RubyGems - dependabot-composer - Versions diffs - 0.131.0 → 0.131.1 - Mend

dependabot-composer 0.131.0 → 0.131.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

checksums.yaml +4 -4
data/lib/dependabot/composer/requirement.rb +3 -3
data/lib/dependabot/composer/update_checker/version_resolver.rb +9 -4
metadata +4 -4

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7aba26536e727376564c3b69afbd7ce33d633552ef310bdf7f6da7c5e1f41d2c
-  data.tar.gz: afcc4c62ab34708dda1e75023b6b2c9c60fbbe2c5afa2349f110e7ee0578c7c4
+  metadata.gz: a27e37a9dd38fbba7ee3b5f04245a78c9b755437ff765d1ad8b5ffd30bcc6f29
+  data.tar.gz: c15d4502a9fde9cfbf53fb4d84569a8a0fafd31872c366e8d18230c7f29e9153
 SHA512:
-  metadata.gz: 3bd37bc5201163e7824c98e71b1983c0b856f14a4f4574df538cfb79f8ab05b772c97abb6b4c37e22ee11f54f84a7dd6651cf2b54811e6a9a4580802d4b77c50
-  data.tar.gz: 441bdf7a7718f358f78647964aa5c6daca4c4fba07c2d210a5399e340b5feabfa0752870532af35d0bf109c0e1ba3cd5460be2d5849f59e8fb95bae4670978db
+  metadata.gz: a63b59cc402d72fbcd07c8e66981c532aa3e905a0cba1322dc00720919aef5ba2ba121fcc0c57624dbcd797111fccbcda320a0aa99bac9796e3b39cfcb0a2974
+  data.tar.gz: 9979c7369a635deb4417baf201ab87a902ba93b1e5e3077ab2839ed0d0f05790badc768e78868159881795f3abe4b1fddeee6fd67d5ad7efe86b731952d2ce97

data/lib/dependabot/composer/requirement.rb CHANGED Viewed

@@ -44,9 +44,9 @@ module Dependabot
         if req_string.start_with?("*", "x") then ">= 0"
         elsif req_string.include?("*") then convert_wildcard_req(req_string)
-        elsif req_string.include?(".x") then convert_wildcard_req(req_string)
-        elsif req_string.match?(/^~[^>]/) then convert_tilde_req(req_string)
         elsif req_string.start_with?("^") then convert_caret_req(req_string)
+        elsif req_string.match?(/^~[^>]/) then convert_tilde_req(req_string)
+        elsif req_string.include?(".x") then convert_wildcard_req(req_string)
         elsif req_string.match?(/\s-\s/) then convert_hyphen_req(req_string)
         else req_string
         end
@@ -68,7 +68,7 @@ module Dependabot
       end
       def convert_caret_req(req_string)
-        version = req_string.gsub(/^\^/, "")
+        version = req_string.gsub(/^\^/, "").gsub("x-dev", "0")
         parts = version.split(".")
         first_non_zero = parts.find { |d| d != "0" }
         first_non_zero_index =

data/lib/dependabot/composer/update_checker/version_resolver.rb CHANGED Viewed

@@ -159,7 +159,7 @@ module Dependabot
           json = JSON.parse(content)
           composer_platform_extensions.each do |extension, requirements|
-            raise "No matching version for #{requirements}!" unless version_for_reqs(requirements)
+            next unless version_for_reqs(requirements)
             json["config"] ||= {}
             json["config"]["platform"] ||= {}
@@ -254,9 +254,7 @@ module Dependabot
               error.message.match(/Failed to clone (?<url>.*?) via/).
               named_captures.fetch("url")
             raise Dependabot::GitDependenciesNotReachable, dependency_url
-          elsif error.message.start_with?("Could not parse version") ||
-                error.message.include?("does not allow connections to http://") ||
-                error.message.match?(/The `url` supplied for the path .* does not exist/)
+          elsif unresolvable_error?(error)
             raise Dependabot::DependencyFileNotResolvable, sanitized_message
           elsif error.message.match?(MISSING_EXPLICIT_PLATFORM_REQ_REGEX)
             # These errors occur when platform requirements declared explicitly
@@ -347,6 +345,13 @@ module Dependabot
         # rubocop:enable Metrics/CyclomaticComplexity
         # rubocop:enable Metrics/MethodLength
+        def unresolvable_error?(error)
+          error.message.start_with?("Could not parse version") ||
+            error.message.include?("does not allow connections to http://") ||
+            error.message.match?(/The `url` supplied for the path .* does not exist/) ||
+            error.message.start_with?("Invalid version string")
+        end
         def library?
           parsed_composer_file["type"] == "library"
         end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-composer
 version: !ruby/object:Gem::Version
-  version: 0.131.0
+  version: 0.131.1
 platform: ruby
 authors:
 - Dependabot
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-02-04 00:00:00.000000000 Z
+date: 2021-02-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.131.0
+        version: 0.131.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.131.0
+        version: 0.131.1
 - !ruby/object:Gem::Dependency
   name: byebug
   requirement: !ruby/object:Gem::Requirement