dependabot-npm_and_yarn 0.119.3 → 0.120.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2340984d63e9e3857a9e46bf2c2fa48c95909b054a05360fdb886967801e0b2c
-  data.tar.gz: 132deb9d358b3b7954c29fd3e740ec733a90fd9667f09e5486b34f6a17c8a9ee
+  metadata.gz: a40a9df4943b269d53644e0a34f3e667978e5bf777f1a3a2937e558171cbc45d
+  data.tar.gz: c8d9d332a154a859a9c008f576c89ff780f07374e3f4d99ac5002b940207727f
 SHA512:
-  metadata.gz: 2a2677b777e682fee09368e516f11e36aed89a0ac8dec28f966f193392eef8adf1f8b78e9679a195ce62c897093d6b6dd4ccb19c70280d77e85035c46ea2ab5d
-  data.tar.gz: a27d191b48036f2abfe5904a5f2caf28686017fd4afa3b695a2671b1080310534d69e7a0f43dc9d124668999d6239d42a0ff64444c1aac619f618c744d898ca1
+  metadata.gz: 4c3cc1b09ae101fc24ef9f87e4fce546443dc52d2e46e9b523930880e49f4d334132852d9cc7e2e266dd95ec38a8c7806f7091b977591c499b276dd19a500a01
+  data.tar.gz: bc1b6a47fa83857f08863bc4f644ad0322882bc79a3f2c1826e6bd902522ff34fc9885b2b80d7aaad1013dbd2db06ac614323e714adf4a7a0e69524c1e0d7831

data/helpers/package.json

@@ -15,10 +15,10 @@
     "semver": "^7.3.2"
   },
   "devDependencies": {
-    "eslint": "^7.8.1",
+    "eslint": "^7.9.0",
     "eslint-plugin-prettier": "^3.1.4",
     "jest": "^26.4.2",
-    "prettier": "^2.1.1",
+    "prettier": "^2.1.2",
     "rimraf": "^3.0.2"
   }
 }

data/helpers/yarn.lock

@@ -2064,10 +2064,10 @@ eslint-visitor-keys@^1.1.0, eslint-visitor-keys@^1.3.0:
   resolved "https://registry.yarnpkg.com/eslint-visitor-keys/-/eslint-visitor-keys-1.3.0.tgz#30ebd1ef7c2fdff01c3a4f151044af25fab0523e"
   integrity sha512-6J72N8UNa462wa/KFODt/PJ3IU60SDpC3QXC1Hjc1BXXpfL2C9R5+AU7jhe0F6GREqVMh4Juu+NY7xn+6dipUQ==
 
-eslint@^7.8.1:
-  version "7.8.1"
-  resolved "https://registry.yarnpkg.com/eslint/-/eslint-7.8.1.tgz#e59de3573fb6a5be8ff526c791571646d124a8fa"
-  integrity sha512-/2rX2pfhyUG0y+A123d0ccXtMm7DV7sH1m3lk9nk2DZ2LReq39FXHueR9xZwshE5MdfSf0xunSaMWRqyIA6M1w==
+eslint@^7.9.0:
+  version "7.9.0"
+  resolved "https://registry.yarnpkg.com/eslint/-/eslint-7.9.0.tgz#522aeccc5c3a19017cf0cb46ebfd660a79acf337"
+  integrity sha512-V6QyhX21+uXp4T+3nrNfI3hQNBDa/P8ga7LoQOenwrlEFXrEnUEE+ok1dMtaS3b6rmLXhT1TkTIsG75HMLbknA==
   dependencies:
     "@babel/code-frame" "^7.0.0"
     "@eslint/eslintrc" "^0.1.3"
@@ -5393,10 +5393,10 @@ prettier-linter-helpers@^1.0.0:
   dependencies:
     fast-diff "^1.1.2"
 
