dependabot-gradle 0.244.0 → 0.245.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/gradle/file_parser/repositories_finder.rb +23 -0
- metadata +7 -7
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b569f7d35e9f8cc4d076c34a9405167ccf5f279e56ae1f1dd86a223aae5c6c77
|
|
4
|
+
data.tar.gz: 203f571b7bf5bbda9af0af6fc231eb90662b314ba8cb99044b4e0ee75a41e3fd
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 51478bc8cbefc189ab40ae88ca7988b895abe50cc578f5f007be7c2559b292a7bf6decbd8703fe0c8aba18f8c103f38514509273ca1968a8871c34506e3f4830
|
|
7
|
+
data.tar.gz: 71e447cf6b2ab0290835e0d11394f17290ad4da1b35a97b32fbc21895315fc3eac4852041f83970a19a392dfc4a30248bcf010ed58ed7149864a8adec43182c3
|
|
@@ -8,6 +8,7 @@ module Dependabot
|
|
|
8
8
|
class FileParser
|
|
9
9
|
class RepositoriesFinder
|
|
10
10
|
SUPPORTED_BUILD_FILE_NAMES = %w(build.gradle build.gradle.kts).freeze
|
|
11
|
+
SUPPORTED_SETTINGS_FILE_NAMES = %w(settings.gradle settings.gradle.kts).freeze
|
|
11
12
|
|
|
12
13
|
# The Central Repo doesn't have special status for Gradle, but until
|
|
13
14
|
# we're confident we're selecting repos correctly it's wise to include
|
|
@@ -37,6 +38,7 @@ module Dependabot
|
|
|
37
38
|
repository_urls += inherited_repository_urls(dependency_file)
|
|
38
39
|
end
|
|
39
40
|
repository_urls += own_buildfile_repository_urls
|
|
41
|
+
repository_urls += settings_file_repository_urls(top_level_settings_file)
|
|
40
42
|
repository_urls = repository_urls.uniq
|
|
41
43
|
|
|
42
44
|
return repository_urls unless repository_urls.empty?
|
|
@@ -91,6 +93,21 @@ module Dependabot
|
|
|
91
93
|
own_buildfile_urls
|
|
92
94
|
end
|
|
93
95
|
|
|
96
|
+
def settings_file_repository_urls(settings_file)
|
|
97
|
+
return [] unless settings_file
|
|
98
|
+
|
|
99
|
+
settings_file_content = comment_free_content(settings_file)
|
|
100
|
+
dependency_resolution_management_repositories = []
|
|
101
|
+
|
|
102
|
+
settings_file_content.scan(/(?:^|\s)dependencyResolutionManagement\s*\{/) do
|
|
103
|
+
mtch = Regexp.last_match
|
|
104
|
+
dependency_resolution_management_repositories <<
|
|
105
|
+
mtch.post_match[0..closing_bracket_index(mtch.post_match)]
|
|
106
|
+
end
|
|
107
|
+
|
|
108
|
+
repository_urls_from(dependency_resolution_management_repositories.join("\n"))
|
|
109
|
+
end
|
|
110
|
+
|
|
94
111
|
def repository_urls_from(buildfile_content)
|
|
95
112
|
repository_urls = []
|
|
96
113
|
|
|
@@ -154,6 +171,12 @@ module Dependabot
|
|
|
154
171
|
SUPPORTED_BUILD_FILE_NAMES.include?(f.name)
|
|
155
172
|
end
|
|
156
173
|
end
|
|
174
|
+
|
|
175
|
+
def top_level_settings_file
|
|
176
|
+
@top_level_settings_file ||= dependency_files.find do |f|
|
|
177
|
+
SUPPORTED_SETTINGS_FILE_NAMES.include?(f.name)
|
|
178
|
+
end
|
|
179
|
+
end
|
|
157
180
|
end
|
|
158
181
|
end
|
|
159
182
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-gradle
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.245.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-02-
|
|
11
|
+
date: 2024-02-22 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,28 +16,28 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.245.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.245.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: dependabot-maven
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
30
30
|
requirements:
|
|
31
31
|
- - '='
|
|
32
32
|
- !ruby/object:Gem::Version
|
|
33
|
-
version: 0.
|
|
33
|
+
version: 0.245.0
|
|
34
34
|
type: :runtime
|
|
35
35
|
prerelease: false
|
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
|
37
37
|
requirements:
|
|
38
38
|
- - '='
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
|
-
version: 0.
|
|
40
|
+
version: 0.245.0
|
|
41
41
|
- !ruby/object:Gem::Dependency
|
|
42
42
|
name: debug
|
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -263,7 +263,7 @@ licenses:
|
|
|
263
263
|
- Nonstandard
|
|
264
264
|
metadata:
|
|
265
265
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
266
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
266
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.245.0
|
|
267
267
|
post_install_message:
|
|
268
268
|
rdoc_options: []
|
|
269
269
|
require_paths:
|