dependabot-gradle 0.248.0 → 0.249.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/gradle/file_parser/repositories_finder.rb +2 -1
- data/lib/dependabot/gradle/file_updater/dependency_set_updater.rb +29 -7
- data/lib/dependabot/gradle/metadata_finder.rb +29 -12
- data/lib/dependabot/gradle/requirement.rb +18 -10
- data/lib/dependabot/gradle/update_checker/multi_dependency_updater.rb +6 -2
- data/lib/dependabot/gradle/update_checker/requirements_updater.rb +41 -5
- data/lib/dependabot/gradle/update_checker/version_finder.rb +6 -2
- metadata +7 -7
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b6b88c185132e0757e166517d91f8eec67bb81700556092db7575ff8315872f6
|
4
|
+
data.tar.gz: 4ffa864fecdbb4cbd35f4e852db4149fe305c51ea26c943436ee3f5f18b74a07
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 4b664778ef30123ac9f08028d7154e9e1fd6c546d6144a574a5bf412fa6300bba16ef8e3fe47511bec1c74ec929f1ee1eef473ddbd6bff424070826197d9d040
|
7
|
+
data.tar.gz: 2e255ff81474cd16e17f5381204b37372720ce41d7ba3b87c66b90b8771c543811de5d8c654872453c1b7974f32370a8b653f2700d8284e66a8af1baf7a6fc3f
|
@@ -1,6 +1,8 @@
|
|
1
|
-
# typed:
|
1
|
+
# typed: strict
|
2
2
|
# frozen_string_literal: true
|
3
3
|
|
4
|
+
require "sorbet-runtime"
|
5
|
+
|
4
6
|
require "dependabot/gradle/file_parser"
|
5
7
|
require "dependabot/gradle/file_updater"
|
6
8
|
|
@@ -8,10 +10,21 @@ module Dependabot
|
|
8
10
|
module Gradle
|
9
11
|
class FileUpdater
|
10
12
|
class DependencySetUpdater
|
13
|
+
extend T::Sig
|
14
|
+
|
15
|
+
sig { params(dependency_files: T::Array[Dependabot::DependencyFile]).void }
|
11
16
|
def initialize(dependency_files:)
|
12
17
|
@dependency_files = dependency_files
|
13
18
|
end
|
14
19
|
|
20
|
+
sig do
|
21
|
+
params(
|
22
|
+
dependency_set: T::Hash[Symbol, String],
|
23
|
+
buildfile: Dependabot::DependencyFile,
|
24
|
+
previous_requirement: String,
|
25
|
+
updated_requirement: String
|
26
|
+
).returns(T::Array[Dependabot::DependencyFile])
|
27
|
+
end
|
15
28
|
def update_files_for_dep_set_change(dependency_set:,
|
16
29
|
buildfile:,
|
17
30
|
previous_requirement:,
|
@@ -21,7 +34,7 @@ module Dependabot
|
|
21
34
|
|
22
35
|
return dependency_files unless declaration_string
|
23
36
|
|
24
|
-
updated_content = buildfile.content.sub(
|
37
|
+
updated_content = T.must(buildfile.content).sub(
|
25
38
|
declaration_string,
|
26
39
|
declaration_string.sub(
|
27
40
|
previous_requirement,
|
@@ -30,7 +43,7 @@ module Dependabot
|
|
30
43
|
)
|
31
44
|
|
32
45
|
updated_files = dependency_files.dup
|
33
|
-
updated_files[updated_files.index(buildfile)] =
|
46
|
+
updated_files[T.must(updated_files.index(buildfile))] =
|
34
47
|
update_file(file: buildfile, content: updated_content)
|
35
48
|
|
36
49
|
updated_files
|
@@ -38,22 +51,31 @@ module Dependabot
|
|
38
51
|
|
39
52
|
private
|
40
53
|
|
54
|
+
sig { returns(T::Array[Dependabot::DependencyFile]) }
|
41
55
|
attr_reader :dependency_files
|
42
56
|
|
57
|
+
sig do
|
58
|
+
params(
|
59
|
+
dependency_set: T::Hash[Symbol, String],
|
60
|
+
buildfile: Dependabot::DependencyFile
|
61
|
+
)
|
62
|
+
.returns(T.nilable(String))
|
63
|
+
end
|
43
64
|
def original_declaration_string(dependency_set, buildfile)
|
44
65
|
regex = Gradle::FileParser::DEPENDENCY_SET_DECLARATION_REGEX
|
45
|
-
dependency_sets = []
|
46
|
-
buildfile.content.scan(regex) do
|
66
|
+
dependency_sets = T.let([], T::Array[String])
|
67
|
+
T.must(buildfile.content).scan(regex) do
|
47
68
|
dependency_sets << Regexp.last_match.to_s
|
48
69
|
end
|
49
70
|
|
50
71
|
dependency_sets.find do |mtch|
|
51
|
-
next unless mtch.include?(dependency_set[:group])
|
72
|
+
next unless mtch.include?(T.must(dependency_set[:group]))
|
52
73
|
|
53
|
-
mtch.include?(dependency_set[:version])
|
74
|
+
mtch.include?(T.must(dependency_set[:version]))
|
54
75
|
end
|
55
76
|
end
|
56
77
|
|
78
|
+
sig { params(file: Dependabot::DependencyFile, content: String).returns(Dependabot::DependencyFile) }
|
57
79
|
def update_file(file:, content:)
|
58
80
|
updated_file = file.dup
|
59
81
|
updated_file.content = content
|
@@ -1,13 +1,15 @@
|
|
1
|
-
# typed:
|
1
|
+
# typed: strict
|
2
2
|
# frozen_string_literal: true
|
3
3
|
|
4
4
|
require "nokogiri"
|
5
5
|
require "sorbet-runtime"
|
6
|
-
|
7
|
-
require "dependabot/metadata_finders/base"
|
6
|
+
|
8
7
|
require "dependabot/file_fetchers/base"
|
8
|
+
require "dependabot/gradle/file_fetcher"
|
9
9
|
require "dependabot/gradle/file_parser/repositories_finder"
|
10
10
|
require "dependabot/maven/utils/auth_headers_finder"
|
11
|
+
require "dependabot/metadata_finders"
|
12
|
+
require "dependabot/metadata_finders/base"
|
11
13
|
require "dependabot/registry_client"
|
12
14
|
|
13
15
|
module Dependabot
|
@@ -21,6 +23,7 @@ module Dependabot
|
|
21
23
|
|
22
24
|
private
|
23
25
|
|
26
|
+
sig { override.returns(T.nilable(Dependabot::Source)) }
|
24
27
|
def look_up_source
|
25
28
|
tmp_source = look_up_source_in_pom(dependency_pom_file)
|
26
29
|
return tmp_source if tmp_source
|
@@ -31,14 +34,15 @@ module Dependabot
|
|
31
34
|
return unless tmp_source
|
32
35
|
|
33
36
|
artifact = dependency.name.split(":").last
|
34
|
-
return tmp_source if tmp_source.repo.end_with?(artifact)
|
37
|
+
return tmp_source if tmp_source.repo.end_with?(T.must(artifact))
|
35
38
|
|
36
39
|
tmp_source if repo_has_subdir_for_dep?(tmp_source)
|
37
40
|
end
|
38
41
|
|
42
|
+
sig { params(tmp_source: Dependabot::Source).returns(T::Boolean) }
|
39
43
|
def repo_has_subdir_for_dep?(tmp_source)
|
40
|
-
@repo_has_subdir_for_dep ||= {}
|
41
|
-
return @repo_has_subdir_for_dep[tmp_source] if @repo_has_subdir_for_dep.key?(tmp_source)
|
44
|
+
@repo_has_subdir_for_dep ||= T.let({}, T.nilable(T::Hash[Dependabot::Source, T::Boolean]))
|
45
|
+
return T.must(@repo_has_subdir_for_dep[tmp_source]) if @repo_has_subdir_for_dep.key?(tmp_source)
|
42
46
|
|
43
47
|
artifact = dependency.name.split(":").last
|
44
48
|
fetcher =
|
@@ -52,9 +56,10 @@ module Dependabot
|
|
52
56
|
tmp_source.branch = nil
|
53
57
|
retry
|
54
58
|
rescue Dependabot::RepoNotFound
|
55
|
-
@repo_has_subdir_for_dep[tmp_source] = false
|
59
|
+
T.must(@repo_has_subdir_for_dep)[tmp_source] = false
|
56
60
|
end
|
57
61
|
|
62
|
+
sig { params(pom: Nokogiri::XML::Document).returns(T.nilable(Dependabot::Source)) }
|
58
63
|
def look_up_source_in_pom(pom)
|
59
64
|
potential_source_urls = [
|
60
65
|
pom.at_css("project > url")&.content,
|
@@ -69,15 +74,16 @@ module Dependabot
|
|
69
74
|
Source.from_url(source_url)
|
70
75
|
end
|
71
76
|
|
77
|
+
sig { params(source_url: T.nilable(String), pom: Nokogiri::XML::Document).returns(T.nilable(String)) }
|
72
78
|
def substitute_property_in_source_url(source_url, pom)
|
73
79
|
return unless source_url
|
74
80
|
return source_url unless source_url.include?("${")
|
75
81
|
|
76
82
|
regex = PROPERTY_REGEX
|
77
|
-
property_name = source_url.match(regex).named_captures["property"]
|
83
|
+
property_name = T.must(source_url.match(regex)).named_captures["property"]
|
78
84
|
doc = pom.dup
|
79
85
|
doc.remove_namespaces!
|
80
|
-
nm = property_name.sub(/^pom\./, "").sub(/^project\./, "")
|
86
|
+
nm = T.must(property_name).sub(/^pom\./, "").sub(/^project\./, "")
|
81
87
|
property_value =
|
82
88
|
loop do
|
83
89
|
candidate_node =
|
@@ -93,6 +99,7 @@ module Dependabot
|
|
93
99
|
source_url.gsub("${#{property_name}}", property_value)
|
94
100
|
end
|
95
101
|
|
102
|
+
sig { params(pom: T.any(String, Nokogiri::XML::Document)).returns(T.nilable(String)) }
|
96
103
|
def source_from_anywhere_in_pom(pom)
|
97
104
|
github_urls = []
|
98
105
|
pom.to_s.scan(Source::SOURCE_REGEX) do
|
@@ -105,6 +112,7 @@ module Dependabot
|
|
105
112
|
end
|
106
113
|
end
|
107
114
|
|
115
|
+
sig { returns(Nokogiri::XML::Document) }
|
108
116
|
def dependency_pom_file
|
109
117
|
return @dependency_pom_file unless @dependency_pom_file.nil?
|
110
118
|
|
@@ -120,11 +128,12 @@ module Dependabot
|
|
120
128
|
headers: auth_headers
|
121
129
|
)
|
122
130
|
|
123
|
-
@dependency_pom_file = Nokogiri::XML(response.body)
|
131
|
+
@dependency_pom_file = T.let(Nokogiri::XML(response.body), T.nilable(Nokogiri::XML::Document))
|
124
132
|
rescue Excon::Error::Timeout
|
125
|
-
@dependency_pom_file
|
133
|
+
@dependency_pom_file ||= T.let(Nokogiri::XML(""), T.nilable(Nokogiri::XML::Document))
|
126
134
|
end
|
127
135
|
|
136
|
+
sig { params(pom: Nokogiri::XML::Document).returns(T.nilable(Nokogiri::XML::Document)) }
|
128
137
|
def parent_pom_file(pom)
|
129
138
|
doc = pom.dup
|
130
139
|
doc.remove_namespaces!
|
@@ -143,6 +152,7 @@ module Dependabot
|
|
143
152
|
Nokogiri::XML(response.body)
|
144
153
|
end
|
145
154
|
|
155
|
+
sig { returns(String) }
|
146
156
|
def maven_repo_url
|
147
157
|
source = dependency.requirements
|
148
158
|
.find { |r| r.fetch(:source) }&.fetch(:source)
|
@@ -152,6 +162,7 @@ module Dependabot
|
|
152
162
|
Gradle::FileParser::RepositoriesFinder::CENTRAL_REPO_URL
|
153
163
|
end
|
154
164
|
|
165
|
+
sig { returns(String) }
|
155
166
|
def maven_repo_dependency_url
|
156
167
|
group_id, artifact_id =
|
157
168
|
if kotlin_plugin?
|
@@ -165,16 +176,22 @@ module Dependabot
|
|
165
176
|
"#{maven_repo_url}/#{group_id&.tr('.', '/')}/#{artifact_id}"
|
166
177
|
end
|
167
178
|
|
179
|
+
sig { returns(T::Boolean) }
|
168
180
|
def plugin?
|
169
181
|
dependency.requirements.any? { |r| r.fetch(:groups).include? "plugins" }
|
170
182
|
end
|
171
183
|
|
184
|
+
sig { returns(T::Boolean) }
|
172
185
|
def kotlin_plugin?
|
173
186
|
plugin? && dependency.requirements.any? { |r| r.fetch(:groups).include? "kotlin" }
|
174
187
|
end
|
175
188
|
|
189
|
+
sig { returns(T::Hash[String, String]) }
|
176
190
|
def auth_headers
|
177
|
-
@auth_headers ||=
|
191
|
+
@auth_headers ||= T.let(
|
192
|
+
Dependabot::Maven::Utils::AuthHeadersFinder.new(credentials).auth_headers(maven_repo_url),
|
193
|
+
T.nilable(T::Hash[String, String])
|
194
|
+
)
|
178
195
|
end
|
179
196
|
end
|
180
197
|
end
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# typed:
|
1
|
+
# typed: strict
|
2
2
|
# frozen_string_literal: true
|
3
3
|
|
4
4
|
require "sorbet-runtime"
|
@@ -14,9 +14,10 @@ module Dependabot
|
|
14
14
|
extend T::Sig
|
15
15
|
|
16
16
|
quoted = OPS.keys.map { |k| Regexp.quote k }.join("|")
|
17
|
-
PATTERN_RAW = "\\s*(#{quoted})?\\s*(#{Gradle::Version::VERSION_PATTERN})\\s*".freeze
|
17
|
+
PATTERN_RAW = T.let("\\s*(#{quoted})?\\s*(#{Gradle::Version::VERSION_PATTERN})\\s*".freeze, String)
|
18
18
|
PATTERN = /\A#{PATTERN_RAW}\z/
|
19
19
|
|
20
|
+
sig { override.params(obj: T.any(Gem::Version, String)).returns([String, Gem::Version]) }
|
20
21
|
def self.parse(obj)
|
21
22
|
return ["=", Gradle::Version.new(obj.to_s)] if obj.is_a?(Gem::Version)
|
22
23
|
|
@@ -37,6 +38,7 @@ module Dependabot
|
|
37
38
|
end
|
38
39
|
end
|
39
40
|
|
41
|
+
sig { params(requirements: T.any(T.nilable(String), T::Array[T.nilable(String)])).void }
|
40
42
|
def initialize(*requirements)
|
41
43
|
requirements = requirements.flatten.flat_map do |req_string|
|
42
44
|
convert_java_constraint_to_ruby_constraint(req_string)
|
@@ -45,6 +47,7 @@ module Dependabot
|
|
45
47
|
super(requirements)
|
46
48
|
end
|
47
49
|
|
50
|
+
sig { override.params(version: Gem::Version).returns(T::Boolean) }
|
48
51
|
def satisfied_by?(version)
|
49
52
|
version = Gradle::Version.new(version.to_s)
|
50
53
|
super
|
@@ -52,18 +55,20 @@ module Dependabot
|
|
52
55
|
|
53
56
|
private
|
54
57
|
|
58
|
+
sig { params(req_string: T.nilable(String)).returns(T::Array[T.nilable(String)]) }
|
55
59
|
def self.split_java_requirement(req_string)
|
56
|
-
return [req_string] unless req_string
|
60
|
+
return [req_string] unless req_string&.match?(Maven::Requirement::OR_SYNTAX)
|
57
61
|
|
58
62
|
req_string.split(Maven::Requirement::OR_SYNTAX).flat_map do |str|
|
59
63
|
next str if str.start_with?("(", "[")
|
60
64
|
|
61
65
|
exacts, *rest = str.split(/,(?=\[|\()/)
|
62
|
-
[*exacts.split(","), *rest]
|
66
|
+
[*T.must(exacts).split(","), *rest]
|
63
67
|
end
|
64
68
|
end
|
65
69
|
private_class_method :split_java_requirement
|
66
70
|
|
71
|
+
sig { params(req_string: T.nilable(String)).returns(T.nilable(T::Array[String])) }
|
67
72
|
def convert_java_constraint_to_ruby_constraint(req_string)
|
68
73
|
return unless req_string
|
69
74
|
|
@@ -81,35 +86,38 @@ module Dependabot
|
|
81
86
|
end
|
82
87
|
end
|
83
88
|
|
89
|
+
sig { params(req_string: String).returns(T::Array[String]) }
|
84
90
|
def convert_java_range_to_ruby_range(req_string)
|
85
91
|
lower_b, upper_b = req_string.split(",").map(&:strip)
|
86
92
|
|
87
93
|
lower_b =
|
88
94
|
if ["(", "["].include?(lower_b) then nil
|
89
|
-
elsif lower_b.start_with?("(") then "> #{lower_b.sub(/\(\s*/, '')}"
|
95
|
+
elsif T.must(lower_b).start_with?("(") then "> #{T.must(lower_b).sub(/\(\s*/, '')}"
|
90
96
|
else
|
91
|
-
">= #{lower_b.sub(/\[\s*/, '').strip}"
|
97
|
+
">= #{T.must(lower_b).sub(/\[\s*/, '').strip}"
|
92
98
|
end
|
93
99
|
|
94
100
|
upper_b =
|
95
101
|
if [")", "]"].include?(upper_b) then nil
|
96
|
-
elsif upper_b.end_with?(")") then "< #{upper_b.sub(/\s*\)/, '')}"
|
102
|
+
elsif T.must(upper_b).end_with?(")") then "< #{T.must(upper_b).sub(/\s*\)/, '')}"
|
97
103
|
else
|
98
|
-
"<= #{upper_b.sub(/\s*\]/, '').strip}"
|
104
|
+
"<= #{T.must(upper_b).sub(/\s*\]/, '').strip}"
|
99
105
|
end
|
100
106
|
|
101
107
|
[lower_b, upper_b].compact
|
102
108
|
end
|
103
109
|
|
110
|
+
sig { params(req_string: String).returns(String) }
|
104
111
|
def convert_java_equals_req_to_ruby(req_string)
|
105
|
-
return convert_wildcard_req(req_string) if req_string
|
112
|
+
return convert_wildcard_req(req_string) if req_string.include?("+")
|
106
113
|
|
107
114
|
# If a soft requirement is being used, treat it as an equality matcher
|
108
|
-
return req_string unless req_string
|
115
|
+
return req_string unless req_string.start_with?("[")
|
109
116
|
|
110
117
|
req_string.gsub(/[\[\]\(\)]/, "")
|
111
118
|
end
|
112
119
|
|
120
|
+
sig { params(req_string: String).returns(String) }
|
113
121
|
def convert_wildcard_req(req_string)
|
114
122
|
version = req_string.split("+").first
|
115
123
|
return ">= 0" if version.nil? || version.empty?
|
@@ -59,8 +59,12 @@ module Dependabot
|
|
59
59
|
|
60
60
|
private
|
61
61
|
|
62
|
-
attr_reader :dependency
|
63
|
-
|
62
|
+
attr_reader :dependency
|
63
|
+
attr_reader :dependency_files
|
64
|
+
attr_reader :credentials
|
65
|
+
attr_reader :target_version
|
66
|
+
attr_reader :source_url
|
67
|
+
attr_reader :ignored_versions
|
64
68
|
|
65
69
|
def dependencies_to_update
|
66
70
|
@dependencies_to_update ||=
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# typed:
|
1
|
+
# typed: strict
|
2
2
|
# frozen_string_literal: true
|
3
3
|
|
4
4
|
#######################################################
|
@@ -6,6 +6,9 @@
|
|
6
6
|
# https://maven.apache.org/pom.html#Dependencies #
|
7
7
|
#######################################################
|
8
8
|
|
9
|
+
require "sorbet-runtime"
|
10
|
+
|
11
|
+
require "dependabot/requirements_updater/base"
|
9
12
|
require "dependabot/gradle/update_checker"
|
10
13
|
require "dependabot/gradle/version"
|
11
14
|
require "dependabot/gradle/requirement"
|
@@ -14,6 +17,23 @@ module Dependabot
|
|
14
17
|
module Gradle
|
15
18
|
class UpdateChecker
|
16
19
|
class RequirementsUpdater
|
20
|
+
extend T::Sig
|
21
|
+
extend T::Generic
|
22
|
+
|
23
|
+
Version = type_member { { fixed: Dependabot::Gradle::Version } }
|
24
|
+
Requirement = type_member { { fixed: Dependabot::Gradle::Requirement } }
|
25
|
+
|
26
|
+
include Dependabot::RequirementsUpdater::Base
|
27
|
+
|
28
|
+
sig do
|
29
|
+
params(
|
30
|
+
requirements: T::Array[T::Hash[Symbol, T.untyped]],
|
31
|
+
latest_version: T.nilable(T.any(Version, String)),
|
32
|
+
source_url: String,
|
33
|
+
properties_to_update: T::Array[String]
|
34
|
+
)
|
35
|
+
.void
|
36
|
+
end
|
17
37
|
def initialize(requirements:, latest_version:, source_url:,
|
18
38
|
properties_to_update:)
|
19
39
|
@requirements = requirements
|
@@ -21,9 +41,10 @@ module Dependabot
|
|
21
41
|
@properties_to_update = properties_to_update
|
22
42
|
return unless latest_version
|
23
43
|
|
24
|
-
@latest_version = version_class.new(latest_version)
|
44
|
+
@latest_version = T.let(version_class.new(latest_version), Version)
|
25
45
|
end
|
26
46
|
|
47
|
+
sig { override.returns(T::Array[T::Hash[Symbol, T.untyped]]) }
|
27
48
|
def updated_requirements
|
28
49
|
return requirements unless latest_version
|
29
50
|
|
@@ -44,9 +65,19 @@ module Dependabot
|
|
44
65
|
|
45
66
|
private
|
46
67
|
|
47
|
-
|
48
|
-
|
68
|
+
sig { returns(T::Array[T::Hash[Symbol, T.untyped]]) }
|
69
|
+
attr_reader :requirements
|
70
|
+
|
71
|
+
sig { returns(T.nilable(Version)) }
|
72
|
+
attr_reader :latest_version
|
73
|
+
|
74
|
+
sig { returns(String) }
|
75
|
+
attr_reader :source_url
|
76
|
+
|
77
|
+
sig { returns(T::Array[String]) }
|
78
|
+
attr_reader :properties_to_update
|
49
79
|
|
80
|
+
sig { params(req_string: String).returns(String) }
|
50
81
|
def update_requirement(req_string)
|
51
82
|
if req_string.include?("+")
|
52
83
|
update_dynamic_requirement(req_string)
|
@@ -56,19 +87,21 @@ module Dependabot
|
|
56
87
|
end
|
57
88
|
end
|
58
89
|
|
90
|
+
sig { params(req_string: String).returns(String) }
|
59
91
|
def update_exact_requirement(req_string)
|
60
92
|
old_version = requirement_class.new(req_string)
|
61
93
|
.requirements.first.last
|
62
94
|
req_string.gsub(old_version.to_s, latest_version.to_s)
|
63
95
|
end
|
64
96
|
|
97
|
+
sig { params(req_string: String).returns(String) }
|
65
98
|
def update_dynamic_requirement(req_string)
|
66
99
|
version = req_string.split(/\.?\+/).first || "+"
|
67
100
|
|
68
101
|
precision = version.split(".")
