ec0532e477f 100644 --- a/python/lib/dependabot/python/update_checker/pipenv_version_resolver.rb +++ b/python/lib/dependabot/python/update_checker/pipenv_version_resolver.rb @@ -47,6 +47,8 @@ class PipenvVersionResolver PIPENV_RANGE_WARNING = /Warning:\sPython\s[<>].* was not found/.freeze # rubocop:enable Layout/LineLength + DEPENDENCY_TYPES = %w(packages dev-packages).freeze + attr_reader :dependency, :dependency_files, :credentials def initialize(dependency:, dependency_files:, credentials:) @@ -363,7 +365,7 @@ def set_target_dependency_req(pipfile_content, updated_requirement) pipfile_object = TomlRB.parse(pipfile_content) - %w(packages dev-packages).each do |type| + DEPENDENCY_TYPES.each do |type| names = pipfile_object[type]&.keys || [] pkg_name = names.find { |nm| normalise(nm) == dependency.name } next unless pkg_name || subdep_type?(type) diff --git a/python/lib/dependabot/python/update_checker/requirements_updater.rb b/python/lib/dependabot/python/update_checker/requirements_updater.rb index ac485bd88f7..c3a65bdd581 100644 --- a/python/lib/dependabot/python/update_checker/requirements_updater.rb +++ b/python/lib/dependabot/python/update_checker/requirements_updater.rb @@ -260,7 +260,7 @@ def update_requirements_range(requirement_strings) # Updates the version in a constraint to be the given version def bump_version(req_string, version_to_be_permitted) old_version = req_string. - match(/(#{RequirementParser::VERSION})/). + match(/(#{RequirementParser::VERSION})/o). captures.first req_string.sub( diff --git a/terraform/lib/dependabot/terraform/file_parser.rb b/terraform/lib/dependabot/terraform/file_parser.rb index d7ee3e2081b..0b53da9ddb0 100644 --- a/terraform/lib/dependabot/terraform/file_parser.rb +++ b/terraform/lib/dependabot/terraform/file_parser.rb @@ -262,7 +262,7 @@ def source_type(source_string) return :path if source_string.start_with?(".") return :github if source_string.start_with?("github.com/") return :bitbucket if source_string.start_with?("bitbucket.org/") - return :git if source_string.start_with?("git::") || source_string.start_with?("git@") + return :git if source_string.start_with?("git::", "git@") return :mercurial if source_string.start_with?("hg::") return :s3 if source_string.start_with?("s3::") diff --git a/terraform/lib/dependabot/terraform/file_updater.rb b/terraform/lib/dependabot/terraform/file_updater.rb index 8a5c611fd0a..cbeec8d8f4b 100644 --- a/terraform/lib/dependabot/terraform/file_updater.rb +++ b/terraform/lib/dependabot/terraform/file_updater.rb @@ -313,7 +313,7 @@ def git_declaration_regex(filename) end def registry_host_for(dependency) - source = dependency.requirements.map { |r| r[:source] }.compact.first + source = dependency.requirements.filter_map { |r| r[:source] }.first source[:registry_hostname] || source["registry_hostname"] || "registry.terraform.io" end diff --git a/terraform/lib/dependabot/terraform/metadata_finder.rb b/terraform/lib/dependabot/terraform/metadata_finder.rb index fcb862f8075..484c8d5ffdd 100644 --- a/terraform/lib/dependabot/terraform/metadata_finder.rb +++ b/terraform/lib/dependabot/terraform/metadata_finder.rb @@ -31,14 +31,14 @@ def new_source_type end def find_source_from_git_url - info = dependency.requirements.map { |r| r[:source] }.compact.first + info = dependency.requirements.filter_map { |r| r[:source] }.first url = info[:url] || info.fetch("url") Source.from_url(url) end def find_source_from_registry_details - info = dependency.requirements.map { |r| r[:source] }.compact.first + info = dependency.requirements.filter_map { |r| r[:source] }.first hostname = info[:registry_hostname] || info["registry_hostname"] RegistryClient. diff --git a/terraform/lib/dependabot/terraform/registry_client.rb b/terraform/lib/dependabot/terraform/registry_client.rb index d39f9ea2542..ce503033ac1 100644 --- a/terraform/lib/dependabot/terraform/registry_client.rb +++ b/terraform/lib/dependabot/terraform/registry_client.rb @@ -104,9 +104,7 @@ def source(dependency:) source_url = response.headers.fetch("X-Terraform-Get") source_url = URI.join(download_url, source_url) if - source_url.start_with?("/") || - source_url.start_with?("./") || - source_url.start_with?("../") + source_url.start_with?("/", "./", "../") source_url = RegistryClient.get_proxied_source(source_url) if source_url when "provider", "providers" response = http_get(URI.join(base_url, "#{dependency.name}/#{dependency.version}")) diff --git a/terraform/lib/dependabot/terraform/requirements_updater.rb b/terraform/lib/dependabot/terraform/requirements_updater.rb index a0afb9b494b..e4a893f208a 100644 --- a/terraform/lib/dependabot/terraform/requirements_updater.rb +++ b/terraform/lib/dependabot/terraform/requirements_updater.rb @@ -130,7 +130,7 @@ def update_range(req_string) def at_same_precision(new_version, old_version) release_precision = - old_version.to_s.split(".").select { |i| i.match?(/^\d+$/) }.count + old_version.to_s.split(".").count { |i| i.match?(/^\d+$/) } prerelease_precision = old_version.to_s.split(".").count - release_precision diff --git a/updater/lib/dependabot/file_fetcher_job.rb b/updater/lib/dependabot/file_fetcher_job.rb index 9bec3565965..88d1ad1707e 100644 --- a/updater/lib/dependabot/file_fetcher_job.rb +++ b/updater/lib/dependabot/file_fetcher_job.rb @@ -152,6 +152,11 @@ def handle_file_fetcher_error(error) } when Octokit::Unauthorized { "error-type": "octokit_unauthorized" } + when Octokit::ServerError + # If we get a 500 from GitHub there's very little we can do about it, + # and responsibility for fixing it is on them, not us. As a result we + # quietly log these as errors + { "error-type": "unknown_error" } when *Octokit::RATE_LIMITED_ERRORS # If we get a rate-limited error we let dependabot-api handle the # retry by re-enqueing the update job after the reset @@ -161,11 +166,6 @@ def handle_file_fetcher_error(error) "rate-limit-reset": error.response_headers["X-RateLimit-Reset"] } } - when Octokit::ServerError - # If we get a 500 from GitHub there's very little we can do about it, - # and responsibility for fixing it is on them, not us. As a result we - # quietly log these as errors - { "error-type": "unknown_error" } else logger_error error.message error.backtrace.each { |line| logger_error line }