dependabot-gradle 0.143.0 → 0.143.5

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/gradle/file_parser.rb +1 -1
  3. data/lib/dependabot/gradle/requirement.rb +9 -11
  4. data/lib/dependabot/gradle/version.rb +1 -1
  5. metadata +6 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: db6059748f0c1f692f360fda9e80311ccafc6fd84ad878183c4c4316f48a4d7e
4
- data.tar.gz: 1b5ea811c9ef709285f5dbde439aa4b913cec9af04c1bf15297f5079b89a47ce
3
+ metadata.gz: 06aac1fce0cf9a07460c7899a98bc0d6ee1ff3a2ce9fbfe4327834186f76c428
4
+ data.tar.gz: e1c284c31da8c013379cae146b23b6e244d742bb06a9199aaa439a2f4a4ccf7b
5
5
  SHA512:
6
- metadata.gz: cf4462b6930947c632b12aeb6b8fd06a7906e2c4afc88ef6c5ae56cd2cd2ea82c6572723242f487f8febc26a7698561697a7f064ebbefdd1395fd185d23b771b
7
- data.tar.gz: ae774d6872823ad22a079104c94c8f8fe4d2fde67c446e040d82a11004d85138977ed62afa10090ea08a8670342307a717c09410a26797eb26b752e2ce3b8c73
6
+ metadata.gz: 21324dfbb56d0bb7a7406e03f614dc5eb798f838b9938ae0124cd67d5c39dcc20f264f1dd92806f5bd20927b8b02ab89cb689c38de98e521e53024418976dfe5
7
+ data.tar.gz: 9245c2a311564f60852588496996a0d440034f244d9b9680569eac02057b38c27a51240d70709894664bbfc89e14753ec19a634a4a68542ed795abe3207d472c
data/lib/dependabot/gradle/file_parser.rb CHANGED
@@ -211,7 +211,7 @@ module Dependabot
211
211
  end
212
212
 
213
213
  def source_from(group, name, version)
214
- return nil unless group&.start_with?("com.github")
214
+ return nil unless group&.start_with?("com.github") && version.match?(/\A[0-9a-f]{40}\Z/)
215
215
 
216
216
  account = group.sub("com.github.", "")
217
217
 
data/lib/dependabot/gradle/requirement.rb CHANGED
@@ -33,14 +33,7 @@ module Dependabot
33
33
 
34
34
  def initialize(*requirements)
35
35
  requirements = requirements.flatten.flat_map do |req_string|
36
- # NOTE: Support ruby-style version requirements that are created from
37
- # PR ignore conditions
38
- version_reqs = req_string.split(",").map(&:strip)
39
- if version_reqs.all? { |s| Gem::Requirement::PATTERN.match?(s) }
40
- version_reqs
41
- else
42
- convert_java_constraint_to_ruby_constraint(req_string)
43
- end
36
+ convert_java_constraint_to_ruby_constraint(req_string)
44
37
  end
45
38
 
46
39
  super(requirements)
@@ -72,9 +65,14 @@ module Dependabot
72
65
  raise "Can't convert multiple Java reqs to a single Ruby one"
73
66
  end
74
67
 
75
- return convert_java_range_to_ruby_range(req_string) if req_string&.include?(",")
76
-
77
- convert_java_equals_req_to_ruby(req_string)
68
+ # NOTE: Support ruby-style version requirements that are created from
69
+ # PR ignore conditions
70
+ version_reqs = req_string.split(",").map(&:strip)
71
+ if req_string.include?(",") && !version_reqs.all? { |s| PATTERN.match?(s) }
72
+ convert_java_range_to_ruby_range(req_string) if req_string.include?(",")
73
+ else
74
+ version_reqs.map { |r| convert_java_equals_req_to_ruby(r) }
75
+ end
78
76
  end
79
77
 
80
78
  def convert_java_range_to_ruby_range(req_string)
data/lib/dependabot/gradle/version.rb CHANGED
@@ -28,7 +28,7 @@ module Dependabot
28
28
  VERSION_PATTERN =
29
29
  "[0-9a-zA-Z]+"\
30
30
  '(?>\.[0-9a-zA-Z]*)*'\
31
- '([_-][0-9A-Za-z_-]*(\.[0-9A-Za-z_-]*)*)?'
31
+ '([_\-\+][0-9A-Za-z_-]*(\.[0-9A-Za-z_-]*)*)?'
32
32
  ANCHORED_VERSION_PATTERN = /\A\s*(#{VERSION_PATTERN})?\s*\z/.freeze
33
33
 
34
34
  def self.correct?(version)
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-gradle
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.143.0
4
+ version: 0.143.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-04-21 00:00:00.000000000 Z
11
+ date: 2021-04-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,28 +16,28 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.143.0
19
+ version: 0.143.5
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.143.0
26
+ version: 0.143.5
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: dependabot-maven
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
31
  - - '='
32
32
  - !ruby/object:Gem::Version
33
- version: 0.143.0
33
+ version: 0.143.5
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
38
  - - '='
39
39
  - !ruby/object:Gem::Version
40
- version: 0.143.0
40
+ version: 0.143.5
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: byebug
43
43
  requirement: !ruby/object:Gem::Requirement