dependabot-npm_and_yarn 0.171.5 → 0.173.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/npm_and_yarn/file_updater/npm_lockfile_updater.rb +1 -1
  3. data/lib/dependabot/npm_and_yarn/update_checker/version_resolver.rb +5 -1
  4. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d5484552cec2fb0bc83bc67bd1b57a56c4af064943555661726099fb1728d9a1
4
- data.tar.gz: 32c5305ca7648e690c7d6aad4aa20617e4b6604314064e70078168bc3ba7c73c
3
+ metadata.gz: 5604cd35d506a384bd90cbae2a6f7c6771317014a718012a1fe0b5eda3a5ac08
4
+ data.tar.gz: a8d378b9aca1e288705b1f8bf63b02b6d9b769a3d44b2a07fe606fecbe5aaa05
5
5
  SHA512:
6
- metadata.gz: d02fe862da08c067d4647a4c46c67d89ac0ec154175a188429bc911915d61522e1e61b680cceee25f546b00962aa96f013a9f5b283f4cae1b979b620af26e295
7
- data.tar.gz: 35e1b08d942bc519083dd159f28680d13eca1a27190da7cb320b66d20bb2bf23f318281039bf97bbad059d6446e9aee6c904520e6699bcde8ecf004e922d7cd1
6
+ metadata.gz: 5d6a26a68fc54063dfc19706a8c1cad3ca90c16895a4d6206e389397bea18abf96f9b2e751298fe36203572d20e45cc0cb8ead51ec74deaac76f57e460d35985
7
+ data.tar.gz: b3949fa1bd29a56c1ab2541f345d54426284e04cacca7f74dfe29d2f0a1f010db7bb1ea7ef3e8a3880693ec9168ba0641808246129966a740c956291dd8fb419
data/lib/dependabot/npm_and_yarn/file_updater/npm_lockfile_updater.rb CHANGED
@@ -355,7 +355,7 @@ module Dependabot
355
355
  # In this case we want to raise a more helpful error message asking
356
356
  # people to re-generate their lockfiles (Future feature idea: add a
357
357
  # way to click-to-fix the lockfile from the issue)
358
- if error_message.include?("Cannot read property 'match' of ") &&
358
+ if error_message.include?("Cannot read properties of undefined (reading 'match')") &&
359
359
  !resolvable_before_update?
360
360
  raise_missing_lockfile_version_resolvability_error(error_message)
361
361
  end
data/lib/dependabot/npm_and_yarn/update_checker/version_resolver.rb CHANGED
@@ -50,10 +50,14 @@ module Dependabot
50
50
  # Error message from npm install:
51
51
  # npm ERR! Could not resolve dependency:
52
52
  # npm ERR! peer react@"^16.14.0" from react-dom@16.14.0
53
+ #
54
+ # or with two semver constraints:
55
+ # npm ERR! Could not resolve dependency:
56
+ # npm ERR! peer @opentelemetry/api@">=1.0.0 <1.1.0" from @opentelemetry/context-async-hooks@1.0.1
53
57
  NPM7_PEER_DEP_ERROR_REGEX =
54
58
  /
55
59
  npm\sERR!\sCould\snot\sresolve\sdependency:\n
56
- npm\sERR!\speer\s(?<required_dep>\S+@\S+)\sfrom\s(?<requiring_dep>\S+@\S+)
60
+ npm\sERR!\speer\s(?<required_dep>\S+@\S+(\s\S+)?)\sfrom\s(?<requiring_dep>\S+@\S+)
57
61
  /x.freeze
58
62
 
59
63
  def initialize(dependency:, credentials:, dependency_files:,
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-npm_and_yarn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.171.5
4
+ version: 0.173.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-02-07 00:00:00.000000000 Z
11
+ date: 2022-02-14 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.171.5
19
+ version: 0.173.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.171.5
26
+ version: 0.173.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debug
29
29
  requirement: !ruby/object:Gem::Requirement