dependabot-composer 0.122.1 → 0.124.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/helpers/composer.lock +84 -66
  3. data/lib/dependabot/composer/update_checker.rb +5 -1
  4. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d31f1cc6e9eb92076d447bb1d4787f59ac485096bfb12b0cd1665be98d204981
4
- data.tar.gz: d50d9c59b53498e5d840efbf8c0c33404d518e9ee4a13dacb509ec5a14c3dcd1
3
+ metadata.gz: ebae335506539a9d32f822fc274f0ab77141605e30c03ec294516826d02c735b
4
+ data.tar.gz: 6644718d5039de0442ecfa240ec223a38d9eb97eaf58716c4fa2a744a3ed37c0
5
5
  SHA512:
6
- metadata.gz: 0ed7853e02601701f5386bd8ce961054e43b11fd1ca992b0b7b0542e745d3d1f317120a8665b6793655ab4fdaa261da35a126222e01fbfb9b402f1f4cb10b11f
7
- data.tar.gz: 8a2dbdfb9e59cf97efbc3c87eee4418740918766fb8abc06f0bafb61dd9be5891efbd0195d564793cb29b1429897233d29ed7de62eca0f78cc2615fb4a9e85e3
6
+ metadata.gz: 7f73e33389b08038dd82a8cd3b375bc4cbbbd1422f6b677b63a27a199097f88192ea620e640530e70dcf07c82e32e63e99ae8e829c0d8ceb921caf02637aa8e7
7
+ data.tar.gz: c89a4fcf96f67cdb419abd2c7db2237a636ac4dfb0e95dbd33f3f26a5e2cba5235188edc5de14f85a58f557809468d445e46498ecabdd453f50e0a81730d3c2c
data/helpers/composer.lock CHANGED
@@ -8,16 +8,16 @@
8
8
  "packages": [
9
9
  {
10
10
  "name": "composer/ca-bundle",
11
- "version": "1.2.7",
11
+ "version": "1.2.8",
12
12
  "source": {
13
13
  "type": "git",
14
14
  "url": "https://github.com/composer/ca-bundle.git",
15
- "reference": "95c63ab2117a72f48f5a55da9740a3273d45b7fd"
15
+ "reference": "8a7ecad675253e4654ea05505233285377405215"
16
16
  },
17
17
  "dist": {
18
18
  "type": "zip",
19
- "url": "https://api.github.com/repos/composer/ca-bundle/zipball/95c63ab2117a72f48f5a55da9740a3273d45b7fd",
20
- "reference": "95c63ab2117a72f48f5a55da9740a3273d45b7fd",
19
+ "url": "https://api.github.com/repos/composer/ca-bundle/zipball/8a7ecad675253e4654ea05505233285377405215",
20
+ "reference": "8a7ecad675253e4654ea05505233285377405215",
21
21
  "shasum": ""
22
22
  },
23
23
  "require": {
@@ -65,25 +65,29 @@
65
65
  "url": "https://packagist.com",
66
66
  "type": "custom"
67
67
  },
68
+ {
69
+ "url": "https://github.com/composer",
70
+ "type": "github"
71
+ },
68
72
  {
69
73
  "url": "https://tidelift.com/funding/github/packagist/composer/composer",
70
74
  "type": "tidelift"
71
75
  }
72
76
  ],
73
- "time": "2020-04-08T08:27:21+00:00"
77
+ "time": "2020-08-23T12:54:47+00:00"
74
78
  },
75
79
  {
76
80
  "name": "composer/composer",
77
- "version": "1.10.10",
81
+ "version": "1.10.16",
78
82
  "source": {
79
83
  "type": "git",
80
84
  "url": "https://github.com/composer/composer.git",
81
- "reference": "32966a3b1d48bc01472a8321fd6472b44fad033a"
85
+ "reference": "217f0272673c72087862c40cf91ac07eb438d778"
82
86
  },
83
87
  "dist": {
84
88
  "type": "zip",
85
- "url": "https://api.github.com/repos/composer/composer/zipball/32966a3b1d48bc01472a8321fd6472b44fad033a",
86
- "reference": "32966a3b1d48bc01472a8321fd6472b44fad033a",
89
+ "url": "https://api.github.com/repos/composer/composer/zipball/217f0272673c72087862c40cf91ac07eb438d778",
90
+ "reference": "217f0272673c72087862c40cf91ac07eb438d778",
87
91
  "shasum": ""
88
92
  },
89
93
  "require": {
@@ -164,20 +168,20 @@
164
168
  "type": "tidelift"
165
169
  }
166
170
  ],
167
- "time": "2020-08-03T09:35:19+00:00"
171
+ "time": "2020-10-24T07:55:59+00:00"
168
172
  },
169
173
  {
170
174
  "name": "composer/semver",
171
- "version": "1.5.1",
175
+ "version": "1.7.1",
172
176
  "source": {
173
177
  "type": "git",
174
178
  "url": "https://github.com/composer/semver.git",
175
- "reference": "c6bea70230ef4dd483e6bbcab6005f682ed3a8de"
179
+ "reference": "38276325bd896f90dfcfe30029aa5db40df387a7"
176
180
  },
177
181
  "dist": {
178
182
  "type": "zip",
179
- "url": "https://api.github.com/repos/composer/semver/zipball/c6bea70230ef4dd483e6bbcab6005f682ed3a8de",
180
- "reference": "c6bea70230ef4dd483e6bbcab6005f682ed3a8de",
183
+ "url": "https://api.github.com/repos/composer/semver/zipball/38276325bd896f90dfcfe30029aa5db40df387a7",
184
+ "reference": "38276325bd896f90dfcfe30029aa5db40df387a7",
181
185
  "shasum": ""
182
186
  },
183
187
  "require": {
@@ -225,7 +229,21 @@
225
229
  "validation",
226
230
  "versioning"
227
231
  ],
228
- "time": "2020-01-13T12:06:48+00:00"
232
+ "funding": [
233
+ {
234
+ "url": "https://packagist.com",
235
+ "type": "custom"
236
+ },
237
+ {
238
+ "url": "https://github.com/composer",
239
+ "type": "github"
240
+ },
241
+ {
242
+ "url": "https://tidelift.com/funding/github/packagist/composer/composer",
243
+ "type": "tidelift"
244
+ }
245
+ ],
246
+ "time": "2020-09-27T13:13:07+00:00"
229
247
  },
230
248
  {
231
249
  "name": "composer/spdx-licenses",
@@ -303,16 +321,16 @@
303
321
  },
304
322
  {
305
323
  "name": "composer/xdebug-handler",
306
- "version": "1.4.2",
324
+ "version": "1.4.4",
307
325
  "source": {
308
326
  "type": "git",
309
327
  "url": "https://github.com/composer/xdebug-handler.git",
310
- "reference": "fa2aaf99e2087f013a14f7432c1cd2dd7d8f1f51"
328
+ "reference": "6e076a124f7ee146f2487554a94b6a19a74887ba"
311
329
  },
312
330
  "dist": {
313
331
  "type": "zip",
314
- "url": "https://api.github.com/repos/composer/xdebug-handler/zipball/fa2aaf99e2087f013a14f7432c1cd2dd7d8f1f51",
315
- "reference": "fa2aaf99e2087f013a14f7432c1cd2dd7d8f1f51",
332
+ "url": "https://api.github.com/repos/composer/xdebug-handler/zipball/6e076a124f7ee146f2487554a94b6a19a74887ba",
333
+ "reference": "6e076a124f7ee146f2487554a94b6a19a74887ba",
316
334
  "shasum": ""
317
335
  },
318
336
  "require": {
@@ -357,7 +375,7 @@
357
375
  "type": "tidelift"
358
376
  }
359
377
  ],
360
- "time": "2020-06-04T11:16:35+00:00"
378
+ "time": "2020-10-24T12:39:10+00:00"
361
379
  },
362
380
  {
363
381
  "name": "justinrainbow/json-schema",
@@ -569,16 +587,16 @@
569
587
  },
570
588
  {
571
589
  "name": "seld/jsonlint",
572
- "version": "1.8.0",
590
+ "version": "1.8.2",
573
591
  "source": {
574
592
  "type": "git",
575
593
  "url": "https://github.com/Seldaek/jsonlint.git",
576
- "reference": "ff2aa5420bfbc296cf6a0bc785fa5b35736de7c1"
594
+ "reference": "590cfec960b77fd55e39b7d9246659e95dd6d337"
577
595
  },
578
596
  "dist": {
579
597
  "type": "zip",
580
- "url": "https://api.github.com/repos/Seldaek/jsonlint/zipball/ff2aa5420bfbc296cf6a0bc785fa5b35736de7c1",
581
- "reference": "ff2aa5420bfbc296cf6a0bc785fa5b35736de7c1",
598
+ "url": "https://api.github.com/repos/Seldaek/jsonlint/zipball/590cfec960b77fd55e39b7d9246659e95dd6d337",
599
+ "reference": "590cfec960b77fd55e39b7d9246659e95dd6d337",
582
600
  "shasum": ""
583
601
  },
584
602
  "require": {
@@ -624,7 +642,7 @@
624
642
  "type": "tidelift"
625
643
  }
626
644
  ],
627
- "time": "2020-04-30T19:05:18+00:00"
645
+ "time": "2020-08-25T06:56:57+00:00"
628
646
  },
629
647
  {
630
648
  "name": "seld/phar-utils",
@@ -744,16 +762,16 @@
744
762
  },
745
763
  {
746
764
  "name": "symfony/contracts",
747
- "version": "v1.1.9",
765
+ "version": "v1.1.10",
748
766
  "source": {
749
767
  "type": "git",
750
768
  "url": "https://github.com/symfony/contracts.git",
751
- "reference": "8c4de0cf797f2eba4334a1d7a9b788c1b30a7579"
769
+ "reference": "011c20407c4b99d454f44021d023fb39ce23b73d"
752
770
  },
753
771
  "dist": {
754
772
  "type": "zip",
755
- "url": "https://api.github.com/repos/symfony/contracts/zipball/8c4de0cf797f2eba4334a1d7a9b788c1b30a7579",
756
- "reference": "8c4de0cf797f2eba4334a1d7a9b788c1b30a7579",
773
+ "url": "https://api.github.com/repos/symfony/contracts/zipball/011c20407c4b99d454f44021d023fb39ce23b73d",
774
+ "reference": "011c20407c4b99d454f44021d023fb39ce23b73d",
757
775
  "shasum": ""
758
776
  },
759
777
  "require": {
@@ -831,20 +849,20 @@
831
849
  "type": "tidelift"
832
850
  }
833
851
  ],
834
- "time": "2020-07-29T14:46:19+00:00"
852
+ "time": "2020-09-02T16:08:58+00:00"
835
853
  },
836
854
  {
837
855
  "name": "symfony/filesystem",
838
- "version": "v5.1.3",
856
+ "version": "v5.1.7",
839
857
  "source": {
840
858
  "type": "git",
841
859
  "url": "https://github.com/symfony/filesystem.git",
842
- "reference": "6e4320f06d5f2cce0d96530162491f4465179157"
860
+ "reference": "1a8697545a8d87b9f2f6b1d32414199cc5e20aae"
843
861
  },
844
862
  "dist": {
845
863
  "type": "zip",
846
- "url": "https://api.github.com/repos/symfony/filesystem/zipball/6e4320f06d5f2cce0d96530162491f4465179157",
847
- "reference": "6e4320f06d5f2cce0d96530162491f4465179157",
864
+ "url": "https://api.github.com/repos/symfony/filesystem/zipball/1a8697545a8d87b9f2f6b1d32414199cc5e20aae",
865
+ "reference": "1a8697545a8d87b9f2f6b1d32414199cc5e20aae",
848
866
  "shasum": ""
849
867
  },
850
868
  "require": {
@@ -895,20 +913,20 @@
895
913
  "type": "tidelift"
896
914
  }
897
915
  ],
898
- "time": "2020-05-30T20:35:19+00:00"
916
+ "time": "2020-09-27T14:02:37+00:00"
899
917
  },
900
918
  {
901
919
  "name": "symfony/finder",
902
- "version": "v5.1.3",
920
+ "version": "v5.1.7",
903
921
  "source": {
904
922
  "type": "git",
905
923
  "url": "https://github.com/symfony/finder.git",
906
- "reference": "4298870062bfc667cb78d2b379be4bf5dec5f187"
924
+ "reference": "2c3ba7ad6884e6c4451ce2340e2dc23f6fa3e0d8"
907
925
  },
908
926
  "dist": {
909
927
  "type": "zip",
910
- "url": "https://api.github.com/repos/symfony/finder/zipball/4298870062bfc667cb78d2b379be4bf5dec5f187",
911
- "reference": "4298870062bfc667cb78d2b379be4bf5dec5f187",
928
+ "url": "https://api.github.com/repos/symfony/finder/zipball/2c3ba7ad6884e6c4451ce2340e2dc23f6fa3e0d8",
929
+ "reference": "2c3ba7ad6884e6c4451ce2340e2dc23f6fa3e0d8",
912
930
  "shasum": ""
913
931
  },
914
932
  "require": {
@@ -958,24 +976,24 @@
958
976
  "type": "tidelift"
959
977
  }
960
978
  ],
961
- "time": "2020-05-20T17:43:50+00:00"
979
+ "time": "2020-09-02T16:23:27+00:00"
962
980
  },
963
981
  {
964
982
  "name": "symfony/polyfill-ctype",
965
- "version": "v1.18.0",
983
+ "version": "v1.20.0",
966
984
  "source": {
967
985
  "type": "git",
968
986
  "url": "https://github.com/symfony/polyfill-ctype.git",
969
- "reference": "1c302646f6efc070cd46856e600e5e0684d6b454"
987
+ "reference": "f4ba089a5b6366e453971d3aad5fe8e897b37f41"
970
988
  },
971
989
  "dist": {
972
990
  "type": "zip",
973
- "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/1c302646f6efc070cd46856e600e5e0684d6b454",
974
- "reference": "1c302646f6efc070cd46856e600e5e0684d6b454",
991
+ "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/f4ba089a5b6366e453971d3aad5fe8e897b37f41",
992
+ "reference": "f4ba089a5b6366e453971d3aad5fe8e897b37f41",
975
993
  "shasum": ""
976
994
  },
977
995
  "require": {
978
- "php": ">=5.3.3"
996
+ "php": ">=7.1"
979
997
  },
980
998
  "suggest": {
981
999
  "ext-ctype": "For best performance"
@@ -983,7 +1001,7 @@
983
1001
  "type": "library",
984
1002
  "extra": {
985
1003
  "branch-alias": {
986
- "dev-master": "1.18-dev"
1004
+ "dev-main": "1.20-dev"
987
1005
  },
988
1006
  "thanks": {
989
1007
  "name": "symfony/polyfill",
@@ -1034,24 +1052,24 @@
1034
1052
  "type": "tidelift"
1035
1053
  }
1036
1054
  ],
1037
- "time": "2020-07-14T12:35:20+00:00"
1055
+ "time": "2020-10-23T14:02:19+00:00"
1038
1056
  },
1039
1057
  {
1040
1058
  "name": "symfony/polyfill-mbstring",
1041
- "version": "v1.18.0",
1059
+ "version": "v1.20.0",
1042
1060
  "source": {
1043
1061
  "type": "git",
1044
1062
  "url": "https://github.com/symfony/polyfill-mbstring.git",
1045
- "reference": "a6977d63bf9a0ad4c65cd352709e230876f9904a"
1063
+ "reference": "39d483bdf39be819deabf04ec872eb0b2410b531"
1046
1064
  },
1047
1065
  "dist": {
1048
1066
  "type": "zip",
1049
- "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/a6977d63bf9a0ad4c65cd352709e230876f9904a",
1050
- "reference": "a6977d63bf9a0ad4c65cd352709e230876f9904a",
1067
+ "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/39d483bdf39be819deabf04ec872eb0b2410b531",
1068
+ "reference": "39d483bdf39be819deabf04ec872eb0b2410b531",
1051
1069
  "shasum": ""
1052
1070
  },
1053
1071
  "require": {
1054
- "php": ">=5.3.3"
1072
+ "php": ">=7.1"
1055
1073
  },
1056
1074
  "suggest": {
1057
1075
  "ext-mbstring": "For best performance"
@@ -1059,7 +1077,7 @@
1059
1077
  "type": "library",
1060
1078
  "extra": {
1061
1079
  "branch-alias": {
1062
- "dev-master": "1.18-dev"
1080
+ "dev-main": "1.20-dev"
1063
1081
  },
1064
1082
  "thanks": {
1065
1083
  "name": "symfony/polyfill",
@@ -1111,29 +1129,29 @@
1111
1129
  "type": "tidelift"
1112
1130
  }
1113
1131
  ],
1114
- "time": "2020-07-14T12:35:20+00:00"
1132
+ "time": "2020-10-23T14:02:19+00:00"
1115
1133
  },
1116
1134
  {
1117
1135
  "name": "symfony/polyfill-php80",
1118
- "version": "v1.18.0",
1136
+ "version": "v1.20.0",
1119
1137
  "source": {
1120
1138
  "type": "git",
1121
1139
  "url": "https://github.com/symfony/polyfill-php80.git",
1122
- "reference": "d87d5766cbf48d72388a9f6b85f280c8ad51f981"
1140
+ "reference": "e70aa8b064c5b72d3df2abd5ab1e90464ad009de"
1123
1141
  },
1124
1142
  "dist": {
