dependabot-maven 0.117.8 → 0.118.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/maven/update_checker.rb +1 -0
  3. data/lib/dependabot/maven/update_checker/version_finder.rb +12 -6
  4. metadata +6 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: af6efeca33cbf580461d6424157cea9c6744004fa963b3030e2c7d0caef2c32a
4
- data.tar.gz: ba9ba3e4bf238f493dd48031b10dfd5ff2a8f470b04ba01554e4d874c8816863
3
+ metadata.gz: 771aa76e7d9566e6f2ef2dbcff951ebfb7592a1af875de6ae444af26ee1fc6c6
4
+ data.tar.gz: 87f44e6a409a8e75d5f2a23652a5e200030c8b09b63212e5f219a83fb06009d1
5
5
  SHA512:
6
- metadata.gz: 379a7b01faa988211486bf886ab13b643e9d852cd550a79fe3c953d56920e9c214366dddf0fb9d4466944922bd41ee530c43aa227511448774b3992270e0ab83
7
- data.tar.gz: b1afb5f50d6b573f6832dda662b2cc50a011ec07a10b7d3a027ca5f379a6392737b584ec8eb0425f7a644d30da3112c9c065b71872d5a500a683dce8b97b837e
6
+ metadata.gz: 500de19452b29f34d334fe1acd9aaa971724368f7c4ea738e7bab3f6ce1924e77695852b177a60a03c7a81416e168f48b296a33458f6d5b83994f952167550e6
7
+ data.tar.gz: efba540e1abf132053c4584d9c5e127376e3ee80cf6d6f36b93bafbe45df8a96a9462e10adcaa3791c9225ac2170d989abcc0bf86f4d4df0b794866d5306a417
data/lib/dependabot/maven/update_checker.rb CHANGED
@@ -117,6 +117,7 @@ module Dependabot
117
117
  dependency_files: dependency_files,
118
118
  credentials: credentials,
119
119
  ignored_versions: ignored_versions,
120
+ raise_on_ignored: raise_on_ignored,
120
121
  security_advisories: security_advisories
121
122
  )
122
123
  end
data/lib/dependabot/maven/update_checker/version_finder.rb CHANGED
@@ -14,11 +14,13 @@ module Dependabot
14
14
  TYPE_SUFFICES = %w(jre android java).freeze
15
15
 
16
16
  def initialize(dependency:, dependency_files:, credentials:,
17
- ignored_versions:, security_advisories:)
17
+ ignored_versions:, security_advisories:,
18
+ raise_on_ignored: false)
18
19
  @dependency = dependency
19
20
  @dependency_files = dependency_files
20
21
  @credentials = credentials
21
22
  @ignored_versions = ignored_versions
23
+ @raise_on_ignored = raise_on_ignored
22
24
  @security_advisories = security_advisories
23
25
  @forbidden_urls = []
24
26
  end
@@ -40,8 +42,8 @@ module Dependabot
40
42
  possible_versions = filter_prereleases(possible_versions)
41
43
  possible_versions = filter_date_based_versions(possible_versions)
42
44
  possible_versions = filter_version_types(possible_versions)
43
- possible_versions = filter_ignored_versions(possible_versions)
44
45
  possible_versions = filter_vulnerable_versions(possible_versions)
46
+ possible_versions = filter_ignored_versions(possible_versions)
45
47
  possible_versions = filter_lower_versions(possible_versions)
46
48
 
47
49
  possible_versions.find { |v| released?(v.fetch(:version)) }
@@ -89,16 +91,20 @@ module Dependabot
89
91
  end
90
92
 
91
93
  def filter_ignored_versions(possible_versions)
92
- versions_array = possible_versions
94
+ filtered = possible_versions
93
95
 
94
96
  ignored_versions.each do |req|
95
97
  ignore_req = Maven::Requirement.new(req.split(","))
96
- versions_array =
97
- versions_array.
98
+ filtered =
99
+ filtered.
98
100
  reject { |v| ignore_req.satisfied_by?(v.fetch(:version)) }
99
101
  end
100
102
 
101
- versions_array
103
+ if @raise_on_ignored && filtered.empty? && possible_versions.any?
104
+ raise AllVersionsIgnored
105
+ end
106
+
107
+ filtered
102
108
  end
103
109
 
104
110
  def filter_vulnerable_versions(possible_versions)
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-maven
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.117.8
4
+ version: 0.118.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-05-12 00:00:00.000000000 Z
11
+ date: 2020-06-04 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.117.8
19
+ version: 0.118.1
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.117.8
26
+ version: 0.118.1
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -114,14 +114,14 @@ dependencies:
114
114
  requirements:
115
115
  - - "~>"
116
116
  - !ruby/object:Gem::Version
117
- version: 0.82.0
117
+ version: 0.83.0
118
118
  type: :development
119
119
  prerelease: false
120
120
  version_requirements: !ruby/object:Gem::Requirement
121
121
  requirements:
122
122
  - - "~>"
123
123
  - !ruby/object:Gem::Version
124
- version: 0.82.0
124
+ version: 0.83.0
125
125
  - !ruby/object:Gem::Dependency
126
126
  name: vcr
127
127
  requirement: !ruby/object:Gem::Requirement