dependabot-maven 0.166.0 → 0.169.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/maven/file_updater/declaration_finder.rb +8 -5
  3. data/lib/dependabot/maven/update_checker/property_updater.rb +1 -1
  4. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 89d70713db0cc8d8bae4ac99dc7d8358a2f6080d258cf9f0163d46ee797c8dd4
4
- data.tar.gz: 6f809e228d59fea30446032cb0db02fd7fe2cf3f1fb7a2829789bd5d8e8fde77
3
+ metadata.gz: 19815372ba020f9f27d6b219cbc6c6b912a632a89ee1db53c7e7aec3d90237f0
4
+ data.tar.gz: ea337f8d681d33b00be01d72ccd0456f2bcfa16f3aee3a48461e9e2410626a1f
5
5
  SHA512:
6
- metadata.gz: 2ec4d350b4c33112fe486405c02460899f66299d30e27591e195668db3cd235d119957292e4f12882acf76533a411387c3201ae24b0a9a48b44f9d474962417e
7
- data.tar.gz: 4970dda45ed60519269d0cad54044c35aa38d8116823a68f7f1d94d3af4cffe534e39ddde70e773c1bc703cbf203d4438768ac1eb701c1ddd541d14015d6a57b
6
+ metadata.gz: 119216189a8311d8be0df337937703894af76b9bd900581227a592224cbce871fb629e0948a5be64bcf5fd6d66c10f43d873e8ae22ab912b4df7ffb5aab3afce
7
+ data.tar.gz: 9c52c7ed35830e96d99828f3ba5c2573da9643b32f0ab4b28231223cc856a46280e5e57bad5ece0c8bf5be13de14fdd4ff7f07a15d92c44b2af92c26dc13ac07
data/lib/dependabot/maven/file_updater/declaration_finder.rb CHANGED
@@ -9,9 +9,7 @@ module Dependabot
9
9
  module Maven
10
10
  class FileUpdater
11
11
  class DeclarationFinder
12
- DECLARATION_REGEX =
13
- %r{<parent>.*?</parent>|<dependency>.*?</dependency>|
14
- <plugin>.*?</plugin>|<extension>.*?</extension>}mx.freeze
12
+ DECLARATION_TYPES = %w(parent dependency plugin extension).freeze
15
13
 
16
14
  attr_reader :dependency, :declaring_requirement, :dependency_files
17
15
 
@@ -78,9 +76,14 @@ module Dependabot
78
76
  end
79
77
 
80
78
  def deep_find_declarations(string)
81
- string.scan(DECLARATION_REGEX).flat_map do |matching_node|
82
- [matching_node, *deep_find_declarations(matching_node[1..-1])]
79
+ pom = Nokogiri::XML(string)
80
+ nodes = []
81
+ pom.traverse do |node|
82
+ next unless DECLARATION_TYPES.include?(node.node_name)
83
+
84
+ nodes << node.to_s
83
85
  end
86
+ nodes
84
87
  end
85
88
 
86
89
  def declaring_requirement_matches?(node)
data/lib/dependabot/maven/update_checker/property_updater.rb CHANGED
@@ -105,7 +105,7 @@ module Dependabot
105
105
  dependency: dep,
106
106
  declaring_requirement: declaring_requirement,
107
107
  dependency_files: dependency_files
108
- ).declaration_nodes.first.at_css("version")&.content
108
+ ).declaration_nodes.first.at_xpath("./*/version")&.content
109
109
  end
110
110
 
111
111
  def pom
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-maven
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.166.0
4
+ version: 0.169.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-11-11 00:00:00.000000000 Z
11
+ date: 2021-11-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.166.0
19
+ version: 0.169.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.166.0
26
+ version: 0.169.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement