dependabot-composer 0.292.0 → 0.294.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/helpers/v1/build +34 -0
- data/helpers/v1/composer.json +26 -0
- data/helpers/v1/composer.lock +2649 -0
- data/helpers/v1/src/UpdateChecker.php +129 -0
- data/helpers/v2/composer.json +1 -1
- data/helpers/v2/composer.lock +436 -806
- data/lib/dependabot/composer/file_updater.rb +15 -6
- metadata +9 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4f30f0782de230703a63f19bd2b1e4388d7b1324fa839c560339b549a7e3909e
|
|
4
|
+
data.tar.gz: be53992037a356dec982399fbd7f7675161ba7e2f8cd2988c75fe8a2e275d744
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: '0369213b2a744990438aedf4c92ec02b78d9b9067962598f508a8e349a14430588fd37a1ee0124bd18cb9a99b724cfb27f6f33bb8feeaa9e2bddaf8d17f73b6b'
|
|
7
|
+
data.tar.gz: 0eef23954c97ac778b27c02024ddeeaca3a946836ce4a1eed58b78359edfacb9759f4eb5ec576aaf12cd175a960acba14a1f2ce590170bc418dc61c3bc5e260a
|
data/helpers/v1/build
ADDED
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
#!/bin/bash
|
|
2
|
+
|
|
3
|
+
set -e
|
|
4
|
+
|
|
5
|
+
if [ -z "$DEPENDABOT_NATIVE_HELPERS_PATH" ]; then
|
|
6
|
+
echo "Unable to build, DEPENDABOT_NATIVE_HELPERS_PATH is not set"
|
|
7
|
+
exit 1
|
|
8
|
+
fi
|
|
9
|
+
|
|
10
|
+
install_dir="$DEPENDABOT_NATIVE_HELPERS_PATH/composer/v1"
|
|
11
|
+
mkdir -p "$install_dir"
|
|
12
|
+
|
|
13
|
+
helpers_dir="$(dirname "${BASH_SOURCE[0]}")"
|
|
14
|
+
cp -r \
|
|
15
|
+
"$helpers_dir/bin" \
|
|
16
|
+
"$helpers_dir/src" \
|
|
17
|
+
"$helpers_dir/.php-cs-fixer.dist.php" \
|
|
18
|
+
"$helpers_dir/composer.json" \
|
|
19
|
+
"$helpers_dir/composer.lock" \
|
|
20
|
+
"$helpers_dir/phpstan.dist.neon" \
|
|
21
|
+
"$install_dir"
|
|
22
|
+
|
|
23
|
+
cd "$install_dir"
|
|
24
|
+
|
|
25
|
+
composer1 validate --no-check-publish
|
|
26
|
+
composer1 install
|
|
27
|
+
# php-cs-fixer 3.15 added support for PHP 8.2, but also requires composer/semver ^3.3, which conflicts with composer1.
|
|
28
|
+
# So the older version of php-cs-fixer errors that it doesn't know about PHP 8.2 syntax which breaks the build.
|
|
29
|
+
# So PHP_CS_FIXER_IGNORE_ENV disables that error until we get around to deprecating composer 1 support.
|
|
30
|
+
PHP_CS_FIXER_IGNORE_ENV=true composer1 run lint -- --dry-run
|
|
31
|
+
composer1 run stan
|
|
32
|
+
|
|
33
|
+
# Composer caches source zips and repo metadata, none of which is useful. Save space in this layer
|
|
34
|
+
rm -Rf ~/.composer/cache
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "dependabot/composer-v1-helper",
|
|
3
|
+
"description": "A helper package for Dependabot to perform updates using Composer",
|
|
4
|
+
"license": "The Prosperity Public License 2.0.0",
|
|
5
|
+
"require": {
|
|
6
|
+
"php": "^8.2",
|
|
7
|
+
"ext-json": "*",
|
|
8
|
+
"composer/composer": "^1"
|
|
9
|
+
},
|
|
10
|
+
"require-dev": {
|
|
11
|
+
"friendsofphp/php-cs-fixer": "^2.9",
|
|
12
|
+
"phpstan/phpstan": "~1.10.3"
|
|
13
|
+
},
|
|
14
|
+
"autoload": {
|
|
15
|
+
"psr-4": {
|
|
16
|
+
"Dependabot\\Composer\\": "src/"
|
|
17
|
+
}
|
|
18
|
+
},
|
|
19
|
+
"scripts": {
|
|
20
|
+
"lint": "php-cs-fixer fix --diff --verbose",
|
|
21
|
+
"stan": "phpstan analyse"
|
|
22
|
+
},
|
|
23
|
+
"config": {
|
|
24
|
+
"sort-packages": true
|
|
25
|
+
}
|
|
26
|
+
}
|