dependabot-hex 0.221.0 → 0.223.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: bc54bf3538419fd8ad7dd49f6f8a06600278ebf18ab7866dcaf2727c18e53c82
-  data.tar.gz: 5bdad1ddd9e61ff314d10d519284cb83eb3e68947836ac9227078ee6d54bdcee
+  metadata.gz: 9e72e7a127d9dd84ddfc75debeb401b8c5d7ce66ca50440b107664a28da280a4
+  data.tar.gz: ab41682686f7b02418d1584e5f026fc002a4313bd3bb4a5b825cae6cad1c9246
 SHA512:
-  metadata.gz: '08b4768f5996dd25b186d6201da4e338a81748219ae74aa9c87d13162f757cecd8dbb06a286585baa6687be1a655530be18cf32610ceb4be0b23fe36c27262c5'
-  data.tar.gz: 44f1d823aee8225b063083e83578523e2b55220fc32b71c7ec1683424cd428d21fb9cb73bc92be059885b106bb4bd9c53073fd1820bf2b0924ed0473c3b5e498
+  metadata.gz: '08237144612c8ece12513c27f80185f6dd10a4d6c75aef127d68d009ecee3c5267bfd554e83823570af3cf618cd600ca75787760b087eaf885075a2f15e49716'
+  data.tar.gz: 4f0c82e91664ed3c5fb1bdce89ab2328ce6bf7631da2ee12549b2f284c997874037d2e63cbf7a8a018268a8cdd747e5761d493d9e383a5b8bfed7d71bb932aeb

data/lib/dependabot/hex/metadata_finder.rb

@@ -26,13 +26,7 @@ module Dependabot
       end
 
       def new_source_type
-        sources =
-          dependency.requirements.map { |r| r.fetch(:source) }.uniq.compact
-
-        return "default" if sources.empty?
-        raise "Multiple sources! #{sources.join(', ')}" if sources.count > 1
-
-        sources.first[:type] || sources.first.fetch("type")
+        dependency.source_type
       end
 
       def find_source_from_hex_listing

data/lib/dependabot/hex/requirement.rb

@@ -14,7 +14,7 @@ module Dependabot
 
       # Override the version pattern to allow local versions
       quoted = OPS.keys.map { |k| Regexp.quote k }.join "|"
-      PATTERN_RAW = "\\s*(#{quoted})?\\s*(#{Hex::Version::VERSION_PATTERN})\\s*"
+      PATTERN_RAW = "\\s*(#{quoted})?\\s*(#{Hex::Version::VERSION_PATTERN})\\s*".freeze
       PATTERN = /\A#{PATTERN_RAW}\z/
 
       # Returns an array of requirements. At least one requirement from the

data/lib/dependabot/hex/update_checker.rb

@@ -162,12 +162,7 @@ module Dependabot
       end
 
       def dependency_source_details
-        sources =
-          dependency.requirements.map { |r| r.fetch(:source) }.uniq.compact
-
-        raise "Multiple sources! #{sources.join(', ')}" if sources.count > 1
-
-        sources.first
+        dependency.source_details
       end
 
       def fetch_latest_resolvable_version(unlock_requirement:)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-hex
 version: !ruby/object:Gem::Version
-  version: 0.221.0
+  version: 0.223.0
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-07-13 00:00:00.000000000 Z
+date: 2023-07-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.221.0
+        version: 0.223.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.221.0
+        version: 0.223.0
 - !ruby/object:Gem::Dependency
   name: debug
   requirement: !ruby/object:Gem::Requirement
@@ -216,7 +216,7 @@ licenses:
 - Nonstandard
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.221.0
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.223.0
 post_install_message: 
 rdoc_options: []
 require_paths: