dependabot-maven 0.164.1 → 0.167.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/maven/file_updater/declaration_finder.rb +8 -5
  3. data/lib/dependabot/maven/update_checker/property_updater.rb +1 -1
  4. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e07cea43716f1e19234a05dd071865d262867e3c21c66585087575458212b9f4
4
- data.tar.gz: e01f020db6b598142c92711c469b26fa08994c134c42e8be294836df7a0af3a2
3
+ metadata.gz: 65eb2460e1b7e9cea848fcc71910d6445d3c20e08fc72da184c7b5aaea39f310
4
+ data.tar.gz: 533a99b8383e25bb4480a66484b5a79a580a71c27eaa79cf44611e4f1e7b2ca3
5
5
  SHA512:
6
- metadata.gz: 0d2f3cf758b3ba66b4cee62369d57f1a0d1b67c8ed1ac372a0c4e2e022714f3a8318dbcba16f9bc0276b7bb6d190091cedeedc655135b8929aab4bd4ff7bb606
7
- data.tar.gz: 654de62a72c45643a0c6b60c87636ecc727700d7d36ae6ec35b813070102074769e2eddff1c1d7db784ec7b42352cabeb6ecbf34e7bb444100a1f2220f957baa
6
+ metadata.gz: f75251e8bd2131313f6187ce25acd48038aa8d5e015983201d13a06a00e83b75f6f522f12b9537a805f6289c430a77ca0c917894ba0da540c3329fc41c22486b
7
+ data.tar.gz: 4f8c04ee4c43d2af22acfe5bf87532c0242617ac153d4f4a5577d99ba02acb8f902403ea6333487e5664ea2432eb3064cffcb440a44a955419e3274e31c3903f
data/lib/dependabot/maven/file_updater/declaration_finder.rb CHANGED
@@ -9,9 +9,7 @@ module Dependabot
9
9
  module Maven
10
10
  class FileUpdater
11
11
  class DeclarationFinder
12
- DECLARATION_REGEX =
13
- %r{<parent>.*?</parent>|<dependency>.*?</dependency>|
14
- <plugin>.*?</plugin>|<extension>.*?</extension>}mx.freeze
12
+ DECLARATION_TYPES = %w(parent dependency plugin extension).freeze
15
13
 
16
14
  attr_reader :dependency, :declaring_requirement, :dependency_files
17
15
 
@@ -78,9 +76,14 @@ module Dependabot
78
76
  end
79
77
 
80
78
  def deep_find_declarations(string)
81
- string.scan(DECLARATION_REGEX).flat_map do |matching_node|
82
- [matching_node, *deep_find_declarations(matching_node[1..-1])]
79
+ pom = Nokogiri::XML(string)
80
+ nodes = []
81
+ pom.traverse do |node|
82
+ next unless DECLARATION_TYPES.include?(node.node_name)
83
+
84
+ nodes << node.to_s
83
85
  end
86
+ nodes
84
87
  end
85
88
 
86
89
  def declaring_requirement_matches?(node)
data/lib/dependabot/maven/update_checker/property_updater.rb CHANGED
@@ -105,7 +105,7 @@ module Dependabot
105
105
  dependency: dep,
106
106
  declaring_requirement: declaring_requirement,
107
107
  dependency_files: dependency_files
108
- ).declaration_nodes.first.at_css("version")&.content
108
+ ).declaration_nodes.first.at_xpath("./*/version")&.content
109
109
  end
110
110
 
111
111
  def pom
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-maven
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.164.1
4
+ version: 0.167.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-11-02 00:00:00.000000000 Z
11
+ date: 2021-11-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.164.1
19
+ version: 0.167.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.164.1
26
+ version: 0.167.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement