dependabot-gradle 0.162.1 → 0.164.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/gradle/file_fetcher.rb +19 -13
  3. data/lib/dependabot/gradle/file_parser/repositories_finder.rb +6 -2
  4. data/lib/dependabot/gradle/file_parser.rb +1 -1
  5. data/lib/dependabot/gradle/file_updater.rb +1 -1
  6. data/lib/dependabot/gradle/update_checker/version_finder.rb +4 -6
  7. data/lib/dependabot/gradle/version.rb +3 -2
  8. metadata +6 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b1e4733a81cd4c3296c2724abbe0c7ac80916bf3f5332c3ebea5688e6f668d8a
4
- data.tar.gz: 3a6598cdfff7f67ee92cc72479f6562710d0b7bd374bf326e2b0412796bbb288
3
+ metadata.gz: 01ef38d918312382191ede58d797312a41326982841b96292059aed50a8bda34
4
+ data.tar.gz: 19409835b92e831a4e62893876f17d2f9702f8630fcbed5885d523a59b39a162
5
5
  SHA512:
6
- metadata.gz: e614dc00a5f665e25dd85a1e142e7ebf74a58d10060f4c217cfff594d8de1da0dbeb509f7f8fda49fe4fdc5ad9b87a27cad23a91001db311811fe58bdc4d9f00
7
- data.tar.gz: d5b093c459100bd09966334121b92deb1f84fbc482b92836009f17aecff3ae7d9a653357fb1d558a2d5f95c7ab8d0a577c18eaa64b682a0d12ee1caf45cdc9c0
6
+ metadata.gz: 508e1fc4764e26726ba5fb29737a326d7cdda9bfbd8d819b481c671f736d5d03f93d15eb4e2248953c74887270351df7e9d779237b419d3d045a4446b2178445
7
+ data.tar.gz: a91f50a560bff212c4fd4440f757808a6a019dec5b58f483781f3d292cbabcdc83c673a2768481d058b35a209b6068ac8abcdd8c0b31497308ad71794c252c27
data/lib/dependabot/gradle/file_fetcher.rb CHANGED
@@ -28,7 +28,7 @@ module Dependabot
28
28
 
29
29
  def fetch_files
30
30
  fetched_files = []
31
- fetched_files << buildfile
31
+ fetched_files << buildfile if buildfile
32
32
  fetched_files += subproject_buildfiles
33
33
  fetched_files += dependency_script_plugins
34
34
  check_required_files_present
@@ -46,17 +46,23 @@ module Dependabot
46
46
  def subproject_buildfiles
47
47
  return [] unless settings_file
48
48
 
49
- subproject_paths =
50
- SettingsFileParser.
51
- new(settings_file: settings_file).
52
- subproject_paths
53
-
54
- subproject_paths.map do |path|
55
- fetch_file_from_host(File.join(path, @buildfile_name))
56
- rescue Dependabot::DependencyFileNotFound
57
- # Gradle itself doesn't worry about missing subprojects, so we don't
58
- nil
59
- end.compact
49
+ @subproject_buildfiles ||= begin
50
+ subproject_paths =
51
+ SettingsFileParser.
52
+ new(settings_file: settings_file).
53
+ subproject_paths
54
+
55
+ subproject_paths.map do |path|
56
+ if @buildfile_name
57
+ fetch_file_from_host(File.join(path, @buildfile_name))
58
+ else
59
+ supported_file(SUPPORTED_BUILD_FILE_NAMES.map { |f| File.join(path, f) })
60
+ end
61
+ rescue Dependabot::DependencyFileNotFound
62
+ # Gradle itself doesn't worry about missing subprojects, so we don't
63
+ nil
64
+ end.compact
65
+ end
60
66
  end
61
67
 
62
68
  # rubocop:disable Metrics/PerceivedComplexity
@@ -83,7 +89,7 @@ module Dependabot
83
89
  # rubocop:enable Metrics/PerceivedComplexity
84
90
 
85
91
  def check_required_files_present
86
- return if buildfile
92
+ return if buildfile || (subproject_buildfiles && !subproject_buildfiles.empty?)
87
93
 
88
94
  path = Pathname.new(File.join(directory, "build.gradle")).cleanpath.to_path
89
95
  path += "(.kts)?"
data/lib/dependabot/gradle/file_parser/repositories_finder.rb CHANGED
@@ -12,6 +12,8 @@ module Dependabot
12
12
  # we're confident we're selecting repos correctly it's wise to include
13
13
  # it as a default.
14
14
  CENTRAL_REPO_URL = "https://repo.maven.apache.org/maven2"
15
+ GOOGLE_MAVEN_REPO = "https://maven.google.com"
16
+ GRADLE_PLUGINS_REPO = "https://plugins.gradle.org/m2"
15
17
 
16
18
  REPOSITORIES_BLOCK_START = /(?:^|\s)repositories\s*\{/.freeze
17
19
 
@@ -96,12 +98,14 @@ module Dependabot
96
98
  end
97
99
 
98
100
  repository_blocks.each do |block|
99
- repository_urls << "https://maven.google.com/" if block.match?(/\sgoogle\(/)
101
+ repository_urls << GOOGLE_MAVEN_REPO if block.match?(/\sgoogle\(/)
100
102
 
101
- repository_urls << "https://repo.maven.apache.org/maven2/" if block.match?(/\smavenCentral\(/)
103
+ repository_urls << CENTRAL_REPO_URL if block.match?(/\smavenCentral\(/)
102
104
 
103
105
  repository_urls << "https://jcenter.bintray.com/" if block.match?(/\sjcenter\(/)
104
106
 
107
+ repository_urls << GRADLE_PLUGINS_REPO if block.match?(/\sgradlePluginPortal\(/)
108
+
105
109
  block.scan(MAVEN_REPO_REGEX) do
106
110
  repository_urls << Regexp.last_match.named_captures.fetch("url")
107
111
  end
data/lib/dependabot/gradle/file_parser.rb CHANGED
@@ -321,7 +321,7 @@ module Dependabot
321
321
  end
322
322
 
323
323
  def check_required_files
324
- raise "No build.gradle or build.gradle.kts!" unless original_file
324
+ raise "No build.gradle or build.gradle.kts!" if dependency_files.empty?
325
325
  end
326
326
 
327
327
  def original_file
data/lib/dependabot/gradle/file_updater.rb CHANGED
@@ -40,7 +40,7 @@ module Dependabot
40
40
  private
41
41
 
42
42
  def check_required_files
43
- raise "No build.gradle or build.gradle.kts!" unless original_file
43
+ raise "No build.gradle or build.gradle.kts!" if dependency_files.empty?
44
44
  end
45
45
 
46
46
  def original_file
data/lib/dependabot/gradle/update_checker/version_finder.rb CHANGED
@@ -13,8 +13,6 @@ module Dependabot
13
13
  module Gradle
14
14
  class UpdateChecker
15
15
  class VersionFinder
16
- GOOGLE_MAVEN_REPO = "https://maven.google.com"
17
- GRADLE_PLUGINS_REPO = "https://plugins.gradle.org/m2"
18
16
  KOTLIN_PLUGIN_REPO_PREFIX = "org.jetbrains.kotlin"
19
17
  TYPE_SUFFICES = %w(jre android java native_mt agp).freeze
20
18
 
@@ -59,7 +57,7 @@ module Dependabot
59
57
  version_details =
60
58
  repositories.map do |repository_details|
61
59
  url = repository_details.fetch("url")
62
- next google_version_details if url == GOOGLE_MAVEN_REPO
60
+ next google_version_details if url == Gradle::FileParser::RepositoriesFinder::GOOGLE_MAVEN_REPO
63
61
 
64
62
  dependency_metadata(repository_details).css("versions > version").
65
63
  select { |node| version_class.correct?(node.content) }.
@@ -136,10 +134,10 @@ module Dependabot
136
134
  end
137
135
 
138
136
  def google_version_details
139
- url = GOOGLE_MAVEN_REPO
137
+ url = Gradle::FileParser::RepositoriesFinder::GOOGLE_MAVEN_REPO
140
138
  group_id, artifact_id = group_and_artifact_ids
141
139
 
142
- dependency_metadata_url = "#{GOOGLE_MAVEN_REPO}/"\
140
+ dependency_metadata_url = "#{Gradle::FileParser::RepositoriesFinder::GOOGLE_MAVEN_REPO}/"\
143
141
  "#{group_id.tr('.', '/')}/"\
144
142
  "group-index.xml"
145
143
 
@@ -250,7 +248,7 @@ module Dependabot
250
248
 
251
249
  def plugin_repository_details
252
250
  [{
253
- "url" => GRADLE_PLUGINS_REPO,
251
+ "url" => Gradle::FileParser::RepositoriesFinder::GRADLE_PLUGINS_REPO,
254
252
  "auth_headers" => {}
255
253
  }] + dependency_repository_details
256
254
  end
data/lib/dependabot/gradle/version.rb CHANGED
@@ -14,7 +14,8 @@ module Dependabot
14
14
  NULL_VALUES = %w(0 final ga).freeze
15
15
  PREFIXED_TOKEN_HIERARCHY = {
16
16
  "." => { qualifier: 1, number: 4 },
17
- "-" => { qualifier: 2, number: 3 }
17
+ "-" => { qualifier: 2, number: 3 },
18
+ "_" => { qualifier: 2, number: 3 }
18
19
  }.freeze
19
20
  NAMED_QUALIFIERS_HIERARCHY = {
20
21
  "a" => 1, "alpha" => 1,
@@ -132,7 +133,7 @@ module Dependabot
132
133
  end
133
134
 
134
135
  def split_into_prefixed_tokens(version)
135
- ".#{version}".split(/(?=[\-\.])/)
136
+ ".#{version}".split(/(?=[_\-\.])/)
136
137
  end
137
138
 
138
139
  def pad_for_comparison(prefixed_tokens, other_prefixed_tokens)
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-gradle
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.162.1
4
+ version: 0.164.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-09-20 00:00:00.000000000 Z
11
+ date: 2021-11-02 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,28 +16,28 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.162.1
19
+ version: 0.164.1
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.162.1
26
+ version: 0.164.1
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: dependabot-maven
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
31
  - - '='
32
32
  - !ruby/object:Gem::Version
33
- version: 0.162.1
33
+ version: 0.164.1
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
38
  - - '='
39
39
  - !ruby/object:Gem::Version
40
- version: 0.162.1
40
+ version: 0.164.1
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: byebug
43
43
  requirement: !ruby/object:Gem::Requirement