dependabot-core 0.86.10 → 0.86.11

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +5 -0
  3. data/lib/dependabot/file_fetchers/ruby/bundler.rb +4 -2
  4. data/lib/dependabot/file_fetchers/ruby/bundler/path_gemspec_finder.rb +1 -1
  5. data/lib/dependabot/file_updaters/java_script/npm_and_yarn/npmrc_builder.rb +1 -0
  6. data/lib/dependabot/version.rb +1 -1
  7. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ef5a65ecbedea39372a9838b6bd0c0d599fc353fd5069c6b29f3a64f7f4d8e1e
4
- data.tar.gz: 354b5fe1016c8fb3ab475a1496b7c949dea4136f37786987957f75824e43e8da
3
+ metadata.gz: a823a69ede90ac8ad982e3d4c981c85cbc62e33507397879ea479b2e0bf00984
4
+ data.tar.gz: a6a9dccfe89393ae011b349ba920805d73624ad85dc2bbbd39297f40ac67276b
5
5
  SHA512:
6
- metadata.gz: 1f0892f47eb105fd2ab4cc86a95035cce4e522f81280eef70ec06d21ecf05d18388cd90350caa063fc790bc69e7d2124b67373947e35409a3d62bb7c0629e032
7
- data.tar.gz: 23f5175a2494e5459f95a05671cb2a00c7d6a228350629f82c4bbf8a5325955edc7ead747d64d81fd4d950a11c5892a3f5123f6ccf5e197ea96ce6e764c450de
6
+ metadata.gz: 96475ab54827e805d29e052e3baf27575e14fcad264453fcc35f115770219a2f607faec7563de0e0698ed80cd75d034ed3c506ba9435836259fc361e1d5fb0cf
7
+ data.tar.gz: 1a719919ce887458492c70a5f447d044c13d71fc313a57a618d8bb79f8a95a3c91104bd634ddcae2e8157bb294756481c7080ce739bb46d6d361b91e0b97494f
data/CHANGELOG.md CHANGED
@@ -1,3 +1,8 @@
1
+ ## v0.86.11, 25 December 2018
2
+
3
+ - Ruby: Ensure gemspec paths are always pathnames
4
+ - JS: Handle non-string entries for resolution
5
+
1
6
  ## v0.86.10, 24 December 2018
2
7
 
3
8
  - .NET: Filter out non-URL repos
data/lib/dependabot/file_fetchers/ruby/bundler.rb CHANGED
@@ -83,8 +83,6 @@ module Dependabot
83
83
  gemspec_files = []
84
84
  unfetchable_gems = []
85
85
 
86
- gemspec_paths = fetch_gemspec_paths
87
-
88
86
  gemspec_paths.each do |path|
89
87
  # Get any gemspecs at the path itself
90
88
  gemspecs_at_path = fetch_gemspecs_from_directory(path)
@@ -114,6 +112,10 @@ module Dependabot
114
112
  gemspec_files.tap { |ar| ar.each { |f| f.support_file = true } }
115
113
  end
116
114
 
115
+ def gemspec_paths
116
+ fetch_gemspec_paths.map { |path| Pathname.new(path) }
117
+ end
118
+
117
119
  def require_relative_files(files)
118
120
  ruby_files =
119
121
  files.select { |f| f.name.end_with?(".rb", "Gemfile", ".gemspec") }
data/lib/dependabot/file_fetchers/ruby/bundler/path_gemspec_finder.rb CHANGED
@@ -70,7 +70,7 @@ module Dependabot
70
70
  path = Pathname.new(path).relative_path_from(base_path).to_s
71
71
  end
72
72
  path = File.join(current_dir, path) unless current_dir.nil?
73
- Pathname.new(path).cleanpath.to_path
73
+ Pathname.new(path).cleanpath
74
74
  end
75
75
 
76
76
  # rubocop:disable Security/Eval
data/lib/dependabot/file_updaters/java_script/npm_and_yarn/npmrc_builder.rb CHANGED
@@ -79,6 +79,7 @@ module Dependabot
79
79
  if package_lock
80
80
  parsed_package_lock.fetch("dependencies", {}).
81
81
  map { |_, details| details["resolved"] }.compact.
82
+ select { |url| url.is_a?(String) }.
82
83
  reject { |url| url.start_with?("git") }
83
84
  elsif yarn_lock
84
85
  yarn_lock.content.scan(/ resolved "(.*?)"/).flatten
data/lib/dependabot/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Dependabot
4
- VERSION = "0.86.10"
4
+ VERSION = "0.86.11"
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-core
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.86.10
4
+ version: 0.86.11
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-12-24 00:00:00.000000000 Z
11
+ date: 2018-12-25 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-ecr