dependabot-core 0.87.14 → 0.87.15
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/helpers/yarn/package.json +1 -1
- data/helpers/yarn/yarn.lock +13 -131
- data/lib/dependabot/update_checkers/php/composer/version_resolver.rb +6 -0
- data/lib/dependabot/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1950a22635494df74d9d7feb1a356bea48c55442268df6f1d4e67feeb2fbcade
|
4
|
+
data.tar.gz: 387f83467e7c211e574bc645953524feb193c8c499a6b9bae119fdb39ac359c4
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 9804285a480248a096eac01eda499bebec6e3b354151a89a5d43560f593d9fc60fedb2ce323f18a66a44aa02250b02492584f5f8ebe57ffad8d9206297acfa6b
|
7
|
+
data.tar.gz: 217717f78a08cce674844c954acdf206ec33409470ee92c9edb817c28f5611307cd1c96bd17504a3d0607c29ab83906e1f728a6b8ab15df079b65906d32eb8e8
|
data/CHANGELOG.md
CHANGED
data/helpers/yarn/package.json
CHANGED
data/helpers/yarn/yarn.lock
CHANGED
@@ -18,12 +18,12 @@
|
|
18
18
|
esutils "^2.0.2"
|
19
19
|
js-tokens "^4.0.0"
|
20
20
|
|
21
|
-
"@dependabot/yarn-lib@1.
|
22
|
-
version "1.
|
23
|
-
resolved "https://registry.yarnpkg.com/@dependabot/yarn-lib/-/yarn-lib-1.
|
24
|
-
integrity sha512-
|
21
|
+
"@dependabot/yarn-lib@1.13.0":
|
22
|
+
version "1.13.0"
|
23
|
+
resolved "https://registry.yarnpkg.com/@dependabot/yarn-lib/-/yarn-lib-1.13.0.tgz#b9a17bf2446b1e0421577bcd5884914fe711c771"
|
24
|
+
integrity sha512-tupA1eJEISmSm5TbU4WpoMwGQAJE3kutdGarLnvNAQf38nVYTye6KwGsYGsweogRDQ54MUs2+zTgPvFaP1vUTA==
|
25
25
|
dependencies:
|
26
|
-
"@zkochan/cmd-shim" "^
|
26
|
+
"@zkochan/cmd-shim" "^3.1.0"
|
27
27
|
babel-runtime "^6.26.0"
|
28
28
|
bytes "^3.0.0"
|
29
29
|
camelcase "^4.0.0"
|
@@ -75,10 +75,10 @@
|
|
75
75
|
resolved "https://registry.yarnpkg.com/@types/node/-/node-8.5.1.tgz#4ec3020bcdfe2abffeef9ba3fbf26fca097514b5"
|
76
76
|
integrity sha512-SrmAO+NhnsuG/6TychSl2VdxBZiw/d6V+8j+DFo8O3PwFi+QeYXWHhAw+b170aSc6zYab6/PjEWRZHIDN9mNUw==
|
77
77
|
|
78
|
-
"@zkochan/cmd-shim@^
|
79
|
-
version "
|
80
|
-
resolved "https://registry.yarnpkg.com/@zkochan/cmd-shim/-/cmd-shim-
|
81
|
-
integrity sha512-
|
78
|
+
"@zkochan/cmd-shim@^3.1.0":
|
79
|
+
version "3.1.0"
|
80
|
+
resolved "https://registry.yarnpkg.com/@zkochan/cmd-shim/-/cmd-shim-3.1.0.tgz#2ab8ed81f5bb5452a85f25758eb9b8681982fd2e"
|
81
|
+
integrity sha512-o8l0+x7C7sMZU3v9GuJIAU10qQLtwR1dtRQIOmlNMtyaqhmpXOzx1HWiYoWfmmf9HHZoAkXpc9TM9PQYF9d4Jg==
|
82
82
|
dependencies:
|
83
83
|
is-windows "^1.0.0"
|
84
84
|
mkdirp-promise "^5.0.1"
|
@@ -582,20 +582,6 @@ block-stream@*:
|
|
582
582
|
dependencies:
|
583
583
|
inherits "~2.0.0"
|
584
584
|
|
585
|
-
boom@4.x.x:
|
586
|
-
version "4.3.1"
|
587
|
-
resolved "https://registry.yarnpkg.com/boom/-/boom-4.3.1.tgz#4f8a3005cb4a7e3889f749030fd25b96e01d2e31"
|
588
|
-
integrity sha1-T4owBctKfjiJ90kDD9JbluAdLjE=
|
589
|
-
dependencies:
|
590
|
-
hoek "4.x.x"
|
591
|
-
|
592
|
-
boom@5.x.x:
|
593
|
-
version "5.2.0"
|
594
|
-
resolved "https://registry.yarnpkg.com/boom/-/boom-5.2.0.tgz#5dd9da6ee3a5f302077436290cb717d3f4a54e02"
|
595
|
-
integrity sha512-Z5BTk6ZRe4tXXQlkqftmsAUANpXmuwlsF5Oov8ThoMbQRzdGTA1ngYRW160GexgOgjsFOKJz0LYhoNi+2AMBUw==
|
596
|
-
dependencies:
|
597
|
-
hoek "4.x.x"
|
598
|
-
|
599
585
|
brace-expansion@^1.1.7:
|
600
586
|
version "1.1.7"
|
601
587
|
resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.7.tgz#3effc3c50e000531fb720eaff80f0ae8ef23cf59"
|
@@ -974,13 +960,6 @@ cross-spawn@^6.0.5:
|
|
974
960
|
shebang-command "^1.2.0"
|
975
961
|
which "^1.2.9"
|
976
962
|
|
977
|
-
cryptiles@3.x.x:
|
978
|
-
version "3.1.4"
|
979
|
-
resolved "https://registry.yarnpkg.com/cryptiles/-/cryptiles-3.1.4.tgz#769a68c95612b56faadfcebf57ac86479cbe8322"
|
980
|
-
integrity sha512-8I1sgZHfVwcSOY6mSGpVU3lw/GSIZvusg8dD2+OGehCJpOhQRLNcH0qb9upQnOH4XhgxxFJSg6E2kx95deb1Tw==
|
981
|
-
dependencies:
|
982
|
-
boom "5.x.x"
|
983
|
-
|
984
963
|
cssom@0.3.x, "cssom@>= 0.3.2 < 0.4.0":
|
985
964
|
version "0.3.2"
|
986
965
|
resolved "https://registry.yarnpkg.com/cssom/-/cssom-0.3.2.tgz#b8036170c79f07a90ff2f16e22284027a243848b"
|
@@ -1893,16 +1872,6 @@ hash-for-dep@^1.2.3:
|
|
1893
1872
|
heimdalljs-logger "^0.1.7"
|
1894
1873
|
resolve "^1.4.0"
|
1895
1874
|
|
1896
|
-
hawk@~6.0.2:
|
1897
|
-
version "6.0.2"
|
1898
|
-
resolved "https://registry.yarnpkg.com/hawk/-/hawk-6.0.2.tgz#af4d914eb065f9b5ce4d9d11c1cb2126eecc3038"
|
1899
|
-
integrity sha512-miowhl2+U7Qle4vdLqDdPt9m09K6yZhkLDTWGoUiUzrQCn+mHHSmfJgAyGaLRZbPmTqfFFjRV1QWCW0VWUJBbQ==
|
1900
|
-
dependencies:
|
1901
|
-
boom "4.x.x"
|
1902
|
-
cryptiles "3.x.x"
|
1903
|
-
hoek "4.x.x"
|
1904
|
-
sntp "2.x.x"
|
1905
|
-
|
1906
1875
|
heimdalljs-logger@^0.1.7:
|
1907
1876
|
version "0.1.10"
|
1908
1877
|
resolved "https://registry.yarnpkg.com/heimdalljs-logger/-/heimdalljs-logger-0.1.10.tgz#90cad58aabb1590a3c7e640ddc6a4cd3a43faaf7"
|
@@ -1918,11 +1887,6 @@ heimdalljs@^0.2.3, heimdalljs@^0.2.6:
|
|
1918
1887
|
dependencies:
|
1919
1888
|
rsvp "~3.2.1"
|
1920
1889
|
|
1921
|
-
hoek@4.x.x:
|
1922
|
-
version "4.2.1"
|
1923
|
-
resolved "https://registry.yarnpkg.com/hoek/-/hoek-4.2.1.tgz#9634502aa12c445dd5a7c5734b572bb8738aacbb"
|
1924
|
-
integrity sha512-QLg82fGkfnJ/4iy1xZ81/9SIJiq1NGFUMGs6ParyjBZr6jW2Ufj/snDqTHixNlHdPNwN2RLVD0Pi3igeK9+JfA==
|
1925
|
-
|
1926
1890
|
home-or-tmp@^2.0.0:
|
1927
1891
|
version "2.0.0"
|
1928
1892
|
resolved "https://registry.yarnpkg.com/home-or-tmp/-/home-or-tmp-2.0.0.tgz#e36c3f2d2cae7d746a857e38d18d5f32a7882db8"
|
@@ -2035,14 +1999,7 @@ inquirer@^6.1.0, inquirer@^6.2.0:
