RubyGems - dependabot-bun - Versions diffs - 0.296.2 → 0.296.3 - Mend

dependabot-bun 0.296.2 → 0.296.3

Files changed (144) hide show

data/helpers/test/yarn/fixtures/conflicting-dependency-parser/dev-dependencies/yarn.lock ADDED Viewed

@@ -0,0 +1,21 @@
+# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
+# yarn lockfile v1
+abind@^1.0.0:
+  version "1.0.5"
+  resolved "https://registry.npmjs.org/abind/-/abind-1.0.5.tgz#9fa11e51ebf0fe8a60a316b28a2a85a0bc08495e"
+  integrity sha512-dbaEZphdPje0ihqSdWg36Sb8S20TuqQomiz2593oIx+enQ9Q4vDZRjIzhnkWltGRKVKqC28kTribkgRLBexWVQ==
+extend@^3.0.0:
+  version "3.0.2"
+  resolved "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz#f8b1136b4071fbd8eb140aff858b1019ec2915fa"
+  integrity sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==
+objnest@^4.1.2:
+  version "4.1.4"
+  resolved "https://registry.npmjs.org/objnest/-/objnest-4.1.4.tgz#4a03b9a366a6d738165ae4938e1cdec6bb02b89f"
+  integrity sha512-8IpltsOlYtRHpiisBVx6xYkHTScU0EGHSk1tTopjUbm4RfSmMbDVkaclIs6K+Z8hFod9CxDmshDEdTs9CiUfbg==
+  dependencies:
+    abind "^1.0.0"
+    extend "^3.0.0"

data/helpers/test/yarn/fixtures/conflicting-dependency-parser/nested/package.json ADDED Viewed

@@ -0,0 +1,14 @@
+{
+  "name": "test",
+  "version": "1.0.0",
+  "description": "",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "author": "",
+  "license": "ISC",
+  "dependencies": {
+    "askconfig": "^4.0.4"
+  }
+}

data/helpers/test/yarn/fixtures/conflicting-dependency-parser/nested/yarn.lock ADDED Viewed

