dependabot-composer 0.122.1 → 0.124.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/helpers/composer.lock +84 -66
- data/lib/dependabot/composer/update_checker.rb +5 -1
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ebae335506539a9d32f822fc274f0ab77141605e30c03ec294516826d02c735b
|
4
|
+
data.tar.gz: 6644718d5039de0442ecfa240ec223a38d9eb97eaf58716c4fa2a744a3ed37c0
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 7f73e33389b08038dd82a8cd3b375bc4cbbbd1422f6b677b63a27a199097f88192ea620e640530e70dcf07c82e32e63e99ae8e829c0d8ceb921caf02637aa8e7
|
7
|
+
data.tar.gz: c89a4fcf96f67cdb419abd2c7db2237a636ac4dfb0e95dbd33f3f26a5e2cba5235188edc5de14f85a58f557809468d445e46498ecabdd453f50e0a81730d3c2c
|
data/helpers/composer.lock
CHANGED
@@ -8,16 +8,16 @@
|
|
8
8
|
"packages": [
|
9
9
|
{
|
10
10
|
"name": "composer/ca-bundle",
|
11
|
-
"version": "1.2.
|
11
|
+
"version": "1.2.8",
|
12
12
|
"source": {
|
13
13
|
"type": "git",
|
14
14
|
"url": "https://github.com/composer/ca-bundle.git",
|
15
|
-
"reference": "
|
15
|
+
"reference": "8a7ecad675253e4654ea05505233285377405215"
|
16
16
|
},
|
17
17
|
"dist": {
|
18
18
|
"type": "zip",
|
19
|
-
"url": "https://api.github.com/repos/composer/ca-bundle/zipball/
|
20
|
-
"reference": "
|
19
|
+
"url": "https://api.github.com/repos/composer/ca-bundle/zipball/8a7ecad675253e4654ea05505233285377405215",
|
20
|
+
"reference": "8a7ecad675253e4654ea05505233285377405215",
|
21
21
|
"shasum": ""
|
22
22
|
},
|
23
23
|
"require": {
|
@@ -65,25 +65,29 @@
|
|
65
65
|
"url": "https://packagist.com",
|
66
66
|
"type": "custom"
|
67
67
|
},
|
68
|
+
{
|
69
|
+
"url": "https://github.com/composer",
|
70
|
+
"type": "github"
|
71
|
+
},
|
68
72
|
{
|
69
73
|
"url": "https://tidelift.com/funding/github/packagist/composer/composer",
|
70
74
|
"type": "tidelift"
|
71
75
|
}
|
72
76
|
],
|
73
|
-
"time": "2020-
|
77
|
+
"time": "2020-08-23T12:54:47+00:00"
|
74
78
|
},
|
75
79
|
{
|
76
80
|
"name": "composer/composer",
|
77
|
-
"version": "1.10.
|
81
|
+
"version": "1.10.16",
|
78
82
|
"source": {
|
79
83
|
"type": "git",
|
80
84
|
"url": "https://github.com/composer/composer.git",
|
81
|
-
"reference": "
|
85
|
+
"reference": "217f0272673c72087862c40cf91ac07eb438d778"
|
82
86
|
},
|
83
87
|
"dist": {
|
84
88
|
"type": "zip",
|
85
|
-
"url": "https://api.github.com/repos/composer/composer/zipball/
|
86
|
-
"reference": "
|
89
|
+
"url": "https://api.github.com/repos/composer/composer/zipball/217f0272673c72087862c40cf91ac07eb438d778",
|
90
|
+
"reference": "217f0272673c72087862c40cf91ac07eb438d778",
|
87
91
|
"shasum": ""
|
88
92
|
},
|
89
93
|
"require": {
|
@@ -164,20 +168,20 @@
|
|
164
168
|
"type": "tidelift"
|
165
169
|
}
|
166
170
|
],
|
167
|
-
"time": "2020-
|
171
|
+
"time": "2020-10-24T07:55:59+00:00"
|
168
172
|
},
|
169
173
|
{
|
170
174
|
"name": "composer/semver",
|
171
|
-
"version": "1.
|
175
|
+
"version": "1.7.1",
|
172
176
|
"source": {
|
173
177
|
"type": "git",
|
174
178
|
"url": "https://github.com/composer/semver.git",
|
175
|
-
"reference": "
|
179
|
+
"reference": "38276325bd896f90dfcfe30029aa5db40df387a7"
|
176
180
|
},
|
177
181
|
"dist": {
|
178
182
|
"type": "zip",
|
179
|
-
"url": "https://api.github.com/repos/composer/semver/zipball/
|
180
|
-
"reference": "
|
183
|
+
"url": "https://api.github.com/repos/composer/semver/zipball/38276325bd896f90dfcfe30029aa5db40df387a7",
|
184
|
+
"reference": "38276325bd896f90dfcfe30029aa5db40df387a7",
|
181
185
|
"shasum": ""
|
182
186
|
},
|
183
187
|
"require": {
|
@@ -225,7 +229,21 @@
|
|
225
229
|
"validation",
|
226
230
|
"versioning"
|
227
231
|
],
|
228
|
-
"
|
232
|
+
"funding": [
|
233
|
+
{
|
234
|
+
"url": "https://packagist.com",
|
235
|
+
"type": "custom"
|
236
|
+
},
|
237
|
+
{
|
238
|
+
"url": "https://github.com/composer",
|
239
|
+
"type": "github"
|
240
|
+
},
|
241
|
+
{
|
242
|
+
"url": "https://tidelift.com/funding/github/packagist/composer/composer",
|
243
|
+
"type": "tidelift"
|
244
|
+
}
|
245
|
+
],
|
246
|
+
"time": "2020-09-27T13:13:07+00:00"
|
229
247
|
},
|
230
248
|
{
|
231
249
|
"name": "composer/spdx-licenses",
|
@@ -303,16 +321,16 @@
|
|
303
321
|
},
|
304
322
|
{
|
305
323
|
"name": "composer/xdebug-handler",
|
306
|
-
"version": "1.4.
|
324
|
+
"version": "1.4.4",
|
307
325
|
"source": {
|
308
326
|
"type": "git",
|
309
327
|
"url": "https://github.com/composer/xdebug-handler.git",
|
310
|
-
"reference": "
|
328
|
+
"reference": "6e076a124f7ee146f2487554a94b6a19a74887ba"
|
311
329
|
},
|
312
330
|
"dist": {
|
313
331
|
"type": "zip",
|
314
|
-
"url": "https://api.github.com/repos/composer/xdebug-handler/zipball/
|
315
|
-
"reference": "
|
332
|
+
"url": "https://api.github.com/repos/composer/xdebug-handler/zipball/6e076a124f7ee146f2487554a94b6a19a74887ba",
|
333
|
+
"reference": "6e076a124f7ee146f2487554a94b6a19a74887ba",
|
316
334
|
"shasum": ""
|
317
335
|
},
|
318
336
|
"require": {
|
@@ -357,7 +375,7 @@
|
|
357
375
|
"type": "tidelift"
|
358
376
|
}
|
359
377
|
],
|
360
|
-
"time": "2020-
|
378
|
+
"time": "2020-10-24T12:39:10+00:00"
|
361
379
|
},
|
362
380
|
{
|
363
381
|
"name": "justinrainbow/json-schema",
|
@@ -569,16 +587,16 @@
|
|
569
587
|
},
|
570
588
|
{
|
571
589
|
"name": "seld/jsonlint",
|
572
|
-
"version": "1.8.
|
590
|
+
"version": "1.8.2",
|
573
591
|
"source": {
|
574
592
|
"type": "git",
|
575
593
|
"url": "https://github.com/Seldaek/jsonlint.git",
|
576
|
-
"reference": "
|
594
|
+
"reference": "590cfec960b77fd55e39b7d9246659e95dd6d337"
|
577
595
|
},
|
578
596
|
"dist": {
|
579
597
|
"type": "zip",
|
580
|
-
"url": "https://api.github.com/repos/Seldaek/jsonlint/zipball/
|
581
|
-
"reference": "
|
598
|
+
"url": "https://api.github.com/repos/Seldaek/jsonlint/zipball/590cfec960b77fd55e39b7d9246659e95dd6d337",
|
599
|
+
"reference": "590cfec960b77fd55e39b7d9246659e95dd6d337",
|
582
600
|
"shasum": ""
|
583
601
|
},
|
584
602
|
"require": {
|
@@ -624,7 +642,7 @@
|
|
624
642
|
"type": "tidelift"
|
625
643
|
}
|
626
644
|
],
|
627
|
-
"time": "2020-
|
645
|
+
"time": "2020-08-25T06:56:57+00:00"
|
628
646
|
},
|
629
647
|
{
|
630
648
|
"name": "seld/phar-utils",
|
@@ -744,16 +762,16 @@
|
|
744
762
|
},
|
745
763
|
{
|
746
764
|
"name": "symfony/contracts",
|
747
|
-
"version": "v1.1.
|
765
|
+
"version": "v1.1.10",
|
748
766
|
"source": {
|
749
767
|
"type": "git",
|
750
768
|
"url": "https://github.com/symfony/contracts.git",
|
751
|
-
"reference": "
|
769
|
+
"reference": "011c20407c4b99d454f44021d023fb39ce23b73d"
|
752
770
|
},
|
753
771
|
"dist": {
|
754
772
|
"type": "zip",
|
755
|
-
"url": "https://api.github.com/repos/symfony/contracts/zipball/
|
756
|
-
"reference": "
|
773
|
+
"url": "https://api.github.com/repos/symfony/contracts/zipball/011c20407c4b99d454f44021d023fb39ce23b73d",
|
774
|
+
"reference": "011c20407c4b99d454f44021d023fb39ce23b73d",
|
757
775
|
"shasum": ""
|
758
776
|
},
|
759
777
|
"require": {
|
@@ -831,20 +849,20 @@
|
|
831
849
|
"type": "tidelift"
|
832
850
|
}
|
833
851
|
],
|
834
|
-
"time": "2020-
|
852
|
+
"time": "2020-09-02T16:08:58+00:00"
|
835
853
|
},
|
836
854
|
{
|
837
855
|
"name": "symfony/filesystem",
|
838
|
-
"version": "v5.1.
|
856
|
+
"version": "v5.1.7",
|
839
857
|
"source": {
|
840
858
|
"type": "git",
|
841
859
|
"url": "https://github.com/symfony/filesystem.git",
|
842
|
-
"reference": "
|
860
|
+
"reference": "1a8697545a8d87b9f2f6b1d32414199cc5e20aae"
|
843
861
|
},
|
844
862
|
"dist": {
|
845
863
|
"type": "zip",
|
846
|
-
"url": "https://api.github.com/repos/symfony/filesystem/zipball/
|
847
|
-
"reference": "
|
864
|
+
"url": "https://api.github.com/repos/symfony/filesystem/zipball/1a8697545a8d87b9f2f6b1d32414199cc5e20aae",
|
865
|
+
"reference": "1a8697545a8d87b9f2f6b1d32414199cc5e20aae",
|
848
866
|
"shasum": ""
|
849
867
|
},
|
850
868
|
"require": {
|
@@ -895,20 +913,20 @@
|
|
895
913
|
"type": "tidelift"
|
896
914
|
}
|
897
915
|
],
|
898
|
-
"time": "2020-
|
916
|
+
"time": "2020-09-27T14:02:37+00:00"
|
899
917
|
},
|
900
918
|
{
|
901
919
|
"name": "symfony/finder",
|
902
|
-
"version": "v5.1.
|
920
|
+
"version": "v5.1.7",
|
903
921
|
"source": {
|
904
922
|
"type": "git",
|
905
923
|
"url": "https://github.com/symfony/finder.git",
|
906
|
-
"reference": "
|
924
|
+
"reference": "2c3ba7ad6884e6c4451ce2340e2dc23f6fa3e0d8"
|
907
925
|
},
|
908
926
|
"dist": {
|
909
927
|
"type": "zip",
|
910
|
-
"url": "https://api.github.com/repos/symfony/finder/zipball/
|
911
|
-
"reference": "
|
928
|
+
"url": "https://api.github.com/repos/symfony/finder/zipball/2c3ba7ad6884e6c4451ce2340e2dc23f6fa3e0d8",
|
929
|
+
"reference": "2c3ba7ad6884e6c4451ce2340e2dc23f6fa3e0d8",
|
912
930
|
"shasum": ""
|
913
931
|
},
|
914
932
|
"require": {
|
@@ -958,24 +976,24 @@
|
|
958
976
|
"type": "tidelift"
|
959
977
|
}
|
960
978
|
],
|
961
|
-
"time": "2020-
|
979
|
+
"time": "2020-09-02T16:23:27+00:00"
|
962
980
|
},
|
963
981
|
{
|
964
982
|
"name": "symfony/polyfill-ctype",
|
965
|
-
"version": "v1.
|
983
|
+
"version": "v1.20.0",
|
966
984
|
"source": {
|
967
985
|
"type": "git",
|
968
986
|
"url": "https://github.com/symfony/polyfill-ctype.git",
|
969
|
-
"reference": "
|
987
|
+
"reference": "f4ba089a5b6366e453971d3aad5fe8e897b37f41"
|
970
988
|
},
|
971
989
|
"dist": {
|
972
990
|
"type": "zip",
|
973
|
-
"url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/
|
974
|
-
"reference": "
|
991
|
+
"url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/f4ba089a5b6366e453971d3aad5fe8e897b37f41",
|
992
|
+
"reference": "f4ba089a5b6366e453971d3aad5fe8e897b37f41",
|
975
993
|
"shasum": ""
|
976
994
|
},
|
977
995
|
"require": {
|
978
|
-
"php": ">=
|
996
|
+
"php": ">=7.1"
|
979
997
|
},
|
980
998
|
"suggest": {
|
981
999
|
"ext-ctype": "For best performance"
|
@@ -983,7 +1001,7 @@
|
|
983
1001
|
"type": "library",
|
984
1002
|
"extra": {
|
985
1003
|
"branch-alias": {
|
986
|
-
"dev-
|
1004
|
+
"dev-main": "1.20-dev"
|
987
1005
|
},
|
988
1006
|
"thanks": {
|
989
1007
|
"name": "symfony/polyfill",
|
@@ -1034,24 +1052,24 @@
|
|
1034
1052
|
"type": "tidelift"
|
1035
1053
|
}
|
1036
1054
|
],
|
1037
|
-
"time": "2020-
|
1055
|
+
"time": "2020-10-23T14:02:19+00:00"
|
1038
1056
|
},
|
1039
1057
|
{
|
1040
1058
|
"name": "symfony/polyfill-mbstring",
|
1041
|
-
"version": "v1.
|
1059
|
+
"version": "v1.20.0",
|
1042
1060
|
"source": {
|
1043
1061
|
"type": "git",
|
1044
1062
|
"url": "https://github.com/symfony/polyfill-mbstring.git",
|
1045
|
-
"reference": "
|
1063
|
+
"reference": "39d483bdf39be819deabf04ec872eb0b2410b531"
|
1046
1064
|
},
|
1047
1065
|
"dist": {
|
1048
1066
|
"type": "zip",
|
1049
|
-
"url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/
|
1050
|
-
"reference": "
|
1067
|
+
"url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/39d483bdf39be819deabf04ec872eb0b2410b531",
|
1068
|
+
"reference": "39d483bdf39be819deabf04ec872eb0b2410b531",
|
1051
1069
|
"shasum": ""
|
1052
1070
|
},
|
1053
1071
|
"require": {
|
1054
|
-
"php": ">=
|
1072
|
+
"php": ">=7.1"
|
1055
1073
|
},
|
1056
1074
|
"suggest": {
|
1057
1075
|
"ext-mbstring": "For best performance"
|
@@ -1059,7 +1077,7 @@
|
|
1059
1077
|
"type": "library",
|
1060
1078
|
"extra": {
|
1061
1079
|
"branch-alias": {
|
1062
|
-
"dev-
|
1080
|
+
"dev-main": "1.20-dev"
|
1063
1081
|
},
|
1064
1082
|
"thanks": {
|
1065
1083
|
"name": "symfony/polyfill",
|
@@ -1111,29 +1129,29 @@
|
|
1111
1129
|
"type": "tidelift"
|
1112
1130
|
}
|
1113
1131
|
],
|
1114
|
-
"time": "2020-
|
1132
|
+
"time": "2020-10-23T14:02:19+00:00"
|
1115
1133
|
},
|
1116
1134
|
{
|
1117
1135
|
"name": "symfony/polyfill-php80",
|
1118
|
-
"version": "v1.