|
|
2035
1999
|
strip-ansi "^4.0.0"
|
2036
2000
|
through "^2.3.6"
|
2037
2001
|
|
2038
|
-
invariant@^2.2.0:
|
2039
|
-
version "2.2.2"
|
2040
|
-
resolved "https://registry.yarnpkg.com/invariant/-/invariant-2.2.2.tgz#9e1f56ac0acdb6bf303306f338be3b204ae60360"
|
2041
|
-
integrity sha1-nh9WrArNtr8wMwbzOL47IErmA2A=
|
2042
|
-
dependencies:
|
2043
|
-
loose-envify "^1.0.0"
|
2044
|
-
|
2045
|
-
invariant@^2.2.2, invariant@^2.2.4:
|
2002
|
+
invariant@^2.2.0, invariant@^2.2.2, invariant@^2.2.4:
|
2046
2003
|
version "2.2.4"
|
2047
2004
|
resolved "https://registry.yarnpkg.com/invariant/-/invariant-2.2.4.tgz#610f3c92c9359ce1db616e538008d23ff35158e6"
|
2048
2005
|
integrity sha512-phJfQVBuaJM5raOpJjSfkiD6BpbCE4Ns//LaXl6wGYtUBY83nWS6Rf9tXm2e8VaK60JEjYldbPif/A2B1C2gNA==
|
@@ -3843,35 +3800,7 @@ request-promise-native@^1.0.3:
|
|
3843
3800
|
stealthy-require "^1.1.0"
|
3844
3801
|
tough-cookie ">=2.3.3"
|
3845
3802
|
|
3846
|
-
request@^2.81.0, request@^2.83.0:
|
3847
|
-
version "2.83.0"
|
3848
|
-
resolved "https://registry.yarnpkg.com/request/-/request-2.83.0.tgz#ca0b65da02ed62935887808e6f510381034e3356"
|
3849
|
-
integrity sha512-lR3gD69osqm6EYLk9wB/G1W/laGWjzH90t1vEa2xuxHD5KUrSzp9pUSfTm+YC5Nxt2T8nMPEvKlhbQayU7bgFw==
|
3850
|
-
dependencies:
|
3851
|
-
aws-sign2 "~0.7.0"
|
3852
|
-
aws4 "^1.6.0"
|
3853
|
-
caseless "~0.12.0"
|
3854
|
-
combined-stream "~1.0.5"
|
3855
|
-
extend "~3.0.1"
|
3856
|
-
forever-agent "~0.6.1"
|
3857
|
-
form-data "~2.3.1"
|
3858
|
-
har-validator "~5.0.3"
|
3859
|
-
hawk "~6.0.2"
|
3860
|
-
http-signature "~1.2.0"
|
3861
|
-
is-typedarray "~1.0.0"
|
3862
|
-
isstream "~0.1.2"
|
3863
|
-
json-stringify-safe "~5.0.1"
|
3864
|
-
mime-types "~2.1.17"
|
3865
|
-
oauth-sign "~0.8.2"
|
3866
|
-
performance-now "^2.1.0"
|
3867
|
-
qs "~6.5.1"
|
3868
|
-
safe-buffer "^5.1.1"
|
3869
|
-
stringstream "~0.0.5"
|
3870
|
-
tough-cookie "~2.3.3"
|
3871
|
-
tunnel-agent "^0.6.0"
|
3872
|
-
uuid "^3.1.0"
|
3873
|
-
|
3874
|
-
request@^2.87.0:
|
3803
|
+
request@^2.81.0, request@^2.83.0, request@^2.87.0:
|
3875
3804
|
version "2.87.0"
|
3876
3805
|
resolved "https://registry.yarnpkg.com/request/-/request-2.87.0.tgz#32f00235cd08d482b4d0d68db93a829c0ed5756e"
|
3877
3806
|
integrity sha512-fcogkm7Az5bsS6Sl0sibkbhcKsnyon/jV1kF3ajGmF0c8HrttdKTPRT9hieOaQHA5HEq6r8OyWOo/o781C1tNw==
|
@@ -4128,13 +4057,6 @@ snapdragon@^0.8.1:
|
|
4128
4057
|
source-map-resolve "^0.5.0"
|
4129
4058
|
use "^3.1.0"
|
4130
4059
|
|
4131
|
-
sntp@2.x.x:
|
4132
|
-
version "2.1.0"
|
4133
|
-
resolved "https://registry.yarnpkg.com/sntp/-/sntp-2.1.0.tgz#2c6cec14fedc2222739caf9b5c3d85d1cc5a2cc8"
|
4134
|
-
integrity sha512-FL1b58BDrqS3A11lJ0zEdnJ3UOKqVxawAkF3k7F0CVN7VQ34aZrV+G8BZ1WC9ZL7NyrwsW0oviwsWDgRuVYtJg==
