dependabot-composer 0.112.6 → 0.112.7

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/helpers/build +1 -0
  3. data/helpers/composer.json +4 -2
  4. data/helpers/composer.lock +798 -1
  5. data/helpers/phpstan.neon +7 -0
  6. data/lib/dependabot/composer/file_updater/lockfile_updater.rb +68 -24
  7. data/lib/dependabot/composer/update_checker/version_resolver.rb +39 -7
  8. metadata +5 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 29f8a35782f66dd5206d0492b1a0f8ad3034f2bd9c8f09e847fc43239ed406a7
4
- data.tar.gz: eff6e2f0bf9546ab25ff6110c6fda08139fb162d0901f742aea26bb28155186b
3
+ metadata.gz: 9d2ce55c91b22fc62fa96505ae1e60d4b8beb59ed865c53d3284865b50bb2e4d
4
+ data.tar.gz: f4d65654f703d1fa626c829965259409b7b93f17868d028c07544f79ec52ebe2
5
5
  SHA512:
6
- metadata.gz: a8acaa9c400c643346b1ef8912e2365fb48ebb154c78e29d98d1df611a7ad05c3045e2124e5e2cc4a4c9ef87a43c377ef19e51a8b124fb9a7ca219691e30f8ad
7
- data.tar.gz: 63ebbf013a5384c9431744e4250e03566e7221bbf85883b4f3c688068279c52a7f4aeaef07475cf6bcca30ce7c58d265491c40126fd1e340140fdb8c56a41b40
6
+ metadata.gz: a9bd15ff5149cad2be1e1bbbb61c08c1675f4d7741bada18cad2a3d6314044b4154cfe05f49e61ac5f56de3b9379d4973ed414401827f0f001333fe4fe824264
7
+ data.tar.gz: 9798ec06cbcf1b3a274a02eab2c1f02afbc7693a69af811d722aba8d800c2cc10eaefc8dd6cc3159a79b38079c2e75ee483ff6ad67e824eb9af71f73513490ec
data/helpers/build CHANGED
@@ -14,3 +14,4 @@ cd "$helpers_dir"
14
14
  composer validate --no-check-publish
15
15
  composer install
16
16
  composer run lint -- --dry-run
17
+ composer run stan
data/helpers/composer.json CHANGED
@@ -5,7 +5,8 @@
5
5
  "composer/composer": "^1.8"
6
6
  },
7
7
  "require-dev": {
8
- "friendsofphp/php-cs-fixer": "^2.9"
8
+ "friendsofphp/php-cs-fixer": "^2.9",
9
+ "phpstan/phpstan": "~0.11.15"
9
10
  },
10
11
  "autoload": {
11
12
  "psr-4": {
@@ -15,7 +16,8 @@
15
16
  "scripts": {
16
17
  "lint": [
17
18
  "php-cs-fixer fix --diff --verbose"
18
- ]
19
+ ],
20
+ "stan": "phpstan analyse"
19
21
  },
20
22
  "config": {
21
23
  "sort-packages": true
data/helpers/composer.lock CHANGED
@@ -4,7 +4,7 @@
4
4
  "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
5
5
  "This file is @generated automatically"
6
6
  ],
7
- "content-hash": "9334db84b58cb747a3d462d165a75240",
7
+ "content-hash": "248b713ebbb38284784387540a494556",
8
8
  "packages": [
9
9
  {
10
10
  "name": "composer/ca-bundle",
@@ -1231,6 +1231,681 @@
1231
1231
  "description": "A tool to automatically fix PHP code style",
1232
1232
  "time": "2019-06-01T10:32:12+00:00"
1233
1233
  },
1234
+ {
1235
+ "name": "jean85/pretty-package-versions",
1236
+ "version": "1.2",
1237
+ "source": {
1238
+ "type": "git",
1239
+ "url": "https://github.com/Jean85/pretty-package-versions.git",
1240
+ "reference": "75c7effcf3f77501d0e0caa75111aff4daa0dd48"
1241
+ },
1242
+ "dist": {
1243
+ "type": "zip",
1244
+ "url": "https://api.github.com/repos/Jean85/pretty-package-versions/zipball/75c7effcf3f77501d0e0caa75111aff4daa0dd48",
1245
+ "reference": "75c7effcf3f77501d0e0caa75111aff4daa0dd48",
1246
+ "shasum": ""
1247
+ },
1248
+ "require": {
1249
+ "ocramius/package-versions": "^1.2.0",
1250
+ "php": "^7.0"
1251
+ },
1252
+ "require-dev": {
1253
+ "phpunit/phpunit": "^6.0"
1254
+ },
1255
+ "type": "library",
1256
+ "extra": {
1257
+ "branch-alias": {
1258
+ "dev-master": "1.x-dev"
1259
+ }
1260
+ },
1261
+ "autoload": {
1262
+ "psr-4": {
1263
+ "Jean85\\": "src/"
1264
+ }
1265
+ },
1266
+ "notification-url": "https://packagist.org/downloads/",
1267
+ "license": [
1268
+ "MIT"
1269
+ ],
1270
+ "authors": [
1271
+ {
1272
+ "name": "Alessandro Lai",
1273
+ "email": "alessandro.lai85@gmail.com"
1274
+ }
1275
+ ],
1276
+ "description": "A wrapper for ocramius/package-versions to get pretty versions strings",
1277
+ "keywords": [
1278
+ "composer",
1279
+ "package",
1280
+ "release",
1281
+ "versions"
1282
+ ],
1283
+ "time": "2018-06-13T13:22:40+00:00"
1284
+ },
1285
+ {
1286
+ "name": "nette/bootstrap",
1287
+ "version": "v3.0.0",
1288
+ "source": {
1289
+ "type": "git",
1290
+ "url": "https://github.com/nette/bootstrap.git",
1291
+ "reference": "e1075af05c211915e03e0c86542f3ba5433df4a3"
1292
+ },
1293
+ "dist": {
1294
+ "type": "zip",
1295
+ "url": "https://api.github.com/repos/nette/bootstrap/zipball/e1075af05c211915e03e0c86542f3ba5433df4a3",
1296
+ "reference": "e1075af05c211915e03e0c86542f3ba5433df4a3",
1297
+ "shasum": ""
1298
+ },
1299
+ "require": {
1300
+ "nette/di": "^3.0",
1301
+ "nette/utils": "^3.0",
1302
+ "php": ">=7.1"
1303
+ },
1304
+ "require-dev": {
1305
+ "latte/latte": "^2.2",
1306
+ "nette/application": "^3.0",
1307
+ "nette/caching": "^3.0",
1308
+ "nette/database": "^3.0",
1309
+ "nette/forms": "^3.0",
1310
+ "nette/http": "^3.0",
1311
+ "nette/mail": "^3.0",
1312
+ "nette/robot-loader": "^3.0",
1313
+ "nette/safe-stream": "^2.2",
1314
+ "nette/security": "^3.0",
1315
+ "nette/tester": "^2.0",
1316
+ "tracy/tracy": "^2.6"
1317
+ },
1318
+ "suggest": {
1319
+ "nette/robot-loader": "to use Configurator::createRobotLoader()",
1320
+ "tracy/tracy": "to use Configurator::enableTracy()"
1321
+ },
1322
+ "type": "library",
1323
+ "extra": {
1324
+ "branch-alias": {
1325
+ "dev-master": "3.0-dev"
1326
+ }
1327
+ },
1328
+ "autoload": {
1329
+ "classmap": [
1330
+ "src/"
1331
+ ]
1332
+ },
1333
+ "notification-url": "https://packagist.org/downloads/",
1334
+ "license": [
1335
+ "BSD-3-Clause",
1336
+ "GPL-2.0",
1337
+ "GPL-3.0"
1338
+ ],
1339
+ "authors": [
1340
+ {
1341
+ "name": "David Grudl",
1342
+ "homepage": "https://davidgrudl.com"
1343
+ },
1344
+ {
1345
+ "name": "Nette Community",
1346
+ "homepage": "https://nette.org/contributors"
1347
+ }
1348
+ ],
1349
+ "description": "🅱 Nette Bootstrap: the simple way to configure and bootstrap your Nette application.",
1350
+ "homepage": "https://nette.org",
1351
+ "keywords": [
1352
+ "bootstrapping",
1353
+ "configurator",
1354
+ "nette"
1355
+ ],
1356
+ "time": "2019-03-26T12:59:07+00:00"
1357
+ },
1358
+ {
1359
+ "name": "nette/di",
1360
+ "version": "v3.0.1",
1361
+ "source": {
1362
+ "type": "git",
1363
+ "url": "https://github.com/nette/di.git",
1364
+ "reference": "4aff517a1c6bb5c36fa09733d4cea089f529de6d"
1365
+ },
1366
+ "dist": {
1367
+ "type": "zip",
1368
+ "url": "https://api.github.com/repos/nette/di/zipball/4aff517a1c6bb5c36fa09733d4cea089f529de6d",
1369
+ "reference": "4aff517a1c6bb5c36fa09733d4cea089f529de6d",
1370
+ "shasum": ""
1371
+ },
1372
+ "require": {
1373
+ "ext-tokenizer": "*",
1374
+ "nette/neon": "^3.0",
1375
+ "nette/php-generator": "^3.2.2",
1376
+ "nette/robot-loader": "^3.2",
1377
+ "nette/schema": "^1.0",
1378
+ "nette/utils": "^3.0",
1379
+ "php": ">=7.1"
1380
+ },
1381
+ "conflict": {
1382
+ "nette/bootstrap": "<3.0"
1383
+ },
1384
+ "require-dev": {
1385
+ "nette/tester": "^2.2",
1386
+ "tracy/tracy": "^2.3"
1387
+ },
1388
+ "type": "library",
1389
+ "extra": {
1390
+ "branch-alias": {
1391
+ "dev-master": "3.0-dev"
1392
+ }
1393
+ },
1394
+ "autoload": {
1395
+ "classmap": [
1396
+ "src/"
1397
+ ],
1398
+ "files": [
1399
+ "src/compatibility.php"
1400
+ ]
1401
+ },
1402
+ "notification-url": "https://packagist.org/downloads/",
1403
+ "license": [
1404
+ "BSD-3-Clause",
1405
+ "GPL-2.0",
1406
+ "GPL-3.0"
1407
+ ],
1408
+ "authors": [
1409
+ {
1410
+ "name": "David Grudl",
1411
+ "homepage": "https://davidgrudl.com"
1412
+ },
1413
+ {
1414
+ "name": "Nette Community",
1415
+ "homepage": "https://nette.org/contributors"
1416
+ }
1417
+ ],
1418
+ "description": "💎 Nette Dependency Injection Container: Flexible, compiled and full-featured DIC with perfectly usable autowiring and support for all new PHP 7.1 features.",
1419
+ "homepage": "https://nette.org",
1420
+ "keywords": [
1421
+ "compiled",
1422
+ "di",
1423
+ "dic",
1424
+ "factory",
1425
+ "ioc",
1426
+ "nette",
1427
+ "static"
1428
+ ],
1429
+ "time": "2019-08-07T12:11:33+00:00"
1430
+ },
1431
+ {
1432
+ "name": "nette/finder",
1433
+ "version": "v2.5.0",
1434
+ "source": {
1435
+ "type": "git",
1436
+ "url": "https://github.com/nette/finder.git",
1437
+ "reference": "6be1b83ea68ac558aff189d640abe242e0306fe2"
1438
+ },
1439
+ "dist": {
1440
+ "type": "zip",
1441
+ "url": "https://api.github.com/repos/nette/finder/zipball/6be1b83ea68ac558aff189d640abe242e0306fe2",
1442
+ "reference": "6be1b83ea68ac558aff189d640abe242e0306fe2",
