dependabot-pub 0.332.0 → 0.334.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/pub/file_fetcher.rb +18 -2
  3. data/lib/dependabot/pub/requirement.rb +1 -1
  4. metadata +6 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a28215163500eba999a50d9308e80ffd678b6de74c1c79283f9d8cabe0badab1
4
- data.tar.gz: dc86d89e1f8d19f6850a0e556ba1459c6d864f106bf07d3e9398ba95b4f093d3
3
+ metadata.gz: e7c629ce8ff27c25b95a3f4df12763784ef000d30cf2994fb4ba19abb397e586
4
+ data.tar.gz: 5b9bcf4c7ddd567c03da21decba2aee418b23d2adb7b5f60f0362b4008cebd57
5
5
  SHA512:
6
- metadata.gz: 8cd124626d47978957f945e8b432fe73d285ac1392c5bac3d593b1b36e900ba9cd9e4831959e0c3d831d603953541b6ca26c75e68f23459de1313f67e70cbc33
7
- data.tar.gz: a370978d6cd143ba7f875ecdd12a60b1f5c5ccde5480e8c651265ab112b13e30b9f4adbe1a9da37b88598b2eefc55893daa8bf8d05ed17a6c92ea4c3fc24e9ff
6
+ metadata.gz: ceedf9d2141426aea8f8780a90a86ffc91a931d7734fbe0772ef44d941bb39cc88c805d808b259f13de32e2c04837df3e9b766b69358da05caf27e845457ca2c
7
+ data.tar.gz: 6f72a3ac8507bf2014f100ee3a249fa17405731322a4acdc622e64bad4306c4ada7b3505ce60f206746edc780792f3834e2549ae6decc51e2c24baa9a6e245dd
data/lib/dependabot/pub/file_fetcher.rb CHANGED
@@ -4,6 +4,7 @@
4
4
  require "sorbet-runtime"
5
5
  require "dependabot/file_fetchers"
6
6
  require "dependabot/file_fetchers/base"
7
+ require "dependabot/file_filtering"
7
8
 
8
9
  # For details on pub packages, see:
9
10
  # https://dart.dev/tools/pub/package-layout#the-pubspec
@@ -31,11 +32,26 @@ module Dependabot
31
32
  # Fetch any additional pubspec.yamls in the same git repo for resolving
32
33
  # local path-dependencies and workspace packages.
33
34
  extra_pubspecs = Dir.glob("**/pubspec.yaml", base: clone_repo_contents)
34
- fetched_files += extra_pubspecs.map do |pubspec|
35
+ fetched_files += extra_pubspecs.filter_map do |pubspec|
35
36
  relative_name = Pathname.new("/#{pubspec}").relative_path_from(directory)
37
+
38
+ # Skip excluded workspace pubspec files
39
+ next nil if Dependabot::FileFiltering.should_exclude_path?(relative_name.to_s,
40
+ "workspace pubspec file",
41
+ @exclude_paths)
42
+
36
43
  fetch_file_from_host(relative_name)
37
44
  end
38
- fetched_files.uniq
45
+
46
+ # Filter excluded files from final collection
47
+ filtered_files = fetched_files.uniq.reject do |file|
48
+ file_name = T.cast(file, DependencyFile).name
49
+ Dependabot::FileFiltering.should_exclude_path?(file_name,
50
+ "file from final collection",
51
+ @exclude_paths)
52
+ end
53
+
54
+ filtered_files
39
55
  end
40
56
 
41
57
  private
data/lib/dependabot/pub/requirement.rb CHANGED
@@ -107,7 +107,7 @@ module Dependabot
107
107
  return req_string if parts.count >= 3
108
108
 
109
109
  # If we have no parts then the version is completely unlocked
110
- return ">= 0" if parts.count.zero?
110
+ return ">= 0" if parts.none?
111
111
 
112
112
  # If we have fewer than three parts we do a partial match
113
113
  parts << "0"
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-pub
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.332.0
4
+ version: 0.334.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
@@ -15,14 +15,14 @@ dependencies:
15
15
  requirements:
16
16
  - - '='
17
17
  - !ruby/object:Gem::Version
18
- version: 0.332.0
18
+ version: 0.334.0
19
19
  type: :runtime
20
20
  prerelease: false
21
21
  version_requirements: !ruby/object:Gem::Requirement
22
22
  requirements:
23
23
  - - '='
24
24
  - !ruby/object:Gem::Version
25
- version: 0.332.0
25
+ version: 0.334.0
26
26
  - !ruby/object:Gem::Dependency
27
27
  name: debug
28
28
  requirement: !ruby/object:Gem::Requirement
@@ -211,14 +211,14 @@ dependencies:
211
211
  requirements:
212
212
  - - "~>"
213
213
  - !ruby/object:Gem::Version
214
- version: '3.18'
214
+ version: '3.25'
215
215
  type: :development
216
216
  prerelease: false
217
217
  version_requirements: !ruby/object:Gem::Requirement
218
218
  requirements:
219
219
  - - "~>"
220
220
  - !ruby/object:Gem::Version
221
- version: '3.18'
221
+ version: '3.25'
222
222
  - !ruby/object:Gem::Dependency
223
223
  name: webrick
224
224
  requirement: !ruby/object:Gem::Requirement
@@ -259,7 +259,7 @@ licenses:
259
259
  - MIT
260
260
  metadata:
261
261
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
262
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.332.0
262
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.334.0
263
263
  rdoc_options: []
264
264
  require_paths:
265
265
  - lib