dependabot-npm_and_yarn 0.102.0 → 0.102.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/helpers/package.json +1 -1
- data/helpers/yarn.lock +4 -4
- data/lib/dependabot/npm_and_yarn/update_checker.rb +1 -0
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 8333cae6b07821e307a7c84324a9c119e4fed936de9a48ac3720ee5522c1b8c2
|
4
|
+
data.tar.gz: bb727480945231f4f0a9046f06977e73791f35f4f85f3e87ab4d942a8e3335bf
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c3b7aab6b05cca32e83d55709bd2a7a0f4edde2194e72a18ef2abf283dbad44a55e9fdb1e300835734f6097b295b370ca7bf9795e5a7f80e5fa92bc478845f31
|
7
|
+
data.tar.gz: f3f3744b96fc88d7be20b0d03acaa6988b5ec1fc0fd2bf0029d35abd462658f08db42307bf489e6429343b6772a3b12380523b32ae0ca4068abb653b9c6f9846
|
data/helpers/package.json
CHANGED
data/helpers/yarn.lock
CHANGED
@@ -4823,10 +4823,10 @@ prettier-linter-helpers@^1.0.0:
|
|
4823
4823
|
dependencies:
|
4824
4824
|
fast-diff "^1.1.2"
|
4825
4825
|
|
4826
|
-
prettier@^1.
|
4827
|
-
version "1.
|
4828
|
-
resolved "https://registry.yarnpkg.com/prettier/-/prettier-1.
|
4829
|
-
integrity sha512-
|
4826
|
+
prettier@^1.17.0:
|
4827
|
+
version "1.17.0"
|
4828
|
+
resolved "https://registry.yarnpkg.com/prettier/-/prettier-1.17.0.tgz#53b303676eed22cc14a9f0cec09b477b3026c008"
|
4829
|
+
integrity sha512-sXe5lSt2WQlCbydGETgfm1YBShgOX4HxQkFPvbxkcwgDvGDeqVau8h+12+lmSVlP3rHPz0oavfddSZg/q+Szjw==
|
4830
4830
|
|
4831
4831
|
pretty-format@^24.7.0:
|
4832
4832
|
version "24.7.0"
|
@@ -38,6 +38,7 @@ module Dependabot
|
|
38
38
|
|
39
39
|
def lowest_resolvable_security_fix_version
|
40
40
|
raise "Dependency not vulnerable!" unless vulnerable?
|
41
|
+
return latest_resolvable_version unless dependency.top_level?
|
41
42
|
|
42
43
|
# TODO: Might want to check resolvability here?
|
43
44
|
latest_version_finder.lowest_security_fix_version
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-npm_and_yarn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.102.
|
4
|
+
version: 0.102.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.102.
|
19
|
+
version: 0.102.1
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.102.
|
26
|
+
version: 0.102.1
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: byebug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|