dependabot-gradle 0.244.0 → 0.245.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/gradle/file_parser/repositories_finder.rb +23 -0
- metadata +7 -7
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b569f7d35e9f8cc4d076c34a9405167ccf5f279e56ae1f1dd86a223aae5c6c77
|
|
4
|
+
data.tar.gz: 203f571b7bf5bbda9af0af6fc231eb90662b314ba8cb99044b4e0ee75a41e3fd
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 51478bc8cbefc189ab40ae88ca7988b895abe50cc578f5f007be7c2559b292a7bf6decbd8703fe0c8aba18f8c103f38514509273ca1968a8871c34506e3f4830
|
|
7
|
+
data.tar.gz: 71e447cf6b2ab0290835e0d11394f17290ad4da1b35a97b32fbc21895315fc3eac4852041f83970a19a392dfc4a30248bcf010ed58ed7149864a8adec43182c3
|
|
@@ -8,6 +8,7 @@ module Dependabot
|
|
|
8
8
|
class FileParser
|
|
9
9
|
class RepositoriesFinder
|
|
10
10
|
SUPPORTED_BUILD_FILE_NAMES = %w(build.gradle build.gradle.kts).freeze
|
|
11
|
+
SUPPORTED_SETTINGS_FILE_NAMES = %w(settings.gradle settings.gradle.kts).freeze
|
|
11
12
|
|
|
12
13
|
# The Central Repo doesn't have special status for Gradle, but until
|
|
13
14
|
# we're confident we're selecting repos correctly it's wise to include
|
|
@@ -37,6 +38,7 @@ module Dependabot
|
|
|
37
38
|
repository_urls += inherited_repository_urls(dependency_file)
|
|
38
39
|
end
|
|
39
40
|
repository_urls += own_buildfile_repository_urls
|
|
41
|
+
repository_urls += settings_file_repository_urls(top_level_settings_file)
|
|
40
42
|
repository_urls = repository_urls.uniq
|
|
41
43
|
|
|
42
44
|
return repository_urls unless repository_urls.empty?
|
|
@@ -91,6 +93,21 @@ module Dependabot
|
|
|
91
93
|
own_buildfile_urls
|
|
92
94
|
end
|
|
93
95
|
|
|
96
|
+
def settings_file_repository_urls(settings_file)
|
|
97
|
+
return [] unless settings_file
|
|
98
|
+
|
|
99
|
+
settings_file_content = comment_free_content(settings_file)
|
|
100
|
+
dependency_resolution_management_repositories = []
|
|
101
|
+
|
|
102
|
+
settings_file_content.scan(/(?:^|\s)dependencyResolutionManagement\s*\{/) do
|
|
103
|
+
mtch = Regexp.last_match
|
|
104
|
+
dependency_resolution_management_repositories <<
|
|
105
|
+
mtch.post_match[0..closing_bracket_index(mtch.post_match)]
|
|
106
|
+
end
|
|
107
|
+
|
|
108
|
+
repository_urls_from(dependency_resolution_management_repositories.join("\n"))
|
|
109
|
+
end
|
|
110
|
+
|
|
94
111
|
def repository_urls_from(buildfile_content)
|
|
95
112
|
repository_urls = []
|
|
96
113
|
|
|
@@ -154,6 +171,12 @@ module Dependabot
|
|
|
154
171
|
SUPPORTED_BUILD_FILE_NAMES.include?(f.name)
|
|
155
172
|
end
|
|
156
173
|
end
|
|
174
|
+
|
|
175
|
+
def top_level_settings_file
|
|
176
|
+
@top_level_settings_file ||= dependency_files.find do |f|
|
|
177
|
+
SUPPORTED_SETTINGS_FILE_NAMES.include?(f.name)
|
|
178
|
+
end
|
|
179
|
+
end
|
|
157
180
|
end
|
|
158
181
|
end
|
|
159
182
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-gradle
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.245.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-02-
|
|
11
|
+
date: 2024-02-22 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,28 +16,28 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.245.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.245.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: dependabot-maven
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
30
30
|
requirements:
|
|
31
31
|
- - '='
|
|
32
32
|
- !ruby/object:Gem::Version
|
|
33
|
-
version: 0.
|
|
33
|
+
version: 0.245.0
|
|
34
34
|
type: :runtime
|
|
35
35
|
prerelease: false
|
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
|
37
37
|
requirements:
|
|
38
38
|
- - '='
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
|
-
version: 0.
|
|
40
|
+
version: 0.245.0
|
|
41
41
|
- !ruby/object:Gem::Dependency
|
|
42
42
|
name: debug
|
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -263,7 +263,7 @@ licenses:
|
|
|
263
263
|
- Nonstandard
|
|
264
264
|
metadata:
|
|
265
265
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
266
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
266
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.245.0
|
|
267
267
|
post_install_message:
|
|
268
268
|
rdoc_options: []
|
|
269
269
|
require_paths:
|