dependabot-hex 0.362.0 → 0.363.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/helpers/lib/parse_deps.exs +2 -0
  3. data/lib/dependabot/hex/file_parser.rb +2 -1
  4. data/lib/dependabot/hex/file_updater/mixfile_updater.rb +2 -2
  5. data/lib/dependabot/hex/metadata_finder.rb +3 -1
  6. data/lib/dependabot/hex/package/package_details_fetcher.rb +4 -1
  7. data/lib/dependabot/hex/update_checker/file_preparer.rb +7 -7
  8. metadata +6 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b351a6e8c2d2dd21ca2b7b0352cb6c7532c1bb8bc2fbc637da2c32b69a9c560d
4
- data.tar.gz: 992fd47208f7268cafdff3be6d5fbfed45a4001310197f4724756893a2c13891
3
+ metadata.gz: ddeca41feb6742cc3e8437f231c6f216940377a57147f2a3110da7b7352e9d93
4
+ data.tar.gz: c91f26dd952e63eccc559a01dd931186d30bdbcf754821d6a5f7ba82cda874a6
5
5
  SHA512:
6
- metadata.gz: 50bcc2a872378edfb7b55b4b44c2de01293e379f4e44adb705356fbc3ed5d2b4f47ea1ad117e77eb802fc3680e0a72f85fcb6003bbbfc6366a228d608fde3e5c
7
- data.tar.gz: 5a6ee7f8bb8994df4a6b9c9e9b8d69bf2a2ac9139d6505ba543dc5d91c6a0ab669ce69ba446260b27467ce5b103c0ed0ebfdc59add5b61ad3d4cbfdea2538f00
6
+ metadata.gz: a444f26c839b5063deb787ae939c0cbcd8033ce7541095953688a0098213944a7153c0e0421289ecf5192fe473cffd32f5e1b5df6392b82c137f3a924b23cac0
7
+ data.tar.gz: d81abb9e009de4f7b6e76ac2bc9a9cdba386266e16cbc9c5a7907252558596f3466c03c7ad7f855b5cfa678b2e85edbafe83b29f906c24ea5150be2d85f452c1
data/helpers/lib/parse_deps.exs CHANGED
@@ -29,6 +29,7 @@ defmodule Parser do
29
29
  defp build_dependency(nil, dep) do
30
30
  %{
31
31
  name: dep.app,
32
+ package_name: dep.opts[:hex] || dep.app,
32
33
  from: Path.relative_to_cwd(dep.from),
33
34
  groups: [],
34
35
  requirement: normalise_requirement(dep.requirement),
@@ -42,6 +43,7 @@ defmodule Parser do
42
43
 
43
44
  %{
44
45
  name: dep.app,
46
+ package_name: dep.opts[:hex] || dep.app,
45
47
  from: Path.relative_to_cwd(dep.from),
46
48
  version: version,
47
49
  groups: groups,
data/lib/dependabot/hex/file_parser.rb CHANGED
@@ -43,7 +43,8 @@ module Dependabot
43
43
  source: dep["source"] && symbolize_keys(dep["source"]),
44
44
  file: dep["from"]
45
45
  }],
46
- package_manager: "hex"
46
+ package_manager: "hex",
47
+ metadata: { hex_package: dep["package_name"] }
47
48
  )
48
49
  end
49
50
 
data/lib/dependabot/hex/file_updater/mixfile_updater.rb CHANGED
@@ -63,7 +63,7 @@ module Dependabot
63
63
  def update_requirement(content:, filename:, dependency:)
64
64
  updated_req =
65
65
  dependency.requirements.find { |r| r[:file] == filename }
66
- &.fetch(:requirement)
66
+ &.fetch(:requirement)
67
67
 
68
68
  old_req =
69
69
  dependency.previous_requirements
@@ -84,7 +84,7 @@ module Dependabot
84
84
  def update_git_pin(content:, filename:, dependency:)
85
85
  updated_pin =
86
86
  dependency.requirements.find { |r| r[:file] == filename }
87
- &.dig(:source, :ref)
87
+ &.dig(:source, :ref)
88
88
 
89
89
  old_pin =
90
90
  dependency.previous_requirements
data/lib/dependabot/hex/metadata_finder.rb CHANGED
@@ -60,7 +60,9 @@ module Dependabot
60
60
  def hex_listing
61
61
  return @hex_listing unless @hex_listing.nil?
62
62
 
