dependabot-maven 0.357.0 → 0.358.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/maven/update_checker.rb +9 -0
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 92e12ff7a6302516a2c5ffbfb42dd0409cce759ca308cb9aa921cd49fe1ef5a4
|
|
4
|
+
data.tar.gz: c9fe660bf51ea3c9789b16a32a57e2e911d6446f22e02eb4feff93e99fb33ad0
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 4fc6f5cd078b016a8e699463772d077f3a08c1666791a9bb6338798c402419d0a97d454b8bdd45c2dcc79ea4282e3347de65103719aff195e7c521eb0fc2ecc2
|
|
7
|
+
data.tar.gz: 4e3a49fff8493d1d906193f35d5ff2662e7f9b57418717f71fb56a2ff8a59000aba2c87f99e74cb5d04a7a7ec9352114b27987fbc2860def70221f575b16f371
|
|
@@ -63,6 +63,7 @@ module Dependabot
|
|
|
63
63
|
# return that latest version unless dealing with a property dep.
|
|
64
64
|
# https://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html#Transitive_Dependencies
|
|
65
65
|
return nil if version_comes_from_multi_dependency_property?
|
|
66
|
+
return nil if version_comes_from_project_parent_version?
|
|
66
67
|
|
|
67
68
|
latest_version
|
|
68
69
|
end
|
|
@@ -124,6 +125,7 @@ module Dependabot
|
|
|
124
125
|
|
|
125
126
|
sig { override.returns(T::Boolean) }
|
|
126
127
|
def latest_version_resolvable_with_full_unlock?
|
|
128
|
+
return false if version_comes_from_project_parent_version?
|
|
127
129
|
return false unless version_comes_from_multi_dependency_property?
|
|
128
130
|
|
|
129
131
|
property_updater.update_possible?
|
|
@@ -235,6 +237,13 @@ module Dependabot
|
|
|
235
237
|
dep.requirements.any? { |req| req.dig(:metadata, :property_name) }
|
|
236
238
|
end
|
|
237
239
|
end
|
|
240
|
+
|
|
241
|
+
sig { returns(T::Boolean) }
|
|
242
|
+
def version_comes_from_project_parent_version?
|
|
243
|
+
declarations_using_a_property.any? do |requirement|
|
|
244
|
+
requirement.dig(:metadata, :property_name) == "project.parent.version"
|
|
245
|
+
end
|
|
246
|
+
end
|
|
238
247
|
end
|
|
239
248
|
end
|
|
240
249
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-maven
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.358.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -15,14 +15,14 @@ dependencies:
|
|
|
15
15
|
requirements:
|
|
16
16
|
- - '='
|
|
17
17
|
- !ruby/object:Gem::Version
|
|
18
|
-
version: 0.
|
|
18
|
+
version: 0.358.0
|
|
19
19
|
type: :runtime
|
|
20
20
|
prerelease: false
|
|
21
21
|
version_requirements: !ruby/object:Gem::Requirement
|
|
22
22
|
requirements:
|
|
23
23
|
- - '='
|
|
24
24
|
- !ruby/object:Gem::Version
|
|
25
|
-
version: 0.
|
|
25
|
+
version: 0.358.0
|
|
26
26
|
- !ruby/object:Gem::Dependency
|
|
27
27
|
name: rexml
|
|
28
28
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -286,7 +286,7 @@ licenses:
|
|
|
286
286
|
- MIT
|
|
287
287
|
metadata:
|
|
288
288
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
289
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
289
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.358.0
|
|
290
290
|
rdoc_options: []
|
|
291
291
|
require_paths:
|
|
292
292
|
- lib
|