|
1136
|
+
"version": "v1.20.0",
|
1119
1137
|
"source": {
|
1120
1138
|
"type": "git",
|
1121
1139
|
"url": "https://github.com/symfony/polyfill-php80.git",
|
1122
|
-
"reference": "
|
1140
|
+
"reference": "e70aa8b064c5b72d3df2abd5ab1e90464ad009de"
|
1123
1141
|
},
|
1124
1142
|
"dist": {
|
1125
1143
|
"type": "zip",
|
1126
|
-
"url": "https://api.github.com/repos/symfony/polyfill-php80/zipball/
|
1127
|
-
"reference": "
|
1144
|
+
"url": "https://api.github.com/repos/symfony/polyfill-php80/zipball/e70aa8b064c5b72d3df2abd5ab1e90464ad009de",
|
1145
|
+
"reference": "e70aa8b064c5b72d3df2abd5ab1e90464ad009de",
|
1128
1146
|
"shasum": ""
|
1129
1147
|
},
|
1130
1148
|
"require": {
|
1131
|
-
"php": ">=7.
|
1149
|
+
"php": ">=7.1"
|
1132
1150
|
},
|
1133
1151
|
"type": "library",
|
1134
1152
|
"extra": {
|
1135
1153
|
"branch-alias": {
|
1136
|
-
"dev-
|
1154
|
+
"dev-main": "1.20-dev"
|
1137
1155
|
},
|
1138
1156
|
"thanks": {
|
1139
1157
|
"name": "symfony/polyfill",
|
@@ -1191,20 +1209,20 @@
|
|
1191
1209
|
"type": "tidelift"
|
1192
1210
|
}
|
1193
1211
|
],
|
1194
|
-
"time": "2020-
|
1212
|
+
"time": "2020-10-23T14:02:19+00:00"
|
1195
1213
|
},
|
1196
1214
|
{
|
1197
1215
|
"name": "symfony/process",
|
1198
|
-
"version": "v5.1.
|
1216
|
+
"version": "v5.1.7",
|
1199
1217
|
"source": {
|
1200
1218
|
"type": "git",
|
1201
1219
|
"url": "https://github.com/symfony/process.git",
|
1202
|
-
"reference": "
|
1220
|
+
"reference": "d3a2e64866169586502f0cd9cab69135ad12cee9"
|
1203
1221
|
},
|
1204
1222
|
"dist": {
|
1205
1223
|
"type": "zip",
|
1206
|
-
"url": "https://api.github.com/repos/symfony/process/zipball/
|
1207
|
-
"reference": "
|
1224
|
+
"url": "https://api.github.com/repos/symfony/process/zipball/d3a2e64866169586502f0cd9cab69135ad12cee9",
|
1225
|
+
"reference": "d3a2e64866169586502f0cd9cab69135ad12cee9",
|
1208
1226
|
"shasum": ""
|
1209
1227
|
},
|
1210
1228
|
"require": {
|
@@ -1255,7 +1273,7 @@
|
|
1255
1273
|
"type": "tidelift"
|
1256
1274
|
}
|
1257
1275
|
],
|
1258
|
-
"time": "2020-
|
1276
|
+
"time": "2020-09-02T16:23:27+00:00"
|
1259
1277
|
}
|
1260
1278
|
],
|
1261
1279
|
"packages-dev": [
|
@@ -34,6 +34,10 @@ module Dependabot
|
|
34
34
|
).latest_resolvable_version
|
35
35
|
end
|
36
36
|
|
37
|
+
def lowest_security_fix_version
|
38
|
+
latest_version_finder.lowest_security_fix_version
|
39
|
+
end
|
40
|
+
|
37
41
|
def lowest_resolvable_security_fix_version
|
38
42
|
raise "Dependency not vulnerable!" unless vulnerable?
|
39
43
|
|
@@ -105,7 +109,7 @@ module Dependabot
|
|
105
109
|
def fetch_lowest_resolvable_security_fix_version
|
106
110
|
return nil if path_dependency? || git_dependency?
|
107
111
|
|
108
|
-
fix_version =
|
112
|
+
fix_version = lowest_security_fix_version
|
109
113
|
return latest_resolvable_version if fix_version.nil?
|
110
114
|
|
111
115
|
resolved_fix_version = VersionResolver.new(
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-composer
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.124.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-10-
|
11
|
+
date: 2020-10-26 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dependabot-common
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.
|
19
|
+
version: 0.124.2
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.
|
26
|
+
version: 0.124.2
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: byebug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|