dependabot-npm_and_yarn 0.174.0 → 0.176.0
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 584536d769129c8c4ec7b91ed6f3e3b61a67480202507c1fb8f447cf92597123
|
4
|
+
data.tar.gz: 787fea358f2e07bf4e1633034bdf4a88e1a35f9451d5fb0154466a49dd18d103
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c76654e95d7337e5d3200e84598d6f06a8cd3ecdbba511ed20b703727e9b08a2542ae8b587bc23d8ce4c533d111a9b1c1bcc30eb663506f918610e212f4370a5
|
7
|
+
data.tar.gz: 16aa94ffcd7a1209e8c8ec520421de5d1d52362a644ac19129788433ad118ca749da51eed4c58003690d8a9f59c8a48f57001ec08a71bb222e4935f50d02db47
|
@@ -476,6 +476,7 @@ module Dependabot
|
|
476
476
|
updated_content = lock_deps_with_latest_reqs(updated_content)
|
477
477
|
|
478
478
|
updated_content = sanitized_package_json_content(updated_content)
|
479
|
+
|
479
480
|
File.write(file.name, updated_content)
|
480
481
|
end
|
481
482
|
end
|
@@ -495,6 +496,16 @@ module Dependabot
|
|
495
496
|
end
|
496
497
|
end
|
497
498
|
|
499
|
+
# Takes a JSON string and detects if it is spaces or tabs and how many
|
500
|
+
# levels deep it is indented.
|
501
|
+
def detect_indentation(json)
|
502
|
+
indentation = json.scan(/^\s+/).min_by(&:length)
|
503
|
+
indentation_size = indentation.length
|
504
|
+
indentation_type = indentation.scan(/\t/).any? ? "\t" : " "
|
505
|
+
|
506
|
+
indentation_type * indentation_size
|
507
|
+
end
|
508
|
+
|
498
509
|
def lock_git_deps(content)
|
499
510
|
return content if git_dependencies_to_lock.empty?
|
500
511
|
|
@@ -508,7 +519,8 @@ module Dependabot
|
|
508
519
|
end
|
509
520
|
end
|
510
521
|
|
511
|
-
|
522
|
+
indent = detect_indentation(content)
|
523
|
+
JSON.pretty_generate(json, indent: indent)
|
512
524
|
end
|
513
525
|
|
514
526
|
def git_dependencies_to_lock
|
@@ -549,7 +561,8 @@ module Dependabot
|
|
549
561
|
end
|
550
562
|
end
|
551
563
|
|
552
|
-
|
564
|
+
indent = detect_indentation(content)
|
565
|
+
JSON.pretty_generate(json, indent: indent)
|
553
566
|
end
|
554
567
|
|
555
568
|
def replace_ssh_sources(content)
|
@@ -56,8 +56,8 @@ module Dependabot
|
|
56
56
|
# npm ERR! peer @opentelemetry/api@">=1.0.0 <1.1.0" from @opentelemetry/context-async-hooks@1.0.1
|
57
57
|
NPM7_PEER_DEP_ERROR_REGEX =
|
58
58
|
/
|
59
|
-
npm\
|
60
|
-
npm\
|
59
|
+
npm\s(?:WARN|ERR!)\sCould\snot\sresolve\sdependency:\n
|
60
|
+
npm\s(?:WARN|ERR!)\speer\s(?<required_dep>\S+@\S+(\s\S+)?)\sfrom\s(?<requiring_dep>\S+@\S+)
|
61
61
|
/x.freeze
|
62
62
|
|
63
63
|
def initialize(dependency:, credentials:, dependency_files:,
|
@@ -458,10 +458,13 @@ module Dependabot
|
|
458
458
|
end
|
459
459
|
|
460
460
|
def run_npm7_checker(version:)
|
461
|
-
|
461
|
+
cmd =
|
462
462
|
"npm install #{version_install_arg(version: version)} --package-lock-only --dry-run=true --ignore-scripts"
|
463
|
-
)
|
464
|
-
|
463
|
+
output = SharedHelpers.run_shell_command(cmd)
|
464
|
+
if output.match?(NPM7_PEER_DEP_ERROR_REGEX)
|
465
|
+
error_context = { command: cmd, process_exit_value: 1 }
|
466
|
+
raise SharedHelpers::HelperSubprocessFailed.new(message: output, error_context: error_context)
|
467
|
+
end
|
465
468
|
rescue SharedHelpers::HelperSubprocessFailed => e
|
466
469
|
raise if e.message.match?(NPM7_PEER_DEP_ERROR_REGEX)
|
467
470
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-npm_and_yarn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.176.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-02-
|
11
|
+
date: 2022-02-28 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dependabot-common
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.
|
19
|
+
version: 0.176.0
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.
|
26
|
+
version: 0.176.0
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: debug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|