dependabot-gradle 0.372.0 → 0.374.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 24a6bbe139e4af0217ef4ea1ddeb88c0e41d0a45ed31bd88196c093b6f2944a0
|
|
4
|
+
data.tar.gz: f8cbaad6702c242862bb448f3274429755077556390e323162b9feba2e18279f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a28b958fbb58d4028203ed53eb02fb96843ae8aee4805f0b54798ec64abf7a968df7176c8ab680b7dbb7c7cb1200f3dace01b49bf528ab617ba9120aac6a80c7
|
|
7
|
+
data.tar.gz: adfdf9461dcdf3b6cd6f6a050714abe53409eae513d78168b8aee9d2bcb326b72b5423399ef88b0bcd1243b6ad8bdc652b2bc334ab16a972886394e10e7e3c3f
|
|
@@ -32,11 +32,13 @@ module Dependabot
|
|
|
32
32
|
sig do
|
|
33
33
|
params(
|
|
34
34
|
dependency_files: T::Array[Dependabot::DependencyFile],
|
|
35
|
-
target_dependency_file: T.nilable(Dependabot::DependencyFile)
|
|
35
|
+
target_dependency_file: T.nilable(Dependabot::DependencyFile),
|
|
36
|
+
credentials: T::Array[Dependabot::Credential]
|
|
36
37
|
).void
|
|
37
38
|
end
|
|
38
|
-
def initialize(dependency_files:, target_dependency_file:)
|
|
39
|
+
def initialize(dependency_files:, target_dependency_file:, credentials: [])
|
|
39
40
|
@dependency_files = T.let(dependency_files, T::Array[Dependabot::DependencyFile])
|
|
41
|
+
@credentials = T.let(credentials, T::Array[Dependabot::Credential])
|
|
40
42
|
raise "No target file!" unless target_dependency_file
|
|
41
43
|
|
|
42
44
|
@target_dependency_file = T.let(target_dependency_file, Dependabot::DependencyFile)
|
|
@@ -57,7 +59,7 @@ module Dependabot
|
|
|
57
59
|
|
|
58
60
|
return repository_urls unless repository_urls.empty?
|
|
59
61
|
|
|
60
|
-
[
|
|
62
|
+
[central_repo_url]
|
|
61
63
|
end
|
|
62
64
|
|
|
63
65
|
private
|
|
@@ -65,6 +67,9 @@ module Dependabot
|
|
|
65
67
|
sig { returns(T::Array[Dependabot::DependencyFile]) }
|
|
66
68
|
attr_reader :dependency_files
|
|
67
69
|
|
|
70
|
+
sig { returns(T::Array[Dependabot::Credential]) }
|
|
71
|
+
attr_reader :credentials
|
|
72
|
+
|
|
68
73
|
sig { returns(Dependabot::DependencyFile) }
|
|
69
74
|
attr_reader :target_dependency_file
|
|
70
75
|
|
|
@@ -143,7 +148,7 @@ module Dependabot
|
|
|
143
148
|
repository_blocks.each do |block|
|
|
144
149
|
repository_urls << GOOGLE_MAVEN_REPO if block.match?(/\sgoogle\(/)
|
|
145
150
|
|
|
146
|
-
repository_urls <<
|
|
151
|
+
repository_urls << central_repo_url if block.match?(/\smavenCentral\(/)
|
|
147
152
|
|
|
148
153
|
repository_urls << "https://jcenter.bintray.com/" if block.match?(/\sjcenter\(/)
|
|
149
154
|
|
|
@@ -160,6 +165,24 @@ module Dependabot
|
|
|
160
165
|
.uniq
|
|
161
166
|
end
|
|
162
167
|
|
|
168
|
+
sig { returns(String) }
|
|
169
|
+
def central_repo_url
|
|
170
|
+
base_credential = credentials.find do |cred|
|
|
171
|
+
cred["type"] == "maven_repository" && replaces_base?(cred) && cred["url"]
|
|
172
|
+
end
|
|
173
|
+
|
|
174
|
+
base_credential ? T.must(base_credential["url"]).gsub(%r{/+$}, "") : CENTRAL_REPO_URL
|
|
175
|
+
end
|
|
176
|
+
|
|
177
|
+
sig { params(credential: T.untyped).returns(T::Boolean) }
|
|
178
|
+
def replaces_base?(credential)
|
|
179
|
+
if credential.respond_to?(:replaces_base?)
|
|
180
|
+
credential.replaces_base?
|
|
181
|
+
else
|
|
182
|
+
credential["replaces-base"] == true
|
|
183
|
+
end
|
|
184
|
+
end
|
|
185
|
+
|
|
163
186
|
sig { params(string: String).returns(Integer) }
|
|
164
187
|
def closing_bracket_index(string)
|
|
165
188
|
closes_required = 1
|
|
@@ -265,10 +265,11 @@ module Dependabot
|
|
|
265
265
|
requirement_files.flat_map do |target_file|
|
|
266
266
|
Gradle::FileParser::RepositoriesFinder.new(
|
|
267
267
|
dependency_files: dependency_files,
|
|
268
|
-
target_dependency_file: target_file
|
|
268
|
+
target_dependency_file: target_file,
|
|
269
|
+
credentials: credentials
|
|
269
270
|
).repository_urls
|
|
270
271
|
.map do |url|
|
|
271
|
-
{ "url" => url, "auth_headers" =>
|
|
272
|
+
{ "url" => url, "auth_headers" => auth_headers(url) }
|
|
272
273
|
end
|
|
273
274
|
end.uniq
|
|
274
275
|
end
|
|
@@ -5,12 +5,12 @@ require "sorbet-runtime"
|
|
|
5
5
|
|
|
6
6
|
require "dependabot/requirement"
|
|
7
7
|
require "dependabot/utils"
|
|
8
|
-
require "dependabot/maven/
|
|
8
|
+
require "dependabot/maven/shared/shared_requirement"
|
|
9
9
|
require "dependabot/gradle/version"
|
|
10
10
|
|
|
11
11
|
module Dependabot
|
|
12
12
|
module Gradle
|
|
13
|
-
class Requirement < Dependabot::
|
|
13
|
+
class Requirement < Dependabot::Maven::Shared::SharedRequirement
|
|
14
14
|
extend T::Sig
|
|
15
15
|
|
|
16
16
|
quoted = OPS.keys.map { |k| Regexp.quote k }.join("|")
|
|
@@ -19,6 +19,16 @@ module Dependabot
|
|
|
19
19
|
# Like PATTERN, but the leading operator is required
|
|
20
20
|
RUBY_STYLE_PATTERN = /\A\s*(#{quoted})\s*(#{Gradle::Version::VERSION_PATTERN})\s*\z/
|
|
21
21
|
|
|
22
|
+
sig { override.returns(Regexp) }
|
|
23
|
+
def self.pattern
|
|
24
|
+
PATTERN
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
sig { override.returns(Regexp) }
|
|
28
|
+
def self.ruby_style_pattern
|
|
29
|
+
RUBY_STYLE_PATTERN
|
|
30
|
+
end
|
|
31
|
+
|
|
22
32
|
sig { override.params(obj: T.any(Gem::Version, String)).returns([String, Gem::Version]) }
|
|
23
33
|
def self.parse(obj)
|
|
24
34
|
return ["=", Gradle::Version.new(obj.to_s)] if obj.is_a?(Gem::Version)
|
|
@@ -40,96 +50,11 @@ module Dependabot
|
|
|
40
50
|
end
|
|
41
51
|
end
|
|
42
52
|
|
|
43
|
-
sig { params(requirements: T.any(T.nilable(String), T::Array[T.nilable(String)])).void }
|
|
44
|
-
def initialize(*requirements)
|
|
45
|
-
requirements = requirements.flatten.flat_map do |req_string|
|
|
46
|
-
convert_java_constraint_to_ruby_constraint(req_string)
|
|
47
|
-
end
|
|
48
|
-
|
|
49
|
-
super(requirements)
|
|
50
|
-
end
|
|
51
|
-
|
|
52
53
|
sig { override.params(version: Gem::Version).returns(T::Boolean) }
|
|
53
54
|
def satisfied_by?(version)
|
|
54
55
|
version = Gradle::Version.new(version.to_s)
|
|
55
56
|
super
|
|
56
57
|
end
|
|
57
|
-
|
|
58
|
-
private
|
|
59
|
-
|
|
60
|
-
sig { params(req_string: T.nilable(String)).returns(T::Array[T.nilable(String)]) }
|
|
61
|
-
def self.split_java_requirement(req_string)
|
|
62
|
-
return [req_string] unless req_string&.match?(Maven::Requirement::OR_SYNTAX)
|
|
63
|
-
|
|
64
|
-
req_string.split(Maven::Requirement::OR_SYNTAX).flat_map do |str|
|
|
65
|
-
next str if str.start_with?("(", "[")
|
|
66
|
-
|
|
67
|
-
exacts, *rest = str.split(/,(?=\[|\()/)
|
|
68
|
-
[*T.must(exacts).split(","), *rest]
|
|
69
|
-
end
|
|
70
|
-
end
|
|
71
|
-
private_class_method :split_java_requirement
|
|
72
|
-
|
|
73
|
-
sig { params(req_string: T.nilable(String)).returns(T.nilable(T::Array[String])) }
|
|
74
|
-
def convert_java_constraint_to_ruby_constraint(req_string)
|
|
75
|
-
return unless req_string
|
|
76
|
-
|
|
77
|
-
if self.class.send(:split_java_requirement, req_string).count > 1
|
|
78
|
-
raise "Can't convert multiple Java reqs to a single Ruby one"