@@ -0,0 +1,183 @@
+# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
+# yarn lockfile v1
+abind@^1.0.4:
+  version "1.0.5"
+  resolved "https://registry.npmjs.org/abind/-/abind-1.0.5.tgz#9fa11e51ebf0fe8a60a316b28a2a85a0bc08495e"
+  integrity sha512-dbaEZphdPje0ihqSdWg36Sb8S20TuqQomiz2593oIx+enQ9Q4vDZRjIzhnkWltGRKVKqC28kTribkgRLBexWVQ==
+ansi-regex@^2.1.1:
+  version "2.1.1"
+  resolved "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.1.1.tgz#c3b33ab5ee360d86e0e628f0468ae7ef27d654df"
+  integrity sha1-w7M6te42DYbg5ijwRorn7yfWVN8=
+argx@^4.0.2:
+  version "4.0.4"
+  resolved "https://registry.npmjs.org/argx/-/argx-4.0.4.tgz#eac913df14181328a2d33fe4897a56e70dbbcdb8"
+  integrity sha512-XLWeRTNBJRzQkbMweLIxdtnvpE7iYUBraPwrIJX57FjL4D1RHLMJRM1AyEP6KZHgvjW7TSnxF8MpGic7YdTGOA==
+  dependencies:
+    iftype "^4.0.9"
+askconfig@^4.0.4:
+  version "4.0.4"
+  resolved "https://registry.npmjs.org/askconfig/-/askconfig-4.0.4.tgz#d541f755848e83417c423efd139599eaff9ed762"
+  integrity sha512-fjB/vmAlUKxGVqcz4mLub3xF8m9rkazhqcXRvrDzeey0iaLhcAg2K8bhJL7pKjE2dFP9qDGv3+yXovYMV9XBJQ==
+  dependencies:
+    argx "^4.0.2"
+    cli-color "^1.4.0"
+    objnest "^5.0.6"
+cli-color@^1.4.0:
+  version "1.4.0"
+  resolved "https://registry.npmjs.org/cli-color/-/cli-color-1.4.0.tgz#7d10738f48526824f8fe7da51857cb0f572fe01f"
+  integrity sha512-xu6RvQqqrWEo6MPR1eixqGPywhYBHRs653F9jfXB2Hx4jdM/3WxiNE1vppRmxtMIfl16SFYTpYlrnqH/HsK/2w==
+  dependencies:
+    ansi-regex "^2.1.1"
+    d "1"
+    es5-ext "^0.10.46"
+    es6-iterator "^2.0.3"
+    memoizee "^0.4.14"
+    timers-ext "^0.1.5"
+d@1, d@^1.0.1:
+  version "1.0.1"
+  resolved "https://registry.npmjs.org/d/-/d-1.0.1.tgz#8698095372d58dbee346ffd0c7093f99f8f9eb5a"
+  integrity sha512-m62ShEObQ39CfralilEQRjH6oAMtNCV1xJyEx5LpRYUVN+EviphDgUc/F3hnYbADmkiNs67Y+3ylmlG7Lnu+FA==
+  dependencies:
+    es5-ext "^0.10.50"
+    type "^1.0.1"
+es5-ext@^0.10.35, es5-ext@^0.10.45, es5-ext@^0.10.46, es5-ext@^0.10.50, es5-ext@^0.10.62, es5-ext@~0.10.14, es5-ext@~0.10.2, es5-ext@~0.10.46:
+  version "0.10.63"
+  resolved "https://registry.yarnpkg.com/es5-ext/-/es5-ext-0.10.63.tgz#9c222a63b6a332ac80b1e373b426af723b895bd6"
+  integrity sha512-hUCZd2Byj/mNKjfP9jXrdVZ62B8KuA/VoK7X8nUh5qT+AxDmcbvZz041oDVZdbIN1qW6XY9VDNwzkvKnZvK2TQ==
+  dependencies:
+    es6-iterator "^2.0.3"
+    es6-symbol "^3.1.3"
+    esniff "^2.0.1"
+    next-tick "^1.1.0"
+es6-iterator@^2.0.3:
+  version "2.0.3"
+  resolved "https://registry.npmjs.org/es6-iterator/-/es6-iterator-2.0.3.tgz#a7de889141a05a94b0854403b2d0a0fbfa98f3b7"
+  integrity sha1-p96IkUGgWpSwhUQDstCg+/qY87c=
+  dependencies:
+    d "1"
+    es5-ext "^0.10.35"
+    es6-symbol "^3.1.1"
+es6-symbol@^3.1.1, es6-symbol@^3.1.3:
+  version "3.1.3"
+  resolved "https://registry.npmjs.org/es6-symbol/-/es6-symbol-3.1.3.tgz#bad5d3c1bcdac28269f4cb331e431c78ac705d18"
+  integrity sha512-NJ6Yn3FuDinBaBRWl/q5X/s4koRHBrgKAu+yGI6JCBeiu3qrcbJhwT2GeR/EXVfylRk8dpQVJoLEFhK+Mu31NA==
+  dependencies:
+    d "^1.0.1"
+    ext "^1.1.2"
+es6-weak-map@^2.0.2:
+  version "2.0.3"
+  resolved "https://registry.npmjs.org/es6-weak-map/-/es6-weak-map-2.0.3.tgz#b6da1f16cc2cc0d9be43e6bdbfc5e7dfcdf31d53"
+  integrity sha512-p5um32HOTO1kP+w7PRnB+5lQ43Z6muuMuIMffvDN8ZB4GcnjLBV6zGStpbASIMk4DCAvEaamhe2zhyCb/QXXsA==
+  dependencies:
+    d "1"
+    es5-ext "^0.10.46"
+    es6-iterator "^2.0.3"
+    es6-symbol "^3.1.1"
+esniff@^2.0.1:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/esniff/-/esniff-2.0.1.tgz#a4d4b43a5c71c7ec51c51098c1d8a29081f9b308"
+  integrity sha512-kTUIGKQ/mDPFoJ0oVfcmyJn4iBDRptjNVIzwIFR7tqWXdVI9xfA2RMwY/gbSpJG3lkdWNEjLap/NqVHZiJsdfg==
+  dependencies:
+    d "^1.0.1"
+    es5-ext "^0.10.62"
