dependabot-gradle 0.236.0 → 0.237.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/gradle/file_fetcher.rb +7 -2
- data/lib/dependabot/gradle/metadata_finder.rb +5 -2
- metadata +23 -9
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 985d1b809eb50f71ddc79529a1f5350bfbf52f4a754b5cf8686dcf8fe4bfed91
|
|
4
|
+
data.tar.gz: 31d0b2d659e74b7b8e23bfaa35b700e0e55a84b120e958bab5a3f7bdce15798d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d9126ce6ba683381892767b20315e40a3151727d08b6bc43abe5c21298bbdf7ac30228792232e3f2eccb40406849f62a23f3c422c02d48a4141c71d91ff35c19
|
|
7
|
+
data.tar.gz: a7a4f77c2231d1bf8b74734a63c72796edaea09310784ae2c77c7ac9f7aced0d4c335ee111ba0b9ba21d0990d8796dc250fcba6c67f29e3c7e639a5a1c4f3dee
|
|
@@ -1,12 +1,16 @@
|
|
|
1
1
|
# typed: false
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
|
+
require "sorbet-runtime"
|
|
4
5
|
require "dependabot/file_fetchers"
|
|
5
6
|
require "dependabot/file_fetchers/base"
|
|
6
7
|
|
|
7
8
|
module Dependabot
|
|
8
9
|
module Gradle
|
|
9
10
|
class FileFetcher < Dependabot::FileFetchers::Base
|
|
11
|
+
extend T::Sig
|
|
12
|
+
extend T::Helpers
|
|
13
|
+
|
|
10
14
|
require_relative "file_parser"
|
|
11
15
|
require_relative "file_fetcher/settings_file_parser"
|
|
12
16
|
|
|
@@ -30,14 +34,15 @@ module Dependabot
|
|
|
30
34
|
"Repo must contain a build.gradle / build.gradle.kts file."
|
|
31
35
|
end
|
|
32
36
|
|
|
33
|
-
|
|
34
|
-
|
|
37
|
+
sig { override.returns(T::Array[DependencyFile]) }
|
|
35
38
|
def fetch_files
|
|
36
39
|
files = all_buildfiles_in_build(".")
|
|
37
40
|
check_required_files_present(files)
|
|
38
41
|
files
|
|
39
42
|
end
|
|
40
43
|
|
|
44
|
+
private
|
|
45
|
+
|
|
41
46
|
def all_buildfiles_in_build(root_dir)
|
|
42
47
|
files = [buildfile(root_dir), settings_file(root_dir), version_catalog_file(root_dir)].compact
|
|
43
48
|
files += subproject_buildfiles(root_dir)
|
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require "nokogiri"
|
|
5
|
+
require "sorbet-runtime"
|
|
5
6
|
require "dependabot/metadata_finders"
|
|
6
7
|
require "dependabot/metadata_finders/base"
|
|
7
8
|
require "dependabot/file_fetchers/base"
|
|
@@ -12,6 +13,8 @@ require "dependabot/registry_client"
|
|
|
12
13
|
module Dependabot
|
|
13
14
|
module Gradle
|
|
14
15
|
class MetadataFinder < Dependabot::MetadataFinders::Base
|
|
16
|
+
extend T::Sig
|
|
17
|
+
|
|
15
18
|
DOT_SEPARATOR_REGEX = %r{\.(?!\d+([.\/_\-]|$)+)}
|
|
16
19
|
PROPERTY_REGEX = /\$\{(?<property>.*?)\}/
|
|
17
20
|
KOTLIN_PLUGIN_REPO_PREFIX = "org.jetbrains.kotlin"
|
|
@@ -39,7 +42,7 @@ module Dependabot
|
|
|
39
42
|
|
|
40
43
|
artifact = dependency.name.split(":").last
|
|
41
44
|
fetcher =
|
|
42
|
-
|
|
45
|
+
Dependabot::Gradle::FileFetcher.new(source: tmp_source, credentials: credentials)
|
|
43
46
|
|
|
44
47
|
@repo_has_subdir_for_dep[tmp_source] =
|
|
45
48
|
fetcher.send(:repo_contents, raise_errors: false)
|
|
@@ -97,7 +100,7 @@ module Dependabot
|
|
|
97
100
|
end
|
|
98
101
|
|
|
99
102
|
github_urls.find do |url|
|
|
100
|
-
repo = Source.from_url(url).repo
|
|
103
|
+
repo = T.must(Source.from_url(url)).repo
|
|
101
104
|
repo.end_with?(dependency.name.split(":").last)
|
|
102
105
|
end
|
|
103
106
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-gradle
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.237.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-
|
|
11
|
+
date: 2023-11-21 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,28 +16,28 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.237.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.237.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: dependabot-maven
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
30
30
|
requirements:
|
|
31
31
|
- - '='
|
|
32
32
|
- !ruby/object:Gem::Version
|
|
33
|
-
version: 0.
|
|
33
|
+
version: 0.237.0
|
|
34
34
|
type: :runtime
|
|
35
35
|
prerelease: false
|
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
|
37
37
|
requirements:
|
|
38
38
|
- - '='
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
|
-
version: 0.
|
|
40
|
+
version: 0.237.0
|
|
41
41
|
- !ruby/object:Gem::Dependency
|
|
42
42
|
name: debug
|
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -108,20 +108,34 @@ dependencies:
|
|
|
108
108
|
- - "~>"
|
|
109
109
|
- !ruby/object:Gem::Version
|
|
110
110
|
version: '1.3'
|
|
111
|
+
- !ruby/object:Gem::Dependency
|
|
112
|
+
name: rspec-sorbet
|
|
113
|
+
requirement: !ruby/object:Gem::Requirement
|
|
114
|
+
requirements:
|
|
115
|
+
- - "~>"
|
|
116
|
+
- !ruby/object:Gem::Version
|
|
117
|
+
version: 1.9.2
|
|
118
|
+
type: :development
|
|
119
|
+
prerelease: false
|
|
120
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
121
|
+
requirements:
|
|
122
|
+
- - "~>"
|
|
123
|
+
- !ruby/object:Gem::Version
|
|
124
|
+
version: 1.9.2
|
|
111
125
|
- !ruby/object:Gem::Dependency
|
|
112
126
|
name: rubocop
|
|
113
127
|
requirement: !ruby/object:Gem::Requirement
|
|
114
128
|
requirements:
|
|
115
129
|
- - "~>"
|
|
116
130
|
- !ruby/object:Gem::Version
|
|
117
|
-
version: 1.
|
|
131
|
+
version: 1.57.2
|
|
118
132
|
type: :development
|
|
119
133
|
prerelease: false
|
|
120
134
|
version_requirements: !ruby/object:Gem::Requirement
|
|
121
135
|
requirements:
|
|
122
136
|
- - "~>"
|
|
123
137
|
- !ruby/object:Gem::Version
|
|
124
|
-
version: 1.
|
|
138
|
+
version: 1.57.2
|
|
125
139
|
- !ruby/object:Gem::Dependency
|
|
126
140
|
name: rubocop-performance
|
|
127
141
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -235,7 +249,7 @@ licenses:
|
|
|
235
249
|
- Nonstandard
|
|
236
250
|
metadata:
|
|
237
251
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
238
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
252
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.237.0
|
|
239
253
|
post_install_message:
|
|
240
254
|
rdoc_options: []
|
|
241
255
|
require_paths:
|