dependabot-composer 0.112.6 → 0.112.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/helpers/build +1 -0
  3. data/helpers/composer.json +4 -2
  4. data/helpers/composer.lock +798 -1
  5. data/helpers/phpstan.neon +7 -0
  6. data/lib/dependabot/composer/file_updater/lockfile_updater.rb +68 -24
  7. data/lib/dependabot/composer/update_checker/version_resolver.rb +39 -7
  8. metadata +5 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 29f8a35782f66dd5206d0492b1a0f8ad3034f2bd9c8f09e847fc43239ed406a7
4
- data.tar.gz: eff6e2f0bf9546ab25ff6110c6fda08139fb162d0901f742aea26bb28155186b
3
+ metadata.gz: 9d2ce55c91b22fc62fa96505ae1e60d4b8beb59ed865c53d3284865b50bb2e4d
4
+ data.tar.gz: f4d65654f703d1fa626c829965259409b7b93f17868d028c07544f79ec52ebe2
5
5
  SHA512:
6
- metadata.gz: a8acaa9c400c643346b1ef8912e2365fb48ebb154c78e29d98d1df611a7ad05c3045e2124e5e2cc4a4c9ef87a43c377ef19e51a8b124fb9a7ca219691e30f8ad
7
- data.tar.gz: 63ebbf013a5384c9431744e4250e03566e7221bbf85883b4f3c688068279c52a7f4aeaef07475cf6bcca30ce7c58d265491c40126fd1e340140fdb8c56a41b40
6
+ metadata.gz: a9bd15ff5149cad2be1e1bbbb61c08c1675f4d7741bada18cad2a3d6314044b4154cfe05f49e61ac5f56de3b9379d4973ed414401827f0f001333fe4fe824264
7
+ data.tar.gz: 9798ec06cbcf1b3a274a02eab2c1f02afbc7693a69af811d722aba8d800c2cc10eaefc8dd6cc3159a79b38079c2e75ee483ff6ad67e824eb9af71f73513490ec
data/helpers/build CHANGED
@@ -14,3 +14,4 @@ cd "$helpers_dir"
14
14
  composer validate --no-check-publish
15
15
  composer install
16
16
  composer run lint -- --dry-run
17
+ composer run stan
data/helpers/composer.json CHANGED
@@ -5,7 +5,8 @@
5
5
  "composer/composer": "^1.8"
6
6
  },
7
7
  "require-dev": {
8
- "friendsofphp/php-cs-fixer": "^2.9"
8
+ "friendsofphp/php-cs-fixer": "^2.9",
9
+ "phpstan/phpstan": "~0.11.15"
9
10
  },
10
11
  "autoload": {
11
12
  "psr-4": {
@@ -15,7 +16,8 @@
15
16
  "scripts": {
16
17
  "lint": [
17
18
  "php-cs-fixer fix --diff --verbose"
18
- ]
19
+ ],
20
+ "stan": "phpstan analyse"
19
21
  },
20
22
  "config": {
21
23
  "sort-packages": true
data/helpers/composer.lock CHANGED
@@ -4,7 +4,7 @@
4
4
  "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
5
5
  "This file is @generated automatically"
6
6
  ],
7
- "content-hash": "9334db84b58cb747a3d462d165a75240",
7
+ "content-hash": "248b713ebbb38284784387540a494556",
8
8
  "packages": [
9
9
  {
10
10
  "name": "composer/ca-bundle",
@@ -1231,6 +1231,681 @@
1231
1231
  "description": "A tool to automatically fix PHP code style",
1232
1232
  "time": "2019-06-01T10:32:12+00:00"
1233
1233
  },
1234
+ {
1235
+ "name": "jean85/pretty-package-versions",
1236
+ "version": "1.2",
1237
+ "source": {
1238
+ "type": "git",
1239
+ "url": "https://github.com/Jean85/pretty-package-versions.git",
1240
+ "reference": "75c7effcf3f77501d0e0caa75111aff4daa0dd48"
1241
+ },
1242
+ "dist": {
1243
+ "type": "zip",
1244
+ "url": "https://api.github.com/repos/Jean85/pretty-package-versions/zipball/75c7effcf3f77501d0e0caa75111aff4daa0dd48",
1245
+ "reference": "75c7effcf3f77501d0e0caa75111aff4daa0dd48",
1246
+ "shasum": ""
1247
+ },
1248
+ "require": {
1249
+ "ocramius/package-versions": "^1.2.0",
1250
+ "php": "^7.0"
1251
+ },
1252
+ "require-dev": {
1253
+ "phpunit/phpunit": "^6.0"
1254
+ },
1255
+ "type": "library",
1256
+ "extra": {
1257
+ "branch-alias": {
1258
+ "dev-master": "1.x-dev"
1259
+ }
1260
+ },
1261
+ "autoload": {
1262
+ "psr-4": {
1263
+ "Jean85\\": "src/"
1264
+ }
1265
+ },
1266
+ "notification-url": "https://packagist.org/downloads/",
1267
+ "license": [
1268
+ "MIT"
1269
+ ],
1270
+ "authors": [
1271
+ {
1272
+ "name": "Alessandro Lai",
1273
+ "email": "alessandro.lai85@gmail.com"
1274
+ }
1275
+ ],
1276
+ "description": "A wrapper for ocramius/package-versions to get pretty versions strings",
1277
+ "keywords": [
1278
+ "composer",
1279
+ "package",
1280
+ "release",
1281
+ "versions"
1282
+ ],
1283
+ "time": "2018-06-13T13:22:40+00:00"
1284
+ },
1285
+ {
1286
+ "name": "nette/bootstrap",
1287
+ "version": "v3.0.0",
1288
+ "source": {
1289
+ "type": "git",
1290
+ "url": "https://github.com/nette/bootstrap.git",
1291
+ "reference": "e1075af05c211915e03e0c86542f3ba5433df4a3"
