dependabot-maven 0.196.3 → 0.196.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e6c41e22acea2ee9476e80647935d119f522031584db0ad581537533a0498c28
-  data.tar.gz: 367fee1df513d268425b327ef466e3f195b5d8bc2ebe78e5addbaf462ae3ca6e
+  metadata.gz: 9f943486183cfc1341852eff617b0c57f24b0e72709b42fd6bcaeceea7d15a10
+  data.tar.gz: e99f8aaa6210d38802d1edddaf8965cdf66762bb246d11a1dabb39a3df6d8d01
 SHA512:
-  metadata.gz: 8fc480b554d32e1d5db9aa20f876edd35bc07ae1b06682d49c62d55d33a6f40fbdcda55b0c2f392ab1cbcbc4de52243d28634ee39d4f84f7568cdd119ea3ec5a
-  data.tar.gz: 3471217d5aaf10677c3e6633a8fd6594b6d1a8c908ef9b98e58c9c3881341b3fca085989eed92b1f97a6724e520b8ea30b15d99cc2f26f08097418c0c13b9268
+  metadata.gz: e81de9f967930d5690d8f1eb6e5aaf7e815592f0688ef572958dd8a4f6c4c1b251e202c792bbc43c7dc1d60caf318274aa2b8d3029aaaa4a87004720ae6f2bb4
+  data.tar.gz: e8fc60ffd7d55731ed5ece553d8f0073740db3ac89929171ce3d968680e0a9ecb6a24adfac7b6d5e9c79f873a97c41b8f84f57733a5cb82fec2aedf587cabdb5

data/lib/dependabot/maven/file_parser/property_value_finder.rb

@@ -4,6 +4,7 @@ require "nokogiri"
 
 require "dependabot/dependency_file"
 require "dependabot/maven/file_parser"
+require "dependabot/registry_client"
 
 # For documentation, see:
 # - http://maven.apache.org/guides/introduction/introduction-to-the-pom.html
@@ -127,7 +128,7 @@ module Dependabot
             url = remote_pom_url(group_id, artifact_id, version, base_url)
 
             @maven_responses ||= {}
-            @maven_responses[url] ||= RegistryClient.get(url: url)
+            @maven_responses[url] ||= Dependabot::RegistryClient.get(url: url)
             next unless @maven_responses[url].status == 200
             next unless pom?(@maven_responses[url].body)
 

data/lib/dependabot/maven/file_parser/repositories_finder.rb

@@ -4,6 +4,7 @@ require "nokogiri"
 
 require "dependabot/dependency_file"
 require "dependabot/maven/file_parser"
+require "dependabot/registry_client"
 require "dependabot/errors"
 
 # For documentation, see:
@@ -109,7 +110,7 @@ module Dependabot
             url = remote_pom_url(group_id, artifact_id, version, base_url)
 
             @maven_responses ||= {}
-            @maven_responses[url] ||= RegistryClient.get(
+            @maven_responses[url] ||= Dependabot::RegistryClient.get(
               url: url,
               # We attempt to find dependencies in private repos before failing over to the CENTRAL_REPO_URL,
               # but this can burn a lot of a job's time against slow servers due to our `read_timeout` being 20 seconds.

data/lib/dependabot/maven/metadata_finder.rb

@@ -7,6 +7,7 @@ require "dependabot/file_fetchers/base"
 require "dependabot/maven/file_parser"
 require "dependabot/maven/file_parser/repositories_finder"
 require "dependabot/maven/utils/auth_headers_finder"
+require "dependabot/registry_client"
 
 module Dependabot
   module Maven
@@ -104,7 +105,7 @@ module Dependabot
       def dependency_pom_file
         return @dependency_pom_file unless @dependency_pom_file.nil?
 
-        response = RegistryClient.get(
+        response = Dependabot::RegistryClient.get(
           url: "#{maven_repo_dependency_url}/#{dependency.version}/#{dependency_artifact_id}-#{dependency.version}.pom",
           headers: auth_headers
         )
@@ -134,7 +135,7 @@ module Dependabot
               "#{version}/"\
               "#{artifact_id}-#{version}.pom"
 
-        response = RegistryClient.get(
+        response = Dependabot::RegistryClient.get(
           url: substitute_properties_in_source_url(url, pom),
           headers: auth_headers
         )

data/lib/dependabot/maven/update_checker/version_finder.rb

@@ -7,6 +7,7 @@ require "dependabot/maven/update_checker"
 require "dependabot/maven/version"
 require "dependabot/maven/requirement"
 require "dependabot/maven/utils/auth_headers_finder"
+require "dependabot/registry_client"
 
 module Dependabot
   module Maven
@@ -138,7 +139,7 @@ module Dependabot
           @released_check[version] =
             repositories.any? do |repository_details|
               url = repository_details.fetch("url")
-              response = RegistryClient.head(
+              response = Dependabot::RegistryClient.head(
                 url: dependency_files_url(url, version),
                 headers: repository_details.fetch("auth_headers")
               )
@@ -160,7 +161,7 @@ module Dependabot
         end
 
         def fetch_dependency_metadata(repository_details)
-          response = RegistryClient.get(
+          response = Dependabot::RegistryClient.get(
             url: dependency_metadata_url(repository_details.fetch("url")),
             headers: repository_details.fetch("auth_headers")
           )

data/lib/dependabot/maven.rb

@@ -9,7 +9,6 @@ require "dependabot/maven/file_updater"
 require "dependabot/maven/metadata_finder"
 require "dependabot/maven/requirement"
 require "dependabot/maven/version"
-require "dependabot/maven/registry_client"
 
 require "dependabot/pull_request_creator/labeler"
 Dependabot::PullRequestCreator::Labeler.

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-maven
 version: !ruby/object:Gem::Version
-  version: 0.196.3
+  version: 0.196.4
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-07-12 00:00:00.000000000 Z
+date: 2022-07-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.196.3
+        version: 0.196.4
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.196.3
+        version: 0.196.4
 - !ruby/object:Gem::Dependency
   name: debase
   requirement: !ruby/object:Gem::Requirement
@@ -236,7 +236,6 @@ files:
 - lib/dependabot/maven/file_updater/declaration_finder.rb
 - lib/dependabot/maven/file_updater/property_value_updater.rb
 - lib/dependabot/maven/metadata_finder.rb
-- lib/dependabot/maven/registry_client.rb
 - lib/dependabot/maven/requirement.rb
 - lib/dependabot/maven/update_checker.rb
 - lib/dependabot/maven/update_checker/property_updater.rb

data/lib/dependabot/maven/registry_client.rb

@@ -1,57 +0,0 @@
-# frozen_string_literal: true
-
-require "dependabot/shared_helpers"
-
-# This class provides a thin wrapper around our normal usage of Excon as a simple HTTP client in order to
-# provide some minor caching functionality.
-#
-# This is not used to support full response caching currently, we just use it to ensure we detect unreachable
-# hosts and fast-fail on any subsequent requests to them to avoid excessive use of retries and connect- or
-# read-timeouts as Maven jobs tend to be sensitive to exceeding our overall 45 minute timeout.
-module Dependabot
-  module Maven
-    class RegistryClient
-      @cached_errors = {}
-
-      def self.get(url:, headers: {}, options: {})
-        raise cached_error_for(url) if cached_error_for(url)
-
-        Excon.get(
-          url,
-          idempotent: true,
-          **SharedHelpers.excon_defaults({ headers: headers }.merge(options))
-        )
-      rescue Excon::Error::Timeout => e
-        cache_error(url, e)
-        raise e
-      end
-
-      def self.head(url:, headers: {}, options: {})
-        raise cached_error_for(url) if cached_error_for(url)
-
-        Excon.head(
-          url,
-          idempotent: true,
-          **SharedHelpers.excon_defaults({ headers: headers }.merge(options))
-        )
-      rescue Excon::Error::Timeout => e
-        cache_error(url, e)
-        raise e
-      end
-
-      def self.clear_cache!
-        @cached_errors = {}
-      end
-
-      private_class_method def self.cache_error(url, error)
-        host = URI(url).host
-        @cached_errors[host] = error
-      end
-
-      private_class_method def self.cached_error_for(url)
-        host = URI(url).host
-        @cached_errors.fetch(host, nil)
-      end
-    end
-  end
-end