dependabot-maven 0.382.0 → 0.384.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9949b8b19d460ff8b07e5d322fd98c5f5ba0df32c357edf4ba549b0590939b29
4
- data.tar.gz: 2c7445b4d2522a3a33d10b8c4329d9deb4b883c0f71c8fd8f6fe1f8b61f073b2
3
+ metadata.gz: 1468ff99034fd07059864a4daa0c90b57ef302c00f80951de1211d7c6aa469f4
4
+ data.tar.gz: 16d1cfdad816dfc6a74054fc77d8387a770ac43336aa2b9f8e57c88edfad7ef9
5
5
  SHA512:
6
- metadata.gz: 56ca26ba8eeb0f759985db8185a72814e38f931fc39d591289af09b7b319c60078dd8d26a8a4fa373c4b7f843c7bb749604d908612ec49bbbbdbbc7638909384
7
- data.tar.gz: 277835bdc875c4a745a31c6dff74ce0d2dc720b4c9eb445c8f2890e3182089a7b25c7df197ac40a5edd7a27268ad4c46789148f5d746ef8bd45d987c07669d25
6
+ metadata.gz: 7bf0bc32b3932773e54347de3c1a2491bb613e46cfe615d25eb1014d7bab8695b9787ef5551cf3db8b997f6d83b4edd4693e871e76ed72b3366b4c22b1f23f15
7
+ data.tar.gz: ad7158fb4e4c40605f0b83c84589b9278d3c8d5eb9f791fffa6438d59a365a53001447a831a1463cfde8d763e3d2c9af4a6fe9df3f07d982410ae6ee1bce50a4
@@ -102,6 +102,11 @@ module Dependabot
102
102
  }
103
103
  end
104
104
 
105
+ sig { params(entry: T::Hash[Symbol, T.untyped]).returns(T::Boolean) }
106
+ def disabled_repo?(entry)
107
+ entry[:releases] == "false" && entry[:snapshots] == "false"
108
+ end
109
+
105
110
  sig { params(entry: T::Hash[Symbol, T.untyped]).returns(T::Boolean) }
106
111
  def snapshot_repo(entry)
107
112
  entry[:releases] == "false" && (entry[:snapshots].nil? || entry[:snapshots] == "true")
@@ -168,6 +173,7 @@ module Dependabot
168
173
 
169
174
  return if property_blocked?(entry)
170
175
  return unless http_url?(entry)
176
+ return if disabled_repo?(entry)
171
177
 
172
178
  serialize_urls(entry, pom)
173
179
  end
@@ -29,7 +29,7 @@ module Dependabot
29
29
  RUBY_STYLE_PATTERN
30
30
  end
31
31
 
32
- sig { params(obj: T.any(String, Gem::Version)).returns(T::Array[T.any(String, T.untyped)]) }
32
+ sig { params(obj: T.any(String, Gem::Version)).returns(T::Array[T.any(String, Gem::Version)]) }
33
33
  def self.parse(obj)
34
34
  return ["=", Maven::Version.new(obj.to_s)] if obj.is_a?(Gem::Version)
35
35
 
@@ -50,7 +50,7 @@ module Dependabot
50
50
  end
51
51
  end
52
52
 
53
- sig { params(version: T.untyped).returns(T::Boolean) }
53
+ sig { params(version: Object).returns(T::Boolean) }
54
54
  def satisfied_by?(version)
55
55
  version = Maven::Version.new(version.to_s)
56
56
  super
@@ -6,6 +6,7 @@
6
6
  # https://maven.apache.org/pom.html#Dependencies #
7
7
  #######################################################
8
8
 
9
+ require "dependabot/dependency_requirement"
9
10
  require "dependabot/requirements_updater/base"
10
11
  require "dependabot/maven/update_checker"
11
12
  require "dependabot/maven/version"
@@ -25,7 +26,7 @@ module Dependabot
25
26
 
26
27
  sig do
27
28
  params(
28
- requirements: T::Array[T::Hash[Symbol, T.untyped]],
29
+ requirements: T::Array[Dependabot::DependencyRequirement],
29
30
  latest_version: T.nilable(T.any(Version, String)),
30
31
  source_url: T.nilable(String),
31
32
  properties_to_update: T::Array[String]
@@ -45,7 +46,7 @@ module Dependabot
45
46
  @latest_version = T.let(version_class.new(latest_version), Version)
46
47
  end
47
48
 
48
- sig { override.returns(T::Array[T::Hash[Symbol, T.untyped]]) }
49
+ sig { override.returns(T::Array[Dependabot::DependencyRequirement]) }
49
50
  def updated_requirements
50
51
  return requirements unless latest_version
51
52
 
@@ -62,13 +63,13 @@ module Dependabot
62
63
  new_req = update_requirement(req[:requirement])
63
64
  next req if new_req == req[:requirement]
64
65
 
65
- req.merge(requirement: new_req, source: updated_source)
66
+ Dependabot::DependencyRequirement.create(req.merge(requirement: new_req, source: updated_source))
66
67
  end
67
68
  end
68
69
 
69
70
  private
70
71
 
71
- sig { returns(T::Array[T::Hash[Symbol, T.untyped]]) }
72
+ sig { returns(T::Array[Dependabot::DependencyRequirement]) }
72
73
  attr_reader :requirements
73
74
 
74
75
  sig { returns(T.nilable(Version)) }
@@ -96,14 +96,12 @@ module Dependabot
96
96
  declarations_using_a_property
97
97
  .map { |req| req.dig(:metadata, :property_name) }
98
98
 
99
- wrap_requirements(
100
- RequirementsUpdater.new(
101
- requirements: dependency.requirements,
102
- latest_version: preferred_resolvable_version&.to_s,
103
- source_url: preferred_version_details&.fetch(:source_url),
104
- properties_to_update: property_names
105
- ).updated_requirements
106
- )
99
+ RequirementsUpdater.new(
100
+ requirements: dependency.requirements,
101
+ latest_version: preferred_resolvable_version&.to_s,
102
+ source_url: preferred_version_details&.fetch(:source_url),
103
+ properties_to_update: property_names
104
+ ).updated_requirements
107
105
  end
108
106
 
109
107
  sig { override.returns(T::Boolean) }
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-maven
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.382.0
4
+ version: 0.384.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
@@ -15,14 +15,14 @@ dependencies:
15
15
  requirements:
16
16
  - - '='
17
17
  - !ruby/object:Gem::Version
18
- version: 0.382.0
18
+ version: 0.384.0
19
19
  type: :runtime
20
20
  prerelease: false
21
21
  version_requirements: !ruby/object:Gem::Requirement
22
22
  requirements:
23
23
  - - '='
24
24
  - !ruby/object:Gem::Version
25
- version: 0.382.0
25
+ version: 0.384.0
26
26
  - !ruby/object:Gem::Dependency
27
27
  name: rexml
28
28
  requirement: !ruby/object:Gem::Requirement
@@ -291,7 +291,7 @@ licenses:
291
291
  - MIT
292
292
  metadata:
293
293
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
294
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.382.0
294
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.384.0
295
295
  rdoc_options: []
296
296
  require_paths:
297
297
  - lib
@@ -306,7 +306,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
306
306
  - !ruby/object:Gem::Version
307
307
  version: 3.3.0
308
308
  requirements: []
309
- rubygems_version: 3.7.2
309
+ rubygems_version: 4.0.14
310
310
  specification_version: 4
311
311
  summary: Provides Dependabot support for Maven
312
312
  test_files: []