dependabot-gradle 0.262.0 → 0.264.0
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: d10eedea81449df321f09127a88f4c3be2aa317d8cb437a381825fd811e9fc2a
|
4
|
+
data.tar.gz: b3936158b65edb6c2027e361d76cd2aa78235fabae98d17a5d5ca24893f2a06f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 50d579cc9c25840cd632d8507f90339c218ee81964d732b7b799cea740a6dd0ae8ab846bf111a701ccf4b8c40c56b08e64a46300cbed3a3ec73968e5b6b9b40f
|
7
|
+
data.tar.gz: 41e425cf72d56b615abefac4895d9bf897d07e99532fcfbf37ec14e330e5819152aabc96b32793b4bec4d9032f84770a0a7125ea884ff9933dc6c700ba786f18
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# typed:
|
1
|
+
# typed: strong
|
2
2
|
# frozen_string_literal: true
|
3
3
|
|
4
4
|
require "sorbet-runtime"
|
@@ -11,53 +11,61 @@ module Dependabot
|
|
11
11
|
class SettingsFileParser
|
12
12
|
extend T::Sig
|
13
13
|
|
14
|
+
sig { params(settings_file: Dependabot::DependencyFile).void }
|
14
15
|
def initialize(settings_file:)
|
15
16
|
@settings_file = settings_file
|
16
17
|
end
|
17
18
|
|
19
|
+
sig { returns(T::Array[String]) }
|
18
20
|
def included_build_paths
|
19
21
|
paths = []
|
20
|
-
comment_free_content
|
22
|
+
comment_free_content&.scan(function_regex("includeBuild")) do
|
21
23
|
arg = T.must(Regexp.last_match).named_captures.fetch("args")
|
22
24
|
paths << T.must(arg).gsub(/["']/, "").strip
|
23
25
|
end
|
24
26
|
paths.uniq
|
25
27
|
end
|
26
28
|
|
29
|
+
sig { returns(T::Array[T.nilable(String)]) }
|
27
30
|
def subproject_paths
|
28
31
|
subprojects = T.let([], T::Array[String])
|
32
|
+
process_include_functions(subprojects)
|
33
|
+
subprojects.uniq.map { |name| process_subproject_name(name) }
|
34
|
+
end
|
35
|
+
|
36
|
+
private
|
29
37
|
|
30
|
-
|
38
|
+
sig { params(subprojects: T::Array[String]).void }
|
39
|
+
def process_include_functions(subprojects)
|
40
|
+
comment_free_content&.scan(function_regex("include")) do
|
31
41
|
args = T.must(Regexp.last_match).named_captures.fetch("args")
|
32
42
|
args = T.must(args).split(",")
|
33
43
|
args = args.filter_map { |p| p.gsub(/["']/, "").strip }
|
34
|
-
subprojects
|
44
|
+
subprojects.concat(args)
|
35
45
|
end
|
46
|
+
end
|
36
47
|
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
proj.tr(":", "/").sub(%r{^/}, "")
|
45
|
-
end
|
48
|
+
sig { params(proj: String).returns(T.nilable(String)) }
|
49
|
+
def process_subproject_name(proj)
|
50
|
+
if comment_free_content&.match?(project_dir_regex(proj))
|
51
|
+
comment_free_content&.match(project_dir_regex(proj))
|
52
|
+
&.named_captures&.fetch("path")&.sub(%r{^/}, "")
|
53
|
+
else
|
54
|
+
proj.tr(":", "/").sub(%r{^/}, "")
|
46
55
|
end
|
47
|
-
|
48
|
-
subproject_dirs.uniq
|
49
56
|
end
|
50
57
|
|
51
|
-
|
52
|
-
|
58
|
+
sig { returns(Dependabot::DependencyFile) }
|
53
59
|
attr_reader :settings_file
|
54
60
|
|
61
|
+
sig { returns(T.nilable(String)) }
|
55
62
|
def comment_free_content
|
56
63
|
settings_file.content
|
57
|
-
|
58
|
-
|
64
|
+
&.gsub(%r{(?<=^|\s)//.*$}, "\n")
|
65
|
+
&.gsub(%r{(?<=^|\s)/\*.*?\*/}m, "")
|
59
66
|
end
|
60
67
|
|
68
|
+
sig { params(function_name: T.any(String, Symbol)).returns(Regexp) }
|
61
69
|
def function_regex(function_name)
|
62
70
|
/
|
63
71
|
(?:^|\s)#{Regexp.quote(function_name)}(?:\s*\(|\s)
|
@@ -65,6 +73,7 @@ module Dependabot
|
|
65
73
|
/mx
|
66
74
|
end
|
67
75
|
|
76
|
+
sig { params(proj: String).returns(Regexp) }
|
68
77
|
def project_dir_regex(proj)
|
69
78
|
prefixed_proj = Regexp.quote(":#{proj.gsub(/^:/, '')}")
|
70
79
|
/['"]#{prefixed_proj}['"].*dir\s*=.*['"](?<path>.*?)['"]/i
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# typed:
|
1
|
+
# typed: strict
|
2
2
|
# frozen_string_literal: true
|
3
3
|
|
4
4
|
require "sorbet-runtime"
|
@@ -16,21 +16,39 @@ module Dependabot
|
|
16
16
|
require_relative "file_fetcher/settings_file_parser"
|
17
17
|
|
18
18
|
SUPPORTED_BUILD_FILE_NAMES =
|
19
|
-
%w(build.gradle build.gradle.kts).freeze
|
19
|
+
T.let(%w(build.gradle build.gradle.kts).freeze, T::Array[String])
|
20
20
|
|
21
21
|
SUPPORTED_SETTINGS_FILE_NAMES =
|
22
|
-
%w(settings.gradle settings.gradle.kts).freeze
|
22
|
+
T.let(%w(settings.gradle settings.gradle.kts).freeze, T::Array[String])
|
23
23
|
|
24
24
|
# For now Gradle only supports library .toml files in the main gradle folder
|
25
25
|
SUPPORTED_VERSION_CATALOG_FILE_PATH =
|
26
|
-
%w(/gradle/libs.versions.toml).freeze
|
26
|
+
T.let(%w(/gradle/libs.versions.toml).freeze, T::Array[String])
|
27
27
|
|
28
|
+
sig do
|
29
|
+
override
|
30
|
+
.params(
|
31
|
+
source: Dependabot::Source,
|
32
|
+
credentials: T::Array[Dependabot::Credential],
|
33
|
+
repo_contents_path: T.nilable(String),
|
34
|
+
options: T::Hash[String, String]
|
35
|
+
)
|
36
|
+
.void
|
37
|
+
end
|
38
|
+
def initialize(source:, credentials:, repo_contents_path: nil, options: {})
|
39
|
+
super
|
40
|
+
|
41
|
+
@buildfile_name = T.let(nil, T.nilable(String))
|
42
|
+
end
|
43
|
+
|
44
|
+
sig { override.params(filenames: T::Array[String]).returns(T::Boolean) }
|
28
45
|
def self.required_files_in?(filenames)
|
29
46
|
filenames.any? do |filename|
|
30
47
|
SUPPORTED_BUILD_FILE_NAMES.any? { |supported| filename.end_with?(supported) }
|
31
48
|
end
|
32
49
|
end
|
33
50
|
|
51
|
+
sig { override.returns(String) }
|
34
52
|
def self.required_files_message
|
35
53
|
"Repo must contain a build.gradle / build.gradle.kts file."
|
36
54
|
end
|
@@ -42,6 +60,7 @@ module Dependabot
|
|
42
60
|
|
43
61
|
private
|
44
62
|
|
63
|
+
sig { params(root_dir: String).returns(T::Array[DependencyFile]) }
|
45
64
|
def all_buildfiles_in_build(root_dir)
|
46
65
|
files = [buildfile(root_dir), settings_file(root_dir), version_catalog_file(root_dir)].compact
|
47
66
|
files += subproject_buildfiles(root_dir)
|
@@ -50,6 +69,7 @@ module Dependabot
|
|
50
69
|
.flat_map { |dir| all_buildfiles_in_build(dir) }
|
51
70
|
end
|
52
71
|
|
72
|
+
sig { params(root_dir: String).returns(T::Array[String]) }
|
53
73
|
def included_builds(root_dir)
|
54
74
|
builds = []
|
55
75
|
|
@@ -61,7 +81,7 @@ module Dependabot
|
|
61
81
|
return builds unless settings_file(root_dir)
|
62
82
|
|
63
83
|
builds += SettingsFileParser
|
64
|
-
.new(settings_file: settings_file(root_dir))
|
84
|
+
.new(settings_file: T.must(settings_file(root_dir)))
|
65
85
|
.included_build_paths
|
66
86
|
.map { |p| clean_join([root_dir, p]) }
|
67
87
|
|
@@ -73,17 +93,19 @@ module Dependabot
|
|
73
93
|
Pathname.new(File.join(parts)).cleanpath.to_path
|
74
94
|
end
|
75
95
|
|
96
|
+
sig { params(root_dir: String).returns(T::Array[DependencyFile]) }
|
76
97
|
def subproject_buildfiles(root_dir)
|
77
98
|
return [] unless settings_file(root_dir)
|
78
99
|
|
79
100
|
subproject_paths =
|
80
101
|
SettingsFileParser
|
81
|
-
.new(settings_file: settings_file(root_dir))
|
102
|
+
.new(settings_file: T.must(settings_file(root_dir)))
|
82
103
|
.subproject_paths
|
83
104
|
|
84
105
|
subproject_paths.filter_map do |path|
|
85
106
|
if @buildfile_name
|
86
|
-
|
107
|
+
buildfile_path = File.join(root_dir, path, @buildfile_name)
|
108
|
+
fetch_file_from_host(buildfile_path)
|
87
109
|
else
|
88
110
|
buildfile(File.join(root_dir, path))
|
89
111
|
end
|
@@ -93,6 +115,7 @@ module Dependabot
|
|
93
115
|
end
|
94
116
|
end
|
95
117
|
|
118
|
+
sig { params(root_dir: String).returns(T.nilable(DependencyFile)) }
|
96
119
|
def version_catalog_file(root_dir)
|
97
120
|
return nil unless root_dir == "."
|
98
121
|
|
@@ -100,6 +123,7 @@ module Dependabot
|
|
100
123
|
end
|
101
124
|
|
102
125
|
# rubocop:disable Metrics/PerceivedComplexity
|
126
|
+
sig { params(root_dir: String).returns(T::Array[DependencyFile]) }
|
103
127
|
def dependency_script_plugins(root_dir)
|
104
128
|
return [] unless buildfile(root_dir)
|
105
129
|
|
@@ -123,6 +147,7 @@ module Dependabot
|
|
123
147
|
end
|
124
148
|
# rubocop:enable Metrics/PerceivedComplexity
|
125
149
|
|
150
|
+
sig { params(path: T.any(Pathname, String)).returns(T::Boolean) }
|
126
151
|
def file_exists_in_submodule?(path)
|
127
152
|
fetch_file_from_host(path, fetch_submodules: true)
|
128
153
|
true
|
@@ -130,20 +155,24 @@ module Dependabot
|
|
130
155
|
false
|
131
156
|
end
|
132
157
|
|
158
|
+
sig { params(dir: String).returns(T.nilable(DependencyFile)) }
|
133
159
|
def buildfile(dir)
|
134
160
|
file = find_first(dir, SUPPORTED_BUILD_FILE_NAMES) || return
|
135
161
|
@buildfile_name ||= File.basename(file.name)
|
136
162
|
file
|
137
163
|
end
|
138
164
|
|
165
|
+
sig { params(dir: String).returns(T.nilable(DependencyFile)) }
|
139
166
|
def gradle_toml_file(dir)
|
140
167
|
find_first(dir, SUPPORTED_VERSION_CATALOG_FILE_PATH)
|
141
168
|
end
|
142
169
|
|
170
|
+
sig { params(dir: String).returns(T.nilable(DependencyFile)) }
|
143
171
|
def settings_file(dir)
|
144
172
|
find_first(dir, SUPPORTED_SETTINGS_FILE_NAMES)
|
145
173
|
end
|
146
174
|
|
175
|
+
sig { params(dir: String, supported_names: T::Array[String]).returns(T.nilable(DependencyFile)) }
|
147
176
|
def find_first(dir, supported_names)
|
148
177
|
paths = supported_names
|
149
178
|
.map { |name| clean_join([dir, name]) }
|
@@ -153,10 +182,12 @@ module Dependabot
|
|
153
182
|
fetch_first_if_present(paths)
|
154
183
|
end
|
155
184
|
|
185
|
+
sig { returns(T::Hash[String, DependencyFile]) }
|
156
186
|
def cached_files
|
157
|
-
@cached_files ||= {}
|
187
|
+
@cached_files ||= T.let({}, T.nilable(T::Hash[String, DependencyFile]))
|
158
188
|
end
|
159
189
|
|
190
|
+
sig { params(paths: T::Array[String]).returns(T.nilable(DependencyFile)) }
|
160
191
|
def fetch_first_if_present(paths)
|
161
192
|
paths.each do |path|
|
162
193
|
file = fetch_file_if_present(path) || next
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-gradle
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.264.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-
|
11
|
+
date: 2024-07-05 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dependabot-common
|
@@ -16,28 +16,28 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.
|
19
|
+
version: 0.264.0
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.
|
26
|
+
version: 0.264.0
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: dependabot-maven
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
30
30
|
requirements:
|
31
31
|
- - '='
|
32
32
|
- !ruby/object:Gem::Version
|
33
|
-
version: 0.
|
33
|
+
version: 0.264.0
|
34
34
|
type: :runtime
|
35
35
|
prerelease: false
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
37
37
|
requirements:
|
38
38
|
- - '='
|
39
39
|
- !ruby/object:Gem::Version
|
40
|
-
version: 0.
|
40
|
+
version: 0.264.0
|
41
41
|
- !ruby/object:Gem::Dependency
|
42
42
|
name: debug
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
@@ -277,7 +277,7 @@ licenses:
|
|
277
277
|
- MIT
|
278
278
|
metadata:
|
279
279
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
280
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
280
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.264.0
|
281
281
|
post_install_message:
|
282
282
|
rdoc_options: []
|
283
283
|
require_paths:
|