dependabot-gradle 0.245.0 → 0.247.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/gradle/update_checker/version_finder.rb +30 -5
  3. data/lib/dependabot/gradle/update_checker.rb +1 -1
  4. metadata +21 -7
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b569f7d35e9f8cc4d076c34a9405167ccf5f279e56ae1f1dd86a223aae5c6c77
4
- data.tar.gz: 203f571b7bf5bbda9af0af6fc231eb90662b314ba8cb99044b4e0ee75a41e3fd
3
+ metadata.gz: 5ca44e8a88415f44c17133b1334252e63c4f4e06ae2ce5e1f920a5764eccbda6
4
+ data.tar.gz: 05e4847ed277ee847cd3a8807c7bf6afebf46e3d114056a6ad9141a0d3d8b241
5
5
  SHA512:
6
- metadata.gz: 51478bc8cbefc189ab40ae88ca7988b895abe50cc578f5f007be7c2559b292a7bf6decbd8703fe0c8aba18f8c103f38514509273ca1968a8871c34506e3f4830
7
- data.tar.gz: 71e447cf6b2ab0290835e0d11394f17290ad4da1b35a97b32fbc21895315fc3eac4852041f83970a19a392dfc4a30248bcf010ed58ed7149864a8adec43182c3
6
+ metadata.gz: f3c927959a2d8e3e5596f3157169855517f5053ced7e20504f02901c89060d31c62d170ed9fa648b28b18c9f24016c26af77b2b935f514648313190fd60bfdb2
7
+ data.tar.gz: 50b017ffbb1616cb2a8af7d84ccdc34411bd45114517a6fddb7a4fcd7652df519a32ea61be1f8f3191fbaadf3a20ef897412e0bb8cb1bf087e5c3a544652c5e7
data/lib/dependabot/gradle/update_checker/version_finder.rb CHANGED
@@ -9,11 +9,14 @@ require "dependabot/gradle/update_checker"
9
9
  require "dependabot/gradle/version"
10
10
  require "dependabot/gradle/requirement"
11
11
  require "dependabot/maven/utils/auth_headers_finder"
12
+ require "sorbet-runtime"
12
13
 
13
14
  module Dependabot
14
15
  module Gradle
15
16
  class UpdateChecker
16
17
  class VersionFinder
18
+ extend T::Sig
19
+
17
20
  KOTLIN_PLUGIN_REPO_PREFIX = "org.jetbrains.kotlin"
18
21
  TYPE_SUFFICES = %w(jre android java native_mt agp).freeze
19
22
 
@@ -76,24 +79,40 @@ module Dependabot
76
79
  attr_reader :dependency, :dependency_files, :credentials,
77
80
  :ignored_versions, :forbidden_urls, :security_advisories
78
81
 
82
+ sig { params(possible_versions: T::Array[T.untyped]).returns(T::Array[T.untyped]) }
79
83
  def filter_prereleases(possible_versions)
80
84
  return possible_versions if wants_prerelease?
81
85
 
82
- possible_versions.reject { |v| v.fetch(:version).prerelease? }
86
+ filtered = possible_versions.reject { |v| v.fetch(:version).prerelease? }
87
+ if possible_versions.count > filtered.count
88
+ Dependabot.logger.info("Filtered out #{possible_versions.count - filtered.count} pre-release versions")
89
+ end
90
+ filtered
83
91
  end
84
92
 
93
+ sig { params(possible_versions: T::Array[T.untyped]).returns(T::Array[T.untyped]) }
85
94
  def filter_date_based_versions(possible_versions)
86
95
  return possible_versions if wants_date_based_version?
87
96
 
88
- possible_versions
89
- .reject { |v| v.fetch(:version) > version_class.new(1900) }
97
+ filtered = possible_versions.reject { |v| v.fetch(:version) > version_class.new(1900) }
98
+ if possible_versions.count > filtered.count
99
+ Dependabot.logger.info("Filtered out #{possible_versions.count - filtered.count} date-based versions")
100
+ end
101
+ filtered
90
102
  end
91
103
 
104
+ sig { params(possible_versions: T::Array[T.untyped]).returns(T::Array[T.untyped]) }
92
105
  def filter_version_types(possible_versions)
93
- possible_versions
94
- .select { |v| matches_dependency_version_type?(v.fetch(:version)) }
106
+ filtered = possible_versions.select { |v| matches_dependency_version_type?(v.fetch(:version)) }
107
+ if possible_versions.count > filtered.count
108
+ diff = possible_versions.count - filtered.count
109
+ classifier = dependency.version.split(/[.\-]/).last
110
+ Dependabot.logger.info("Filtered out #{diff} non-#{classifier} classifier versions")
111
+ end
112
+ filtered
95
113
  end
96
114
 
115
+ sig { params(possible_versions: T::Array[T.untyped]).returns(T::Array[T.untyped]) }
97
116
  def filter_ignored_versions(possible_versions)
98
117
  filtered = possible_versions
99
118
 
@@ -109,9 +128,15 @@ module Dependabot
109
128
  raise AllVersionsIgnored
110
129
  end
111
130
 
131
+ if possible_versions.count > filtered.count
132
+ diff = possible_versions.count - filtered.count
133
+ Dependabot.logger.info("Filtered out #{diff} ignored versions")
134
+ end
135
+
112
136
  filtered
113
137
  end
114
138
 
139
+ sig { params(possible_versions: T::Array[T.untyped]).returns(T::Array[T.untyped]) }
115
140
  def filter_lower_versions(possible_versions)
116
141
  return possible_versions unless dependency.numeric_version
117
142
 
data/lib/dependabot/gradle/update_checker.rb CHANGED
@@ -70,7 +70,7 @@ module Dependabot
70
70
  def requirements_unlocked_or_can_be?
71
71
  # If the dependency version come from a property we couldn't
72
72
  # interpolate then there's nothing we can do.
73
- !dependency.version.include?("$")
73
+ !dependency.version&.include?("$")
74
74
  end
75
75
 
76
76
  private
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-gradle
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.245.0
4
+ version: 0.247.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-02-22 00:00:00.000000000 Z
11
+ date: 2024-03-14 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,28 +16,28 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.245.0
19
+ version: 0.247.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.245.0
26
+ version: 0.247.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: dependabot-maven
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
31
  - - '='
32
32
  - !ruby/object:Gem::Version
33
- version: 0.245.0
33
+ version: 0.247.0
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
38
  - - '='
39
39
  - !ruby/object:Gem::Version
40
- version: 0.245.0
40
+ version: 0.247.0
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: debug
43
43
  requirement: !ruby/object:Gem::Requirement
@@ -150,6 +150,20 @@ dependencies:
150
150
  - - "~>"
151
151
  - !ruby/object:Gem::Version
152
152
  version: 1.19.0
153
+ - !ruby/object:Gem::Dependency
154
+ name: rubocop-rspec
155
+ requirement: !ruby/object:Gem::Requirement
156
+ requirements:
157
+ - - "~>"
158
+ - !ruby/object:Gem::Version
159
+ version: 2.27.1
160
+ type: :development
161
+ prerelease: false
162
+ version_requirements: !ruby/object:Gem::Requirement
163
+ requirements:
164
+ - - "~>"
165
+ - !ruby/object:Gem::Version
166
+ version: 2.27.1
153
167
  - !ruby/object:Gem::Dependency
154
168
  name: rubocop-sorbet
155
169
  requirement: !ruby/object:Gem::Requirement
@@ -263,7 +277,7 @@ licenses:
263
277
  - Nonstandard
264
278
  metadata:
265
279
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
266
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.245.0
280
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.247.0
267
281
  post_install_message:
268
282
  rdoc_options: []
269
283
  require_paths: