dependabot-hex 0.212.0 → 0.213.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/helpers/mix.lock +1 -1
- data/lib/dependabot/hex/file_fetcher.rb +3 -4
- data/lib/dependabot/hex/file_updater/mixfile_sanitizer.rb +8 -10
- data/lib/dependabot/hex/requirement.rb +3 -3
- data/lib/dependabot/hex/update_checker/requirements_updater.rb +4 -4
- data/lib/dependabot/hex/version.rb +1 -1
- metadata +13 -55
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 30d16ac35f7e452a754f78329c9ef9ba1fd65758264be8220338a721e66dbcb6
|
4
|
+
data.tar.gz: 94a09051bf06589fe462aa33ab4440d1c5207069a23d8d45aea8517aeb16427e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b9461aa63f1f9a7f6184b29659bbf2a006642fb70eb402787ecbe9a747251c6ae2bf0dd6b484f4e80fa9a0b4b5db42fc2d9eb838aa84c8277a261ce8c03113c8
|
7
|
+
data.tar.gz: 4a9453c6d17e8af0037c637041726c0c5e12fdcb9e061eaf208051fecf644ac6a54b2d6dcfbed7ed423b6593f6d7ad1c331a1cba796a113c89c0f4570ceb16c4
|
data/helpers/mix.lock
CHANGED
@@ -1,3 +1,3 @@
|
|
1
1
|
%{
|
2
|
-
"jason": {:hex, :jason, "1.
|
2
|
+
"jason": {:hex, :jason, "1.4.0", "e855647bc964a44e2f67df589ccf49105ae039d4179db7f6271dfd3843dc27e6", [:mix], [{:decimal, "~> 1.0 or ~> 2.0", [hex: :decimal, repo: "hexpm", optional: true]}], "hexpm", "79a3791085b2a0f743ca04cec0f7be26443738779d09302e01318f97bdb82121"},
|
3
3
|
}
|
@@ -6,12 +6,11 @@ require "dependabot/file_fetchers/base"
|
|
6
6
|
module Dependabot
|
7
7
|
module Hex
|
8
8
|
class FileFetcher < Dependabot::FileFetchers::Base
|
9
|
-
APPS_PATH_REGEX = /apps_path:\s*"(?<path>.*?)"/m
|
9
|
+
APPS_PATH_REGEX = /apps_path:\s*"(?<path>.*?)"/m
|
10
10
|
STRING_ARG = %{(?:["'](.*?)["'])}
|
11
11
|
SUPPORTED_METHODS = %w(eval_file require_file).join("|").freeze
|
12
|
-
SUPPORT_FILE = /Code\.(?:#{SUPPORTED_METHODS})\(#{STRING_ARG}(?:\s*,\s*#{STRING_ARG})?\)
|
13
|
-
|
14
|
-
PATH_DEPS_REGEX = /{.*path: ?#{STRING_ARG}.*}/.freeze
|
12
|
+
SUPPORT_FILE = /Code\.(?:#{SUPPORTED_METHODS})\(#{STRING_ARG}(?:\s*,\s*#{STRING_ARG})?\)/
|
13
|
+
PATH_DEPS_REGEX = /{.*path: ?#{STRING_ARG}.*}/
|
15
14
|
|
16
15
|
def self.required_files_in?(filenames)
|
17
16
|
filenames.include?("mix.exs")
|
@@ -11,17 +11,15 @@ module Dependabot
|
|
11
11
|
@mixfile_content = mixfile_content
|
12
12
|
end
|
13
13
|
|
14
|
-
FILE_READ = /File.read\(.*?\)
|
15
|
-
FILE_READ_BANG = /File.read!\(.*?\)
|
14
|
+
FILE_READ = /File.read\(.*?\)/
|
15
|
+
FILE_READ_BANG = /File.read!\(.*?\)/
|
16
16
|
PIPE = Regexp.escape("|>").freeze
|
17
|
-
VERSION_FILE = /"VERSION"/i
|
18
|
-
|
19
|
-
NESTED_VERSION_FILE_READ = /String\.trim\(#{FILE_READ}\)
|
20
|
-
NESTED_VERSION_FILE_READ_BANG = /String\.trim\(#{FILE_READ_BANG}\)
|
21
|
-
PIPED_VERSION_FILE_READ =
|
22
|
-
|
23
|
-
PIPED_VERSION_FILE_READ_BANG =
|
24
|
-
