dependabot-composer 0.291.0 → 0.293.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/helpers/v1/build +34 -0
- data/helpers/v1/composer.json +26 -0
- data/helpers/v1/composer.lock +2649 -0
- data/helpers/v1/src/UpdateChecker.php +129 -0
- data/helpers/v2/composer.json +2 -2
- data/helpers/v2/composer.lock +442 -812
- data/lib/dependabot/composer/file_parser.rb +3 -2
- data/lib/dependabot/composer/file_updater/lockfile_updater.rb +0 -8
- data/lib/dependabot/composer/language.rb +3 -5
- data/lib/dependabot/composer/package_manager.rb +12 -6
- data/lib/dependabot/composer/update_checker/version_resolver.rb +0 -1
- metadata +10 -6
|
@@ -59,11 +59,12 @@ module Dependabot
|
|
|
59
59
|
def package_manager
|
|
60
60
|
if composer_version == Helpers::V1
|
|
61
61
|
return PackageManager.new(
|
|
62
|
-
composer_version
|
|
62
|
+
detected_version: composer_version
|
|
63
63
|
)
|
|
64
64
|
end
|
|
65
65
|
PackageManager.new(
|
|
66
|
-
|
|
66
|
+
detected_version: composer_version,
|
|
67
|
+
raw_version: env_versions[:composer]
|
|
67
68
|
)
|
|
68
69
|
end
|
|
69
70
|
|
|
@@ -204,14 +204,6 @@ module Dependabot
|
|
|
204
204
|
raise PrivateSourceAuthenticationFailure, source
|
|
205
205
|
end
|
|
206
206
|
|
|
207
|
-
# NOTE: This error is raised by composer v1
|
|
208
|
-
if error.message.include?("Argument 1 passed to Composer")
|
|
209
|
-
msg = "One of your Composer plugins is not compatible with the " \
|
|
210
|
-
"latest version of Composer. Please update Composer and " \
|
|
211
|
-
"try running `composer update` to debug further."
|
|
212
|
-
raise DependencyFileNotResolvable, msg
|
|
213
|
-
end
|
|
214
|
-
|
|
215
207
|
# NOTE: This error is raised by composer v2 and includes helpful
|
|
216
208
|
# information about which plugins or dependencies are not compatible
|
|
217
209
|
if error.message.include?("Your requirements could not be resolved")
|
|
@@ -16,11 +16,9 @@ module Dependabot
|
|
|
16
16
|
sig { params(raw_version: String, requirement: T.nilable(Requirement)).void }
|
|
17
17
|
def initialize(raw_version, requirement: nil)
|
|
18
18
|
super(
|
|
19
|
-
NAME,
|
|
20
|
-
Version.new(raw_version),
|
|
21
|
-
|
|
22
|
-
[],
|
|
23
|
-
requirement
|
|
19
|
+
name: NAME,
|
|
20
|
+
version: Version.new(raw_version),
|
|
21
|
+
requirement: requirement
|
|
24
22
|
)
|
|
25
23
|
end
|
|
26
24
|
|
|
@@ -33,13 +33,19 @@ module Dependabot
|
|
|
33
33
|
# DEPRECATED_COMPOSER_VERSIONS = T.let([Version.new("1")].freeze, T::Array[Dependabot::Version])
|
|
34
34
|
DEPRECATED_COMPOSER_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
|
|
35
35
|
|
|
36
|
-
sig
|
|
37
|
-
|
|
36
|
+
sig do
|
|
37
|
+
params(
|
|
38
|
+
detected_version: String,
|
|
39
|
+
raw_version: T.nilable(String)
|
|
40
|
+
).void
|
|
41
|
+
end
|
|
42
|
+
def initialize(detected_version:, raw_version: nil)
|
|
38
43
|
super(
|
|
39
|
-
NAME,
|
|
40
|
-
Version.new(
|
|
41
|
-
|
|
42
|
-
|
|
44
|
+
name: NAME,
|
|
45
|
+
detected_version: Version.new(detected_version),
|
|
46
|
+
version: raw_version ? Version.new(raw_version) : nil,
|
|
47
|
+
deprecated_versions: DEPRECATED_COMPOSER_VERSIONS,
|
|
48
|
+
supported_versions: SUPPORTED_COMPOSER_VERSIONS
|
|
43
49
|
)
|
|
44
50
|
end
|
|
45
51
|
end
|
|
@@ -34,7 +34,6 @@ module Dependabot
|
|
|
34
34
|
MISSING_IMPLICIT_PLATFORM_REQ_REGEX =
|
|
35
35
|
%r{
|
|
36
36
|
(?<!with|for|by)\sext\-[^\s\/]+\s.*?\s(?=->)|
|
|
37
|
-
(?<=requires\s)php(?:\-[^\s\/]+)?\s.*?\s(?=->)| # composer v1
|
|
38
37
|
(?<=require\s)php(?:\-[^\s\/]+)?\s.*?\s(?=->) # composer v2
|
|
39
38
|
}x
|
|
40
39
|
VERSION_REGEX = /[0-9]+(?:\.[A-Za-z0-9\-_]+)*/
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-composer
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.293.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2025-01-16 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.293.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.293.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -242,6 +242,10 @@ executables: []
|
|
|
242
242
|
extensions: []
|
|
243
243
|
extra_rdoc_files: []
|
|
244
244
|
files:
|
|
245
|
+
- helpers/v1/build
|
|
246
|
+
- helpers/v1/composer.json
|
|
247
|
+
- helpers/v1/composer.lock
|
|
248
|
+
- helpers/v1/src/UpdateChecker.php
|
|
245
249
|
- helpers/v2/.php-cs-fixer.php
|
|
246
250
|
- helpers/v2/bin/run
|
|
247
251
|
- helpers/v2/build
|
|
@@ -276,7 +280,7 @@ licenses:
|
|
|
276
280
|
- MIT
|
|
277
281
|
metadata:
|
|
278
282
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
279
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
283
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.293.0
|
|
280
284
|
post_install_message:
|
|
281
285
|
rdoc_options: []
|
|
282
286
|
require_paths:
|
|
@@ -292,7 +296,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
292
296
|
- !ruby/object:Gem::Version
|
|
293
297
|
version: 3.1.0
|
|
294
298
|
requirements: []
|
|
295
|
-
rubygems_version: 3.5.
|
|
299
|
+
rubygems_version: 3.5.22
|
|
296
300
|
signing_key:
|
|
297
301
|
specification_version: 4
|
|
298
302
|
summary: Provides Dependabot support for PHP (composer)
|