dependabot-maven 0.211.0 → 0.212.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b27a606e758a694d530b58bef9c1135138e041909753e66070b75da20d456e06
-  data.tar.gz: 1896007d54b0b5be26fbeb1c6cf9d7baf915e4f0653a498895d0cd2c47479870
+  metadata.gz: 742cfd118855d8a31a6789c4f6e49e6750a56507c5163155f331fc2c37cd02ea
+  data.tar.gz: 5d2997c3c84a670196038e17b10f6a8838d651435bff71ef4a52893424b63139
 SHA512:
-  metadata.gz: 52453588e68a9277e93d3e47ea0b762b67b598fb500bf1508894ae17b182434fd9dbb3fdbc1c3f475cc4fbde2b553dbdfe28f8b248b173d3489cd839859a746f
-  data.tar.gz: b47b9fa0958db859be40836138604108f711252bcefad7c62e426e33e370324a4f80b960c8d13cd8c8db27b6745877bbe5cddca5ada52ffa64abe357ca335cca
+  metadata.gz: cae2fb00b853ad401cf24b1ebcb5db66eac4287e060de4feca5e4d2c765408244f6b852ff57884f556e43defe40caae56144f62964aae25f0f583f853107a3d6
+  data.tar.gz: fb83ba87f201e2a6480686f3a1144412fc44e0aaeab1cb4ff9ac5d53ec6df0fcd54e65fb4abab8d2185b9cdab9416d49e99309ccf976eeda1e2aea79474d5fa4

data/lib/dependabot/maven/file_fetcher.rb

@@ -7,7 +7,7 @@ require "dependabot/file_fetchers/base"
 module Dependabot
   module Maven
     class FileFetcher < Dependabot::FileFetchers::Base
-      MODULE_SELECTOR = "project > modules > module, "\
+      MODULE_SELECTOR = "project > modules > module, " \
                         "profile > modules > module"
 
       def self.required_files_in?(filenames)

data/lib/dependabot/maven/file_parser/property_value_finder.rb

@@ -148,9 +148,9 @@ module Dependabot
         end
 
         def remote_pom_url(group_id, artifact_id, version, base_repo_url)
-          "#{base_repo_url}/"\
-          "#{group_id.tr('.', '/')}/#{artifact_id}/#{version}/"\
-          "#{artifact_id}-#{version}.pom"
+          "#{base_repo_url}/" \
+            "#{group_id.tr('.', '/')}/#{artifact_id}/#{version}/" \
+            "#{artifact_id}-#{version}.pom"
         end
 
         def pom?(content)

data/lib/dependabot/maven/file_parser/repositories_finder.rb

@@ -18,7 +18,7 @@ module Dependabot
         # In theory we should check the artifact type and either look in
         # <repositories> or <pluginRepositories>. In practice it's unlikely
         # anyone makes this distinction.
-        REPOSITORY_SELECTOR = "repositories > repository, "\
+        REPOSITORY_SELECTOR = "repositories > repository, " \
                               "pluginRepositories > pluginRepository"
 
         # The Central Repository is included in the Super POM, which is
@@ -137,9 +137,9 @@ module Dependabot
         end
 
         def remote_pom_url(group_id, artifact_id, version, base_repo_url)
-          "#{base_repo_url}/"\
-          "#{group_id.tr('.', '/')}/#{artifact_id}/#{version}/"\
-          "#{artifact_id}-#{version}.pom"
+          "#{base_repo_url}/" \
+            "#{group_id.tr('.', '/')}/#{artifact_id}/#{version}/" \
+            "#{artifact_id}-#{version}.pom"
         end
 
         def contains_property?(value)

data/lib/dependabot/maven/file_parser.rb

@@ -21,8 +21,8 @@ module Dependabot
       # - Any dependencies (incl. those in dependencyManagement or plugins)
       # - Any plugins (incl. those in pluginManagement)
       # - Any extensions
-      DEPENDENCY_SELECTOR = "project > parent, "\
-                            "dependencies > dependency, "\
+      DEPENDENCY_SELECTOR = "project > parent, " \
+                            "dependencies > dependency, " \
                             "extensions > extension"
       PLUGIN_SELECTOR     = "plugins > plugin"
       EXTENSION_SELECTOR  = "extensions > extension"
@@ -283,7 +283,7 @@ module Dependabot
 
       def internal_dependency_names
         @internal_dependency_names ||=
-          dependency_files.map do |pom|
+          dependency_files.filter_map do |pom|
             doc = Nokogiri::XML(pom.content)
             group_id = doc.at_css("project > groupId") ||
                        doc.at_css("project > parent > groupId")
@@ -292,7 +292,7 @@ module Dependabot
             next unless group_id && artifact_id
 
             [group_id.content.strip, artifact_id.content.strip].join(":")
-          end.compact
+          end
       end
 
       def check_required_files

data/lib/dependabot/maven/file_updater/property_value_updater.rb

@@ -28,7 +28,7 @@ module Dependabot
             \s*#{Regexp.quote(node.content)}\s*
             </#{Regexp.quote(node.name)}>}xm
           property_text = node.to_s
-          if pom_to_update.content =~ property_re
+          if pom_to_update.content&.match?(property_re)
             updated_content = pom_to_update.content.sub(
               property_re,
               "<#{node.name}>#{updated_value}</#{node.name}>"

data/lib/dependabot/maven/file_updater.rb

@@ -31,7 +31,7 @@ module Dependabot
           )
         end
 
-        updated_files.select! { |f| f.name.end_with?("pom.xml") || f.name.end_with?("extensions.xml") }
+        updated_files.select! { |f| f.name.end_with?("pom.xml", "extensions.xml") }
         updated_files.reject! { |f| dependency_files.include?(f) }
 
         raise "No files changed!" if updated_files.none?

data/lib/dependabot/maven/metadata_finder.rb

@@ -131,8 +131,8 @@ module Dependabot
 
         return unless artifact_id && group_id && version
 
-        url = "#{maven_repo_url}/#{group_id.tr('.', '/')}/#{artifact_id}/"\
-              "#{version}/"\
+        url = "#{maven_repo_url}/#{group_id.tr('.', '/')}/#{artifact_id}/" \
+              "#{version}/" \
               "#{artifact_id}-#{version}.pom"
 
         response = Dependabot::RegistryClient.get(

data/lib/dependabot/maven/update_checker/version_finder.rb

@@ -248,10 +248,10 @@ module Dependabot
         def dependency_metadata_url(repository_url)
           group_id, artifact_id, _classifier = dependency.name.split(":")
 
-          "#{repository_url}/"\
-          "#{group_id.tr('.', '/')}/"\
-          "#{artifact_id}/"\
-          "maven-metadata.xml"
+          "#{repository_url}/" \
+            "#{group_id.tr('.', '/')}/" \
+            "#{artifact_id}/" \
+            "maven-metadata.xml"
         end
 
         def dependency_files_url(repository_url, version)
@@ -260,11 +260,11 @@ module Dependabot
                  dig(:metadata, :packaging_type)
 
           actual_classifier = classifier.nil? ? "" : "-#{classifier}"
-          "#{repository_url}/"\
-          "#{group_id.tr('.', '/')}/"\
-          "#{artifact_id}/"\
-          "#{version}/"\
-          "#{artifact_id}-#{version}#{actual_classifier}.#{type}"
+          "#{repository_url}/" \
+            "#{group_id.tr('.', '/')}/" \
+            "#{artifact_id}/" \
+            "#{version}/" \
+            "#{artifact_id}-#{version}#{actual_classifier}.#{type}"
         end
 
         def version_class

data/lib/dependabot/maven/version.rb

@@ -27,8 +27,8 @@ module Dependabot
         "sp" => 7
       }.freeze
       VERSION_PATTERN =
-        "[0-9a-zA-Z]+"\
-        '(?>\.[0-9a-zA-Z]*)*'\
+        "[0-9a-zA-Z]+" \
+        '(?>\.[0-9a-zA-Z]*)*' \
         '([_\-\+][0-9A-Za-z_-]*(\.[0-9A-Za-z_-]*)*)?'
       ANCHORED_VERSION_PATTERN = /\A\s*(#{VERSION_PATTERN})?\s*\z/.freeze
 
@@ -117,11 +117,11 @@ module Dependabot
       end
 
       def trim_version(version)
-        version.split("-").map do |v|
+        version.split("-").filter_map do |v|
           parts = v.split(".")
           parts = parts[0..-2] while NULL_VALUES.include?(parts&.last)
           parts&.join(".")
-        end.compact.reject(&:empty?).join("-")
+        end.reject(&:empty?).join("-")
       end
 
       def convert_dates(version, other_version)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-maven
 version: !ruby/object:Gem::Version
-  version: 0.211.0
+  version: 0.212.0
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-08-23 00:00:00.000000000 Z
+date: 2022-09-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.211.0
+        version: 0.212.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.211.0
+        version: 0.212.0
 - !ruby/object:Gem::Dependency
   name: debase
   requirement: !ruby/object:Gem::Requirement
@@ -86,14 +86,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.11.1
+        version: 3.12.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.11.1
+        version: 3.12.0
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -142,14 +142,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.35.1
+        version: 1.36.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.35.1
+        version: 1.36.0
+- !ruby/object:Gem::Dependency
+  name: rubocop-performance
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.14.2
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.14.2
 - !ruby/object:Gem::Dependency
   name: ruby-debug-ide
   requirement: !ruby/object:Gem::Requirement