dependabot-maven 0.117.10 → 0.118.3

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b9a21de052390d545c69cd71b81bbabae48b31c8eeeae247711e5bc6670cbed2
4
- data.tar.gz: c42416e01a9019040a34484328c975ee10488959b38d8ea12d8066390c0c4055
3
+ metadata.gz: 57c3d6578720bd9d102d72f095e96f9526c96ad26c3f26e9bf9800fae9d82a83
4
+ data.tar.gz: 2c8bb7210b3bdf57ddb5f8b5a941c7ac4943b08b8da8f9a2bd2ef5969b95c9f9
5
5
  SHA512:
6
- metadata.gz: 2f1baa05a90ea82e6bff2b0aac8678a1df54a540ac38829ea9c974963c37a8ce6c155e6a39902f18bd4c30a1e97043a548e58c2a1b01ecc7d61866f9d8a381fb
7
- data.tar.gz: b0fe9f226eb17b36de0fb4d8aab2b25ce1c199aa4b67eab0042f8438a92d5305c621cb02b26556e03ad0d7cf3752c72078dca8e3924afddf8caa98999e21c977
6
+ metadata.gz: 576b996b863295860894ead54d1c5fa943b232e78f2e37a7e47ec5ed2aca5fe0d6e68daa2afc9e21e129679f6b79b618fba86b0cca3a9abf2d6d6a4e59ce8b19
7
+ data.tar.gz: ab3f78c545843852a9d9b02e4507435e80fb47a577808a5b5774812279193e7b9c572cf8f420601454bff1d13541aa6123fe97214f3bdb7ddcc482a77884207f
@@ -117,6 +117,7 @@ module Dependabot
117
117
  dependency_files: dependency_files,
118
118
  credentials: credentials,
119
119
  ignored_versions: ignored_versions,
120
+ raise_on_ignored: raise_on_ignored,
120
121
  security_advisories: security_advisories
121
122
  )
122
123
  end
@@ -14,11 +14,13 @@ module Dependabot
14
14
  TYPE_SUFFICES = %w(jre android java).freeze
15
15
 
16
16
  def initialize(dependency:, dependency_files:, credentials:,
17
- ignored_versions:, security_advisories:)
17
+ ignored_versions:, security_advisories:,
18
+ raise_on_ignored: false)
18
19
  @dependency = dependency
19
20
  @dependency_files = dependency_files
20
21
  @credentials = credentials
21
22
  @ignored_versions = ignored_versions
23
+ @raise_on_ignored = raise_on_ignored
22
24
  @security_advisories = security_advisories
23
25
  @forbidden_urls = []
24
26
  end
@@ -40,8 +42,8 @@ module Dependabot
40
42
  possible_versions = filter_prereleases(possible_versions)
41
43
  possible_versions = filter_date_based_versions(possible_versions)
42
44
  possible_versions = filter_version_types(possible_versions)
43
- possible_versions = filter_ignored_versions(possible_versions)
44
45
  possible_versions = filter_vulnerable_versions(possible_versions)
46
+ possible_versions = filter_ignored_versions(possible_versions)
45
47
  possible_versions = filter_lower_versions(possible_versions)
46
48
 
47
49
  possible_versions.find { |v| released?(v.fetch(:version)) }
@@ -89,16 +91,20 @@ module Dependabot
89
91
  end
90
92
 
91
93
  def filter_ignored_versions(possible_versions)
92
- versions_array = possible_versions
94
+ filtered = possible_versions
93
95
 
94
96
  ignored_versions.each do |req|
95
97
  ignore_req = Maven::Requirement.new(req.split(","))
96
- versions_array =
97
- versions_array.
98
+ filtered =
99
+ filtered.
98
100
  reject { |v| ignore_req.satisfied_by?(v.fetch(:version)) }
99
101
  end
100
102
 
101
- versions_array
103
+ if @raise_on_ignored && filtered.empty? && possible_versions.any?
104
+ raise AllVersionsIgnored
105
+ end
106
+
107
+ filtered
102
108
  end
103
109
 
104
110
  def filter_vulnerable_versions(possible_versions)
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-maven
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.117.10
4
+ version: 0.118.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-05-21 00:00:00.000000000 Z
11
+ date: 2020-06-18 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.117.10
19
+ version: 0.118.3
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.117.10
26
+ version: 0.118.3
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -114,28 +114,28 @@ dependencies:
114
114
  requirements:
115
115
  - - "~>"
116
116
  - !ruby/object:Gem::Version
117
- version: 0.83.0
117
+ version: 0.85.0
118
118
  type: :development
119
119
  prerelease: false
120
120
  version_requirements: !ruby/object:Gem::Requirement
121
121
  requirements:
122
122
  - - "~>"
123
123
  - !ruby/object:Gem::Version
124
- version: 0.83.0
124
+ version: 0.85.0
125
125
  - !ruby/object:Gem::Dependency
126
126
  name: vcr
127
127
  requirement: !ruby/object:Gem::Requirement
128
128
  requirements:
129
129
  - - '='
130
130
  - !ruby/object:Gem::Version
131
- version: '5.0'
131
+ version: 6.0.0
132
132
  type: :development
133
133
  prerelease: false
134
134
  version_requirements: !ruby/object:Gem::Requirement
135
135
  requirements:
136
136
  - - '='
137
137
  - !ruby/object:Gem::Version
138
- version: '5.0'
138
+ version: 6.0.0
139
139
  - !ruby/object:Gem::Dependency
140
140
  name: webmock
141
141
  requirement: !ruby/object:Gem::Requirement