dependabot-core 0.87.14 → 0.87.15

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: eca490dd775516474dc66c097dd8fccaf3b12d52caba9b6e765e0f53d98cd2b9
4
- data.tar.gz: 4de660bffb7648ee244f67ef241bf167a74c4bdf8e2d96056ba286d89201b6e4
3
+ metadata.gz: 1950a22635494df74d9d7feb1a356bea48c55442268df6f1d4e67feeb2fbcade
4
+ data.tar.gz: 387f83467e7c211e574bc645953524feb193c8c499a6b9bae119fdb39ac359c4
5
5
  SHA512:
6
- metadata.gz: 75d686d0b2f89b11334d0a9da7248af2845da2aa05cf2754ca4e364bf966dcb19f44ccb1b8c398dda119c44f2aa1a320162542f52a139b441ff0d989fd717dd5
7
- data.tar.gz: 5693fcd4bc2631431f368d2ced7a39341c27545217a9930c1aa9416d4e69898a72ef9491c5cab301a555687aa18dc433fe9df3eba0d883f4c49a661beaeeab02
6
+ metadata.gz: 9804285a480248a096eac01eda499bebec6e3b354151a89a5d43560f593d9fc60fedb2ce323f18a66a44aa02250b02492584f5f8ebe57ffad8d9206297acfa6b
7
+ data.tar.gz: 217717f78a08cce674844c954acdf206ec33409470ee92c9edb817c28f5611307cd1c96bd17504a3d0607c29ab83906e1f728a6b8ab15df079b65906d32eb8e8
data/CHANGELOG.md CHANGED
@@ -1,3 +1,8 @@
1
+ ## v0.87.15, 9 January 2019
2
+
3
+ - PHP: Raise resolvability issue when working with local VCS errors
4
+ - Bump @dependabot/yarn-lib from 1.12.3 to 1.13.0 in /helpers/yarn
5
+
1
6
  ## v0.87.14, 9 January 2019
2
7
 
3
8
  - Handle Bitbucket 401s during changelog lookup
@@ -3,7 +3,7 @@
3
3
  "version": "0.0.0",
4
4
  "private": true,
5
5
  "dependencies": {
6
- "@dependabot/yarn-lib": "1.12.3",
6
+ "@dependabot/yarn-lib": "1.13.0",
7
7
  "semver": "5.6.0"
8
8
  },
9
9
  "devDependencies": {
@@ -18,12 +18,12 @@
18
18
  esutils "^2.0.2"
19
19
  js-tokens "^4.0.0"
20
20
 
21
- "@dependabot/yarn-lib@1.12.3":
22
- version "1.12.3"
23
- resolved "https://registry.yarnpkg.com/@dependabot/yarn-lib/-/yarn-lib-1.12.3.tgz#3306370e94b2abc6a9c606012c4505ba07bf2874"
24
- integrity sha512-yXiY01OBFV3+zUewbnU6PFvX9UfwE/l+Ks6UvpGKAsLvR9vEDy2XI1QsiMTaz4h3bdD1Gfi/1sRt6YX8Pyxoqw==
21
+ "@dependabot/yarn-lib@1.13.0":
22
+ version "1.13.0"
23
+ resolved "https://registry.yarnpkg.com/@dependabot/yarn-lib/-/yarn-lib-1.13.0.tgz#b9a17bf2446b1e0421577bcd5884914fe711c771"
24
+ integrity sha512-tupA1eJEISmSm5TbU4WpoMwGQAJE3kutdGarLnvNAQf38nVYTye6KwGsYGsweogRDQ54MUs2+zTgPvFaP1vUTA==
25
25
  dependencies:
26
- "@zkochan/cmd-shim" "^2.2.4"
26
+ "@zkochan/cmd-shim" "^3.1.0"
27
27
  babel-runtime "^6.26.0"
28
28
  bytes "^3.0.0"
29
29
  camelcase "^4.0.0"
@@ -75,10 +75,10 @@
75
75
  resolved "https://registry.yarnpkg.com/@types/node/-/node-8.5.1.tgz#4ec3020bcdfe2abffeef9ba3fbf26fca097514b5"
76
76
  integrity sha512-SrmAO+NhnsuG/6TychSl2VdxBZiw/d6V+8j+DFo8O3PwFi+QeYXWHhAw+b170aSc6zYab6/PjEWRZHIDN9mNUw==
77
77
 
78
- "@zkochan/cmd-shim@^2.2.4":
79
- version "2.2.4"
80
- resolved "https://registry.yarnpkg.com/@zkochan/cmd-shim/-/cmd-shim-2.2.4.tgz#5730a936491219d88487e92d12c6c3bdb16c3c6e"
81
- integrity sha512-BDy1oz6aFYyY73618IkXzJzFghnXwVZDc3SVa6MVKTrrk4RgubahAF5yKK+Mx4a78tfO0OHeZnJKPs0pNy5uNA==
78
+ "@zkochan/cmd-shim@^3.1.0":
79
+ version "3.1.0"
80
+ resolved "https://registry.yarnpkg.com/@zkochan/cmd-shim/-/cmd-shim-3.1.0.tgz#2ab8ed81f5bb5452a85f25758eb9b8681982fd2e"
81
+ integrity sha512-o8l0+x7C7sMZU3v9GuJIAU10qQLtwR1dtRQIOmlNMtyaqhmpXOzx1HWiYoWfmmf9HHZoAkXpc9TM9PQYF9d4Jg==
82
82
  dependencies:
83
83
  is-windows "^1.0.0"
84
84
  mkdirp-promise "^5.0.1"
@@ -582,20 +582,6 @@ block-stream@*:
582
582
  dependencies:
583
583
  inherits "~2.0.0"
584
584
 
585
- boom@4.x.x:
586
- version "4.3.1"
587
- resolved "https://registry.yarnpkg.com/boom/-/boom-4.3.1.tgz#4f8a3005cb4a7e3889f749030fd25b96e01d2e31"
588
- integrity sha1-T4owBctKfjiJ90kDD9JbluAdLjE=
589
- dependencies:
590
- hoek "4.x.x"
591
-
592
- boom@5.x.x:
593
- version "5.2.0"
594
- resolved "https://registry.yarnpkg.com/boom/-/boom-5.2.0.tgz#5dd9da6ee3a5f302077436290cb717d3f4a54e02"
595
- integrity sha512-Z5BTk6ZRe4tXXQlkqftmsAUANpXmuwlsF5Oov8ThoMbQRzdGTA1ngYRW160GexgOgjsFOKJz0LYhoNi+2AMBUw==
596
- dependencies:
597
- hoek "4.x.x"
598
-
599
585
  brace-expansion@^1.1.7:
600
586
  version "1.1.7"
601
587
  resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.7.tgz#3effc3c50e000531fb720eaff80f0ae8ef23cf59"
@@ -974,13 +960,6 @@ cross-spawn@^6.0.5:
974
960
  shebang-command "^1.2.0"
975
961
  which "^1.2.9"
976
962
 
977
- cryptiles@3.x.x:
978
- version "3.1.4"
979
- resolved "https://registry.yarnpkg.com/cryptiles/-/cryptiles-3.1.4.tgz#769a68c95612b56faadfcebf57ac86479cbe8322"
980
- integrity sha512-8I1sgZHfVwcSOY6mSGpVU3lw/GSIZvusg8dD2+OGehCJpOhQRLNcH0qb9upQnOH4XhgxxFJSg6E2kx95deb1Tw==
981
- dependencies:
982
- boom "5.x.x"
983
-
984
963
  cssom@0.3.x, "cssom@>= 0.3.2 < 0.4.0":
985
964
  version "0.3.2"
986
965
  resolved "https://registry.yarnpkg.com/cssom/-/cssom-0.3.2.tgz#b8036170c79f07a90ff2f16e22284027a243848b"
@@ -1893,16 +1872,6 @@ hash-for-dep@^1.2.3:
1893
1872
  heimdalljs-logger "^0.1.7"
1894
1873
  resolve "^1.4.0"
1895
1874
 
1896
- hawk@~6.0.2:
1897
- version "6.0.2"
1898
- resolved "https://registry.yarnpkg.com/hawk/-/hawk-6.0.2.tgz#af4d914eb065f9b5ce4d9d11c1cb2126eecc3038"
1899
- integrity sha512-miowhl2+U7Qle4vdLqDdPt9m09K6yZhkLDTWGoUiUzrQCn+mHHSmfJgAyGaLRZbPmTqfFFjRV1QWCW0VWUJBbQ==
1900
- dependencies:
1901
- boom "4.x.x"
1902
- cryptiles "3.x.x"
1903
- hoek "4.x.x"
1904
- sntp "2.x.x"
1905
-
1906
1875
  heimdalljs-logger@^0.1.7:
1907
1876
  version "0.1.10"
1908
1877
  resolved "https://registry.yarnpkg.com/heimdalljs-logger/-/heimdalljs-logger-0.1.10.tgz#90cad58aabb1590a3c7e640ddc6a4cd3a43faaf7"
@@ -1918,11 +1887,6 @@ heimdalljs@^0.2.3, heimdalljs@^0.2.6:
1918
1887
  dependencies:
1919
1888
  rsvp "~3.2.1"
1920
1889
 
1921
- hoek@4.x.x:
1922
- version "4.2.1"
1923
- resolved "https://registry.yarnpkg.com/hoek/-/hoek-4.2.1.tgz#9634502aa12c445dd5a7c5734b572bb8738aacbb"
1924
- integrity sha512-QLg82fGkfnJ/4iy1xZ81/9SIJiq1NGFUMGs6ParyjBZr6jW2Ufj/snDqTHixNlHdPNwN2RLVD0Pi3igeK9+JfA==
1925
-
1926
1890
  home-or-tmp@^2.0.0:
1927
1891
  version "2.0.0"
1928
1892
  resolved "https://registry.yarnpkg.com/home-or-tmp/-/home-or-tmp-2.0.0.tgz#e36c3f2d2cae7d746a857e38d18d5f32a7882db8"
@@ -2035,14 +1999,7 @@ inquirer@^6.1.0, inquirer@^6.2.0:
2035
1999
  strip-ansi "^4.0.0"
2036
2000
  through "^2.3.6"
2037
2001
 
2038
- invariant@^2.2.0:
2039
- version "2.2.2"
2040
- resolved "https://registry.yarnpkg.com/invariant/-/invariant-2.2.2.tgz#9e1f56ac0acdb6bf303306f338be3b204ae60360"
2041
- integrity sha1-nh9WrArNtr8wMwbzOL47IErmA2A=
2042
- dependencies:
2043
- loose-envify "^1.0.0"
2044
-
2045
- invariant@^2.2.2, invariant@^2.2.4:
2002
+ invariant@^2.2.0, invariant@^2.2.2, invariant@^2.2.4:
2046
2003
  version "2.2.4"
2047
2004
  resolved "https://registry.yarnpkg.com/invariant/-/invariant-2.2.4.tgz#610f3c92c9359ce1db616e538008d23ff35158e6"
2048
2005
  integrity sha512-phJfQVBuaJM5raOpJjSfkiD6BpbCE4Ns//LaXl6wGYtUBY83nWS6Rf9tXm2e8VaK60JEjYldbPif/A2B1C2gNA==
@@ -3843,35 +3800,7 @@ request-promise-native@^1.0.3:
3843
3800
  stealthy-require "^1.1.0"
3844
3801
  tough-cookie ">=2.3.3"
3845
3802
 
3846
- request@^2.81.0, request@^2.83.0:
3847
- version "2.83.0"
3848
- resolved "https://registry.yarnpkg.com/request/-/request-2.83.0.tgz#ca0b65da02ed62935887808e6f510381034e3356"
3849
- integrity sha512-lR3gD69osqm6EYLk9wB/G1W/laGWjzH90t1vEa2xuxHD5KUrSzp9pUSfTm+YC5Nxt2T8nMPEvKlhbQayU7bgFw==
3850
- dependencies:
3851
- aws-sign2 "~0.7.0"
3852
- aws4 "^1.6.0"
3853
- caseless "~0.12.0"
3854
- combined-stream "~1.0.5"
3855
- extend "~3.0.1"
3856
- forever-agent "~0.6.1"
3857
- form-data "~2.3.1"
3858
- har-validator "~5.0.3"
3859
- hawk "~6.0.2"
3860
- http-signature "~1.2.0"
3861
- is-typedarray "~1.0.0"
3862
- isstream "~0.1.2"
3863
- json-stringify-safe "~5.0.1"
3864
- mime-types "~2.1.17"
3865
- oauth-sign "~0.8.2"
3866
- performance-now "^2.1.0"
3867
- qs "~6.5.1"
3868
- safe-buffer "^5.1.1"
3869
- stringstream "~0.0.5"
3870
- tough-cookie "~2.3.3"
3871
- tunnel-agent "^0.6.0"
3872
- uuid "^3.1.0"
3873
-
3874
- request@^2.87.0:
3803
+ request@^2.81.0, request@^2.83.0, request@^2.87.0:
3875
3804
  version "2.87.0"
3876
3805
  resolved "https://registry.yarnpkg.com/request/-/request-2.87.0.tgz#32f00235cd08d482b4d0d68db93a829c0ed5756e"
3877
3806
  integrity sha512-fcogkm7Az5bsS6Sl0sibkbhcKsnyon/jV1kF3ajGmF0c8HrttdKTPRT9hieOaQHA5HEq6r8OyWOo/o781C1tNw==
@@ -4128,13 +4057,6 @@ snapdragon@^0.8.1:
4128
4057
  source-map-resolve "^0.5.0"
4129
4058
  use "^3.1.0"
4130
4059
 
