dependabot-maven 0.118.4 → 0.118.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/maven.rb +1 -1
- data/lib/dependabot/maven/file_parser.rb +10 -2
- data/lib/dependabot/maven/file_updater/declaration_finder.rb +5 -0
- data/lib/dependabot/maven/metadata_finder.rb +10 -7
- data/lib/dependabot/maven/update_checker/version_finder.rb +5 -3
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a8eec585634e8400b0c7e52435131f9bb4088e6dd5882e373a910f1e5d676cc1
|
4
|
+
data.tar.gz: a561b5b8e476ce5ed3ac553f919f39a21da9536453a45d0b461b757c7c2f0518
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c63c4533b7cb12731ad1d7c410f310e80bbcabfbb2a95a7cfcdbef5619af75a3f03c3978f086e5877ba72c837b4d6f192f7e89982af0d888c6c210d79457d5f4
|
7
|
+
data.tar.gz: d3cfdbfbb85d5d846d39531b0e6c6b54cdf8d641ee6b7a34ac9ae3d13e0be8dc2d15dd9b0bb8890b10d4701884d580d702aeaf9a96fce5acc06fb48c2bf567ca
|
data/lib/dependabot/maven.rb
CHANGED
@@ -104,7 +104,7 @@ module Dependabot
|
|
104
104
|
return unless dependency_node.at_xpath("./groupId")
|
105
105
|
return unless dependency_node.at_xpath("./artifactId")
|
106
106
|
|
107
|
-
[
|
107
|
+
name = [
|
108
108
|
evaluated_value(
|
109
109
|
dependency_node.at_xpath("./groupId").content.strip,
|
110
110
|
pom
|
@@ -114,6 +114,15 @@ module Dependabot
|
|
114
114
|
pom
|
115
115
|
)
|
116
116
|
].join(":")
|
117
|
+
|
118
|
+
if dependency_node.at_xpath("./classifier")
|
119
|
+
name += ":#{evaluated_value(
|
120
|
+
dependency_node.at_xpath('./classifier').content.strip,
|
121
|
+
pom
|
122
|
+
)}"
|
123
|
+
end
|
124
|
+
|
125
|
+
name
|
117
126
|
end
|
118
127
|
|
119
128
|
def plugin_name(dependency_node, pom)
|
@@ -185,7 +194,6 @@ module Dependabot
|
|
185
194
|
return unless dependency_node.at_xpath("./version")
|
186
195
|
|
187
196
|
version_content = dependency_node.at_xpath("./version").content.strip
|
188
|
-
|
189
197
|
return unless version_content.match?(PROPERTY_REGEX)
|
190
198
|
|
191
199
|
version_content.
|
@@ -57,6 +57,11 @@ module Dependabot
|
|
57
57
|
evaluated_value(node.at_xpath("./*/artifactId").content.strip)
|
58
58
|
].compact.join(":")
|
59
59
|
|
60
|
+
if node.at_xpath("./*/classifier")
|
61
|
+
node_name += ":#{evaluated_value(node.at_xpath('./*/classifier').
|
62
|
+
content.strip)}"
|
63
|
+
end
|
64
|
+
|
60
65
|
next false unless node_name == dependency_name
|
61
66
|
next false unless packaging_type_matches?(node)
|
62
67
|
next false unless scope_matches?(node)
|
@@ -23,8 +23,7 @@ module Dependabot
|
|
23
23
|
tmp_source = look_up_source_in_pom(parent)
|
24
24
|
return unless tmp_source
|
25
25
|
|
26
|
-
|
27
|
-
return tmp_source if tmp_source.repo.end_with?(artifact)
|
26
|
+
return tmp_source if tmp_source.repo.end_with?(dependency_artifact_id)
|
28
27
|
return tmp_source if repo_has_subdir_for_dep?(tmp_source)
|
29
28
|
end
|
30
29
|
|
@@ -34,14 +33,13 @@ module Dependabot
|
|
34
33
|
return @repo_has_subdir_for_dep[tmp_source]
|
35
34
|
end
|
36
35
|
|
37
|
-
artifact = dependency.name.split(":").last
|
38
36
|
fetcher =
|
39
37
|
FileFetchers::Base.new(source: tmp_source, credentials: credentials)
|
40
38
|
|
41
39
|
@repo_has_subdir_for_dep[tmp_source] =
|
42
40
|
fetcher.send(:repo_contents, raise_errors: false).
