dependabot-composer 0.106.21 → 0.106.22
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/composer/file_fetcher.rb +14 -6
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d2f5772d25886d6e5a7409a13461aeea67c76d309cfce8003ad1073afb5b6f4f
|
|
4
|
+
data.tar.gz: 89e22e4cedd9ea6450362533ba34eb771ce30810133cccb877dfe61391effbca
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 242170687eed60aa2c851bb0b751bc8abed48da23751466a294ce0c91836c96a280b77cccb5b8a54891039e2fb055f7128d5b2c647d44f87e14a91806d78a096
|
|
7
|
+
data.tar.gz: fa11fe85ca4c7ab7019641ae7ff2341868bae8e705fa78bb11669f9d392cdbd45ca9084c6b1375cb32a77612a3e8b25334782a130af8c9659a43302d7c504916
|
|
@@ -77,12 +77,14 @@ module Dependabot
|
|
|
77
77
|
|
|
78
78
|
def path_sources
|
|
79
79
|
@path_sources ||=
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
80
|
+
begin
|
|
81
|
+
repos = parsed_composer_json.fetch("repositories", [])
|
|
82
|
+
repos = repos.values if repos.is_a?(Hash)
|
|
83
|
+
|
|
84
|
+
repos.
|
|
85
|
+
select { |details| details["type"] == "path" }.
|
|
86
|
+
map { |details| details["url"] }
|
|
87
|
+
end
|
|
86
88
|
end
|
|
87
89
|
|
|
88
90
|
def build_unfetchable_deps(unfetchable_deps)
|
|
@@ -117,6 +119,12 @@ module Dependabot
|
|
|
117
119
|
end
|
|
118
120
|
end
|
|
119
121
|
|
|
122
|
+
def parsed_composer_json
|
|
123
|
+
@parsed_composer_json ||= JSON.parse(composer_json.content)
|
|
124
|
+
rescue JSON::ParserError
|
|
125
|
+
raise Dependabot::DependencyFileNotParseable, composer_json.path
|
|
126
|
+
end
|
|
127
|
+
|
|
120
128
|
def parsed_lockfile
|
|
121
129
|
return {} unless composer_lock
|
|
122
130
|
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-composer
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.106.
|
|
4
|
+
version: 0.106.22
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.106.
|
|
19
|
+
version: 0.106.22
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.106.
|
|
26
|
+
version: 0.106.22
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|