dependabot-bun 0.360.0 → 0.361.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/helpers/package-lock.json +6 -6
- data/lib/dependabot/bun/package_manager.rb +6 -28
- data/lib/dependabot/bun/version_selector.rb +6 -21
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1c83f0e46d9b9a17d6e7ec0fd31cffa0ee6c70d2f55b316273a6b759c13a0725
|
|
4
|
+
data.tar.gz: 0b38a073e2da7a34c1ec141bcba1fa24e99989f9c2a996abe4c9e61166e9c624
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6694dfe0415f20fca24ee95191806c885bdab451232613c9272443b39f9a8fc3e6d8ed2e7ec7419f0939f6402895c9d0a103732398980d12a261a75dba8bf4a2
|
|
7
|
+
data.tar.gz: 04d164686779098d9f043193ec876723019e18915f83035b1e2d4d4d953572a7791442a535b4db59e50d6bf8b3dc3dd9eff9aebd8084f82f405f658f85fcd585
|
data/helpers/package-lock.json
CHANGED
|
@@ -8380,9 +8380,9 @@
|
|
|
8380
8380
|
}
|
|
8381
8381
|
},
|
|
8382
8382
|
"node_modules/lodash": {
|
|
8383
|
-
"version": "4.17.
|
|
8384
|
-
"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.
|
|
8385
|
-
"integrity": "sha512-
|
|
8383
|
+
"version": "4.17.23",
|
|
8384
|
+
"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.23.tgz",
|
|
8385
|
+
"integrity": "sha512-LgVTMpQtIopCi79SJeDiP0TfWi5CNEc/L/aRdTh3yIvmZXTnheWpKjSZhnvMl8iXbC1tFg9gdHHDMLoV7CnG+w=="
|
|
8386
8386
|
},
|
|
8387
8387
|
"node_modules/lodash.clone": {
|
|
8388
8388
|
"version": "4.5.0",
|
|
@@ -22563,9 +22563,9 @@
|
|
|
22563
22563
|
}
|
|
22564
22564
|
},
|
|
22565
22565
|
"lodash": {
|
|
22566
|
-
"version": "4.17.
|
|
22567
|
-
"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.
|
|
22568
|
-
"integrity": "sha512-
|
|
22566
|
+
"version": "4.17.23",
|
|
22567
|
+
"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.23.tgz",
|
|
22568
|
+
"integrity": "sha512-LgVTMpQtIopCi79SJeDiP0TfWi5CNEc/L/aRdTh3yIvmZXTnheWpKjSZhnvMl8iXbC1tFg9gdHHDMLoV7CnG+w=="
|
|
22569
22569
|
},
|
|
22570
22570
|
"lodash.clone": {
|
|
22571
22571
|
"version": "4.5.0",
|
|
@@ -101,8 +101,6 @@ module Dependabot
|
|
|
101
101
|
@language_requirement ||= find_engine_constraints_as_requirement(Language::NAME)
|
|
102
102
|
end
|
|
103
103
|
|
|
104
|
-
# rubocop:disable Metrics/PerceivedComplexity
|
|
105
|
-
# rubocop:disable Metrics/AbcSize
|
|
106
104
|
sig { params(name: String).returns(T.nilable(Requirement)) }
|
|
107
105
|
def find_engine_constraints_as_requirement(name)
|
|
108
106
|
Dependabot.logger.info("Processing engine constraints for #{name}")
|
|
@@ -112,30 +110,12 @@ module Dependabot
|
|
|
112
110
|
raw_constraint = @engines[name].to_s.strip
|
|
113
111
|
return nil if raw_constraint.empty?
|
|
114
112
|
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
)
|
|
122
|
-
end
|
|
123
|
-
else
|
|
124
|
-
raw_constraints = raw_constraint.split
|
|
125
|
-
constraints = raw_constraints.map do |constraint|
|
|
126
|
-
case constraint
|
|
127
|
-
when /^\d+$/
|
|
128
|
-
">=#{constraint}.0.0 <#{constraint.to_i + 1}.0.0"
|
|
129
|
-
when /^\d+\.\d+$/
|
|
130
|
-
">=#{constraint} <#{constraint.split('.').first.to_i + 1}.0.0"
|
|
131
|
-
when /^\d+\.\d+\.\d+$/
|
|
132
|
-
"=#{constraint}"
|
|
133
|
-
else
|
|
134
|
-
Dependabot.logger.warn("Unrecognized constraint format for #{name}: #{constraint}")
|
|
135
|
-
constraint
|
|
136
|
-
end
|
|
137
|
-
end
|
|
138
|
-
|
|
113
|
+
constraints = ConstraintHelper.extract_ruby_constraints(raw_constraint)
|
|
114
|
+
# When constraints are invalid we return constraints array nil
|
|
115
|
+
if constraints.nil?
