dependabot-npm_and_yarn 0.242.0 → 0.243.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/helpers/lib/yarn/conflicting-dependency-parser.js +1 -1
- data/helpers/package-lock.json +71 -71
- data/helpers/package.json +5 -5
- data/lib/dependabot/npm_and_yarn/file_updater/npm_lockfile_updater.rb +3 -3
- data/lib/dependabot/npm_and_yarn/file_updater.rb +1 -1
- data/lib/dependabot/npm_and_yarn/update_checker/registry_finder.rb +1 -1
- data/lib/dependabot/npm_and_yarn/update_checker/vulnerability_auditor.rb +1 -1
- data/lib/dependabot/npm_and_yarn.rb +0 -3
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 5136c94eccfada329b600d35705b57551bed840c1bbb04779effc85df1d4d3c3
|
|
4
|
+
data.tar.gz: 28383dc7b14da54c591fb1ed21e0b5dc76048e24e8fedd023fc8cb50a437e510
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 25073d44320091a2564534dd91d85e123828ca630cdfe242cf78bb4235d366092778a05f099933e446a87c70b57f5e0758d787953aef018a586c185d643d6f25
|
|
7
|
+
data.tar.gz: 346a45d049cc536c8d1de94209790d0e2459e168471e4de08e493c6434b4eff60e4e8179174c690b8e86ec2ba12af66d93a66ab55d74e8e1f0422c648b762ae5
|
|
@@ -101,7 +101,7 @@ function findConflictingParentDependencies(
|
|
|
101
101
|
checkedEntries = new Set(),
|
|
102
102
|
conflictingParents = new Map()
|
|
103
103
|
) {
|
|
104
|
-
// Prevent
|
|
104
|
+
// Prevent infinite loops for circular dependencies by only checking each
|
|
105
105
|
// lockfile entry once
|
|
106
106
|
const checkedEntry = [dependency, requirement].join("@");
|
|
107
107
|
if (checkedEntries.has(checkedEntry)) {
|
data/helpers/package-lock.json
CHANGED
|
@@ -8,11 +8,11 @@
|
|
|
8
8
|
"hasInstallScript": true,
|
|
9
9
|
"dependencies": {
|
|
10
10
|
"@dependabot/yarn-lib": "^1.22.19",
|
|
11
|
-
"@npmcli/arborist": "^7.3.
|
|
11
|
+
"@npmcli/arborist": "^7.3.1",
|
|
12
12
|
"@pnpm/dependency-path": "^2.1.1",
|
|
13
13
|
"@pnpm/lockfile-file": "^8.1.6",
|
|
14
14
|
"detect-indent": "^6.1.0",
|
|
15
|
-
"nock": "^13.5.
|
|
15
|
+
"nock": "^13.5.1",
|
|
16
16
|
"npm": "6.14.18",
|
|
17
17
|
"patch-package": "^8.0.0",
|
|
18
18
|
"semver": "^7.4.0"
|
|
@@ -21,10 +21,10 @@
|
|
|
21
21
|
"helper": "run.js"
|
|
22
22
|
},
|
|
23
23
|
"devDependencies": {
|
|
24
|
-
"eslint": "^8.
|
|
25
|
-
"eslint-config-prettier": "^9.
|
|
24
|
+
"eslint": "^8.56.0",
|
|
25
|
+
"eslint-config-prettier": "^9.1.0",
|
|
26
26
|
"jest": "^29.7.0",
|
|
27
|
-
"prettier": "^3.
|
|
27
|
+
"prettier": "^3.2.4"
|
|
28
28
|
}
|
|
29
29
|
},
|
|
30
30
|
"node_modules/@aashutoshrathi/word-wrap": {
|
|
@@ -726,9 +726,9 @@
|
|
|
726
726
|
}
|
|
727
727
|
},
|
|
728
728
|
"node_modules/@eslint/eslintrc": {
|
|
729
|
-
"version": "2.1.
|
|
730
|
-
"resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-2.1.
|
|
731
|
-
"integrity": "sha512-
|
|
729
|
+
"version": "2.1.4",
|
|
730
|
+
"resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-2.1.4.tgz",
|
|
731
|
+
"integrity": "sha512-269Z39MS6wVJtsoUl10L60WdkhJVdPG24Q4eZTH3nnF6lpvSShEK3wQjDX9JRWAUPvPh7COouPpU9IrqaZFvtQ==",
|
|
732
732
|
"dev": true,
|
|
733
733
|
"dependencies": {
|
|
734
734
|
"ajv": "^6.12.4",
|
|
@@ -790,9 +790,9 @@
|
|
|
790
790
|
"dev": true
|
|
791
791
|
},
|
|
792
792
|
"node_modules/@eslint/js": {
|
|
793
|
-
"version": "8.
|
|
794
|
-
"resolved": "https://registry.npmjs.org/@eslint/js/-/js-8.
|
|
795
|
-
"integrity": "sha512-
|
|
793
|
+
"version": "8.56.0",
|
|
794
|
+
"resolved": "https://registry.npmjs.org/@eslint/js/-/js-8.56.0.tgz",
|
|
795
|
+
"integrity": "sha512-gMsVel9D7f2HLkBma9VbtzZRehRogVRfbr++f06nL2vnCGCNlzOD+/MUov/F4p8myyAHspEhVobgjpX64q5m6A==",
|
|
796
796
|
"dev": true,
|
|
797
797
|
"engines": {
|
|
798
798
|
"node": "^12.22.0 || ^14.17.0 || >=16.0.0"
|
|
@@ -1939,9 +1939,9 @@
|
|
|
1939
1939
|
}
|
|
1940
1940
|
},
|
|
1941
1941
|
"node_modules/@npmcli/arborist": {
|
|
1942
|
-
"version": "7.3.
|
|
1943
|
-
"resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-7.3.
|
|
1944
|
-
"integrity": "sha512-
|
|
1942
|
+
"version": "7.3.1",
|
|
1943
|
+
"resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-7.3.1.tgz",
|
|
1944
|
+
"integrity": "sha512-qjMywu8clYczZE2SlLZWVOujAyiJEHHSEzapIXpuMURRH/tfY0KPKvGPyjvV041QsGN3tsWeaTUHcOi59wscSw==",
|
|
1945
1945
|
"dependencies": {
|
|
1946
1946
|
"@isaacs/string-locale-compare": "^1.1.0",
|
|
1947
1947
|
"@npmcli/fs": "^3.1.0",
|
|
@@ -1970,7 +1970,7 @@
|
|
|
1970
1970
|
"parse-conflict-json": "^3.0.0",
|
|
1971
1971
|
"proc-log": "^3.0.0",
|
|
1972
1972
|
"promise-all-reject-late": "^1.0.0",
|
|
1973
|
-
"promise-call-limit": "^
|
|
1973
|
+
"promise-call-limit": "^3.0.1",
|
|
1974
1974
|
"read-package-json-fast": "^3.0.2",
|
|
1975
1975
|
"semver": "^7.3.7",
|
|
1976
1976
|
"ssri": "^10.0.5",
|
|
@@ -2881,9 +2881,9 @@
|
|
|
2881
2881
|
}
|
|
2882
2882
|
},
|
|
2883
2883
|
"node_modules/acorn": {
|
|
2884
|
-
"version": "8.11.
|
|
2885
|
-
"resolved": "https://registry.npmjs.org/acorn/-/acorn-8.11.
|
|
2886
|
-
"integrity": "sha512-
|
|
2884
|
+
"version": "8.11.3",
|
|
2885
|
+
"resolved": "https://registry.npmjs.org/acorn/-/acorn-8.11.3.tgz",
|
|
2886
|
+
"integrity": "sha512-Y9rRfJG5jcKOE0CLisYbojUjIrIEE7AGMzA/Sm4BslANhbS+cDMpgBdcPT91oJ7OuJ9hYJBx59RjbhxVnrF8Xg==",
|
|
2887
2887
|
"dev": true,
|
|
2888
2888
|
"bin": {
|
|
2889
2889
|
"acorn": "bin/acorn"
|
|
@@ -4319,15 +4319,15 @@
|
|
|
4319
4319
|
}
|
|
4320
4320
|
},
|
|
4321
4321
|
"node_modules/eslint": {
|
|
4322
|
-
"version": "8.