63
- response = Dependabot::RegistryClient.get(url: "https://hex.pm/api/packages/#{dependency.name}")
63
+ response = Dependabot::RegistryClient.get(
64
+ url: "https://hex.pm/api/packages/#{dependency.metadata[:hex_package] || dependency.name}"
65
+ )
64
66
  @hex_listing = T.let(JSON.parse(response.body), T.nilable(T::Hash[String, T.untyped]))
65
67
  end
66
68
  end
data/lib/dependabot/hex/package/package_details_fetcher.rb CHANGED
@@ -27,7 +27,10 @@ module Dependabot
27
27
  def initialize(dependency:)
28
28
  @dependency = dependency
29
29
 
30
- @dependency_url = T.let("https://hex.pm/api/packages/#{dependency.name}", T.nilable(String))
30
+ @dependency_url = T.let(
31
+ "https://hex.pm/api/packages/#{dependency.metadata[:hex_package] || dependency.name}",
32
+ T.nilable(String)
33
+ )
31
34
  end
32
35
 
33
36
  sig { returns(Dependabot::Dependency) }
data/lib/dependabot/hex/update_checker/file_preparer.rb CHANGED
@@ -96,7 +96,7 @@ module Dependabot
96
96
  def relax_version(content, filename:)
97
97
  old_requirement =
98
98
  dependency.requirements.find { |r| r.fetch(:file) == filename }
99
- &.fetch(:requirement)
99
+ &.fetch(:requirement)
100
100
  updated_requirement = updated_version_requirement_string(filename)
101
101
 
102
102
  Hex::FileUpdater::MixfileRequirementUpdater.new(
@@ -133,11 +133,11 @@ module Dependabot
133
133
  else
134
134
  version_for_requirement =
135
135
  dependency.requirements.filter_map { |r| r[:requirement] }
136
- .reject { |req_string| req_string.start_with?("<") }
137
- .select { |req_string| req_string.match?(version_regex) }
138
- .map { |req_string| req_string.match(version_regex) }
139
- .select { |version| version_class.correct?(version.to_s) }
140
- .max_by { |version| version_class.new(version.to_s) }
136
+ .reject { |req_string| req_string.start_with?("<") }
137
+ .select { |req_string| req_string.match?(version_regex) }
138
+ .map { |req_string| req_string.match(version_regex) }
139
+ .select { |version| version_class.correct?(version.to_s) }
140
+ .max_by { |version| version_class.new(version.to_s) }
141
141
 
142
142
  return ">= 0" unless version_for_requirement
143
143
 
@@ -156,7 +156,7 @@ module Dependabot
156
156
  def replace_git_pin(content, filename:)
157
157
  old_pin =
158
158
  dependency.requirements.find { |r| r.fetch(:file) == filename }
159
- &.dig(:source, :ref)
159
+ &.dig(:source, :ref)
160
160
 
161
161
  return content unless old_pin
162
162
  return content if old_pin == replacement_git_pin
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-hex
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.362.0
4
+ version: 0.363.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
@@ -15,14 +15,14 @@ dependencies:
15
15
  requirements:
16
16
  - - '='
17
17
  - !ruby/object:Gem::Version
18
- version: 0.362.0
18
+ version: 0.363.0
19
19
  type: :runtime
20
20
  prerelease: false
21
21
  version_requirements: !ruby/object:Gem::Requirement
22
22
  requirements:
23
23
  - - '='
24
24
  - !ruby/object:Gem::Version
25
- version: 0.362.0
25
+ version: 0.363.0
26
26
  - !ruby/object:Gem::Dependency
27
27
  name: debug
28
28
  requirement: !ruby/object:Gem::Requirement
@@ -85,14 +85,14 @@ dependencies:
85
85
  requirements:
86
86
  - - "~>"
87
87
  - !ruby/object:Gem::Version
88
- version: '1.3'
88
+ version: '2.0'
89
89
  type: :development
90
90
  prerelease: false
91
91
  version_requirements: !ruby/object:Gem::Requirement
92
92
  requirements:
93
93
  - - "~>"
94
94
  - !ruby/object:Gem::Version
95
- version: '1.3'
95
+ version: '2.0'
96
96
  - !ruby/object:Gem::Dependency
97
97
  name: rspec-sorbet
98
98
  requirement: !ruby/object:Gem::Requirement
@@ -274,7 +274,7 @@ licenses:
274
274
  - MIT
275
275
  metadata:
276
276
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
277
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.362.0
277
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.363.0
278
278
  rdoc_options: []
279
279
  require_paths:
280
280
  - lib