1443
+ "shasum": ""
1444
+ },
1445
+ "require": {
1446
+ "nette/utils": "^2.4 || ~3.0.0",
1447
+ "php": ">=7.1"
1448
+ },
1449
+ "conflict": {
1450
+ "nette/nette": "<2.2"
1451
+ },
1452
+ "require-dev": {
1453
+ "nette/tester": "^2.0",
1454
+ "tracy/tracy": "^2.3"
1455
+ },
1456
+ "type": "library",
1457
+ "extra": {
1458
+ "branch-alias": {
1459
+ "dev-master": "2.5-dev"
1460
+ }
1461
+ },
1462
+ "autoload": {
1463
+ "classmap": [
1464
+ "src/"
1465
+ ]
1466
+ },
1467
+ "notification-url": "https://packagist.org/downloads/",
1468
+ "license": [
1469
+ "BSD-3-Clause",
1470
+ "GPL-2.0",
1471
+ "GPL-3.0"
1472
+ ],
1473
+ "authors": [
1474
+ {
1475
+ "name": "David Grudl",
1476
+ "homepage": "https://davidgrudl.com"
1477
+ },
1478
+ {
1479
+ "name": "Nette Community",
1480
+ "homepage": "https://nette.org/contributors"
1481
+ }
1482
+ ],
1483
+ "description": "? Nette Finder: find files and directories with an intuitive API.",
1484
+ "homepage": "https://nette.org",
1485
+ "keywords": [
1486
+ "filesystem",
1487
+ "glob",
1488
+ "iterator",
1489
+ "nette"
1490
+ ],
1491
+ "time": "2019-02-28T18:13:25+00:00"
1492
+ },
1493
+ {
1494
+ "name": "nette/neon",
1495
+ "version": "v3.0.0",
1496
+ "source": {
1497
+ "type": "git",
1498
+ "url": "https://github.com/nette/neon.git",
1499
+ "reference": "cbff32059cbdd8720deccf9e9eace6ee516f02eb"
1500
+ },
1501
+ "dist": {
1502
+ "type": "zip",
1503
+ "url": "https://api.github.com/repos/nette/neon/zipball/cbff32059cbdd8720deccf9e9eace6ee516f02eb",
1504
+ "reference": "cbff32059cbdd8720deccf9e9eace6ee516f02eb",
1505
+ "shasum": ""
1506
+ },
1507
+ "require": {
1508
+ "ext-iconv": "*",
1509
+ "ext-json": "*",
1510
+ "php": ">=7.0"
1511
+ },
1512
+ "require-dev": {
1513
+ "nette/tester": "^2.0",
1514
+ "tracy/tracy": "^2.3"
1515
+ },
1516
+ "type": "library",
1517
+ "extra": {
1518
+ "branch-alias": {
1519
+ "dev-master": "3.0-dev"
1520
+ }
1521
+ },
1522
+ "autoload": {
1523
+ "classmap": [
1524
+ "src/"
1525
+ ]
1526
+ },
1527
+ "notification-url": "https://packagist.org/downloads/",
1528
+ "license": [
1529
+ "BSD-3-Clause",
1530
+ "GPL-2.0",
1531
+ "GPL-3.0"
1532
+ ],
1533
+ "authors": [
1534
+ {
1535
+ "name": "David Grudl",
1536
+ "homepage": "https://davidgrudl.com"
1537
+ },
1538
+ {
1539
+ "name": "Nette Community",
1540
+ "homepage": "https://nette.org/contributors"
1541
+ }
1542
+ ],
1543
+ "description": "? Nette NEON: encodes and decodes NEON file format.",
1544
+ "homepage": "http://ne-on.org",
1545
+ "keywords": [
1546
+ "export",
1547
+ "import",
1548
+ "neon",
1549
+ "nette",
1550
+ "yaml"
1551
+ ],
1552
+ "time": "2019-02-05T21:30:40+00:00"
1553
+ },
1554
+ {
1555
+ "name": "nette/php-generator",
1556
+ "version": "v3.2.3",
1557
+ "source": {
1558
+ "type": "git",
1559
+ "url": "https://github.com/nette/php-generator.git",
1560
+ "reference": "aea6e81437bb238e5f0e5b5ce06337433908e63b"
1561
+ },
1562
+ "dist": {
1563
+ "type": "zip",
1564
+ "url": "https://api.github.com/repos/nette/php-generator/zipball/aea6e81437bb238e5f0e5b5ce06337433908e63b",
1565
+ "reference": "aea6e81437bb238e5f0e5b5ce06337433908e63b",
1566
+ "shasum": ""
1567
+ },
1568
+ "require": {
1569
+ "nette/utils": "^2.4.2 || ~3.0.0",
1570
+ "php": ">=7.1"
1571
+ },
1572
+ "require-dev": {
1573
+ "nette/tester": "^2.0",
1574
+ "tracy/tracy": "^2.3"
1575
+ },
1576
+ "type": "library",
1577
+ "extra": {
1578
+ "branch-alias": {
1579
+ "dev-master": "3.2-dev"
1580
+ }
1581
+ },
1582
+ "autoload": {
1583
+ "classmap": [
1584
+ "src/"
1585
+ ]
1586
+ },
1587
+ "notification-url": "https://packagist.org/downloads/",
1588
+ "license": [
1589
+ "BSD-3-Clause",
1590
+ "GPL-2.0",
1591
+ "GPL-3.0"
1592
+ ],
1593
+ "authors": [
1594
+ {
1595
+ "name": "David Grudl",
1596
+ "homepage": "https://davidgrudl.com"
1597
+ },
1598
+ {
1599
+ "name": "Nette Community",
1600
+ "homepage": "https://nette.org/contributors"
1601
+ }
1602
+ ],
1603
+ "description": "🐘 Nette PHP Generator: generates neat PHP code for you. Supports new PHP 7.3 features.",
1604
+ "homepage": "https://nette.org",
1605
+ "keywords": [
1606
+ "code",
1607
+ "nette",
1608
+ "php",
1609
+ "scaffolding"
1610
+ ],
1611
+ "time": "2019-07-05T13:01:56+00:00"
1612
+ },
1613
+ {
1614
+ "name": "nette/robot-loader",
1615
+ "version": "v3.2.0",
1616
+ "source": {
1617
+ "type": "git",
1618
+ "url": "https://github.com/nette/robot-loader.git",
1619
+ "reference": "0712a0e39ae7956d6a94c0ab6ad41aa842544b5c"
1620
+ },
1621
+ "dist": {
1622
+ "type": "zip",
1623
+ "url": "https://api.github.com/repos/nette/robot-loader/zipball/0712a0e39ae7956d6a94c0ab6ad41aa842544b5c",
1624
+ "reference": "0712a0e39ae7956d6a94c0ab6ad41aa842544b5c",
1625
+ "shasum": ""
1626
+ },
1627
+ "require": {
1628
+ "ext-tokenizer": "*",
1629
+ "nette/finder": "^2.5",
1630
+ "nette/utils": "^3.0",
1631
+ "php": ">=7.1"
1632
+ },
1633
+ "require-dev": {
1634
+ "nette/tester": "^2.0",
1635
+ "tracy/tracy": "^2.3"
1636
+ },
1637
+ "type": "library",
1638
+ "extra": {
1639
+ "branch-alias": {
1640
+ "dev-master": "3.2-dev"
1641
+ }
1642
+ },
1643
+ "autoload": {
1644
+ "classmap": [
1645
+ "src/"
1646
+ ]
1647
+ },
1648
+ "notification-url": "https://packagist.org/downloads/",
1649
+ "license": [
1650
+ "BSD-3-Clause",
1651
+ "GPL-2.0",
1652
+ "GPL-3.0"
1653
+ ],
1654
+ "authors": [
1655
+ {
1656
+ "name": "David Grudl",
1657
+ "homepage": "https://davidgrudl.com"
1658
+ },
1659
+ {
1660
+ "name": "Nette Community",
1661
+ "homepage": "https://nette.org/contributors"
1662
+ }
1663
+ ],
1664
+ "description": "? Nette RobotLoader: high performance and comfortable autoloader that will search and autoload classes within your application.",
1665
+ "homepage": "https://nette.org",
1666
+ "keywords": [
1667
+ "autoload",
1668
+ "class",
1669
+ "interface",
1670
+ "nette",
1671
+ "trait"
1672
+ ],
1673
+ "time": "2019-03-08T21:57:24+00:00"
1674
+ },
1675
+ {
1676
+ "name": "nette/schema",
1677
+ "version": "v1.0.0",
1678
+ "source": {
1679
+ "type": "git",
1680
+ "url": "https://github.com/nette/schema.git",
1681
+ "reference": "6241d8d4da39e825dd6cb5bfbe4242912f4d7e4d"
1682
+ },
1683
+ "dist": {
1684
+ "type": "zip",
1685
+ "url": "https://api.github.com/repos/nette/schema/zipball/6241d8d4da39e825dd6cb5bfbe4242912f4d7e4d",
1686
+ "reference": "6241d8d4da39e825dd6cb5bfbe4242912f4d7e4d",
1687
+ "shasum": ""
1688
+ },
1689
+ "require": {
1690
+ "nette/utils": "^3.0.1",
1691
+ "php": ">=7.1"
1692
+ },
1693
+ "require-dev": {
1694
+ "nette/tester": "^2.2",
1695
+ "tracy/tracy": "^2.3"
1696
+ },
1697
+ "type": "library",
1698
+ "extra": {
1699
+ "branch-alias": {
1700
+ "dev-master": "1.0-dev"
1701
+ }
1702
+ },
1703
+ "autoload": {
1704
+ "classmap": [
1705
+ "src/"
1706
+ ]
1707
+ },
1708
+ "notification-url": "https://packagist.org/downloads/",
1709
+ "license": [
1710
+ "BSD-3-Clause",
1711
+ "GPL-2.0",
1712
+ "GPL-3.0"
1713
+ ],
1714
+ "authors": [
1715
+ {
1716
+ "name": "David Grudl",
1717
+ "homepage": "https://davidgrudl.com"
1718
+ },
1719
+ {
1720
+ "name": "Nette Community",
1721
+ "homepage": "https://nette.org/contributors"
1722
+ }
1723
+ ],
1724
+ "description": "📐 Nette Schema: validating data structures against a given Schema.",
1725
+ "homepage": "https://nette.org",
1726
+ "keywords": [
1727
+ "config",
1728
+ "nette"
1729
+ ],
1730
+ "time": "2019-04-03T15:53:25+00:00"
1731
+ },
1732
+ {
1733
+ "name": "nette/utils",
1734
+ "version": "v3.0.1",
1735
+ "source": {
1736
+ "type": "git",
1737
+ "url": "https://github.com/nette/utils.git",
1738
+ "reference": "bd961f49b211997202bda1d0fbc410905be370d4"
1739
+ },
1740
+ "dist": {
1741
+ "type": "zip",
1742
+ "url": "https://api.github.com/repos/nette/utils/zipball/bd961f49b211997202bda1d0fbc410905be370d4",
1743
+ "reference": "bd961f49b211997202bda1d0fbc410905be370d4",
1744
+ "shasum": ""
1745
+ },
1746
+ "require": {
1747
+ "php": ">=7.1"
1748
+ },
1749
+ "require-dev": {
1750
+ "nette/tester": "~2.0",
1751
+ "tracy/tracy": "^2.3"
1752
+ },
1753
+ "suggest": {
1754
+ "ext-gd": "to use Image",
1755
+ "ext-iconv": "to use Strings::webalize() and toAscii()",
1756
+ "ext-intl": "to use Strings::webalize(), toAscii(), normalize() and compare()",
1757
+ "ext-json": "to use Nette\\Utils\\Json",
1758
+ "ext-mbstring": "to use Strings::lower() etc...",
1759
+ "ext-xml": "to use Strings::length() etc. when mbstring is not available"
1760
+ },
1761
+ "type": "library",
1762
+ "extra": {
1763
+ "branch-alias": {
1764
+ "dev-master": "3.0-dev"
1765
+ }
1766
+ },
1767
+ "autoload": {
1768
+ "classmap": [
1769
+ "src/"
1770
+ ]
1771
+ },
1772
+ "notification-url": "https://packagist.org/downloads/",
1773
+ "license": [
1774
+ "BSD-3-Clause",
1775
+ "GPL-2.0",
1776
+ "GPL-3.0"
1777
+ ],
1778
+ "authors": [
1779
+ {
1780
+ "name": "David Grudl",
1781
+ "homepage": "https://davidgrudl.com"
1782
+ },
1783
+ {
1784
+ "name": "Nette Community",
1785
+ "homepage": "https://nette.org/contributors"
1786
+ }
1787
+ ],
1788
+ "description": "🛠 Nette Utils: lightweight utilities for string & array manipulation, image handling, safe JSON encoding/decoding, validation, slug or strong password generating etc.",
1789
+ "homepage": "https://nette.org",
1790
+ "keywords": [
1791
+ "array",
1792
+ "core",
1793
+ "datetime",
1794
+ "images",
1795
+ "json",
1796
+ "nette",
1797
+ "paginator",
1798
+ "password",
1799
+ "slugify",
1800
+ "string",
1801
+ "unicode",
1802
+ "utf-8",
1803
+ "utility",
1804
+ "validation"
1805
+ ],
1806
+ "time": "2019-03-22T01:00:30+00:00"
1807
+ },
1808
+ {
1809
+ "name": "nikic/php-parser",
1810
+ "version": "v4.2.3",
1811
+ "source": {
1812
+ "type": "git",
1813
+ "url": "https://github.com/nikic/PHP-Parser.git",
1814
+ "reference": "e612609022e935f3d0337c1295176505b41188c8"
1815
+ },
1816
+ "dist": {
1817
+ "type": "zip",
1818
+ "url": "https://api.github.com/repos/nikic/PHP-Parser/zipball/e612609022e935f3d0337c1295176505b41188c8",
1819
+ "reference": "e612609022e935f3d0337c1295176505b41188c8",
1820
+ "shasum": ""
1821
+ },
1822
+ "require": {
1823
+ "ext-tokenizer": "*",
1824
+ "php": ">=7.0"
1825
+ },
1826
+ "require-dev": {
1827
+ "phpunit/phpunit": "^6.5 || ^7.0 || ^8.0"
1828
+ },
1829
+ "bin": [
1830
+ "bin/php-parse"
1831
+ ],
1832
+ "type": "library",
1833
+ "extra": {
1834
+ "branch-alias": {
1835
+ "dev-master": "4.2-dev"
1836
+ }
1837
+ },
1838
+ "autoload": {
1839
+ "psr-4": {
1840
+ "PhpParser\\": "lib/PhpParser"
1841
+ }
1842
+ },
1843
+ "notification-url": "https://packagist.org/downloads/",
1844
+ "license": [
1845
+ "BSD-3-Clause"
1846
+ ],
1847
+ "authors": [
1848
+ {
1849
+ "name": "Nikita Popov"
1850
+ }
1851
+ ],
1852
+ "description": "A PHP parser written in PHP",
1853
+ "keywords": [
1854
+ "parser",
1855
+ "php"
1856
+ ],
1857
+ "time": "2019-08-12T20:17:41+00:00"
1858
+ },
1859
+ {
1860
+ "name": "ocramius/package-versions",
1861
+ "version": "1.4.0",
1862
+ "source": {
1863
+ "type": "git",
1864
+ "url": "https://github.com/Ocramius/PackageVersions.git",
1865
+ "reference": "a4d4b60d0e60da2487bd21a2c6ac089f85570dbb"
1866
+ },
1867
+ "dist": {
1868
+ "type": "zip",
1869
+ "url": "https://api.github.com/repos/Ocramius/PackageVersions/zipball/a4d4b60d0e60da2487bd21a2c6ac089f85570dbb",
1870
+ "reference": "a4d4b60d0e60da2487bd21a2c6ac089f85570dbb",
1871
+ "shasum": ""
1872
+ },
1873
+ "require": {
1874
+ "composer-plugin-api": "^1.0.0",
1875
+ "php": "^7.1.0"
1876
+ },
1877
+ "require-dev": {
1878
+ "composer/composer": "^1.6.3",
1879
+ "doctrine/coding-standard": "^5.0.1",
1880
+ "ext-zip": "*",
1881
+ "infection/infection": "^0.7.1",
1882
+ "phpunit/phpunit": "^7.0.0"
1883
+ },
1884
+ "type": "composer-plugin",
1885
+ "extra": {
1886
+ "class": "PackageVersions\\Installer",
1887
+ "branch-alias": {
1888
+ "dev-master": "2.0.x-dev"
1889
+ }
1890
+ },
1891
+ "autoload": {
1892
+ "psr-4": {
1893
+ "PackageVersions\\": "src/PackageVersions"
1894
+ }
1895
+ },
1896
+ "notification-url": "https://packagist.org/downloads/",
1897
+ "license": [
1898
+ "MIT"
1899
+ ],
1900
+ "authors": [
1901
+ {
1902
+ "name": "Marco Pivetta",
1903
+ "email": "ocramius@gmail.com"
1904
+ }
1905
+ ],
1906
+ "description": "Composer plugin that provides efficient querying for installed package versions (no runtime IO)",
1907
+ "time": "2019-02-21T12:16:21+00:00"
1908
+ },
1234
1909
  {
1235
1910
  "name": "paragonie/random_compat",
1236
1911
  "version": "v9.99.99",
@@ -1327,6 +2002,128 @@
1327
2002
  ],
1328
2003
  "time": "2018-02-15T16:58:55+00:00"
1329
2004
  },
2005
+ {
2006
+ "name": "phpstan/phpdoc-parser",
2007
+ "version": "0.3.5",
2008
+ "source": {
2009
+ "type": "git",
2010
+ "url": "https://github.com/phpstan/phpdoc-parser.git",
2011
+ "reference": "8c4ef2aefd9788238897b678a985e1d5c8df6db4"
2012
+ },
2013
+ "dist": {
2014
+ "type": "zip",
2015
+ "url": "https://api.github.com/repos/phpstan/phpdoc-parser/zipball/8c4ef2aefd9788238897b678a985e1d5c8df6db4",
2016
+ "reference": "8c4ef2aefd9788238897b678a985e1d5c8df6db4",
2017
+ "shasum": ""
2018
+ },
2019
+ "require": {
2020
+ "php": "~7.1"
2021
+ },
2022
+ "require-dev": {
2023
+ "consistence/coding-standard": "^3.5",
2024
+ "jakub-onderka/php-parallel-lint": "^0.9.2",
2025
+ "phing/phing": "^2.16.0",
2026
+ "phpstan/phpstan": "^0.10",
2027
+ "phpunit/phpunit": "^6.3",
2028
+ "slevomat/coding-standard": "^4.7.2",
2029
+ "squizlabs/php_codesniffer": "^3.3.2",
2030
+ "symfony/process": "^3.4 || ^4.0"
2031
+ },
2032
+ "type": "library",
2033
+ "extra": {
2034
+ "branch-alias": {
2035
+ "dev-master": "0.3-dev"
2036
+ }
2037
+ },
2038
+ "autoload": {
2039
+ "psr-4": {
2040
+ "PHPStan\\PhpDocParser\\": [
2041
+ "src/"
2042
+ ]
2043
+ }
2044
+ },
2045
+ "notification-url": "https://packagist.org/downloads/",
2046
+ "license": [
2047
+ "MIT"
2048
+ ],
2049
+ "description": "PHPDoc parser with support for nullable, intersection and generic types",
2050
+ "time": "2019-06-07T19:13:52+00:00"
2051
+ },
2052
+ {
2053
+ "name": "phpstan/phpstan",
2054
+ "version": "0.11.15",
2055
+ "source": {
2056
+ "type": "git",
2057
+ "url": "https://github.com/phpstan/phpstan.git",
2058
+ "reference": "1be5b3a706db16ac472a4c40ec03cf4c810b118d"
2059
+ },
2060
+ "dist": {
2061
+ "type": "zip",
2062
+ "url": "https://api.github.com/repos/phpstan/phpstan/zipball/1be5b3a706db16ac472a4c40ec03cf4c810b118d",
2063
+ "reference": "1be5b3a706db16ac472a4c40ec03cf4c810b118d",
2064
+ "shasum": ""
2065
+ },
2066
+ "require": {
2067
+ "composer/xdebug-handler": "^1.3.0",
2068
+ "jean85/pretty-package-versions": "^1.0.3",
2069
+ "nette/bootstrap": "^2.4 || ^3.0",
2070
+ "nette/di": "^2.4.7 || ^3.0",
2071
+ "nette/robot-loader": "^3.0.1",
2072
+ "nette/schema": "^1.0",
2073
+ "nette/utils": "^2.4.5 || ^3.0",
2074
+ "nikic/php-parser": "^4.2.3",
2075
+ "php": "~7.1",
2076
+ "phpstan/phpdoc-parser": "^0.3.5",
2077
+ "symfony/console": "~3.2 || ~4.0",
2078
+ "symfony/finder": "~3.2 || ~4.0"
2079
+ },
2080
+ "conflict": {
2081
+ "symfony/console": "3.4.16 || 4.1.5"
2082
+ },
2083
+ "require-dev": {
2084
+ "brianium/paratest": "^2.0 || ^3.0",
2085
+ "consistence/coding-standard": "^3.5",
2086
+ "dealerdirect/phpcodesniffer-composer-installer": "^0.4.4",
2087
+ "ext-intl": "*",
2088
+ "ext-mysqli": "*",
2089
+ "ext-simplexml": "*",
2090
+ "ext-soap": "*",
2091
+ "ext-zip": "*",
2092
+ "jakub-onderka/php-parallel-lint": "^1.0",
2093
+ "localheinz/composer-normalize": "^1.1.0",
2094
+ "phing/phing": "^2.16.0",
2095
+ "phpstan/phpstan-deprecation-rules": "^0.11",
2096
+ "phpstan/phpstan-php-parser": "^0.11",
2097
+ "phpstan/phpstan-phpunit": "^0.11",
2098
+ "phpstan/phpstan-strict-rules": "^0.11",
2099
+ "phpunit/phpunit": "^7.5.14 || ^8.0",
2100
+ "slevomat/coding-standard": "^4.7.2",
2101
+ "squizlabs/php_codesniffer": "^3.3.2"
2102
+ },
2103
+ "bin": [
2104
+ "bin/phpstan"
2105
+ ],
2106
+ "type": "library",
2107
+ "extra": {
2108
+ "branch-alias": {
2109
+ "dev-master": "0.11-dev"
2110
+ }
2111
+ },
2112
+ "autoload": {
2113
+ "psr-4": {
2114
+ "PHPStan\\": [
2115
+ "src/",
2116
+ "build/PHPStan"
2117
+ ]
2118
+ }
2119
+ },
2120
+ "notification-url": "https://packagist.org/downloads/",
2121
+ "license": [
2122
+ "MIT"
2123
+ ],
2124
+ "description": "PHPStan - PHP Static Analysis Tool",
2125
+ "time": "2019-08-18T20:51:53+00:00"
2126
+ },
1330
2127
  {
1331
2128
  "name": "symfony/event-dispatcher",
1332
2129
  "version": "v4.3.0",
data/helpers/phpstan.neon ADDED
@@ -0,0 +1,7 @@
1
+ includes:
2
+ - vendor/phpstan/phpstan/conf/config.level5.neon
3
+
4
+ parameters:
5
+ inferPrivatePropertyTypeFromConstructor: true
6
+ paths:
7
+ - src
data/lib/dependabot/composer/file_updater/lockfile_updater.rb CHANGED
@@ -2,6 +2,7 @@
2
2
 
3
3
  require "dependabot/shared_helpers"
4
4
  require "dependabot/errors"
5
+ require "dependabot/composer/file_parser"
5
6
  require "dependabot/composer/file_updater"
6
7
  require "dependabot/composer/version"
7
8
  require "dependabot/composer/requirement"
@@ -69,6 +70,11 @@ module Dependabot
69
70
  retry_count ||= 0
70
71
  retry_count += 1
71
72
  retry if transitory_failure?(e) && retry_count <= 1
73
+ if locked_git_dep_error?(e) && retry_count <= 1
74
+ @lock_git_deps = false
75
+ retry
76
+ end
77
+
72
78
  handle_composer_errors(e)
73
79
  end
74
80
 
@@ -110,6 +116,10 @@ module Dependabot
110
116
  error.message.include?("Content-Length mismatch")
111
117
  end
112
118
 
119
+ def locked_git_dep_error?(error)
120
+ error.message.start_with?("Could not authenticate against")
121
+ end
122
+
113
123
  # rubocop:disable Metrics/AbcSize
114
124
  # rubocop:disable Metrics/CyclomaticComplexity
115
125
  # rubocop:disable Metrics/MethodLength
@@ -197,30 +207,15 @@ module Dependabot
197
207
  end
198
208
 
199
209
  def locked_composer_json_content
200
- tmp_content =
201
- dependencies.reduce(updated_composer_json_content) do |content, dep|
202
- updated_req = dep.version
203
- next content unless Composer::Version.correct?(updated_req)
204
-
205
- old_req =
206
- dep.requirements.find { |r| r[:file] == "composer.json" }&.
207
- fetch(:requirement)
208
-
209
- # When updating a subdep there won't be an old requirement
210
- next content unless old_req
211
-
212
- regex =
213
- /
214
- "#{Regexp.escape(dep.name)}"\s*:\s*
215
- "#{Regexp.escape(old_req)}"
216
- /x
217
-
218
- content.gsub(regex) do |declaration|
219
- declaration.gsub(%("#{old_req}"), %("#{updated_req}"))
220
- end
221
- end
210
+ content = updated_composer_json_content
211
+ content = lock_dependencies_being_updated(content)
212
+ content = lock_git_dependencies(content) if @lock_git_deps != false
213
+ content = add_temporary_platform_extensions(content)
214
+ content
215
+ end
222
216
 
223
- json = JSON.parse(tmp_content)
217
+ def add_temporary_platform_extensions(content)
218
+ json = JSON.parse(content)
224
219
 
225
220
  composer_platform_extensions.each do |extension, requirements|
226
221
  json["config"] ||= {}
@@ -232,6 +227,51 @@ module Dependabot
232
227
  JSON.dump(json)
233
228
  end
234
229
 
230
+ def lock_dependencies_being_updated(original_content)
231
+ dependencies.reduce(original_content) do |content, dep|
232
+ updated_req = dep.version
233
+ next content unless Composer::Version.correct?(updated_req)
234
+
235
+ old_req =
236
+ dep.requirements.find { |r| r[:file] == "composer.json" }&.
237
+ fetch(:requirement)
238
+
239
+ # When updating a subdep there won't be an old requirement
240
+ next content unless old_req
241
+
242
+ regex =
243
+ /
244
+ "#{Regexp.escape(dep.name)}"\s*:\s*
245
+ "#{Regexp.escape(old_req)}"
246
+ /x
247
+
248
+ content.gsub(regex) do |declaration|
249
+ declaration.gsub(%("#{old_req}"), %("#{updated_req}"))
250
+ end
251
+ end
252
+ end
253
+
254
+ def lock_git_dependencies(content)
255
+ json = JSON.parse(content)
256
+
257
+ FileParser::DEPENDENCY_GROUP_KEYS.each do |keys|
258
+ next unless json[keys[:manifest]]
259
+
260
+ json[keys[:manifest]].each do |name, req|
261
+ next unless req.start_with?("dev-")
262
+ next if req.include?("#")
263
+
264
+ commit_sha = parsed_lockfile.
265
+ fetch(keys[:lockfile], []).
266
+ find { |d| d["name"] == name }&.
267
+ dig("source", "reference")
268
+ json[keys[:manifest]][name] = req + "##{commit_sha}"
269
+ end
270
+ end
271
+
272
+ JSON.dump(json)
273
+ end
274
+
235
275
  def git_dependency_reference_error(error)
236
276
  ref = error.message.match(/checkout '(?<ref>.*?)'/).
237
277
  named_captures.fetch("ref")
@@ -383,7 +423,11 @@ module Dependabot
383
423
  end
384
424
 
385
425
  def parsed_composer_json
386
- JSON.parse(composer_json.content)
426
+ @parsed_composer_json ||= JSON.parse(composer_json.content)
427
+ end
428
+
429
+ def parsed_lockfile
430
+ @parsed_lockfile ||= JSON.parse(lockfile.content)
387
431
  end
388
432
 
389
433
  def composer_json
data/lib/dependabot/composer/update_checker/version_resolver.rb CHANGED
@@ -7,6 +7,7 @@ require "dependabot/composer/update_checker"
7
7
  require "dependabot/composer/version"
8
8
  require "dependabot/composer/requirement"
9
9
  require "dependabot/composer/native_helpers"
10
+ require "dependabot/composer/file_parser"
10
11
 
11
12
  # rubocop:disable Metrics/ClassLength
12
13
  module Dependabot
@@ -107,14 +108,20 @@ module Dependabot
107
108
 
108
109
  def prepared_composer_json_content(unlock_requirement: true)
109
110
  content = composer_file.content
111
+ content = unlock_dep_being_updated(content) if unlock_requirement
112
+ content = lock_git_dependencies(content) if lockfile
113
+ content = add_temporary_platform_extensions(content)
114
+ content
115
+ end
110
116
 
111
- if unlock_requirement
112
- content = content.gsub(
113
- /"#{Regexp.escape(dependency.name)}"\s*:\s*".*"/,
114
- %("#{dependency.name}": "#{updated_version_requirement_string}")
115
- )
116
- end
117
+ def unlock_dep_being_updated(content)
118
+ content.gsub(
119
+ /"#{Regexp.escape(dependency.name)}"\s*:\s*".*"/,
120
+ %("#{dependency.name}": "#{updated_version_requirement_string}")
121
+ )
122
+ end
117
123
 
124
+ def add_temporary_platform_extensions(content)
118
125
  json = JSON.parse(content)
119
126
 
120
127
  composer_platform_extensions.each do |extension, requirements|
@@ -127,6 +134,27 @@ module Dependabot
127
134
  JSON.dump(json)
128
135
  end
129
136
 
137
+ def lock_git_dependencies(content)
138
+ json = JSON.parse(content)
139
+
140
+ FileParser::DEPENDENCY_GROUP_KEYS.each do |keys|
141
+ next unless json[keys[:manifest]]
142
+
143
+ json[keys[:manifest]].each do |name, req|
144
+ next unless req.start_with?("dev-")
145
+ next if req.include?("#")
146
+
147
+ commit_sha = parsed_lockfile.
148
+ fetch(keys[:lockfile], []).
149
+ find { |d| d["name"] == name }&.
150
+ dig("source", "reference")
151
+ json[keys[:manifest]][name] = req + "##{commit_sha}"
152
+ end
153
+ end
154
+
155
+ JSON.dump(json)
156
+ end
157
+
130
158
  # rubocop:disable Metrics/AbcSize
131
159
  # rubocop:disable Metrics/PerceivedComplexity
132
160
  def updated_version_requirement_string
@@ -335,7 +363,11 @@ module Dependabot
335
363
  end
336
364
 
337
365
  def parsed_composer_file
338
- JSON.parse(composer_file.content)
366
+ @parsed_composer_file ||= JSON.parse(composer_file.content)
367
+ end
368
+
369
+ def parsed_lockfile
370
+ @parsed_lockfile ||= JSON.parse(lockfile.content)
339
371
  end
340
372
 
341
373
  def composer_file
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-composer
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.112.6
4
+ version: 0.112.7
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-08-20 00:00:00.000000000 Z
11
+ date: 2019-08-21 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.112.6
19
+ version: 0.112.7
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.112.6
26
+ version: 0.112.7
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -148,6 +148,7 @@ files:
148
148
  - helpers/build
149
149
  - helpers/composer.json
150
150
  - helpers/composer.lock
151
+ - helpers/phpstan.neon
151
152
  - helpers/setup.sh
152
153
  - helpers/src/DependabotInstallationManager.php
153
154
  - helpers/src/DependabotPluginManager.php