dependabot-maven 0.87.2 → 0.87.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1880be235fef169b863fc185a925cab74b63ec98a28d08e79fd5c6ea2bc70138
|
|
4
|
+
data.tar.gz: 8bc1db86af51d6c635994e87e4c1faf4a445f2afef91b5490dfdb1da9720c9d6
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: dc07baff07e7cd071a77f761f039af005d5a8e85154857c3e8ff92e80e37d20ecb41606d1d48ab41d540cc30c22c63b8c786b5e0cd79f40baa014f324cf8b93d
|
|
7
|
+
data.tar.gz: d8b90a1b75ef6feabc5fb3ec147b3cf4927cae47419947f75809dbbc9c90ba41cf80b49c4639d43d51bc47b97940f2388971acbe08c10f27cc3e4517b9e0a4ce
|
|
@@ -186,7 +186,8 @@ module Dependabot
|
|
|
186
186
|
named_captures.fetch("property")
|
|
187
187
|
property_value = value_for_property(property_name, pom)
|
|
188
188
|
|
|
189
|
-
value.gsub(PROPERTY_REGEX, property_value)
|
|
189
|
+
new_value = value.gsub(value.match(PROPERTY_REGEX).to_s, property_value)
|
|
190
|
+
evaluated_value(new_value, pom)
|
|
190
191
|
end
|
|
191
192
|
|
|
192
193
|
def property_source(dependency_node, pom)
|
|
@@ -128,7 +128,10 @@ module Dependabot
|
|
|
128
128
|
|
|
129
129
|
return value unless property_value
|
|
130
130
|
|
|
131
|
-
value.gsub(
|
|
131
|
+
value.gsub(
|
|
132
|
+
value.match(Maven::FileParser::PROPERTY_REGEX).to_s,
|
|
133
|
+
property_value
|
|
134
|
+
)
|
|
132
135
|
end
|
|
133
136
|
|
|
134
137
|
def property_value_finder
|
|
@@ -26,6 +26,8 @@ module Dependabot
|
|
|
26
26
|
|
|
27
27
|
@update_possible ||=
|
|
28
28
|
dependencies_using_property.all? do |dep|
|
|
29
|
+
next false if includes_property_reference?(updated_version(dep))
|
|
30
|
+
|
|
29
31
|
versions = VersionFinder.new(
|
|
30
32
|
dependency: dep,
|
|
31
33
|
dependency_files: dependency_files,
|
|
@@ -33,7 +35,7 @@ module Dependabot
|
|
|
33
35
|
ignored_versions: ignored_versions
|
|
34
36
|
).versions.map { |v| v.fetch(:version) }
|
|
35
37
|
|
|
36
|
-
versions.include?(
|
|
38
|
+
versions.include?(updated_version(dep)) || versions.none?
|
|
37
39
|
end
|
|
38
40
|
end
|
|
39
41
|
|
|
@@ -89,6 +91,10 @@ module Dependabot
|
|
|
89
91
|
dig(:metadata, :property_source)
|
|
90
92
|
end
|
|
91
93
|
|
|
94
|
+
def includes_property_reference?(string)
|
|
95
|
+
string.match?(Maven::FileParser::PROPERTY_REGEX)
|
|
96
|
+
end
|
|
97
|
+
|
|
92
98
|
def version_string(dep)
|
|
93
99
|
declaring_requirement =
|
|
94
100
|
dep.requirements.
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-maven
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.87.
|
|
4
|
+
version: 0.87.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.87.
|
|
19
|
+
version: 0.87.3
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.87.
|
|
26
|
+
version: 0.87.3
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|