dependabot-composer 0.97.3 → 0.97.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/composer/file_updater/lockfile_updater.rb +3 -2
  3. data/lib/dependabot/composer/update_checker/version_resolver.rb +3 -1
  4. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 7f518a15d0bbe1186f79d8b0f1e26dc24195c74930cb8d8a430188be9d1aaf9d
4
- data.tar.gz: 1ab2fe5ac64b20c9791ecd51f193108805a36839b9d5993b7d7e474fc1e90d20
3
+ metadata.gz: 98d10e1a2af448a9547b24ec7184751733d004be993eec34b9497c5c4de2e66f
4
+ data.tar.gz: 13742a1e977d13c42af869fa1e6825c24c95663f14514574bd69272d1a6085c0
5
5
  SHA512:
6
- metadata.gz: de4f068069de952765f786a944238f60ddd80215e00d539c2424e6a3d36540b3764e1c99977a739a643f39f24efff3c90428958ddbe0259116eb5987b91d835a
7
- data.tar.gz: 5ce7d6d4ef45a379614fe8c442461ec69403edc18abf969bb48ebcff99aa2b1c5012786cfbf17fb63058c90c68b4785a01c0194099febed033e46f1d213377b0
6
+ metadata.gz: 27764b50c6eba525bcfde75e21b761ad61679585d37d76052697a999e55a6d6e5f8d25e46733d97dc7ed441f1b277f8c03d95d7137118575f983f043d9f8c68a
7
+ data.tar.gz: 2a923f00146581482ba6d497447bd9bd4f46521342c220466e1dfe54357706bb1e5e3bb24aa1fe8935bdf4108d160f0a9b02c942b80ae0e53a9aa2add378b91d
data/lib/dependabot/composer/file_updater/lockfile_updater.rb CHANGED
@@ -1,5 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
 
3
+ require "shellwords"
3
4
  require "dependabot/shared_helpers"
4
5
  require "dependabot/errors"
5
6
  require "dependabot/composer/file_updater"
@@ -52,7 +53,7 @@ module Dependabot
52
53
  def run_update_helper
53
54
  SharedHelpers.with_git_configured(credentials: credentials) do
54
55
  SharedHelpers.run_helper_subprocess(
55
- command: "php #{php_helper_path}",
56
+ command: Shellwords.join(["php", php_helper_path]),
56
57
  function: "update",
57
58
  env: credentials_env,
58
59
  args: [
@@ -223,7 +224,7 @@ module Dependabot
223
224
 
224
225
  content_hash =
225
226
  SharedHelpers.run_helper_subprocess(
226
- command: "php #{php_helper_path}",
227
+ command: Shellwords.join(["php", php_helper_path]),
227
228
  function: "get_content_hash",
228
229
  env: credentials_env,
229
230
  args: [Dir.pwd]
data/lib/dependabot/composer/update_checker/version_resolver.rb CHANGED
@@ -1,5 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
 
3
+ require "shellwords"
3
4
  require "dependabot/shared_helpers"
4
5
  require "dependabot/composer/update_checker"
5
6
  require "dependabot/composer/version"
@@ -64,8 +65,9 @@ module Dependabot
64
65
 
65
66
  def run_update_checker
66
67
  SharedHelpers.with_git_configured(credentials: credentials) do
68
+ cmd_parts = ["php", "-d", "memory_limit=-1", php_helper_path]
67
69
  SharedHelpers.run_helper_subprocess(
68
- command: "php -d memory_limit=-1 #{php_helper_path}",
70
+ command: Shellwords.join(cmd_parts),
69
71
  function: "get_latest_resolvable_version",
70
72
  args: [
71
73
  Dir.pwd,
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-composer
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.97.3
4
+ version: 0.97.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-03-10 00:00:00.000000000 Z
11
+ date: 2019-03-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.97.3
19
+ version: 0.97.4
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.97.3
26
+ version: 0.97.4
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement