dependabot-composer 0.216.2 → 0.218.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/helpers/v1/composer.lock +5 -5
  3. data/helpers/v1/src/UpdateChecker.php +3 -3
  4. data/helpers/v2/composer.lock +5 -5
  5. data/helpers/v2/src/UpdateChecker.php +3 -3
  6. data/lib/dependabot/composer/update_checker/requirements_updater.rb +2 -1
  7. data/lib/dependabot/composer/update_checker.rb +4 -0
  8. metadata +6 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 43f186a7bfae794013122c8d8a9342da38aee33841bdee313ee744ae11420752
4
- data.tar.gz: 60716448db3ce3aaaabc08d5100d9cf01a546e4b1d042be56ad693cbff497dcf
3
+ metadata.gz: 8537cebd27bab72fa0b41db995090924622a83190146d6af26dcd46f1cccec10
4
+ data.tar.gz: 0df46b3b3bdfea3575a0486dfd0e92d0732963e2cf8c95e2b5dde16cda036b42
5
5
  SHA512:
6
- metadata.gz: aa68bbd4eface56834d3dfc19235f9f7760a840d76e659063191c9c60cf94def3dc798f4d37b9a6ac8e3571b5671ee354f521ec8dcd3e1c27040e2d38fdb7d94
7
- data.tar.gz: 846a76a85fbff4569d094b12525444e1d398933d3ec15099f558eb03bccf63ee1f27eef4b2f2a9786e732aab74bc82063d2623a76bfd553d89a883683b4c306e
6
+ metadata.gz: 5493362d779c9a162749d7bcb3909c3fa43012d331084717ac806a0ef57ec8f07329336cf51c41c63667ee21b2d955266af2b9c18ae43d27ac81af32d5482c3a
7
+ data.tar.gz: 1af6c13d9f8918070b55850530a951893f0176a7d1ef33415b640f960bc58d7ae312e3b820597a869fc51c47a3cb0c089009fd6a0f7564e442e81d964cbbd8f0
data/helpers/v1/composer.lock CHANGED
@@ -1920,16 +1920,16 @@
1920
1920
  },
1921
1921
  {
1922
1922
  "name": "phpstan/phpstan",
1923
- "version": "1.10.13",
1923
+ "version": "1.10.14",
1924
1924
  "source": {
1925
1925
  "type": "git",
1926
1926
  "url": "https://github.com/phpstan/phpstan.git",
1927
- "reference": "f07bf8c6980b81bf9e49d44bd0caf2e737614a70"
1927
+ "reference": "d232901b09e67538e5c86a724be841bea5768a7c"
1928
1928
  },
1929
1929
  "dist": {
1930
1930
  "type": "zip",
1931
- "url": "https://api.github.com/repos/phpstan/phpstan/zipball/f07bf8c6980b81bf9e49d44bd0caf2e737614a70",
1932
- "reference": "f07bf8c6980b81bf9e49d44bd0caf2e737614a70",
1931
+ "url": "https://api.github.com/repos/phpstan/phpstan/zipball/d232901b09e67538e5c86a724be841bea5768a7c",
1932
+ "reference": "d232901b09e67538e5c86a724be841bea5768a7c",
1933
1933
  "shasum": ""
1934
1934
  },
1935
1935
  "require": {
@@ -1971,7 +1971,7 @@
1971
1971
  "type": "tidelift"
1972
1972
  }
1973
1973
  ],
1974
- "time": "2023-04-12T19:29:52+00:00"
1974
+ "time": "2023-04-19T13:47:27+00:00"
1975
1975
  },
1976
1976
  {
1977
1977
  "name": "psr/cache",
data/helpers/v1/src/UpdateChecker.php CHANGED
@@ -82,7 +82,7 @@ final class UpdateChecker
82
82
 
83
83
  // We found the package in the list of updated packages. Return its version.
84
84
  if ($updatedPackage instanceof PackageInterface) {
85
- return preg_replace('/^([v])/', '', $updatedPackage->getPrettyVersion());
85
+ return ltrim($updatedPackage->getPrettyVersion(), 'v');
86
86
  }
87
87
 
88
88
  // We didn't find the package in the list of updated packages. Check if
@@ -104,14 +104,14 @@ final class UpdateChecker
104
104
  // Similarly, check if the package was provided by any other package.
105
105
  foreach ($composer->getPackage()->getProvides() as $link) {
106
106
  if ($link->getTarget() === $dependencyName) {
107
- return preg_replace('/^([v])/', '', $link->getPrettyConstraint());
107
+ return ltrim($link->getPrettyConstraint(), 'v');
108
108
  }
109
109
  }
110
110
 
111
111
  foreach ($installedPackages as $package) {
112
112
  foreach ($package->getProvides() as $link) {
113
113
  if ($link->getTarget() === $dependencyName) {
114
- return preg_replace('/^([v])/', '', $link->getPrettyConstraint());
114
+ return ltrim($link->getPrettyConstraint(), 'v');
115
115
  }
116
116
  }
117
117
  }
data/helpers/v2/composer.lock CHANGED
@@ -2444,16 +2444,16 @@
2444
2444
  },
2445
2445
  {
2446
2446
  "name": "phpstan/phpstan",
2447
- "version": "1.10.13",
2447
+ "version": "1.10.14",
2448
2448
  "source": {
2449
2449
  "type": "git",
2450
2450
  "url": "https://github.com/phpstan/phpstan.git",
2451
- "reference": "f07bf8c6980b81bf9e49d44bd0caf2e737614a70"
2451
+ "reference": "d232901b09e67538e5c86a724be841bea5768a7c"
2452
2452
  },
2453
2453
  "dist": {
2454
2454
  "type": "zip",
2455
- "url": "https://api.github.com/repos/phpstan/phpstan/zipball/f07bf8c6980b81bf9e49d44bd0caf2e737614a70",
2456
- "reference": "f07bf8c6980b81bf9e49d44bd0caf2e737614a70",
2455
+ "url": "https://api.github.com/repos/phpstan/phpstan/zipball/d232901b09e67538e5c86a724be841bea5768a7c",
2456
+ "reference": "d232901b09e67538e5c86a724be841bea5768a7c",
2457
2457
  "shasum": ""
2458
2458
  },
2459
2459
  "require": {
@@ -2502,7 +2502,7 @@
2502
2502
  "type": "tidelift"
2503
2503
  }
2504
2504
  ],
2505
- "time": "2023-04-12T19:29:52+00:00"
2505
+ "time": "2023-04-19T13:47:27+00:00"
2506
2506
  },
2507
2507
  {
2508
2508
  "name": "psr/cache",
data/helpers/v2/src/UpdateChecker.php CHANGED
@@ -88,7 +88,7 @@ final class UpdateChecker
88
88
 
89
89
  // We found the package in the list of updated packages. Return its version.
90
90
  if ($updatedPackage instanceof PackageInterface) {
91
- return preg_replace('/^([v])/', '', $updatedPackage->getPrettyVersion());
91
+ return ltrim($updatedPackage->getPrettyVersion(), 'v');
92
92
  }
93
93
 
94
94
  // We didn't find the package in the list of updated packages. Check if
@@ -110,14 +110,14 @@ final class UpdateChecker
110
110
  // Similarly, check if the package was provided by any other package.
111
111
  foreach ($composer->getPackage()->getProvides() as $link) {
112
112
  if ($link->getTarget() === $dependencyName) {
113
- return preg_replace('/^([v])/', '', $link->getPrettyConstraint());
113
+ return ltrim($link->getPrettyConstraint(), 'v');
114
114
  }
115
115
  }
116
116
 
117
117
  foreach ($installedPackages as $package) {
118
118
  foreach ($package->getProvides() as $link) {
119
119
  if ($link->getTarget() === $dependencyName) {
120
- return preg_replace('/^([v])/', '', $link->getPrettyConstraint());
120
+ return ltrim($link->getPrettyConstraint(), 'v');
121
121
  }
122
122
  }
123
123
  }
data/lib/dependabot/composer/update_checker/requirements_updater.rb CHANGED
@@ -19,7 +19,7 @@ module Dependabot
19
19
  OR_SEPARATOR = /(?<=[a-zA-Z0-9*])[\s,]*\|\|?\s*/
20
20
  SEPARATOR = /(?:#{AND_SEPARATOR})|(?:#{OR_SEPARATOR})/
21
21
  ALLOWED_UPDATE_STRATEGIES =
22
- %i(widen_ranges bump_versions bump_versions_if_necessary).freeze
22
+ %i(lockfile_only widen_ranges bump_versions bump_versions_if_necessary).freeze
23
23
 
24
24
  def initialize(requirements:, update_strategy:,
25
25
  latest_resolvable_version:)
@@ -35,6 +35,7 @@ module Dependabot
35
35
  end
36
36
 
37
37
  def updated_requirements
38
+ return requirements if update_strategy == :lockfile_only
38
39
  return requirements unless latest_resolvable_version
39
40
 
40
41
  requirements.map { |req| updated_requirement(req) }
data/lib/dependabot/composer/update_checker.rb CHANGED
@@ -68,6 +68,10 @@ module Dependabot
68
68
  ).updated_requirements
69
69
  end
70
70
 
71
+ def requirements_unlocked_or_can_be?
72
+ requirements_update_strategy != :lockfile_only
73
+ end
74
+
71
75
  def requirements_update_strategy
72
76
  # If passed in as an option (in the base class) honour that option
73
77
  return @requirements_update_strategy.to_sym if @requirements_update_strategy
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-composer
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.216.2
4
+ version: 0.218.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-04-20 00:00:00.000000000 Z
11
+ date: 2023-05-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.216.2
19
+ version: 0.218.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.216.2
26
+ version: 0.218.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -257,8 +257,8 @@ homepage: https://github.com/dependabot/dependabot-core
257
257
  licenses:
258
258
  - Nonstandard
259
259
  metadata:
260
- issue_tracker_uri: https://github.com/dependabot/dependabot-core/issues
261
- changelog_uri: https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG.md
260
+ bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
261
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.218.0
262
262
  post_install_message:
263
263
  rdoc_options: []
264
264
  require_paths: