dependabot-composer 0.112.13 → 0.112.14
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ec045c6643c947a26fd27cd96387d9a4d7bb3a16acfe6c420608451806cbb925
|
4
|
+
data.tar.gz: 27408a5151879a65b03ce2c56bf152e4a68d5bc1e28cb636df527838bda22c01
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: df2c112c12f6329b51378924eda9ae6d38c094cc6937fb4c3939f47c8eece6033b91805b122ab3cc9e507dcbf14983af380e7435d3a4d49444fce514bb372319
|
7
|
+
data.tar.gz: 82c6456e9a5d8f53cb2b970be143eb0361226be58670a5022baf97e4b2bd29f237720f530011344824cdf162e2bed276e0e3c4015b2105c92fcc026d88012b15
|
@@ -126,7 +126,8 @@ module Dependabot
|
|
126
126
|
# rubocop:disable Metrics/PerceivedComplexity
|
127
127
|
def handle_composer_errors(error)
|
128
128
|
if error.message.include?("package requires php") ||
|
129
|
-
error.message.include?("requested PHP extension")
|
129
|
+
error.message.include?("requested PHP extension") ||
|
130
|
+
!library? && error.message.match?(MISSING_PLATFORM_REQ_REGEX)
|
130
131
|
missing_extensions =
|
131
132
|
error.message.scan(MISSING_PLATFORM_REQ_REGEX).
|
132
133
|
map do |extension_string|
|
@@ -194,6 +195,10 @@ module Dependabot
|
|
194
195
|
# rubocop:enable Metrics/MethodLength
|
195
196
|
# rubocop:enable Metrics/PerceivedComplexity
|
196
197
|
|
198
|
+
def library?
|
199
|
+
parsed_composer_json["type"] == "library"
|
200
|
+
end
|
201
|
+
|
197
202
|
def write_temporary_dependency_files
|
198
203
|
path_dependencies.each do |file|
|
199
204
|
path = file.name
|
@@ -411,15 +416,30 @@ module Dependabot
|
|
411
416
|
end
|
412
417
|
|
413
418
|
def initial_platform
|
414
|
-
|
419
|
+
platform_php = parsed_composer_json.dig("config", "platform", "php")
|
420
|
+
|
421
|
+
platform = {}
|
422
|
+
if platform_php.is_a?(String) && requirement_valid?(platform_php)
|
423
|
+
platform["php"] = [platform_php]
|
424
|
+
end
|
425
|
+
|
426
|
+
# Note: We *don't* include the require-dev PHP version in our initial
|
427
|
+
# platform. If we fail to resolve with the PHP version specified in
|
428
|
+
# `require` then it will be picked up in a subsequent iteration.
|
429
|
+
requirement_php = parsed_composer_json.dig("require", "php")
|
430
|
+
return platform unless requirement_php.is_a?(String)
|
431
|
+
return platform unless requirement_valid?(requirement_php)
|
415
432
|
|
416
|
-
|
417
|
-
|
418
|
-
|
419
|
-
|
420
|
-
return {} if php_requirements.empty?
|
433
|
+
platform["php"] ||= []
|
434
|
+
platform["php"] << requirement_php
|
435
|
+
platform
|
436
|
+
end
|
421
437
|
|
422
|
-
|
438
|
+
def requirement_valid?(req_string)
|
439
|
+
Composer::Requirement.requirements_array(req_string)
|
440
|
+
true
|
441
|
+
rescue Gem::Requirement::BadRequirementError
|
442
|
+
false
|
423
443
|
end
|
424
444
|
|
425
445
|
def parsed_composer_json
|
@@ -219,7 +219,8 @@ module Dependabot
|
|
219
219
|
error.message.include?("does not allow connections to http://")
|
220
220
|
raise Dependabot::DependencyFileNotResolvable, sanitized_message
|
221
221
|
elsif error.message.include?("package requires php") ||
|
222
|
-
error.message.include?("requested PHP extension")
|
222
|
+
error.message.include?("requested PHP extension") ||
|
223
|
+
!library? && error.message.match?(MISSING_PLATFORM_REQ_REGEX)
|
223
224
|
missing_extensions =
|
224
225
|
error.message.scan(MISSING_PLATFORM_REQ_REGEX).
|
225
226
|
map do |extension_string|
|
@@ -284,6 +285,10 @@ module Dependabot
|
|
284
285
|
# rubocop:enable Metrics/CyclomaticComplexity
|
285
286
|
# rubocop:enable Metrics/MethodLength
|
286
287
|
|
288
|
+
def library?
|
289
|
+
parsed_composer_file["type"] == "library"
|
290
|
+
end
|
291
|
+
|
287
292
|
def check_original_requirements_resolvable
|
288
293
|
base_directory = dependency_files.first.directory
|
289
294
|
SharedHelpers.in_a_temporary_directory(base_directory) do
|
@@ -352,14 +357,23 @@ module Dependabot
|
|
352
357
|
end
|
353
358
|
|
354
359
|
def initial_platform
|
355
|
-
|
360
|
+
platform_php = parsed_composer_file.dig("config", "platform", "php")
|
361
|
+
|
362
|
+
platform = {}
|
363
|
+
if platform_php.is_a?(String) && requirement_valid?(platform_php)
|
364
|
+
platform["php"] = [platform_php]
|
365
|
+
end
|
356
366
|
|
357
367
|
# Note: We *don't* include the require-dev PHP version in our initial
|
358
368
|
# platform. If we fail to resolve with the PHP version specified in
|
359
369
|
# `require` then it will be picked up in a subsequent iteration.
|
360
|
-
|
370
|
+
requirement_php = parsed_composer_file.dig("require", "php")
|
371
|
+
return platform unless requirement_php.is_a?(String)
|
372
|
+
return platform unless requirement_valid?(requirement_php)
|
361
373
|
|
362
|
-
|
374
|
+
platform["php"] ||= []
|
375
|
+
platform["php"] << requirement_php
|
376
|
+
platform
|
363
377
|
end
|
364
378
|
|
365
379
|
def parsed_composer_file
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-composer
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.112.
|
4
|
+
version: 0.112.14
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.112.
|
19
|
+
version: 0.112.14
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.112.
|
26
|
+
version: 0.112.14
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: byebug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|