dependabot-composer 0.118.2 → 0.118.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/helpers/composer.lock +56 -54
- data/lib/dependabot/composer/update_checker/version_resolver.rb +39 -16
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: '08402145cc1ab6f8d9528fe72e25603b58949c1739dca9a4016c866cccb4de5b'
|
4
|
+
data.tar.gz: c6faada0d71b46059ab133a2d18da0ca3c88c0f08c2f38cc9501430ab45aa948
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 628b0917b8fac4a45236b32cbd81b4a155ac7a9a77e0f7cb0977186cf5e49db0bf46745810012d843017bed55a49ca66568ec77fdbc3a6d8cc0faa434249ee7f
|
7
|
+
data.tar.gz: 7ee186338c85442e484e9d513b313f573eeb479d19f9d04187a922b8326a62c28bda6a7e2ff360e4a0fab92a9ffdb157f91bd7d24b7397901d9a096734b6e4ac
|
data/helpers/composer.lock
CHANGED
@@ -8,16 +8,16 @@
|
|
8
8
|
"packages": [
|
9
9
|
{
|
10
10
|
"name": "composer/ca-bundle",
|
11
|
-
"version": "1.2.
|
11
|
+
"version": "1.2.7",
|
12
12
|
"source": {
|
13
13
|
"type": "git",
|
14
14
|
"url": "https://github.com/composer/ca-bundle.git",
|
15
|
-
"reference": "
|
15
|
+
"reference": "95c63ab2117a72f48f5a55da9740a3273d45b7fd"
|
16
16
|
},
|
17
17
|
"dist": {
|
18
18
|
"type": "zip",
|
19
|
-
"url": "https://api.github.com/repos/composer/ca-bundle/zipball/
|
20
|
-
"reference": "
|
19
|
+
"url": "https://api.github.com/repos/composer/ca-bundle/zipball/95c63ab2117a72f48f5a55da9740a3273d45b7fd",
|
20
|
+
"reference": "95c63ab2117a72f48f5a55da9740a3273d45b7fd",
|
21
21
|
"shasum": ""
|
22
22
|
},
|
23
23
|
"require": {
|
@@ -60,20 +60,20 @@
|
|
60
60
|
"ssl",
|
61
61
|
"tls"
|
62
62
|
],
|
63
|
-
"time": "2020-
|
63
|
+
"time": "2020-04-08T08:27:21+00:00"
|
64
64
|
},
|
65
65
|
{
|
66
66
|
"name": "composer/composer",
|
67
|
-
"version": "1.
|
67
|
+
"version": "1.10.6",
|
68
68
|
"source": {
|
69
69
|
"type": "git",
|
70
70
|
"url": "https://github.com/composer/composer.git",
|
71
|
-
"reference": "
|
71
|
+
"reference": "be81b9c4735362c26876bdbfd3b5bc7e7f711c88"
|
72
72
|
},
|
73
73
|
"dist": {
|
74
74
|
"type": "zip",
|
75
|
-
"url": "https://api.github.com/repos/composer/composer/zipball/
|
76
|
-
"reference": "
|
75
|
+
"url": "https://api.github.com/repos/composer/composer/zipball/be81b9c4735362c26876bdbfd3b5bc7e7f711c88",
|
76
|
+
"reference": "be81b9c4735362c26876bdbfd3b5bc7e7f711c88",
|
77
77
|
"shasum": ""
|
78
78
|
},
|
79
79
|
"require": {
|
@@ -86,17 +86,18 @@
|
|
86
86
|
"psr/log": "^1.0",
|
87
87
|
"seld/jsonlint": "^1.4",
|
88
88
|
"seld/phar-utils": "^1.0",
|
89
|
-
"symfony/console": "^2.7 || ^3.0 || ^4.0",
|
90
|
-
"symfony/filesystem": "^2.7 || ^3.0 || ^4.0",
|
91
|
-
"symfony/finder": "^2.7 || ^3.0 || ^4.0",
|
92
|
-
"symfony/process": "^2.7 || ^3.0 || ^4.0"
|
89
|
+
"symfony/console": "^2.7 || ^3.0 || ^4.0 || ^5.0",
|
90
|
+
"symfony/filesystem": "^2.7 || ^3.0 || ^4.0 || ^5.0",
|
91
|
+
"symfony/finder": "^2.7 || ^3.0 || ^4.0 || ^5.0",
|
92
|
+
"symfony/process": "^2.7 || ^3.0 || ^4.0 || ^5.0"
|
93
93
|
},
|
94
94
|
"conflict": {
|
95
|
-
"symfony/console": "2.8.38"
|
95
|
+
"symfony/console": "2.8.38",
|
96
|
+
"symfony/phpunit-bridge": "3.4.40"
|
96
97
|
},
|
97
98
|
"require-dev": {
|
98
|
-
"
|
99
|
-
"
|
99
|
+
"phpspec/prophecy": "^1.10",
|
100
|
+
"symfony/phpunit-bridge": "^3.4"
|
100
101
|
},
|
101
102
|
"suggest": {
|
102
103
|
"ext-openssl": "Enabling the openssl extension allows you to access https URLs for repositories and packages",
|
@@ -109,7 +110,7 @@
|
|
109
110
|
"type": "library",
|
110
111
|
"extra": {
|
111
112
|
"branch-alias": {
|
112
|
-
"dev-master": "1.
|
113
|
+
"dev-master": "1.10-dev"
|
113
114
|
}
|
114
115
|
},
|
115
116
|
"autoload": {
|
@@ -140,7 +141,7 @@
|
|
140
141
|
"dependency",
|
141
142
|
"package"
|
142
143
|
],
|
143
|
-
"time": "2020-
|
144
|
+
"time": "2020-05-06T08:28:10+00:00"
|
144
145
|
},
|
145
146
|
{
|
146
147
|
"name": "composer/semver",
|
@@ -205,16 +206,16 @@
|
|
205
206
|
},
|
206
207
|
{
|
207
208
|
"name": "composer/spdx-licenses",
|
208
|
-
"version": "1.5.
|
209
|
+
"version": "1.5.3",
|
209
210
|
"source": {
|
210
211
|
"type": "git",
|
211
212
|
"url": "https://github.com/composer/spdx-licenses.git",
|
212
|
-
"reference": "
|
213
|
+
"reference": "0c3e51e1880ca149682332770e25977c70cf9dae"
|
213
214
|
},
|
214
215
|
"dist": {
|
215
216
|
"type": "zip",
|
216
|
-
"url": "https://api.github.com/repos/composer/spdx-licenses/zipball/
|
217
|
-
"reference": "
|
217
|
+
"url": "https://api.github.com/repos/composer/spdx-licenses/zipball/0c3e51e1880ca149682332770e25977c70cf9dae",
|
218
|
+
"reference": "0c3e51e1880ca149682332770e25977c70cf9dae",
|
218
219
|
"shasum": ""
|
219
220
|
},
|
220
221
|
"require": {
|
@@ -261,7 +262,7 @@
|
|
261
262
|
"spdx",
|
262
263
|
"validator"
|
263
264
|
],
|
264
|
-
"time": "
|
265
|
+
"time": "2020-02-14T07:44:31+00:00"
|
265
266
|
},
|
266
267
|
{
|
267
268
|
"name": "composer/xdebug-handler",
|
@@ -422,20 +423,20 @@
|
|
422
423
|
},
|
423
424
|
{
|
424
425
|
"name": "seld/jsonlint",
|
425
|
-
"version": "1.
|
426
|
+
"version": "1.8.0",
|
426
427
|
"source": {
|
427
428
|
"type": "git",
|
428
429
|
"url": "https://github.com/Seldaek/jsonlint.git",
|
429
|
-
"reference": "
|
430
|
+
"reference": "ff2aa5420bfbc296cf6a0bc785fa5b35736de7c1"
|
430
431
|
},
|
431
432
|
"dist": {
|
432
433
|
"type": "zip",
|
433
|
-
"url": "https://api.github.com/repos/Seldaek/jsonlint/zipball/
|
434
|
-
"reference": "
|
434
|
+
"url": "https://api.github.com/repos/Seldaek/jsonlint/zipball/ff2aa5420bfbc296cf6a0bc785fa5b35736de7c1",
|
435
|
+
"reference": "ff2aa5420bfbc296cf6a0bc785fa5b35736de7c1",
|
435
436
|
"shasum": ""
|
436
437
|
},
|
437
438
|
"require": {
|
438
|
-
"php": "^5.3 || ^7.0"
|
439
|
+
"php": "^5.3 || ^7.0 || ^8.0"
|
439
440
|
},
|
440
441
|
"require-dev": {
|
441
442
|
"phpunit/phpunit": "^4.8.35 || ^5.7 || ^6.0"
|
@@ -467,20 +468,20 @@
|
|
467
468
|
"parser",
|
468
469
|
"validator"
|
469
470
|
],
|
470
|
-
"time": "
|
471
|
+
"time": "2020-04-30T19:05:18+00:00"
|
471
472
|
},
|
472
473
|
{
|
473
474
|
"name": "seld/phar-utils",
|
474
|
-
"version": "1.0
|
475
|
+
"version": "1.1.0",
|
475
476
|
"source": {
|
476
477
|
"type": "git",
|
477
478
|
"url": "https://github.com/Seldaek/phar-utils.git",
|
478
|
-
"reference": "
|
479
|
+
"reference": "8800503d56b9867d43d9c303b9cbcc26016e82f0"
|
479
480
|
},
|
480
481
|
"dist": {
|
481
482
|
"type": "zip",
|
482
|
-
"url": "https://api.github.com/repos/Seldaek/phar-utils/zipball/
|
483
|
-
"reference": "
|
483
|
+
"url": "https://api.github.com/repos/Seldaek/phar-utils/zipball/8800503d56b9867d43d9c303b9cbcc26016e82f0",
|
484
|
+
"reference": "8800503d56b9867d43d9c303b9cbcc26016e82f0",
|
484
485
|
"shasum": ""
|
485
486
|
},
|
486
487
|
"require": {
|
@@ -509,13 +510,13 @@
|
|
509
510
|
],
|
510
511
|
"description": "PHAR file format utilities, for when PHP phars you up",
|
511
512
|
"keywords": [
|
512
|
-
"
|
513
|
+
"phar"
|
513
514
|
],
|
514
|
-
"time": "2020-
|
515
|
+
"time": "2020-02-14T15:25:33+00:00"
|
515
516
|
},
|
516
517
|
{
|
517
518
|
"name": "symfony/console",
|
518
|
-
"version": "v3.4.
|
519
|
+
"version": "v3.4.40",
|
519
520
|
"source": {
|
520
521
|
"type": "git",
|
521
522
|
"url": "https://github.com/symfony/console.git",
|
@@ -587,7 +588,7 @@
|
|
587
588
|
},
|
588
589
|
{
|
589
590
|
"name": "symfony/debug",
|
590
|
-
"version": "v3.4.
|
591
|
+
"version": "v3.4.40",
|
591
592
|
"source": {
|
592
593
|
"type": "git",
|
593
594
|
"url": "https://github.com/symfony/debug.git",
|
@@ -643,16 +644,16 @@
|
|
643
644
|
},
|
644
645
|
{
|
645
646
|
"name": "symfony/filesystem",
|
646
|
-
"version": "v3.4.
|
647
|
+
"version": "v3.4.40",
|
647
648
|
"source": {
|
648
649
|
"type": "git",
|
649
650
|
"url": "https://github.com/symfony/filesystem.git",
|
650
|
-
"reference": "
|
651
|
+
"reference": "78a93e5606a19d0fb490afc3c4a9b7ecd86e1515"
|
651
652
|
},
|
652
653
|
"dist": {
|
653
654
|
"type": "zip",
|
654
|
-
"url": "https://api.github.com/repos/symfony/filesystem/zipball/
|
655
|
-
"reference": "
|
655
|
+
"url": "https://api.github.com/repos/symfony/filesystem/zipball/78a93e5606a19d0fb490afc3c4a9b7ecd86e1515",
|
656
|
+
"reference": "78a93e5606a19d0fb490afc3c4a9b7ecd86e1515",
|
656
657
|
"shasum": ""
|
657
658
|
},
|
658
659
|
"require": {
|
@@ -689,11 +690,11 @@
|
|
689
690
|
],
|
690
691
|
"description": "Symfony Filesystem Component",
|
691
692
|
"homepage": "https://symfony.com",
|
692
|
-
"time": "2020-
|
693
|
+
"time": "2020-04-12T16:54:01+00:00"
|
693
694
|
},
|
694
695
|
{
|
695
696
|
"name": "symfony/finder",
|
696
|
-
"version": "v3.4.