+    event-emitter "^0.3.5"
+    type "^2.7.2"
+event-emitter@^0.3.5:
+  version "0.3.5"
+  resolved "https://registry.npmjs.org/event-emitter/-/event-emitter-0.3.5.tgz#df8c69eef1647923c7157b9ce83840610b02cc39"
+  integrity sha1-34xp7vFkeSPHFXuc6DhAYQsCzDk=
+  dependencies:
+    d "1"
+    es5-ext "~0.10.14"
+ext@^1.1.2:
+  version "1.4.0"
+  resolved "https://registry.npmjs.org/ext/-/ext-1.4.0.tgz#89ae7a07158f79d35517882904324077e4379244"
+  integrity sha512-Key5NIsUxdqKg3vIsdw9dSuXpPCQ297y6wBjL30edxwPgt2E44WcWBZey/ZvUc6sERLTxKdyCu4gZFmUbk1Q7A==
+  dependencies:
+    type "^2.0.0"
+extend@^3.0.2:
+  version "3.0.2"
+  resolved "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz#f8b1136b4071fbd8eb140aff858b1019ec2915fa"
+  integrity sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==
+iftype@^4.0.9:
+  version "4.0.9"
+  resolved "https://registry.npmjs.org/iftype/-/iftype-4.0.9.tgz#3803c91d518a699720cfba7a9e47c0268664f106"
+  integrity sha512-01Klo+04dkDzY193D1GVfOdQzmpqaYFJTAlZKRztkT/BOaU7sSnvxGimSln+7DMqLUP4tpDTNFgxqVPLYZVypA==
+is-promise@^2.1:
+  version "2.2.2"
+  resolved "https://registry.npmjs.org/is-promise/-/is-promise-2.2.2.tgz#39ab959ccbf9a774cf079f7b40c7a26f763135f1"
+  integrity sha512-+lP4/6lKUBfQjZ2pdxThZvLUAafmZb8OAxFb8XXtiQmS35INgr85hdOGoEs124ez1FCnZJt6jau/T+alh58QFQ==
+lru-queue@0.1:
+  version "0.1.0"
+  resolved "https://registry.npmjs.org/lru-queue/-/lru-queue-0.1.0.tgz#2738bd9f0d3cf4f84490c5736c48699ac632cda3"
+  integrity sha1-Jzi9nw089PhEkMVzbEhpmsYyzaM=
+  dependencies:
+    es5-ext "~0.10.2"
+memoizee@^0.4.14:
+  version "0.4.14"
+  resolved "https://registry.npmjs.org/memoizee/-/memoizee-0.4.14.tgz#07a00f204699f9a95c2d9e77218271c7cd610d57"
+  integrity sha512-/SWFvWegAIYAO4NQMpcX+gcra0yEZu4OntmUdrBaWrJncxOqAziGFlHxc7yjKVK2uu3lpPW27P27wkR82wA8mg==
+  dependencies:
+    d "1"
+    es5-ext "^0.10.45"
+    es6-weak-map "^2.0.2"
+    event-emitter "^0.3.5"
+    is-promise "^2.1"
+    lru-queue "0.1"
+    next-tick "1"
+    timers-ext "^0.1.5"
+next-tick@1, next-tick@^1.1.0:
+  version "1.1.0"
+  resolved "https://registry.npmjs.org/next-tick/-/next-tick-1.1.0.tgz#1836ee30ad56d67ef281b22bd199f709449b35eb"
+  integrity sha512-CXdUiJembsNjuToQvxayPZF9Vqht7hewsvy2sOWafLvi2awflj9mOC6bHIg50orX8IJvWKY9wYQ/zB2kogPslQ==
+objnest@^5.0.6:
+  version "5.0.10"
+  resolved "https://registry.npmjs.org/objnest/-/objnest-5.0.10.tgz#90e43b11870502fcb445e97fcf402499f5f75c75"
+  integrity sha512-sIXiWbzbaOszhnaioxGyaLvBUF86nnEX/zgTrGskEJsXEqjBwLCsVy+a7Na93mW474lvtSIc3tOYiaXgHQw7Mg==
+  dependencies:
+    abind "^1.0.4"
+    extend "^3.0.2"
+timers-ext@^0.1.5:
+  version "0.1.7"
+  resolved "https://registry.npmjs.org/timers-ext/-/timers-ext-0.1.7.tgz#6f57ad8578e07a3fb9f91d9387d65647555e25c6"
+  integrity sha512-b85NUNzTSdodShTIbky6ZF02e8STtVVfD+fu4aXXShEELpozH+bCpJLYMPZbsABN2wDH7fJpqIoXxJpzbf0NqQ==
+  dependencies:
+    es5-ext "~0.10.46"
+    next-tick "1"
+type@^1.0.1:
+  version "1.2.0"
+  resolved "https://registry.npmjs.org/type/-/type-1.2.0.tgz#848dd7698dafa3e54a6c479e759c4bc3f18847a0"
+  integrity sha512-+5nt5AAniqsCnu2cEQQdpzCAh33kVx8n0VoFidKpB1dVVLAN/F+bgVOqOJqOnEnrhp222clB5p3vUlD+1QAnfg==
+type@^2.0.0:
+  version "2.1.0"
+  resolved "https://registry.npmjs.org/type/-/type-2.1.0.tgz#9bdc22c648cf8cf86dd23d32336a41cfb6475e3f"
+  integrity sha512-G9absDWvhAWCV2gmF1zKud3OyC61nZDwWvBL2DApaVFogI07CprggiQAOOjvp2NRjYWFzPyu7vwtDrQFq8jeSA==
+type@^2.7.2:
+  version "2.7.2"
+  resolved "https://registry.yarnpkg.com/type/-/type-2.7.2.tgz#2376a15a3a28b1efa0f5350dcf72d24df6ef98d0"
+  integrity sha512-dzlvlNlt6AXU7EBSfpAscydQ7gXB+pPGsPnfJnZpiNJBDj7IaJzQlBZYGdEi4R9HmPdBv2XmWJ6YUtoTa7lmCw==

