dependabot-maven 0.280.0 → 0.282.0
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1bf9f7686a3cbcde7aec78a885563f57ccd6065b335752a1aacd79af36725f83
|
|
4
|
+
data.tar.gz: a39c086f41077801e24376641a2786ec6f17b4c6fce488ae561847d4ec3bde92
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9c522dd5900cec227bb8349adf509f2b350d9cd1ee0b7f7d4ae1f7d5241205b3b975deeb410a8b16c33b6f6102c52543173bf0160ff902d53282a9d99a127890
|
|
7
|
+
data.tar.gz: 96928d15c8a3733c362ff3df19b4bca4ec6e155c2987e8a9badba477f87845db59fbfffcdbf3cb0a3fa1e9ae1fd5c4249210c0be87eda6a5e9667f4ca4b67ed1
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# typed:
|
|
1
|
+
# typed: strict
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
#######################################################
|
|
@@ -6,6 +6,7 @@
|
|
|
6
6
|
# https://maven.apache.org/pom.html#Dependencies #
|
|
7
7
|
#######################################################
|
|
8
8
|
|
|
9
|
+
require "dependabot/requirements_updater/base"
|
|
9
10
|
require "dependabot/maven/update_checker"
|
|
10
11
|
require "dependabot/maven/version"
|
|
11
12
|
require "dependabot/maven/requirement"
|
|
@@ -14,6 +15,22 @@ module Dependabot
|
|
|
14
15
|
module Maven
|
|
15
16
|
class UpdateChecker
|
|
16
17
|
class RequirementsUpdater
|
|
18
|
+
extend T::Sig
|
|
19
|
+
extend T::Generic
|
|
20
|
+
|
|
21
|
+
Version = type_member { { fixed: Dependabot::Maven::Version } }
|
|
22
|
+
Requirement = type_member { { fixed: Dependabot::Maven::Requirement } }
|
|
23
|
+
|
|
24
|
+
include Dependabot::RequirementsUpdater::Base
|
|
25
|
+
|
|
26
|
+
sig do
|
|
27
|
+
params(
|
|
28
|
+
requirements: T::Array[T::Hash[Symbol, T.untyped]],
|
|
29
|
+
latest_version: T.nilable(T.any(Version, String)),
|
|
30
|
+
source_url: String,
|
|
31
|
+
properties_to_update: T::Array[String]
|
|
32
|
+
).void
|
|
33
|
+
end
|
|
17
34
|
def initialize(requirements:, latest_version:, source_url:,
|
|
18
35
|
properties_to_update:)
|
|
19
36
|
@requirements = requirements
|
|
@@ -21,9 +38,10 @@ module Dependabot
|
|
|
21
38
|
@properties_to_update = properties_to_update
|
|
22
39
|
return unless latest_version
|
|
23
40
|
|
|
24
|
-
@latest_version = version_class.new(latest_version)
|
|
41
|
+
@latest_version = T.let(version_class.new(latest_version), Version)
|
|
25
42
|
end
|
|
26
43
|
|
|
44
|
+
sig { override.returns(T::Array[T::Hash[Symbol, T.untyped]]) }
|
|
27
45
|
def updated_requirements
|
|
28
46
|
return requirements unless latest_version
|
|
29
47
|
|
|
@@ -44,30 +62,42 @@ module Dependabot
|
|
|
44
62
|
|
|
45
63
|
private
|
|
46
64
|
|
|
65
|
+
sig { returns(T::Array[T::Hash[Symbol, T.untyped]]) }
|
|
47
66
|
attr_reader :requirements
|
|
67
|
+
|
|
68
|
+
sig { returns(T.nilable(Version)) }
|
|
48
69
|
attr_reader :latest_version
|
|
70
|
+
|
|
71
|
+
sig { returns(String) }
|
|
49
72
|
attr_reader :source_url
|
|
73
|
+
|
|
74
|
+
sig { returns(T::Array[String]) }
|
|
50
75
|
attr_reader :properties_to_update
|
|
51
76
|
|
|
77
|
+
sig { params(req_string: String).returns(String) }
|
|
52
78
|
def update_requirement(req_string)
|
|
53
79
|
# Since range requirements are excluded this must be exact
|
|
54
80
|
update_exact_requirement(req_string)
|
|
55
81
|
end
|
|
56
82
|
|
|
83
|
+
sig { params(req_string: String).returns(String) }
|
|
57
84
|
def update_exact_requirement(req_string)
|
|
58
85
|
old_version = requirement_class.new(req_string)
|
|
59
86
|
.requirements.first.last
|
|
60
87
|
req_string.gsub(old_version.to_s, latest_version.to_s)
|
|
61
88
|
end
|
|
62
89
|
|
|
90
|
+
sig { override.returns(T::Class[Version]) }
|
|
63
91
|
def version_class
|
|
64
92
|
Maven::Version
|
|
65
93
|
end
|
|
66
94
|
|
|
95
|
+
sig { override.returns(T::Class[Requirement]) }
|
|
67
96
|
def requirement_class
|
|
68
97
|
Maven::Requirement
|
|
69
98
|
end
|
|
70
99
|
|
|
100
|
+
sig { returns(T::Hash[Symbol, String]) }
|
|
71
101
|
def updated_source
|
|
72
102
|
{ type: "maven_repo", url: source_url }
|
|
73
103
|
end
|
|
@@ -65,6 +65,11 @@ module Dependabot
|
|
|
65
65
|
end
|
|
66
66
|
end
|
|
67
67
|
|
|
68
|
+
sig { returns(String) }
|
|
69
|
+
def lowest_prerelease_suffix
|
|
70
|
+
"a0"
|
|
71
|
+
end
|
|
72
|
+
|
|
68
73
|
sig { params(other: VersionParameter).returns(Integer) }
|
|
69
74
|
def <=>(other)
|
|
70
75
|
other = Dependabot::Maven::Version.new(other.to_s) unless other.is_a? Dependabot::Maven::Version
|
|
@@ -78,7 +83,7 @@ module Dependabot
|
|
|
78
83
|
|
|
79
84
|
version_parts = parts.fill("0", parts.length...2)
|
|
80
85
|
# the a0 is so we can get the next earliest prerelease patch version
|
|
81
|
-
upper_parts = version_parts.first(1) + [version_parts[1].to_i + 1] + [
|
|
86
|
+
upper_parts = version_parts.first(1) + [version_parts[1].to_i + 1] + [lowest_prerelease_suffix]
|
|
82
87
|
lower_bound = "> #{to_semver}"
|
|
83
88
|
upper_bound = "< #{upper_parts.join('.')}"
|
|
84
89
|
|
|
@@ -91,8 +96,8 @@ module Dependabot
|
|
|
91
96
|
return [] if parts.empty? # for non-semver versions
|
|
92
97
|
|
|
93
98
|
version_parts = parts.fill("0", parts.length...2)
|
|
94
|
-
lower_parts = version_parts.first(1) + [version_parts[1].to_i + 1] + [
|
|
95
|
-
upper_parts = version_parts.first(0) + [version_parts[0].to_i + 1] + [
|
|
99
|
+
lower_parts = version_parts.first(1) + [version_parts[1].to_i + 1] + [lowest_prerelease_suffix]
|
|
100
|
+
upper_parts = version_parts.first(0) + [version_parts[0].to_i + 1] + [lowest_prerelease_suffix]
|
|
96
101
|
lower_bound = ">= #{lower_parts.join('.')}"
|
|
97
102
|
upper_bound = "< #{upper_parts.join('.')}"
|
|
98
103
|
|
|
@@ -104,7 +109,7 @@ module Dependabot
|
|
|
104
109
|
version_parts = token_bucket.tokens # e.g [1,2,3] if version is 1.2.3-alpha3
|
|
105
110
|
return [] if version_parts.empty? # for non-semver versions
|
|
106
111
|
|
|
107
|
-
lower_parts = [version_parts[0].to_i + 1] + [
|
|
112
|
+
lower_parts = [version_parts[0].to_i + 1] + [lowest_prerelease_suffix] # earliest next major version prerelease
|
|
108
113
|
lower_bound = ">= #{lower_parts.join('.')}"
|
|
109
114
|
|
|
110
115
|
[lower_bound]
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-maven
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.282.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
|
-
autorequire:
|
|
8
|
+
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-10-
|
|
11
|
+
date: 2024-10-24 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.282.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.282.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -114,28 +114,28 @@ dependencies:
|
|
|
114
114
|
requirements:
|
|
115
115
|
- - "~>"
|
|
116
116
|
- !ruby/object:Gem::Version
|
|
117
|
-
version: 1.
|
|
117
|
+
version: 1.67.0
|
|
118
118
|
type: :development
|
|
119
119
|
prerelease: false
|
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
|
121
121
|
requirements:
|
|
122
122
|
- - "~>"
|
|
123
123
|
- !ruby/object:Gem::Version
|
|
124
|
-
version: 1.
|
|
124
|
+
version: 1.67.0
|
|
125
125
|
- !ruby/object:Gem::Dependency
|
|
126
126
|
name: rubocop-performance
|
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|
|
128
128
|
requirements:
|
|
129
129
|
- - "~>"
|
|
130
130
|
- !ruby/object:Gem::Version
|
|
131
|
-
version: 1.
|
|
131
|
+
version: 1.22.1
|
|
132
132
|
type: :development
|
|
133
133
|
prerelease: false
|
|
134
134
|
version_requirements: !ruby/object:Gem::Requirement
|
|
135
135
|
requirements:
|
|
136
136
|
- - "~>"
|
|
137
137
|
- !ruby/object:Gem::Version
|
|
138
|
-
version: 1.
|
|
138
|
+
version: 1.22.1
|
|
139
139
|
- !ruby/object:Gem::Dependency
|
|
140
140
|
name: rubocop-rspec
|
|
141
141
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -266,8 +266,8 @@ licenses:
|
|
|
266
266
|
- MIT
|
|
267
267
|
metadata:
|
|
268
268
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
269
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
270
|
-
post_install_message:
|
|
269
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.282.0
|
|
270
|
+
post_install_message:
|
|
271
271
|
rdoc_options: []
|
|
272
272
|
require_paths:
|
|
273
273
|
- lib
|
|
@@ -283,7 +283,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
283
283
|
version: 3.1.0
|
|
284
284
|
requirements: []
|
|
285
285
|
rubygems_version: 3.5.9
|
|
286
|
-
signing_key:
|
|
286
|
+
signing_key:
|
|
287
287
|
specification_version: 4
|
|
288
288
|
summary: Provides Dependabot support for Maven
|
|
289
289
|
test_files: []
|