|
|
79
|
-
end
|
|
80
|
-
|
|
81
|
-
version_reqs = req_string.split(",").map(&:strip)
|
|
82
|
-
if version_reqs.length > 1 && !version_reqs.all? { |s| PATTERN.match?(s) }
|
|
83
|
-
return convert_java_range_to_ruby_range(req_string)
|
|
84
|
-
end
|
|
85
|
-
|
|
86
|
-
version_reqs.map do |r|
|
|
87
|
-
# if an operator is already provided, use it
|
|
88
|
-
next r if r.match?(RUBY_STYLE_PATTERN)
|
|
89
|
-
|
|
90
|
-
convert_java_equals_req_to_ruby(r)
|
|
91
|
-
end
|
|
92
|
-
end
|
|
93
|
-
|
|
94
|
-
sig { params(req_string: String).returns(T::Array[String]) }
|
|
95
|
-
def convert_java_range_to_ruby_range(req_string)
|
|
96
|
-
lower_b, upper_b = req_string.split(",").map(&:strip)
|
|
97
|
-
|
|
98
|
-
lower_b =
|
|
99
|
-
if ["(", "["].include?(lower_b) then nil
|
|
100
|
-
elsif T.must(lower_b).start_with?("(") then "> #{T.must(lower_b).sub(/\(\s*/, '')}"
|
|
101
|
-
else
|
|
102
|
-
">= #{T.must(lower_b).sub(/\[\s*/, '').strip}"
|
|
103
|
-
end
|
|
104
|
-
|
|
105
|
-
upper_b =
|
|
106
|
-
if [")", "]"].include?(upper_b) then nil
|
|
107
|
-
elsif T.must(upper_b).end_with?(")") then "< #{T.must(upper_b).sub(/\s*\)/, '')}"
|
|
108
|
-
else
|
|
109
|
-
"<= #{T.must(upper_b).sub(/\s*\]/, '').strip}"
|
|
110
|
-
end
|
|
111
|
-
|
|
112
|
-
[lower_b, upper_b].compact
|
|
113
|
-
end
|
|
114
|
-
|
|
115
|
-
sig { params(req_string: String).returns(String) }
|
|
116
|
-
def convert_java_equals_req_to_ruby(req_string)
|
|
117
|
-
return convert_wildcard_req(req_string) if req_string.include?("+")
|
|
118
|
-
|
|
119
|
-
# If a soft requirement is being used, treat it as an equality matcher
|
|
120
|
-
return req_string unless req_string.start_with?("[")
|
|
121
|
-
|
|
122
|
-
req_string.gsub(/[\[\]\(\)]/, "")
|
|
123
|
-
end
|
|
124
|
-
|
|
125
|
-
sig { params(req_string: String).returns(String) }
|
|
126
|
-
def convert_wildcard_req(req_string)
|
|
127
|
-
version = req_string.split("+").first
|
|
128
|
-
return ">= 0" if version.nil? || version.empty?
|
|
129
|
-
|
|
130
|
-
version += "0" if version.end_with?(".")
|
|
131
|
-
"~> #{version}"
|
|
132
|
-
end
|
|
133
58
|
end
|
|
134
59
|
end
|
|
135
60
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-gradle
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.374.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -15,28 +15,28 @@ dependencies:
|
|
|
15
15
|
requirements:
|
|
16
16
|
- - '='
|
|
17
17
|
- !ruby/object:Gem::Version
|
|
18
|
-
version: 0.
|
|
18
|
+
version: 0.374.0
|
|
19
19
|
type: :runtime
|
|
20
20
|
prerelease: false
|
|
21
21
|
version_requirements: !ruby/object:Gem::Requirement
|
|
22
22
|
requirements:
|
|
23
23
|
- - '='
|
|
24
24
|
- !ruby/object:Gem::Version
|
|
25
|
-
version: 0.
|
|
25
|
+
version: 0.374.0
|
|
26
26
|
- !ruby/object:Gem::Dependency
|
|
27
27
|
name: dependabot-maven
|
|
28
28
|
requirement: !ruby/object:Gem::Requirement
|
|
29
29
|
requirements:
|
|
30
30
|
- - '='
|
|
31
31
|
- !ruby/object:Gem::Version
|
|
32
|
-
version: 0.
|
|
32
|
+
version: 0.374.0
|
|
33
33
|
type: :runtime
|
|
34
34
|
prerelease: false
|
|
35
35
|
version_requirements: !ruby/object:Gem::Requirement
|
|
36
36
|
requirements:
|
|
37
37
|
- - '='
|
|
38
38
|
- !ruby/object:Gem::Version
|
|
39
|
-
version: 0.
|
|
39
|
+
version: 0.374.0
|
|
40
40
|
- !ruby/object:Gem::Dependency
|
|
41
41
|
name: debug
|
|
42
42
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -285,7 +285,7 @@ licenses:
|
|
|
285
285
|
- MIT
|
|
286
286
|
metadata:
|
|
287
287
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
288
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
288
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.374.0
|
|
289
289
|
rdoc_options: []
|
|
290
290
|
require_paths:
|
|
291
291
|
- lib
|