|
697
|
+
"version": "v3.4.40",
|
697
698
|
"source": {
|
698
699
|
"type": "git",
|
699
700
|
"url": "https://github.com/symfony/finder.git",
|
@@ -859,16 +860,16 @@
|
|
859
860
|
},
|
860
861
|
{
|
861
862
|
"name": "symfony/process",
|
862
|
-
"version": "v3.4.
|
863
|
+
"version": "v3.4.40",
|
863
864
|
"source": {
|
864
865
|
"type": "git",
|
865
866
|
"url": "https://github.com/symfony/process.git",
|
866
|
-
"reference": "
|
867
|
+
"reference": "f5104c9dcbc2cfad45d01d5150c1da9836967271"
|
867
868
|
},
|
868
869
|
"dist": {
|
869
870
|
"type": "zip",
|
870
|
-
"url": "https://api.github.com/repos/symfony/process/zipball/
|
871
|
-
"reference": "
|
871
|
+
"url": "https://api.github.com/repos/symfony/process/zipball/f5104c9dcbc2cfad45d01d5150c1da9836967271",
|
872
|
+
"reference": "f5104c9dcbc2cfad45d01d5150c1da9836967271",
|
872
873
|
"shasum": ""
|
873
874
|
},
|
874
875
|
"require": {
|
@@ -904,7 +905,7 @@
|
|
904
905
|
],
|
905
906
|
"description": "Symfony Process Component",
|
906
907
|
"homepage": "https://symfony.com",
|
907
|
-
"time": "2020-
|
908
|
+
"time": "2020-04-12T14:33:46+00:00"
|
908
909
|
}
|
909
910
|
],
|
910
911
|
"packages-dev": [
|
@@ -1226,16 +1227,16 @@
|
|
1226
1227
|
},
|
1227
1228
|
{
|
1228
1229
|
"name": "phpstan/phpstan",
|
1229
|
-
"version": "0.12.
|
1230
|
+
"version": "0.12.29",
|
1230
1231
|
"source": {
|
1231
1232
|
"type": "git",
|
1232
1233
|
"url": "https://github.com/phpstan/phpstan.git",
|
1233
|
-
"reference": "
|
1234
|
+
"reference": "9771daaf6b95c6313b908d0bcdee0afcd51f838a"
|
1234
1235
|
},
|
1235
1236
|
"dist": {
|
1236
1237
|
"type": "zip",
|
1237
|
-
"url": "https://api.github.com/repos/phpstan/phpstan/zipball/
|
1238
|
-
"reference": "
|
1238
|
+
"url": "https://api.github.com/repos/phpstan/phpstan/zipball/9771daaf6b95c6313b908d0bcdee0afcd51f838a",
|
1239
|
+
"reference": "9771daaf6b95c6313b908d0bcdee0afcd51f838a",
|
1239
1240
|
"shasum": ""
|
1240
1241
|
},
|
1241
1242
|
"require": {
|
@@ -1264,7 +1265,7 @@
|
|
1264
1265
|
"MIT"
|
1265
1266
|
],
|
1266
1267
|
"description": "PHPStan - PHP Static Analysis Tool",
|
1267
|
-
"time": "2020-
|
1268
|
+
"time": "2020-06-14T14:10:59+00:00"
|
1268
1269
|
},
|
1269
1270
|
{
|
1270
1271
|
"name": "symfony/event-dispatcher",
|
@@ -1556,5 +1557,6 @@
|
|
1556
1557
|
"php": "^7.1",
|
1557
1558
|
"ext-json": "*"
|
1558
1559
|
},
|
1559
|
-
"platform-dev": []
|
1560
|
+
"platform-dev": [],
|
1561
|
+
"plugin-api-version": "1.1.0"
|
1560
1562
|
}
|
@@ -11,7 +11,7 @@ require "dependabot/composer/file_parser"
|
|
11
11
|
module Dependabot
|
12
12
|
module Composer
|
13
13
|
class UpdateChecker
|
14
|
-
class VersionResolver
|
14
|
+
class VersionResolver # rubocop:disable Metrics/ClassLength
|
15
15
|
class MissingExtensions < StandardError
|
16
16
|
attr_reader :extensions
|
17
17
|
|
@@ -72,10 +72,7 @@ module Dependabot
|
|
72
72
|
def fetch_latest_resolvable_version_string
|
73
73
|
base_directory = dependency_files.first.directory
|
74
74
|
SharedHelpers.in_a_temporary_directory(base_directory) do
|
75
|
-
|
76
|
-
File.write("composer.lock", lockfile.content) if lockfile
|
77
|
-
File.write("auth.json", auth_json.content) if auth_json
|
78
|
-
|
75
|
+
write_temporary_dependency_files
|
79
76
|
run_update_checker
|
80
77
|
end
|
81
78
|
rescue SharedHelpers::HelperSubprocessFailed => e
|
@@ -85,6 +82,37 @@ module Dependabot
|
|
85
82
|
handle_composer_errors(e)
|
86
83
|
end
|
87
84
|
|
85
|
+
def write_temporary_dependency_files(unlock_requirement: true)
|
86
|
+
write_dependency_file(unlock_requirement: unlock_requirement)
|
87
|
+
write_path_dependency_files
|
88
|
+
write_lockfile
|
89
|
+
write_auth_file
|
90
|
+
end
|
91
|
+
|
92
|
+
def write_dependency_file(unlock_requirement:)
|
93
|
+
File.write(
|
94
|
+
"composer.json",
|
95
|
+
prepared_composer_json_content(
|
96
|
+
unlock_requirement: unlock_requirement
|
97
|
+
)
|
98
|
+
)
|
99
|
+
end
|
100
|
+
|
101
|
+
def write_path_dependency_files
|
102
|
+
path_dependency_files.each do |file|
|
103
|
+
FileUtils.mkdir_p(Pathname.new(file.name).dirname)
|
104
|
+
File.write(file.name, file.content)
|
105
|
+
end
|
106
|
+
end
|
107
|
+
|
108
|
+
def write_lockfile
|
109
|
+
File.write("composer.lock", lockfile.content) if lockfile
|
110
|
+
end
|
111
|
+
|
112
|
+
def write_auth_file
|
113
|
+
File.write("auth.json", auth_json.content) if auth_json
|
114
|
+
end
|
115
|
+
|
88
116
|
def transitory_failure?(error)
|
89
117
|
return true if error.message.include?("404 Not Found")
|
90
118
|
return true if error.message.include?("timed out")
|
@@ -332,17 +360,10 @@ module Dependabot
|
|
332
360
|
end
|
333
361
|
end
|
334
362
|
|
335
|
-
# rubocop:disable Metrics/AbcSize
|
336
|
-
# rubocop:disable Metrics/PerceivedComplexity
|
337
363
|
def check_original_requirements_resolvable
|
338
364
|
base_directory = dependency_files.first.directory
|
339
365
|
SharedHelpers.in_a_temporary_directory(base_directory) do
|
340
|
-
|
341
|
-
"composer.json",
|
342
|
-
prepared_composer_json_content(unlock_requirement: false)
|
343
|
-
)
|
344
|
-
File.write("composer.lock", lockfile.content) if lockfile
|
345
|
-
File.write("auth.json", auth_json.content) if auth_json
|
366
|
+
write_temporary_dependency_files(unlock_requirement: false)
|
346
367
|
|
347
368
|
run_update_checker
|
348
369
|
end
|
@@ -370,9 +391,6 @@ module Dependabot
|
|
370
391
|
|
371
392
|
raise Dependabot::DependencyFileNotResolvable, e.message
|
372
393
|
end
|
373
|
-
# rubocop:enable Metrics/AbcSize
|
374
|
-
|
375
|
-
# rubocop:enable Metrics/PerceivedComplexity
|
376
394
|
|
377
395
|
def version_for_reqs(requirements)
|
378
396
|
req_arrays =
|
@@ -445,6 +463,11 @@ module Dependabot
|
|
445
463
|
dependency_files.find { |f| f.name == "composer.json" }
|
446
464
|
end
|
447
465
|
|
466
|
+
def path_dependency_files
|
467
|
+
@path_dependency_files ||=
|
468
|
+
dependency_files.select { |f| f.name.end_with?("/composer.json") }
|
469
|
+
end
|
470
|
+
|
448
471
|
def lockfile
|
449
472
|
@lockfile ||=
|
450
473
|
dependency_files.find { |f| f.name == "composer.lock" }
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-composer
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.118.
|
4
|
+
version: 0.118.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-06-
|
11
|
+
date: 2020-06-18 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dependabot-common
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.118.
|
19
|
+
version: 0.118.3
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.118.
|
26
|
+
version: 0.118.3
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: byebug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|