dependabot-npm_and_yarn 0.119.6 → 0.120.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/helpers/package.json +2 -2
- data/helpers/yarn.lock +589 -660
- data/lib/dependabot/npm_and_yarn/metadata_finder.rb +2 -4
- data/lib/dependabot/npm_and_yarn/update_checker/latest_version_finder.rb +4 -8
- data/lib/dependabot/npm_and_yarn/update_checker/registry_finder.rb +3 -2
- metadata +6 -6
|
@@ -156,9 +156,8 @@ module Dependabot
|
|
|
156
156
|
|
|
157
157
|
response = Excon.get(
|
|
158
158
|
"#{dependency_url}/latest",
|
|
159
|
-
headers: registry_auth_headers,
|
|
160
159
|
idempotent: true,
|
|
161
|
-
**SharedHelpers.excon_defaults
|
|
160
|
+
**SharedHelpers.excon_defaults(headers: registry_auth_headers)
|
|
162
161
|
)
|
|
163
162
|
|
|
164
163
|
if response.status == 200
|
|
@@ -184,9 +183,8 @@ module Dependabot
|
|
|
184
183
|
|
|
185
184
|
response = Excon.get(
|
|
186
185
|
dependency_url,
|
|
187
|
-
headers: registry_auth_headers,
|
|
188
186
|
idempotent: true,
|
|
189
|
-
**SharedHelpers.excon_defaults
|
|
187
|
+
**SharedHelpers.excon_defaults(headers: registry_auth_headers)
|
|
190
188
|
)
|
|
191
189
|
|
|
192
190
|
return @npm_listing = {} if response.status >= 500
|
|
@@ -237,18 +237,16 @@ module Dependabot
|
|
|
237
237
|
begin
|
|
238
238
|
status = Excon.get(
|
|
239
239
|
dependency_url + "/#{version}",
|
|
240
|
-
headers: registry_auth_headers,
|
|
241
240
|
idempotent: true,
|
|
242
|
-
**SharedHelpers.excon_defaults
|
|
241
|
+
**SharedHelpers.excon_defaults(headers: registry_auth_headers)
|
|
243
242
|
).status
|
|
244
243
|
|
|
245
244
|
if status == 404 && dependency_registry != "registry.npmjs.org"
|
|
246
245
|
# Some registries don't handle escaped package names properly
|
|
247
246
|
status = Excon.get(
|
|
248
247
|
dependency_url.gsub("%2F", "/") + "/#{version}",
|
|
249
|
-
headers: registry_auth_headers,
|
|
250
248
|
idempotent: true,
|
|
251
|
-
**SharedHelpers.excon_defaults
|
|
249
|
+
**SharedHelpers.excon_defaults(headers: registry_auth_headers)
|
|
252
250
|
).status
|
|
253
251
|
end
|
|
254
252
|
|
|
@@ -271,9 +269,8 @@ module Dependabot
|
|
|
271
269
|
begin
|
|
272
270
|
Excon.get(
|
|
273
271
|
dependency_url + "/latest",
|
|
274
|
-
headers: registry_auth_headers,
|
|
275
272
|
idempotent: true,
|
|
276
|
-
**SharedHelpers.excon_defaults
|
|
273
|
+
**SharedHelpers.excon_defaults(headers: registry_auth_headers)
|
|
277
274
|
).status < 400
|
|
278
275
|
rescue Excon::Error::Timeout, Excon::Error::Socket
|
|
279
276
|
# Give the benefit of the doubt if the registry is playing up
|
|
@@ -307,9 +304,8 @@ module Dependabot
|
|
|
307
304
|
def fetch_npm_response
|
|
308
305
|
response = Excon.get(
|
|
309
306
|
dependency_url,
|
|
310
|
-
headers: registry_auth_headers,
|
|
311
307
|
idempotent: true,
|
|
312
|
-
**SharedHelpers.excon_defaults
|
|
308
|
+
**SharedHelpers.excon_defaults(headers: registry_auth_headers)
|
|
313
309
|
)
|
|
314
310
|
|
|
315
311
|
return response unless response.status == 500
|
|
@@ -45,9 +45,10 @@ module Dependabot
|
|
|
45
45
|
response = Excon.get(
|
|
46
46
|
"https://#{details['registry'].gsub(%r{/+$}, '')}/"\
|
|
47
47
|
"#{escaped_dependency_name}",
|
|
48
|
-
headers: auth_header_for(details["token"]),
|
|
49
48
|
idempotent: true,
|
|
50
|
-
**SharedHelpers.excon_defaults
|
|
49
|
+
**SharedHelpers.excon_defaults(
|
|
50
|
+
headers: auth_header_for(details["token"])
|
|
51
|
+
)
|
|
51
52
|
)
|
|
52
53
|
response.status < 400 && JSON.parse(response.body)
|
|
53
54
|
rescue Excon::Error::Timeout,
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-npm_and_yarn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.120.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-
|
|
11
|
+
date: 2020-10-01 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.120.4
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.120.4
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -100,14 +100,14 @@ dependencies:
|
|
|
100
100
|
requirements:
|
|
101
101
|
- - "~>"
|
|
102
102
|
- !ruby/object:Gem::Version
|
|
103
|
-
version: 0.
|
|
103
|
+
version: 0.91.0
|
|
104
104
|
type: :development
|
|
105
105
|
prerelease: false
|
|
106
106
|
version_requirements: !ruby/object:Gem::Requirement
|
|
107
107
|
requirements:
|
|
108
108
|
- - "~>"
|
|
109
109
|
- !ruby/object:Gem::Version
|
|
110
|
-
version: 0.
|
|
110
|
+
version: 0.91.0
|
|
111
111
|
- !ruby/object:Gem::Dependency
|
|
112
112
|
name: vcr
|
|
113
113
|
requirement: !ruby/object:Gem::Requirement
|