|
43
41
|
select { |f| f.type == "dir" }.
|
44
|
-
any? { |f|
|
42
|
+
any? { |f| dependency_artifact_id.end_with?(f.name) }
|
45
43
|
rescue Dependabot::BranchNotFound
|
46
44
|
tmp_source.branch = nil
|
47
45
|
retry
|
@@ -96,18 +94,17 @@ module Dependabot
|
|
96
94
|
|
97
95
|
github_urls.find do |url|
|
98
96
|
repo = Source.from_url(url).repo
|
99
|
-
repo.end_with?(
|
97
|
+
repo.end_with?(dependency_artifact_id)
|
100
98
|
end
|
101
99
|
end
|
102
100
|
|
103
101
|
def dependency_pom_file
|
104
102
|
return @dependency_pom_file unless @dependency_pom_file.nil?
|
105
103
|
|
106
|
-
artifact_id = dependency.name.split(":").last
|
107
104
|
response = Excon.get(
|
108
105
|
"#{maven_repo_dependency_url}/"\
|
109
106
|
"#{dependency.version}/"\
|
110
|
-
"#{
|
107
|
+
"#{dependency_artifact_id}-#{dependency.version}.pom",
|
111
108
|
headers: auth_details,
|
112
109
|
idempotent: true,
|
113
110
|
**SharedHelpers.excon_defaults
|
@@ -118,6 +115,12 @@ module Dependabot
|
|
118
115
|
@dependency_pom_file = Nokogiri::XML("")
|
119
116
|
end
|
120
117
|
|
118
|
+
def dependency_artifact_id
|
119
|
+
_group_id, artifact_id, _classifier = dependency.name.split(":")
|
120
|
+
|
121
|
+
artifact_id
|
122
|
+
end
|
123
|
+
|
121
124
|
def parent_pom_file(pom)
|
122
125
|
doc = pom.dup
|
123
126
|
doc.remove_namespaces!
|
@@ -173,6 +173,7 @@ module Dependabot
|
|
173
173
|
**Dependabot::SharedHelpers.excon_defaults
|
174
174
|
)
|
175
175
|
check_response(response, repository_details.fetch("url"))
|
176
|
+
|
176
177
|
Nokogiri::XML(response.body)
|
177
178
|
rescue URI::InvalidURIError
|
178
179
|
Nokogiri::XML("")
|
@@ -248,7 +249,7 @@ module Dependabot
|
|
248
249
|
end
|
249
250
|
|
250
251
|
def dependency_metadata_url(repository_url)
|
251
|
-
group_id, artifact_id = dependency.name.split(":")
|
252
|
+
group_id, artifact_id, _classifier = dependency.name.split(":")
|
252
253
|
|
253
254
|
"#{repository_url}/"\
|
254
255
|
"#{group_id.tr('.', '/')}/"\
|
@@ -257,15 +258,16 @@ module Dependabot
|
|
257
258
|
end
|
258
259
|
|
259
260
|
def dependency_files_url(repository_url, version)
|
260
|
-
group_id, artifact_id = dependency.name.split(":")
|
261
|
+
group_id, artifact_id, classifier = dependency.name.split(":")
|
261
262
|
type = dependency.requirements.first.
|
262
263
|
dig(:metadata, :packaging_type)
|
263
264
|
|
265
|
+
actual_classifier = classifier.nil? ? "" : "-#{classifier}"
|
264
266
|
"#{repository_url}/"\
|
265
267
|
"#{group_id.tr('.', '/')}/"\
|
266
268
|
"#{artifact_id}/"\
|
267
269
|
"#{version}/"\
|
268
|
-
"#{artifact_id}-#{version}.#{type}"
|
270
|
+
"#{artifact_id}-#{version}#{actual_classifier}.#{type}"
|
269
271
|
end
|
270
272
|
|
271
273
|
def version_class
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-maven
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.118.
|
4
|
+
version: 0.118.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-06-
|
11
|
+
date: 2020-06-24 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dependabot-common
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.118.
|
19
|
+
version: 0.118.5
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.118.
|
26
|
+
version: 0.118.5
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: byebug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|