dependabot-maven 0.125.0 → 0.125.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/maven/file_parser/property_value_finder.rb +2 -6
- data/lib/dependabot/maven/file_parser/repositories_finder.rb +1 -3
- data/lib/dependabot/maven/file_updater.rb +1 -3
- data/lib/dependabot/maven/file_updater/declaration_finder.rb +1 -3
- data/lib/dependabot/maven/metadata_finder.rb +1 -3
- data/lib/dependabot/maven/requirement.rb +1 -3
- data/lib/dependabot/maven/update_checker/requirements_updater.rb +1 -3
- data/lib/dependabot/maven/update_checker/version_finder.rb +2 -6
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: dd4d4d6e445ca6512c400d0aaa9ef7d2013521e26d0002940d6e0b34932ba843
|
4
|
+
data.tar.gz: a4e1b8b330489b0855cf072381c3366a2e320b8741649bf6d15c36bbc95aa400
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 72e9e0142e9fb402b92585626116ddfb6ed26a8617c4f1e3fab6dbc3b15cce30a3d1276cbdca711d87d17297a0f61d8b69a4855e6282f91dc48b89b393e233ba
|
7
|
+
data.tar.gz: 24ccaa7cd7ea474230baba11368cc93711fb1890d80632bc0a79cf817d070de1020f241ab17a5a830be6a0ca79380dad582149980e1a5dfc152ca238c96d1599
|
@@ -42,9 +42,7 @@ module Dependabot
|
|
42
42
|
end
|
43
43
|
|
44
44
|
# If we found a property, return it
|
45
|
-
if node
|
46
|
-
return { file: pom.name, node: node, value: node.content.strip }
|
47
|
-
end
|
45
|
+
return { file: pom.name, node: node, value: node.content.strip } if node
|
48
46
|
|
49
47
|
# Otherwise, look for a value in this pom's parent
|
50
48
|
return unless (parent = parent_pom(pom))
|
@@ -99,9 +97,7 @@ module Dependabot
|
|
99
97
|
|
100
98
|
name = [group_id, artifact_id].join(":")
|
101
99
|
|
102
|
-
if internal_dependency_poms[name]
|
103
|
-
return internal_dependency_poms[name]
|
104
|
-
end
|
100
|
+
return internal_dependency_poms[name] if internal_dependency_poms[name]
|
105
101
|
|
106
102
|
return unless version && !version.include?(",")
|
107
103
|
|
@@ -74,9 +74,7 @@ module Dependabot
|
|
74
74
|
|
75
75
|
name = [group_id, artifact_id].join(":")
|
76
76
|
|
77
|
-
if internal_dependency_poms[name]
|
78
|
-
return internal_dependency_poms[name]
|
79
|
-
end
|
77
|
+
return internal_dependency_poms[name] if internal_dependency_poms[name]
|
80
78
|
|
81
79
|
return unless version && !version.include?(",")
|
82
80
|
|
@@ -32,9 +32,7 @@ module Dependabot
|
|
32
32
|
updated_files.reject! { |f| original_pomfiles.include?(f) }
|
33
33
|
|
34
34
|
raise "No files changed!" if updated_files.none?
|
35
|
-
if updated_files.any? { |f| f.name.end_with?("pom_parent.xml") }
|
36
|
-
raise "Updated a supporting POM!"
|
37
|
-
end
|
35
|
+
raise "Updated a supporting POM!" if updated_files.any? { |f| f.name.end_with?("pom_parent.xml") }
|
38
36
|
|
39
37
|
updated_files
|
40
38
|
end
|
@@ -71,9 +71,7 @@ module Dependabot
|
|
71
71
|
end
|
72
72
|
|
73
73
|
def node_group_id(node)
|
74
|
-
unless node.at_xpath("./*/groupId") || node.at_xpath("./plugin")
|
75
|
-
return
|
76
|
-
end
|
74
|
+
return unless node.at_xpath("./*/groupId") || node.at_xpath("./plugin")
|
77
75
|
return "org.apache.maven.plugins" unless node.at_xpath("./*/groupId")
|
78
76
|
|
79
77
|
evaluated_value(node.at_xpath("./*/groupId").content.strip)
|
@@ -29,9 +29,7 @@ module Dependabot
|
|
29
29
|
|
30
30
|
def repo_has_subdir_for_dep?(tmp_source)
|
31
31
|
@repo_has_subdir_for_dep ||= {}
|
32
|
-
if @repo_has_subdir_for_dep.key?(tmp_source)
|
33
|
-
return @repo_has_subdir_for_dep[tmp_source]
|
34
|
-
end
|
32
|
+
return @repo_has_subdir_for_dep[tmp_source] if @repo_has_subdir_for_dep.key?(tmp_source)
|
35
33
|
|
36
34
|
fetcher =
|
37
35
|
FileFetchers::Base.new(source: tmp_source, credentials: credentials)
|
@@ -62,9 +62,7 @@ module Dependabot
|
|
62
62
|
raise "Can't convert multiple Java reqs to a single Ruby one"
|
63
63
|
end
|
64
64
|
|
65
|
-
if req_string&.include?(",")
|
66
|
-
return convert_java_range_to_ruby_range(req_string)
|
67
|
-
end
|
65
|
+
return convert_java_range_to_ruby_range(req_string) if req_string&.include?(",")
|
68
66
|
|
69
67
|
convert_java_equals_req_to_ruby(req_string)
|
70
68
|
end
|
@@ -34,9 +34,7 @@ module Dependabot
|
|
34
34
|
next req if req.fetch(:requirement).include?(",")
|
35
35
|
|
36
36
|
property_name = req.dig(:metadata, :property_name)
|
37
|
-
if property_name && !properties_to_update.include?(property_name)
|
38
|
-
next req
|
39
|
-
end
|
37
|
+
next req if property_name && !properties_to_update.include?(property_name)
|
40
38
|
|
41
39
|
new_req = update_requirement(req[:requirement])
|
42
40
|
req.merge(requirement: new_req, source: updated_source)
|
@@ -62,9 +62,7 @@ module Dependabot
|
|
62
62
|
map { |version| { version: version, source_url: url } }
|
63
63
|
end.flatten
|
64
64
|
|
65
|
-
if version_details.none? && forbidden_urls.any?
|
66
|
-
raise PrivateSourceAuthenticationFailure, forbidden_urls.first
|
67
|
-
end
|
65
|
+
raise PrivateSourceAuthenticationFailure, forbidden_urls.first if version_details.none? && forbidden_urls.any?
|
68
66
|
|
69
67
|
version_details.sort_by { |details| details.fetch(:version) }
|
70
68
|
end
|
@@ -102,9 +100,7 @@ module Dependabot
|
|
102
100
|
reject { |v| ignore_req.satisfied_by?(v.fetch(:version)) }
|
103
101
|
end
|
104
102
|
|
105
|
-
if @raise_on_ignored && filtered.empty? && possible_versions.any?
|
106
|
-
raise AllVersionsIgnored
|
107
|
-
end
|
103
|
+
raise AllVersionsIgnored if @raise_on_ignored && filtered.empty? && possible_versions.any?
|
108
104
|
|
109
105
|
filtered
|
110
106
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-maven
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.125.
|
4
|
+
version: 0.125.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.125.
|
19
|
+
version: 0.125.1
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.125.
|
26
|
+
version: 0.125.1
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: byebug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|