dependabot-gradle 0.140.3 → 0.141.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: da976f8ac4fd5e690b405b158bee0d073f1b507c135dbebffe6b3755fc1d79a1
|
|
4
|
+
data.tar.gz: cd77e3f2adcd6376660a15e3387aa045e0686deff707088995bfca0273985ecf
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 354e8cd70cdb2631bafa09f7e6b5814bc3561ebedef3706faa7d002458540bb3c20ee9cad37999b2813127eed4dc2a570ce89f0c470dfa1e5625afa34de364e5
|
|
7
|
+
data.tar.gz: fb6765cec6ea53e3c8b1e0447c37c81d4abc4dcda0254f7d3c295bb6d1bd966027548e0865dece9f4d64dc885c12012116d0c29f8fa44c665fad8f1147ece1d3
|
|
@@ -5,6 +5,7 @@ require "dependabot/metadata_finders"
|
|
|
5
5
|
require "dependabot/metadata_finders/base"
|
|
6
6
|
require "dependabot/file_fetchers/base"
|
|
7
7
|
require "dependabot/gradle/file_parser/repositories_finder"
|
|
8
|
+
require "dependabot/maven/utils/auth_headers_finder"
|
|
8
9
|
|
|
9
10
|
module Dependabot
|
|
10
11
|
module Gradle
|
|
@@ -112,7 +113,7 @@ module Dependabot
|
|
|
112
113
|
"#{dependency.version}/"\
|
|
113
114
|
"#{artifact_id}-#{dependency.version}.pom",
|
|
114
115
|
idempotent: true,
|
|
115
|
-
**SharedHelpers.excon_defaults(headers:
|
|
116
|
+
**SharedHelpers.excon_defaults(headers: auth_headers)
|
|
116
117
|
)
|
|
117
118
|
|
|
118
119
|
@dependency_pom_file = Nokogiri::XML(response.body)
|
|
@@ -135,7 +136,7 @@ module Dependabot
|
|
|
135
136
|
"#{version}/"\
|
|
136
137
|
"#{artifact_id}-#{version}.pom",
|
|
137
138
|
idempotent: true,
|
|
138
|
-
**SharedHelpers.excon_defaults(headers:
|
|
139
|
+
**SharedHelpers.excon_defaults(headers: auth_headers)
|
|
139
140
|
)
|
|
140
141
|
|
|
141
142
|
Nokogiri::XML(response.body)
|
|
@@ -170,21 +171,8 @@ module Dependabot
|
|
|
170
171
|
plugin? && dependency.requirements.any? { |r| r.fetch(:groups).include? "kotlin" }
|
|
171
172
|
end
|
|
172
173
|
|
|
173
|
-
def
|
|
174
|
-
|
|
175
|
-
credentials.select { |c| c["type"] == "maven_repository" }.
|
|
176
|
-
find do |c|
|
|
177
|
-
cred_url = c.fetch("url").gsub(%r{/+$}, "")
|
|
178
|
-
next false unless cred_url == maven_repo_url
|
|
179
|
-
|
|
180
|
-
c.fetch("username", nil)
|
|
181
|
-
end
|
|
182
|
-
|
|
183
|
-
return {} unless cred
|
|
184
|
-
|
|
185
|
-
token = cred.fetch("username") + ":" + cred.fetch("password")
|
|
186
|
-
encoded_token = Base64.encode64(token).delete("\n")
|
|
187
|
-
{ "Authorization" => "Basic #{encoded_token}" }
|
|
174
|
+
def auth_headers
|
|
175
|
+
@auth_headers ||= Dependabot::Maven::Utils::AuthHeadersFinder.new(credentials).auth_headers(maven_repo_url)
|
|
188
176
|
end
|
|
189
177
|
end
|
|
190
178
|
end
|
|
@@ -6,6 +6,7 @@ require "dependabot/gradle/file_parser/repositories_finder"
|
|
|
6
6
|
require "dependabot/gradle/update_checker"
|
|
7
7
|
require "dependabot/gradle/version"
|
|
8
8
|
require "dependabot/gradle/requirement"
|
|
9
|
+
require "dependabot/maven/utils/auth_headers_finder"
|
|
9
10
|
|
|
10
11
|
module Dependabot
|
|
11
12
|
module Gradle
|
|
@@ -184,10 +185,8 @@ module Dependabot
|
|
|
184
185
|
begin
|
|
185
186
|
response = Excon.get(
|
|
186
187
|
dependency_metadata_url(repository_details.fetch("url")),
|
|
187
|
-
user: repository_details.fetch("username"),
|
|
188
|
-
password: repository_details.fetch("password"),
|
|
189
188
|
idempotent: true,
|
|
190
|
-
**SharedHelpers.excon_defaults
|
|
189
|
+
**Dependabot::SharedHelpers.excon_defaults(headers: repository_details.fetch("auth_headers"))
|
|
191
190
|
)
|
|
192
191
|
check_response(response, repository_details.fetch("url"))
|
|
193
192
|
Nokogiri::XML(response.body)
|
|
@@ -226,10 +225,10 @@ module Dependabot
|
|
|
226
225
|
|
|
227
226
|
@repositories =
|
|
228
227
|
details.reject do |repo|
|
|
229
|
-
next if repo["
|
|
228
|
+
next if repo["auth_headers"]
|
|
230
229
|
|
|
231
|
-
# Reject this entry if an identical one with
|
|
232
|
-
details.any? { |r| r["url"] == repo["url"] && r["
|
|
230
|
+
# Reject this entry if an identical one with non-empty auth_headers exists
|
|
231
|
+
details.any? { |r| r["url"] == repo["url"] && r["auth_headers"] != {} }
|
|
233
232
|
end
|
|
234
233
|
end
|
|
235
234
|
|
|
@@ -239,8 +238,7 @@ module Dependabot
|
|
|
239
238
|
map do |cred|
|
|
240
239
|
{
|
|
241
240
|
"url" => cred.fetch("url").gsub(%r{/+$}, ""),
|
|
242
|
-
"
|
|
243
|
-
"password" => cred.fetch("password", nil)
|
|
241
|
+
"auth_headers" => auth_headers(cred.fetch("url").gsub(%r{/+$}, ""))
|
|
244
242
|
}
|
|
245
243
|
end
|
|
246
244
|
end
|
|
@@ -258,7 +256,7 @@ module Dependabot
|
|
|
258
256
|
target_dependency_file: target_file
|
|
259
257
|
).repository_urls.
|
|
260
258
|
map do |url|
|
|
261
|
-
{ "url" => url, "
|
|
259
|
+
{ "url" => url, "auth_headers" => {} }
|
|
262
260
|
end
|
|
263
261
|
end.uniq
|
|
264
262
|
end
|
|
@@ -266,8 +264,7 @@ module Dependabot
|
|
|
266
264
|
def plugin_repository_details
|
|
267
265
|
[{
|
|
268
266
|
"url" => GRADLE_PLUGINS_REPO,
|
|
269
|
-
"
|
|
270
|
-
"password" => nil
|
|
267
|
+
"auth_headers" => {}
|
|
271
268
|
}] + dependency_repository_details
|
|
272
269
|
end
|
|
273
270
|
|
|
@@ -333,6 +330,14 @@ module Dependabot
|
|
|
333
330
|
def version_class
|
|
334
331
|
Gradle::Version
|
|
335
332
|
end
|
|
333
|
+
|
|
334
|
+
def auth_headers_finder
|
|
335
|
+
@auth_headers_finder ||= Dependabot::Maven::Utils::AuthHeadersFinder.new(credentials)
|
|
336
|
+
end
|
|
337
|
+
|
|
338
|
+
def auth_headers(maven_repo_url)
|
|
339
|
+
auth_headers_finder.auth_headers(maven_repo_url)
|
|
340
|
+
end
|
|
336
341
|
end
|
|
337
342
|
end
|
|
338
343
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-gradle
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.141.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -16,14 +16,28 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.141.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.141.0
|
|
27
|
+
- !ruby/object:Gem::Dependency
|
|
28
|
+
name: dependabot-maven
|
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
|
30
|
+
requirements:
|
|
31
|
+
- - '='
|
|
32
|
+
- !ruby/object:Gem::Version
|
|
33
|
+
version: 0.141.0
|
|
34
|
+
type: :runtime
|
|
35
|
+
prerelease: false
|
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
37
|
+
requirements:
|
|
38
|
+
- - '='
|
|
39
|
+
- !ruby/object:Gem::Version
|
|
40
|
+
version: 0.141.0
|
|
27
41
|
- !ruby/object:Gem::Dependency
|
|
28
42
|
name: byebug
|
|
29
43
|
requirement: !ruby/object:Gem::Requirement
|