dependabot-npm_and_yarn 0.145.0 → 0.146.0
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 05b919ec4c22439443fdfeaf388837e3b549e55750f00dee6417d2c2c2f5c9aa
|
|
4
|
+
data.tar.gz: a2681785863d7cdab2a9d02aa75f36852505845668256bc4d7bff979b1e9c5f8
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 16c3f459770bc46845199f25d52a30b7b5c3061d62af56813e8d66f7cac4c771bc0c95cd69e5fd0cc909fabf9c09b13028affddab1914b50a8d45706a3f92d71
|
|
7
|
+
data.tar.gz: e4888767b0a0bc0f58942b05ae0cfaeb1d60fc9394b4e63cc6306bd95833253a781fceac15fbfadecd91ed5ee65d85f1d85f97fecff43d010703c3c507f685c8
|
data/helpers/package-lock.json
CHANGED
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
"name": "@dependabot/helper",
|
|
8
8
|
"dependencies": {
|
|
9
9
|
"@dependabot/yarn-lib": "^1.21.1",
|
|
10
|
-
"@npmcli/arborist": "^2.4.
|
|
10
|
+
"@npmcli/arborist": "^2.4.2",
|
|
11
11
|
"detect-indent": "^6.0.0",
|
|
12
12
|
"npm": "6.14.13",
|
|
13
13
|
"semver": "^7.3.4"
|
|
@@ -1425,9 +1425,9 @@
|
|
|
1425
1425
|
}
|
|
1426
1426
|
},
|
|
1427
1427
|
"node_modules/@npmcli/arborist": {
|
|
1428
|
-
"version": "2.4.
|
|
1429
|
-
"resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-2.4.
|
|
1430
|
-
"integrity": "sha512-
|
|
1428
|
+
"version": "2.4.2",
|
|
1429
|
+
"resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-2.4.2.tgz",
|
|
1430
|
+
"integrity": "sha512-QrsMrRWzO1D2EmPQheyPz1yRnnmln6vPe4SujV4cRF0v9qIAQbD8M0dMH6K3y+w/2X3t7vg5lx20LHXsbcu7lw==",
|
|
1431
1431
|
"dependencies": {
|
|
1432
1432
|
"@npmcli/installed-package-contents": "^1.0.7",
|
|
1433
1433
|
"@npmcli/map-workspaces": "^1.0.2",
|
|
@@ -17257,9 +17257,9 @@
|
|
|
17257
17257
|
}
|
|
17258
17258
|
},
|
|
17259
17259
|
"@npmcli/arborist": {
|
|
17260
|
-
"version": "2.4.
|
|
17261
|
-
"resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-2.4.
|
|
17262
|
-
"integrity": "sha512-
|
|
17260
|
+
"version": "2.4.2",
|
|
17261
|
+
"resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-2.4.2.tgz",
|
|
17262
|
+
"integrity": "sha512-QrsMrRWzO1D2EmPQheyPz1yRnnmln6vPe4SujV4cRF0v9qIAQbD8M0dMH6K3y+w/2X3t7vg5lx20LHXsbcu7lw==",
|
|
17263
17263
|
"requires": {
|
|
17264
17264
|
"@npmcli/installed-package-contents": "^1.0.7",
|
|
17265
17265
|
"@npmcli/map-workspaces": "^1.0.2",
|
data/helpers/package.json
CHANGED
data/helpers/test/npm6/fixtures/conflicting-dependency-parser/deeply-nested/package-lock.json
CHANGED
|
@@ -418,9 +418,9 @@
|
|
|
418
418
|
"integrity": "sha512-+lP4/6lKUBfQjZ2pdxThZvLUAafmZb8OAxFb8XXtiQmS35INgr85hdOGoEs124ez1FCnZJt6jau/T+alh58QFQ=="
|
|
419
419
|
},
|
|
420
420
|
"lodash": {
|
|
421
|
-
"version": "4.17.
|
|
422
|
-
"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.
|
|
423
|
-
"integrity": "sha512-
|
|
421
|
+
"version": "4.17.21",
|
|
422
|
+
"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
|
|
423
|
+
"integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg=="
|
|
424
424
|
},
|
|
425
425
|
"lru-queue": {
|
|
426
426
|
"version": "0.1.0",
|
|
@@ -109,7 +109,9 @@ module Dependabot
|
|
|
109
109
|
ignore_requirements.any? { |r| r.satisfied_by?(v) }
|
|
110
110
|
end
|
|
111
111
|
|
|
112
|
-
|
|
112
|
+
if @raise_on_ignored && filter_lower_versions(filtered).empty? && filter_lower_versions(versions_array).any?
|
|
113
|
+
raise AllVersionsIgnored
|
|
114
|
+
end
|
|
113
115
|
|
|
114
116
|
filtered
|
|
115
117
|
end
|
|
@@ -137,7 +139,7 @@ module Dependabot
|
|
|
137
139
|
|
|
138
140
|
def filter_lower_versions(versions_array)
|
|
139
141
|
versions_array.
|
|
140
|
-
select { |version| version > version_class.new(dependency.version) }
|
|
142
|
+
select { |version, _| version > version_class.new(dependency.version) }
|
|
141
143
|
end
|
|
142
144
|
|
|
143
145
|
def version_from_dist_tags
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-npm_and_yarn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.146.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-05-
|
|
11
|
+
date: 2021-05-11 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.146.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.146.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -100,14 +100,14 @@ dependencies:
|
|
|
100
100
|
requirements:
|
|
101
101
|
- - "~>"
|
|
102
102
|
- !ruby/object:Gem::Version
|
|
103
|
-
version: 1.
|
|
103
|
+
version: 1.14.0
|
|
104
104
|
type: :development
|
|
105
105
|
prerelease: false
|
|
106
106
|
version_requirements: !ruby/object:Gem::Requirement
|
|
107
107
|
requirements:
|
|
108
108
|
- - "~>"
|
|
109
109
|
- !ruby/object:Gem::Version
|
|
110
|
-
version: 1.
|
|
110
|
+
version: 1.14.0
|
|
111
111
|
- !ruby/object:Gem::Dependency
|
|
112
112
|
name: simplecov
|
|
113
113
|
requirement: !ruby/object:Gem::Requirement
|