1292
+ },
1293
+ "dist": {
1294
+ "type": "zip",
1295
+ "url": "https://api.github.com/repos/nette/bootstrap/zipball/e1075af05c211915e03e0c86542f3ba5433df4a3",
1296
+ "reference": "e1075af05c211915e03e0c86542f3ba5433df4a3",
1297
+ "shasum": ""
1298
+ },
1299
+ "require": {
1300
+ "nette/di": "^3.0",
1301
+ "nette/utils": "^3.0",
1302
+ "php": ">=7.1"
1303
+ },
1304
+ "require-dev": {
1305
+ "latte/latte": "^2.2",
1306
+ "nette/application": "^3.0",
1307
+ "nette/caching": "^3.0",
1308
+ "nette/database": "^3.0",
1309
+ "nette/forms": "^3.0",
1310
+ "nette/http": "^3.0",
1311
+ "nette/mail": "^3.0",
1312
+ "nette/robot-loader": "^3.0",
1313
+ "nette/safe-stream": "^2.2",
1314
+ "nette/security": "^3.0",
1315
+ "nette/tester": "^2.0",
1316
+ "tracy/tracy": "^2.6"
1317
+ },
1318
+ "suggest": {
1319
+ "nette/robot-loader": "to use Configurator::createRobotLoader()",
1320
+ "tracy/tracy": "to use Configurator::enableTracy()"
1321
+ },
1322
+ "type": "library",
1323
+ "extra": {
1324
+ "branch-alias": {
1325
+ "dev-master": "3.0-dev"
1326
+ }
1327
+ },
1328
+ "autoload": {
1329
+ "classmap": [
1330
+ "src/"
1331
+ ]
1332
+ },
1333
+ "notification-url": "https://packagist.org/downloads/",
1334
+ "license": [
1335
+ "BSD-3-Clause",
1336
+ "GPL-2.0",
1337
+ "GPL-3.0"
1338
+ ],
1339
+ "authors": [
1340
+ {
1341
+ "name": "David Grudl",
1342
+ "homepage": "https://davidgrudl.com"
1343
+ },
1344
+ {
1345
+ "name": "Nette Community",
1346
+ "homepage": "https://nette.org/contributors"
1347
+ }
1348
+ ],
1349
+ "description": "🅱 Nette Bootstrap: the simple way to configure and bootstrap your Nette application.",
1350
+ "homepage": "https://nette.org",
1351
+ "keywords": [
1352
+ "bootstrapping",
1353
+ "configurator",
1354
+ "nette"
1355
+ ],
1356
+ "time": "2019-03-26T12:59:07+00:00"
1357
+ },
1358
+ {
1359
+ "name": "nette/di",
1360
+ "version": "v3.0.1",
1361
+ "source": {
1362
+ "type": "git",
1363
+ "url": "https://github.com/nette/di.git",
1364
+ "reference": "4aff517a1c6bb5c36fa09733d4cea089f529de6d"
1365
+ },
1366
+ "dist": {
1367
+ "type": "zip",
1368
+ "url": "https://api.github.com/repos/nette/di/zipball/4aff517a1c6bb5c36fa09733d4cea089f529de6d",
1369
+ "reference": "4aff517a1c6bb5c36fa09733d4cea089f529de6d",
1370
+ "shasum": ""
1371
+ },
1372
+ "require": {
1373
+ "ext-tokenizer": "*",
1374
+ "nette/neon": "^3.0",
1375
+ "nette/php-generator": "^3.2.2",
1376
+ "nette/robot-loader": "^3.2",
1377
+ "nette/schema": "^1.0",
1378
+ "nette/utils": "^3.0",
1379
+ "php": ">=7.1"
1380
+ },
1381
+ "conflict": {
1382
+ "nette/bootstrap": "<3.0"
1383
+ },
1384
+ "require-dev": {
1385
+ "nette/tester": "^2.2",
1386
+ "tracy/tracy": "^2.3"
1387
+ },
1388
+ "type": "library",
1389
+ "extra": {
1390
+ "branch-alias": {
1391
+ "dev-master": "3.0-dev"
1392
+ }
1393
+ },
1394
+ "autoload": {
1395
+ "classmap": [
1396
+ "src/"
1397
+ ],
1398
+ "files": [
1399
+ "src/compatibility.php"
1400
+ ]
1401
+ },
1402
+ "notification-url": "https://packagist.org/downloads/",
1403
+ "license": [
1404
+ "BSD-3-Clause",
1405
+ "GPL-2.0",
1406
+ "GPL-3.0"
1407
+ ],
1408
+ "authors": [
1409
+ {
1410
+ "name": "David Grudl",
1411
+ "homepage": "https://davidgrudl.com"
1412
+ },
1413
+ {
1414
+ "name": "Nette Community",
1415
+ "homepage": "https://nette.org/contributors"
1416
+ }
1417
+ ],
1418
+ "description": "💎 Nette Dependency Injection Container: Flexible, compiled and full-featured DIC with perfectly usable autowiring and support for all new PHP 7.1 features.",
1419
+ "homepage": "https://nette.org",
1420
+ "keywords": [
1421
+ "compiled",
1422
+ "di",
1423
+ "dic",
1424
+ "factory",
1425
+ "ioc",
1426
+ "nette",
1427
+ "static"
1428
+ ],
1429
+ "time": "2019-08-07T12:11:33+00:00"
1430
+ },
1431
+ {
1432
+ "name": "nette/finder",
1433
+ "version": "v2.5.0",
1434
+ "source": {
1435
+ "type": "git",
1436
+ "url": "https://github.com/nette/finder.git",
1437
+ "reference": "6be1b83ea68ac558aff189d640abe242e0306fe2"
1438
+ },
1439
+ "dist": {
1440
+ "type": "zip",
1441
+ "url": "https://api.github.com/repos/nette/finder/zipball/6be1b83ea68ac558aff189d640abe242e0306fe2",
1442
+ "reference": "6be1b83ea68ac558aff189d640abe242e0306fe2",
1443
+ "shasum": ""
1444
+ },
1445
+ "require": {
1446
+ "nette/utils": "^2.4 || ~3.0.0",
1447
+ "php": ">=7.1"
1448
+ },
1449
+ "conflict": {
1450
+ "nette/nette": "<2.2"
1451
+ },
1452
+ "require-dev": {
1453
+ "nette/tester": "^2.0",
1454
+ "tracy/tracy": "^2.3"
1455
+ },
1456
+ "type": "library",
1457
+ "extra": {
1458
+ "branch-alias": {
1459
+ "dev-master": "2.5-dev"
1460
+ }
1461
+ },
1462
+ "autoload": {
1463
+ "classmap": [
1464
+ "src/"
1465
+ ]
1466
+ },
1467
+ "notification-url": "https://packagist.org/downloads/",
1468
+ "license": [
1469
+ "BSD-3-Clause",
1470
+ "GPL-2.0",
1471
+ "GPL-3.0"
1472
+ ],
1473
+ "authors": [
1474
+ {
1475
+ "name": "David Grudl",
1476
+ "homepage": "https://davidgrudl.com"
1477
+ },
1478
+ {
1479
+ "name": "Nette Community",
1480
+ "homepage": "https://nette.org/contributors"
1481
+ }
1482
+ ],
1483
+ "description": "? Nette Finder: find files and directories with an intuitive API.",
1484
+ "homepage": "https://nette.org",
1485
+ "keywords": [
1486
+ "filesystem",
1487
+ "glob",
1488
+ "iterator",
1489
+ "nette"
1490
+ ],
1491
+ "time": "2019-02-28T18:13:25+00:00"
1492
+ },
1493
+ {
1494
+ "name": "nette/neon",
1495
+ "version": "v3.0.0",
1496
+ "source": {
1497
+ "type": "git",
1498
+ "url": "https://github.com/nette/neon.git",
1499
+ "reference": "cbff32059cbdd8720deccf9e9eace6ee516f02eb"
1500
+ },
1501
+ "dist": {
1502
+ "type": "zip",
1503
+ "url": "https://api.github.com/repos/nette/neon/zipball/cbff32059cbdd8720deccf9e9eace6ee516f02eb",
1504
+ "reference": "cbff32059cbdd8720deccf9e9eace6ee516f02eb",
1505
+ "shasum": ""
1506
+ },
1507
+ "require": {
1508
+ "ext-iconv": "*",
1509
+ "ext-json": "*",
1510
+ "php": ">=7.0"
1511
+ },
1512
+ "require-dev": {
1513
+ "nette/tester": "^2.0",
1514
+ "tracy/tracy": "^2.3"
1515
+ },
1516
+ "type": "library",
1517
+ "extra": {
1518
+ "branch-alias": {
1519
+ "dev-master": "3.0-dev"
1520
+ }
1521
+ },
1522
+ "autoload": {
1523
+ "classmap": [
1524
+ "src/"
1525
+ ]
1526
+ },
1527
+ "notification-url": "https://packagist.org/downloads/",
1528
+ "license": [
1529
+ "BSD-3-Clause",
1530
+ "GPL-2.0",
1531
+ "GPL-3.0"
1532
+ ],
1533
+ "authors": [
1534
+ {
1535
+ "name": "David Grudl",
1536
+ "homepage": "https://davidgrudl.com"
1537
+ },
1538
+ {
1539
+ "name": "Nette Community",
1540
+ "homepage": "https://nette.org/contributors"
1541
+ }
1542
+ ],
1543
+ "description": "? Nette NEON: encodes and decodes NEON file format.",
1544
+ "homepage": "http://ne-on.org",
1545
+ "keywords": [
1546
+ "export",
1547
+ "import",
1548
+ "neon",
1549
+ "nette",
1550
+ "yaml"
1551
+ ],
1552
+ "time": "2019-02-05T21:30:40+00:00"
1553
+ },
1554
+ {
1555
+ "name": "nette/php-generator",
1556
+ "version": "v3.2.3",
1557
+ "source": {
1558
+ "type": "git",
1559
+ "url": "https://github.com/nette/php-generator.git",
1560
+ "reference": "aea6e81437bb238e5f0e5b5ce06337433908e63b"
1561
+ },
1562
+ "dist": {
1563
+ "type": "zip",
1564
+ "url": "https://api.github.com/repos/nette/php-generator/zipball/aea6e81437bb238e5f0e5b5ce06337433908e63b",
1565
+ "reference": "aea6e81437bb238e5f0e5b5ce06337433908e63b",
1566
+ "shasum": ""
1567
+ },
1568
+ "require": {
1569
+ "nette/utils": "^2.4.2 || ~3.0.0",
1570
+ "php": ">=7.1"
1571
+ },
1572
+ "require-dev": {
1573
+ "nette/tester": "^2.0",
1574
+ "tracy/tracy": "^2.3"
1575
+ },
1576
+ "type": "library",
1577
+ "extra": {
1578
+ "branch-alias": {
1579
+ "dev-master": "3.2-dev"
1580
+ }
1581
+ },
1582
+ "autoload": {
1583
+ "classmap": [
1584
+ "src/"
1585
+ ]
1586
+ },
1587
+ "notification-url": "https://packagist.org/downloads/",
1588
+ "license": [
1589
+ "BSD-3-Clause",
1590
+ "GPL-2.0",
1591
+ "GPL-3.0"
1592
+ ],
1593
+ "authors": [
1594
+ {
1595
+ "name": "David Grudl",
1596
+ "homepage": "https://davidgrudl.com"
1597
+ },
1598
+ {
1599
+ "name": "Nette Community",
1600
+ "homepage": "https://nette.org/contributors"
1601
+ }
1602
+ ],
1603
+ "description": "🐘 Nette PHP Generator: generates neat PHP code for you. Supports new PHP 7.3 features.",
1604
+ "homepage": "https://nette.org",
1605
+ "keywords": [
1606
+ "code",
1607
+ "nette",
1608
+ "php",
1609
+ "scaffolding"
1610
+ ],
1611
+ "time": "2019-07-05T13:01:56+00:00"
1612
+ },
1613
+ {
1614
+ "name": "nette/robot-loader",
1615
+ "version": "v3.2.0",
1616
+ "source": {
1617
+ "type": "git",
1618
+ "url": "https://github.com/nette/robot-loader.git",
1619
+ "reference": "0712a0e39ae7956d6a94c0ab6ad41aa842544b5c"
1620
+ },
1621
+ "dist": {
1622
+ "type": "zip",
1623
+ "url": "https://api.github.com/repos/nette/robot-loader/zipball/0712a0e39ae7956d6a94c0ab6ad41aa842544b5c",
1624
+ "reference": "0712a0e39ae7956d6a94c0ab6ad41aa842544b5c",
1625
+ "shasum": ""
1626
+ },
1627
+ "require": {
1628
+ "ext-tokenizer": "*",
1629
+ "nette/finder": "^2.5",
1630
+ "nette/utils": "^3.0",
1631
+ "php": ">=7.1"
1632
+ },
1633
+ "require-dev": {
1634
+ "nette/tester": "^2.0",
1635
+ "tracy/tracy": "^2.3"
1636
+ },
1637
+ "type": "library",
1638
+ "extra": {
1639
+ "branch-alias": {
1640
+ "dev-master": "3.2-dev"
1641
+ }
1642
+ },
1643
+ "autoload": {
1644
+ "classmap": [
1645
+ "src/"
1646
+ ]
1647
+ },
1648
+ "notification-url": "https://packagist.org/downloads/",
1649
+ "license": [
1650
+ "BSD-3-Clause",
1651
+ "GPL-2.0",
1652
+ "GPL-3.0"
1653
+ ],
1654
+ "authors": [
1655
+ {
1656
+ "name": "David Grudl",
1657
+ "homepage": "https://davidgrudl.com"
1658
+ },
1659
+ {
1660
+ "name": "Nette Community",
1661
+ "homepage": "https://nette.org/contributors"
1662
+ }
1663
+ ],
1664
+ "description": "? Nette RobotLoader: high performance and comfortable autoloader that will search and autoload classes within your application.",
1665
+ "homepage": "https://nette.org",
1666
+ "keywords": [
1667
+ "autoload",
1668
+ "class",
1669
+ "interface",
1670
+ "nette",
1671
+ "trait"
1672
+ ],
1673
+ "time": "2019-03-08T21:57:24+00:00"
1674
+ },
1675
+ {
1676
+ "name": "nette/schema",
1677
+ "version": "v1.0.0",
1678
+ "source": {
1679
+ "type": "git",
1680
+ "url": "https://github.com/nette/schema.git",
1681
+ "reference": "6241d8d4da39e825dd6cb5bfbe4242912f4d7e4d"
1682
+ },
1683
+ "dist": {
1684
+ "type": "zip",
1685
+ "url": "https://api.github.com/repos/nette/schema/zipball/6241d8d4da39e825dd6cb5bfbe4242912f4d7e4d",
1686
+ "reference": "6241d8d4da39e825dd6cb5bfbe4242912f4d7e4d",
1687
+ "shasum": ""
1688
+ },
1689
+ "require": {
1690
+ "nette/utils": "^3.0.1",
1691
+ "php": ">=7.1"
1692
+ },
1693
+ "require-dev": {
1694
+ "nette/tester": "^2.2",
1695
+ "tracy/tracy": "^2.3"
1696
+ },
1697
+ "type": "library",
1698
+ "extra": {
1699
+ "branch-alias": {
1700
+ "dev-master": "1.0-dev"
1701
+ }
1702
+ },
1703
+ "autoload": {
1704
+ "classmap": [
1705
+ "src/"
1706
+ ]
1707
+ },
1708
+ "notification-url": "https://packagist.org/downloads/",
1709
+ "license": [
1710
+ "BSD-3-Clause",
1711
+ "GPL-2.0",
1712
+ "GPL-3.0"
1713
+ ],
1714
+ "authors": [
1715
+ {
1716
+ "name": "David Grudl",
1717
+ "homepage": "https://davidgrudl.com"
1718
+ },
1719
+ {
1720
+ "name": "Nette Community",
1721
+ "homepage": "https://nette.org/contributors"
1722
+ }
1723
+ ],
1724
+ "description": "📐 Nette Schema: validating data structures against a given Schema.",
1725
+ "homepage": "https://nette.org",
1726
+ "keywords": [
1727
+ "config",
1728
+ "nette"
1729
+ ],
1730
+ "time": "2019-04-03T15:53:25+00:00"
1731
+ },
1732
+ {
1733
+ "name": "nette/utils",
1734
+ "version": "v3.0.1",
1735
+ "source": {
1736
+ "type": "git",
1737
+ "url": "https://github.com/nette/utils.git",
1738
+ "reference": "bd961f49b211997202bda1d0fbc410905be370d4"
1739
+ },
1740
+ "dist": {
1741
+ "type": "zip",
1742
+ "url": "https://api.github.com/repos/nette/utils/zipball/bd961f49b211997202bda1d0fbc410905be370d4",
1743
+ "reference": "bd961f49b211997202bda1d0fbc410905be370d4",
1744
+ "shasum": ""
1745
+ },
1746
+ "require": {
1747
+ "php": ">=7.1"
1748
+ },
1749
+ "require-dev": {
1750
+ "nette/tester": "~2.0",
1751
+ "tracy/tracy": "^2.3"
1752
+ },
1753
+ "suggest": {
1754
+ "ext-gd": "to use Image",
1755
+ "ext-iconv": "to use Strings::webalize() and toAscii()",
1756
+ "ext-intl": "to use Strings::webalize(), toAscii(), normalize() and compare()",
1757
+ "ext-json": "to use Nette\\Utils\\Json",
1758
+ "ext-mbstring": "to use Strings::lower() etc...",
1759
+ "ext-xml": "to use Strings::length() etc. when mbstring is not available"
1760
+ },
1761
+ "type": "library",
1762
+ "extra": {
1763
+ "branch-alias": {
1764
+ "dev-master": "3.0-dev"
1765
+ }
1766
+ },
1767
+ "autoload": {
1768
+ "classmap": [
1769
+ "src/"
1770
+ ]
1771
+ },
1772
+ "notification-url": "https://packagist.org/downloads/",
1773
+ "license": [
1774
+ "BSD-3-Clause",
1775
+ "GPL-2.0",
1776
+ "GPL-3.0"
1777
+ ],
1778
+ "authors": [
1779
+ {
1780
+ "name": "David Grudl",
1781
+ "homepage": "https://davidgrudl.com"
1782
+ },
1783
+ {
1784
+ "name": "Nette Community",
1785
+ "homepage": "https://nette.org/contributors"
1786
+ }
1787
+ ],
1788
+ "description": "🛠 Nette Utils: lightweight utilities for string & array manipulation, image handling, safe JSON encoding/decoding, validation, slug or strong password generating etc.",
1789
+ "homepage": "https://nette.org",
1790
+ "keywords": [
1791
+ "array",
1792
+ "core",
1793
+ "datetime",
1794
+ "images",
1795
+ "json",
1796
+ "nette",
1797
+ "paginator",
1798
+ "password",
1799
+ "slugify",
1800
+ "string",
1801
+ "unicode",
1802
+ "utf-8",
1803
+ "utility",
1804
+ "validation"
1805
+ ],
1806
+ "time": "2019-03-22T01:00:30+00:00"
1807
+ },
1808
+ {
1809
+ "name": "nikic/php-parser",
1810
+ "version": "v4.2.3",
1811
+ "source": {
1812
+ "type": "git",
1813
+ "url": "https://github.com/nikic/PHP-Parser.git",
1814
+ "reference": "e612609022e935f3d0337c1295176505b41188c8"
1815
+ },
1816
+ "dist": {
1817
+ "type": "zip",
1818
+ "url": "https://api.github.com/repos/nikic/PHP-Parser/zipball/e612609022e935f3d0337c1295176505b41188c8",
1819
+ "reference": "e612609022e935f3d0337c1295176505b41188c8",
1820
+ "shasum": ""
1821
+ },
1822
+ "require": {
1823
+ "ext-tokenizer": "*",
1824
+ "php": ">=7.0"
1825
+ },
1826
+ "require-dev": {
1827
+ "phpunit/phpunit": "^6.5 || ^7.0 || ^8.0"
1828
+ },
1829
+ "bin": [
1830
+ "bin/php-parse"
1831
+ ],
1832
+ "type": "library",
1833
+ "extra": {
1834
+ "branch-alias": {
1835
+ "dev-master": "4.2-dev"
1836
+ }
1837
+ },
1838
+ "autoload": {
1839
+ "psr-4": {
1840
+ "PhpParser\\": "lib/PhpParser"
1841
+ }
1842
+ },
1843
+ "notification-url": "https://packagist.org/downloads/",
1844
+ "license": [
1845
+ "BSD-3-Clause"
1846
+ ],
1847
+ "authors": [
1848
+ {
1849
+ "name": "Nikita Popov"
1850
+ }
1851
+ ],
1852
+ "description": "A PHP parser written in PHP",
1853
+ "keywords": [
1854
+ "parser",
1855
+ "php"
1856
+ ],
1857
+ "time": "2019-08-12T20:17:41+00:00"
1858
+ },
1859
+ {
1860
+ "name": "ocramius/package-versions",
1861
+ "version": "1.4.0",
1862
+ "source": {
1863
+ "type": "git",
1864
+ "url": "https://github.com/Ocramius/PackageVersions.git",
1865
+ "reference": "a4d4b60d0e60da2487bd21a2c6ac089f85570dbb"
1866
+ },
1867
+ "dist": {
1868
+ "type": "zip",
1869
+ "url": "https://api.github.com/repos/Ocramius/PackageVersions/zipball/a4d4b60d0e60da2487bd21a2c6ac089f85570dbb",
1870
+ "reference": "a4d4b60d0e60da2487bd21a2c6ac089f85570dbb",
1871
+ "shasum": ""
1872
+ },
1873
+ "require": {
1874
+ "composer-plugin-api": "^1.0.0",
1875
+ "php": "^7.1.0"
1876
+ },
1877
+ "require-dev": {
1878
+ "composer/composer": "^1.6.3",
1879
+ "doctrine/coding-standard": "^5.0.1",
1880
+ "ext-zip": "*",
1881
+ "infection/infection": "^0.7.1",
1882
+ "phpunit/phpunit": "^7.0.0"
1883
+ },
1884
+ "type": "composer-plugin",
1885
+ "extra": {
1886
+ "class": "PackageVersions\\Installer",
1887
+ "branch-alias": {
1888
+ "dev-master": "2.0.x-dev"
1889
+ }
1890
+ },
1891
+ "autoload": {
1892
+ "psr-4": {
1893
+ "PackageVersions\\": "src/PackageVersions"
1894
+ }
1895
+ },
1896
+ "notification-url": "https://packagist.org/downloads/",
1897
+ "license": [
1898
+ "MIT"
1899
+ ],
1900
+ "authors": [
1901
+ {
1902
+ "name": "Marco Pivetta",
1903
+ "email": "ocramius@gmail.com"
1904
+ }
1905
+ ],
1906
+ "description": "Composer plugin that provides efficient querying for installed package versions (no runtime IO)",
1907
+ "time": "2019-02-21T12:16:21+00:00"
1908
+ },
1234
1909
  {
1235
1910
  "name": "paragonie/random_compat",
1236
1911
  "version": "v9.99.99",
@@ -1327,6 +2002,128 @@
1327
2002
  ],
1328
2003
  "time": "2018-02-15T16:58:55+00:00"
1329
2004
  },
2005
+ {
2006
+ "name": "phpstan/phpdoc-parser",
2007
+ "version": "0.3.5",
2008
+ "source": {
2009
+ "type": "git",
2010
+ "url": "https://github.com/phpstan/phpdoc-parser.git",
2011
+ "reference": "8c4ef2aefd9788238897b678a985e1d5c8df6db4"
2012
+ },
2013
+ "dist": {
2014
+ "type": "zip",
2015
+ "url": "https://api.github.com/repos/phpstan/phpdoc-parser/zipball/8c4ef2aefd9788238897b678a985e1d5c8df6db4",
2016
+ "reference": "8c4ef2aefd9788238897b678a985e1d5c8df6db4",
2017
+ "shasum": ""
2018
+ },
2019
+ "require": {
2020
+ "php": "~7.1"
2021
+ },
2022
+ "require-dev": {
2023
+ "consistence/coding-standard": "^3.5",
2024
+ "jakub-onderka/php-parallel-lint": "^0.9.2",
2025
+ "phing/phing": "^2.16.0",
2026
+ "phpstan/phpstan": "^0.10",
2027
+ "phpunit/phpunit": "^6.3",
2028
+ "slevomat/coding-standard": "^4.7.2",
2029
+ "squizlabs/php_codesniffer": "^3.3.2",
2030
+ "symfony/process": "^3.4 || ^4.0"
2031
+ },
2032
+ "type": "library",
2033
+ "extra": {
2034
+ "branch-alias": {
2035
+ "dev-master": "0.3-dev"
2036
+ }
2037
+ },
2038
+ "autoload": {
2039
+ "psr-4": {
2040
+ "PHPStan\\PhpDocParser\\": [
2041
+ "src/"
2042
+ ]
2043
+ }
2044
+ },
2045
+ "notification-url": "https://packagist.org/downloads/",
2046
+ "license": [
2047
+ "MIT"
2048
+ ],
2049
+ "description": "PHPDoc parser with support for nullable, intersection and generic types",
2050
+ "time": "2019-06-07T19:13:52+00:00"
2051
+ },
2052
+ {
2053
+ "name": "phpstan/phpstan",
2054
+ "version": "0.11.15",
2055
+ "source": {
2056
+ "type": "git",
2057
+ "url": "https://github.com/phpstan/phpstan.git",
2058
+ "reference": "1be5b3a706db16ac472a4c40ec03cf4c810b118d"
2059
+ },
2060
+ "dist": {
2061
+ "type": "zip",
2062
+ "url": "https://api.github.com/repos/phpstan/phpstan/zipball/1be5b3a706db16ac472a4c40ec03cf4c810b118d",
2063
+ "reference": "1be5b3a706db16ac472a4c40ec03cf4c810b118d",
2064
+ "shasum": ""
2065
+ },
2066
+ "require": {
2067
+ "composer/xdebug-handler": "^1.3.0",
2068
+ "jean85/pretty-package-versions": "^1.0.3",
2069
+ "nette/bootstrap": "^2.4 || ^3.0",
2070
+ "nette/di": "^2.4.7 || ^3.0",
2071
+ "nette/robot-loader": "^3.0.1",
2072
+ "nette/schema": "^1.0",
2073
+ "nette/utils": "^2.4.5 || ^3.0",
2074
+ "nikic/php-parser": "^4.2.3",
2075
+ "php": "~7.1",
2076
+ "phpstan/phpdoc-parser": "^0.3.5",
2077
+ "symfony/console": "~3.2 || ~4.0",
2078
+ "symfony/finder": "~3.2 || ~4.0"
2079
+ },
2080
+ "conflict": {
2081
+ "symfony/console": "3.4.16 || 4.1.5"
2082
+ },
2083
+ "require-dev": {
2084
+ "brianium/paratest": "^2.0 || ^3.0",
2085
+ "consistence/coding-standard": "^3.5",
2086
+ "dealerdirect/phpcodesniffer-composer-installer": "^0.4.4",
2087
+ "ext-intl": "*",
2088
+ "ext-mysqli": "*",
2089
+ "ext-simplexml": "*",
2090
+ "ext-soap": "*",
2091
+ "ext-zip": "*",
2092
+ "jakub-onderka/php-parallel-lint": "^1.0",
2093
+ "localheinz/composer-normalize": "^1.1.0",
2094
+ "phing/phing": "^2.16.0",
2095
+ "phpstan/phpstan-deprecation-rules": "^0.11",
2096
+ "phpstan/phpstan-php-parser": "^0.11",
2097
+ "phpstan/phpstan-phpunit": "^0.11",
2098
+ "phpstan/phpstan-strict-rules": "^0.11",
2099
+ "phpunit/phpunit": "^7.5.14 || ^8.0",
2100
+ "slevomat/coding-standard": "^4.7.2",
2101
+ "squizlabs/php_codesniffer": "^3.3.2"
2102
+ },
2103
+ "bin": [
2104
+ "bin/phpstan"
2105
+ ],
2106
+ "type": "library",
2107
+ "extra": {
2108
+ "branch-alias": {
2109
+ "dev-master": "0.11-dev"
2110
+ }
2111
+ },
2112
+ "autoload": {
2113
+ "psr-4": {
2114
+ "PHPStan\\": [
2115
+ "src/",
2116
+ "build/PHPStan"
2117
+ ]
2118
+ }
2119
+ },
2120
+ "notification-url": "https://packagist.org/downloads/",
2121
+ "license": [
2122
+ "MIT"
2123
+ ],
2124
+ "description": "PHPStan - PHP Static Analysis Tool",
2125
+ "time": "2019-08-18T20:51:53+00:00"
2126
+ },
1330
2127
  {
1331
2128
  "name": "symfony/event-dispatcher",
1332
2129
  "version": "v4.3.0",
data/helpers/phpstan.neon ADDED
@@ -0,0 +1,7 @@
1
+ includes:
2
+ - vendor/phpstan/phpstan/conf/config.level5.neon
3
+
4
+ parameters:
5
+ inferPrivatePropertyTypeFromConstructor: true
6
+ paths:
7
+ - src
data/lib/dependabot/composer/file_updater/lockfile_updater.rb CHANGED
@@ -2,6 +2,7 @@
2
2
 
3
3
  require "dependabot/shared_helpers"
4
4
  require "dependabot/errors"
5
+ require "dependabot/composer/file_parser"
5
6
  require "dependabot/composer/file_updater"
6
7
  require "dependabot/composer/version"
7
8
  require "dependabot/composer/requirement"
@@ -69,6 +70,11 @@ module Dependabot
69
70
  retry_count ||= 0
70
71
  retry_count += 1
71
72
  retry if transitory_failure?(e) && retry_count <= 1
73
+ if locked_git_dep_error?(e) && retry_count <= 1
74
+ @lock_git_deps = false
75
+ retry
76
+ end
77
+
72
78
  handle_composer_errors(e)
73
79
  end
74
80
 
@@ -110,6 +116,10 @@ module Dependabot
110
116
  error.message.include?("Content-Length mismatch")
111
117
  end
112
118
 
119
+ def locked_git_dep_error?(error)
120
+ error.message.start_with?("Could not authenticate against")
121
+ end
122
+
113
123
  # rubocop:disable Metrics/AbcSize
114
124
  # rubocop:disable Metrics/CyclomaticComplexity
115
125
  # rubocop:disable Metrics/MethodLength
@@ -197,30 +207,15 @@ module Dependabot
197
207
  end
198
208
 
199
209
  def locked_composer_json_content
200
- tmp_content =
201
- dependencies.reduce(updated_composer_json_content) do |content, dep|
202
- updated_req = dep.version
203
- next content unless Composer::Version.correct?(updated_req)
204
-
205
- old_req =
206
- dep.requirements.find { |r| r[:file] == "composer.json" }&.
207
- fetch(:requirement)
208
-
209
- # When updating a subdep there won't be an old requirement
210
- next content unless old_req
211
-
212
- regex =
213
- /
214
- "#{Regexp.escape(dep.name)}"\s*:\s*
215
- "#{Regexp.escape(old_req)}"
216
- /x
217
-
218
- content.gsub(regex) do |declaration|
219
- declaration.gsub(%("#{old_req}"), %("#{updated_req}"))
220
- end
221
- end
210
+ content = updated_composer_json_content
211
+ content = lock_dependencies_being_updated(content)
212
+ content = lock_git_dependencies(content) if @lock_git_deps != false
213
+ content = add_temporary_platform_extensions(content)
214
+ content
215
+ end
222
216
 
223
- json = JSON.parse(tmp_content)
217
+ def add_temporary_platform_extensions(content)
218
+ json = JSON.parse(content)
224
219
 
225
220
  composer_platform_extensions.each do |extension, requirements|
226
221
  json["config"] ||= {}
@@ -232,6 +227,51 @@ module Dependabot
232
227
  JSON.dump(json)
233
228
  end
234
229
 
230
+ def lock_dependencies_being_updated(original_content)
231
+ dependencies.reduce(original_content) do |content, dep|
232
+ updated_req = dep.version
233
+ next content unless Composer::Version.correct?(updated_req)
234
+
235
+ old_req =
236
+ dep.requirements.find { |r| r[:file] == "composer.json" }&.
237
+ fetch(:requirement)
238
+
239
+ # When updating a subdep there won't be an old requirement
240
+ next content unless old_req
241
+
242
+ regex =
243
+ /
244
+ "#{Regexp.escape(dep.name)}"\s*:\s*
245
+ "#{Regexp.escape(old_req)}"
246
+ /x
247
+
248
+ content.gsub(regex) do |declaration|
249
+ declaration.gsub(%("#{old_req}"), %("#{updated_req}"))
250
+ end
251
+ end
252
+ end
253
+
254
+ def lock_git_dependencies(content)
255
+ json = JSON.parse(content)
256
+
257
+ FileParser::DEPENDENCY_GROUP_KEYS.each do |keys|
258
+ next unless json[keys[:manifest]]
259
+
260
+ json[keys[:manifest]].each do |name, req|
261
+ next unless req.start_with?("dev-")
262
+ next if req.include?("#")
263
+
264
+ commit_sha = parsed_lockfile.
265
+ fetch(keys[:lockfile], []).
266
+ find { |d| d["name"] == name }&.
267
+ dig("source", "reference")
268
+ json[keys[:manifest]][name] = req + "##{commit_sha}"
269
+ end
270
+ end
271
+
272
+ JSON.dump(json)
273
+ end
274
+
235
275
  def git_dependency_reference_error(error)
236
276
  ref = error.message.match(/checkout '(?<ref>.*?)'/).
237
277
  named_captures.fetch("ref")
@@ -383,7 +423,11 @@ module Dependabot
383
423
  end
384
424
 
385
425
  def parsed_composer_json
386
- JSON.parse(composer_json.content)
426
+ @parsed_composer_json ||= JSON.parse(composer_json.content)
427
+ end
428
+
429
+ def parsed_lockfile
430
+ @parsed_lockfile ||= JSON.parse(lockfile.content)
387
431
  end
388
432
 
389
433
  def composer_json
data/lib/dependabot/composer/update_checker/version_resolver.rb CHANGED
@@ -7,6 +7,7 @@ require "dependabot/composer/update_checker"
7
7
  require "dependabot/composer/version"
8
8
  require "dependabot/composer/requirement"
9
9
  require "dependabot/composer/native_helpers"
10
+ require "dependabot/composer/file_parser"
10
11
 
11
12
  # rubocop:disable Metrics/ClassLength
12
13
  module Dependabot
@@ -107,14 +108,20 @@ module Dependabot
107
108
 
108
109
  def prepared_composer_json_content(unlock_requirement: true)
109
110
  content = composer_file.content
111
+ content = unlock_dep_being_updated(content) if unlock_requirement
112
+ content = lock_git_dependencies(content) if lockfile
113
+ content = add_temporary_platform_extensions(content)
114
+ content
115
+ end
110
116
 
111
- if unlock_requirement
112
- content = content.gsub(
113
- /"#{Regexp.escape(dependency.name)}"\s*:\s*".*"/,
114
- %("#{dependency.name}": "#{updated_version_requirement_string}")
115
- )
116
- end
117
+ def unlock_dep_being_updated(content)
118
+ content.gsub(
119
+ /"#{Regexp.escape(dependency.name)}"\s*:\s*".*"/,
120
+ %("#{dependency.name}": "#{updated_version_requirement_string}")
121
+ )
122
+ end
117
123
 
124
+ def add_temporary_platform_extensions(content)
118
125
  json = JSON.parse(content)
119
126
 
120
127
  composer_platform_extensions.each do |extension, requirements|
@@ -127,6 +134,27 @@ module Dependabot
127
134
  JSON.dump(json)
128
135
  end
129
136
 
137
+ def lock_git_dependencies(content)
138
+ json = JSON.parse(content)
139
+
140
+ FileParser::DEPENDENCY_GROUP_KEYS.each do |keys|
141
+ next unless json[keys[:manifest]]
142
+
143
+ json[keys[:manifest]].each do |name, req|
144
+ next unless req.start_with?("dev-")
145
+ next if req.include?("#")
146
+
147
+ commit_sha = parsed_lockfile.
148
+ fetch(keys[:lockfile], []).
149
+ find { |d| d["name"] == name }&.
150
+ dig("source", "reference")
151
+ json[keys[:manifest]][name] = req + "##{commit_sha}"
152
+ end
153
+ end
154
+
155
+ JSON.dump(json)
156
+ end
157
+
130
158
  # rubocop:disable Metrics/AbcSize
131
159
  # rubocop:disable Metrics/PerceivedComplexity
132
160
  def updated_version_requirement_string
@@ -335,7 +363,11 @@ module Dependabot
335
363
  end
336
364
 
337
365
  def parsed_composer_file
338
- JSON.parse(composer_file.content)
366
+ @parsed_composer_file ||= JSON.parse(composer_file.content)
367
+ end
368
+
369
+ def parsed_lockfile
370
+ @parsed_lockfile ||= JSON.parse(lockfile.content)
339
371
  end
340
372
 
341
373
  def composer_file
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-composer
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.112.6
4
+ version: 0.112.7
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-08-20 00:00:00.000000000 Z
11
+ date: 2019-08-21 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.112.6
19
+ version: 0.112.7
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.112.6
26
+ version: 0.112.7
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -148,6 +148,7 @@ files:
148
148
  - helpers/build
149
149
  - helpers/composer.json
150
150
  - helpers/composer.lock
151
+ - helpers/phpstan.neon
151
152
  - helpers/setup.sh
152
153
  - helpers/src/DependabotInstallationManager.php
153
154
  - helpers/src/DependabotPluginManager.php