|
|
116
|
+
Dependabot.logger.warn(
|
|
117
|
+
"Unrecognized constraint format for #{name}: #{raw_constraint}"
|
|
118
|
+
)
|
|
139
119
|
end
|
|
140
120
|
|
|
141
121
|
if constraints && !constraints.empty?
|
|
@@ -146,8 +126,6 @@ module Dependabot
|
|
|
146
126
|
Dependabot.logger.error("Error processing constraints for #{name}: #{e.message}")
|
|
147
127
|
nil
|
|
148
128
|
end
|
|
149
|
-
# rubocop:enable Metrics/AbcSize
|
|
150
|
-
# rubocop:enable Metrics/PerceivedComplexity
|
|
151
129
|
|
|
152
130
|
# rubocop:disable Metrics/CyclomaticComplexity
|
|
153
131
|
# rubocop:disable Metrics/PerceivedComplexity
|
|
@@ -10,10 +10,6 @@ module Dependabot
|
|
|
10
10
|
extend T::Sig
|
|
11
11
|
extend T::Helpers
|
|
12
12
|
|
|
13
|
-
# For limited testing, allowing only specific versions defined in engines in package.json
|
|
14
|
-
# such as "20.8.7", "8.1.2", "8.21.2",
|
|
15
|
-
NODE_ENGINE_SUPPORTED_REGEX = /^\d+(?:\.\d+)*$/
|
|
16
|
-
|
|
17
13
|
# Sets up engine versions from the given manifest JSON.
|
|
18
14
|
#
|
|
19
15
|
# @param manifest_json [Hash] The manifest JSON containing version information.
|
|
@@ -35,27 +31,16 @@ module Dependabot
|
|
|
35
31
|
|
|
36
32
|
versions = {}
|
|
37
33
|
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
)
|
|
45
|
-
end
|
|
46
|
-
else
|
|
47
|
-
versions = engine_versions.select do |engine, value|
|
|
48
|
-
engine.to_s.match(name) && valid_extracted_version?(value)
|
|
49
|
-
end
|
|
34
|
+
engine_versions.each do |engine, value|
|
|
35
|
+
next unless engine.to_s == name
|
|
36
|
+
|
|
37
|
+
versions[name] = ConstraintHelper.find_highest_version_from_constraint_expression(
|
|
38
|
+
value, dependabot_versions
|
|
39
|
+
)
|
|
50
40
|
end
|
|
51
41
|
|
|
52
42
|
versions
|
|
53
43
|
end
|
|
54
|
-
|
|
55
|
-
sig { params(version: String).returns(T::Boolean) }
|
|
56
|
-
def valid_extracted_version?(version)
|
|
57
|
-
version.match?(NODE_ENGINE_SUPPORTED_REGEX)
|
|
58
|
-
end
|
|
59
44
|
end
|
|
60
45
|
end
|
|
61
46
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-bun
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.361.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -15,14 +15,14 @@ dependencies:
|
|
|
15
15
|
requirements:
|
|
16
16
|
- - '='
|
|
17
17
|
- !ruby/object:Gem::Version
|
|
18
|
-
version: 0.
|
|
18
|
+
version: 0.361.1
|
|
19
19
|
type: :runtime
|
|
20
20
|
prerelease: false
|
|
21
21
|
version_requirements: !ruby/object:Gem::Requirement
|
|
22
22
|
requirements:
|
|
23
23
|
- - '='
|
|
24
24
|
- !ruby/object:Gem::Version
|
|
25
|
-
version: 0.
|
|
25
|
+
version: 0.361.1
|
|
26
26
|
- !ruby/object:Gem::Dependency
|
|
27
27
|
name: debug
|
|
28
28
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -347,7 +347,7 @@ licenses:
|
|
|
347
347
|
- MIT
|
|
348
348
|
metadata:
|
|
349
349
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
350
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
350
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.361.1
|
|
351
351
|
rdoc_options: []
|
|
352
352
|
require_paths:
|
|
353
353
|
- lib
|