|
|
4323
|
-
"resolved": "https://registry.npmjs.org/eslint/-/eslint-8.
|
|
4324
|
-
"integrity": "sha512-
|
|
4322
|
+
"version": "8.56.0",
|
|
4323
|
+
"resolved": "https://registry.npmjs.org/eslint/-/eslint-8.56.0.tgz",
|
|
4324
|
+
"integrity": "sha512-Go19xM6T9puCOWntie1/P997aXxFsOi37JIHRWI514Hc6ZnaHGKY9xFhrU65RT6CcBEzZoGG1e6Nq+DT04ZtZQ==",
|
|
4325
4325
|
"dev": true,
|
|
4326
4326
|
"dependencies": {
|
|
4327
4327
|
"@eslint-community/eslint-utils": "^4.2.0",
|
|
4328
4328
|
"@eslint-community/regexpp": "^4.6.1",
|
|
4329
|
-
"@eslint/eslintrc": "^2.1.
|
|
4330
|
-
"@eslint/js": "8.
|
|
4329
|
+
"@eslint/eslintrc": "^2.1.4",
|
|
4330
|
+
"@eslint/js": "8.56.0",
|
|
4331
4331
|
"@humanwhocodes/config-array": "^0.11.13",
|
|
4332
4332
|
"@humanwhocodes/module-importer": "^1.0.1",
|
|
4333
4333
|
"@nodelib/fs.walk": "^1.2.8",
|
|
@@ -4374,9 +4374,9 @@
|
|
|
4374
4374
|
}
|
|
4375
4375
|
},
|
|
4376
4376
|
"node_modules/eslint-config-prettier": {
|
|
4377
|
-
"version": "9.
|
|
4378
|
-
"resolved": "https://registry.npmjs.org/eslint-config-prettier/-/eslint-config-prettier-9.
|
|
4379
|
-
"integrity": "sha512-
|
|
4377
|
+
"version": "9.1.0",
|
|
4378
|
+
"resolved": "https://registry.npmjs.org/eslint-config-prettier/-/eslint-config-prettier-9.1.0.tgz",
|
|
4379
|
+
"integrity": "sha512-NSWl5BFQWEPi1j4TjVNItzYV7dZXZ+wP6I6ZhrBGpChQhZRUaElihE9uRRkcbRnNb76UMKDF3r+WTmNcGPKsqw==",
|
|
4380
4380
|
"dev": true,
|
|
4381
4381
|
"bin": {
|
|
4382
4382
|
"eslint-config-prettier": "bin/cli.js"
|
|
@@ -5261,9 +5261,9 @@
|
|
|
5261
5261
|
}
|
|
5262
5262
|
},
|
|
5263
5263
|
"node_modules/globals": {
|
|
5264
|
-
"version": "13.
|
|
5265
|
-
"resolved": "https://registry.npmjs.org/globals/-/globals-13.
|
|
5266
|
-
"integrity": "sha512-
|
|
5264
|
+
"version": "13.24.0",
|
|
5265
|
+
"resolved": "https://registry.npmjs.org/globals/-/globals-13.24.0.tgz",
|
|
5266
|
+
"integrity": "sha512-AhO5QUcj8llrbG09iWhPU2B204J1xnPeL8kQmVorSsy+Sjj1sk8gIyh6cUocGmH4L0UuhAJy+hJMRA4mgA4mFQ==",
|
|
5267
5267
|
"dev": true,
|
|
5268
5268
|
"dependencies": {
|
|
5269
5269
|
"type-fest": "^0.20.2"
|
|
@@ -8587,9 +8587,9 @@
|
|
|
8587
8587
|
}
|
|
8588
8588
|
},
|
|
8589
8589
|
"node_modules/nock": {
|
|
8590
|
-
"version": "13.5.
|
|
8591
|
-
"resolved": "https://registry.npmjs.org/nock/-/nock-13.5.
|
|
8592
|
-
"integrity": "sha512
|
|
8590
|
+
"version": "13.5.1",
|
|
8591
|
+
"resolved": "https://registry.npmjs.org/nock/-/nock-13.5.1.tgz",
|
|
8592
|
+
"integrity": "sha512-+s7b73fzj5KnxbKH4Oaqz07tQ8degcMilU4rrmnKvI//b0JMBU4wEXFQ8zqr+3+L4eWSfU3H/UoIVGUV0tue1Q==",
|
|
8593
8593
|
"dependencies": {
|
|
8594
8594
|
"debug": "^4.1.0",
|
|
8595
8595
|
"json-stringify-safe": "^5.0.1",
|
|
@@ -13856,9 +13856,9 @@
|
|
|
13856
13856
|
}
|
|
13857
13857
|
},
|
|
13858
13858
|
"node_modules/prettier": {
|
|
13859
|
-
"version": "3.
|
|
13860
|
-
"resolved": "https://registry.npmjs.org/prettier/-/prettier-3.
|
|
13861
|
-
"integrity": "sha512-
|
|
13859
|
+
"version": "3.2.4",
|
|
13860
|
+
"resolved": "https://registry.npmjs.org/prettier/-/prettier-3.2.4.tgz",
|
|
13861
|
+
"integrity": "sha512-FWu1oLHKCrtpO1ypU6J0SbK2d9Ckwysq6bHj/uaCP26DxrPpppCLQRGVuqAxSTvhF00AcvDRyYrLNW7ocBhFFQ==",
|
|
13862
13862
|
"dev": true,
|
|
13863
13863
|
"bin": {
|
|
13864
13864
|
"prettier": "bin/prettier.cjs"
|
|
@@ -13926,9 +13926,9 @@
|
|
|
13926
13926
|
}
|
|
13927
13927
|
},
|
|
13928
13928
|
"node_modules/promise-call-limit": {
|
|
13929
|
-
"version": "
|
|
13930
|
-
"resolved": "https://registry.npmjs.org/promise-call-limit/-/promise-call-limit-
|
|
13931
|
-
"integrity": "sha512-
|
|
13929
|
+
"version": "3.0.1",
|
|
13930
|
+
"resolved": "https://registry.npmjs.org/promise-call-limit/-/promise-call-limit-3.0.1.tgz",
|
|
13931
|
+
"integrity": "sha512-utl+0x8gIDasV5X+PI5qWEPqH6fJS0pFtQ/4gZ95xfEFb/89dmh+/b895TbFDBLiafBvxD/PGTKfvxl4kH/pQg==",
|
|
13932
13932
|
"funding": {
|
|
13933
13933
|
"url": "https://github.com/sponsors/isaacs"
|
|
13934
13934
|
}
|
|
@@ -16270,9 +16270,9 @@
|
|
|
16270
16270
|
"dev": true
|
|
16271
16271
|
},
|
|
16272
16272
|
"@eslint/eslintrc": {
|
|
16273
|
-
"version": "2.1.
|
|
16274
|
-
"resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-2.1.
|
|
16275
|
-
"integrity": "sha512-
|
|
16273
|
+
"version": "2.1.4",
|
|
16274
|
+
"resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-2.1.4.tgz",
|
|
16275
|
+
"integrity": "sha512-269Z39MS6wVJtsoUl10L60WdkhJVdPG24Q4eZTH3nnF6lpvSShEK3wQjDX9JRWAUPvPh7COouPpU9IrqaZFvtQ==",
|
|
16276
16276
|
"dev": true,
|
|
16277
16277
|
"requires": {
|
|
16278
16278
|
"ajv": "^6.12.4",
|
|
@@ -16319,9 +16319,9 @@
|
|
|
16319
16319
|
}
|
|
16320
16320
|
},
|
|
16321
16321
|
"@eslint/js": {
|
|
16322
|
-
"version": "8.
|
|
16323
|
-
"resolved": "https://registry.npmjs.org/@eslint/js/-/js-8.
|
|
16324
|
-
"integrity": "sha512-
|
|
16322
|
+
"version": "8.56.0",
|
|
16323
|
+
"resolved": "https://registry.npmjs.org/@eslint/js/-/js-8.56.0.tgz",
|
|
16324
|
+
"integrity": "sha512-gMsVel9D7f2HLkBma9VbtzZRehRogVRfbr++f06nL2vnCGCNlzOD+/MUov/F4p8myyAHspEhVobgjpX64q5m6A==",
|
|
16325
16325
|
"dev": true
|
|
16326
16326
|
},
|
|
16327
16327
|
"@humanwhocodes/config-array": {
|
|
@@ -17168,9 +17168,9 @@
|
|
|
17168
17168
|
}
|
|
17169
17169
|
},
|
|
17170
17170
|
"@npmcli/arborist": {
|
|
17171
|
-
"version": "7.3.
|
|
17172
|
-
"resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-7.3.
|
|
17173
|
-
"integrity": "sha512-
|
|
17171
|
+
"version": "7.3.1",
|
|
17172
|
+
"resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-7.3.1.tgz",
|
|
17173
|
+
"integrity": "sha512-qjMywu8clYczZE2SlLZWVOujAyiJEHHSEzapIXpuMURRH/tfY0KPKvGPyjvV041QsGN3tsWeaTUHcOi59wscSw==",
|
|
17174
17174
|
"requires": {
|
|
17175
17175
|
"@isaacs/string-locale-compare": "^1.1.0",
|
|
17176
17176
|
"@npmcli/fs": "^3.1.0",
|
|
@@ -17199,7 +17199,7 @@
|
|
|
17199
17199
|
"parse-conflict-json": "^3.0.0",
|
|
17200
17200
|
"proc-log": "^3.0.0",
|
|
17201
17201
|
"promise-all-reject-late": "^1.0.0",
|
|
17202
|
-
"promise-call-limit": "^
|
|
17202
|
+
"promise-call-limit": "^3.0.1",
|
|
17203
17203
|
"read-package-json-fast": "^3.0.2",
|
|
17204
17204
|
"semver": "^7.3.7",
|
|
17205
17205
|
"ssri": "^10.0.5",
|
|
@@ -17883,9 +17883,9 @@
|
|
|
17883
17883
|
}
|
|
17884
17884
|
},
|
|
17885
17885
|
"acorn": {
|
|
17886
|
-
"version": "8.11.
|
|
17887
|
-
"resolved": "https://registry.npmjs.org/acorn/-/acorn-8.11.
|
|
17888
|
-
"integrity": "sha512-
|
|
17886
|
+
"version": "8.11.3",
|
|
17887
|
+
"resolved": "https://registry.npmjs.org/acorn/-/acorn-8.11.3.tgz",
|
|
17888
|
+
"integrity": "sha512-Y9rRfJG5jcKOE0CLisYbojUjIrIEE7AGMzA/Sm4BslANhbS+cDMpgBdcPT91oJ7OuJ9hYJBx59RjbhxVnrF8Xg==",
|
|
17889
17889
|
"dev": true
|
|
17890
17890
|
},
|
|
17891
17891
|
"acorn-jsx": {
|
|
@@ -18972,15 +18972,15 @@
|
|
|
18972
18972
|
"integrity": "sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ="
|
|
18973
18973
|
},
|
|
18974
18974
|
"eslint": {
|
|
18975
|
-
"version": "8.
|
|
18976
|
-
"resolved": "https://registry.npmjs.org/eslint/-/eslint-8.
