dependabot-core 0.89.5 → 0.90.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 072d89ceba9a4bef7121feb23ed858ce922cb1f688a23f4c043a9f6f0e1b9d48
4
- data.tar.gz: 2a673cbb63589dac0676f1ba7c6e0087f1d97b0ab9c86108f8b8923077f857dc
3
+ metadata.gz: 16f8747542b4fc3313c1000f962e502ef631ed367803b8230df2f2398d06d443
4
+ data.tar.gz: 4b2813423eb666b5bf3a2f42671514b88e8035baaa6b8d7ef1025e58b2b380a3
5
5
  SHA512:
6
- metadata.gz: 3c5fb71ca9a5a77ed64d0874bcff0e0d3d352ce42cdfaa0eacb90479acd30b59916c14c5977fd0220d98f5a9971490b1e62ed4e25b15f35146a722a53fe5303b
7
- data.tar.gz: 98461a9c198d131731945238f4f2cb9008420ca75e807d7f7186b4f38b711aa9497dec22a391badddc73277f30a7cfcb037f4485a4f2315f403a843a58c6f5fb
6
+ metadata.gz: 4bf9f62b5f78ac6781a2d9cd5533eed4ac01921d42a4a7e27c35d47763f38505af0d58ef33644ab90609528d56a035635f8fa8e7cfb30adf5c0b1843291f60c4
7
+ data.tar.gz: 7ff0f2b12276cf321c23f9a83417ae4d53bd37266ae291d44c3889737ac0fb673f28b75a189bb16a168789e5708011a0bb039b92cb6b9289b80dddaed268cfcc
data/CHANGELOG.md CHANGED
@@ -1,3 +1,8 @@
1
+ ## v0.90.0, 14 January 2019
2
+
3
+ - Python: Bump poetry from 0.12.10 to 0.12.11 in /python/helpers
4
+ - Reorg dep
5
+
1
6
  ## v0.89.5, 13 January 2019
2
7
 
3
8
  - .NET: Handle wildcard requirements without any digits
@@ -2,14 +2,12 @@
2
2
 
3
3
  require "dependabot/file_fetchers/ruby/bundler"
4
4
  require "dependabot/file_fetchers/java_script/npm_and_yarn"
5
- require "dependabot/file_fetchers/go/dep"
6
5
 
7
6
  module Dependabot
8
7
  module FileFetchers
9
8
  @file_fetchers = {
10
9
  "bundler" => FileFetchers::Ruby::Bundler,
11
- "npm_and_yarn" => FileFetchers::JavaScript::NpmAndYarn,
12
- "dep" => FileFetchers::Go::Dep
10
+ "npm_and_yarn" => FileFetchers::JavaScript::NpmAndYarn
13
11
  }
14
12
 
15
13
  def self.for_package_manager(package_manager)
@@ -2,14 +2,12 @@
2
2
 
3
3
  require "dependabot/file_parsers/ruby/bundler"
4
4
  require "dependabot/file_parsers/java_script/npm_and_yarn"
5
- require "dependabot/file_parsers/go/dep"
6
5
 
7
6
  module Dependabot
8
7
  module FileParsers
9
8
  @file_parsers = {
10
9
  "bundler" => FileParsers::Ruby::Bundler,
11
- "npm_and_yarn" => FileParsers::JavaScript::NpmAndYarn,
12
- "dep" => FileParsers::Go::Dep
10
+ "npm_and_yarn" => FileParsers::JavaScript::NpmAndYarn
13
11
  }
14
12
 
15
13
  def self.for_package_manager(package_manager)
@@ -2,14 +2,12 @@
2
2
 
3
3
  require "dependabot/file_updaters/ruby/bundler"
4
4
  require "dependabot/file_updaters/java_script/npm_and_yarn"
5
- require "dependabot/file_updaters/go/dep"
6
5
 
7
6
  module Dependabot
8
7
  module FileUpdaters
9
8
  @file_updaters = {
10
9
  "bundler" => FileUpdaters::Ruby::Bundler,
11
- "npm_and_yarn" => FileUpdaters::JavaScript::NpmAndYarn,
12
- "dep" => FileUpdaters::Go::Dep
10
+ "npm_and_yarn" => FileUpdaters::JavaScript::NpmAndYarn
13
11
  }
14
12
 
15
13
  def self.for_package_manager(package_manager)
@@ -2,14 +2,12 @@
2
2
 
3
3
  require "dependabot/metadata_finders/ruby/bundler"
4
4
  require "dependabot/metadata_finders/java_script/npm_and_yarn"
5
- require "dependabot/metadata_finders/go/dep"
6
5
 
7
6
  module Dependabot
8
7
  module MetadataFinders
9
8
  @metadata_finders = {
10
9
  "bundler" => MetadataFinders::Ruby::Bundler,
11
- "npm_and_yarn" => MetadataFinders::JavaScript::NpmAndYarn,
12
- "dep" => MetadataFinders::Go::Dep
10
+ "npm_and_yarn" => MetadataFinders::JavaScript::NpmAndYarn
13
11
  }
14
12
 
15
13
  def self.for_package_manager(package_manager)
@@ -2,14 +2,12 @@
2
2
 
3
3
  require "dependabot/update_checkers/ruby/bundler"
4
4
  require "dependabot/update_checkers/java_script/npm_and_yarn"
5
- require "dependabot/update_checkers/go/dep"
6
5
 
7
6
  module Dependabot
8
7
  module UpdateCheckers
9
8
  @update_checkers = {
10
9
  "bundler" => UpdateCheckers::Ruby::Bundler,
11
- "npm_and_yarn" => UpdateCheckers::JavaScript::NpmAndYarn,
12
- "dep" => UpdateCheckers::Go::Dep
10
+ "npm_and_yarn" => UpdateCheckers::JavaScript::NpmAndYarn
13
11
  }
14
12
 
15
13
  def self.for_package_manager(package_manager)
@@ -1,11 +1,9 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  require "dependabot/utils/java_script/version"
4
- require "dependabot/utils/go/version"
5
4
 
6
5
  require "dependabot/utils/java_script/requirement"
7
6
  require "dependabot/utils/ruby/requirement"
8
- require "dependabot/utils/go/requirement"
9
7
 
10
8
  # TODO: in due course, these "registries" should live in a wrapper gem, not
11
9
  # dependabot-core.
@@ -15,8 +13,7 @@ module Dependabot
15
13
  "bundler" => Gem::Version,
16
14
  "submodules" => Gem::Version,
17
15
  "docker" => Gem::Version,
18
- "npm_and_yarn" => Utils::JavaScript::Version,
19
- "dep" => Utils::Go::Version
16
+ "npm_and_yarn" => Utils::JavaScript::Version
20
17
  }
21
18
 
22
19
  def self.version_class_for_package_manager(package_manager)
@@ -34,8 +31,7 @@ module Dependabot
34
31
  "bundler" => Utils::Ruby::Requirement,
35
32
  "submodules" => Utils::Ruby::Requirement,
36
33
  "docker" => Utils::Ruby::Requirement,
37
- "npm_and_yarn" => Utils::JavaScript::Requirement,
38
- "dep" => Utils::Go::Requirement
34
+ "npm_and_yarn" => Utils::JavaScript::Requirement
39
35
  }
40
36
 
41
37
  def self.requirement_class_for_package_manager(package_manager)
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Dependabot
4
- VERSION = "0.89.5"
4
+ VERSION = "0.90.0"
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-core
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.89.5
4
+ version: 0.90.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-01-13 00:00:00.000000000 Z
11
+ date: 2019-01-14 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-ecr
@@ -298,12 +298,6 @@ files:
298
298
  - CHANGELOG.md
299
299
  - LICENSE
300
300
  - README.md
301
- - helpers/go/Makefile
302
- - helpers/go/go.mod
303
- - helpers/go/go.sum
304
- - helpers/go/importresolver/go.mod
305
- - helpers/go/importresolver/main.go
306
- - helpers/go/main.go
307
301
  - helpers/npm/.eslintrc
308
302
  - helpers/npm/bin/run.js
309
303
  - helpers/npm/lib/helpers.js
@@ -354,7 +348,6 @@ files:
354
348
  - lib/dependabot/file_fetchers.rb
355
349
  - lib/dependabot/file_fetchers/README.md
356
350
  - lib/dependabot/file_fetchers/base.rb
357
- - lib/dependabot/file_fetchers/go/dep.rb
358
351
  - lib/dependabot/file_fetchers/java_script/npm_and_yarn.rb
359
352
  - lib/dependabot/file_fetchers/java_script/npm_and_yarn/path_dependency_builder.rb
360
353
  - lib/dependabot/file_fetchers/ruby/bundler.rb
@@ -366,7 +359,6 @@ files:
366
359
  - lib/dependabot/file_parsers/README.md
367
360
  - lib/dependabot/file_parsers/base.rb
368
361
  - lib/dependabot/file_parsers/base/dependency_set.rb
369
- - lib/dependabot/file_parsers/go/dep.rb
370
362
  - lib/dependabot/file_parsers/java_script/npm_and_yarn.rb
371
363
  - lib/dependabot/file_parsers/ruby/bundler.rb
372
364
  - lib/dependabot/file_parsers/ruby/bundler/file_preparer.rb
@@ -374,9 +366,6 @@ files:
374
366
  - lib/dependabot/file_updaters.rb
375
367
  - lib/dependabot/file_updaters/README.md
376
368
  - lib/dependabot/file_updaters/base.rb
377
- - lib/dependabot/file_updaters/go/dep.rb
378
- - lib/dependabot/file_updaters/go/dep/lockfile_updater.rb
379
- - lib/dependabot/file_updaters/go/dep/manifest_updater.rb
380
369
  - lib/dependabot/file_updaters/java_script/npm_and_yarn.rb
381
370
  - lib/dependabot/file_updaters/java_script/npm_and_yarn/npm_lockfile_updater.rb
382
371
  - lib/dependabot/file_updaters/java_script/npm_and_yarn/npmrc_builder.rb
@@ -400,7 +389,6 @@ files:
400
389
  - lib/dependabot/metadata_finders/base/changelog_pruner.rb
401
390
  - lib/dependabot/metadata_finders/base/commits_finder.rb
402
391
  - lib/dependabot/metadata_finders/base/release_finder.rb
403
- - lib/dependabot/metadata_finders/go/dep.rb
404
392
  - lib/dependabot/metadata_finders/java_script/npm_and_yarn.rb
405
393
  - lib/dependabot/metadata_finders/ruby/bundler.rb
406
394
  - lib/dependabot/pull_request_creator.rb
@@ -417,11 +405,6 @@ files:
417
405
  - lib/dependabot/update_checkers.rb
418
406
  - lib/dependabot/update_checkers/README.md
419
407
  - lib/dependabot/update_checkers/base.rb
420
- - lib/dependabot/update_checkers/go/dep.rb
421
- - lib/dependabot/update_checkers/go/dep/file_preparer.rb
422
- - lib/dependabot/update_checkers/go/dep/latest_version_finder.rb
423
- - lib/dependabot/update_checkers/go/dep/requirements_updater.rb
424
- - lib/dependabot/update_checkers/go/dep/version_resolver.rb
425
408
  - lib/dependabot/update_checkers/java_script/npm_and_yarn.rb
426
409
  - lib/dependabot/update_checkers/java_script/npm_and_yarn/latest_version_finder.rb
427
410
  - lib/dependabot/update_checkers/java_script/npm_and_yarn/library_detector.rb
@@ -438,10 +421,6 @@ files:
438
421
  - lib/dependabot/update_checkers/ruby/bundler/shared_bundler_helpers.rb
439
422
  - lib/dependabot/update_checkers/ruby/bundler/version_resolver.rb
440
423
  - lib/dependabot/utils.rb
441
- - lib/dependabot/utils/go/path_converter.rb
442
- - lib/dependabot/utils/go/requirement.rb
443
- - lib/dependabot/utils/go/shared_helper.rb
444
- - lib/dependabot/utils/go/version.rb
445
424
  - lib/dependabot/utils/java_script/requirement.rb
446
425
  - lib/dependabot/utils/java_script/version.rb
447
426
  - lib/dependabot/utils/ruby/requirement.rb
data/helpers/go/Makefile DELETED
@@ -1,9 +0,0 @@
1
- .PHONY = all
2
-
3
- all: darwin linux
4
-
5
- darwin:
6
- GO111MODULE=on GOOS=darwin GOARCH=amd64 go build -o go-helpers.darwin64 .
7
-
8
- linux:
9
- GO111MODULE=on GOOS=linux GOARCH=amd64 go build -o go-helpers.linux64 .
data/helpers/go/go.mod DELETED
@@ -1,8 +0,0 @@
1
- module github.com/dependabot/dependabot-core/helpers/go
2
-
3
- require (
4
- github.com/Masterminds/vcs v1.12.0
5
- github.com/dependabot/dependabot-core/helpers/go/importresolver v0.0.0
6
- )
7
-
8
- replace github.com/dependabot/dependabot-core/helpers/go/importresolver => ./importresolver
data/helpers/go/go.sum DELETED
@@ -1,2 +0,0 @@
1
- github.com/Masterminds/vcs v1.12.0 h1:bt9Hb4XlfmEfLnVA0MVz2NO0GFuMN5vX8iOWW38Xde4=
2
- github.com/Masterminds/vcs v1.12.0/go.mod h1:N09YCmOQr6RLxC6UNHzuVwAdodYbbnycGHSmwVJjcKA=
@@ -1 +0,0 @@
1
- module github.com/dependabot/dependabot-core/helpers/go/importresolver
@@ -1,34 +0,0 @@
1
- package importresolver
2
-
3
- import (
4
- "io/ioutil"
5
- "strings"
6
-
7
- "github.com/Masterminds/vcs"
8
- )
9
-
10
- type Args struct {
11
- Import string
12
- }
13
-
14
- func VCSRemoteForImport(args *Args) (interface{}, error) {
15
- remote := args.Import
16
- scheme := strings.Split(remote, ":")[0]
17
- switch scheme {
18
- case "http", "https":
19
- default:
20
- remote = "https://" + remote
21
- }
22
-
23
- local, err := ioutil.TempDir("", "unused-vcs-local-dir")
24
- if err != nil {
25
- return nil, err
26
- }
27
-
28
- repo, err := vcs.NewRepo(remote, local)
29
- if err != nil {
30
- return nil, err
31
- }
32
-
33
- return repo.Remote(), nil
34
- }
data/helpers/go/main.go DELETED
@@ -1,67 +0,0 @@
1
- package main
2
-
3
- import (
4
- "encoding/json"
5
- "fmt"
6
- "log"
7
- "os"
8
-
9
- "github.com/dependabot/dependabot-core/helpers/go/importresolver"
10
- )
11
-
12
- type HelperParams struct {
13
- Function string `json:"function"`
14
- Args json.RawMessage `json:"args"`
15
- }
16
-
17
- type Output struct {
18
- Error string `json:"error,omitempty"`
19
- Result interface{} `json:"result,omitempty"`
20
- }
21
-
22
- func main() {
23
- d := json.NewDecoder(os.Stdin)
24
- helperParams := &HelperParams{}
25
- if err := d.Decode(helperParams); err != nil {
26
- abort(err)
27
- }
28
-
29
- var (
30
- funcOut interface{}
31
- funcErr error
32
- )
33
- switch helperParams.Function {
34
- case "getVcsRemoteForImport":
35
- var args importresolver.Args
36
- parseArgs(helperParams.Args, &args)
37
- funcOut, funcErr = importresolver.VCSRemoteForImport(&args)
38
- default:
39
- abort(fmt.Errorf("Unrecognised function '%s'", helperParams.Function))
40
- }
41
-
42
- if funcErr != nil {
43
- abort(funcErr)
44
- }
45
-
46
- output(&Output{Result: funcOut})
47
- }
48
-
49
- func parseArgs(data []byte, args interface{}) {
50
- if err := json.Unmarshal(data, args); err != nil {
51
- abort(err)
52
- }
53
- }
54
-
55
- func output(o *Output) {
56
- bytes, jsonErr := json.Marshal(o)
57
- if jsonErr != nil {
58
- log.Fatal(jsonErr)
59
- }
60
-
61
- os.Stdout.Write(bytes)
62
- }
63
-
64
- func abort(err error) {
65
- output(&Output{Error: err.Error()})
66
- os.Exit(1)
67
- }
@@ -1,69 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "dependabot/file_fetchers/base"
4
-
5
- module Dependabot
6
- module FileFetchers
7
- module Go
8
- class Dep < Dependabot::FileFetchers::Base
9
- def self.required_files_in?(filenames)
10
- (%w(Gopkg.toml Gopkg.lock) - filenames).empty?
11
- end
12
-
13
- def self.required_files_message
14
- "Repo must contain a Gopkg.toml and Gopkg.lock."
15
- end
16
-
17
- private
18
-
19
- def fetch_files
20
- fetched_files = []
21
- fetched_files << manifest if manifest
22
- fetched_files << lockfile if lockfile
23
-
24
- unless manifest
25
- raise(
26
- Dependabot::DependencyFileNotFound,
27
- File.join(directory, "Gopkg.toml")
28
- )
29
- end
30
-
31
- unless lockfile
32
- raise(
33
- Dependabot::DependencyFileNotFound,
34
- File.join(directory, "Gopkg.lock")
35
- )
36
- end
37
-
38
- # Fetch the main.go file if present, as this will later identify
39
- # this repo as an app.
40
- fetched_files << main if main
41
- fetched_files
42
- end
43
-
44
- def manifest
45
- @manifest ||= fetch_file_if_present("Gopkg.toml")
46
- end
47
-
48
- def lockfile
49
- @lockfile ||= fetch_file_if_present("Gopkg.lock")
50
- end
51
-
52
- def main
53
- return @main if @main
54
-
55
- go_files = repo_contents.select { |f| f.name.end_with?(".go") }
56
-
57
- go_files.each do |go_file|
58
- file = fetch_file_from_host(go_file.name, type: "package_main")
59
- next unless file.content.match?(/\s*package\s+main/)
60
-
61
- return @main = file.tap { |f| f.support_file = true }
62
- end
63
-
64
- nil
65
- end
66
- end
67
- end
68
- end
69
- end
@@ -1,188 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "toml-rb"
4
-
5
- require "dependabot/errors"
6
- require "dependabot/dependency"
7
- require "dependabot/shared_helpers"
8
- require "dependabot/source"
9
-
10
- require "dependabot/file_parsers/base"
11
- require "dependabot/utils/go/requirement"
12
- require "dependabot/utils/go/path_converter"
13
-
14
- # Relevant dep docs can be found at:
15
- # - https://github.com/golang/dep/blob/master/docs/Gopkg.toml.md
16
- # - https://github.com/golang/dep/blob/master/docs/Gopkg.lock.md
17
- module Dependabot
18
- module FileParsers
19
- module Go
20
- class Dep < Dependabot::FileParsers::Base
21
- require "dependabot/file_parsers/base/dependency_set"
22
-
23
- REQUIREMENT_TYPES = %w(constraint override).freeze
24
-
25
- def parse
26
- dependency_set = DependencySet.new
27
- dependency_set += manifest_dependencies
28
- dependency_set += lockfile_dependencies
29
- dependency_set.dependencies
30
- end
31
-
32
- private
33
-
34
- def manifest_dependencies
35
- dependency_set = DependencySet.new
36
-
37
- REQUIREMENT_TYPES.each do |type|
38
- parsed_file(manifest).fetch(type, []).each do |details|
39
- next if lockfile && !appears_in_lockfile?(details.fetch("name"))
40
- next if missing_version_in_manifest_and_lockfile(details)
41
-
42
- dependency_set << Dependency.new(
43
- name: details.fetch("name"),
44
- version: version_from_declaration(details),
45
- package_manager: "dep",
46
- requirements: [{
47
- requirement: requirement_from_declaration(details),
48
- file: manifest.name,
49
- groups: [],
50
- source: source_from_declaration(details)
51
- }]
52
- )
53
- end
54
- end
55
-
56
- dependency_set
57
- end
58
-
59
- def lockfile_dependencies
60
- dependency_set = DependencySet.new
61
-
62
- parsed_file(lockfile).fetch("projects", []).each do |details|
63
- dependency_set << Dependency.new(
64
- name: details.fetch("name"),
65
- version: version_from_lockfile(details),
66
- package_manager: "dep",
67
- requirements: []
68
- )
69
- end
70
-
71
- dependency_set
72
- end
73
-
74
- def version_from_lockfile(details)
75
- details["version"]&.sub(/^v?/, "") || details.fetch("revision")
76
- end
77
-
78
- def requirement_from_declaration(declaration)
79
- unless declaration.is_a?(Hash)
80
- raise "Unexpected dependency declaration: #{declaration}"
81
- end
82
-
83
- return if git_declaration?(declaration)
84
-
85
- declaration["version"]
86
- end
87
-
88
- def source_from_declaration(declaration)
89
- source = declaration["source"] || declaration["name"]
90
-
91
- git_source_url = git_source(source)
92
-
93
- if git_source_url && git_declaration?(declaration)
94
- {
95
- type: "git",
96
- url: git_source_url,
97
- branch: declaration["branch"],
98
- ref: declaration["revision"] || declaration["version"]
99
- }
100
- elsif git_declaration?(declaration)
101
- raise "No git source for a git declaration!"
102
- else
103
- {
104
- type: "default",
105
- source: source
106
- }
107
- end
108
- end
109
-
110
- def version_from_declaration(declaration)
111
- lockfile_details =
112
- parsed_file(lockfile).fetch("projects", []).
113
- find { |details| details["name"] == declaration.fetch("name") }
114
-
115
- if source_from_declaration(declaration).fetch(:type) == "git"
116
- lockfile_details["revision"] ||
117
- version_from_lockfile(lockfile_details)
118
- else
119
- version_from_lockfile(lockfile_details)
120
- end
121
- end
122
-
123
- def appears_in_lockfile?(dependency_name)
124
- parsed_file(lockfile).fetch("projects", []).
125
- any? { |details| details["name"] == dependency_name }
126
- end
127
-
128
- def git_declaration?(declaration)
129
- return true if declaration["branch"] || declaration["revision"]
130
- return false unless declaration["version"]
131
- return false unless declaration["version"].match?(/^[A-Za-z0-9]/)
132
-
133
- Utils::Go::Requirement.new(declaration["version"])
134
- false
135
- rescue Gem::Requirement::BadRequirementError
136
- true
137
- end
138
-
139
- def git_source(path)
140
- Dependabot::Utils::Go::PathConverter.git_url_for_path(path)
141
- rescue Dependabot::SharedHelpers::HelperSubprocessFailed => error
142
- if error.message == "Cannot detect VCS"
143
- msg = error.message + " for #{path}"
144
- raise Dependabot::DependencyFileNotResolvable, msg
145
- end
146
-
147
- if error.message.end_with?("Not Found")
148
- msg = "#{path} returned a 404"
149
- raise Dependabot::DependencyFileNotResolvable, msg
150
- end
151
-
152
- raise
153
- end
154
-
155
- def parsed_file(file)
156
- @parsed_file ||= {}
157
- @parsed_file[file.name] ||= TomlRB.parse(file.content)
158
- rescue TomlRB::ParseError
159
- raise Dependabot::DependencyFileNotParseable, file.path
160
- end
161
-
162
- def manifest
163
- @manifest ||= get_original_file("Gopkg.toml")
164
- end
165
-
166
- def lockfile
167
- @lockfile ||= get_original_file("Gopkg.lock")
168
- end
169
-
170
- def check_required_files
171
- %w(Gopkg.toml Gopkg.lock).each do |filename|
172
- raise "No #{filename}!" unless get_original_file(filename)
173
- end
174
- end
175
-
176
- def missing_version_in_manifest_and_lockfile(declaration)
177
- return false if git_declaration?(declaration)
178
-
179
- lockfile_decl =
180
- parsed_file(lockfile).
181
- fetch("projects", []).
182
- find { |details| details["name"] == declaration["name"] }
183
- lockfile_decl&.fetch("version", nil).nil?
184
- end
185
- end
186
- end
187
- end
188
- end