dependabot-composer 0.89.1 → 0.89.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/composer/update_checker.rb +9 -2
  3. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 47917f5068a3c0d5907764e55e88d0b148da333e2d8d41ae0c41461e141ea231
4
- data.tar.gz: 5f4b028157a7dfc1ace17784270019799414c3d16a6cd21602058449d44283a8
3
+ metadata.gz: 4d56ba1e964df591bab10e7c5ac41428ce3f1f2ab1bb18a695b6965814655db0
4
+ data.tar.gz: fafd410e53e9426bfe00f22814f39f1fb4a15f743a5002fb28e546dd56416250
5
5
  SHA512:
6
- metadata.gz: b6bcdc1b770d9a459a74b114ddeed36e54a86ce3852520b3dcd3a2c7ca9621fe70b1e17a31b400e1a9684069e4f087cfba6f2a33cbf9da800706a5f70b82c0b7
7
- data.tar.gz: e1a7ddcec981adcdd457d2e5bd32d4b11b8c988f27ab2b653bfa31d878a01a5b8231d8f881eab30315679b61516913e88db61de3ae2f26c83fd3e4ba384bbe74
6
+ metadata.gz: f13fceb9ca7a42c458949a3887c81bb5e575c9e214e092f09887b80e0c51f1dae6fae662e919d2e0cf55c0349ac33fd202ceaadbe615c5ecd1224e900c8558ad
7
+ data.tar.gz: 450246dd53b40086a12da77316ddf91a15bc8c89e0a350ce2211d7fba700a3cfb1e9177bbfe6d3c33b255ff4976a35809cd83de7a7f165b75f09cc82773ae6ed
data/lib/dependabot/composer/update_checker.rb CHANGED
@@ -149,6 +149,12 @@ module Dependabot
149
149
  **SharedHelpers.excon_defaults
150
150
  )
151
151
 
152
+ parse_registry_response(response, url)
153
+ rescue Excon::Error::Socket, Excon::Error::Timeout
154
+ []
155
+ end
156
+
157
+ def parse_registry_response(response, url)
152
158
  return [] unless response.status == 200
153
159
 
154
160
  listing = JSON.parse(response.body)
@@ -157,8 +163,9 @@ module Dependabot
157
163
  return [] unless listing.dig("packages", dependency.name.downcase)
158
164
 
159
165
  listing.dig("packages", dependency.name.downcase).keys
160
- rescue Excon::Error::Socket, Excon::Error::Timeout
161
- []
166
+ rescue JSON::ParserError
167
+ msg = "'#{url}' does not contain valid JSON"
168
+ raise DependencyFileNotResolvable, msg
162
169
  end
163
170
 
164
171
  def library?
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-composer
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.89.1
4
+ version: 0.89.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.89.1
19
+ version: 0.89.2
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.89.1
26
+ version: 0.89.2
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement