dependabot-common 0.111.44 → 0.111.45
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/dependency.rb +24 -3
- data/lib/dependabot/file_parsers/base/dependency_set.rb +6 -8
- data/lib/dependabot/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a45971fdc7d2a17e0c712a72f70338a43103f75080c607f1c48c881a4f8d3769
|
4
|
+
data.tar.gz: 1757ca960513d5183a16f15b2136915eb4dba362fe6503386073c3bfd25ad2e8
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 521ba407169aa3ec3f4af5772e63a8c1f02cec240e26ace8befb2a17e6bbd1127e548a85d9752fdd0db089a6870167e635b00b4988b5af47339d00693b59afcc
|
7
|
+
data.tar.gz: f9f31fe3e9312614d73f4aaa8f7b78bbd33d1e9c4b44c85cd7029a9367d9a4df3ff7f111901a82f877cba0b92b121d021a70c714627db1552b919ec084ba6f80
|
@@ -41,7 +41,7 @@ module Dependabot
|
|
41
41
|
|
42
42
|
def initialize(name:, requirements:, package_manager:, version: nil,
|
43
43
|
previous_version: nil, previous_requirements: nil,
|
44
|
-
subdependency_metadata:
|
44
|
+
subdependency_metadata: [])
|
45
45
|
@name = name
|
46
46
|
@version = version
|
47
47
|
@requirements = requirements.map { |req| symbolize_keys(req) }
|
@@ -49,7 +49,10 @@ module Dependabot
|
|
49
49
|
@previous_requirements =
|
50
50
|
previous_requirements&.map { |req| symbolize_keys(req) }
|
51
51
|
@package_manager = package_manager
|
52
|
-
|
52
|
+
unless top_level? || subdependency_metadata == []
|
53
|
+
@subdependency_metadata = subdependency_metadata&.
|
54
|
+
map { |h| symbolize_keys(h) }
|
55
|
+
end
|
53
56
|
|
54
57
|
check_values
|
55
58
|
end
|
@@ -75,7 +78,7 @@ module Dependabot
|
|
75
78
|
end
|
76
79
|
|
77
80
|
def production?
|
78
|
-
return
|
81
|
+
return subdependency_production_check unless top_level?
|
79
82
|
|
80
83
|
groups = requirements.flat_map { |r| r.fetch(:groups).map(&:to_s) }
|
81
84
|
|
@@ -84,6 +87,10 @@ module Dependabot
|
|
84
87
|
call(groups)
|
85
88
|
end
|
86
89
|
|
90
|
+
def subdependency_production_check
|
91
|
+
!subdependency_metadata&.all? { |h| h[:production] == false }
|
92
|
+
end
|
93
|
+
|
87
94
|
def display_name
|
88
95
|
display_name_builder =
|
89
96
|
self.class.display_name_builder_for_package_manager(package_manager)
|
@@ -111,6 +118,11 @@ module Dependabot
|
|
111
118
|
raise ArgumentError, "blank strings must not be provided as versions"
|
112
119
|
end
|
113
120
|
|
121
|
+
check_requirement_fields
|
122
|
+
check_subdependency_metadata
|
123
|
+
end
|
124
|
+
|
125
|
+
def check_requirement_fields
|
114
126
|
requirement_fields = [requirements, previous_requirements].compact
|
115
127
|
unless requirement_fields.all? { |r| r.is_a?(Array) } &&
|
116
128
|
requirement_fields.flatten.all? { |r| r.is_a?(Hash) }
|
@@ -132,6 +144,15 @@ module Dependabot
|
|
132
144
|
raise ArgumentError, "blank strings must not be provided as requirements"
|
133
145
|
end
|
134
146
|
|
147
|
+
def check_subdependency_metadata
|
148
|
+
return unless subdependency_metadata
|
149
|
+
|
150
|
+
unless subdependency_metadata.is_a?(Array) &&
|
151
|
+
subdependency_metadata.all? { |r| r.is_a?(Hash) }
|
152
|
+
raise ArgumentError, "subdependency_metadata must be an array of hashes"
|
153
|
+
end
|
154
|
+
end
|
155
|
+
|
135
156
|
def symbolize_keys(hash)
|
136
157
|
Hash[hash.keys.map { |k| [k.to_sym, hash[k]] }]
|
137
158
|
end
|
@@ -78,12 +78,10 @@ module Dependabot
|
|
78
78
|
else new_dep.version
|
79
79
|
end
|
80
80
|
|
81
|
-
|
82
|
-
subdependency_metadata
|
83
|
-
|
84
|
-
|
85
|
-
subdependency_metadata = new_dep.subdependency_metadata
|
86
|
-
end
|
81
|
+
subdependency_metadata = (
|
82
|
+
(old_dep.subdependency_metadata || []) +
|
83
|
+
(new_dep.subdependency_metadata || [])
|
84
|
+
).uniq
|
87
85
|
|
88
86
|
Dependency.new(
|
89
87
|
name: old_dep.name,
|
@@ -93,9 +91,9 @@ module Dependabot
|
|
93
91
|
subdependency_metadata: subdependency_metadata
|
94
92
|
)
|
95
93
|
end
|
96
|
-
# rubocop:enable Metrics/PerceivedComplexity
|
97
|
-
# rubocop:enable Metrics/CyclomaticComplexity
|
98
94
|
# rubocop:enable Metrics/AbcSize
|
95
|
+
# rubocop:enable Metrics/CyclomaticComplexity
|
96
|
+
# rubocop:enable Metrics/PerceivedComplexity
|
99
97
|
end
|
100
98
|
end
|
101
99
|
end
|
data/lib/dependabot/version.rb
CHANGED