|
69
102
|
.take_while { |s| !s.include?("+") }.count
|
70
103
|
|
71
|
-
version_parts = latest_version.segments.first(precision)
|
104
|
+
version_parts = T.must(latest_version).segments.first(precision)
|
72
105
|
|
73
106
|
if req_string.end_with?(".+")
|
74
107
|
version_parts.join(".") + ".+"
|
@@ -77,14 +110,17 @@ module Dependabot
|
|
77
110
|
end
|
78
111
|
end
|
79
112
|
|
113
|
+
sig { override.returns(T::Class[Version]) }
|
80
114
|
def version_class
|
81
115
|
Gradle::Version
|
82
116
|
end
|
83
117
|
|
118
|
+
sig { override.returns(T::Class[Requirement]) }
|
84
119
|
def requirement_class
|
85
120
|
Gradle::Requirement
|
86
121
|
end
|
87
122
|
|
123
|
+
sig { returns(T::Hash[Symbol, String]) }
|
88
124
|
def updated_source
|
89
125
|
{ type: "maven_repo", url: source_url }
|
90
126
|
end
|
@@ -76,8 +76,12 @@ module Dependabot
|
|
76
76
|
|
77
77
|
private
|
78
78
|
|
79
|
-
attr_reader :dependency
|
80
|
-
|
79
|
+
attr_reader :dependency
|
80
|
+
attr_reader :dependency_files
|
81
|
+
attr_reader :credentials
|
82
|
+
attr_reader :ignored_versions
|
83
|
+
attr_reader :forbidden_urls
|
84
|
+
attr_reader :security_advisories
|
81
85
|
|
82
86
|
sig { params(possible_versions: T::Array[T.untyped]).returns(T::Array[T.untyped]) }
|
83
87
|
def filter_prereleases(possible_versions)
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-gradle
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.249.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-03-
|
11
|
+
date: 2024-03-28 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dependabot-common
|
@@ -16,28 +16,28 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.
|
19
|
+
version: 0.249.0
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.
|
26
|
+
version: 0.249.0
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: dependabot-maven
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
30
30
|
requirements:
|
31
31
|
- - '='
|
32
32
|
- !ruby/object:Gem::Version
|
33
|
-
version: 0.
|
33
|
+
version: 0.249.0
|
34
34
|
type: :runtime
|
35
35
|
prerelease: false
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
37
37
|
requirements:
|
38
38
|
- - '='
|
39
39
|
- !ruby/object:Gem::Version
|
40
|
-
version: 0.
|
40
|
+
version: 0.249.0
|
41
41
|
- !ruby/object:Gem::Dependency
|
42
42
|
name: debug
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
@@ -277,7 +277,7 @@ licenses:
|
|
277
277
|
- Nonstandard
|
278
278
|
metadata:
|
279
279
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
280
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
280
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.249.0
|
281
281
|
post_install_message:
|
282
282
|
rdoc_options: []
|
283
283
|
require_paths:
|