1125
1143
  "type": "zip",
1126
- "url": "https://api.github.com/repos/symfony/polyfill-php80/zipball/d87d5766cbf48d72388a9f6b85f280c8ad51f981",
1127
- "reference": "d87d5766cbf48d72388a9f6b85f280c8ad51f981",
1144
+ "url": "https://api.github.com/repos/symfony/polyfill-php80/zipball/e70aa8b064c5b72d3df2abd5ab1e90464ad009de",
1145
+ "reference": "e70aa8b064c5b72d3df2abd5ab1e90464ad009de",
1128
1146
  "shasum": ""
1129
1147
  },
1130
1148
  "require": {
1131
- "php": ">=7.0.8"
1149
+ "php": ">=7.1"
1132
1150
  },
1133
1151
  "type": "library",
1134
1152
  "extra": {
1135
1153
  "branch-alias": {
1136
- "dev-master": "1.18-dev"
1154
+ "dev-main": "1.20-dev"
1137
1155
  },
1138
1156
  "thanks": {
1139
1157
  "name": "symfony/polyfill",
@@ -1191,20 +1209,20 @@
1191
1209
  "type": "tidelift"
1192
1210
  }
1193
1211
  ],
1194
- "time": "2020-07-14T12:35:20+00:00"
1212
+ "time": "2020-10-23T14:02:19+00:00"
1195
1213
  },
1196
1214
  {
1197
1215
  "name": "symfony/process",
1198
- "version": "v5.1.3",
1216
+ "version": "v5.1.7",
1199
1217
  "source": {
1200
1218
  "type": "git",
1201
1219
  "url": "https://github.com/symfony/process.git",
1202
- "reference": "1864216226af21eb76d9477f691e7cbf198e0402"
1220
+ "reference": "d3a2e64866169586502f0cd9cab69135ad12cee9"
1203
1221
  },
1204
1222
  "dist": {
1205
1223
  "type": "zip",
1206
- "url": "https://api.github.com/repos/symfony/process/zipball/1864216226af21eb76d9477f691e7cbf198e0402",
1207
- "reference": "1864216226af21eb76d9477f691e7cbf198e0402",
1224
+ "url": "https://api.github.com/repos/symfony/process/zipball/d3a2e64866169586502f0cd9cab69135ad12cee9",
1225
+ "reference": "d3a2e64866169586502f0cd9cab69135ad12cee9",
1208
1226
  "shasum": ""
1209
1227
  },
1210
1228
  "require": {
@@ -1255,7 +1273,7 @@
1255
1273
  "type": "tidelift"
1256
1274
  }
1257
1275
  ],
1258
- "time": "2020-07-23T08:36:24+00:00"
1276
+ "time": "2020-09-02T16:23:27+00:00"
1259
1277
  }
1260
1278
  ],
1261
1279
  "packages-dev": [
data/lib/dependabot/composer/update_checker.rb CHANGED
@@ -34,6 +34,10 @@ module Dependabot
34
34
  ).latest_resolvable_version
35
35
  end
36
36
 
37
+ def lowest_security_fix_version
38
+ latest_version_finder.lowest_security_fix_version
39
+ end
40
+
37
41
  def lowest_resolvable_security_fix_version
38
42
  raise "Dependency not vulnerable!" unless vulnerable?
39
43
 
@@ -105,7 +109,7 @@ module Dependabot
105
109
  def fetch_lowest_resolvable_security_fix_version
106
110
  return nil if path_dependency? || git_dependency?
107
111
 
108
- fix_version = latest_version_finder.lowest_security_fix_version
112
+ fix_version = lowest_security_fix_version
109
113
  return latest_resolvable_version if fix_version.nil?
110
114
 
111
115
  resolved_fix_version = VersionResolver.new(
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-composer
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.122.1
4
+ version: 0.124.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-10-13 00:00:00.000000000 Z
11
+ date: 2020-10-26 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.122.1
19
+ version: 0.124.2
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.122.1
26
+ version: 0.124.2
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement