dependabot-gradle 0.246.0 → 0.247.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/gradle/update_checker/version_finder.rb +30 -5
- metadata +21 -7
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 5ca44e8a88415f44c17133b1334252e63c4f4e06ae2ce5e1f920a5764eccbda6
|
|
4
|
+
data.tar.gz: 05e4847ed277ee847cd3a8807c7bf6afebf46e3d114056a6ad9141a0d3d8b241
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f3c927959a2d8e3e5596f3157169855517f5053ced7e20504f02901c89060d31c62d170ed9fa648b28b18c9f24016c26af77b2b935f514648313190fd60bfdb2
|
|
7
|
+
data.tar.gz: 50b017ffbb1616cb2a8af7d84ccdc34411bd45114517a6fddb7a4fcd7652df519a32ea61be1f8f3191fbaadf3a20ef897412e0bb8cb1bf087e5c3a544652c5e7
|
|
@@ -9,11 +9,14 @@ require "dependabot/gradle/update_checker"
|
|
|
9
9
|
require "dependabot/gradle/version"
|
|
10
10
|
require "dependabot/gradle/requirement"
|
|
11
11
|
require "dependabot/maven/utils/auth_headers_finder"
|
|
12
|
+
require "sorbet-runtime"
|
|
12
13
|
|
|
13
14
|
module Dependabot
|
|
14
15
|
module Gradle
|
|
15
16
|
class UpdateChecker
|
|
16
17
|
class VersionFinder
|
|
18
|
+
extend T::Sig
|
|
19
|
+
|
|
17
20
|
KOTLIN_PLUGIN_REPO_PREFIX = "org.jetbrains.kotlin"
|
|
18
21
|
TYPE_SUFFICES = %w(jre android java native_mt agp).freeze
|
|
19
22
|
|
|
@@ -76,24 +79,40 @@ module Dependabot
|
|
|
76
79
|
attr_reader :dependency, :dependency_files, :credentials,
|
|
77
80
|
:ignored_versions, :forbidden_urls, :security_advisories
|
|
78
81
|
|
|
82
|
+
sig { params(possible_versions: T::Array[T.untyped]).returns(T::Array[T.untyped]) }
|
|
79
83
|
def filter_prereleases(possible_versions)
|
|
80
84
|
return possible_versions if wants_prerelease?
|
|
81
85
|
|
|
82
|
-
possible_versions.reject { |v| v.fetch(:version).prerelease? }
|
|
86
|
+
filtered = possible_versions.reject { |v| v.fetch(:version).prerelease? }
|
|
87
|
+
if possible_versions.count > filtered.count
|
|
88
|
+
Dependabot.logger.info("Filtered out #{possible_versions.count - filtered.count} pre-release versions")
|
|
89
|
+
end
|
|
90
|
+
filtered
|
|
83
91
|
end
|
|
84
92
|
|
|
93
|
+
sig { params(possible_versions: T::Array[T.untyped]).returns(T::Array[T.untyped]) }
|
|
85
94
|
def filter_date_based_versions(possible_versions)
|
|
86
95
|
return possible_versions if wants_date_based_version?
|
|
87
96
|
|
|
88
|
-
possible_versions
|
|
89
|
-
|
|
97
|
+
filtered = possible_versions.reject { |v| v.fetch(:version) > version_class.new(1900) }
|
|
98
|
+
if possible_versions.count > filtered.count
|
|
99
|
+
Dependabot.logger.info("Filtered out #{possible_versions.count - filtered.count} date-based versions")
|
|
100
|
+
end
|
|
101
|
+
filtered
|
|
90
102
|
end
|
|
91
103
|
|
|
104
|
+
sig { params(possible_versions: T::Array[T.untyped]).returns(T::Array[T.untyped]) }
|
|
92
105
|
def filter_version_types(possible_versions)
|
|
93
|
-
possible_versions
|
|
94
|
-
|
|
106
|
+
filtered = possible_versions.select { |v| matches_dependency_version_type?(v.fetch(:version)) }
|
|
107
|
+
if possible_versions.count > filtered.count
|
|
108
|
+
diff = possible_versions.count - filtered.count
|
|
109
|
+
classifier = dependency.version.split(/[.\-]/).last
|
|
110
|
+
Dependabot.logger.info("Filtered out #{diff} non-#{classifier} classifier versions")
|
|
111
|
+
end
|
|
112
|
+
filtered
|
|
95
113
|
end
|
|
96
114
|
|
|
115
|
+
sig { params(possible_versions: T::Array[T.untyped]).returns(T::Array[T.untyped]) }
|
|
97
116
|
def filter_ignored_versions(possible_versions)
|
|
98
117
|
filtered = possible_versions
|
|
99
118
|
|
|
@@ -109,9 +128,15 @@ module Dependabot
|
|
|
109
128
|
raise AllVersionsIgnored
|
|
110
129
|
end
|
|
111
130
|
|
|
131
|
+
if possible_versions.count > filtered.count
|
|
132
|
+
diff = possible_versions.count - filtered.count
|
|
133
|
+
Dependabot.logger.info("Filtered out #{diff} ignored versions")
|
|
134
|
+
end
|
|
135
|
+
|
|
112
136
|
filtered
|
|
113
137
|
end
|
|
114
138
|
|
|
139
|
+
sig { params(possible_versions: T::Array[T.untyped]).returns(T::Array[T.untyped]) }
|
|
115
140
|
def filter_lower_versions(possible_versions)
|
|
116
141
|
return possible_versions unless dependency.numeric_version
|
|
117
142
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-gradle
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.247.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-03-
|
|
11
|
+
date: 2024-03-14 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,28 +16,28 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.247.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.247.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: dependabot-maven
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
30
30
|
requirements:
|
|
31
31
|
- - '='
|
|
32
32
|
- !ruby/object:Gem::Version
|
|
33
|
-
version: 0.
|
|
33
|
+
version: 0.247.0
|
|
34
34
|
type: :runtime
|
|
35
35
|
prerelease: false
|
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
|
37
37
|
requirements:
|
|
38
38
|
- - '='
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
|
-
version: 0.
|
|
40
|
+
version: 0.247.0
|
|
41
41
|
- !ruby/object:Gem::Dependency
|
|
42
42
|
name: debug
|
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -150,6 +150,20 @@ dependencies:
|
|
|
150
150
|
- - "~>"
|
|
151
151
|
- !ruby/object:Gem::Version
|
|
152
152
|
version: 1.19.0
|
|
153
|
+
- !ruby/object:Gem::Dependency
|
|
154
|
+
name: rubocop-rspec
|
|
155
|
+
requirement: !ruby/object:Gem::Requirement
|
|
156
|
+
requirements:
|
|
157
|
+
- - "~>"
|
|
158
|
+
- !ruby/object:Gem::Version
|
|
159
|
+
version: 2.27.1
|
|
160
|
+
type: :development
|
|
161
|
+
prerelease: false
|
|
162
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
163
|
+
requirements:
|
|
164
|
+
- - "~>"
|
|
165
|
+
- !ruby/object:Gem::Version
|
|
166
|
+
version: 2.27.1
|
|
153
167
|
- !ruby/object:Gem::Dependency
|
|
154
168
|
name: rubocop-sorbet
|
|
155
169
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -263,7 +277,7 @@ licenses:
|
|
|
263
277
|
- Nonstandard
|
|
264
278
|
metadata:
|
|
265
279
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
266
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
280
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.247.0
|
|
267
281
|
post_install_message:
|
|
268
282
|
rdoc_options: []
|
|
269
283
|
require_paths:
|