dependabot-composer 0.262.0 → 0.263.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/helpers/v2/src/UpdateChecker.php +2 -16
  3. data/lib/dependabot/composer/update_checker/requirements_updater.rb +1 -1
  4. data/lib/dependabot/composer/update_checker/version_resolver.rb +1 -2
  5. data/lib/dependabot/composer/update_checker.rb +1 -1
  6. metadata +5 -5
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: cef627bd53c4b51bad2f11380088be6de740186425f3e0789a59bb2984fa116d
4
- data.tar.gz: 8c3c28b458966d465b562bbe54bedeec36c620eabe957be6ce509578b3b1aa6e
3
+ metadata.gz: cc1b677773598233bd12f90869d359813e98b093a1d336650a9ce89f0634d6f8
4
+ data.tar.gz: 94e9eb154525ec00a398ab2b5dada42fbc4d2b4204e73181c2b68b593d4c665a
5
5
  SHA512:
6
- metadata.gz: 047460f1a9404841034df7d2ff0dacb32d81ac71dc4bd8b562c69c44e62ffcede7804345770dc2f0652be74f0a80418a8b4c647ff128d05675bfad53556ee5da
7
- data.tar.gz: 2f5c24197c84632f64fc749de6d7350281ada80ad98d31730f98d70352ab6db4fcfac57a7070ef0669643d9ff0fd447ea29c8c2bdb0b4b48800e3a276013cdb3
6
+ metadata.gz: 719cc3d71298c92113f891f42d237c91e0868805d6d333c7c3752e1dfaba059b1e339dfc0196dc82e4e4f5b0febf277d8d9474f60e24ce70ed91402a917836b8
7
+ data.tar.gz: 8532ee672a1006ce3c8931872f9fec108a7da83446d0e0ac945ed3d70970180699ccfe6cd54088eb401373a460b9ad9516b4489c28e6b3b4c2484eafcef59044
data/helpers/v2/src/UpdateChecker.php CHANGED
@@ -8,15 +8,13 @@ use Composer\DependencyResolver\Request;
8
8
  use Composer\Factory;
9
9
  use Composer\Filter\PlatformRequirementFilter\PlatformRequirementFilterFactory;
10
10
  use Composer\Installer;
11
- use Composer\Package\Link;
12
11
  use Composer\Package\PackageInterface;
13
- use Composer\Package\Version\VersionParser;
14
12
 
15
13
  final class UpdateChecker
16
14
  {
17
15
  public static function getLatestResolvableVersion(array $args): ?string
18
16
  {
19
- [$workingDirectory, $dependencyName, $gitCredentials, $registryCredentials, $latestAllowableVersion] = $args;
17
+ [$workingDirectory, $dependencyName, $gitCredentials, $registryCredentials] = $args;
20
18
 
21
19
  $httpBasicCredentials = [];
22
20
 
@@ -50,22 +48,10 @@ final class UpdateChecker
50
48
  $io->loadConfiguration($config);
51
49
  }
52
50
 
53
- $package = $composer->getPackage();
54
-
55
- $versionParser = new VersionParser();
56
-
57
- $constraint = $versionParser->parseConstraints($latestAllowableVersion); // your version constraint
58
- $packageLink = new Link($package->getName(), $dependencyName, $constraint);
59
-
60
- $requires = $package->getRequires();
61
- $requires[$dependencyName] = $packageLink;
62
-
63
- $package->setRequires($requires);
64
-
65
51
  $install = new Installer(
66
52
  $io,
67
53
  $config,
68
- $package, // @phpstan-ignore-line
54
+ $composer->getPackage(), // @phpstan-ignore-line
69
55
  $composer->getDownloadManager(),
70
56
  $composer->getRepositoryManager(),
71
57
  $composer->getLocker(),
data/lib/dependabot/composer/update_checker/requirements_updater.rb CHANGED
@@ -48,7 +48,7 @@ module Dependabot
48
48
  end
49
49
 
50
50
  def updated_requirements
51
- return requirements if update_strategy == RequirementsUpdateStrategy::LockfileOnly
51
+ return requirements if update_strategy.lockfile_only?
52
52
  return requirements unless latest_resolvable_version
53
53
 
54
54
  requirements.map { |req| updated_requirement(req) }
data/lib/dependabot/composer/update_checker/version_resolver.rb CHANGED
@@ -148,8 +148,7 @@ module Dependabot
148
148
  Dir.pwd,
149
149
  dependency.name.downcase,
150
150
  git_credentials,
151
- registry_credentials,
152
- @latest_allowable_version.to_s
151
+ registry_credentials
153
152
  ]
154
153
  )
155
154
  end
data/lib/dependabot/composer/update_checker.rb CHANGED
@@ -72,7 +72,7 @@ module Dependabot
72
72
  end
73
73
 
74
74
  def requirements_unlocked_or_can_be?
75
- requirements_update_strategy != RequirementsUpdateStrategy::LockfileOnly
75
+ !requirements_update_strategy.lockfile_only?
76
76
  end
77
77
 
78
78
  def requirements_update_strategy
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-composer
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.262.0
4
+ version: 0.263.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-06-20 00:00:00.000000000 Z
11
+ date: 2024-06-27 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.262.0
19
+ version: 0.263.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.262.0
26
+ version: 0.263.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -286,7 +286,7 @@ licenses:
286
286
  - MIT
287
287
  metadata:
288
288
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
289
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.262.0
289
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.263.0
290
290
  post_install_message:
291
291
  rdoc_options: []
292
292
  require_paths: