dependabot-common 0.108.16 → 0.108.17
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/dependency.rb +8 -4
- data/lib/dependabot/file_parsers/base/dependency_set.rb +15 -1
- data/lib/dependabot/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b104c6fea1ac38e48f4fd43c26eb145aaaf483e1ac89d12ed84b73925acb0cd8
|
|
4
|
+
data.tar.gz: 7be92dfffc8cb5c254df6348a8fa94c1f626851ef2b8474030b24b87fa3a7e8e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 51d85f77bb457af3ef71063d0a11ccda9d6d1830313afd63feb873ad019005548ce03bd1aa105bbbabe9a8a2182add39bbc16617febfd7f70238fe6765fccc9b
|
|
7
|
+
data.tar.gz: '068bcaddd580e1d6dae0c66798f6a4b0acf0892ff01aa72eaa7e7950090fc606f61d29b27ce8b3eb842927c91d9c3fe5a23d0c5a0050c71e2fcb1694a0abd9ad'
|
|
@@ -27,10 +27,12 @@ module Dependabot
|
|
|
27
27
|
end
|
|
28
28
|
|
|
29
29
|
attr_reader :name, :version, :requirements, :package_manager,
|
|
30
|
-
:previous_version, :previous_requirements
|
|
30
|
+
:previous_version, :previous_requirements,
|
|
31
|
+
:subdependency_metadata
|
|
31
32
|
|
|
32
33
|
def initialize(name:, requirements:, package_manager:, version: nil,
|
|
33
|
-
previous_version: nil, previous_requirements: nil
|
|
34
|
+
previous_version: nil, previous_requirements: nil,
|
|
35
|
+
subdependency_metadata: nil)
|
|
34
36
|
@name = name
|
|
35
37
|
@version = version
|
|
36
38
|
@requirements = requirements.map { |req| symbolize_keys(req) }
|
|
@@ -38,6 +40,7 @@ module Dependabot
|
|
|
38
40
|
@previous_requirements =
|
|
39
41
|
previous_requirements&.map { |req| symbolize_keys(req) }
|
|
40
42
|
@package_manager = package_manager
|
|
43
|
+
@subdependency_metadata = subdependency_metadata unless top_level?
|
|
41
44
|
|
|
42
45
|
check_values
|
|
43
46
|
end
|
|
@@ -53,8 +56,9 @@ module Dependabot
|
|
|
53
56
|
"requirements" => requirements,
|
|
54
57
|
"previous_version" => previous_version,
|
|
55
58
|
"previous_requirements" => previous_requirements,
|
|
56
|
-
"package_manager" => package_manager
|
|
57
|
-
|
|
59
|
+
"package_manager" => package_manager,
|
|
60
|
+
"subdependency_metadata" => subdependency_metadata
|
|
61
|
+
}.compact
|
|
58
62
|
end
|
|
59
63
|
|
|
60
64
|
def appears_in_lockfile?
|
|
@@ -60,6 +60,9 @@ module Dependabot
|
|
|
60
60
|
dependencies.find { |d| d.name&.downcase == name&.downcase }
|
|
61
61
|
end
|
|
62
62
|
|
|
63
|
+
# rubocop:disable Metrics/AbcSize
|
|
64
|
+
# rubocop:disable Metrics/CyclomaticComplexity
|
|
65
|
+
# rubocop:disable Metrics/PerceivedComplexity
|
|
63
66
|
def combined_dependency(old_dep, new_dep)
|
|
64
67
|
package_manager = old_dep.package_manager
|
|
65
68
|
v_cls = Utils.version_class_for_package_manager(package_manager)
|
|
@@ -75,13 +78,24 @@ module Dependabot
|
|
|
75
78
|
else new_dep.version
|
|
76
79
|
end
|
|
77
80
|
|
|
81
|
+
if old_dep.subdependency_metadata
|
|
82
|
+
subdependency_metadata = old_dep.subdependency_metadata.
|
|
83
|
+
merge(new_dep.subdependency_metadata || {})
|
|
84
|
+
elsif new_dep.subdependency_metadata
|
|
85
|
+
subdependency_metadata = new_dep.subdependency_metadata
|
|
86
|
+
end
|
|
87
|
+
|
|
78
88
|
Dependency.new(
|
|
79
89
|
name: old_dep.name,
|
|
80
90
|
version: new_version,
|
|
81
91
|
requirements: (old_dep.requirements + new_dep.requirements).uniq,
|
|
82
|
-
package_manager: package_manager
|
|
92
|
+
package_manager: package_manager,
|
|
93
|
+
subdependency_metadata: subdependency_metadata
|
|
83
94
|
)
|
|
84
95
|
end
|
|
96
|
+
# rubocop:enable Metrics/PerceivedComplexity
|
|
97
|
+
# rubocop:enable Metrics/CyclomaticComplexity
|
|
98
|
+
# rubocop:enable Metrics/AbcSize
|
|
85
99
|
end
|
|
86
100
|
end
|
|
87
101
|
end
|
data/lib/dependabot/version.rb
CHANGED