dependabot-composer 0.111.21 → 0.111.22
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b49add2188a910860cf1d9553ea2b989367516d32ade7f2720de3548c08d16f1
|
|
4
|
+
data.tar.gz: 1d659ec8d7e06833d765e3d34faca38dfa3cde2d58a9e7216dd69e1dab1d7981
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: bc7dd463e367b57b036ef5873ea0dd6085065784285616bb2a7d73749f8f9c3235b032ad9b34098fb2705306fe107753a376a2d642aa192bc7db7f9c288e29bd
|
|
7
|
+
data.tar.gz: 3adb07ffc095e7da30e3f7e7a0e41ebc5a1caf14857dd048d8750e45be5e9c20869f6949dc27bed0a4628121cdedbf758c03df49f04031957fabaa7996b2dec7
|
|
@@ -302,9 +302,11 @@ module Dependabot
|
|
|
302
302
|
end
|
|
303
303
|
|
|
304
304
|
def version_for_reqs(requirements)
|
|
305
|
-
|
|
305
|
+
req_arrays =
|
|
306
|
+
requirements.
|
|
307
|
+
map { |str| Composer::Requirement.requirements_array(str) }
|
|
306
308
|
potential_versions =
|
|
307
|
-
|
|
309
|
+
req_arrays.flatten.map do |req|
|
|
308
310
|
op, version = req.requirements.first
|
|
309
311
|
case op
|
|
310
312
|
when ">" then version.bump
|
|
@@ -313,8 +315,11 @@ module Dependabot
|
|
|
313
315
|
end
|
|
314
316
|
end
|
|
315
317
|
|
|
316
|
-
version =
|
|
317
|
-
|
|
318
|
+
version =
|
|
319
|
+
potential_versions.
|
|
320
|
+
find do |v|
|
|
321
|
+
req_arrays.all? { |reqs| reqs.any? { |r| r.satisfied_by?(v) } }
|
|
322
|
+
end
|
|
318
323
|
raise "No matching version for #{requirements}!" unless version
|
|
319
324
|
|
|
320
325
|
version.to_s
|
|
@@ -355,9 +360,14 @@ module Dependabot
|
|
|
355
360
|
|
|
356
361
|
def initial_platform
|
|
357
362
|
return {} unless parsed_composer_json["type"] == "library"
|
|
358
|
-
return {} unless parsed_composer_json.dig("require", "php")
|
|
359
363
|
|
|
360
|
-
|
|
364
|
+
php_requirements = [
|
|
365
|
+
parsed_composer_json.dig("require", "php"),
|
|
366
|
+
parsed_composer_json.dig("require-dev", "php")
|
|
367
|
+
].compact
|
|
368
|
+
return {} if php_requirements.empty?
|
|
369
|
+
|
|
370
|
+
{ "php" => php_requirements }
|
|
361
371
|
end
|
|
362
372
|
|
|
363
373
|
def parsed_composer_json
|
|
@@ -255,7 +255,7 @@ module Dependabot
|
|
|
255
255
|
version =
|
|
256
256
|
potential_versions.
|
|
257
257
|
find do |v|
|
|
258
|
-
req_arrays.
|
|
258
|
+
req_arrays.all? { |reqs| reqs.any? { |r| r.satisfied_by?(v) } }
|
|
259
259
|
end
|
|
260
260
|
raise "No matching version for #{requirements}!" unless version
|
|
261
261
|
|
|
@@ -278,6 +278,10 @@ module Dependabot
|
|
|
278
278
|
|
|
279
279
|
def initial_platform
|
|
280
280
|
return {} unless parsed_composer_file["type"] == "library"
|
|
281
|
+
|
|
282
|
+
# Note: We *don't* include the require-dev PHP version in our initial
|
|
283
|
+
# platform. If we fail to resolve with the PHP version specified in
|
|
284
|
+
# `require` then it will be picked up in a subsequent iteration.
|
|
281
285
|
return {} unless parsed_composer_file.dig("require", "php")
|
|
282
286
|
|
|
283
287
|
{ "php" => [parsed_composer_file.dig("require", "php")] }
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-composer
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.111.
|
|
4
|
+
version: 0.111.22
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-07-
|
|
11
|
+
date: 2019-07-21 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.111.
|
|
19
|
+
version: 0.111.22
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.111.
|
|
26
|
+
version: 0.111.22
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|