dependabot-maven 0.117.6 → 0.117.11

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 2d94ede184dd93552564e1fb1e51f0bbd424a0f2f8931463a37d493540025cc2
4
- data.tar.gz: 7c51806010f35e1397a54a1d3b42ff0528d202afaf57018103637b9f5a4539ad
3
+ metadata.gz: 9f6f8c15c0c5ffaab17e52891c626bc39d41aaf2d4275d7a0488d0d48bd19461
4
+ data.tar.gz: edc0a6b19538a72b1469f1f5ec2bd4ddcc696580e7cf1cd4f07297650e13eaea
5
5
  SHA512:
6
- metadata.gz: 9081b26987f6c5d7a0f1a737ffaafda5344354098492c07f0ef1508e0b46f11c35baae49e5bd1d3110173975de906b198f01c0cdce7f618732281a31bed30686
7
- data.tar.gz: 281befbd509ee650b072dcb038f82868da3cc6821cb99ed0f26ae7b74fc7b964ecba17397a1d77e3b7c99570a307b49e1dd8bdbc62b38cd8e12b09be91830fae
6
+ metadata.gz: 34886dfcc8402125617e7fef5b37ef983d0fe567312a60e10ff0fa6a57fcbfc21b57fe1b2505a523bb1c3bf840beb78a0f7e2ab5360683489f5870f2980a549f
7
+ data.tar.gz: f0b8a85666b96d87e37805e71f03f93333d26c6a7f3ffa7e33daa6249400fc7caadd23f96958a2e4cc91c73c69560ffcca75de3c421ee7a4d4d51d95a6c751ba
@@ -117,6 +117,7 @@ module Dependabot
117
117
  dependency_files: dependency_files,
118
118
  credentials: credentials,
119
119
  ignored_versions: ignored_versions,
120
+ raise_on_ignored: raise_on_ignored,
120
121
  security_advisories: security_advisories
121
122
  )
122
123
  end
@@ -14,11 +14,13 @@ module Dependabot
14
14
  TYPE_SUFFICES = %w(jre android java).freeze
15
15
 
16
16
  def initialize(dependency:, dependency_files:, credentials:,
17
- ignored_versions:, security_advisories:)
17
+ ignored_versions:, security_advisories:,
18
+ raise_on_ignored: false)
18
19
  @dependency = dependency
19
20
  @dependency_files = dependency_files
20
21
  @credentials = credentials
21
22
  @ignored_versions = ignored_versions
23
+ @raise_on_ignored = raise_on_ignored
22
24
  @security_advisories = security_advisories
23
25
  @forbidden_urls = []
24
26
  end
@@ -40,8 +42,8 @@ module Dependabot
40
42
  possible_versions = filter_prereleases(possible_versions)
41
43
  possible_versions = filter_date_based_versions(possible_versions)
42
44
  possible_versions = filter_version_types(possible_versions)
43
- possible_versions = filter_ignored_versions(possible_versions)
44
45
  possible_versions = filter_vulnerable_versions(possible_versions)
46
+ possible_versions = filter_ignored_versions(possible_versions)
45
47
  possible_versions = filter_lower_versions(possible_versions)
46
48
 
47
49
  possible_versions.find { |v| released?(v.fetch(:version)) }
@@ -89,16 +91,20 @@ module Dependabot
89
91
  end
90
92
 
91
93
  def filter_ignored_versions(possible_versions)
92
- versions_array = possible_versions
94
+ filtered = possible_versions
93
95
 
94
96
  ignored_versions.each do |req|
95
97
  ignore_req = Maven::Requirement.new(req.split(","))
96
- versions_array =
97
- versions_array.
98
+ filtered =
99
+ filtered.
98
100
  reject { |v| ignore_req.satisfied_by?(v.fetch(:version)) }
99
101
  end
100
102
 
101
- versions_array
103
+ if @raise_on_ignored && filtered.empty? && possible_versions.any?
104
+ raise AllVersionsIgnored
105
+ end
106
+
107
+ filtered
102
108
  end
103
109
 
104
110
  def filter_vulnerable_versions(possible_versions)
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-maven
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.117.6
4
+ version: 0.117.11
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-04-09 00:00:00.000000000 Z
11
+ date: 2020-05-28 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.117.6
19
+ version: 0.117.11
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.117.6
26
+ version: 0.117.11
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -114,14 +114,14 @@ dependencies:
114
114
  requirements:
115
115
  - - "~>"
116
116
  - !ruby/object:Gem::Version
117
- version: 0.80.1
117
+ version: 0.83.0
118
118
  type: :development
119
119
  prerelease: false
120
120
  version_requirements: !ruby/object:Gem::Requirement
121
121
  requirements:
122
122
  - - "~>"
123
123
  - !ruby/object:Gem::Version
124
- version: 0.80.1
124
+ version: 0.83.0
125
125
  - !ruby/object:Gem::Dependency
126
126
  name: vcr
127
127
  requirement: !ruby/object:Gem::Requirement