dependabot-maven 0.229.0 → 0.230.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/maven/file_parser.rb +3 -5
  3. data/lib/dependabot/maven/file_updater/declaration_finder.rb +3 -2
  4. data/lib/dependabot/maven/metadata_finder.rb +1 -1
  5. data/lib/dependabot/maven/update_checker/version_finder.rb +4 -4
  6. data/lib/dependabot/maven.rb +1 -1
  7. metadata +5 -5
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 8528262845404b8a187faa6ec2abc202e012c4098e4d51cdef5dd10847ade02c
4
- data.tar.gz: 57a36d2eb6186032594b193bbb2ff16078d9acf8c66d8966780c210eef959c28
3
+ metadata.gz: 4b95054ae9f73c0b71b2647a59eae5b1a44f46a9b801931b2a1ac7414881d86c
4
+ data.tar.gz: ae55f1a5ed06cd8e683e6e3ff26f8628207df69ba4db3abfbb37165ee3aacef1
5
5
  SHA512:
6
- metadata.gz: 81a88f8ec6c6eac33856384e4e192f61a1ce73e4534ac0f2f05cf3118f2e2c2f875d77a3ca8be7843ecb72e9bf4dc7f81a504d9b60761019567ad5ac80de6376
7
- data.tar.gz: 6cf998ef0bf7dd6cc4d00a8e72b742d3b7350445e47dba67a0d49dc0e4c11807aa4e75c7d6a8b5a379043f8a1744d590dcfff9c9e649bcc68a4f0d6b234820e1
6
+ metadata.gz: abb5e9a5cc45c83a96b8fb420e21a72574a0e9875db4cef29e06da49306c39a04a8fe173e59e5933f3b3793a6a272890c88d009a217bfca9721c1a01ceac9d4a
7
+ data.tar.gz: 1c2b723dda910f6926e514bc46d2e021cffe2d254ab82c16056bb2541834aa19619655a010977a1a6a2a9da0bb24afa874253384435588aed7a72a078997e5d9
data/lib/dependabot/maven/file_parser.rb CHANGED
@@ -89,9 +89,6 @@ module Dependabot
89
89
  return unless (name = dependency_name(dependency_node, pom))
90
90
  return if internal_dependency_names.include?(name)
91
91
 
92
- classifier = dependency_classifier(dependency_node, pom)
93
- name = "#{name}:#{classifier}" if classifier
94
-
95
92
  build_dependency(pom, dependency_node, name)
96
93
  end
97
94
 
@@ -119,8 +116,9 @@ module Dependabot
119
116
  groups: dependency_groups(pom, dependency_node),
120
117
  source: nil,
121
118
  metadata: {
122
- packaging_type: packaging_type(pom, dependency_node)
123
- }.merge(property_details)
119
+ packaging_type: packaging_type(pom, dependency_node),
120
+ classifier: dependency_classifier(dependency_node, pom)
121
+ }.merge(property_details).compact
124
122
  }]
125
123
  )
126
124
  end
data/lib/dependabot/maven/file_updater/declaration_finder.rb CHANGED
@@ -59,8 +59,9 @@ module Dependabot
59
59
  ].compact.join(":")
60
60
 
61
61
  if node.at_xpath("./*/classifier")
62
- node_name += ":#{evaluated_value(node.at_xpath('./*/classifier').
63
- content.strip)}"
62
+ classifier = evaluated_value(node.at_xpath("./*/classifier").content.strip)
63
+ dep_classifier = dependency.requirements.first.dig(:metadata, :classifier)
64
+ next false if classifier != dep_classifier
64
65
  end
65
66
 
66
67
  next false unless node_name == dependency_name
data/lib/dependabot/maven/metadata_finder.rb CHANGED
@@ -117,7 +117,7 @@ module Dependabot
117
117
  end
118
118
 
119
119
  def dependency_artifact_id
120
- _group_id, artifact_id, _classifier = dependency.name.split(":")
120
+ _group_id, artifact_id = dependency.name.split(":")
121
121
 
122
122
  artifact_id
123
123
  end
data/lib/dependabot/maven/update_checker/version_finder.rb CHANGED
@@ -251,7 +251,7 @@ module Dependabot
251
251
  end
252
252
 
253
253
  def dependency_metadata_url(repository_url)
254
- group_id, artifact_id, _classifier = dependency.name.split(":")
254
+ group_id, artifact_id = dependency.name.split(":")
255
255
 
256
256
  "#{repository_url}/" \
257
257
  "#{group_id.tr('.', '/')}/" \
@@ -260,9 +260,9 @@ module Dependabot
260
260
  end
261
261
 
262
262
  def dependency_files_url(repository_url, version)
263
- group_id, artifact_id, classifier = dependency.name.split(":")
264
- type = dependency.requirements.first.
265
- dig(:metadata, :packaging_type)
263
+ group_id, artifact_id = dependency.name.split(":")
264
+ type = dependency.requirements.first.dig(:metadata, :packaging_type)
265
+ classifier = dependency.requirements.first.dig(:metadata, :classifier)
266
266
 
267
267
  actual_classifier = classifier.nil? ? "" : "-#{classifier}"
268
268
  "#{repository_url}/" \
data/lib/dependabot/maven.rb CHANGED
@@ -22,7 +22,7 @@ Dependabot::Dependency.
22
22
  register_display_name_builder(
23
23
  "maven",
24
24
  lambda { |name|
25
- _group_id, artifact_id, _classifier = name.split(":")
25
+ _group_id, artifact_id = name.split(":")
26
26
  name.length <= 100 ? name : artifact_id
27
27
  }
28
28
  )
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-maven
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.229.0
4
+ version: 0.230.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-08-30 00:00:00.000000000 Z
11
+ date: 2023-09-08 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.229.0
19
+ version: 0.230.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.229.0
26
+ version: 0.230.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -208,7 +208,7 @@ licenses:
208
208
  - Nonstandard
209
209
  metadata:
210
210
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
211
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.229.0
211
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.230.0
212
212
  post_install_message:
213
213
  rdoc_options: []
214
214
  require_paths: