dependabot-npm_and_yarn 0.253.0 → 0.255.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/helpers/lib/pnpm/lockfile-parser.js +4 -0
- data/helpers/package-lock.json +1244 -482
- data/helpers/package.json +5 -5
- data/helpers/test/pnpm/fixtures/parser/empty_version/pnpm-lock.yaml +72 -0
- data/helpers/test/pnpm/fixtures/parser/no_lockfile_change/pnpm-lock.yaml +2744 -0
- data/helpers/test/pnpm/fixtures/parser/only_dev_dependencies/pnpm-lock.yaml +16 -0
- data/helpers/test/pnpm/fixtures/parser/peer_disambiguation/pnpm-lock.yaml +855 -0
- data/helpers/test/pnpm/lockfile-parser.test.js +62 -0
- data/helpers/test/yarn/fixtures/conflicting-dependency-parser/nested/yarn.lock +26 -15
- data/helpers/test/yarn/fixtures/updater/illegal_character/package.json +8 -0
- data/helpers/test/yarn/fixtures/updater/illegal_character/yarn.lock +14 -0
- data/helpers/test/yarn/updater.test.js +29 -0
- data/lib/dependabot/npm_and_yarn/file_parser.rb +1 -1
- data/lib/dependabot/npm_and_yarn/file_updater/npmrc_builder.rb +138 -60
- data/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb +5 -0
- data/lib/dependabot/npm_and_yarn/package_name.rb +15 -12
- data/lib/dependabot/npm_and_yarn/sub_dependency_files_filterer.rb +1 -1
- data/lib/dependabot/npm_and_yarn/update_checker/version_resolver.rb +13 -1
- metadata +37 -16
data/helpers/package.json
CHANGED
@@ -10,20 +10,20 @@
|
|
10
10
|
"postinstall": "patch-package"
|
11
11
|
},
|
12
12
|
"dependencies": {
|
13
|
-
"@dependabot/yarn-lib": "^1.22.
|
13
|
+
"@dependabot/yarn-lib": "^1.22.22",
|
14
14
|
"@npmcli/arborist": "^7.4.2",
|
15
15
|
"detect-indent": "^6.1.0",
|
16
16
|
"nock": "^13.5.4",
|
17
17
|
"npm": "6.14.18",
|
18
|
-
"@pnpm/lockfile-file": "^
|
19
|
-
"@pnpm/dependency-path": "^
|
18
|
+
"@pnpm/lockfile-file": "^9.0.3",
|
19
|
+
"@pnpm/dependency-path": "^4.0.0",
|
20
20
|
"semver": "^7.6.0",
|
21
21
|
"patch-package": "^8.0.0"
|
22
22
|
},
|
23
23
|
"devDependencies": {
|
24
|
-
"eslint": "^
|
24
|
+
"eslint": "^9.1.1",
|
25
25
|
"eslint-config-prettier": "^9.1.0",
|
26
26
|
"jest": "^29.7.0",
|
27
|
-
"prettier": "^3.2.
|
27
|
+
"prettier": "^3.2.5"
|
28
28
|
}
|
29
29
|
}
|
@@ -0,0 +1,72 @@
|
|
1
|
+
lockfileVersion: 5.4
|
2
|
+
|
3
|
+
specifiers:
|
4
|
+
etag: 1.7.0
|
5
|
+
fetch-factory: ^0.0.1
|
6
|
+
|
7
|
+
dependencies:
|
8
|
+
fetch-factory:
|
9
|
+
specifier: ^0.0.1
|
10
|
+
version: 0.0.1
|
11
|
+
|
12
|
+
devDependencies:
|
13
|
+
etag:
|
14
|
+
specifier: 1.7.0
|
15
|
+
version: 1.7.0
|
16
|
+
|
17
|
+
packages:
|
18
|
+
|
19
|
+
/encoding/:
|
20
|
+
resolution: {integrity: sha512-bl1LAgiQc4ZWr++pNYUdRe/alecaHFeHxIJ/pNciqGdKXghaTCOwKkbKp6ye7pKZGu/GcaSXFk8PBVhgs+dJdA==}
|
21
|
+
dependencies:
|
22
|
+
iconv-lite: 0.4.15
|
23
|
+
dev: false
|
24
|
+
|
25
|
+
/es6-promise@3.3.1:
|
26
|
+
resolution: {integrity: sha512-SOp9Phqvqn7jtEUxPWdWfWoLmyt2VaJ6MpvP9Comy1MceMXqE6bxvaTu4iaxpYYPzhny28Lc+M87/c2cPK6lDg==}
|
27
|
+
dev: false
|
28
|
+
|
29
|
+
/etag@1.7.0:
|
30
|
+
resolution: {integrity: sha512-Mbv5pNpLNPrm1b4rzZlZlfTRpdDr31oiD43N362sIyvSWVNu5Du33EcJGzvEV4YdYLuENB1HzND907cQkFmXNw==}
|
31
|
+
engines: {node: '>= 0.6'}
|
32
|
+
dev: true
|
33
|
+
|
34
|
+
/fetch-factory@0.0.1:
|
35
|
+
resolution: {integrity: sha512-gexRwqIhwzDJ2pJvL0UYfiZwW06/bdYWxAmswFFts7C87CF8i6liApihTk7TZFYMDcQjvvDIvyHv0q379z0aWA==}
|
36
|
+
dependencies:
|
37
|
+
es6-promise: 3.3.1
|
38
|
+
isomorphic-fetch: 2.2.1
|
39
|
+
lodash: 3.10.1
|
40
|
+
dev: false
|
41
|
+
|
42
|
+
/iconv-lite@0.4.15:
|
43
|
+
resolution: {integrity: sha512-RGR+c9Lm+tLsvU57FTJJtdbv2hQw42Yl2n26tVIBaYmZzLN+EGfroUugN/z9nJf9kOXd49hBmpoGr4FEm+A4pw==}
|
44
|
+
engines: {node: '>=0.10.0'}
|
45
|
+
dev: false
|
46
|
+
|
47
|
+
/is-stream@1.1.0:
|
48
|
+
resolution: {integrity: sha512-uQPm8kcs47jx38atAcWTVxyltQYoPT68y9aWYdV6yWXSyW8mzSat0TL6CiWdZeCdF3KrAvpVtnHbTv4RN+rqdQ==}
|
49
|
+
engines: {node: '>=0.10.0'}
|
50
|
+
dev: false
|
51
|
+
|
52
|
+
/isomorphic-fetch@2.2.1:
|
53
|
+
resolution: {integrity: sha512-9c4TNAKYXM5PRyVcwUZrF3W09nQ+sO7+jydgs4ZGW9dhsLG2VOlISJABombdQqQRXCwuYG3sYV/puGf5rp0qmA==}
|
54
|
+
dependencies:
|
55
|
+
node-fetch: 1.7.3
|
56
|
+
whatwg-fetch: 3.6.2
|
57
|
+
dev: false
|
58
|
+
|
59
|
+
/lodash@3.10.1:
|
60
|
+
resolution: {integrity: sha512-9mDDwqVIma6OZX79ZlDACZl8sBm0TEnkf99zV3iMA4GzkIT/9hiqP5mY0HoT1iNLCrKc/R1HByV+yJfRWVJryQ==}
|
61
|
+
dev: false
|
62
|
+
|
63
|
+
/node-fetch@1.7.3:
|
64
|
+
resolution: {integrity: sha512-NhZ4CsKx7cYm2vSrBAr2PvFOe6sWDf0UYLRqA6svUYg7+/TSfVAu49jYC4BvQ4Sms9SZgdqGBgroqfDhJdTyKQ==}
|
65
|
+
dependencies:
|
66
|
+
encoding: 0.1.12
|
67
|
+
is-stream: 1.1.0
|
68
|
+
dev: false
|
69
|
+
|
70
|
+
/whatwg-fetch@3.6.2:
|
71
|
+
resolution: {integrity: sha512-bJlen0FcuU/0EMLrdbJ7zOnW6ITZLrZMIarMUVmdKtsGvZna8vxKYaexICWPfZ8qwf9fzNq+UEIZrnSaApt6RA==}
|
72
|
+
dev: false
|