/#{VERSION_FILE}[[:space:]]+#{PIPE}[[:space:]]+#{FILE_READ_BANG}/.freeze
|
17
|
+
VERSION_FILE = /"VERSION"/i
|
18
|
+
|
19
|
+
NESTED_VERSION_FILE_READ = /String\.trim\(#{FILE_READ}\)/
|
20
|
+
NESTED_VERSION_FILE_READ_BANG = /String\.trim\(#{FILE_READ_BANG}\)/
|
21
|
+
PIPED_VERSION_FILE_READ = /#{VERSION_FILE}[[:space:]]+#{PIPE}[[:space:]]+#{FILE_READ}/
|
22
|
+
PIPED_VERSION_FILE_READ_BANG = /#{VERSION_FILE}[[:space:]]+#{PIPE}[[:space:]]+#{FILE_READ_BANG}/
|
25
23
|
|
26
24
|
# rubocop:disable Performance/MethodObjectAsBlock
|
27
25
|
def sanitized_content
|
@@ -6,8 +6,8 @@ require "dependabot/hex/version"
|
|
6
6
|
module Dependabot
|
7
7
|
module Hex
|
8
8
|
class Requirement < Gem::Requirement
|
9
|
-
AND_SEPARATOR = /\s+and\s
|
10
|
-
OR_SEPARATOR = /\s+or\s
|
9
|
+
AND_SEPARATOR = /\s+and\s+/
|
10
|
+
OR_SEPARATOR = /\s+or\s+/
|
11
11
|
|
12
12
|
# Add the double-equality matcher to the list of allowed operations
|
13
13
|
OPS = OPS.merge("==" => ->(v, r) { v == r })
|
@@ -15,7 +15,7 @@ module Dependabot
|
|
15
15
|
# Override the version pattern to allow local versions
|
16
16
|
quoted = OPS.keys.map { |k| Regexp.quote k }.join "|"
|
17
17
|
PATTERN_RAW = "\\s*(#{quoted})?\\s*(#{Hex::Version::VERSION_PATTERN})\\s*"
|
18
|
-
PATTERN = /\A#{PATTERN_RAW}\z
|
18
|
+
PATTERN = /\A#{PATTERN_RAW}\z/
|
19
19
|
|
20
20
|
# Returns an array of requirements. At least one requirement from the
|
21
21
|
# returned array must be satisfied for a version to be valid.
|
@@ -8,10 +8,10 @@ module Dependabot
|
|
8
8
|
module Hex
|
9
9
|
class UpdateChecker
|
10
10
|
class RequirementsUpdater
|
11
|
-
OPERATORS =
|
12
|
-
AND_SEPARATOR = /\s+and\s
|
13
|
-
OR_SEPARATOR = /\s+or\s
|
14
|
-
SEPARATOR = /#{AND_SEPARATOR}|#{OR_SEPARATOR}
|
11
|
+
OPERATORS = />=|<=|>|<|==|~>/
|
12
|
+
AND_SEPARATOR = /\s+and\s+/
|
13
|
+
OR_SEPARATOR = /\s+or\s+/
|
14
|
+
SEPARATOR = /#{AND_SEPARATOR}|#{OR_SEPARATOR}/
|
15
15
|
|
16
16
|
def initialize(requirements:, latest_resolvable_version:,
|
17
17
|
updated_source:)
|
@@ -13,7 +13,7 @@ module Dependabot
|
|
13
13
|
attr_reader :build_info
|
14
14
|
|
15
15
|
VERSION_PATTERN = Gem::Version::VERSION_PATTERN + '(\+[0-9a-zA-Z\-.]+)?'
|
16
|
-
ANCHORED_VERSION_PATTERN = /\A\s*(#{VERSION_PATTERN})?\s*\z
|
16
|
+
ANCHORED_VERSION_PATTERN = /\A\s*(#{VERSION_PATTERN})?\s*\z/
|
17
17
|
|
18
18
|
def self.correct?(version)
|
19
19
|
return false if version.nil?
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-hex
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.213.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-10-31 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dependabot-common
|
@@ -16,42 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.
|
19
|
+
version: 0.213.0
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.
|
27
|
-
- !ruby/object:Gem::Dependency
|
28
|
-
name: debase
|
29
|
-
requirement: !ruby/object:Gem::Requirement
|
30
|
-
requirements:
|
31
|
-
- - '='
|
32
|
-
- !ruby/object:Gem::Version
|
33
|
-
version: 0.2.3
|
34
|
-
type: :development
|
35
|
-
prerelease: false
|
36
|
-
version_requirements: !ruby/object:Gem::Requirement
|
37
|
-
requirements:
|
38
|
-
- - '='
|
39
|
-
- !ruby/object:Gem::Version
|
40
|
-
version: 0.2.3
|
41
|
-
- !ruby/object:Gem::Dependency
|
42
|
-
name: debase-ruby_core_source
|
43
|
-
requirement: !ruby/object:Gem::Requirement
|
44
|
-
requirements:
|
45
|
-
- - '='
|
46
|
-
- !ruby/object:Gem::Version
|
47
|
-
version: 0.10.16
|
48
|
-
type: :development
|
49
|
-
prerelease: false
|
50
|
-
version_requirements: !ruby/object:Gem::Requirement
|
51
|
-
requirements:
|
52
|
-
- - '='
|
53
|
-
- !ruby/object:Gem::Version
|
54
|
-
version: 0.10.16
|
26
|
+
version: 0.213.0
|
55
27
|
- !ruby/object:Gem::Dependency
|
56
28
|
name: debug
|
57
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -86,14 +58,14 @@ dependencies:
|
|
86
58
|
requirements:
|
87
59
|
- - "~>"
|
88
60
|
- !ruby/object:Gem::Version
|
89
|
-
version: 3.
|
61
|
+
version: 3.13.0
|
90
62
|
type: :development
|
91
63
|
prerelease: false
|
92
64
|
version_requirements: !ruby/object:Gem::Requirement
|
93
65
|
requirements:
|
94
66
|
- - "~>"
|
95
67
|
- !ruby/object:Gem::Version
|
96
|
-
version: 3.
|
68
|
+
version: 3.13.0
|
97
69
|
- !ruby/object:Gem::Dependency
|
98
70
|
name: rake
|
99
71
|
requirement: !ruby/object:Gem::Requirement
|
@@ -142,42 +114,28 @@ dependencies:
|
|
142
114
|
requirements:
|
143
115
|
- - "~>"
|
144
116
|
- !ruby/object:Gem::Version
|
145
|
-
version: 1.
|
117
|
+
version: 1.37.1
|
146
118
|
type: :development
|
147
119
|
prerelease: false
|
148
120
|
version_requirements: !ruby/object:Gem::Requirement
|
149
121
|
requirements:
|
150
122
|
- - "~>"
|
151
123
|
- !ruby/object:Gem::Version
|
152
|
-
version: 1.
|
124
|
+
version: 1.37.1
|
153
125
|
- !ruby/object:Gem::Dependency
|
154
126
|
name: rubocop-performance
|
155
127
|
requirement: !ruby/object:Gem::Requirement
|
156
128
|
requirements:
|
157
129
|
- - "~>"
|
158
130
|
- !ruby/object:Gem::Version
|
159
|
-
version: 1.
|
160
|
-
type: :development
|
161
|
-
prerelease: false
|
162
|
-
version_requirements: !ruby/object:Gem::Requirement
|
163
|
-
requirements:
|
164
|
-
- - "~>"
|
165
|
-
- !ruby/object:Gem::Version
|
166
|
-
version: 1.14.2
|
167
|
-
- !ruby/object:Gem::Dependency
|
168
|
-
name: ruby-debug-ide
|
169
|
-
requirement: !ruby/object:Gem::Requirement
|
170
|
-
requirements:
|
171
|
-
- - "~>"
|
172
|
-
- !ruby/object:Gem::Version
|
173
|
-
version: 0.7.3
|
131
|
+
version: 1.15.0
|
174
132
|
type: :development
|
175
133
|
prerelease: false
|
176
134
|
version_requirements: !ruby/object:Gem::Requirement
|
177
135
|
requirements:
|
178
136
|
- - "~>"
|
179
137
|
- !ruby/object:Gem::Version
|
180
|
-
version:
|
138
|
+
version: 1.15.0
|
181
139
|
- !ruby/object:Gem::Dependency
|
182
140
|
name: simplecov
|
183
141
|
requirement: !ruby/object:Gem::Requirement
|
@@ -291,14 +249,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
291
249
|
requirements:
|
292
250
|
- - ">="
|
293
251
|
- !ruby/object:Gem::Version
|
294
|
-
version:
|
252
|
+
version: 3.1.0
|
295
253
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
296
254
|
requirements:
|
297
255
|
- - ">="
|
298
256
|
- !ruby/object:Gem::Version
|
299
|
-
version:
|
257
|
+
version: 3.1.0
|
300
258
|
requirements: []
|
301
|
-
rubygems_version: 3.
|
259
|
+
rubygems_version: 3.3.7
|
302
260
|
signing_key:
|
303
261
|
specification_version: 4
|
304
262
|
summary: Elixir (Hex) support for dependabot
|