4131
- sntp@2.x.x:
4132
- version "2.1.0"
4133
- resolved "https://registry.yarnpkg.com/sntp/-/sntp-2.1.0.tgz#2c6cec14fedc2222739caf9b5c3d85d1cc5a2cc8"
4134
- integrity sha512-FL1b58BDrqS3A11lJ0zEdnJ3UOKqVxawAkF3k7F0CVN7VQ34aZrV+G8BZ1WC9ZL7NyrwsW0oviwsWDgRuVYtJg==
4135
- dependencies:
4136
- hoek "4.x.x"
4137
-
4138
4060
  sort-keys@^2.0.0:
4139
4061
  version "2.0.0"
4140
4062
  resolved "https://registry.yarnpkg.com/sort-keys/-/sort-keys-2.0.0.tgz#658535584861ec97d730d6cf41822e1f56684128"
@@ -4198,13 +4120,6 @@ spdx-correct@^3.0.0:
4198
4120
  spdx-expression-parse "^3.0.0"
4199
4121
  spdx-license-ids "^3.0.0"
4200
4122
 
4201
- spdx-correct@~1.0.0:
4202
- version "1.0.2"
4203
- resolved "https://registry.yarnpkg.com/spdx-correct/-/spdx-correct-1.0.2.tgz#4b3073d933ff51f3912f03ac5519498a4150db40"
4204
- integrity sha1-SzBz2TP/UfORLwOsVRlJikFQ20A=
4205
- dependencies:
4206
- spdx-license-ids "^1.0.2"
4207
-
4208
4123
  spdx-exceptions@^2.1.0:
4209
4124
  version "2.1.0"
4210
4125
  resolved "https://registry.yarnpkg.com/spdx-exceptions/-/spdx-exceptions-2.1.0.tgz#2c7ae61056c714a5b9b9b2b2af7d311ef5c78fe9"
@@ -4218,16 +4133,6 @@ spdx-expression-parse@^3.0.0:
4218
4133
  spdx-exceptions "^2.1.0"
4219
4134
  spdx-license-ids "^3.0.0"
4220
4135
 
4221
- spdx-expression-parse@~1.0.0:
4222
- version "1.0.4"
4223
- resolved "https://registry.yarnpkg.com/spdx-expression-parse/-/spdx-expression-parse-1.0.4.tgz#9bdf2f20e1f40ed447fbe273266191fced51626c"
4224
- integrity sha1-m98vIOH0DtRH++JzJmGR/O1RYmw=
4225
-
4226
- spdx-license-ids@^1.0.2:
4227
- version "1.2.2"
4228
- resolved "https://registry.yarnpkg.com/spdx-license-ids/-/spdx-license-ids-1.2.2.tgz#c9df7a3424594ade6bd11900d596696dc06bac57"
4229
- integrity sha1-yd96NCRZSt5r0RkA1ZZpbcBrrFc=
4230
-
4231
4136
  spdx-license-ids@^3.0.0:
4232
4137
  version "3.0.0"
4233
4138
  resolved "https://registry.yarnpkg.com/spdx-license-ids/-/spdx-license-ids-3.0.0.tgz#7a7cd28470cc6d3a1cfe6d66886f6bc430d3ac87"
@@ -4334,11 +4239,6 @@ string_decoder@~1.1.1:
4334
4239
  dependencies:
4335
4240
  safe-buffer "~5.1.0"
4336
4241
 
4337
- stringstream@~0.0.5:
4338
- version "0.0.6"
4339
- resolved "https://registry.yarnpkg.com/stringstream/-/stringstream-0.0.6.tgz#7880225b0d4ad10e30927d167a1d6f2fd3b33a72"
4340
- integrity sha512-87GEBAkegbBcweToUrdzf3eLhWNg06FJTebl4BVJz/JgWy8CvEr9dRtX5qWphiynMSQlxxi+QqN0z5T32SLlhA==
4341
-
4342
4242
  strip-ansi@^3.0.0, strip-ansi@^3.0.1:
4343
4243
  version "3.0.1"
4344
4244
  resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-3.0.1.tgz#6a385fb8853d952d5ff05d0e8aaf94278dc63dcf"
@@ -4433,17 +4333,7 @@ tar-pack@^3.4.0:
4433
4333
  tar "^2.2.1"
4434
4334
  uid-number "^0.0.6"
4435
4335
 
4436
- tar-stream@^1.1.2:
4437
- version "1.5.4"
4438
- resolved "https://registry.yarnpkg.com/tar-stream/-/tar-stream-1.5.4.tgz#36549cf04ed1aee9b2a30c0143252238daf94016"
4439
- integrity sha1-NlSc8E7RrumyowwBQyUiONr5QBY=
4440
- dependencies:
4441
- bl "^1.0.0"
4442
- end-of-stream "^1.0.0"
4443
- readable-stream "^2.0.0"
4444
- xtend "^4.0.0"
4445
-
4446
- tar-stream@^1.6.1:
4336
+ tar-stream@^1.1.2, tar-stream@^1.6.1:
4447
4337
  version "1.6.1"
4448
4338
  resolved "https://registry.yarnpkg.com/tar-stream/-/tar-stream-1.6.1.tgz#f84ef1696269d6223ca48f6e1eeede3f7e81f395"
4449
4339
  integrity sha512-IFLM5wp3QrJODQFPm6/to3LJZrONdBY/otxcvDIQzu217zKye6yVR3hhi9lAjrC2Z+m/j5oDxMPb1qcd8cIvpA==
@@ -4693,15 +4583,7 @@ v8-compile-cache@^2.0.0:
4693
4583
  resolved "https://registry.yarnpkg.com/v8-compile-cache/-/v8-compile-cache-2.0.0.tgz#526492e35fc616864284700b7043e01baee09f0a"
4694
4584
  integrity sha512-qNdTUMaCjPs4eEnM3W9H94R3sU70YCuT+/ST7nUf+id1bVOrdjrpUaeZLqPBPRph3hsgn4a4BvwpxhHZx+oSDg==
4695
4585
 
4696
- validate-npm-package-license@^3.0.1:
4697
- version "3.0.1"
4698
- resolved "https://registry.yarnpkg.com/validate-npm-package-license/-/validate-npm-package-license-3.0.1.tgz#2804babe712ad3379459acfbe24746ab2c303fbc"
4699
- integrity sha1-KAS6vnEq0zeUWaz74kdGqywwP7w=
4700
- dependencies:
4701
- spdx-correct "~1.0.0"
4702
- spdx-expression-parse "~1.0.0"
4703
-
4704
- validate-npm-package-license@^3.0.4:
4586
+ validate-npm-package-license@^3.0.1, validate-npm-package-license@^3.0.4:
4705
4587
  version "3.0.4"
4706
4588
  resolved "https://registry.yarnpkg.com/validate-npm-package-license/-/validate-npm-package-license-3.0.4.tgz#fc91f6b9c7ba15c857f4cb2c5defeec39d4f410a"
4707
4589
  integrity sha512-DpKm2Ui/xN7/HQKCtpZxoRWBhZ9Z0kqtygG8XCgNQ8ZlDnxuQmWhj566j8fN4Cu3/JmbhsDo7fcAJq4s9h27Ew==
@@ -137,6 +137,12 @@ module Dependabot
137
137
  elsif error.message.include?("package requires php") ||
138
138
  error.message.include?("cannot require itself")
139
139
  raise Dependabot::DependencyFileNotResolvable, error.message
140
+ elsif error.message.include?("No driver found to handle VCS") &&
141
+ !error.message.include?("@") && !error.message.include?("://")
142
+ msg = "Dependabot detected a VCS requirement with a local path, "\
143
+ "rather than a URL. Dependabot does not support this "\
144
+ "setup.\n\nThe underlying error was:\n\n#{error.message}"
145
+ raise Dependabot::DependencyFileNotResolvable, msg
140
146
  elsif error.message.include?("requirements could not be resolved")
141
147
  # We should raise a Dependabot::DependencyFileNotResolvable error
142
148
  # here, but can't confidently distinguish between cases where we
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Dependabot
4
- VERSION = "0.87.14"
4
+ VERSION = "0.87.15"
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-core
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.87.14
4
+ version: 0.87.15
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot