dependabot-npm_and_yarn 0.131.3 → 0.133.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/helpers/lib/npm6/updater.js +1 -0
- data/helpers/lib/npm7/index.js +5 -0
- data/helpers/lib/npm7/peer-dependency-checker.js +77 -0
- data/helpers/package.json +2 -2
- data/helpers/test/npm7/conflicting-dependency-parser.test.js +67 -0
- data/helpers/test/npm7/fixtures/conflicting-dependency-parser/deeply-nested/package-lock.json +1291 -0
- data/helpers/test/npm7/fixtures/conflicting-dependency-parser/deeply-nested/package.json +14 -0
- data/helpers/test/npm7/fixtures/conflicting-dependency-parser/nested/package-lock.json +411 -0
- data/helpers/test/npm7/fixtures/conflicting-dependency-parser/nested/package.json +14 -0
- data/helpers/test/npm7/fixtures/conflicting-dependency-parser/simple/package-lock.json +64 -0
- data/helpers/test/npm7/fixtures/conflicting-dependency-parser/simple/package.json +14 -0
- data/helpers/test/npm7/fixtures/peer-dependency-checker/peer_dependency/package-lock.json +290 -0
- data/helpers/test/npm7/fixtures/peer-dependency-checker/peer_dependency/package.json +23 -0
- data/helpers/test/npm7/fixtures/peer-dependency-checker/peer_dependency_multiple/package-lock.json +965 -0
- data/helpers/test/npm7/fixtures/peer-dependency-checker/peer_dependency_multiple/package.json +10 -0
- data/helpers/test/npm7/helpers.js +21 -0
- data/helpers/test/npm7/peer-dependency-checker.test.js +107 -0
- data/helpers/yarn.lock +1270 -1276
- data/lib/dependabot/npm_and_yarn/dependency_files_filterer.rb +3 -3
- data/lib/dependabot/npm_and_yarn/file_parser/lockfile_parser.rb +40 -16
- data/lib/dependabot/npm_and_yarn/file_updater.rb +9 -19
- data/lib/dependabot/npm_and_yarn/file_updater/npm_lockfile_updater.rb +409 -167
- data/lib/dependabot/npm_and_yarn/update_checker/subdependency_version_resolver.rb +1 -2
- data/lib/dependabot/npm_and_yarn/update_checker/version_resolver.rb +1 -2
- metadata +33 -4
|
@@ -113,11 +113,10 @@ module Dependabot
|
|
|
113
113
|
SharedHelpers.with_git_configured(credentials: credentials) do
|
|
114
114
|
Dir.chdir(path) do
|
|
115
115
|
npm_version = Dependabot::NpmAndYarn::Helpers.npm_version(lockfile_content)
|
|
116
|
-
Dependabot.logger.info(npm_version)
|
|
117
116
|
|
|
118
117
|
SharedHelpers.run_helper_subprocess(
|
|
119
118
|
command: NativeHelpers.helper_path,
|
|
120
|
-
function: "
|
|
119
|
+
function: "#{npm_version}:updateSubdependency",
|
|
121
120
|
args: [Dir.pwd, lockfile_name, [dependency.to_h]]
|
|
122
121
|
)
|
|
123
122
|
end
|
|
@@ -420,11 +420,10 @@ module Dependabot
|
|
|
420
420
|
f.name == [path, "package-lock.json"].join("/").sub(%r{\A.?\/}, "")
|
|
421
421
|
end
|
|
422
422
|
npm_version = Dependabot::NpmAndYarn::Helpers.npm_version(package_lock&.content)
|
|
423
|
-
Dependabot.logger.info(npm_version)
|
|
424
423
|
|
|
425
424
|
SharedHelpers.run_helper_subprocess(
|
|
426
425
|
command: NativeHelpers.helper_path,
|
|
427
|
-
function: "
|
|
426
|
+
function: "#{npm_version}:checkPeerDependencies",
|
|
428
427
|
args: [
|
|
429
428
|
Dir.pwd,
|
|
430
429
|
dependency.name,
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-npm_and_yarn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.133.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-02-
|
|
11
|
+
date: 2021-02-16 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.133.3
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.133.3
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -136,6 +136,20 @@ dependencies:
|
|
|
136
136
|
- - "~>"
|
|
137
137
|
- !ruby/object:Gem::Version
|
|
138
138
|
version: 0.9.1
|
|
139
|
+
- !ruby/object:Gem::Dependency
|
|
140
|
+
name: stackprof
|
|
141
|
+
requirement: !ruby/object:Gem::Requirement
|
|
142
|
+
requirements:
|
|
143
|
+
- - "~>"
|
|
144
|
+
- !ruby/object:Gem::Version
|
|
145
|
+
version: 0.2.16
|
|
146
|
+
type: :development
|
|
147
|
+
prerelease: false
|
|
148
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
149
|
+
requirements:
|
|
150
|
+
- - "~>"
|
|
151
|
+
- !ruby/object:Gem::Version
|
|
152
|
+
version: 0.2.16
|
|
139
153
|
- !ruby/object:Gem::Dependency
|
|
140
154
|
name: vcr
|
|
141
155
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -183,6 +197,8 @@ files:
|
|
|
183
197
|
- helpers/lib/npm6/remove-dependencies-from-lockfile.js
|
|
184
198
|
- helpers/lib/npm6/subdependency-updater.js
|
|
185
199
|
- helpers/lib/npm6/updater.js
|
|
200
|
+
- helpers/lib/npm7/index.js
|
|
201
|
+
- helpers/lib/npm7/peer-dependency-checker.js
|
|
186
202
|
- helpers/lib/yarn/conflicting-dependency-parser.js
|
|
187
203
|
- helpers/lib/yarn/fix-duplicates.js
|
|
188
204
|
- helpers/lib/yarn/helpers.js
|
|
@@ -206,6 +222,19 @@ files:
|
|
|
206
222
|
- helpers/test/npm6/fixtures/updater/updated/package-lock.json
|
|
207
223
|
- helpers/test/npm6/helpers.js
|
|
208
224
|
- helpers/test/npm6/updater.test.js
|
|
225
|
+
- helpers/test/npm7/conflicting-dependency-parser.test.js
|
|
226
|
+
- helpers/test/npm7/fixtures/conflicting-dependency-parser/deeply-nested/package-lock.json
|
|
227
|
+
- helpers/test/npm7/fixtures/conflicting-dependency-parser/deeply-nested/package.json
|
|
228
|
+
- helpers/test/npm7/fixtures/conflicting-dependency-parser/nested/package-lock.json
|
|
229
|
+
- helpers/test/npm7/fixtures/conflicting-dependency-parser/nested/package.json
|
|
230
|
+
- helpers/test/npm7/fixtures/conflicting-dependency-parser/simple/package-lock.json
|
|
231
|
+
- helpers/test/npm7/fixtures/conflicting-dependency-parser/simple/package.json
|
|
232
|
+
- helpers/test/npm7/fixtures/peer-dependency-checker/peer_dependency/package-lock.json
|
|
233
|
+
- helpers/test/npm7/fixtures/peer-dependency-checker/peer_dependency/package.json
|
|
234
|
+
- helpers/test/npm7/fixtures/peer-dependency-checker/peer_dependency_multiple/package-lock.json
|
|
235
|
+
- helpers/test/npm7/fixtures/peer-dependency-checker/peer_dependency_multiple/package.json
|
|
236
|
+
- helpers/test/npm7/helpers.js
|
|
237
|
+
- helpers/test/npm7/peer-dependency-checker.test.js
|
|
209
238
|
- helpers/test/yarn/conflicting-dependency-parser.test.js
|
|
210
239
|
- helpers/test/yarn/fixtures/conflicting-dependency-parser/deeply-nested/package.json
|
|
211
240
|
- helpers/test/yarn/fixtures/conflicting-dependency-parser/deeply-nested/yarn.lock
|