dependabot-maven 0.196.3 → 0.198.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e6c41e22acea2ee9476e80647935d119f522031584db0ad581537533a0498c28
4
- data.tar.gz: 367fee1df513d268425b327ef466e3f195b5d8bc2ebe78e5addbaf462ae3ca6e
3
+ metadata.gz: cc660c4e01eb60627093aefdb10672949937001bddcb8922da365c5bbe7ab4e3
4
+ data.tar.gz: fcfc9dc711e78144865a32fe7df01cc323c2a298386fd6cff2f312ecfb394422
5
5
  SHA512:
6
- metadata.gz: 8fc480b554d32e1d5db9aa20f876edd35bc07ae1b06682d49c62d55d33a6f40fbdcda55b0c2f392ab1cbcbc4de52243d28634ee39d4f84f7568cdd119ea3ec5a
7
- data.tar.gz: 3471217d5aaf10677c3e6633a8fd6594b6d1a8c908ef9b98e58c9c3881341b3fca085989eed92b1f97a6724e520b8ea30b15d99cc2f26f08097418c0c13b9268
6
+ metadata.gz: 7ec818320727b6557a88ba4a3a6bd2ee26d14283cf2e34d3803b6268ab741a02c229e3515d5b8e6609bcf1580006056016d47b94ed060315897e201f10ec5591
7
+ data.tar.gz: 2a7328cea5964c3ce2389a7d500f73a44769afcbfda9bc564d2a1b2d6d86db8f84df72bc2f18afbb651bdecb4d7e2492182e28b43255ea9f5823c1f1925921b5
@@ -4,6 +4,7 @@ require "nokogiri"
4
4
 
5
5
  require "dependabot/dependency_file"
6
6
  require "dependabot/maven/file_parser"
7
+ require "dependabot/registry_client"
7
8
 
8
9
  # For documentation, see:
9
10
  # - http://maven.apache.org/guides/introduction/introduction-to-the-pom.html
@@ -127,7 +128,7 @@ module Dependabot
127
128
  url = remote_pom_url(group_id, artifact_id, version, base_url)
128
129
 
129
130
  @maven_responses ||= {}
130
- @maven_responses[url] ||= RegistryClient.get(url: url)
131
+ @maven_responses[url] ||= Dependabot::RegistryClient.get(url: url)
131
132
  next unless @maven_responses[url].status == 200
132
133
  next unless pom?(@maven_responses[url].body)
133
134
 
@@ -4,6 +4,7 @@ require "nokogiri"
4
4
 
5
5
  require "dependabot/dependency_file"
6
6
  require "dependabot/maven/file_parser"
7
+ require "dependabot/registry_client"
7
8
  require "dependabot/errors"
8
9
 
9
10
  # For documentation, see:
@@ -109,7 +110,7 @@ module Dependabot
109
110
  url = remote_pom_url(group_id, artifact_id, version, base_url)
110
111
 
111
112
  @maven_responses ||= {}
112
- @maven_responses[url] ||= RegistryClient.get(
113
+ @maven_responses[url] ||= Dependabot::RegistryClient.get(
113
114
  url: url,
114
115
  # We attempt to find dependencies in private repos before failing over to the CENTRAL_REPO_URL,
115
116
  # but this can burn a lot of a job's time against slow servers due to our `read_timeout` being 20 seconds.
@@ -7,6 +7,7 @@ require "dependabot/file_fetchers/base"
7
7
  require "dependabot/maven/file_parser"
8
8
  require "dependabot/maven/file_parser/repositories_finder"
9
9
  require "dependabot/maven/utils/auth_headers_finder"
10
+ require "dependabot/registry_client"
10
11
 
11
12
  module Dependabot
12
13
  module Maven
@@ -104,7 +105,7 @@ module Dependabot
104
105
  def dependency_pom_file
105
106
  return @dependency_pom_file unless @dependency_pom_file.nil?
106
107
 
107
- response = RegistryClient.get(
108
+ response = Dependabot::RegistryClient.get(
108
109
  url: "#{maven_repo_dependency_url}/#{dependency.version}/#{dependency_artifact_id}-#{dependency.version}.pom",
109
110
  headers: auth_headers
110
111
  )
@@ -134,7 +135,7 @@ module Dependabot
134
135
  "#{version}/"\
135
136
  "#{artifact_id}-#{version}.pom"
136
137
 
137
- response = RegistryClient.get(
138
+ response = Dependabot::RegistryClient.get(
138
139
  url: substitute_properties_in_source_url(url, pom),
139
140
  headers: auth_headers
140
141
  )
@@ -7,6 +7,7 @@ require "dependabot/maven/update_checker"
7
7
  require "dependabot/maven/version"
8
8
  require "dependabot/maven/requirement"
9
9
  require "dependabot/maven/utils/auth_headers_finder"
10
+ require "dependabot/registry_client"
10
11
 
11
12
  module Dependabot
12
13
  module Maven
@@ -138,7 +139,7 @@ module Dependabot
138
139
  @released_check[version] =
139
140
  repositories.any? do |repository_details|
140
141
  url = repository_details.fetch("url")
141
- response = RegistryClient.head(
142
+ response = Dependabot::RegistryClient.head(
142
143
  url: dependency_files_url(url, version),
143
144
  headers: repository_details.fetch("auth_headers")
144
145
  )
@@ -160,7 +161,7 @@ module Dependabot
160
161
  end
161
162
 
162
163
  def fetch_dependency_metadata(repository_details)
163
- response = RegistryClient.get(
164
+ response = Dependabot::RegistryClient.get(
164
165
  url: dependency_metadata_url(repository_details.fetch("url")),
165
166
  headers: repository_details.fetch("auth_headers")
166
167
  )
@@ -9,7 +9,6 @@ require "dependabot/maven/file_updater"
9
9
  require "dependabot/maven/metadata_finder"
10
10
  require "dependabot/maven/requirement"
11
11
  require "dependabot/maven/version"
12
- require "dependabot/maven/registry_client"
13
12
 
14
13
  require "dependabot/pull_request_creator/labeler"
15
14
  Dependabot::PullRequestCreator::Labeler.
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-maven
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.196.3
4
+ version: 0.198.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-07-12 00:00:00.000000000 Z
11
+ date: 2022-07-15 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.196.3
19
+ version: 0.198.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.196.3
26
+ version: 0.198.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debase
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -236,7 +236,6 @@ files:
236
236
  - lib/dependabot/maven/file_updater/declaration_finder.rb
237
237
  - lib/dependabot/maven/file_updater/property_value_updater.rb
238
238
  - lib/dependabot/maven/metadata_finder.rb
239
- - lib/dependabot/maven/registry_client.rb
240
239
  - lib/dependabot/maven/requirement.rb
241
240
  - lib/dependabot/maven/update_checker.rb
242
241
  - lib/dependabot/maven/update_checker/property_updater.rb
@@ -1,57 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "dependabot/shared_helpers"
4
-
5
- # This class provides a thin wrapper around our normal usage of Excon as a simple HTTP client in order to
6
- # provide some minor caching functionality.
7
- #
8
- # This is not used to support full response caching currently, we just use it to ensure we detect unreachable
9
- # hosts and fast-fail on any subsequent requests to them to avoid excessive use of retries and connect- or
10
- # read-timeouts as Maven jobs tend to be sensitive to exceeding our overall 45 minute timeout.
11
- module Dependabot
12
- module Maven
13
- class RegistryClient
14
- @cached_errors = {}
15
-
16
- def self.get(url:, headers: {}, options: {})
17
- raise cached_error_for(url) if cached_error_for(url)
18
-
19
- Excon.get(
20
- url,
21
- idempotent: true,
22
- **SharedHelpers.excon_defaults({ headers: headers }.merge(options))
23
- )
24
- rescue Excon::Error::Timeout => e
25
- cache_error(url, e)
26
- raise e
27
- end
28
-
29
- def self.head(url:, headers: {}, options: {})
30
- raise cached_error_for(url) if cached_error_for(url)
31
-
32
- Excon.head(
33
- url,
34
- idempotent: true,
35
- **SharedHelpers.excon_defaults({ headers: headers }.merge(options))
36
- )
37
- rescue Excon::Error::Timeout => e
38
- cache_error(url, e)
39
- raise e
40
- end
41
-
42
- def self.clear_cache!
43
- @cached_errors = {}
44
- end
45
-
46
- private_class_method def self.cache_error(url, error)
47
- host = URI(url).host
48
- @cached_errors[host] = error
49
- end
50
-
51
- private_class_method def self.cached_error_for(url)
52
- host = URI(url).host
53
- @cached_errors.fetch(host, nil)
54
- end
55
- end
56
- end
57
- end