RubyGems - dependabot-maven - Versions diffs - 0.229.0 → 0.230.0 - Mend

dependabot-maven 0.229.0 → 0.230.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/lib/dependabot/maven/file_parser.rb +3 -5
data/lib/dependabot/maven/file_updater/declaration_finder.rb +3 -2
data/lib/dependabot/maven/metadata_finder.rb +1 -1
data/lib/dependabot/maven/update_checker/version_finder.rb +4 -4
data/lib/dependabot/maven.rb +1 -1
metadata +5 -5

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8528262845404b8a187faa6ec2abc202e012c4098e4d51cdef5dd10847ade02c
-  data.tar.gz: 57a36d2eb6186032594b193bbb2ff16078d9acf8c66d8966780c210eef959c28
+  metadata.gz: 4b95054ae9f73c0b71b2647a59eae5b1a44f46a9b801931b2a1ac7414881d86c
+  data.tar.gz: ae55f1a5ed06cd8e683e6e3ff26f8628207df69ba4db3abfbb37165ee3aacef1
 SHA512:
-  metadata.gz: 81a88f8ec6c6eac33856384e4e192f61a1ce73e4534ac0f2f05cf3118f2e2c2f875d77a3ca8be7843ecb72e9bf4dc7f81a504d9b60761019567ad5ac80de6376
-  data.tar.gz: 6cf998ef0bf7dd6cc4d00a8e72b742d3b7350445e47dba67a0d49dc0e4c11807aa4e75c7d6a8b5a379043f8a1744d590dcfff9c9e649bcc68a4f0d6b234820e1
+  metadata.gz: abb5e9a5cc45c83a96b8fb420e21a72574a0e9875db4cef29e06da49306c39a04a8fe173e59e5933f3b3793a6a272890c88d009a217bfca9721c1a01ceac9d4a
+  data.tar.gz: 1c2b723dda910f6926e514bc46d2e021cffe2d254ab82c16056bb2541834aa19619655a010977a1a6a2a9da0bb24afa874253384435588aed7a72a078997e5d9

data/lib/dependabot/maven/file_parser.rb CHANGED Viewed

@@ -89,9 +89,6 @@ module Dependabot
         return unless (name = dependency_name(dependency_node, pom))
         return if internal_dependency_names.include?(name)
-        classifier = dependency_classifier(dependency_node, pom)
-        name = "#{name}:#{classifier}" if classifier
         build_dependency(pom, dependency_node, name)
       end
@@ -119,8 +116,9 @@ module Dependabot
             groups: dependency_groups(pom, dependency_node),
             source: nil,
             metadata: {
-              packaging_type: packaging_type(pom, dependency_node)
-            }.merge(property_details)
+              packaging_type: packaging_type(pom, dependency_node),
+              classifier: dependency_classifier(dependency_node, pom)
+            }.merge(property_details).compact
           }]
         )
       end

data/lib/dependabot/maven/file_updater/declaration_finder.rb CHANGED Viewed

@@ -59,8 +59,9 @@ module Dependabot
             ].compact.join(":")
             if node.at_xpath("./*/classifier")
-              node_name += ":#{evaluated_value(node.at_xpath('./*/classifier').
-                content.strip)}"
+              classifier = evaluated_value(node.at_xpath("./*/classifier").content.strip)
+              dep_classifier = dependency.requirements.first.dig(:metadata, :classifier)
+              next false if classifier != dep_classifier
             end
             next false unless node_name == dependency_name

data/lib/dependabot/maven/metadata_finder.rb CHANGED Viewed

@@ -117,7 +117,7 @@ module Dependabot
       end
       def dependency_artifact_id
-        _group_id, artifact_id, _classifier = dependency.name.split(":")
+        _group_id, artifact_id = dependency.name.split(":")
         artifact_id
       end

data/lib/dependabot/maven/update_checker/version_finder.rb CHANGED Viewed

@@ -251,7 +251,7 @@ module Dependabot
         end
         def dependency_metadata_url(repository_url)
-          group_id, artifact_id, _classifier = dependency.name.split(":")
+          group_id, artifact_id = dependency.name.split(":")
           "#{repository_url}/" \
             "#{group_id.tr('.', '/')}/" \
@@ -260,9 +260,9 @@ module Dependabot
         end
         def dependency_files_url(repository_url, version)
-          group_id, artifact_id, classifier = dependency.name.split(":")
-          type = dependency.requirements.first.
-                 dig(:metadata, :packaging_type)
+          group_id, artifact_id = dependency.name.split(":")
+          type = dependency.requirements.first.dig(:metadata, :packaging_type)
+          classifier = dependency.requirements.first.dig(:metadata, :classifier)
           actual_classifier = classifier.nil? ? "" : "-#{classifier}"
           "#{repository_url}/" \

data/lib/dependabot/maven.rb CHANGED Viewed

@@ -22,7 +22,7 @@ Dependabot::Dependency.
   register_display_name_builder(
     "maven",
     lambda { |name|
-      _group_id, artifact_id, _classifier = name.split(":")
+      _group_id, artifact_id = name.split(":")
       name.length <= 100 ? name : artifact_id
     }
   )

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-maven
 version: !ruby/object:Gem::Version
-  version: 0.229.0
+  version: 0.230.0
 platform: ruby
 authors:
 - Dependabot
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-08-30 00:00:00.000000000 Z
+date: 2023-09-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.229.0
+        version: 0.230.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.229.0
+        version: 0.230.0
 - !ruby/object:Gem::Dependency
   name: debug
   requirement: !ruby/object:Gem::Requirement
@@ -208,7 +208,7 @@ licenses:
 - Nonstandard
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.229.0
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.230.0
 post_install_message:
 rdoc_options: []
 require_paths: