dependabot-maven 0.165.0 → 0.168.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/maven/file_updater/declaration_finder.rb +8 -5
  3. data/lib/dependabot/maven/update_checker/property_updater.rb +1 -1
  4. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 975556c703712694ab8dc246d3cce793cf1535b859f12265936823d5e61b249c
4
- data.tar.gz: '049abe24af48b1e7ec2daeff4dfce85570b847caadc7b0562554b54275ee72ba'
3
+ metadata.gz: 8865292feaa9734831d427c331bfcc669479bb393ac292e78fa00b78f8cc678a
4
+ data.tar.gz: d46fd3e1e484249f9bb15928ee53f609ac98e318d343058a67b95b12bb5426f9
5
5
  SHA512:
6
- metadata.gz: 54f927203d23b12f0bc8be1148b7d3784fc58010d228600014b8ab5d0be5473920cb9b3dbe572328185d60694dc04325620a7b527354c17c9c0b8b77521c69e5
7
- data.tar.gz: 2fbd660cb4f1f55811eb9e51bdfadc021d53272bcd91075c3ac54b58bab08098b25173b7779dde1142abe7eca48324669cf9273e5d5bc672b99d4c4284e4e774
6
+ metadata.gz: d74edc83f714040b78deb1a033d2e5debda11cea15aacb5835121f73737316ea04399cb4e7d9007a45ef3c5df5811b6934dbe1c3fb7fc76bde098ad091ab3a82
7
+ data.tar.gz: c6db02dde791813fa864e35cf647243e5dc56e402bbeeb49e0aeca44c0ff66505d9527859d1b1a26275b3f735a072e82837cff3c72e5f83207d107a5a220be30
data/lib/dependabot/maven/file_updater/declaration_finder.rb CHANGED
@@ -9,9 +9,7 @@ module Dependabot
9
9
  module Maven
10
10
  class FileUpdater
11
11
  class DeclarationFinder
12
- DECLARATION_REGEX =
13
- %r{<parent>.*?</parent>|<dependency>.*?</dependency>|
14
- <plugin>.*?</plugin>|<extension>.*?</extension>}mx.freeze
12
+ DECLARATION_TYPES = %w(parent dependency plugin extension).freeze
15
13
 
16
14
  attr_reader :dependency, :declaring_requirement, :dependency_files
17
15
 
@@ -78,9 +76,14 @@ module Dependabot
78
76
  end
79
77
 
80
78
  def deep_find_declarations(string)
81
- string.scan(DECLARATION_REGEX).flat_map do |matching_node|
82
- [matching_node, *deep_find_declarations(matching_node[1..-1])]
79
+ pom = Nokogiri::XML(string)
80
+ nodes = []
81
+ pom.traverse do |node|
82
+ next unless DECLARATION_TYPES.include?(node.node_name)
83
+
84
+ nodes << node.to_s
83
85
  end
86
+ nodes
84
87
  end
85
88
 
86
89
  def declaring_requirement_matches?(node)
data/lib/dependabot/maven/update_checker/property_updater.rb CHANGED
@@ -105,7 +105,7 @@ module Dependabot
105
105
  dependency: dep,
106
106
  declaring_requirement: declaring_requirement,
107
107
  dependency_files: dependency_files
108
- ).declaration_nodes.first.at_css("version")&.content
108
+ ).declaration_nodes.first.at_xpath("./*/version")&.content
109
109
  end
110
110
 
111
111
  def pom
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-maven
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.165.0
4
+ version: 0.168.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-11-08 00:00:00.000000000 Z
11
+ date: 2021-11-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.165.0
19
+ version: 0.168.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.165.0
26
+ version: 0.168.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement