dependabot-gradle 0.211.0 → 0.212.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/gradle/file_fetcher/settings_file_parser.rb +1 -1
- data/lib/dependabot/gradle/file_fetcher.rb +4 -4
- data/lib/dependabot/gradle/file_parser.rb +4 -5
- data/lib/dependabot/gradle/update_checker/version_finder.rb +7 -7
- data/lib/dependabot/gradle/version.rb +4 -4
- metadata +24 -10
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b3351fb1ee4f8162624eb226e7fc4240eda753152e52fdf1b2b4dcf379320751
|
4
|
+
data.tar.gz: ee8233190463bb93f1277a4ddceb1b96fc783a0730aa75c1e9e226206c6acb1a
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 03bffc9b99077c543fefbe7c990014314ac795cf1b7632e9b74d7dfbedb36f75f338c14133204c57b28836a285f2c0f9778b039e0dadf874f00856bba16c30e3
|
7
|
+
data.tar.gz: a78e909c826da1b08b4fba82131376d17297de546675e7008f462c683f4d2dc1a0354a796e0d4df09c9c090c88328d202a674bbae42b9e1489f5c7e4841fbe04
|
@@ -16,7 +16,7 @@ module Dependabot
|
|
16
16
|
comment_free_content.scan(function_regex("include")) do
|
17
17
|
args = Regexp.last_match.named_captures.fetch("args")
|
18
18
|
args = args.split(",")
|
19
|
-
args = args.
|
19
|
+
args = args.filter_map { |p| p.gsub(/["']/, "").strip }
|
20
20
|
subprojects += args
|
21
21
|
end
|
22
22
|
|
@@ -53,7 +53,7 @@ module Dependabot
|
|
53
53
|
new(settings_file: settings_file).
|
54
54
|
subproject_paths
|
55
55
|
|
56
|
-
subproject_paths.
|
56
|
+
subproject_paths.filter_map do |path|
|
57
57
|
if @buildfile_name
|
58
58
|
fetch_file_from_host(File.join(path, @buildfile_name))
|
59
59
|
else
|
@@ -62,7 +62,7 @@ module Dependabot
|
|
62
62
|
rescue Dependabot::DependencyFileNotFound
|
63
63
|
# Gradle itself doesn't worry about missing subprojects, so we don't
|
64
64
|
nil
|
65
|
-
end
|
65
|
+
end
|
66
66
|
end
|
67
67
|
end
|
68
68
|
|
@@ -78,14 +78,14 @@ module Dependabot
|
|
78
78
|
map { |path| path.gsub("$rootDir", ".") }.
|
79
79
|
uniq
|
80
80
|
|
81
|
-
dependency_plugin_paths.
|
81
|
+
dependency_plugin_paths.filter_map do |path|
|
82
82
|
fetch_file_from_host(path)
|
83
83
|
rescue Dependabot::DependencyFileNotFound
|
84
84
|
next nil if file_exists_in_submodule?(path)
|
85
85
|
next nil if path.include?("${")
|
86
86
|
|
87
87
|
raise
|
88
|
-
end
|
88
|
+
end
|
89
89
|
end
|
90
90
|
# rubocop:enable Metrics/PerceivedComplexity
|
91
91
|
|
@@ -59,8 +59,7 @@ module Dependabot
|
|
59
59
|
|
60
60
|
def self.find_includes(buildfile, dependency_files)
|
61
61
|
FileParser.find_include_names(buildfile).
