dependabot-composer 0.106.21 → 0.106.22

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ff45faee725e9e9bec628ed1ce4922d15cacd411f11337d8c50d5828645d6346
4
- data.tar.gz: e90397cd5858544e99b63294a906a99f585f7e4089bf0b0bb7be27e7829bdf3d
3
+ metadata.gz: d2f5772d25886d6e5a7409a13461aeea67c76d309cfce8003ad1073afb5b6f4f
4
+ data.tar.gz: 89e22e4cedd9ea6450362533ba34eb771ce30810133cccb877dfe61391effbca
5
5
  SHA512:
6
- metadata.gz: 25767dd93938cc8aec9f853063d25aeefa50ef5e40e6befb5c9fa49bb34905569e6353723725787fd28fc0f6825fbb484aac9ea92df9e873128aa17cfd506c9a
7
- data.tar.gz: 2f1b89aea0d13559d94133aa746a73845ace0e57ad20b7c5b71cf357275804efc43ea84626e49c3630226ae85ff741ba54bbfb547e3ac2886af13ed399a43281
6
+ metadata.gz: 242170687eed60aa2c851bb0b751bc8abed48da23751466a294ce0c91836c96a280b77cccb5b8a54891039e2fb055f7128d5b2c647d44f87e14a91806d78a096
7
+ data.tar.gz: fa11fe85ca4c7ab7019641ae7ff2341868bae8e705fa78bb11669f9d392cdbd45ca9084c6b1375cb32a77612a3e8b25334782a130af8c9659a43302d7c504916
@@ -77,12 +77,14 @@ module Dependabot
77
77
 
78
78
  def path_sources
79
79
  @path_sources ||=
80
- JSON.parse(composer_json.content).
81
- fetch("repositories", []).
82
- select { |details| details["type"] == "path" }.
83
- map { |details| details["url"] }
84
- rescue JSON::ParserError
85
- raise Dependabot::DependencyFileNotParseable, composer_json.path
80
+ begin
81
+ repos = parsed_composer_json.fetch("repositories", [])
82
+ repos = repos.values if repos.is_a?(Hash)
83
+
84
+ repos.
85
+ select { |details| details["type"] == "path" }.
86
+ map { |details| details["url"] }
87
+ end
86
88
  end
87
89
 
88
90
  def build_unfetchable_deps(unfetchable_deps)
@@ -117,6 +119,12 @@ module Dependabot
117
119
  end
118
120
  end
119
121
 
122
+ def parsed_composer_json
123
+ @parsed_composer_json ||= JSON.parse(composer_json.content)
124
+ rescue JSON::ParserError
125
+ raise Dependabot::DependencyFileNotParseable, composer_json.path
126
+ end
127
+
120
128
  def parsed_lockfile
121
129
  return {} unless composer_lock
122
130
 
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-composer
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.106.21
4
+ version: 0.106.22
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.106.21
19
+ version: 0.106.22
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.106.21
26
+ version: 0.106.22
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement