dependabot-npm_and_yarn 0.221.0 → 0.223.0
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ff55947e0bd3994dacabd209bd8bc2808883174d0f1a64698ac7e1e13323d040
|
4
|
+
data.tar.gz: 5109ec4834694edd1e0d6d47e7399a957493e1fb2b2b49ede9ebb9edce6fcc9e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e2f094bd80d6d64ffe95c09db9eb3baf1ad17768234f899a01d37cd824b6e5cf4ea56f821f03eda9614a44bfeb5c3b0afe1eaeb2448783c7ca35d9263e1a8318
|
7
|
+
data.tar.gz: dded8305ae9227f108d3e444d87273e2b3fa7be748422828bbd80edc9620b860de29f8a89f2525bae639812b2515442c134e3d710d915d21cff8c5828f915a96
|
@@ -14,7 +14,7 @@ module Dependabot
|
|
14
14
|
quoted = OPS.keys.map { |k| Regexp.quote(k) }.join("|")
|
15
15
|
version_pattern = "v?#{NpmAndYarn::Version::VERSION_PATTERN}"
|
16
16
|
|
17
|
-
PATTERN_RAW = "\\s*(#{quoted})?\\s*(#{version_pattern})\\s*"
|
17
|
+
PATTERN_RAW = "\\s*(#{quoted})?\\s*(#{version_pattern})\\s*".freeze
|
18
18
|
PATTERN = /\A#{PATTERN_RAW}\z/
|
19
19
|
|
20
20
|
def self.parse(obj)
|
@@ -79,11 +79,12 @@ module Dependabot
|
|
79
79
|
/x
|
80
80
|
|
81
81
|
def initialize(dependency:, credentials:, dependency_files:,
|
82
|
-
latest_allowable_version:, latest_version_finder:, repo_contents_path:)
|
82
|
+
latest_allowable_version:, latest_version_finder:, repo_contents_path:, dependency_group: nil)
|
83
83
|
@dependency = dependency
|
84
84
|
@credentials = credentials
|
85
85
|
@dependency_files = dependency_files
|
86
86
|
@latest_allowable_version = latest_allowable_version
|
87
|
+
@dependency_group = dependency_group
|
87
88
|
|
88
89
|
@latest_version_finder = {}
|
89
90
|
@latest_version_finder[dependency] = latest_version_finder
|
@@ -153,7 +154,7 @@ module Dependabot
|
|
153
154
|
private
|
154
155
|
|
155
156
|
attr_reader :dependency, :credentials, :dependency_files,
|
156
|
-
:latest_allowable_version, :repo_contents_path
|
157
|
+
:latest_allowable_version, :repo_contents_path, :dependency_group
|
157
158
|
|
158
159
|
def latest_version_finder(dep)
|
159
160
|
@latest_version_finder[dep] ||=
|
@@ -399,6 +400,17 @@ module Dependabot
|
|
399
400
|
dep[:requiring_dep_name] == dependency.name
|
400
401
|
end
|
401
402
|
|
403
|
+
unless dependency_group.nil?
|
404
|
+
# Ignore unmet peer dependencies that are in the dependency group because
|
405
|
+
# the update is also updating those dependencies.
|
406
|
+
relevant_unmet_peer_dependencies.reject! do |dep|
|
407
|
+
dependency_group.dependencies.any? do |group_dep|
|
408
|
+
dep[:requirement_name] == group_dep.name ||
|
409
|
+
dep[:requiring_dep_name] == group_dep.name
|
410
|
+
end
|
411
|
+
end
|
412
|
+
end
|
413
|
+
|
402
414
|
return [] if relevant_unmet_peer_dependencies.empty?
|
403
415
|
|
404
416
|
# Prune out any pre-existing warnings
|
@@ -330,7 +330,8 @@ module Dependabot
|
|
330
330
|
dependency_files: dependency_files,
|
331
331
|
latest_allowable_version: latest_version,
|
332
332
|
latest_version_finder: latest_version_finder,
|
333
|
-
repo_contents_path: repo_contents_path
|
333
|
+
repo_contents_path: repo_contents_path,
|
334
|
+
dependency_group: dependency_group
|
334
335
|
)
|
335
336
|
end
|
336
337
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-npm_and_yarn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.223.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-07-
|
11
|
+
date: 2023-07-25 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dependabot-common
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.
|
19
|
+
version: 0.223.0
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.
|
26
|
+
version: 0.223.0
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: debug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -280,7 +280,7 @@ licenses:
|
|
280
280
|
- Nonstandard
|
281
281
|
metadata:
|
282
282
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
283
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
283
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.223.0
|
284
284
|
post_install_message:
|
285
285
|
rdoc_options: []
|
286
286
|
require_paths:
|