dependabot-common 0.111.44 → 0.111.45

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/dependency.rb +24 -3
  3. data/lib/dependabot/file_parsers/base/dependency_set.rb +6 -8
  4. data/lib/dependabot/version.rb +1 -1
  5. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: bc7dc0b974c99fd91b16afe848b948d92b627c8551bfb0c1d19bbdf464ba055b
4
- data.tar.gz: bbf9945d4f9847f28045f81b1e2542045af2d2ac98aca316826d6d4f824e4f69
3
+ metadata.gz: a45971fdc7d2a17e0c712a72f70338a43103f75080c607f1c48c881a4f8d3769
4
+ data.tar.gz: 1757ca960513d5183a16f15b2136915eb4dba362fe6503386073c3bfd25ad2e8
5
5
  SHA512:
6
- metadata.gz: dad540e2a79a299a21b88a28938fc8cfb5b7cddf5eff075a4f1e3dfd234cd89d8c007391f404938516fb0021af4ce2b66a73ae41f567649387830a5258a94a95
7
- data.tar.gz: bfa1382e52e25f07a9f7749ccad0832a8f72ad8b93bf47cca98770a173750d5699c4e8f345faf3ea854388ed6db2c91e99d5436d1be9287045fd7dc265f3cf91
6
+ metadata.gz: 521ba407169aa3ec3f4af5772e63a8c1f02cec240e26ace8befb2a17e6bbd1127e548a85d9752fdd0db089a6870167e635b00b4988b5af47339d00693b59afcc
7
+ data.tar.gz: f9f31fe3e9312614d73f4aaa8f7b78bbd33d1e9c4b44c85cd7029a9367d9a4df3ff7f111901a82f877cba0b92b121d021a70c714627db1552b919ec084ba6f80
data/lib/dependabot/dependency.rb CHANGED
@@ -41,7 +41,7 @@ module Dependabot
41
41
 
42
42
  def initialize(name:, requirements:, package_manager:, version: nil,
43
43
  previous_version: nil, previous_requirements: nil,
44
- subdependency_metadata: nil)
44
+ subdependency_metadata: [])
45
45
  @name = name
46
46
  @version = version
47
47
  @requirements = requirements.map { |req| symbolize_keys(req) }
@@ -49,7 +49,10 @@ module Dependabot
49
49
  @previous_requirements =
50
50
  previous_requirements&.map { |req| symbolize_keys(req) }
51
51
  @package_manager = package_manager
52
- @subdependency_metadata = subdependency_metadata unless top_level?
52
+ unless top_level? || subdependency_metadata == []
53
+ @subdependency_metadata = subdependency_metadata&.
54
+ map { |h| symbolize_keys(h) }
55
+ end
53
56
 
54
57
  check_values
55
58
  end
@@ -75,7 +78,7 @@ module Dependabot
75
78
  end
76
79
 
77
80
  def production?
78
- return true unless top_level?
81
+ return subdependency_production_check unless top_level?
79
82
 
80
83
  groups = requirements.flat_map { |r| r.fetch(:groups).map(&:to_s) }
81
84
 
@@ -84,6 +87,10 @@ module Dependabot
84
87
  call(groups)
85
88
  end
86
89
 
90
+ def subdependency_production_check
91
+ !subdependency_metadata&.all? { |h| h[:production] == false }
92
+ end
93
+
87
94
  def display_name
88
95
  display_name_builder =
89
96
  self.class.display_name_builder_for_package_manager(package_manager)
@@ -111,6 +118,11 @@ module Dependabot
111
118
  raise ArgumentError, "blank strings must not be provided as versions"
112
119
  end
113
120
 
121
+ check_requirement_fields
122
+ check_subdependency_metadata
123
+ end
124
+
125
+ def check_requirement_fields
114
126
  requirement_fields = [requirements, previous_requirements].compact
115
127
  unless requirement_fields.all? { |r| r.is_a?(Array) } &&
116
128
  requirement_fields.flatten.all? { |r| r.is_a?(Hash) }
@@ -132,6 +144,15 @@ module Dependabot
132
144
  raise ArgumentError, "blank strings must not be provided as requirements"
133
145
  end
134
146
 
147
+ def check_subdependency_metadata
148
+ return unless subdependency_metadata
149
+
150
+ unless subdependency_metadata.is_a?(Array) &&
151
+ subdependency_metadata.all? { |r| r.is_a?(Hash) }
152
+ raise ArgumentError, "subdependency_metadata must be an array of hashes"
153
+ end
154
+ end
155
+
135
156
  def symbolize_keys(hash)
136
157
  Hash[hash.keys.map { |k| [k.to_sym, hash[k]] }]
137
158
  end
data/lib/dependabot/file_parsers/base/dependency_set.rb CHANGED
@@ -78,12 +78,10 @@ module Dependabot
78
78
  else new_dep.version
79
79
  end
80
80
 
81
- if old_dep.subdependency_metadata
82
- subdependency_metadata = old_dep.subdependency_metadata.
83
- merge(new_dep.subdependency_metadata || {})
84
- elsif new_dep.subdependency_metadata
85
- subdependency_metadata = new_dep.subdependency_metadata
86
- end
81
+ subdependency_metadata = (
82
+ (old_dep.subdependency_metadata || []) +
83
+ (new_dep.subdependency_metadata || [])
84
+ ).uniq
87
85
 
88
86
  Dependency.new(
89
87
  name: old_dep.name,
@@ -93,9 +91,9 @@ module Dependabot
93
91
  subdependency_metadata: subdependency_metadata
94
92
  )
95
93
  end
96
- # rubocop:enable Metrics/PerceivedComplexity
97
- # rubocop:enable Metrics/CyclomaticComplexity
98
94
  # rubocop:enable Metrics/AbcSize
95
+ # rubocop:enable Metrics/CyclomaticComplexity
96
+ # rubocop:enable Metrics/PerceivedComplexity
99
97
  end
100
98
  end
101
99
  end
data/lib/dependabot/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Dependabot
4
- VERSION = "0.111.44"
4
+ VERSION = "0.111.45"
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.111.44
4
+ version: 0.111.45
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot