dependabot-composer 0.148.7 → 0.149.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a613fdb3aa21af55cf74e933adfb52a18efa61bd35e7a3fff5929b08b93231da
4
- data.tar.gz: 641d9ac50c19b3be20ad01e76d586c54fadc300d5db70348173b8d192903bfe0
3
+ metadata.gz: 250c39b2ce6b4ffb6c98c40b56686ac109230d479eb2a6119637ae1de0fdaee9
4
+ data.tar.gz: 407e443e00dd91aeecd1702fb74e18d0a092db13f2de46aaa786e3533d8e4fd3
5
5
  SHA512:
6
- metadata.gz: ea6d74ff4dfd0a6c7f477447b35b0d7063f5e4dc9912907ece62a9236601f5ae837b2aa599b0fdaf11c0d6eb04b46948413dcf334a07f89a5ef83f006d9ac656
7
- data.tar.gz: 2d39a98f5b398cd6ee7d77a4cf4fa7386ca03e32cb132d604402d4decb897c026e21ec0d9a18cd72e9cec0b426d7a36b38241f9538b66172bc2b0864eec69a02
6
+ metadata.gz: '008946beb72a386e86d0621d7bd5ee79d58b1dc11b446231838b66c4fbd720a896d9dc4019e98182c0d8e2b79221592cfccd204f420856b9ec4b61366067bd87'
7
+ data.tar.gz: 54f57ced3aa43b551cc7aa5714d7f2616d6863de7400b8e50c72072a1e24ade3c367336d0d825cacd19cdaacf9c43b32f6e98c6c9c6c9cdcea59aa12dc876b7a
@@ -75,7 +75,7 @@ module Dependabot
75
75
  end
76
76
 
77
77
  def filter_lower_versions(versions_array)
78
- return versions_array unless dependency.version
78
+ return versions_array unless dependency.version && version_class.correct?(dependency.version)
79
79
 
80
80
  versions_array.
81
81
  select { |version| version > version_class.new(dependency.version) }
@@ -37,6 +37,8 @@ module Dependabot
37
37
  VERSION_REGEX = /[0-9]+(?:\.[A-Za-z0-9\-_]+)*/.freeze
38
38
  SOURCE_TIMED_OUT_REGEX =
39
39
  /The "(?<url>[^"]+packages\.json)".*timed out/.freeze
40
+ FAILED_GIT_CLONE_WITH_MIRROR = /Failed to execute git clone --mirror[^']*'(?<url>.*?)'/.freeze
41
+ FAILED_GIT_CLONE = /Failed to clone (?<url>.*?) via/.freeze
40
42
 
41
43
  def initialize(credentials:, dependency:, dependency_files:,
42
44
  requirements_to_unlock:, latest_allowable_version:)
@@ -244,15 +246,11 @@ module Dependabot
244
246
  raise PrivateSourceAuthenticationFailure, "nova.laravel.com"
245
247
  end
246
248
 
247
- if error.message.start_with?("Failed to execute git clone")
248
- dependency_url =
249
- error.message.match(/--mirror '(?<url>.*?)'/).
250
- named_captures.fetch("url")
249
+ if error.message.match?(FAILED_GIT_CLONE_WITH_MIRROR)
250
+ dependency_url = error.message.match(FAILED_GIT_CLONE_WITH_MIRROR).named_captures.fetch("url")
251
251
  raise Dependabot::GitDependenciesNotReachable, dependency_url
252
- elsif error.message.start_with?("Failed to clone")
253
- dependency_url =
254
- error.message.match(/Failed to clone (?<url>.*?) via/).
255
- named_captures.fetch("url")
252
+ elsif error.message.match?(FAILED_GIT_CLONE)
253
+ dependency_url = error.message.match(FAILED_GIT_CLONE).named_captures.fetch("url")
256
254
  raise Dependabot::GitDependenciesNotReachable, dependency_url
257
255
  elsif unresolvable_error?(error)
258
256
  raise Dependabot::DependencyFileNotResolvable, sanitized_message
@@ -304,13 +302,10 @@ module Dependabot
304
302
  nil
305
303
  elsif error.message.include?("URL required authentication") ||
306
304
  error.message.include?("403 Forbidden")
307
- source =
308
- error.message.match(%r{https?://(?<source>[^/]+)/}).
309
- named_captures.fetch("source")
305
+ source = error.message.match(%r{https?://(?<source>[^/]+)/}).named_captures.fetch("source")
310
306
  raise Dependabot::PrivateSourceAuthenticationFailure, source
311
307
  elsif error.message.match?(SOURCE_TIMED_OUT_REGEX)
312
- url = error.message.match(SOURCE_TIMED_OUT_REGEX).
313
- named_captures.fetch("url")
308
+ url = error.message.match(SOURCE_TIMED_OUT_REGEX).named_captures.fetch("url")
314
309
  raise if url.include?("packagist.org")
315
310
 
316
311
  source = url.gsub(%r{/packages.json$}, "")
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-composer
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.148.7
4
+ version: 0.149.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-05-25 00:00:00.000000000 Z
11
+ date: 2021-05-27 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.148.7
19
+ version: 0.149.1
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.148.7
26
+ version: 0.149.1
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement