dependabot-composer 0.293.0 → 0.294.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/composer/file_updater.rb +15 -6
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4f30f0782de230703a63f19bd2b1e4388d7b1324fa839c560339b549a7e3909e
|
|
4
|
+
data.tar.gz: be53992037a356dec982399fbd7f7675161ba7e2f8cd2988c75fe8a2e275d744
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: '0369213b2a744990438aedf4c92ec02b78d9b9067962598f508a8e349a14430588fd37a1ee0124bd18cb9a99b724cfb27f6f33bb8feeaa9e2bddaf8d17f73b6b'
|
|
7
|
+
data.tar.gz: 0eef23954c97ac778b27c02024ddeeaca3a946836ce4a1eed58b78359edfacb9759f4eb5ec576aaf12cd175a960acba14a1f2ce590170bc418dc61c3bc5e260a
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# typed:
|
|
1
|
+
# typed: strict
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require "dependabot/file_updaters"
|
|
@@ -12,6 +12,7 @@ module Dependabot
|
|
|
12
12
|
require_relative "file_updater/manifest_updater"
|
|
13
13
|
require_relative "file_updater/lockfile_updater"
|
|
14
14
|
|
|
15
|
+
sig { override.returns(T::Array[Regexp]) }
|
|
15
16
|
def self.updated_files_regex
|
|
16
17
|
[
|
|
17
18
|
/^composer\.json$/,
|
|
@@ -19,20 +20,21 @@ module Dependabot
|
|
|
19
20
|
]
|
|
20
21
|
end
|
|
21
22
|
|
|
23
|
+
sig { override.returns(T::Array[Dependabot::DependencyFile]) }
|
|
22
24
|
def updated_dependency_files
|
|
23
25
|
updated_files = []
|
|
24
26
|
|
|
25
|
-
if file_changed?(composer_json)
|
|
27
|
+
if file_changed?(T.must(composer_json))
|
|
26
28
|
updated_files <<
|
|
27
29
|
updated_file(
|
|
28
|
-
file: composer_json,
|
|
30
|
+
file: T.must(composer_json),
|
|
29
31
|
content: updated_composer_json_content
|
|
30
32
|
)
|
|
31
33
|
end
|
|
32
34
|
|
|
33
35
|
if lockfile
|
|
34
36
|
updated_files <<
|
|
35
|
-
updated_file(file: lockfile, content: updated_lockfile_content)
|
|
37
|
+
updated_file(file: T.must(lockfile), content: updated_lockfile_content)
|
|
36
38
|
end
|
|
37
39
|
|
|
38
40
|
if updated_files.none? ||
|
|
@@ -45,10 +47,12 @@ module Dependabot
|
|
|
45
47
|
|
|
46
48
|
private
|
|
47
49
|
|
|
50
|
+
sig { override.void }
|
|
48
51
|
def check_required_files
|
|
49
52
|
raise "No #{PackageManager::MANIFEST_FILENAME}!" unless get_original_file(PackageManager::MANIFEST_FILENAME)
|
|
50
53
|
end
|
|
51
54
|
|
|
55
|
+
sig { returns(String) }
|
|
52
56
|
def updated_composer_json_content
|
|
53
57
|
ManifestUpdater.new(
|
|
54
58
|
dependencies: dependencies,
|
|
@@ -56,7 +60,9 @@ module Dependabot
|
|
|
56
60
|
).updated_manifest_content
|
|
57
61
|
end
|
|
58
62
|
|
|
63
|
+
sig { returns(String) }
|
|
59
64
|
def updated_lockfile_content
|
|
65
|
+
@updated_lockfile_content = T.let(@updated_lockfile_content, T.nilable(String))
|
|
60
66
|
@updated_lockfile_content ||=
|
|
61
67
|
LockfileUpdater.new(
|
|
62
68
|
dependencies: dependencies,
|
|
@@ -65,12 +71,15 @@ module Dependabot
|
|
|
65
71
|
).updated_lockfile_content
|
|
66
72
|
end
|
|
67
73
|
|
|
74
|
+
sig { returns(T.nilable(Dependabot::DependencyFile)) }
|
|
68
75
|
def composer_json
|
|
69
|
-
@composer_json ||= get_original_file(PackageManager::MANIFEST_FILENAME)
|
|
76
|
+
@composer_json ||= T.let(get_original_file(PackageManager::MANIFEST_FILENAME),
|
|
77
|
+
T.nilable(Dependabot::DependencyFile))
|
|
70
78
|
end
|
|
71
79
|
|
|
80
|
+
sig { returns(T.nilable(Dependabot::DependencyFile)) }
|
|
72
81
|
def lockfile
|
|
73
|
-
@lockfile ||= get_original_file(PackageManager::LOCKFILE_FILENAME)
|
|
82
|
+
@lockfile ||= T.let(get_original_file(PackageManager::LOCKFILE_FILENAME), T.nilable(Dependabot::DependencyFile))
|
|
74
83
|
end
|
|
75
84
|
end
|
|
76
85
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-composer
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.294.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2025-01-
|
|
11
|
+
date: 2025-01-23 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.294.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.294.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -280,7 +280,7 @@ licenses:
|
|
|
280
280
|
- MIT
|
|
281
281
|
metadata:
|
|
282
282
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
283
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
283
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.294.0
|
|
284
284
|
post_install_message:
|
|
285
285
|
rdoc_options: []
|
|
286
286
|
require_paths:
|