|
4135
|
-
dependencies:
|
4136
|
-
hoek "4.x.x"
|
4137
|
-
|
4138
4060
|
sort-keys@^2.0.0:
|
4139
4061
|
version "2.0.0"
|
4140
4062
|
resolved "https://registry.yarnpkg.com/sort-keys/-/sort-keys-2.0.0.tgz#658535584861ec97d730d6cf41822e1f56684128"
|
@@ -4198,13 +4120,6 @@ spdx-correct@^3.0.0:
|
|
4198
4120
|
spdx-expression-parse "^3.0.0"
|
4199
4121
|
spdx-license-ids "^3.0.0"
|
4200
4122
|
|
4201
|
-
spdx-correct@~1.0.0:
|
4202
|
-
version "1.0.2"
|
4203
|
-
resolved "https://registry.yarnpkg.com/spdx-correct/-/spdx-correct-1.0.2.tgz#4b3073d933ff51f3912f03ac5519498a4150db40"
|
4204
|
-
integrity sha1-SzBz2TP/UfORLwOsVRlJikFQ20A=
|
4205
|
-
dependencies:
|
4206
|
-
spdx-license-ids "^1.0.2"
|
4207
|
-
|
4208
4123
|
spdx-exceptions@^2.1.0:
|
4209
4124
|
version "2.1.0"
|
4210
4125
|
resolved "https://registry.yarnpkg.com/spdx-exceptions/-/spdx-exceptions-2.1.0.tgz#2c7ae61056c714a5b9b9b2b2af7d311ef5c78fe9"
|
@@ -4218,16 +4133,6 @@ spdx-expression-parse@^3.0.0:
|
|
4218
4133
|
spdx-exceptions "^2.1.0"
|
4219
4134
|
spdx-license-ids "^3.0.0"
|
4220
4135
|
|
4221
|
-
spdx-expression-parse@~1.0.0:
|
4222
|
-
version "1.0.4"
|
4223
|
-
resolved "https://registry.yarnpkg.com/spdx-expression-parse/-/spdx-expression-parse-1.0.4.tgz#9bdf2f20e1f40ed447fbe273266191fced51626c"
|
4224
|
-
integrity sha1-m98vIOH0DtRH++JzJmGR/O1RYmw=
|
4225
|
-
|
4226
|
-
spdx-license-ids@^1.0.2:
|
4227
|
-
version "1.2.2"
|
4228
|
-
resolved "https://registry.yarnpkg.com/spdx-license-ids/-/spdx-license-ids-1.2.2.tgz#c9df7a3424594ade6bd11900d596696dc06bac57"
|
4229
|
-
integrity sha1-yd96NCRZSt5r0RkA1ZZpbcBrrFc=
|
4230
|
-
|
4231
4136
|
spdx-license-ids@^3.0.0:
|
4232
4137
|
version "3.0.0"
|
4233
4138
|
resolved "https://registry.yarnpkg.com/spdx-license-ids/-/spdx-license-ids-3.0.0.tgz#7a7cd28470cc6d3a1cfe6d66886f6bc430d3ac87"
|
@@ -4334,11 +4239,6 @@ string_decoder@~1.1.1:
|
|
4334
4239
|
dependencies:
|
4335
4240
|
safe-buffer "~5.1.0"
|
4336
4241
|
|
4337
|
-
stringstream@~0.0.5:
|
4338
|
-
version "0.0.6"
|
4339
|
-
resolved "https://registry.yarnpkg.com/stringstream/-/stringstream-0.0.6.tgz#7880225b0d4ad10e30927d167a1d6f2fd3b33a72"
|
4340
|
-
integrity sha512-87GEBAkegbBcweToUrdzf3eLhWNg06FJTebl4BVJz/JgWy8CvEr9dRtX5qWphiynMSQlxxi+QqN0z5T32SLlhA==
|
4341
|
-
|
4342
4242
|
strip-ansi@^3.0.0, strip-ansi@^3.0.1:
|
4343
4243
|
version "3.0.1"
|
4344
4244
|
resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-3.0.1.tgz#6a385fb8853d952d5ff05d0e8aaf94278dc63dcf"
|
@@ -4433,17 +4333,7 @@ tar-pack@^3.4.0:
|
|
4433
4333
|
tar "^2.2.1"
|
4434
4334
|
uid-number "^0.0.6"
|
4435
4335
|
|
4436
|
-
tar-stream@^1.1.2:
|
4437
|
-
version "1.5.4"
|
4438
|
-
resolved "https://registry.yarnpkg.com/tar-stream/-/tar-stream-1.5.4.tgz#36549cf04ed1aee9b2a30c0143252238daf94016"
|
4439
|
-
integrity sha1-NlSc8E7RrumyowwBQyUiONr5QBY=
|
4440
|
-
dependencies:
|
4441
|
-
bl "^1.0.0"
|
4442
|
-
end-of-stream "^1.0.0"
|
4443
|
-
readable-stream "^2.0.0"
|
4444
|
-
xtend "^4.0.0"
|
4445
|
-
|
4446
|
-
tar-stream@^1.6.1:
|
4336
|
+
tar-stream@^1.1.2, tar-stream@^1.6.1:
|
4447
4337
|
version "1.6.1"
|
4448
4338
|
resolved "https://registry.yarnpkg.com/tar-stream/-/tar-stream-1.6.1.tgz#f84ef1696269d6223ca48f6e1eeede3f7e81f395"
|
4449
4339
|
integrity sha512-IFLM5wp3QrJODQFPm6/to3LJZrONdBY/otxcvDIQzu217zKye6yVR3hhi9lAjrC2Z+m/j5oDxMPb1qcd8cIvpA==
|
@@ -4693,15 +4583,7 @@ v8-compile-cache@^2.0.0:
|
|
4693
4583
|
resolved "https://registry.yarnpkg.com/v8-compile-cache/-/v8-compile-cache-2.0.0.tgz#526492e35fc616864284700b7043e01baee09f0a"
|
4694
4584
|
integrity sha512-qNdTUMaCjPs4eEnM3W9H94R3sU70YCuT+/ST7nUf+id1bVOrdjrpUaeZLqPBPRph3hsgn4a4BvwpxhHZx+oSDg==
|
4695
4585
|
|
4696
|
-
validate-npm-package-license@^3.0.1:
|
4697
|
-
version "3.0.1"
|
4698
|
-
resolved "https://registry.yarnpkg.com/validate-npm-package-license/-/validate-npm-package-license-3.0.1.tgz#2804babe712ad3379459acfbe24746ab2c303fbc"
|
4699
|
-
integrity sha1-KAS6vnEq0zeUWaz74kdGqywwP7w=
|
4700
|
-
dependencies:
|
4701
|
-
spdx-correct "~1.0.0"
|
4702
|
-
spdx-expression-parse "~1.0.0"
|
4703
|
-
|
4704
|
-
validate-npm-package-license@^3.0.4:
|
4586
|
+
validate-npm-package-license@^3.0.1, validate-npm-package-license@^3.0.4:
|
4705
4587
|
version "3.0.4"
|
4706
4588
|
resolved "https://registry.yarnpkg.com/validate-npm-package-license/-/validate-npm-package-license-3.0.4.tgz#fc91f6b9c7ba15c857f4cb2c5defeec39d4f410a"
|
4707
4589
|
integrity sha512-DpKm2Ui/xN7/HQKCtpZxoRWBhZ9Z0kqtygG8XCgNQ8ZlDnxuQmWhj566j8fN4Cu3/JmbhsDo7fcAJq4s9h27Ew==
|
@@ -137,6 +137,12 @@ module Dependabot
|
|
137
137
|
elsif error.message.include?("package requires php") ||
|
138
138
|
error.message.include?("cannot require itself")
|
139
139
|
raise Dependabot::DependencyFileNotResolvable, error.message
|
140
|
+
elsif error.message.include?("No driver found to handle VCS") &&
|
141
|
+
!error.message.include?("@") && !error.message.include?("://")
|
142
|
+
msg = "Dependabot detected a VCS requirement with a local path, "\
|
143
|
+
"rather than a URL. Dependabot does not support this "\
|
144
|
+
"setup.\n\nThe underlying error was:\n\n#{error.message}"
|
145
|
+
raise Dependabot::DependencyFileNotResolvable, msg
|
140
146
|
elsif error.message.include?("requirements could not be resolved")
|
141
147
|
# We should raise a Dependabot::DependencyFileNotResolvable error
|
142
148
|
# here, but can't confidently distinguish between cases where we
|
data/lib/dependabot/version.rb
CHANGED