dependabot-npm_and_yarn 0.192.0 → 0.194.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/helpers/package-lock.json +7 -7
- data/helpers/package.json +1 -1
- data/lib/dependabot/npm_and_yarn/package_name.rb +21 -12
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e0d51c9b925807c1a111f06b7c6261768977e9a1507e2172d0d687f135ea7dfc
|
4
|
+
data.tar.gz: 077d6d0b952070d41b80ab103873bf36a006b9fcdde1acd7c8d0525ef078668d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f60d6507d628f1bb68c671f8e0c33f903b2921d637bf10cff2d89dfa7d07ae360c9d7e0089fc519bad0f513973914dd29fab7e12f9e8a9482a91b5c1b18cf4b9
|
7
|
+
data.tar.gz: c448465b1ed7721d586cb267563c31ef7ffe3ccef21ce3662fb7f7a68b56d5712a2e8dce7c4967aa85c3387934f9849a0abaa607e94c6143f823236ac14800b4
|
data/helpers/package-lock.json
CHANGED
@@ -19,7 +19,7 @@
|
|
19
19
|
"eslint": "^8.15.0",
|
20
20
|
"eslint-config-prettier": "^8.5.0",
|
21
21
|
"jest": "^28.1.0",
|
22
|
-
"prettier": "^2.
|
22
|
+
"prettier": "^2.7.1",
|
23
23
|
"rimraf": "^3.0.2"
|
24
24
|
}
|
25
25
|
},
|
@@ -12167,9 +12167,9 @@
|
|
12167
12167
|
}
|
12168
12168
|
},
|
12169
12169
|
"node_modules/prettier": {
|
12170
|
-
"version": "2.
|
12171
|
-
"resolved": "https://registry.npmjs.org/prettier/-/prettier-2.
|
12172
|
-
"integrity": "sha512-
|
12170
|
+
"version": "2.7.1",
|
12171
|
+
"resolved": "https://registry.npmjs.org/prettier/-/prettier-2.7.1.tgz",
|
12172
|
+
"integrity": "sha512-ujppO+MkdPqoVINuDFDRLClm7D78qbDt0/NR+wp5FqEZOoTNAjPHWj17QRhu7geIHJfcNhRk1XVQmF8Bp3ye+g==",
|
12173
12173
|
"dev": true,
|
12174
12174
|
"bin": {
|
12175
12175
|
"prettier": "bin-prettier.js"
|
@@ -22908,9 +22908,9 @@
|
|
22908
22908
|
"integrity": "sha1-gV7R9uvGWSb4ZbMQwHE7yzMVzks="
|
22909
22909
|
},
|
22910
22910
|
"prettier": {
|
22911
|
-
"version": "2.
|
22912
|
-
"resolved": "https://registry.npmjs.org/prettier/-/prettier-2.
|
22913
|
-
"integrity": "sha512-
|
22911
|
+
"version": "2.7.1",
|
22912
|
+
"resolved": "https://registry.npmjs.org/prettier/-/prettier-2.7.1.tgz",
|
22913
|
+
"integrity": "sha512-ujppO+MkdPqoVINuDFDRLClm7D78qbDt0/NR+wp5FqEZOoTNAjPHWj17QRhu7geIHJfcNhRk1XVQmF8Bp3ye+g==",
|
22914
22914
|
"dev": true
|
22915
22915
|
},
|
22916
22916
|
"pretty-format": {
|
data/helpers/package.json
CHANGED
@@ -3,21 +3,30 @@
|
|
3
3
|
module Dependabot
|
4
4
|
module NpmAndYarn
|
5
5
|
class PackageName
|
6
|
+
# NPM package naming rules are defined by the following projects:
|
7
|
+
# - https://github.com/npm/npm-user-validate
|
8
|
+
# - https://github.com/npm/validate-npm-package-name
|
6
9
|
PACKAGE_NAME_REGEX = %r{
|
7
|
-
\A
|
8
|
-
(?=.{1,214}\z)
|
9
|
-
(@(?<scope>
|
10
|
-
|
11
|
-
|
12
|
-
|
10
|
+
\A # beginning of string
|
11
|
+
(?=.{1,214}\z) # enforce length (1 - 214)
|
12
|
+
(@(?<scope> # capture 'scope' if present
|
13
|
+
(?=[^\.]) # reject leading dot
|
14
|
+
[a-z0-9\-\_\.\!\~\*\'\(\)]+ # URL-safe characters
|
15
|
+
)\/)?
|
16
|
+
(?<name> # capture package name
|
17
|
+
(?=[^\.\_]) # reject leading dot or underscore
|
18
|
+
[a-z0-9\-\_\.\!\~\*\'\(\)]+ # URL-safe characters
|
19
|
+
)
|
20
|
+
\z # end of string
|
21
|
+
}xi.freeze # multi-line/case-insensitive
|
13
22
|
|
14
23
|
TYPES_PACKAGE_NAME_REGEX = %r{
|
15
|
-
\A
|
16
|
-
@types\/
|
17
|
-
((?<scope>.+)__)?
|
18
|
-
(?<name>.+)
|
19
|
-
\z
|
20
|
-
}xi.freeze
|
24
|
+
\A # beginning of string
|
25
|
+
@types\/ # starts with @types/
|
26
|
+
((?<scope>.+)__)? # capture scope
|
27
|
+
(?<name>.+) # capture name
|
28
|
+
\z # end of string
|
29
|
+
}xi.freeze # multi-line/case-insensitive
|
21
30
|
|
22
31
|
class InvalidPackageName < StandardError; end
|
23
32
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-npm_and_yarn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.194.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-06-
|
11
|
+
date: 2022-06-17 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dependabot-common
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.
|
19
|
+
version: 0.194.0
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.
|
26
|
+
version: 0.194.0
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: debase
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|