dependabot-npm_and_yarn 0.289.0 → 0.291.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/helpers/package-lock.json +114 -134
- data/helpers/package.json +3 -3
- data/lib/dependabot/npm_and_yarn/file_fetcher.rb +18 -2
- data/lib/dependabot/npm_and_yarn/file_parser.rb +33 -1
- data/lib/dependabot/npm_and_yarn/helpers.rb +70 -18
- data/lib/dependabot/npm_and_yarn/package_manager.rb +30 -16
- data/lib/dependabot/npm_and_yarn/registry_helper.rb +188 -0
- metadata +9 -8
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 02635cf238f21d329717cb8590e2c779109f30e53edb5a18d0af02c2eb1b7b52
|
|
4
|
+
data.tar.gz: 05a8982b1c132c4560dbde94a72575a7ba62d9e9b1b3e6524d2cbcb2042f3eae
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 69d8f7352749ea26e0aeee9ca63943fc6d46eccf927ec217fd9d5b072b60a405b5b7a4515c120e8e05145870ac1c0bc196c27ad38d4733c15e693af40d0055fa
|
|
7
|
+
data.tar.gz: e5f8ad4e72213b0620785369b37c6cbf4d2200eea2a2ec521df6f6240694527216da0450af39cb86b7d9650d4d04649d5fc3bb4136163574ae29f2a3dc6db539
|
data/helpers/package-lock.json
CHANGED
|
@@ -12,7 +12,7 @@
|
|
|
12
12
|
"@pnpm/dependency-path": "^5.1.1",
|
|
13
13
|
"@pnpm/lockfile-file": "^9.1.2",
|
|
14
14
|
"detect-indent": "^6.1.0",
|
|
15
|
-
"nock": "^13.5.
|
|
15
|
+
"nock": "^13.5.6",
|
|
16
16
|
"npm": "6.14.18",
|
|
17
17
|
"patch-package": "^8.0.0",
|
|
18
18
|
"semver": "^7.6.3"
|
|
@@ -21,10 +21,10 @@
|
|
|
21
21
|
"helper": "run.js"
|
|
22
22
|
},
|
|
23
23
|
"devDependencies": {
|
|
24
|
-
"eslint": "^9.
|
|
24
|
+
"eslint": "^9.16.0",
|
|
25
25
|
"eslint-config-prettier": "^9.1.0",
|
|
26
26
|
"jest": "^29.7.0",
|
|
27
|
-
"prettier": "^3.
|
|
27
|
+
"prettier": "^3.4.2"
|
|
28
28
|
}
|
|
29
29
|
},
|
|
30
30
|
"node_modules/@aashutoshrathi/word-wrap": {
|
|
@@ -732,12 +732,12 @@
|
|
|
732
732
|
}
|
|
733
733
|
},
|
|
734
734
|
"node_modules/@eslint/config-array": {
|
|
735
|
-
"version": "0.
|
|
736
|
-
"resolved": "https://registry.npmjs.org/@eslint/config-array/-/config-array-0.
|
|
737
|
-
"integrity": "sha512-
|
|
735
|
+
"version": "0.19.1",
|
|
736
|
+
"resolved": "https://registry.npmjs.org/@eslint/config-array/-/config-array-0.19.1.tgz",
|
|
737
|
+
"integrity": "sha512-fo6Mtm5mWyKjA/Chy1BYTdn5mGJoDNjC7C64ug20ADsRDGrA85bN3uK3MaKbeRkRuuIEAR5N33Jr1pbm411/PA==",
|
|
738
738
|
"dev": true,
|
|
739
739
|
"dependencies": {
|
|
740
|
-
"@eslint/object-schema": "^2.1.
|
|
740
|
+
"@eslint/object-schema": "^2.1.5",
|
|
741
741
|
"debug": "^4.3.1",
|
|
742
742
|
"minimatch": "^3.1.2"
|
|
743
743
|
},
|
|
@@ -746,9 +746,9 @@
|
|
|
746
746
|
}
|
|
747
747
|
},
|
|
748
748
|
"node_modules/@eslint/config-array/node_modules/debug": {
|
|
749
|
-
"version": "4.
|
|
750
|
-
"resolved": "https://registry.npmjs.org/debug/-/debug-4.
|
|
751
|
-
"integrity": "sha512-
|
|
749
|
+
"version": "4.4.0",
|
|
750
|
+
"resolved": "https://registry.npmjs.org/debug/-/debug-4.4.0.tgz",
|
|
751
|
+
"integrity": "sha512-6WTZ/IxCY/T6BALoZHaE4ctp9xm+Z5kY/pzYaCHRFeyVhojxlrm+46y68HA6hr0TcwEssoxNiDEUJQjfPZ/RYA==",
|
|
752
752
|
"dev": true,
|
|
753
753
|
"dependencies": {
|
|
754
754
|
"ms": "^2.1.3"
|
|
@@ -763,18 +763,21 @@
|
|
|
763
763
|
}
|
|
764
764
|
},
|
|
765
765
|
"node_modules/@eslint/core": {
|
|
766
|
-
"version": "0.
|
|
767
|
-
"resolved": "https://registry.npmjs.org/@eslint/core/-/core-0.
|
|
768
|
-
"integrity": "sha512-
|
|
766
|
+
"version": "0.9.1",
|
|
767
|
+
"resolved": "https://registry.npmjs.org/@eslint/core/-/core-0.9.1.tgz",
|
|
768
|
+
"integrity": "sha512-GuUdqkyyzQI5RMIWkHhvTWLCyLo1jNK3vzkSyaExH5kHPDHcuL2VOpHjmMY+y3+NC69qAKToBqldTBgYeLSr9Q==",
|
|
769
769
|
"dev": true,
|
|
770
|
+
"dependencies": {
|
|
771
|
+
"@types/json-schema": "^7.0.15"
|
|
772
|
+
},
|
|
770
773
|
"engines": {
|
|
771
774
|
"node": "^18.18.0 || ^20.9.0 || >=21.1.0"
|
|
772
775
|
}
|
|
773
776
|
},
|
|
774
777
|
"node_modules/@eslint/eslintrc": {
|
|
775
|
-
"version": "3.
