dependabot-maven 0.117.9 → 0.118.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/maven/update_checker.rb +1 -0
  3. data/lib/dependabot/maven/update_checker/version_finder.rb +12 -6
  4. metadata +8 -8
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 41e12c50cbfce76f08b2a651f00e822e99d9102f14819c67171c1d408801a6db
4
- data.tar.gz: db3f3ec198f61adaf3946d4aa3f763d4bc512f7d098e2f45c4e2917d5fad8964
3
+ metadata.gz: 20d9d7ca26cf564b8df6b29a37331afb1fbba8705bfb642fc96b207072e3a13f
4
+ data.tar.gz: b997886f406166a162116e0e9c9518bc09d52960930fc5808e15f77ea9fa4066
5
5
  SHA512:
6
- metadata.gz: 67a7a47cbe27a008e28d42ccd2a00dcffe570cb3fdbdaf971ba284e94b5b96e6b53255a7dea7418b9ed961438dfe85b520d5647cd964c060df1b73a239b0f593
7
- data.tar.gz: cb437e953f18279ef06aae4f931b6d79f1d70bed9b4d3787991afd6cf4186c00e4f428bd1313f6f8863aa017495e91542edea9226e919c8c49684365071f2833
6
+ metadata.gz: 15eec530a6de04b8228faad5592d27c899f157cada785842fb84b6d5e20594509f09769e8cebb06783a7117cba637a394eba01f926137ff85c85d8cdf4eaa960
7
+ data.tar.gz: e5f9236bdda3dd577ab79b2481ff44fcf919761015331b942db9ec5d3002fdf8e248d209918664fbdca6a1af78889ad8c353a1c400325fc8eabd907bf5b578d2
data/lib/dependabot/maven/update_checker.rb CHANGED
@@ -117,6 +117,7 @@ module Dependabot
117
117
  dependency_files: dependency_files,
118
118
  credentials: credentials,
119
119
  ignored_versions: ignored_versions,
120
+ raise_on_ignored: raise_on_ignored,
120
121
  security_advisories: security_advisories
121
122
  )
122
123
  end
data/lib/dependabot/maven/update_checker/version_finder.rb CHANGED
@@ -14,11 +14,13 @@ module Dependabot
14
14
  TYPE_SUFFICES = %w(jre android java).freeze
15
15
 
16
16
  def initialize(dependency:, dependency_files:, credentials:,
17
- ignored_versions:, security_advisories:)
17
+ ignored_versions:, security_advisories:,
18
+ raise_on_ignored: false)
18
19
  @dependency = dependency
19
20
  @dependency_files = dependency_files
20
21
  @credentials = credentials
21
22
  @ignored_versions = ignored_versions
23
+ @raise_on_ignored = raise_on_ignored
22
24
  @security_advisories = security_advisories
23
25
  @forbidden_urls = []
24
26
  end
@@ -40,8 +42,8 @@ module Dependabot
40
42
  possible_versions = filter_prereleases(possible_versions)
41
43
  possible_versions = filter_date_based_versions(possible_versions)
42
44
  possible_versions = filter_version_types(possible_versions)
43
- possible_versions = filter_ignored_versions(possible_versions)
44
45
  possible_versions = filter_vulnerable_versions(possible_versions)
46
+ possible_versions = filter_ignored_versions(possible_versions)
45
47
  possible_versions = filter_lower_versions(possible_versions)
46
48
 
47
49
  possible_versions.find { |v| released?(v.fetch(:version)) }
@@ -89,16 +91,20 @@ module Dependabot
89
91
  end
90
92
 
91
93
  def filter_ignored_versions(possible_versions)
92
- versions_array = possible_versions
94
+ filtered = possible_versions
93
95
 
94
96
  ignored_versions.each do |req|
95
97
  ignore_req = Maven::Requirement.new(req.split(","))
96
- versions_array =
97
- versions_array.
98
+ filtered =
99
+ filtered.
98
100
  reject { |v| ignore_req.satisfied_by?(v.fetch(:version)) }
99
101
  end
100
102
 
101
- versions_array
103
+ if @raise_on_ignored && filtered.empty? && possible_versions.any?
104
+ raise AllVersionsIgnored
105
+ end
106
+
107
+ filtered
102
108
  end
103
109
 
104
110
  def filter_vulnerable_versions(possible_versions)
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-maven
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.117.9
4
+ version: 0.118.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-05-19 00:00:00.000000000 Z
11
+ date: 2020-06-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.117.9
19
+ version: 0.118.2
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.117.9
26
+ version: 0.118.2
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -114,28 +114,28 @@ dependencies:
114
114
  requirements:
115
115
  - - "~>"
116
116
  - !ruby/object:Gem::Version
117
- version: 0.83.0
117
+ version: 0.85.0
118
118
  type: :development
119
119
  prerelease: false
120
120
  version_requirements: !ruby/object:Gem::Requirement
121
121
  requirements:
122
122
  - - "~>"
123
123
  - !ruby/object:Gem::Version
124
- version: 0.83.0
124
+ version: 0.85.0
125
125
  - !ruby/object:Gem::Dependency
126
126
  name: vcr
127
127
  requirement: !ruby/object:Gem::Requirement
128
128
  requirements:
129
129
  - - '='
130
130
  - !ruby/object:Gem::Version
131
- version: '5.0'
131
+ version: 6.0.0
132
132
  type: :development
133
133
  prerelease: false
134
134
  version_requirements: !ruby/object:Gem::Requirement
135
135
  requirements:
136
136
  - - '='
137
137
  - !ruby/object:Gem::Version
138
- version: '5.0'
138
+ version: 6.0.0
139
139
  - !ruby/object:Gem::Dependency
140
140
  name: webmock
141
141
  requirement: !ruby/object:Gem::Requirement