|
|
18977
|
-
"integrity": "sha512-
|
|
18975
|
+
"version": "8.56.0",
|
|
18976
|
+
"resolved": "https://registry.npmjs.org/eslint/-/eslint-8.56.0.tgz",
|
|
18977
|
+
"integrity": "sha512-Go19xM6T9puCOWntie1/P997aXxFsOi37JIHRWI514Hc6ZnaHGKY9xFhrU65RT6CcBEzZoGG1e6Nq+DT04ZtZQ==",
|
|
18978
18978
|
"dev": true,
|
|
18979
18979
|
"requires": {
|
|
18980
18980
|
"@eslint-community/eslint-utils": "^4.2.0",
|
|
18981
18981
|
"@eslint-community/regexpp": "^4.6.1",
|
|
18982
|
-
"@eslint/eslintrc": "^2.1.
|
|
18983
|
-
"@eslint/js": "8.
|
|
18982
|
+
"@eslint/eslintrc": "^2.1.4",
|
|
18983
|
+
"@eslint/js": "8.56.0",
|
|
18984
18984
|
"@humanwhocodes/config-array": "^0.11.13",
|
|
18985
18985
|
"@humanwhocodes/module-importer": "^1.0.1",
|
|
18986
18986
|
"@nodelib/fs.walk": "^1.2.8",
|
|
@@ -19142,9 +19142,9 @@
|
|
|
19142
19142
|
}
|
|
19143
19143
|
},
|
|
19144
19144
|
"eslint-config-prettier": {
|
|
19145
|
-
"version": "9.
|
|
19146
|
-
"resolved": "https://registry.npmjs.org/eslint-config-prettier/-/eslint-config-prettier-9.
|
|
19147
|
-
"integrity": "sha512-
|
|
19145
|
+
"version": "9.1.0",
|
|
19146
|
+
"resolved": "https://registry.npmjs.org/eslint-config-prettier/-/eslint-config-prettier-9.1.0.tgz",
|
|
19147
|
+
"integrity": "sha512-NSWl5BFQWEPi1j4TjVNItzYV7dZXZ+wP6I6ZhrBGpChQhZRUaElihE9uRRkcbRnNb76UMKDF3r+WTmNcGPKsqw==",
|
|
19148
19148
|
"dev": true,
|
|
19149
19149
|
"requires": {}
|
|
19150
19150
|
},
|
|
@@ -19668,9 +19668,9 @@
|
|
|
19668
19668
|
}
|
|
19669
19669
|
},
|
|
19670
19670
|
"globals": {
|
|
19671
|
-
"version": "13.
|
|
19672
|
-
"resolved": "https://registry.npmjs.org/globals/-/globals-13.
|
|
19673
|
-
"integrity": "sha512-
|
|
19671
|
+
"version": "13.24.0",
|
|
19672
|
+
"resolved": "https://registry.npmjs.org/globals/-/globals-13.24.0.tgz",
|
|
19673
|
+
"integrity": "sha512-AhO5QUcj8llrbG09iWhPU2B204J1xnPeL8kQmVorSsy+Sjj1sk8gIyh6cUocGmH4L0UuhAJy+hJMRA4mgA4mFQ==",
|
|
19674
19674
|
"dev": true,
|
|
19675
19675
|
"requires": {
|
|
19676
19676
|
"type-fest": "^0.20.2"
|
|
@@ -22158,9 +22158,9 @@
|
|
|
22158
22158
|
"integrity": "sha512-+EUsqGPLsM+j/zdChZjsnX51g4XrHFOIXwfnCVPGlQk/k5giakcKsuxCObBRu6DSm9opw/O6slWbJdghQM4bBg=="
|
|
22159
22159
|
},
|
|
22160
22160
|
"nock": {
|
|
22161
|
-
"version": "13.5.
|
|
22162
|
-
"resolved": "https://registry.npmjs.org/nock/-/nock-13.5.
