dependabot-composer 0.122.1 → 0.124.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/helpers/composer.lock +84 -66
  3. data/lib/dependabot/composer/update_checker.rb +5 -1
  4. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d31f1cc6e9eb92076d447bb1d4787f59ac485096bfb12b0cd1665be98d204981
4
- data.tar.gz: d50d9c59b53498e5d840efbf8c0c33404d518e9ee4a13dacb509ec5a14c3dcd1
3
+ metadata.gz: ebae335506539a9d32f822fc274f0ab77141605e30c03ec294516826d02c735b
4
+ data.tar.gz: 6644718d5039de0442ecfa240ec223a38d9eb97eaf58716c4fa2a744a3ed37c0
5
5
  SHA512:
6
- metadata.gz: 0ed7853e02601701f5386bd8ce961054e43b11fd1ca992b0b7b0542e745d3d1f317120a8665b6793655ab4fdaa261da35a126222e01fbfb9b402f1f4cb10b11f
7
- data.tar.gz: 8a2dbdfb9e59cf97efbc3c87eee4418740918766fb8abc06f0bafb61dd9be5891efbd0195d564793cb29b1429897233d29ed7de62eca0f78cc2615fb4a9e85e3
6
+ metadata.gz: 7f73e33389b08038dd82a8cd3b375bc4cbbbd1422f6b677b63a27a199097f88192ea620e640530e70dcf07c82e32e63e99ae8e829c0d8ceb921caf02637aa8e7
7
+ data.tar.gz: c89a4fcf96f67cdb419abd2c7db2237a636ac4dfb0e95dbd33f3f26a5e2cba5235188edc5de14f85a58f557809468d445e46498ecabdd453f50e0a81730d3c2c
data/helpers/composer.lock CHANGED
@@ -8,16 +8,16 @@
8
8
  "packages": [
9
9
  {
10
10
  "name": "composer/ca-bundle",
11
- "version": "1.2.7",
11
+ "version": "1.2.8",
12
12
  "source": {
13
13
  "type": "git",
14
14
  "url": "https://github.com/composer/ca-bundle.git",
15
- "reference": "95c63ab2117a72f48f5a55da9740a3273d45b7fd"
15
+ "reference": "8a7ecad675253e4654ea05505233285377405215"
16
16
  },
17
17
  "dist": {
18
18
  "type": "zip",
19
- "url": "https://api.github.com/repos/composer/ca-bundle/zipball/95c63ab2117a72f48f5a55da9740a3273d45b7fd",
20
- "reference": "95c63ab2117a72f48f5a55da9740a3273d45b7fd",
19
+ "url": "https://api.github.com/repos/composer/ca-bundle/zipball/8a7ecad675253e4654ea05505233285377405215",
20
+ "reference": "8a7ecad675253e4654ea05505233285377405215",
21
21
  "shasum": ""
22
22
  },
23
23
  "require": {
@@ -65,25 +65,29 @@
65
65
  "url": "https://packagist.com",
66
66
  "type": "custom"
67
67
  },
68
+ {
69
+ "url": "https://github.com/composer",
70
+ "type": "github"
71
+ },
68
72
  {
69
73
  "url": "https://tidelift.com/funding/github/packagist/composer/composer",
70
74
  "type": "tidelift"
71
75
  }
72
76
  ],
73
- "time": "2020-04-08T08:27:21+00:00"
77
+ "time": "2020-08-23T12:54:47+00:00"
74
78
  },
75
79
  {
76
80
  "name": "composer/composer",
77
- "version": "1.10.10",
81
+ "version": "1.10.16",
78
82
  "source": {
79
83
  "type": "git",
80
84
  "url": "https://github.com/composer/composer.git",
81
- "reference": "32966a3b1d48bc01472a8321fd6472b44fad033a"
85
+ "reference": "217f0272673c72087862c40cf91ac07eb438d778"
82
86
  },
83
87
  "dist": {
84
88
  "type": "zip",
85
- "url": "https://api.github.com/repos/composer/composer/zipball/32966a3b1d48bc01472a8321fd6472b44fad033a",
86
- "reference": "32966a3b1d48bc01472a8321fd6472b44fad033a",
89
+ "url": "https://api.github.com/repos/composer/composer/zipball/217f0272673c72087862c40cf91ac07eb438d778",
90
+ "reference": "217f0272673c72087862c40cf91ac07eb438d778",
87
91
  "shasum": ""
88
92
  },
89
93
  "require": {
@@ -164,20 +168,20 @@
164
168
  "type": "tidelift"
165
169
  }
166
170
  ],
167
- "time": "2020-08-03T09:35:19+00:00"
171
+ "time": "2020-10-24T07:55:59+00:00"
168
172
  },
169
173
  {
170
174
  "name": "composer/semver",
171
- "version": "1.5.1",
175
+ "version": "1.7.1",
172
176
  "source": {
173
177
  "type": "git",
174
178
  "url": "https://github.com/composer/semver.git",
175
- "reference": "c6bea70230ef4dd483e6bbcab6005f682ed3a8de"
179
+ "reference": "38276325bd896f90dfcfe30029aa5db40df387a7"
176
180
  },
177
181
  "dist": {
178
182
  "type": "zip",
179
- "url": "https://api.github.com/repos/composer/semver/zipball/c6bea70230ef4dd483e6bbcab6005f682ed3a8de",
180
- "reference": "c6bea70230ef4dd483e6bbcab6005f682ed3a8de",
183
+ "url": "https://api.github.com/repos/composer/semver/zipball/38276325bd896f90dfcfe30029aa5db40df387a7",
184
+ "reference": "38276325bd896f90dfcfe30029aa5db40df387a7",
181
185
  "shasum": ""
182
186
  },
183
187
  "require": {
@@ -225,7 +229,21 @@
225
229
  "validation",
226
230
  "versioning"
227
231
  ],
228
- "time": "2020-01-13T12:06:48+00:00"
232
+ "funding": [
233
+ {
234
+ "url": "https://packagist.com",
235
+ "type": "custom"
236
+ },
237
+ {
238
+ "url": "https://github.com/composer",
239
+ "type": "github"
240
+ },
241
+ {
242
+ "url": "https://tidelift.com/funding/github/packagist/composer/composer",
243
+ "type": "tidelift"
244
+ }
245
+ ],
246
+ "time": "2020-09-27T13:13:07+00:00"
229
247
  },
230
248
  {
231
249
  "name": "composer/spdx-licenses",
@@ -303,16 +321,16 @@
303
321
  },
304
322
  {
305
323
  "name": "composer/xdebug-handler",
306
- "version": "1.4.2",
324
+ "version": "1.4.4",
307
325
  "source": {
308
326
  "type": "git",
309
327
  "url": "https://github.com/composer/xdebug-handler.git",
310
- "reference": "fa2aaf99e2087f013a14f7432c1cd2dd7d8f1f51"
328
+ "reference": "6e076a124f7ee146f2487554a94b6a19a74887ba"
311
329
  },
312
330
  "dist": {
313
331
  "type": "zip",
314
- "url": "https://api.github.com/repos/composer/xdebug-handler/zipball/fa2aaf99e2087f013a14f7432c1cd2dd7d8f1f51",
315
- "reference": "fa2aaf99e2087f013a14f7432c1cd2dd7d8f1f51",
332
+ "url": "https://api.github.com/repos/composer/xdebug-handler/zipball/6e076a124f7ee146f2487554a94b6a19a74887ba",
333
+ "reference": "6e076a124f7ee146f2487554a94b6a19a74887ba",
316
334
  "shasum": ""
317
335
  },
318
336
  "require": {
@@ -357,7 +375,7 @@
357
375
  "type": "tidelift"
358
376
  }
359
377
  ],
360
- "time": "2020-06-04T11:16:35+00:00"
378
+ "time": "2020-10-24T12:39:10+00:00"
361
379
  },
362
380
  {
363
381
  "name": "justinrainbow/json-schema",
@@ -569,16 +587,16 @@
569
587
  },
570
588
  {
571
589
  "name": "seld/jsonlint",
572
- "version": "1.8.0",
590
+ "version": "1.8.2",
573
591
  "source": {
574
592
  "type": "git",
575
593
  "url": "https://github.com/Seldaek/jsonlint.git",
576
- "reference": "ff2aa5420bfbc296cf6a0bc785fa5b35736de7c1"
594
+ "reference": "590cfec960b77fd55e39b7d9246659e95dd6d337"
577
595
  },
578
596
  "dist": {
579
597
  "type": "zip",
580
- "url": "https://api.github.com/repos/Seldaek/jsonlint/zipball/ff2aa5420bfbc296cf6a0bc785fa5b35736de7c1",
581
- "reference": "ff2aa5420bfbc296cf6a0bc785fa5b35736de7c1",
598
+ "url": "https://api.github.com/repos/Seldaek/jsonlint/zipball/590cfec960b77fd55e39b7d9246659e95dd6d337",
599
+ "reference": "590cfec960b77fd55e39b7d9246659e95dd6d337",
582
600
  "shasum": ""
583
601
  },
584
602
  "require": {
@@ -624,7 +642,7 @@
624
642
  "type": "tidelift"
625
643
  }
626
644
  ],
627
- "time": "2020-04-30T19:05:18+00:00"
645
+ "time": "2020-08-25T06:56:57+00:00"
628
646
  },
629
647
  {
630
648
  "name": "seld/phar-utils",
@@ -744,16 +762,16 @@
744
762
  },
745
763
  {
746
764
  "name": "symfony/contracts",
747
- "version": "v1.1.9",
765
+ "version": "v1.1.10",
748
766
  "source": {
749
767
  "type": "git",
750
768
  "url": "https://github.com/symfony/contracts.git",
751
- "reference": "8c4de0cf797f2eba4334a1d7a9b788c1b30a7579"
769
+ "reference": "011c20407c4b99d454f44021d023fb39ce23b73d"
752
770
  },
753
771
  "dist": {
754
772
  "type": "zip",
755
- "url": "https://api.github.com/repos/symfony/contracts/zipball/8c4de0cf797f2eba4334a1d7a9b788c1b30a7579",
756
- "reference": "8c4de0cf797f2eba4334a1d7a9b788c1b30a7579",
773
+ "url": "https://api.github.com/repos/symfony/contracts/zipball/011c20407c4b99d454f44021d023fb39ce23b73d",
774
+ "reference": "011c20407c4b99d454f44021d023fb39ce23b73d",
757
775
  "shasum": ""
758
776
  },
759
777
  "require": {
@@ -831,20 +849,20 @@
831
849
  "type": "tidelift"
832
850
  }
833
851
  ],
834
- "time": "2020-07-29T14:46:19+00:00"
852
+ "time": "2020-09-02T16:08:58+00:00"
835
853
  },
836
854
  {
837
855
  "name": "symfony/filesystem",
838
- "version": "v5.1.3",
856
+ "version": "v5.1.7",
839
857
  "source": {
840
858
  "type": "git",
841
859
  "url": "https://github.com/symfony/filesystem.git",
842
- "reference": "6e4320f06d5f2cce0d96530162491f4465179157"
860
+ "reference": "1a8697545a8d87b9f2f6b1d32414199cc5e20aae"
843
861
  },
844
862
  "dist": {
845
863
  "type": "zip",
846
- "url": "https://api.github.com/repos/symfony/filesystem/zipball/6e4320f06d5f2cce0d96530162491f4465179157",
847
- "reference": "6e4320f06d5f2cce0d96530162491f4465179157",
864
+ "url": "https://api.github.com/repos/symfony/filesystem/zipball/1a8697545a8d87b9f2f6b1d32414199cc5e20aae",
865
+ "reference": "1a8697545a8d87b9f2f6b1d32414199cc5e20aae",
848
866
  "shasum": ""
849
867
  },
850
868
  "require": {
@@ -895,20 +913,20 @@
895
913
  "type": "tidelift"
896
914
  }
897
915
  ],
898
- "time": "2020-05-30T20:35:19+00:00"
916
+ "time": "2020-09-27T14:02:37+00:00"
899
917
  },
900
918
  {
901
919
  "name": "symfony/finder",
902
- "version": "v5.1.3",
920
+ "version": "v5.1.7",
903
921
  "source": {
904
922
  "type": "git",
905
923
  "url": "https://github.com/symfony/finder.git",
906
- "reference": "4298870062bfc667cb78d2b379be4bf5dec5f187"
924
+ "reference": "2c3ba7ad6884e6c4451ce2340e2dc23f6fa3e0d8"
907
925
  },
908
926
  "dist": {
909
927
  "type": "zip",
910
- "url": "https://api.github.com/repos/symfony/finder/zipball/4298870062bfc667cb78d2b379be4bf5dec5f187",
911
- "reference": "4298870062bfc667cb78d2b379be4bf5dec5f187",
928
+ "url": "https://api.github.com/repos/symfony/finder/zipball/2c3ba7ad6884e6c4451ce2340e2dc23f6fa3e0d8",
929
+ "reference": "2c3ba7ad6884e6c4451ce2340e2dc23f6fa3e0d8",
912
930
  "shasum": ""
913
931
  },
914
932
  "require": {
@@ -958,24 +976,24 @@
958
976
  "type": "tidelift"
959
977
  }
960
978
  ],
961
- "time": "2020-05-20T17:43:50+00:00"
979
+ "time": "2020-09-02T16:23:27+00:00"
962
980
  },
963
981
  {
964
982
  "name": "symfony/polyfill-ctype",
965
- "version": "v1.18.0",
983
+ "version": "v1.20.0",
966
984
  "source": {
967
985
  "type": "git",
968
986
  "url": "https://github.com/symfony/polyfill-ctype.git",
969
- "reference": "1c302646f6efc070cd46856e600e5e0684d6b454"
987
+ "reference": "f4ba089a5b6366e453971d3aad5fe8e897b37f41"
970
988
  },
971
989
  "dist": {
972
990
  "type": "zip",
973
- "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/1c302646f6efc070cd46856e600e5e0684d6b454",
974
- "reference": "1c302646f6efc070cd46856e600e5e0684d6b454",
991
+ "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/f4ba089a5b6366e453971d3aad5fe8e897b37f41",
992
+ "reference": "f4ba089a5b6366e453971d3aad5fe8e897b37f41",
975
993
  "shasum": ""
976
994
  },
977
995
  "require": {
978
- "php": ">=5.3.3"
996
+ "php": ">=7.1"
979
997
  },
980
998
  "suggest": {
981
999
  "ext-ctype": "For best performance"
@@ -983,7 +1001,7 @@
983
1001
  "type": "library",
984
1002
  "extra": {
985
1003
  "branch-alias": {
986
- "dev-master": "1.18-dev"
1004
+ "dev-main": "1.20-dev"
987
1005
  },
988
1006
  "thanks": {
989
1007
  "name": "symfony/polyfill",
@@ -1034,24 +1052,24 @@
1034
1052
  "type": "tidelift"
1035
1053
  }
1036
1054
  ],
1037
- "time": "2020-07-14T12:35:20+00:00"
1055
+ "time": "2020-10-23T14:02:19+00:00"
1038
1056
  },
1039
1057
  {
1040
1058
  "name": "symfony/polyfill-mbstring",
1041
- "version": "v1.18.0",
1059
+ "version": "v1.20.0",
1042
1060
  "source": {
1043
1061
  "type": "git",
1044
1062
  "url": "https://github.com/symfony/polyfill-mbstring.git",
1045
- "reference": "a6977d63bf9a0ad4c65cd352709e230876f9904a"
1063
+ "reference": "39d483bdf39be819deabf04ec872eb0b2410b531"
1046
1064
  },
1047
1065
  "dist": {
1048
1066
  "type": "zip",
1049
- "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/a6977d63bf9a0ad4c65cd352709e230876f9904a",
1050
- "reference": "a6977d63bf9a0ad4c65cd352709e230876f9904a",
1067
+ "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/39d483bdf39be819deabf04ec872eb0b2410b531",
1068
+ "reference": "39d483bdf39be819deabf04ec872eb0b2410b531",
1051
1069
  "shasum": ""
1052
1070
  },
1053
1071
  "require": {
1054
- "php": ">=5.3.3"
1072
+ "php": ">=7.1"
1055
1073
  },
1056
1074
  "suggest": {
1057
1075
  "ext-mbstring": "For best performance"
@@ -1059,7 +1077,7 @@
1059
1077
  "type": "library",
1060
1078
  "extra": {
1061
1079
  "branch-alias": {
1062
- "dev-master": "1.18-dev"
1080
+ "dev-main": "1.20-dev"
1063
1081
  },
1064
1082
  "thanks": {
1065
1083
  "name": "symfony/polyfill",
@@ -1111,29 +1129,29 @@
1111
1129
  "type": "tidelift"
1112
1130
  }
1113
1131
  ],
1114
- "time": "2020-07-14T12:35:20+00:00"
1132
+ "time": "2020-10-23T14:02:19+00:00"
1115
1133
  },
1116
1134
  {
1117
1135
  "name": "symfony/polyfill-php80",
1118
- "version": "v1.18.0",
1136
+ "version": "v1.20.0",
1119
1137
  "source": {
1120
1138
  "type": "git",
1121
1139
  "url": "https://github.com/symfony/polyfill-php80.git",
1122
- "reference": "d87d5766cbf48d72388a9f6b85f280c8ad51f981"
1140
+ "reference": "e70aa8b064c5b72d3df2abd5ab1e90464ad009de"
1123
1141
  },
1124
1142
  "dist": {
1125
1143
  "type": "zip",
1126
- "url": "https://api.github.com/repos/symfony/polyfill-php80/zipball/d87d5766cbf48d72388a9f6b85f280c8ad51f981",
1127
- "reference": "d87d5766cbf48d72388a9f6b85f280c8ad51f981",
1144
+ "url": "https://api.github.com/repos/symfony/polyfill-php80/zipball/e70aa8b064c5b72d3df2abd5ab1e90464ad009de",
1145
+ "reference": "e70aa8b064c5b72d3df2abd5ab1e90464ad009de",
1128
1146
  "shasum": ""
1129
1147
  },
1130
1148
  "require": {
1131
- "php": ">=7.0.8"
1149
+ "php": ">=7.1"
1132
1150
  },
1133
1151
  "type": "library",
1134
1152
  "extra": {
1135
1153
  "branch-alias": {
1136
- "dev-master": "1.18-dev"
1154
+ "dev-main": "1.20-dev"
1137
1155
  },
1138
1156
  "thanks": {
1139
1157
  "name": "symfony/polyfill",
@@ -1191,20 +1209,20 @@
1191
1209
  "type": "tidelift"
1192
1210
  }
1193
1211
  ],
1194
- "time": "2020-07-14T12:35:20+00:00"
1212
+ "time": "2020-10-23T14:02:19+00:00"
1195
1213
  },
1196
1214
  {
1197
1215
  "name": "symfony/process",
1198
- "version": "v5.1.3",
1216
+ "version": "v5.1.7",
1199
1217
  "source": {
1200
1218
  "type": "git",
1201
1219
  "url": "https://github.com/symfony/process.git",
1202
- "reference": "1864216226af21eb76d9477f691e7cbf198e0402"
1220
+ "reference": "d3a2e64866169586502f0cd9cab69135ad12cee9"
1203
1221
  },
1204
1222
  "dist": {
1205
1223
  "type": "zip",
1206
- "url": "https://api.github.com/repos/symfony/process/zipball/1864216226af21eb76d9477f691e7cbf198e0402",
1207
- "reference": "1864216226af21eb76d9477f691e7cbf198e0402",
1224
+ "url": "https://api.github.com/repos/symfony/process/zipball/d3a2e64866169586502f0cd9cab69135ad12cee9",
1225
+ "reference": "d3a2e64866169586502f0cd9cab69135ad12cee9",
1208
1226
  "shasum": ""
1209
1227
  },
1210
1228
  "require": {
@@ -1255,7 +1273,7 @@
1255
1273
  "type": "tidelift"
1256
1274
  }
1257
1275
  ],
1258
- "time": "2020-07-23T08:36:24+00:00"
1276
+ "time": "2020-09-02T16:23:27+00:00"
1259
1277
  }
1260
1278
  ],
1261
1279
  "packages-dev": [
data/lib/dependabot/composer/update_checker.rb CHANGED
@@ -34,6 +34,10 @@ module Dependabot
34
34
  ).latest_resolvable_version
35
35
  end
36
36
 
37
+ def lowest_security_fix_version
38
+ latest_version_finder.lowest_security_fix_version
39
+ end
40
+
37
41
  def lowest_resolvable_security_fix_version
38
42
  raise "Dependency not vulnerable!" unless vulnerable?
39
43
 
@@ -105,7 +109,7 @@ module Dependabot
105
109
  def fetch_lowest_resolvable_security_fix_version
106
110
  return nil if path_dependency? || git_dependency?
107
111
 
108
- fix_version = latest_version_finder.lowest_security_fix_version
112
+ fix_version = lowest_security_fix_version
109
113
  return latest_resolvable_version if fix_version.nil?
110
114
 
111
115
  resolved_fix_version = VersionResolver.new(
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-composer
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.122.1
4
+ version: 0.124.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-10-13 00:00:00.000000000 Z
11
+ date: 2020-10-26 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.122.1
19
+ version: 0.124.2
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.122.1
26
+ version: 0.124.2
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement