Fix gradle wrapper guard (#14399)

pedromfmachado · codex · web-flow · commit 5d96f6a88f9f · 2026-03-10T14:49:15.000-05:00
Co-authored-by: Codex &lt;noreply@openai.com&gt;
diff --git a/gradle/lib/dependabot/gradle/file_updater/wrapper_updater.rb b/gradle/lib/dependabot/gradle/file_updater/wrapper_updater.rb
@@ -120,7 +120,7 @@ def target_file?(file)
         sig { params(requirements: T::Array[T::Hash[Symbol, T.untyped]], network_timeout: T.nilable(String)).returns(T::Array[String]) }
         def command_args(requirements, network_timeout)
           version = T.let(requirements[0]&.[](:requirement), String)
-          checksum = T.let(requirements[1]&.[](:requirement), String) if dependency.requirements.size > 1
+          checksum = T.let(requirements[1]&.[](:requirement), T.nilable(String)) if requirements.size > 1
           distribution_url = T.let(requirements[0]&.[](:source), T::Hash[Symbol, String])[:url]
           distribution_type = distribution_url&.match(/\b(bin|all)\b/)&.captures&.first
 
diff --git a/gradle/spec/dependabot/gradle/file_updater/wrapper_updater_spec.rb b/gradle/spec/dependabot/gradle/file_updater/wrapper_updater_spec.rb
@@ -0,0 +1,70 @@
+# typed: false
+# frozen_string_literal: true
+
+require "spec_helper"
+require "dependabot/dependency"
+require "dependabot/gradle/file_updater"
+
+RSpec.describe Dependabot::Gradle::FileUpdater::WrapperUpdater do
+  subject(:command_args) { updater.send(:command_args, target_requirements, nil) }
+
+  let(:updater) do
+    described_class.new(
+      dependency_files: [],
+      dependency: dependency
+    )
+  end
+
+  let(:dependency) do
+    Dependabot::Dependency.new(
+      name: "gradle-wrapper",
+      version: "9.0.0",
+      requirements: [
+        {
+          file: "gradle/wrapper/gradle-wrapper.properties",
+          requirement: "9.0.0",
+          groups: [],
+          source: {
+            type: "gradle-distribution",
+            url: "https://services.gradle.org/distributions/gradle-9.0.0-bin.zip",
+            property: "distributionUrl"
+          }
+        },
+        {
+          file: "subproject/gradle/wrapper/gradle-wrapper.properties",
+          requirement: "9.0.0",
+          groups: [],
+          source: {
+            type: "gradle-distribution",
+            url: "https://services.gradle.org/distributions/gradle-9.0.0-all.zip",
+            property: "distributionUrl"
+          }
+        },
+        {
+          file: "subproject/gradle/wrapper/gradle-wrapper.properties",
+          requirement: "f759b8dd5204e2e3fa4ca3e73f452f087153cf81bac9561eeb854229cc2c5365",
+          groups: [],
+          source: {
+            type: "gradle-distribution",
+            url: "https://services.gradle.org/distributions/gradle-9.0.0-all.zip.sha256",
+            property: "distributionSha256Sum"
+          }
+        }
+      ],
+      package_manager: "gradle"
+    )
+  end
+
+  context "when the current wrapper file has no checksum requirement" do
+    let(:target_requirements) do
+      dependency.requirements.select do |req|
+        req[:file] == "gradle/wrapper/gradle-wrapper.properties"
+      end
+    end
+
+    it "does not crash and does not include a checksum argument from another wrapper file" do
+      expect(command_args).not_to include("--gradle-distribution-sha256-sum")
+      expect(command_args).to include("--distribution-type", "bin")
+    end
+  end
+end
