dependabot-maven 0.166.1 → 0.167.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/maven/file_updater/declaration_finder.rb +8 -5
  3. data/lib/dependabot/maven/update_checker/property_updater.rb +1 -1
  4. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 33ac616f5a89a57889089cce6b6781d33528962c0f21195c9fd5af03093249b4
4
- data.tar.gz: 18667d33739dc5bb56c34ce502399fe5826781640499c8327bf74488b55561ad
3
+ metadata.gz: 65eb2460e1b7e9cea848fcc71910d6445d3c20e08fc72da184c7b5aaea39f310
4
+ data.tar.gz: 533a99b8383e25bb4480a66484b5a79a580a71c27eaa79cf44611e4f1e7b2ca3
5
5
  SHA512:
6
- metadata.gz: 8d1b2ff41906d25d06eae66c9b815b3be3feab9fee3a4688b0a5512edc07dfe2d7eefa56326889c3e1e6b737e3be2b85b397f519b467e8763ab3be257b66c903
7
- data.tar.gz: 2b4ec4ec71b7f99b0fd581d55fb51b4ff9c1f039ca9be25cb9fbf60b2a0bbd0ee7ed577902e7546bae01da6824a77dd158ba68711da46ec894c02ee85ebba662
6
+ metadata.gz: f75251e8bd2131313f6187ce25acd48038aa8d5e015983201d13a06a00e83b75f6f522f12b9537a805f6289c430a77ca0c917894ba0da540c3329fc41c22486b
7
+ data.tar.gz: 4f8c04ee4c43d2af22acfe5bf87532c0242617ac153d4f4a5577d99ba02acb8f902403ea6333487e5664ea2432eb3064cffcb440a44a955419e3274e31c3903f
data/lib/dependabot/maven/file_updater/declaration_finder.rb CHANGED
@@ -9,9 +9,7 @@ module Dependabot
9
9
  module Maven
10
10
  class FileUpdater
11
11
  class DeclarationFinder
12
- DECLARATION_REGEX =
13
- %r{<parent>.*?</parent>|<dependency>.*?</dependency>|
14
- <plugin>.*?</plugin>|<extension>.*?</extension>}mx.freeze
12
+ DECLARATION_TYPES = %w(parent dependency plugin extension).freeze
15
13
 
16
14
  attr_reader :dependency, :declaring_requirement, :dependency_files
17
15
 
@@ -78,9 +76,14 @@ module Dependabot
78
76
  end
79
77
 
80
78
  def deep_find_declarations(string)
81
- string.scan(DECLARATION_REGEX).flat_map do |matching_node|
82
- [matching_node, *deep_find_declarations(matching_node[1..-1])]
79
+ pom = Nokogiri::XML(string)
80
+ nodes = []
81
+ pom.traverse do |node|
82
+ next unless DECLARATION_TYPES.include?(node.node_name)
83
+
84
+ nodes << node.to_s
83
85
  end
86
+ nodes
84
87
  end
85
88
 
86
89
  def declaring_requirement_matches?(node)
data/lib/dependabot/maven/update_checker/property_updater.rb CHANGED
@@ -105,7 +105,7 @@ module Dependabot
105
105
  dependency: dep,
106
106
  declaring_requirement: declaring_requirement,
107
107
  dependency_files: dependency_files
108
- ).declaration_nodes.first.at_css("version")&.content
108
+ ).declaration_nodes.first.at_xpath("./*/version")&.content
109
109
  end
110
110
 
111
111
  def pom
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-maven
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.166.1
4
+ version: 0.167.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-11-14 00:00:00.000000000 Z
11
+ date: 2021-11-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.166.1
19
+ version: 0.167.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.166.1
26
+ version: 0.167.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement