dependabot-maven 0.209.0 → 0.212.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ae8878258fc135ff3664cebf68f6b45c029c9e5e05e64d1c177b64788624b009
4
- data.tar.gz: 766d0187993ed4b9a952eb2b0159717974a99c4bfdab0de0218da64ca3046ff3
3
+ metadata.gz: 742cfd118855d8a31a6789c4f6e49e6750a56507c5163155f331fc2c37cd02ea
4
+ data.tar.gz: 5d2997c3c84a670196038e17b10f6a8838d651435bff71ef4a52893424b63139
5
5
  SHA512:
6
- metadata.gz: 8222102ac15ae0e21605a426b06df35a4f9fa5c88301996dcd737bd132d945d08e52472442a60bcecaea32adea7bc962e2a650294269e17003b3d580a5448c8b
7
- data.tar.gz: fb07edf5aaa4ab8740aed942aaacf8f83c1207d1bcca406ca26ad5100cc67eb51fdd936dc8101e5352655f0d09540d683ae629d4820ab010d9a57f897ad76f5d
6
+ metadata.gz: cae2fb00b853ad401cf24b1ebcb5db66eac4287e060de4feca5e4d2c765408244f6b852ff57884f556e43defe40caae56144f62964aae25f0f583f853107a3d6
7
+ data.tar.gz: fb83ba87f201e2a6480686f3a1144412fc44e0aaeab1cb4ff9ac5d53ec6df0fcd54e65fb4abab8d2185b9cdab9416d49e99309ccf976eeda1e2aea79474d5fa4
@@ -7,7 +7,7 @@ require "dependabot/file_fetchers/base"
7
7
  module Dependabot
8
8
  module Maven
9
9
  class FileFetcher < Dependabot::FileFetchers::Base
10
- MODULE_SELECTOR = "project > modules > module, "\
10
+ MODULE_SELECTOR = "project > modules > module, " \
11
11
  "profile > modules > module"
12
12
 
13
13
  def self.required_files_in?(filenames)
@@ -148,9 +148,9 @@ module Dependabot
148
148
  end
149
149
 
150
150
  def remote_pom_url(group_id, artifact_id, version, base_repo_url)
151
- "#{base_repo_url}/"\
152
- "#{group_id.tr('.', '/')}/#{artifact_id}/#{version}/"\
153
- "#{artifact_id}-#{version}.pom"
151
+ "#{base_repo_url}/" \
152
+ "#{group_id.tr('.', '/')}/#{artifact_id}/#{version}/" \
153
+ "#{artifact_id}-#{version}.pom"
154
154
  end
155
155
 
156
156
  def pom?(content)
@@ -18,7 +18,7 @@ module Dependabot
18
18
  # In theory we should check the artifact type and either look in
19
19
  # <repositories> or <pluginRepositories>. In practice it's unlikely
20
20
  # anyone makes this distinction.
21
- REPOSITORY_SELECTOR = "repositories > repository, "\
21
+ REPOSITORY_SELECTOR = "repositories > repository, " \
22
22
  "pluginRepositories > pluginRepository"
23
23
 
24
24
  # The Central Repository is included in the Super POM, which is
@@ -137,9 +137,9 @@ module Dependabot
137
137
  end
138
138
 
139
139
  def remote_pom_url(group_id, artifact_id, version, base_repo_url)
140
- "#{base_repo_url}/"\
141
- "#{group_id.tr('.', '/')}/#{artifact_id}/#{version}/"\
142
- "#{artifact_id}-#{version}.pom"
140
+ "#{base_repo_url}/" \
141
+ "#{group_id.tr('.', '/')}/#{artifact_id}/#{version}/" \
142
+ "#{artifact_id}-#{version}.pom"
143
143
  end
144
144
 
145
145
  def contains_property?(value)
@@ -21,8 +21,8 @@ module Dependabot
21
21
  # - Any dependencies (incl. those in dependencyManagement or plugins)
22
22
  # - Any plugins (incl. those in pluginManagement)
23
23
  # - Any extensions
24
- DEPENDENCY_SELECTOR = "project > parent, "\
25
- "dependencies > dependency, "\
24
+ DEPENDENCY_SELECTOR = "project > parent, " \
25
+ "dependencies > dependency, " \
26
26
  "extensions > extension"
27
27
  PLUGIN_SELECTOR = "plugins > plugin"
28
28
  EXTENSION_SELECTOR = "extensions > extension"
@@ -283,7 +283,7 @@ module Dependabot
283
283
 
284
284
  def internal_dependency_names
285
285
  @internal_dependency_names ||=
286
- dependency_files.map do |pom|
286
+ dependency_files.filter_map do |pom|
287
287
  doc = Nokogiri::XML(pom.content)
288
288
  group_id = doc.at_css("project > groupId") ||
289
289
  doc.at_css("project > parent > groupId")
@@ -292,7 +292,7 @@ module Dependabot
292
292
  next unless group_id && artifact_id
293
293
 
294
294
  [group_id.content.strip, artifact_id.content.strip].join(":")
295
- end.compact
295
+ end
296
296
  end
297
297
 
298
298
  def check_required_files
@@ -28,7 +28,7 @@ module Dependabot
28
28
  \s*#{Regexp.quote(node.content)}\s*
29
29
  </#{Regexp.quote(node.name)}>}xm
30
30
  property_text = node.to_s
31
- if pom_to_update.content =~ property_re
31
+ if pom_to_update.content&.match?(property_re)
32
32
  updated_content = pom_to_update.content.sub(
33
33
  property_re,
34
34
  "<#{node.name}>#{updated_value}</#{node.name}>"
@@ -31,7 +31,7 @@ module Dependabot
31
31
  )
32
32
  end
33
33
 
34
- updated_files.select! { |f| f.name.end_with?("pom.xml") || f.name.end_with?("extensions.xml") }
34
+ updated_files.select! { |f| f.name.end_with?("pom.xml", "extensions.xml") }
35
35
  updated_files.reject! { |f| dependency_files.include?(f) }
36
36
 
37
37
  raise "No files changed!" if updated_files.none?
@@ -131,8 +131,8 @@ module Dependabot
131
131
 
132
132
  return unless artifact_id && group_id && version
133
133
 
134
- url = "#{maven_repo_url}/#{group_id.tr('.', '/')}/#{artifact_id}/"\
135
- "#{version}/"\
134
+ url = "#{maven_repo_url}/#{group_id.tr('.', '/')}/#{artifact_id}/" \
135
+ "#{version}/" \
136
136
  "#{artifact_id}-#{version}.pom"
137
137
 
138
138
  response = Dependabot::RegistryClient.get(
@@ -248,10 +248,10 @@ module Dependabot
248
248
  def dependency_metadata_url(repository_url)
249
249
  group_id, artifact_id, _classifier = dependency.name.split(":")
250
250
 
251
- "#{repository_url}/"\
252
- "#{group_id.tr('.', '/')}/"\
253
- "#{artifact_id}/"\
254
- "maven-metadata.xml"
251
+ "#{repository_url}/" \
252
+ "#{group_id.tr('.', '/')}/" \
253
+ "#{artifact_id}/" \
254
+ "maven-metadata.xml"
255
255
  end
256
256
 
257
257
  def dependency_files_url(repository_url, version)
@@ -260,11 +260,11 @@ module Dependabot
260
260
  dig(:metadata, :packaging_type)
261
261
 
262
262
  actual_classifier = classifier.nil? ? "" : "-#{classifier}"
263
- "#{repository_url}/"\
264
- "#{group_id.tr('.', '/')}/"\
265
- "#{artifact_id}/"\
266
- "#{version}/"\
267
- "#{artifact_id}-#{version}#{actual_classifier}.#{type}"
263
+ "#{repository_url}/" \
264
+ "#{group_id.tr('.', '/')}/" \
265
+ "#{artifact_id}/" \
266
+ "#{version}/" \
267
+ "#{artifact_id}-#{version}#{actual_classifier}.#{type}"
268
268
  end
269
269
 
270
270
  def version_class
@@ -27,8 +27,8 @@ module Dependabot
27
27
  "sp" => 7
28
28
  }.freeze
29
29
  VERSION_PATTERN =
30
- "[0-9a-zA-Z]+"\
31
- '(?>\.[0-9a-zA-Z]*)*'\
30
+ "[0-9a-zA-Z]+" \
31
+ '(?>\.[0-9a-zA-Z]*)*' \
32
32
  '([_\-\+][0-9A-Za-z_-]*(\.[0-9A-Za-z_-]*)*)?'
33
33
  ANCHORED_VERSION_PATTERN = /\A\s*(#{VERSION_PATTERN})?\s*\z/.freeze
34
34
 
@@ -117,11 +117,11 @@ module Dependabot
117
117
  end
118
118
 
119
119
  def trim_version(version)
120
- version.split("-").map do |v|
120
+ version.split("-").filter_map do |v|
121
121
  parts = v.split(".")
122
122
  parts = parts[0..-2] while NULL_VALUES.include?(parts&.last)
123
123
  parts&.join(".")
124
- end.compact.reject(&:empty?).join("-")
124
+ end.reject(&:empty?).join("-")
125
125
  end
126
126
 
127
127
  def convert_dates(version, other_version)
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-maven
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.209.0
4
+ version: 0.212.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-08-17 00:00:00.000000000 Z
11
+ date: 2022-09-06 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.209.0
19
+ version: 0.212.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.209.0
26
+ version: 0.212.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debase
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -80,6 +80,20 @@ dependencies:
80
80
  - - "~>"
81
81
  - !ruby/object:Gem::Version
82
82
  version: '2.0'
83
+ - !ruby/object:Gem::Dependency
84
+ name: parallel_tests
85
+ requirement: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - "~>"
88
+ - !ruby/object:Gem::Version
89
+ version: 3.12.0
90
+ type: :development
91
+ prerelease: false
92
+ version_requirements: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - "~>"
95
+ - !ruby/object:Gem::Version
96
+ version: 3.12.0
83
97
  - !ruby/object:Gem::Dependency
84
98
  name: rake
85
99
  requirement: !ruby/object:Gem::Requirement
@@ -128,14 +142,28 @@ dependencies:
128
142
  requirements:
129
143
  - - "~>"
130
144
  - !ruby/object:Gem::Version
131
- version: 1.33.0
145
+ version: 1.36.0
146
+ type: :development
147
+ prerelease: false
148
+ version_requirements: !ruby/object:Gem::Requirement
149
+ requirements:
150
+ - - "~>"
151
+ - !ruby/object:Gem::Version
152
+ version: 1.36.0
153
+ - !ruby/object:Gem::Dependency
154
+ name: rubocop-performance
155
+ requirement: !ruby/object:Gem::Requirement
156
+ requirements:
157
+ - - "~>"
158
+ - !ruby/object:Gem::Version
159
+ version: 1.14.2
132
160
  type: :development
133
161
  prerelease: false
134
162
  version_requirements: !ruby/object:Gem::Requirement
135
163
  requirements:
136
164
  - - "~>"
137
165
  - !ruby/object:Gem::Version
138
- version: 1.33.0
166
+ version: 1.14.2
139
167
  - !ruby/object:Gem::Dependency
140
168
  name: ruby-debug-ide
141
169
  requirement: !ruby/object:Gem::Requirement