dependabot-npm_and_yarn 0.148.5 → 0.148.10

Sign up to get free protection for your applications and to get access to all the features.
data/helpers/package.json CHANGED
@@ -18,7 +18,7 @@
18
18
  "devDependencies": {
19
19
  "eslint": "^7.26.0",
20
20
  "eslint-config-prettier": "^8.3.0",
21
- "jest": "^26.6.3",
21
+ "jest": "^27.0.1",
22
22
  "prettier": "^2.3.0",
23
23
  "rimraf": "^3.0.2"
24
24
  }
@@ -8,6 +8,7 @@ module Dependabot
8
8
  class Requirement < Gem::Requirement
9
9
  AND_SEPARATOR = /(?<=[a-zA-Z0-9*])\s+(?:&+\s+)?(?!\s*[|-])/.freeze
10
10
  OR_SEPARATOR = /(?<=[a-zA-Z0-9*])\s*\|+/.freeze
11
+ LATEST_REQUIREMENT = "latest"
11
12
 
12
13
  # Override the version pattern to allow a 'v' prefix
13
14
  quoted = OPS.keys.map { |k| Regexp.quote(k) }.join("|")
@@ -17,6 +18,7 @@ module Dependabot
17
18
  PATTERN = /\A#{PATTERN_RAW}\z/.freeze
18
19
 
19
20
  def self.parse(obj)
21
+ return ["=", nil] if obj.is_a?(String) && obj.strip == LATEST_REQUIREMENT
20
22
  return ["=", NpmAndYarn::Version.new(obj.to_s)] if obj.is_a?(Gem::Version)
21
23
 
22
24
  unless (matches = PATTERN.match(obj.to_s))
@@ -297,9 +297,8 @@ module Dependabot
297
297
 
298
298
  def dependency_source_details
299
299
  sources =
300
- dependency.requirements.map { |r| r.fetch(:source) }.uniq.compact
301
-
302
- raise "Multiple sources! #{sources.join(', ')}" if sources.count > 1
300
+ dependency.requirements.map { |r| r.fetch(:source) }.uniq.compact.
301
+ sort_by { |source| RegistryFinder.central_registry?(source[:url]) ? 1 : 0 }
303
302
 
304
303
  sources.first
305
304
  end
@@ -138,6 +138,8 @@ module Dependabot
138
138
  end
139
139
 
140
140
  def filter_lower_versions(versions_array)
141
+ return versions_array unless dependency.version && version_class.correct?(dependency.version)
142
+
141
143
  versions_array.
142
144
  select { |version, _| version > version_class.new(dependency.version) }
143
145
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-npm_and_yarn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.148.5
4
+ version: 0.148.10
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-05-21 00:00:00.000000000 Z
11
+ date: 2021-05-26 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.148.5
19
+ version: 0.148.10
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.148.5
26
+ version: 0.148.10
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement