Class: Dependabot::Maven::FileParser::RepositoriesFinder

Inherits:
Object
  • Object
show all
Defined in:
lib/dependabot/maven/file_parser/repositories_finder.rb

Constant Summary collapse

REPOSITORY_SELECTOR =

In theory we should check the artifact type and either look in <repositories> or <pluginRepositories>. In practice it’s unlikely anyone makes this distinction.

"repositories > repository, "\
"pluginRepositories > pluginRepository"
CENTRAL_REPO_URL =

The Central Repository is included in the Super POM, which is always inherited from.

"https://repo.maven.apache.org/maven2"

Instance Method Summary collapse

Constructor Details

#initialize(dependency_files:, evaluate_properties: true) ⇒ RepositoriesFinder

Returns a new instance of RepositoriesFinder.



28
29
30
31
32
33
34
35
 
# File 'lib/dependabot/maven/file_parser/repositories_finder.rb', line 28

def initialize(dependency_files:, evaluate_properties: true)
  @dependency_files = dependency_files

  # We need the option not to evaluate properties so as not to have a
  # circular dependency between this class and the PropertyValueFinder
  # class
  @evaluate_properties = evaluate_properties
end

Instance Method Details

#repository_urls(pom:, exclude_inherited: false) ⇒ Object

Collect all repository URLs from this POM and its parents



38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
 
# File 'lib/dependabot/maven/file_parser/repositories_finder.rb', line 38

def repository_urls(pom:, exclude_inherited: false)
  repo_urls_in_pom =
    Nokogiri::XML(pom.content).
    css(REPOSITORY_SELECTOR).
    map { |node| node.at_css("url").content.strip.gsub(%r{/$}, "") }.
    reject { |url| contains_property?(url) && !evaluate_properties? }.
    select { |url| url.start_with?("http") }.
    map { |url| evaluated_value(url, pom) }

  return repo_urls_in_pom + [CENTRAL_REPO_URL] if exclude_inherited

  unless (parent = parent_pom(pom, repo_urls_in_pom))
    return repo_urls_in_pom + [CENTRAL_REPO_URL]
  end

  repo_urls_in_pom + repository_urls(pom: parent)
end