From c3bc70fd0c15b2a8f0de6e098b4136db1d62d28a Mon Sep 17 00:00:00 2001 From: mallowlabs Date: Tue, 4 Oct 2022 21:58:52 +0900 Subject: [PATCH 1/2] Add a spec that checks to keep double backslashes in Maven plugins --- .../dependabot/maven/file_updater_spec.rb | 31 +++++++++++++++++++ .../poms/plugin_with_double_backslashes.xml | 28 +++++++++++++++++ 2 files changed, 59 insertions(+) create mode 100644 maven/spec/fixtures/poms/plugin_with_double_backslashes.xml diff --git a/maven/spec/dependabot/maven/file_updater_spec.rb b/maven/spec/dependabot/maven/file_updater_spec.rb index d5d3b594c2d..22333966b05 100644 --- a/maven/spec/dependabot/maven/file_updater_spec.rb +++ b/maven/spec/dependabot/maven/file_updater_spec.rb @@ -599,6 +599,37 @@ end end end + + context "with double backslashes in plugin" do + let(:pom_body) { fixture("poms", "plugin_with_double_backslashes.xml") } + let(:dependencies) do + [ + Dependabot::Dependency.new( + name: "com.diffplug.spotless:spotless-maven-plugin", + version: "2.27.1", + requirements: [{ + file: "pom.xml", + requirement: "2.27.1", + groups: [], + source: nil, + metadata: { packaging_type: "jar" } + }], + previous_requirements: [{ + file: "pom.xml", + requirement: "2.27.0", + groups: [], + source: nil, + metadata: { packaging_type: "jar" } + }], + package_manager: "maven" + ) + ] + end + + its(:content) do + is_expected.to include("java,javax,org,com,,\\\\#") + end + end end context "the updated extensions.xml file" do diff --git a/maven/spec/fixtures/poms/plugin_with_double_backslashes.xml b/maven/spec/fixtures/poms/plugin_with_double_backslashes.xml new file mode 100644 index 00000000000..b919b8a86bb --- /dev/null +++ b/maven/spec/fixtures/poms/plugin_with_double_backslashes.xml @@ -0,0 +1,28 @@ + + 4.0.0 + + com.dependabot + basic-pom + 0.0.1-RELEASE + Dependabot Plugin POM + + pom + + + + + com.diffplug.spotless + spotless-maven-plugin + 2.27.0 + + + + java,javax,org,com,,\\# + + + + + + + From 0dc459fbb75c36ed700f7aa80f003db29044d562 Mon Sep 17 00:00:00 2001 From: mallowlabs Date: Tue, 4 Oct 2022 22:35:59 +0900 Subject: [PATCH 2/2] Fix dependabot removed double backslashes in maven plugin configurations --- maven/lib/dependabot/maven/file_updater.rb | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/maven/lib/dependabot/maven/file_updater.rb b/maven/lib/dependabot/maven/file_updater.rb index 699c67de4c0..a71e43df0f2 100644 --- a/maven/lib/dependabot/maven/file_updater.rb +++ b/maven/lib/dependabot/maven/file_updater.rb @@ -89,10 +89,9 @@ def update_version_in_file(dependency, file, previous_req, requirement) updated_content = file.content original_file_declarations(dependency, previous_req).each do |old_dec| - updated_content = updated_content.gsub( - old_dec, + updated_content = updated_content.gsub(old_dec) do updated_file_declaration(old_dec, previous_req, requirement) - ) + end end raise "Expected content to change!" if updated_content == file.content