-prettier@^2.1.1:
-  version "2.1.1"
-  resolved "https://registry.yarnpkg.com/prettier/-/prettier-2.1.1.tgz#d9485dd5e499daa6cb547023b87a6cf51bee37d6"
-  integrity sha512-9bY+5ZWCfqj3ghYBLxApy2zf6m+NJo5GzmLTpr9FsApsfjriNnS2dahWReHMi7qNPhhHl9SYHJs2cHZLgexNIw==
+prettier@^2.1.2:
+  version "2.1.2"
+  resolved "https://registry.yarnpkg.com/prettier/-/prettier-2.1.2.tgz#3050700dae2e4c8b67c4c3f666cdb8af405e1ce5"
+  integrity sha512-16c7K+x4qVlJg9rEbXl7HEGmQyZlG4R9AgP+oHKRMsMsuk8s+ATStlf1NpDqyBI1HpVyfjLOeMhH2LvuNvV5Vg==
 
 pretty-format@^26.4.2:
   version "26.4.2"

data/lib/dependabot/npm_and_yarn/file_fetcher.rb

@@ -31,7 +31,6 @@ module Dependabot
 
       private
 
-      # rubocop:disable Metrics/PerceivedComplexity
       def fetch_files
         fetched_files = []
         fetched_files << package_json
@@ -48,8 +47,6 @@ module Dependabot
         fetched_files.uniq
       end
 
-      # rubocop:enable Metrics/PerceivedComplexity
-
       def package_json
         @package_json ||= fetch_file_from_host("package.json")
       end
@@ -173,6 +170,7 @@ module Dependabot
         ].uniq
       end
 
+      # rubocop:disable Metrics/PerceivedComplexity
       # rubocop:disable Metrics/AbcSize
       def path_dependency_details_from_manifest(file)
         return [] unless file.name.end_with?("package.json")
@@ -208,6 +206,7 @@ module Dependabot
         raise Dependabot::DependencyFileNotParseable, file.path
       end
       # rubocop:enable Metrics/AbcSize
+      # rubocop:enable Metrics/PerceivedComplexity
 
       def path_dependency_details_from_npm_lockfile(parsed_lockfile)
         path_starts = NPM_PATH_DEPENDENCY_STARTS

data/lib/dependabot/npm_and_yarn/file_updater/npmrc_builder.rb

@@ -127,7 +127,6 @@ module Dependabot
           build_npmrc_content_from_lockfile
         end
 
-        # rubocop:disable Metrics/PerceivedComplexity
         def credential_lines_for_npmrc
           lines = []
           registry_credentials.each do |cred|
@@ -154,8 +153,8 @@ module Dependabot
           # Work around a suspected yarn bug
           ["always-auth = true"] + lines
         end
-        # rubocop:enable Metrics/PerceivedComplexity
 
+        # rubocop:disable Metrics/PerceivedComplexity
         def registry_scopes(registry)
           # Central registries don't just apply to scopes
           return if CENTRAL_REGISTRIES.include?(registry)
@@ -182,6 +181,7 @@ module Dependabot
 
           scopes.map { |scope| "@#{scope}:registry=https://#{registry}" }
         end
+        # rubocop:enable Metrics/PerceivedComplexity
 
         def registry_credentials
           credentials.select { |cred| cred.fetch("type") == "npm_registry" }

data/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb

@@ -171,7 +171,7 @@ module Dependabot
           # Local path error: When installing a git dependency which
           # is using local file paths for sub-dependencies (e.g. unbuilt yarn
           # workspace project)
-          sub_dep_local_path_err = "Package \"\" refers to a non-existing file"
+          sub_dep_local_path_err = 'Package "" refers to a non-existing file'
           if error_message.match?(INVALID_PACKAGE) ||
              error_message.start_with?(sub_dep_local_path_err)
             raise_resolvability_error(error_message, yarn_lock)

data/lib/dependabot/npm_and_yarn/requirement.rb

@@ -56,7 +56,6 @@ module Dependabot
 
       private
 
-      # rubocop:disable Metrics/PerceivedComplexity
       def convert_js_constraint_to_ruby_constraint(req_string)
         return req_string if req_string.match?(/^([A-Za-uw-z]|v[^\d])/)
 
@@ -72,7 +71,6 @@ module Dependabot
         else ruby_range(req_string)
         end
       end
-      # rubocop:enable Metrics/PerceivedComplexity
 
       def convert_tilde_req(req_string)
         version = req_string.gsub(/^~\>?[\s=]*/, "")
@@ -112,11 +110,10 @@ module Dependabot
         "~> #{parts.join('.')}"
       end
 
-      # rubocop:disable Metrics/PerceivedComplexity
       def convert_caret_req(req_string)
         version = req_string.gsub(/^\^[\s=]*/, "")
         parts = version.split(".")
-        parts = parts.fill("x", parts.length...3)
+        parts.fill("x", parts.length...3)
         first_non_zero = parts.find { |d| d != "0" }
         first_non_zero_index =
           first_non_zero ? parts.index(first_non_zero) : parts.count - 1
@@ -133,7 +130,6 @@ module Dependabot
 
         [">= #{version}", "< #{upper_bound}"]
       end
-      # rubocop:enable Metrics/PerceivedComplexity
     end
   end
 end

data/lib/dependabot/npm_and_yarn/update_checker/latest_version_finder.rb

@@ -167,6 +167,7 @@ module Dependabot
           wants_latest_dist_tag?(latest) ? latest : nil
         end
 
+        # rubocop:disable Metrics/PerceivedComplexity
         def related_to_current_pre?(version)
           current_version = dependency.version
           if current_version &&
@@ -188,6 +189,7 @@ module Dependabot
             false
           end
         end
+        # rubocop:enable Metrics/PerceivedComplexity
 
         def specified_dist_tag_requirement?
           dependency.requirements.any? do |req|

data/lib/dependabot/npm_and_yarn/update_checker/subdependency_version_resolver.rb

@@ -82,7 +82,6 @@ module Dependabot
           version_class.new(updated_version)
         end
 
-        # rubocop:disable Metrics/PerceivedComplexity
         def run_yarn_updater(path, lockfile_name)
           SharedHelpers.with_git_configured(credentials: credentials) do
             Dir.chdir(path) do
@@ -107,8 +106,6 @@ module Dependabot
           sleep(rand(3.0..10.0)) && retry
         end
 
-        # rubocop:enable Metrics/PerceivedComplexity
-
         def run_npm_updater(path, lockfile_name)
           SharedHelpers.with_git_configured(credentials: credentials) do
             Dir.chdir(path) do

data/lib/dependabot/npm_and_yarn/update_checker/version_resolver.rb

@@ -130,6 +130,7 @@ module Dependabot
             )
         end
 
+        # rubocop:disable Metrics/PerceivedComplexity
         def resolve_latest_previous_version(dep, updated_version)
           return dep.version if dep.version
 
@@ -160,6 +161,7 @@ module Dependabot
             latest_previous_version
           end
         end
+        # rubocop:enable Metrics/PerceivedComplexity
 
         def part_of_tightly_locked_monorepo?
           monorepo_dep_names =

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-npm_and_yarn
 version: !ruby/object:Gem::Version
-  version: 0.119.3
+  version: 0.120.1
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-09-10 00:00:00.000000000 Z
+date: 2020-09-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.119.3
+        version: 0.120.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.119.3
+        version: 0.120.1
 - !ruby/object:Gem::Dependency
   name: byebug
   requirement: !ruby/object:Gem::Requirement
@@ -100,14 +100,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.88.0
+        version: 0.91.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.88.0
+        version: 0.91.0
 - !ruby/object:Gem::Dependency
   name: vcr
   requirement: !ruby/object:Gem::Requirement