|
62
|
-
|
63
|
-
compact
|
62
|
+
filter_map { |f| dependency_files.find { |bf| bf.name == f } }
|
64
63
|
end
|
65
64
|
|
66
65
|
private
|
@@ -161,9 +160,9 @@ module Dependabot
|
|
161
160
|
|
162
161
|
plugin_blocks.each do |blk|
|
163
162
|
blk.lines.each do |line|
|
164
|
-
name_regex = /(id|kotlin)(\s+#{PLUGIN_ID_REGEX}|\(#{PLUGIN_ID_REGEX}\))/
|
163
|
+
name_regex = /(id|kotlin)(\s+#{PLUGIN_ID_REGEX}|\(#{PLUGIN_ID_REGEX}\))/o
|
165
164
|
name = line.match(name_regex)&.named_captures&.fetch("id")
|
166
|
-
version_regex = /version\s+['"](?<version>#{VSN_PART})['"]/
|
165
|
+
version_regex = /version\s+['"](?<version>#{VSN_PART})['"]/o
|
167
166
|
version = line.match(version_regex)&.named_captures&.
|
168
167
|
fetch("version")
|
169
168
|
next unless name && version
|
@@ -178,7 +177,7 @@ module Dependabot
|
|
178
177
|
end
|
179
178
|
|
180
179
|
def extra_groups(line)
|
181
|
-
line.match(/kotlin(\s+#{PLUGIN_ID_REGEX}|\(#{PLUGIN_ID_REGEX}\))/) ? ["kotlin"] : []
|
180
|
+
line.match?(/kotlin(\s+#{PLUGIN_ID_REGEX}|\(#{PLUGIN_ID_REGEX}\))/o) ? ["kotlin"] : []
|
182
181
|
end
|
183
182
|
|
184
183
|
def argument_from_string(string, arg_name)
|
@@ -137,8 +137,8 @@ module Dependabot
|
|
137
137
|
url = Gradle::FileParser::RepositoriesFinder::GOOGLE_MAVEN_REPO
|
138
138
|
group_id, artifact_id = group_and_artifact_ids
|
139
139
|
|
140
|
-
dependency_metadata_url = "#{Gradle::FileParser::RepositoriesFinder::GOOGLE_MAVEN_REPO}/"\
|
141
|
-
"#{group_id.tr('.', '/')}/"\
|
140
|
+
dependency_metadata_url = "#{Gradle::FileParser::RepositoriesFinder::GOOGLE_MAVEN_REPO}/" \
|
141
|
+
"#{group_id.tr('.', '/')}/" \
|
142
142
|
"group-index.xml"
|
143
143
|
|
144
144
|
@google_version_details ||=
|
@@ -185,7 +185,7 @@ module Dependabot
|
|
185
185
|
end
|
186
186
|
|
187
187
|
def check_response(response, repository_url)
|
188
|
-
return unless
|
188
|
+
return unless response.status == 401 || response.status == 403
|
189
189
|
return if @forbidden_urls.include?(repository_url)
|
190
190
|
return if central_repo_urls.include?(repository_url)
|
191
191
|
|
@@ -277,10 +277,10 @@ module Dependabot
|
|
277
277
|
group_id, artifact_id = group_and_artifact_ids
|
278
278
|
group_id = "#{KOTLIN_PLUGIN_REPO_PREFIX}.#{group_id}" if kotlin_plugin?
|
279
279
|
|
280
|
-
"#{repository_url}/"\
|
281
|
-
|
282
|
-
|
283
|
-
|
280
|
+
"#{repository_url}/" \
|
281
|
+
"#{group_id.tr('.', '/')}/" \
|
282
|
+
"#{artifact_id}/" \
|
283
|
+
"maven-metadata.xml"
|
284
284
|
end
|
285
285
|
|
286
286
|
def group_and_artifact_ids
|
@@ -27,8 +27,8 @@ module Dependabot
|
|
27
27
|
"sp" => 7
|
28
28
|
}.freeze
|
29
29
|
VERSION_PATTERN =
|
30
|
-
"[0-9a-zA-Z]+"\
|
31
|
-
'(?>\.[0-9a-zA-Z]*)*'\
|
30
|
+
"[0-9a-zA-Z]+" \
|
31
|
+
'(?>\.[0-9a-zA-Z]*)*' \
|
32
32
|
'([_\-\+][0-9A-Za-z_-]*(\.[0-9A-Za-z_-]*)*)?'
|
33
33
|
ANCHORED_VERSION_PATTERN = /\A\s*(#{VERSION_PATTERN})?\s*\z/.freeze
|
34
34
|
|
@@ -117,11 +117,11 @@ module Dependabot
|
|
117
117
|
end
|
118
118
|
|
119
119
|
def trim_version(version)
|
120
|
-
version.split("-").
|
120
|
+
version.split("-").filter_map do |v|
|
121
121
|
parts = v.split(".")
|
122
122
|
parts = parts[0..-2] while NULL_VALUES.include?(parts&.last)
|
123
123
|
parts&.join(".")
|
124
|
-
end.
|
124
|
+
end.reject(&:empty?).join("-")
|
125
125
|
end
|
126
126
|
|
127
127
|
def convert_dates(version, other_version)
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-gradle
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.212.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-09-06 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dependabot-common
|
@@ -16,28 +16,28 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.
|
19
|
+
version: 0.212.0
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.
|
26
|
+
version: 0.212.0
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: dependabot-maven
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
30
30
|
requirements:
|
31
31
|
- - '='
|
32
32
|
- !ruby/object:Gem::Version
|
33
|
-
version: 0.
|
33
|
+
version: 0.212.0
|
34
34
|
type: :runtime
|
35
35
|
prerelease: false
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
37
37
|
requirements:
|
38
38
|
- - '='
|
39
39
|
- !ruby/object:Gem::Version
|
40
|
-
version: 0.
|
40
|
+
version: 0.212.0
|
41
41
|
- !ruby/object:Gem::Dependency
|
42
42
|
name: debase
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
@@ -100,14 +100,14 @@ dependencies:
|
|
100
100
|
requirements:
|
101
101
|
- - "~>"
|
102
102
|
- !ruby/object:Gem::Version
|
103
|
-
version: 3.
|
103
|
+
version: 3.12.0
|
104
104
|
type: :development
|
105
105
|
prerelease: false
|
106
106
|
version_requirements: !ruby/object:Gem::Requirement
|
107
107
|
requirements:
|
108
108
|
- - "~>"
|
109
109
|
- !ruby/object:Gem::Version
|
110
|
-
version: 3.
|
110
|
+
version: 3.12.0
|
111
111
|
- !ruby/object:Gem::Dependency
|
112
112
|
name: rake
|
113
113
|
requirement: !ruby/object:Gem::Requirement
|
@@ -156,14 +156,28 @@ dependencies:
|
|
156
156
|
requirements:
|
157
157
|
- - "~>"
|
158
158
|
- !ruby/object:Gem::Version
|
159
|
-
version: 1.
|
159
|
+
version: 1.36.0
|
160
160
|
type: :development
|
161
161
|
prerelease: false
|
162
162
|
version_requirements: !ruby/object:Gem::Requirement
|
163
163
|
requirements:
|
164
164
|
- - "~>"
|
165
165
|
- !ruby/object:Gem::Version
|
166
|
-
version: 1.
|
166
|
+
version: 1.36.0
|
167
|
+
- !ruby/object:Gem::Dependency
|
168
|
+
name: rubocop-performance
|
169
|
+
requirement: !ruby/object:Gem::Requirement
|
170
|
+
requirements:
|
171
|
+
- - "~>"
|
172
|
+
- !ruby/object:Gem::Version
|
173
|
+
version: 1.14.2
|
174
|
+
type: :development
|
175
|
+
prerelease: false
|
176
|
+
version_requirements: !ruby/object:Gem::Requirement
|
177
|
+
requirements:
|
178
|
+
- - "~>"
|
179
|
+
- !ruby/object:Gem::Version
|
180
|
+
version: 1.14.2
|
167
181
|
- !ruby/object:Gem::Dependency
|
168
182
|
name: ruby-debug-ide
|
169
183
|
requirement: !ruby/object:Gem::Requirement
|