|
|
22163
|
-
"integrity": "sha512
|
|
22161
|
+
"version": "13.5.1",
|
|
22162
|
+
"resolved": "https://registry.npmjs.org/nock/-/nock-13.5.1.tgz",
|
|
22163
|
+
"integrity": "sha512-+s7b73fzj5KnxbKH4Oaqz07tQ8degcMilU4rrmnKvI//b0JMBU4wEXFQ8zqr+3+L4eWSfU3H/UoIVGUV0tue1Q==",
|
|
22164
22164
|
"requires": {
|
|
22165
22165
|
"debug": "^4.1.0",
|
|
22166
22166
|
"json-stringify-safe": "^5.0.1",
|
|
@@ -26052,9 +26052,9 @@
|
|
|
26052
26052
|
"integrity": "sha1-gV7R9uvGWSb4ZbMQwHE7yzMVzks="
|
|
26053
26053
|
},
|
|
26054
26054
|
"prettier": {
|
|
26055
|
-
"version": "3.
|
|
26056
|
-
"resolved": "https://registry.npmjs.org/prettier/-/prettier-3.
|
|
26057
|
-
"integrity": "sha512-
|
|
26055
|
+
"version": "3.2.4",
|
|
26056
|
+
"resolved": "https://registry.npmjs.org/prettier/-/prettier-3.2.4.tgz",
|
|
26057
|
+
"integrity": "sha512-FWu1oLHKCrtpO1ypU6J0SbK2d9Ckwysq6bHj/uaCP26DxrPpppCLQRGVuqAxSTvhF00AcvDRyYrLNW7ocBhFFQ==",
|
|
26058
26058
|
"dev": true
|
|
26059
26059
|
},
|
|
26060
26060
|
"pretty-format": {
|
|
@@ -26097,9 +26097,9 @@
|
|
|
26097
26097
|
"integrity": "sha512-vuf0Lf0lOxyQREH7GDIOUMLS7kz+gs8i6B+Yi8dC68a2sychGrHTJYghMBD6k7eUcH0H5P73EckCA48xijWqXw=="
|
|
26098
26098
|
},
|
|
26099
26099
|
"promise-call-limit": {
|
|
26100
|
-
"version": "
|
|
26101
|
-
"resolved": "https://registry.npmjs.org/promise-call-limit/-/promise-call-limit-
|
|
26102
|
-
"integrity": "sha512-
|
|
26100
|
+
"version": "3.0.1",
|
|
26101
|
+
"resolved": "https://registry.npmjs.org/promise-call-limit/-/promise-call-limit-3.0.1.tgz",
|
|
26102
|
+
"integrity": "sha512-utl+0x8gIDasV5X+PI5qWEPqH6fJS0pFtQ/4gZ95xfEFb/89dmh+/b895TbFDBLiafBvxD/PGTKfvxl4kH/pQg=="
|
|
26103
26103
|
},
|
|
26104
26104
|
"promise-inflight": {
|
|
26105
26105
|
"version": "1.0.1",
|
data/helpers/package.json
CHANGED
|
@@ -11,9 +11,9 @@
|
|
|
11
11
|
},
|
|
12
12
|
"dependencies": {
|
|
13
13
|
"@dependabot/yarn-lib": "^1.22.19",
|
|
14
|
-
"@npmcli/arborist": "^7.3.
|
|
14
|
+
"@npmcli/arborist": "^7.3.1",
|
|
15
15
|
"detect-indent": "^6.1.0",
|
|
16
|
-
"nock": "^13.5.
|
|
16
|
+
"nock": "^13.5.1",
|
|
17
17
|
"npm": "6.14.18",
|
|
18
18
|
"@pnpm/lockfile-file": "^8.1.6",
|
|
19
19
|
"@pnpm/dependency-path": "^2.1.1",
|
|
@@ -21,9 +21,9 @@
|
|
|
21
21
|
"patch-package": "^8.0.0"
|
|
22
22
|
},
|
|
23
23
|
"devDependencies": {
|
|
24
|
-
"eslint": "^8.
|
|
25
|
-
"eslint-config-prettier": "^9.
|
|
24
|
+
"eslint": "^8.56.0",
|
|
25
|
+
"eslint-config-prettier": "^9.1.0",
|
|
26
26
|
"jest": "^29.7.0",
|
|
27
|
-
"prettier": "^3.
|
|
27
|
+
"prettier": "^3.2.4"
|
|
28
28
|
}
|
|
29
29
|
}
|
|
@@ -103,7 +103,7 @@ module Dependabot
|
|
|
103
103
|
|
|
104
104
|
# NOTE: Prevent changes to npm 6 lockfiles when the dependency has been
|
|
105
105
|
# required in a package.json outside the current folder (e.g. lerna
|
|
106
|
-
# proj). npm 7 introduces workspace support so we
|
|
106
|
+
# proj). npm 7 introduces workspace support so we explicitly want to
|
|
107
107
|
# update the root lockfile and check if the dependency is in the
|
|
108
108
|
# lockfile
|
|
109
109
|
def top_level_dependency_update_not_required?(dependency)
|
|
@@ -706,7 +706,7 @@ module Dependabot
|
|
|
706
706
|
# get out of sync because we lock git dependencies (that are not being
|
|
707
707
|
# updated) to a specific sha to prevent unrelated updates and the way we
|
|
708
708
|
# invoke the `npm install` cli, where we might tell npm to install a
|
|
709
|
-
# specific
|
|
709
|
+
# specific version e.g. `npm install eslint@1.1.8` but we keep the
|
|
710
710
|
# `package.json` requirement for eslint at `^1.0.0`, in which case we
|
|
711
711
|
# need to copy this from the manifest to the lockfile after the update
|
|
712
712
|
# has finished.
|
|
@@ -751,7 +751,7 @@ module Dependabot
|
|
|
751
751
|
# run npm install
|
|
752
752
|
original_from = %("from": "#{details[:from]}")
|
|
753
753
|
if npm8?
|
|
754
|
-
# NOTE: The `from` syntax has changed in npm 7 to
|
|
754
|
+
# NOTE: The `from` syntax has changed in npm 7 to include the dependency name
|
|
755
755
|
npm8_locked_from = %("from": "#{dependency_name}@#{details[:version]}")
|
|
756
756
|
updated_lockfile_content = updated_lockfile_content.gsub(npm8_locked_from, original_from)
|
|
757
757
|
else
|
|
@@ -220,7 +220,7 @@ module Dependabot
|
|
|
220
220
|
return @configured_global_registry = parsed_yarnrc_yml["npmRegistryServer"]
|
|
221
221
|
end
|
|
222
222
|
|
|
223
|
-
replaces_base = credentials.find { |cred| cred["type"] == "npm_registry" && cred
|
|
223
|
+
replaces_base = credentials.find { |cred| cred["type"] == "npm_registry" && cred.replaces_base? }
|
|
224
224
|
if replaces_base
|
|
225
225
|
registry = replaces_base["registry"]
|
|
226
226
|
registry = "https://#{registry}" unless registry.start_with?("http")
|
|
@@ -121,7 +121,7 @@ module Dependabot
|
|
|
121
121
|
end
|
|
122
122
|
|
|
123
123
|
def dependency_still_vulnerable?(audit_result, security_advisories)
|
|
124
|
-
# vulnerable
|
|
124
|
+
# vulnerable dependency is removed if the target version is nil
|
|
125
125
|
return false unless audit_result["target_version"]
|
|
126
126
|
|
|
127
127
|
version = Version.new(audit_result["target_version"])
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-npm_and_yarn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.243.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-
|
|
11
|
+
date: 2024-02-13 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.243.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.243.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -324,7 +324,7 @@ licenses:
|
|
|
324
324
|
- Nonstandard
|
|
325
325
|
metadata:
|
|
326
326
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
327
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
327
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.243.0
|
|
328
328
|
post_install_message:
|
|
329
329
|
rdoc_options: []
|
|
330
330
|
require_paths:
|