dependabot-composer 0.282.0 → 0.284.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/composer/file_parser.rb +14 -3
- data/lib/dependabot/composer/package_manager.rb +13 -22
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ad969271d547cae9e3c61478cd18bfcfb1d929fc33cedb36797c86f7763cfffa
|
|
4
|
+
data.tar.gz: 358b50f002d51effcacfa7dcdc5743a66f2a7f5b7e60c319191e6d84ac364c45
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: bc855cfb10f61f18f3819a4bf5f8c3b30ed23812e0abb87e994537ce2f296267d70c0378b2e1901a6258b1d5c6ab131432612af07870d959d7913df0b3225179
|
|
7
|
+
data.tar.gz: c4cb94ed6706c3417508bbcfd6918efa1b5d18c02b814ea1726111a76f806b4cd2cb03ee66be4f5cbdae5c02a8213a77b9ed4881f7a94436733b52f772a11791
|
|
@@ -35,13 +35,24 @@ module Dependabot
|
|
|
35
35
|
dependency_set.dependencies
|
|
36
36
|
end
|
|
37
37
|
|
|
38
|
-
sig { returns(
|
|
39
|
-
def
|
|
40
|
-
|
|
38
|
+
sig { returns(Ecosystem) }
|
|
39
|
+
def ecosystem
|
|
40
|
+
@ecosystem ||= T.let(
|
|
41
|
+
Ecosystem.new(
|
|
42
|
+
name: ECOSYSTEM,
|
|
43
|
+
package_manager: package_manager
|
|
44
|
+
),
|
|
45
|
+
T.nilable(Ecosystem)
|
|
46
|
+
)
|
|
41
47
|
end
|
|
42
48
|
|
|
43
49
|
private
|
|
44
50
|
|
|
51
|
+
sig { returns(Ecosystem::VersionManager) }
|
|
52
|
+
def package_manager
|
|
53
|
+
PackageManager.new(composer_version)
|
|
54
|
+
end
|
|
55
|
+
|
|
45
56
|
sig { returns(DependencySet) }
|
|
46
57
|
def manifest_dependencies # rubocop:disable Metrics/PerceivedComplexity
|
|
47
58
|
dependencies = T.let(DependencySet.new, DependencySet)
|
|
@@ -2,11 +2,12 @@
|
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require "sorbet-runtime"
|
|
5
|
-
require "dependabot/
|
|
5
|
+
require "dependabot/ecosystem"
|
|
6
6
|
require "dependabot/composer/version"
|
|
7
7
|
|
|
8
8
|
module Dependabot
|
|
9
9
|
module Composer
|
|
10
|
+
ECOSYSTEM = "composer"
|
|
10
11
|
PACKAGE_MANAGER = "composer"
|
|
11
12
|
|
|
12
13
|
# Keep versions in ascending order
|
|
@@ -16,29 +17,19 @@ module Dependabot
|
|
|
16
17
|
Version.new("1")
|
|
17
18
|
].freeze, T::Array[Dependabot::Version])
|
|
18
19
|
|
|
19
|
-
class PackageManager <
|
|
20
|
+
class PackageManager < Dependabot::Ecosystem::VersionManager
|
|
20
21
|
extend T::Sig
|
|
21
22
|
|
|
22
|
-
sig { params(
|
|
23
|
-
def initialize(
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
23
|
+
sig { params(raw_version: String).void }
|
|
24
|
+
def initialize(raw_version)
|
|
25
|
+
super(
|
|
26
|
+
PACKAGE_MANAGER,
|
|
27
|
+
Version.new(raw_version),
|
|
28
|
+
DEPRECATED_COMPOSER_VERSIONS,
|
|
29
|
+
SUPPORTED_COMPOSER_VERSIONS,
|
|
30
|
+
)
|
|
28
31
|
end
|
|
29
32
|
|
|
30
|
-
sig { override.returns(String) }
|
|
31
|
-
attr_reader :name
|
|
32
|
-
|
|
33
|
-
sig { override.returns(Dependabot::Version) }
|
|
34
|
-
attr_reader :version
|
|
35
|
-
|
|
36
|
-
sig { override.returns(T::Array[Dependabot::Version]) }
|
|
37
|
-
attr_reader :deprecated_versions
|
|
38
|
-
|
|
39
|
-
sig { override.returns(T::Array[Dependabot::Version]) }
|
|
40
|
-
attr_reader :supported_versions
|
|
41
|
-
|
|
42
33
|
sig { override.returns(T::Boolean) }
|
|
43
34
|
def deprecated?
|
|
44
35
|
return false if unsupported?
|
|
@@ -46,7 +37,7 @@ module Dependabot
|
|
|
46
37
|
# Check if the feature flag for Composer v1 deprecation warning is enabled.
|
|
47
38
|
return false unless Dependabot::Experiments.enabled?(:composer_v1_deprecation_warning)
|
|
48
39
|
|
|
49
|
-
|
|
40
|
+
super
|
|
50
41
|
end
|
|
51
42
|
|
|
52
43
|
sig { override.returns(T::Boolean) }
|
|
@@ -54,7 +45,7 @@ module Dependabot
|
|
|
54
45
|
# Check if the feature flag for Composer v1 unsupported error is enabled.
|
|
55
46
|
return false unless Dependabot::Experiments.enabled?(:composer_v1_unsupported_error)
|
|
56
47
|
|
|
57
|
-
|
|
48
|
+
super
|
|
58
49
|
end
|
|
59
50
|
end
|
|
60
51
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-composer
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.284.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-
|
|
11
|
+
date: 2024-11-05 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.284.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.284.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -287,7 +287,7 @@ licenses:
|
|
|
287
287
|
- MIT
|
|
288
288
|
metadata:
|
|
289
289
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
290
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
290
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.284.0
|
|
291
291
|
post_install_message:
|
|
292
292
|
rdoc_options: []
|
|
293
293
|
require_paths:
|