dependabot-composer 0.283.0 → 0.284.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/composer/file_parser.rb +14 -3
- data/lib/dependabot/composer/package_manager.rb +13 -22
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ad969271d547cae9e3c61478cd18bfcfb1d929fc33cedb36797c86f7763cfffa
|
|
4
|
+
data.tar.gz: 358b50f002d51effcacfa7dcdc5743a66f2a7f5b7e60c319191e6d84ac364c45
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: bc855cfb10f61f18f3819a4bf5f8c3b30ed23812e0abb87e994537ce2f296267d70c0378b2e1901a6258b1d5c6ab131432612af07870d959d7913df0b3225179
|
|
7
|
+
data.tar.gz: c4cb94ed6706c3417508bbcfd6918efa1b5d18c02b814ea1726111a76f806b4cd2cb03ee66be4f5cbdae5c02a8213a77b9ed4881f7a94436733b52f772a11791
|
|
@@ -35,13 +35,24 @@ module Dependabot
|
|
|
35
35
|
dependency_set.dependencies
|
|
36
36
|
end
|
|
37
37
|
|
|
38
|
-
sig { returns(
|
|
39
|
-
def
|
|
40
|
-
|
|
38
|
+
sig { returns(Ecosystem) }
|
|
39
|
+
def ecosystem
|
|
40
|
+
@ecosystem ||= T.let(
|
|
41
|
+
Ecosystem.new(
|
|
42
|
+
name: ECOSYSTEM,
|
|
43
|
+
package_manager: package_manager
|
|
44
|
+
),
|
|
45
|
+
T.nilable(Ecosystem)
|
|
46
|
+
)
|
|
41
47
|
end
|
|
42
48
|
|
|
43
49
|
private
|
|
44
50
|
|
|
51
|
+
sig { returns(Ecosystem::VersionManager) }
|
|
52
|
+
def package_manager
|
|
53
|
+
PackageManager.new(composer_version)
|
|
54
|
+
end
|
|
55
|
+
|
|
45
56
|
sig { returns(DependencySet) }
|
|
46
57
|
def manifest_dependencies # rubocop:disable Metrics/PerceivedComplexity
|
|
47
58
|
dependencies = T.let(DependencySet.new, DependencySet)
|
|
@@ -2,11 +2,12 @@
|
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require "sorbet-runtime"
|
|
5
|
-
require "dependabot/
|
|
5
|
+
require "dependabot/ecosystem"
|
|
6
6
|
require "dependabot/composer/version"
|
|
7
7
|
|
|
8
8
|
module Dependabot
|
|
9
9
|
module Composer
|
|
10
|
+
ECOSYSTEM = "composer"
|
|
10
11
|
PACKAGE_MANAGER = "composer"
|
|
11
12
|
|
|
12
13
|
# Keep versions in ascending order
|
|
@@ -16,29 +17,19 @@ module Dependabot
|
|
|
16
17
|
Version.new("1")
|
|
17
18
|
].freeze, T::Array[Dependabot::Version])
|
|
18
19
|
|
|
19
|
-
class PackageManager <
|
|
20
|
+
class PackageManager < Dependabot::Ecosystem::VersionManager
|
|
20
21
|
extend T::Sig
|
|
21
22
|
|
|
22
|
-
sig { params(
|
|
23
|
-
def initialize(
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
23
|
+
sig { params(raw_version: String).void }
|
|
24
|
+
def initialize(raw_version)
|
|
25
|
+
super(
|
|
26
|
+
PACKAGE_MANAGER,
|
|
27
|
+
Version.new(raw_version),
|
|
28
|
+
DEPRECATED_COMPOSER_VERSIONS,
|
|
29
|
+
SUPPORTED_COMPOSER_VERSIONS,
|
|
30
|
+
)
|
|
28
31
|
end
|
|
29
32
|
|
|
30
|
-
sig { override.returns(String) }
|
|
31
|
-
attr_reader :name
|
|
32
|
-
|
|
33
|
-
sig { override.returns(Dependabot::Version) }
|
|
34
|
-
attr_reader :version
|
|
35
|
-
|
|
36
|
-
sig { override.returns(T::Array[Dependabot::Version]) }
|
|
37
|
-
attr_reader :deprecated_versions
|
|
38
|
-
|
|
39
|
-
sig { override.returns(T::Array[Dependabot::Version]) }
|
|
40
|
-
attr_reader :supported_versions
|
|
41
|
-
|
|
42
33
|
sig { override.returns(T::Boolean) }
|
|
43
34
|
def deprecated?
|
|
44
35
|
return false if unsupported?
|
|
@@ -46,7 +37,7 @@ module Dependabot
|
|
|
46
37
|
# Check if the feature flag for Composer v1 deprecation warning is enabled.
|
|
47
38
|
return false unless Dependabot::Experiments.enabled?(:composer_v1_deprecation_warning)
|
|
48
39
|
|
|
49
|
-
|
|
40
|
+
super
|
|
50
41
|
end
|
|
51
42
|
|
|
52
43
|
sig { override.returns(T::Boolean) }
|
|
@@ -54,7 +45,7 @@ module Dependabot
|
|
|
54
45
|
# Check if the feature flag for Composer v1 unsupported error is enabled.
|
|
55
46
|
return false unless Dependabot::Experiments.enabled?(:composer_v1_unsupported_error)
|
|
56
47
|
|
|
57
|
-
|
|
48
|
+
super
|
|
58
49
|
end
|
|
59
50
|
end
|
|
60
51
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-composer
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.284.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-
|
|
11
|
+
date: 2024-11-05 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.284.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.284.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -287,7 +287,7 @@ licenses:
|
|
|
287
287
|
- MIT
|
|
288
288
|
metadata:
|
|
289
289
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
290
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
290
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.284.0
|
|
291
291
|
post_install_message:
|
|
292
292
|
rdoc_options: []
|
|
293
293
|
require_paths:
|