data/helpers/test/yarn/fixtures/conflicting-dependency-parser/simple/package.json ADDED Viewed

@@ -0,0 +1,14 @@
+{
+  "name": "test",
+  "version": "1.0.0",
+  "description": "",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "author": "",
+  "license": "ISC",
+  "dependencies": {
+    "objnest": "^4.1.2"
+  }
+}

data/helpers/test/yarn/fixtures/conflicting-dependency-parser/simple/yarn.lock ADDED Viewed

@@ -0,0 +1,21 @@
+# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
+# yarn lockfile v1
+abind@^1.0.0:
+  version "1.0.5"
+  resolved "https://registry.npmjs.org/abind/-/abind-1.0.5.tgz#9fa11e51ebf0fe8a60a316b28a2a85a0bc08495e"
+  integrity sha512-dbaEZphdPje0ihqSdWg36Sb8S20TuqQomiz2593oIx+enQ9Q4vDZRjIzhnkWltGRKVKqC28kTribkgRLBexWVQ==
+extend@^3.0.0:
+  version "3.0.2"
+  resolved "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz#f8b1136b4071fbd8eb140aff858b1019ec2915fa"
+  integrity sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==
+objnest@^4.1.2:
+  version "4.1.4"
+  resolved "https://registry.npmjs.org/objnest/-/objnest-4.1.4.tgz#4a03b9a366a6d738165ae4938e1cdec6bb02b89f"
+  integrity sha512-8IpltsOlYtRHpiisBVx6xYkHTScU0EGHSk1tTopjUbm4RfSmMbDVkaclIs6K+Z8hFod9CxDmshDEdTs9CiUfbg==
+  dependencies:
+    abind "^1.0.0"
+    extend "^3.0.0"

data/helpers/test/yarn/fixtures/updater/illegal_character/package.json ADDED Viewed

@@ -0,0 +1,8 @@
+{
+  "name": "@colend-contract-helpers",
+  "dependencies": {
+    "@commitlint/cli": "^15.0.0",
+    "is-positive": "^3.1.0",
+    "left-pad": "^1.1.3"
+  }
+}

data/helpers/test/yarn/fixtures/updater/illegal_character/yarn.lock ADDED Viewed

@@ -0,0 +1,14 @@
+# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
+# yarn lockfile v1
+"@commitlint/cli@^15.0.0":
+  version "15.0.0"
+  resolved "https://registry.yarnpkg.com/@commitlint/cli/-/cli-15.0.0.tgz#8e78e86ee2b6955c1a5d140e734a6c171ce367ee"
+"is-positive@^3.1.0":
+  version "3.1.0"
+  resolved "https://registry.yarnpkg.com/is-positive/-/is-positive-3.1.0.tgz#857db584a1ba5d1cb2980527fc3b6c435d37b0fd"
+"left-pad@^1.0.0":
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/left-pad/-/left-pad-1.0.0.tgz#c84e2417581bbb8eaf2b9e3d7a122e572ab1af37"

data/helpers/test/yarn/fixtures/updater/original/package.json ADDED Viewed

@@ -0,0 +1,6 @@
+{
+  "dependencies": {
+    "is-positive": "^3.1.0",
+    "left-pad": "^1.1.3"
+  }
+}

data/helpers/test/yarn/fixtures/updater/original/yarn.lock ADDED Viewed

@@ -0,0 +1,11 @@
+# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
+# yarn lockfile v1
+is-positive@^3.1.0:
+  version "3.1.0"
+  resolved "https://registry.yarnpkg.com/is-positive/-/is-positive-3.1.0.tgz#857db584a1ba5d1cb2980527fc3b6c435d37b0fd"
+left-pad@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/left-pad/-/left-pad-1.0.0.tgz#c84e2417581bbb8eaf2b9e3d7a122e572ab1af37"

data/helpers/test/yarn/fixtures/updater/updated/yarn.lock ADDED Viewed

@@ -0,0 +1,12 @@
+# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
+# yarn lockfile v1
+is-positive@^3.1.0:
+  version "3.1.0"
+  resolved "https://registry.yarnpkg.com/is-positive/-/is-positive-3.1.0.tgz#857db584a1ba5d1cb2980527fc3b6c435d37b0fd"
+left-pad@^1.1.3:
+  version "1.1.3"
+  resolved "https://registry.yarnpkg.com/left-pad/-/left-pad-1.1.3.tgz#612f61c033f3a9e08e939f1caebeea41b6f3199a"
+  integrity sha512-m3z9QHpSXmd2H8Z5jnSXbGONPty4dFQfH1QpGgivzrEzICgsi50j9S+aGc77EaLoHpbw0BzP5+k1pp2UajTRuw==

data/helpers/test/yarn/fixtures/updater/with-version-comments/package.json ADDED Viewed

@@ -0,0 +1,5 @@
+{
+  "dependencies": {
+    "left-pad": "^1.1.3"
+  }
+}

data/helpers/test/yarn/fixtures/updater/with-version-comments/yarn.lock ADDED Viewed

@@ -0,0 +1,13 @@
+# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
+# yarn lockfile v1
+# yarn v0.0.0-0
+# node v0.0.0
+is-positive@^3.1.0:
+  version "3.1.0"
+  resolved "https://registry.yarnpkg.com/is-positive/-/is-positive-3.1.0.tgz#857db584a1ba5d1cb2980527fc3b6c435d37b0fd"
+left-pad@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/left-pad/-/left-pad-1.0.0.tgz#c84e2417581bbb8eaf2b9e3d7a122e572ab1af37"

data/helpers/test/yarn/helpers.js ADDED Viewed

@@ -0,0 +1,18 @@
+const path = require("path");
+const fs = require("fs");
+module.exports = {
+  loadFixture: (fixturePath) =>
+    fs.readFileSync(path.join(__dirname, "fixtures", fixturePath)).toString(),
+  copyDependencies: (sourceDir, destDir) => {
+    const srcPackageJson = path.join(
+      __dirname,
+      `fixtures/${sourceDir}/package.json`
+    );
+    fs.copyFileSync(srcPackageJson, `${destDir}/package.json`);
+    const srcLockfile = path.join(__dirname, `fixtures/${sourceDir}/yarn.lock`);
+    fs.copyFileSync(srcLockfile, `${destDir}/yarn.lock`);
+  },
+};

data/helpers/test/yarn/updater.test.js ADDED Viewed

@@ -0,0 +1,117 @@
+const path = require("path");
+const os = require("os");
+const fs = require("fs");
+const { updateDependencyFiles } = require("../../lib/yarn/updater");
+const helpers = require("./helpers");
+describe("updater", () => {
+  let tempDir;
+  beforeEach(() => {
+    tempDir = fs.mkdtempSync(os.tmpdir() + path.sep);
+  });
+  afterEach(() => fs.rm(tempDir, { recursive: true }, () => {}));
+  function copyDependencies(sourceDir, destDir) {
+    const srcPackageJson = path.join(
+      __dirname,
+      `fixtures/updater/${sourceDir}/package.json`
+    );
+    fs.copyFileSync(srcPackageJson, `${destDir}/package.json`);
+    const srcYarnLock = path.join(
+      __dirname,
+      `fixtures/updater/${sourceDir}/yarn.lock`
+    );
+    fs.copyFileSync(srcYarnLock, `${destDir}/yarn.lock`);
+  }
+  it("generates an updated yarn.lock", async () => {
+    copyDependencies("original", tempDir);
+    const result = await updateDependencyFiles(tempDir, [
+      {
+        name: "left-pad",
+        version: "1.1.3",
+        requirements: [{ file: "package.json", groups: ["dependencies"] }],
+      },
+    ]);
+    expect(result).toEqual({
+      "yarn.lock": helpers.loadFixture("updater/updated/yarn.lock"),
+    });
+  });
+  it("doesn't modify existing version comments", async () => {
+    copyDependencies("with-version-comments", tempDir);
+    const result = await updateDependencyFiles(tempDir, [
+      {
+        name: "left-pad",
+        version: "1.1.3",
+        requirements: [{ file: "package.json", groups: ["dependencies"] }],
+      },
+    ]);
+    expect(result["yarn.lock"]).toContain("\n# yarn v0.0.0-0\n");
+    expect(result["yarn.lock"]).toContain("\n# node v0.0.0\n");
+  });
+  it("doesn't add version comments if they're not already there", async () => {
+    copyDependencies("original", tempDir);
+    const result = await updateDependencyFiles(tempDir, [
+      {
+        name: "left-pad",
+        version: "1.1.3",
+        requirements: [{ file: "package.json", groups: ["dependencies"] }],
+      },
+    ]);
+    expect(result["yarn.lock"]).not.toContain("\n# yarn v");
+    expect(result["yarn.lock"]).not.toContain("\n# node");
+  });
+  it("doesn't show an interactive prompt when resolution fails", async () => {
+    copyDependencies("original", tempDir);
+    expect.assertions(1);
+    try {
+      // Change this test if left-pad ever reaches v99.99.99
+      await updateDependencyFiles(tempDir, [
+        {
+          name: "left-pad",
+          version: "99.99.99",
+          requirements: [{ file: "package.json", groups: ["dependencies"] }],
+        },
+      ]);
+    } catch (error) {
+      expect(error).not.toBeNull();
+    }
+  });
+  it("with a package.json which contains illegal character '@' in the name", async () => {
+    copyDependencies("illegal_character", tempDir);
+    try {
+      await updateDependencyFiles(tempDir, [
+          {
+            name: "@commitlint/cli",
+            version: "19.3.0",
+            requirements: [
+              {
+                requirement: "^19.3.0",
+                file: "package.json",
+                groups: ["devDependencies"],
+                source:
+                  {
+                    type: "registry",
+                    url: "https://registry.yarnpkg.com"
+                  }
+              }
+            ]
+          }
+        ]
+      );
+    } catch (error) {
+      expect(error).not.toBeNull();
+      expect(error.message).toEqual("package.json: Name contains illegal characters")
+    }
+  });
+});

data/lib/dependabot/bun/bun_package_manager.rb ADDED Viewed

@@ -0,0 +1,47 @@
+# typed: strong
+# frozen_string_literal: true
+module Dependabot
+  module Bun
+    class BunPackageManager < Ecosystem::VersionManager
+      extend T::Sig
+      NAME = "bun"
+      LOCKFILE_NAME = "bun.lock"
+      RC_FILENAME = ".npmrc"
+      # In Bun 1.1.39, the lockfile format was changed from a binary bun.lockb to a text-based bun.lock.
+      # https://bun.sh/blog/bun-lock-text-lockfile
+      MIN_SUPPORTED_VERSION = Version.new("1.1.39")
+      SUPPORTED_VERSIONS = T.let([MIN_SUPPORTED_VERSION].freeze, T::Array[Dependabot::Version])
+      DEPRECATED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
+      sig do
+        params(
+          detected_version: T.nilable(String),
+          raw_version: T.nilable(String),
+          requirement: T.nilable(Dependabot::Bun::Requirement)
+        ).void
+      end
+      def initialize(detected_version: nil, raw_version: nil, requirement: nil)
+        super(
+          name: NAME,
+          detected_version: detected_version ? Version.new(detected_version) : nil,
+          version: raw_version ? Version.new(raw_version) : nil,
+          deprecated_versions: DEPRECATED_VERSIONS,
+          supported_versions: SUPPORTED_VERSIONS,
+          requirement: requirement
+        )
+      end
+      sig { override.returns(T::Boolean) }
+      def deprecated?
+        false
+      end
+      sig { override.returns(T::Boolean) }
+      def unsupported?
+        false
+      end
+    end
+  end
+end