|
|
776
|
-
"resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-3.
|
|
777
|
-
"integrity": "sha512-
|
|
778
|
+
"version": "3.2.0",
|
|
779
|
+
"resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-3.2.0.tgz",
|
|
780
|
+
"integrity": "sha512-grOjVNN8P3hjJn/eIETF1wwd12DdnwFDoyceUJLYYdkpbwq3nLi+4fqrTAONx7XDALqlL220wC/RHSC/QTI/0w==",
|
|
778
781
|
"dev": true,
|
|
779
782
|
"dependencies": {
|
|
780
783
|
"ajv": "^6.12.4",
|
|
@@ -801,12 +804,12 @@
|
|
|
801
804
|
"dev": true
|
|
802
805
|
},
|
|
803
806
|
"node_modules/@eslint/eslintrc/node_modules/debug": {
|
|
804
|
-
"version": "4.
|
|
805
|
-
"resolved": "https://registry.npmjs.org/debug/-/debug-4.
|
|
806
|
-
"integrity": "sha512-
|
|
807
|
+
"version": "4.4.0",
|
|
808
|
+
"resolved": "https://registry.npmjs.org/debug/-/debug-4.4.0.tgz",
|
|
809
|
+
"integrity": "sha512-6WTZ/IxCY/T6BALoZHaE4ctp9xm+Z5kY/pzYaCHRFeyVhojxlrm+46y68HA6hr0TcwEssoxNiDEUJQjfPZ/RYA==",
|
|
807
810
|
"dev": true,
|
|
808
811
|
"dependencies": {
|
|
809
|
-
"ms": "2.1.
|
|
812
|
+
"ms": "^2.1.3"
|
|
810
813
|
},
|
|
811
814
|
"engines": {
|
|
812
815
|
"node": ">=6.0"
|
|
@@ -829,34 +832,28 @@
|
|
|
829
832
|
"js-yaml": "bin/js-yaml.js"
|
|
830
833
|
}
|
|
831
834
|
},
|
|
832
|
-
"node_modules/@eslint/eslintrc/node_modules/ms": {
|
|
833
|
-
"version": "2.1.2",
|
|
834
|
-
"resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz",
|
|
835
|
-
"integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==",
|
|
836
|
-
"dev": true
|
|
837
|
-
},
|
|
838
835
|
"node_modules/@eslint/js": {
|
|
839
|
-
"version": "9.
|
|
840
|
-
"resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.
|
|
841
|
-
"integrity": "sha512-
|
|
836
|
+
"version": "9.16.0",
|
|
837
|
+
"resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.16.0.tgz",
|
|
838
|
+
"integrity": "sha512-tw2HxzQkrbeuvyj1tG2Yqq+0H9wGoI2IMk4EOsQeX+vmd75FtJAzf+gTA69WF+baUKRYQ3x2kbLE08js5OsTVg==",
|
|
842
839
|
"dev": true,
|
|
843
840
|
"engines": {
|
|
844
841
|
"node": "^18.18.0 || ^20.9.0 || >=21.1.0"
|
|
845
842
|
}
|
|
846
843
|
},
|
|
847
844
|
"node_modules/@eslint/object-schema": {
|
|
848
|
-
"version": "2.1.
|
|
849
|
-
"resolved": "https://registry.npmjs.org/@eslint/object-schema/-/object-schema-2.1.
|
|
850
|
-
"integrity": "sha512-
|
|
845
|
+
"version": "2.1.5",
|
|
846
|
+
"resolved": "https://registry.npmjs.org/@eslint/object-schema/-/object-schema-2.1.5.tgz",
|
|
847
|
+
"integrity": "sha512-o0bhxnL89h5Bae5T318nFoFzGy+YE5i/gGkoPAgkmTVdRKTiv3p8JHevPiPaMwoloKfEiiaHlawCqaZMqRm+XQ==",
|
|
851
848
|
"dev": true,
|
|
852
849
|
"engines": {
|
|
853
850
|
"node": "^18.18.0 || ^20.9.0 || >=21.1.0"
|
|
854
851
|
}
|
|
855
852
|
},
|
|
856
853
|
"node_modules/@eslint/plugin-kit": {
|
|
857
|
-
"version": "0.2.
|
|
858
|
-
"resolved": "https://registry.npmjs.org/@eslint/plugin-kit/-/plugin-kit-0.2.
|
|
859
|
-
"integrity": "sha512-
|
|
854
|
+
"version": "0.2.4",
|
|
855
|
+
"resolved": "https://registry.npmjs.org/@eslint/plugin-kit/-/plugin-kit-0.2.4.tgz",
|
|
856
|
+
"integrity": "sha512-zSkKow6H5Kdm0ZUQUB2kV5JIXqoG0+uH5YADhaEHswm664N9Db8dXSi0nMJpacpMf+MyyglF1vnZohpEg5yUtg==",
|
|
860
857
|
"dev": true,
|
|
861
858
|
"dependencies": {
|
|
862
859
|
"levn": "^0.4.1"
|
|
@@ -914,9 +911,9 @@
|
|
|
914
911
|
}
|
|
915
912
|
},
|
|
916
913
|
"node_modules/@humanwhocodes/retry": {
|
|
917
|
-
"version": "0.4.
|
|
918
|
-
"resolved": "https://registry.npmjs.org/@humanwhocodes/retry/-/retry-0.4.
|
|
919
|
-
"integrity": "sha512-
|
|
914
|
+
"version": "0.4.1",
|
|
915
|
+
"resolved": "https://registry.npmjs.org/@humanwhocodes/retry/-/retry-0.4.1.tgz",
|
|
916
|
+
"integrity": "sha512-c7hNEllBlenFTHBky65mhq8WD2kbN9Q6gk0bTk8lSBvc554jpXSkST1iePudpt7+A/AQvuHs9EMqjHDXMY1lrA==",
|
|
920
917
|
"dev": true,
|
|
921
918
|
"engines": {
|
|
922
919
|
"node": ">=18.18"
|
|
@@ -4286,9 +4283,9 @@
|
|
|
4286
4283
|
}
|
|
4287
4284
|
},
|
|
4288
4285
|
"node_modules/cross-spawn": {
|
|
4289
|
-
"version": "7.0.
|
|
4290
|
-
"resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.
|
|
4291
|
-
"integrity": "sha512-
|
|
4286
|
+
"version": "7.0.6",
|
|
4287
|
+
"resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz",
|
|
4288
|
+
"integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==",
|
|
4292
4289
|
"dependencies": {
|
|
4293
4290
|
"path-key": "^3.1.0",
|
|
4294
4291
|
"shebang-command": "^2.0.0",
|
|
@@ -4592,26 +4589,26 @@
|
|
|
4592
4589
|
}
|
|
4593
4590
|
},
|
|
4594
4591
|
"node_modules/eslint": {
|
|
4595
|
-
"version": "9.
|
|
4596
|
-
"resolved": "https://registry.npmjs.org/eslint/-/eslint-9.
|
|
4597
|
-
"integrity": "sha512-
|
|
4592
|
+
"version": "9.16.0",
|
|
4593
|
+
"resolved": "https://registry.npmjs.org/eslint/-/eslint-9.16.0.tgz",
|
|
4594
|
+
"integrity": "sha512-whp8mSQI4C8VXd+fLgSM0lh3UlmcFtVwUQjyKCFfsp+2ItAIYhlq/hqGahGqHE6cv9unM41VlqKk2VtKYR2TaA==",
|
|
4598
4595
|
"dev": true,
|
|
4599
4596
|
"dependencies": {
|
|
4600
4597
|
"@eslint-community/eslint-utils": "^4.2.0",
|
|
4601
4598
|
"@eslint-community/regexpp": "^4.12.1",
|
|
4602
|
-
"@eslint/config-array": "^0.
|
|
4603
|
-
"@eslint/core": "^0.
|
|
4604
|
-
"@eslint/eslintrc": "^3.
|
|
4605
|
-
"@eslint/js": "9.
|
|
4606
|
-
"@eslint/plugin-kit": "^0.2.
|
|
4599
|
+
"@eslint/config-array": "^0.19.0",
|
|
4600
|
+
"@eslint/core": "^0.9.0",
|
|
4601
|
+
"@eslint/eslintrc": "^3.2.0",
|
|
4602
|
+
"@eslint/js": "9.16.0",
|
|
4603
|
+
"@eslint/plugin-kit": "^0.2.3",
|
|
4607
4604
|
"@humanfs/node": "^0.16.6",
|
|
4608
4605
|
"@humanwhocodes/module-importer": "^1.0.1",
|
|
4609
|
-
"@humanwhocodes/retry": "^0.4.
|
|
4606
|
+
"@humanwhocodes/retry": "^0.4.1",
|
|
4610
4607
|
"@types/estree": "^1.0.6",
|
|
4611
4608
|
"@types/json-schema": "^7.0.15",
|
|
4612
4609
|
"ajv": "^6.12.4",
|
|
4613
4610
|
"chalk": "^4.0.0",
|
|
4614
|
-
"cross-spawn": "^7.0.
|
|
4611
|
+
"cross-spawn": "^7.0.5",
|
|
4615
4612
|
"debug": "^4.3.2",
|
|
4616
4613
|
"escape-string-regexp": "^4.0.0",
|
|
4617
4614
|
"eslint-scope": "^8.2.0",
|
|
@@ -4630,8 +4627,7 @@
|
|
|
4630
4627
|
"lodash.merge": "^4.6.2",
|
|
4631
4628
|
"minimatch": "^3.1.2",
|
|
4632
4629
|
"natural-compare": "^1.4.0",
|
|
4633
|
-
"optionator": "^0.9.3"
|
|
4634
|
-
"text-table": "^0.2.0"
|
|
4630
|
+
"optionator": "^0.9.3"
|
|
4635
4631
|
},
|
|
4636
4632
|
"bin": {
|
|
4637
4633
|
"eslint": "bin/eslint.js"
|
|
@@ -5755,9 +5751,9 @@
|
|
|
5755
5751
|
}
|
|
5756
5752
|
},
|
|
5757
5753
|
"node_modules/ignore": {
|
|
5758
|
-
"version": "5.3.
|
|
5759
|
-
"resolved": "https://registry.npmjs.org/ignore/-/ignore-5.3.
|
|
5760
|
-
"integrity": "sha512-
|
|
5754
|
+
"version": "5.3.2",
|
|
5755
|
+
"resolved": "https://registry.npmjs.org/ignore/-/ignore-5.3.2.tgz",
|
|
5756
|
+
"integrity": "sha512-hsBTNUqQTDwkWtcdYI2i06Y/nUBEsNEDJKjWdigLvegy8kDuJAS8uRlpkkcQpyEXL0Z/pjDy5HBmMjRCJ2gq+g==",
|
|
5761
5757
|
"dev": true,
|
|
5762
5758
|
"engines": {
|
|
5763
5759
|
"node": ">= 4"
|
|
@@ -9007,9 +9003,9 @@
|
|
|
9007
9003
|
"integrity": "sha512-EZSPZB70jiVsivaBLYDCyntd5eH8NTSMOn3rB+HxwdmKThGELLdYv8qVIMWvZEFy9w8ZZpW9h9OB32l1rGtj7g=="
|
|
9008
9004
|
},
|
|
9009
9005
|
"node_modules/nock": {
|
|
9010
|
-
"version": "13.5.
|
|
9011
|
-
"resolved": "https://registry.npmjs.org/nock/-/nock-13.5.
|
|
9012
|
-
"integrity": "sha512-
|
|
9006
|
+
"version": "13.5.6",
|
|
9007
|
+
"resolved": "https://registry.npmjs.org/nock/-/nock-13.5.6.tgz",
|
|
9008
|
+
"integrity": "sha512-o2zOYiCpzRqSzPj0Zt/dQ/DqZeYoaQ7TUonc/xUPjCGl9WeHpNbxgVvOquXYAaJzI0M9BXV3HTzG0p8IUAbBTQ==",
|
|
9013
9009
|
"dependencies": {
|
|
9014
9010
|
"debug": "^4.1.0",
|
|
9015
9011
|
"json-stringify-safe": "^5.0.1",
|
|
@@ -14557,9 +14553,9 @@
|
|
|
14557
14553
|
}
|
|
14558
14554
|
},
|
|
14559
14555
|
"node_modules/prettier": {
|
|
14560
|
-
"version": "3.
|
|
14561
|
-
"resolved": "https://registry.npmjs.org/prettier/-/prettier-3.
|
|
14562
|
-
"integrity": "sha512-
|
|
14556
|
+
"version": "3.4.2",
|
|
14557
|
+
"resolved": "https://registry.npmjs.org/prettier/-/prettier-3.4.2.tgz",
|
|
14558
|
+
"integrity": "sha512-e9MewbtFo+Fevyuxn/4rrcDAaq0IYxPGLvObpQjiZBMAzB9IGmzlnG9RZy3FFas+eBMu2vA0CszMeduow5dIuQ==",
|
|
14563
14559
|
"dev": true,
|
|
14564
14560
|
"bin": {
|
|
14565
14561
|
"prettier": "bin/prettier.cjs"
|
|
@@ -15729,12 +15725,6 @@
|
|
|
15729
15725
|
"node": ">=8"
|
|
15730
15726
|
}
|
|
15731
15727
|
},
|
|
15732
|
-
"node_modules/text-table": {
|
|
15733
|
-
"version": "0.2.0",
|
|
15734
|
-
"resolved": "https://registry.npmjs.org/text-table/-/text-table-0.2.0.tgz",
|
|
15735
|
-
"integrity": "sha1-f17oI66AUgfACvLfSoTsP8+lcLQ=",
|
|
15736
|
-
"dev": true
|
|
15737
|
-
},
|
|
15738
15728
|
"node_modules/thenify": {
|
|
15739
15729
|
"version": "3.3.1",
|
|
15740
15730
|
"resolved": "https://registry.npmjs.org/thenify/-/thenify-3.3.1.tgz",
|
|
@@ -16895,20 +16885,20 @@
|
|
|
16895
16885
|
"dev": true
|
|
16896
16886
|
},
|
|
16897
16887
|
"@eslint/config-array": {
|
|
16898
|
-
"version": "0.
|
|
16899
|
-
"resolved": "https://registry.npmjs.org/@eslint/config-array/-/config-array-0.
|
|
16900
|
-
"integrity": "sha512-
|
|
16888
|
+
"version": "0.19.1",
|
|
16889
|
+
"resolved": "https://registry.npmjs.org/@eslint/config-array/-/config-array-0.19.1.tgz",
|
|
16890
|
+
"integrity": "sha512-fo6Mtm5mWyKjA/Chy1BYTdn5mGJoDNjC7C64ug20ADsRDGrA85bN3uK3MaKbeRkRuuIEAR5N33Jr1pbm411/PA==",
|
|
16901
16891
|
"dev": true,
|
|
16902
16892
|
"requires": {
|
|
16903
|
-
"@eslint/object-schema": "^2.1.
|
|
16893
|
+
"@eslint/object-schema": "^2.1.5",
|
|
16904
16894
|
"debug": "^4.3.1",
|
|
16905
16895
|
"minimatch": "^3.1.2"
|
|
16906
16896
|
},
|
|
16907
16897
|
"dependencies": {
|
|
16908
16898
|
"debug": {
|
|
16909
|
-
"version": "4.
|
|
16910
|
-
"resolved": "https://registry.npmjs.org/debug/-/debug-4.
|
|
16911
|
-
"integrity": "sha512-
|
|
16899
|
+
"version": "4.4.0",
|
|
16900
|
+
"resolved": "https://registry.npmjs.org/debug/-/debug-4.4.0.tgz",
|
|
16901
|
+
"integrity": "sha512-6WTZ/IxCY/T6BALoZHaE4ctp9xm+Z5kY/pzYaCHRFeyVhojxlrm+46y68HA6hr0TcwEssoxNiDEUJQjfPZ/RYA==",
|
|
16912
16902
|
"dev": true,
|
|
16913
16903
|
"requires": {
|
|
16914
16904
|
"ms": "^2.1.3"
|
|
@@ -16917,15 +16907,18 @@
|
|
|
16917
16907
|
}
|
|
16918
16908
|
},
|
|
16919
16909
|
"@eslint/core": {
|
|
16920
|
-
"version": "0.
|
|
16921
|
-
"resolved": "https://registry.npmjs.org/@eslint/core/-/core-0.
|
|
16922
|
-
"integrity": "sha512-
|
|
16923
|
-
"dev": true
|
|
16910
|
+
"version": "0.9.1",
|
|
16911
|
+
"resolved": "https://registry.npmjs.org/@eslint/core/-/core-0.9.1.tgz",
|
|
16912
|
+
"integrity": "sha512-GuUdqkyyzQI5RMIWkHhvTWLCyLo1jNK3vzkSyaExH5kHPDHcuL2VOpHjmMY+y3+NC69qAKToBqldTBgYeLSr9Q==",
|
|
16913
|
+
"dev": true,
|
|
16914
|
+
"requires": {
|
|
16915
|
+
"@types/json-schema": "^7.0.15"
|
|
16916
|
+
}
|
|
16924
16917
|
},
|
|
16925
16918
|
"@eslint/eslintrc": {
|
|
16926
|
-
"version": "3.
|
|
16927
|
-
"resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-3.
|
|
16928
|
-
"integrity": "sha512-
|
|
16919
|
+
"version": "3.2.0",
|
|
16920
|
+
"resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-3.2.0.tgz",
|
|
16921
|
+
"integrity": "sha512-grOjVNN8P3hjJn/eIETF1wwd12DdnwFDoyceUJLYYdkpbwq3nLi+4fqrTAONx7XDALqlL220wC/RHSC/QTI/0w==",
|
|
16929
16922
|
"dev": true,
|
|
16930
16923
|
"requires": {
|
|
16931
16924
|
"ajv": "^6.12.4",
|
|
@@ -16946,12 +16939,12 @@
|
|
|
16946
16939
|
"dev": true
|
|
16947
16940
|
},
|
|
16948
16941
|
"debug": {
|
|
16949
|
-
"version": "4.
|
|
16950
|
-
"resolved": "https://registry.npmjs.org/debug/-/debug-4.
|
|
16951
|
-
"integrity": "sha512-
|
|
16942
|
+
"version": "4.4.0",
|
|
16943
|
+
"resolved": "https://registry.npmjs.org/debug/-/debug-4.4.0.tgz",
|
|
16944
|
+
"integrity": "sha512-6WTZ/IxCY/T6BALoZHaE4ctp9xm+Z5kY/pzYaCHRFeyVhojxlrm+46y68HA6hr0TcwEssoxNiDEUJQjfPZ/RYA==",
|
|
16952
16945
|
"dev": true,
|
|
16953
16946
|
"requires": {
|
|
16954
|
-
"ms": "2.1.
|
|
16947
|
+
"ms": "^2.1.3"
|
|
16955
16948
|
}
|
|
16956
16949
|
},
|
|
16957
16950
|
"js-yaml": {
|
|
@@ -16962,31 +16955,25 @@
|
|
|
16962
16955
|
"requires": {
|
|
16963
16956
|
"argparse": "^2.0.1"
|
|
16964
16957
|
}
|
|
16965
|
-
},
|
|
16966
|
-
"ms": {
|
|
16967
|
-
"version": "2.1.2",
|
|
16968
|
-
"resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz",
|
|
16969
|
-
"integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==",
|
|
16970
|
-
"dev": true
|
|
16971
16958
|
}
|
|
16972
16959
|
}
|
|
16973
16960
|
},
|
|
16974
16961
|
"@eslint/js": {
|
|
16975
|
-
"version": "9.
|
|
16976
|
-
"resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.
|
|
16977
|
-
"integrity": "sha512-
|
|
16962
|
+
"version": "9.16.0",
|
|
16963
|
+
"resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.16.0.tgz",
|
|
16964
|
+
"integrity": "sha512-tw2HxzQkrbeuvyj1tG2Yqq+0H9wGoI2IMk4EOsQeX+vmd75FtJAzf+gTA69WF+baUKRYQ3x2kbLE08js5OsTVg==",
|
|
16978
16965
|
"dev": true
|
|
16979
16966
|
},
|
|
16980
16967
|
"@eslint/object-schema": {
|
|
16981
|
-
"version": "2.1.
|
|
16982
|
-
"resolved": "https://registry.npmjs.org/@eslint/object-schema/-/object-schema-2.1.
|
|
16983
|
-
"integrity": "sha512-
|
|
16968
|
+
"version": "2.1.5",
|
|
16969
|
+
"resolved": "https://registry.npmjs.org/@eslint/object-schema/-/object-schema-2.1.5.tgz",
|
|
16970
|
+
"integrity": "sha512-o0bhxnL89h5Bae5T318nFoFzGy+YE5i/gGkoPAgkmTVdRKTiv3p8JHevPiPaMwoloKfEiiaHlawCqaZMqRm+XQ==",
|
|
16984
16971
|
"dev": true
|
|
16985
16972
|
},
|
|
16986
16973
|
"@eslint/plugin-kit": {
|
|
16987
|
-
"version": "0.2.
|
|
16988
|
-
"resolved": "https://registry.npmjs.org/@eslint/plugin-kit/-/plugin-kit-0.2.
|
|
16989
|
-
"integrity": "sha512-
|
|
16974
|
+
"version": "0.2.4",
|
|
16975
|
+
"resolved": "https://registry.npmjs.org/@eslint/plugin-kit/-/plugin-kit-0.2.4.tgz",
|
|
16976
|
+
"integrity": "sha512-zSkKow6H5Kdm0ZUQUB2kV5JIXqoG0+uH5YADhaEHswm664N9Db8dXSi0nMJpacpMf+MyyglF1vnZohpEg5yUtg==",
|
|
16990
16977
|
"dev": true,
|
|
16991
16978
|
"requires": {
|
|
16992
16979
|
"levn": "^0.4.1"
|
|
@@ -17023,9 +17010,9 @@
|
|
|
17023
17010
|
"dev": true
|
|
17024
17011
|
},
|
|
17025
17012
|
"@humanwhocodes/retry": {
|
|
17026
|
-
"version": "0.4.
|
|
17027
|
-
"resolved": "https://registry.npmjs.org/@humanwhocodes/retry/-/retry-0.4.
|
|
17028
|
-
"integrity": "sha512-
|
|
17013
|
+
"version": "0.4.1",
|
|
17014
|
+
"resolved": "https://registry.npmjs.org/@humanwhocodes/retry/-/retry-0.4.1.tgz",
|
|
17015
|
+
"integrity": "sha512-c7hNEllBlenFTHBky65mhq8WD2kbN9Q6gk0bTk8lSBvc554jpXSkST1iePudpt7+A/AQvuHs9EMqjHDXMY1lrA==",
|
|
17029
17016
|
"dev": true
|
|
17030
17017
|
},
|
|
17031
17018
|
"@isaacs/cliui": {
|
|
@@ -19545,9 +19532,9 @@
|
|
|
19545
19532
|
}
|
|
19546
19533
|
},
|
|
19547
19534
|
"cross-spawn": {
|
|
19548
|
-
"version": "7.0.
|
|
19549
|
-
"resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.
|
|
19550
|
-
"integrity": "sha512-
|
|
19535
|
+
"version": "7.0.6",
|
|
19536
|
+
"resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz",
|
|
19537
|
+
"integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==",
|
|
19551
19538
|
"requires": {
|
|
19552
19539
|
"path-key": "^3.1.0",
|
|
19553
19540
|
"shebang-command": "^2.0.0",
|
|
@@ -19780,26 +19767,26 @@
|
|
|
19780
19767
|
"integrity": "sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ="
|
|
19781
19768
|
},
|
|
19782
19769
|
"eslint": {
|
|
19783
|
-
"version": "9.
|
|
19784
|
-
"resolved": "https://registry.npmjs.org/eslint/-/eslint-9.
|
|
19785
|
-
"integrity": "sha512-
|
|
19770
|
+
"version": "9.16.0",
|
|
19771
|
+
"resolved": "https://registry.npmjs.org/eslint/-/eslint-9.16.0.tgz",
|
|
19772
|
+
"integrity": "sha512-whp8mSQI4C8VXd+fLgSM0lh3UlmcFtVwUQjyKCFfsp+2ItAIYhlq/hqGahGqHE6cv9unM41VlqKk2VtKYR2TaA==",
|
|
19786
19773
|
"dev": true,
|
|
19787
19774
|
"requires": {
|
|
19788
19775
|
"@eslint-community/eslint-utils": "^4.2.0",
|
|
19789
19776
|
"@eslint-community/regexpp": "^4.12.1",
|
|
19790
|
-
"@eslint/config-array": "^0.
|
|
19791
|
-
"@eslint/core": "^0.
|
|
19792
|
-
"@eslint/eslintrc": "^3.
|
|
19793
|
-
"@eslint/js": "9.
|
|
19794
|
-
"@eslint/plugin-kit": "^0.2.
|
|
19777
|
+
"@eslint/config-array": "^0.19.0",
|
|
19778
|
+
"@eslint/core": "^0.9.0",
|
|
19779
|
+
"@eslint/eslintrc": "^3.2.0",
|
|
19780
|
+
"@eslint/js": "9.16.0",
|
|
19781
|
+
"@eslint/plugin-kit": "^0.2.3",
|
|
19795
19782
|
"@humanfs/node": "^0.16.6",
|
|
19796
19783
|
"@humanwhocodes/module-importer": "^1.0.1",
|
|
19797
|
-
"@humanwhocodes/retry": "^0.4.
|
|
19784
|
+
"@humanwhocodes/retry": "^0.4.1",
|
|
19798
19785
|
"@types/estree": "^1.0.6",
|
|
19799
19786
|
"@types/json-schema": "^7.0.15",
|
|
19800
19787
|
"ajv": "^6.12.4",
|
|
19801
19788
|
"chalk": "^4.0.0",
|
|
19802
|
-
"cross-spawn": "^7.0.
|
|
19789
|
+
"cross-spawn": "^7.0.5",
|
|
19803
19790
|
"debug": "^4.3.2",
|
|
19804
19791
|
"escape-string-regexp": "^4.0.0",
|
|
19805
19792
|
"eslint-scope": "^8.2.0",
|
|
@@ -19818,8 +19805,7 @@
|
|
|
19818
19805
|
"lodash.merge": "^4.6.2",
|
|
19819
19806
|
"minimatch": "^3.1.2",
|
|
19820
19807
|
"natural-compare": "^1.4.0",
|
|
19821
|
-
"optionator": "^0.9.3"
|
|
19822
|
-
"text-table": "^0.2.0"
|
|
19808
|
+
"optionator": "^0.9.3"
|
|
19823
19809
|
},
|
|
19824
19810
|
"dependencies": {
|
|
19825
19811
|
"ansi-styles": {
|
|
@@ -20629,9 +20615,9 @@
|
|
|
20629
20615
|
}
|
|
20630
20616
|
},
|
|
20631
20617
|
"ignore": {
|
|
20632
|
-
"version": "5.3.
|
|
20633
|
-
"resolved": "https://registry.npmjs.org/ignore/-/ignore-5.3.
|
|
20634
|
-
"integrity": "sha512-
|
|
20618
|
+
"version": "5.3.2",
|
|
20619
|
+
"resolved": "https://registry.npmjs.org/ignore/-/ignore-5.3.2.tgz",
|
|
20620
|
+
"integrity": "sha512-hsBTNUqQTDwkWtcdYI2i06Y/nUBEsNEDJKjWdigLvegy8kDuJAS8uRlpkkcQpyEXL0Z/pjDy5HBmMjRCJ2gq+g==",
|
|
20635
20621
|
"dev": true
|
|
20636
20622
|
},
|
|
20637
20623
|
"ignore-walk": {
|
|
@@ -23068,9 +23054,9 @@
|
|
|
23068
23054
|
"integrity": "sha512-EZSPZB70jiVsivaBLYDCyntd5eH8NTSMOn3rB+HxwdmKThGELLdYv8qVIMWvZEFy9w8ZZpW9h9OB32l1rGtj7g=="
|
|
23069
23055
|
},
|
|
23070
23056
|
"nock": {
|
|
23071
|
-
"version": "13.5.
|
|
23072
|
-
"resolved": "https://registry.npmjs.org/nock/-/nock-13.5.
|
|
23073
|
-
"integrity": "sha512-
|
|
23057
|
+
"version": "13.5.6",
|
|
23058
|
+
"resolved": "https://registry.npmjs.org/nock/-/nock-13.5.6.tgz",
|
|
23059
|
+
"integrity": "sha512-o2zOYiCpzRqSzPj0Zt/dQ/DqZeYoaQ7TUonc/xUPjCGl9WeHpNbxgVvOquXYAaJzI0M9BXV3HTzG0p8IUAbBTQ==",
|
|
23074
23060
|
"requires": {
|
|
23075
23061
|
"debug": "^4.1.0",
|
|
23076
23062
|
"json-stringify-safe": "^5.0.1",
|
|
@@ -27170,9 +27156,9 @@
|
|
|
27170
27156
|
"integrity": "sha1-gV7R9uvGWSb4ZbMQwHE7yzMVzks="
|
|
27171
27157
|
},
|
|
27172
27158
|
"prettier": {
|
|
27173
|
-
"version": "3.
|
|
27174
|
-
"resolved": "https://registry.npmjs.org/prettier/-/prettier-3.
|
|
27175
|
-
"integrity": "sha512-
|
|
27159
|
+
"version": "3.4.2",
|
|
27160
|
+
"resolved": "https://registry.npmjs.org/prettier/-/prettier-3.4.2.tgz",
|
|
27161
|
+
"integrity": "sha512-e9MewbtFo+Fevyuxn/4rrcDAaq0IYxPGLvObpQjiZBMAzB9IGmzlnG9RZy3FFas+eBMu2vA0CszMeduow5dIuQ==",
|
|
27176
27162
|
"dev": true
|
|
27177
27163
|
},
|
|
27178
27164
|
"pretty-format": {
|
|
@@ -28069,12 +28055,6 @@
|
|
|
28069
28055
|
"minimatch": "^3.0.4"
|
|
28070
28056
|
}
|
|
28071
28057
|
},
|
|
28072
|
-
"text-table": {
|
|
28073
|
-
"version": "0.2.0",
|
|
28074
|
-
"resolved": "https://registry.npmjs.org/text-table/-/text-table-0.2.0.tgz",
|
|
28075
|
-
"integrity": "sha1-f17oI66AUgfACvLfSoTsP8+lcLQ=",
|
|
28076
|
-
"dev": true
|
|
28077
|
-
},
|
|
28078
28058
|
"thenify": {
|
|
28079
28059
|
"version": "3.3.1",
|
|
28080
28060
|
"resolved": "https://registry.npmjs.org/thenify/-/thenify-3.3.1.tgz",
|
data/helpers/package.json
CHANGED
|
@@ -13,7 +13,7 @@
|
|
|
13
13
|
"@dependabot/yarn-lib": "^1.22.22",
|
|
14
14
|
"@npmcli/arborist": "^8.0.0",
|
|
15
15
|
"detect-indent": "^6.1.0",
|
|
16
|
-
"nock": "^13.5.
|
|
16
|
+
"nock": "^13.5.6",
|
|
17
17
|
"npm": "6.14.18",
|
|
18
18
|
"@pnpm/lockfile-file": "^9.1.2",
|
|
19
19
|
"@pnpm/dependency-path": "^5.1.1",
|
|
@@ -21,9 +21,9 @@
|
|
|
21
21
|
"patch-package": "^8.0.0"
|
|
22
22
|
},
|
|
23
23
|
"devDependencies": {
|
|
24
|
-
"eslint": "^9.
|
|
24
|
+
"eslint": "^9.16.0",
|
|
25
25
|
"eslint-config-prettier": "^9.1.0",
|
|
26
26
|
"jest": "^29.7.0",
|
|
27
|
-
"prettier": "^3.
|
|
27
|
+
"prettier": "^3.4.2"
|
|
28
28
|
}
|
|
29
29
|
}
|
|
@@ -207,7 +207,9 @@ module Dependabot
|
|
|
207
207
|
@package_manager_helper ||= T.let(
|
|
208
208
|
PackageManagerHelper.new(
|
|
209
209
|
parsed_package_json,
|
|
210
|
-
lockfiles
|
|
210
|
+
lockfiles,
|
|
211
|
+
registry_config_files,
|
|
212
|
+
credentials
|
|
211
213
|
), T.nilable(PackageManagerHelper)
|
|
212
214
|
)
|
|
213
215
|
end
|
|
@@ -221,6 +223,17 @@ module Dependabot
|
|
|
221
223
|
}
|
|
222
224
|
end
|
|
223
225
|
|
|
226
|
+
# Returns the .npmrc, and .yarnrc files for the repository.
|
|
227
|
+
# @return [Hash{Symbol => Dependabot::DependencyFile}]
|
|
228
|
+
sig { returns(T::Hash[Symbol, T.nilable(Dependabot::DependencyFile)]) }
|
|
229
|
+
def registry_config_files
|
|
230
|
+
{
|
|
231
|
+
npmrc: npmrc,
|
|
232
|
+
yarnrc: yarnrc,
|
|
233
|
+
yarnrc_yml: yarnrc_yml
|
|
234
|
+
}
|
|
235
|
+
end
|
|
236
|
+
|
|
224
237
|
sig { returns(DependencyFile) }
|
|
225
238
|
def package_json
|
|
226
239
|
@package_json ||= T.let(fetch_file_from_host(MANIFEST_FILENAME), T.nilable(DependencyFile))
|
|
@@ -601,7 +614,10 @@ module Dependabot
|
|
|
601
614
|
|
|
602
615
|
sig { returns(T.untyped) }
|
|
603
616
|
def parsed_package_json
|
|
604
|
-
JSON.parse(T.must(package_json.content))
|
|
617
|
+
parsed = JSON.parse(T.must(package_json.content))
|
|
618
|
+
raise Dependabot::DependencyFileNotParseable, package_json.path unless parsed.is_a?(Hash)
|
|
619
|
+
|
|
620
|
+
parsed
|
|
605
621
|
rescue JSON::ParserError
|
|
606
622
|
raise Dependabot::DependencyFileNotParseable, package_json.path
|
|
607
623
|
end
|
|
@@ -98,7 +98,9 @@ module Dependabot
|
|
|
98
98
|
@package_manager_helper ||= T.let(
|
|
99
99
|
PackageManagerHelper.new(
|
|
100
100
|
parsed_package_json,
|
|
101
|
-
lockfiles
|
|
101
|
+
lockfiles,
|
|
102
|
+
registry_config_files,
|
|
103
|
+
credentials
|
|
102
104
|
), T.nilable(PackageManagerHelper)
|
|
103
105
|
)
|
|
104
106
|
end
|
|
@@ -112,6 +114,15 @@ module Dependabot
|
|
|
112
114
|
}
|
|
113
115
|
end
|
|
114
116
|
|
|
117
|
+
sig { returns(T::Hash[Symbol, T.nilable(Dependabot::DependencyFile)]) }
|
|
118
|
+
def registry_config_files
|
|
119
|
+
{
|
|
120
|
+
npmrc: npmrc,
|
|
121
|
+
yarnrc: yarnrc,
|
|
122
|
+
yarnrc_yml: yarnrc_yml
|
|
123
|
+
}
|
|
124
|
+
end
|
|
125
|
+
|
|
115
126
|
sig { returns(T.untyped) }
|
|
116
127
|
def parsed_package_json
|
|
117
128
|
JSON.parse(T.must(package_json.content))
|
|
@@ -156,6 +167,27 @@ module Dependabot
|
|
|
156
167
|
end, T.nilable(Dependabot::DependencyFile))
|
|
157
168
|
end
|
|
158
169
|
|
|
170
|
+
sig { returns(T.nilable(Dependabot::DependencyFile)) }
|
|
171
|
+
def npmrc
|
|
172
|
+
@npmrc ||= T.let(dependency_files.find do |f|
|
|
173
|
+
f.name == NpmPackageManager::RC_FILENAME
|
|
174
|
+
end, T.nilable(Dependabot::DependencyFile))
|
|
175
|
+
end
|
|
176
|
+
|
|
177
|
+
sig { returns(T.nilable(Dependabot::DependencyFile)) }
|
|
178
|
+
def yarnrc
|
|
179
|
+
@yarnrc ||= T.let(dependency_files.find do |f|
|
|
180
|
+
f.name == YarnPackageManager::RC_FILENAME
|
|
181
|
+
end, T.nilable(Dependabot::DependencyFile))
|
|
182
|
+
end
|
|
183
|
+
|
|
184
|
+
sig { returns(T.nilable(DependencyFile)) }
|
|
185
|
+
def yarnrc_yml
|
|
186
|
+
@yarnrc_yml ||= T.let(dependency_files.find do |f|
|
|
187
|
+
f.name == YarnPackageManager::RC_YML_FILENAME
|
|
188
|
+
end, T.nilable(Dependabot::DependencyFile))
|
|
189
|
+
end
|
|
190
|
+
|
|
159
191
|
sig { returns(Dependabot::FileParsers::Base::DependencySet) }
|
|
160
192
|
def manifest_dependencies
|
|
161
193
|
dependency_set = DependencySet.new
|
|
@@ -9,7 +9,7 @@ require "sorbet-runtime"
|
|
|
9
9
|
|
|
10
10
|
module Dependabot
|
|
11
11
|
module NpmAndYarn
|
|
12
|
-
module Helpers
|
|
12
|
+
module Helpers # rubocop:disable Metrics/ModuleLength
|
|
13
13
|
extend T::Sig
|
|
14
14
|
|
|
15
15
|
YARN_PATH_NOT_FOUND =
|
|
@@ -332,7 +332,7 @@ module Dependabot
|
|
|
332
332
|
version.strip.delete_prefix("v") # Remove the "v" prefix if present
|
|
333
333
|
end
|
|
334
334
|
rescue StandardError => e
|
|
335
|
-
|
|
335
|
+
Dependabot.logger.error("Error retrieving Node.js version: #{e.message}")
|
|
336
336
|
nil
|
|
337
337
|
end
|
|
338
338
|
|
|
@@ -388,35 +388,89 @@ module Dependabot
|
|
|
388
388
|
end
|
|
389
389
|
|
|
390
390
|
# Install the package manager for specified version by using corepack
|
|
391
|
-
|
|
392
|
-
|
|
393
|
-
|
|
391
|
+
sig do
|
|
392
|
+
params(
|
|
393
|
+
name: String,
|
|
394
|
+
version: String,
|
|
395
|
+
env: T.nilable(T::Hash[String, String])
|
|
396
|
+
)
|
|
397
|
+
.returns(String)
|
|
398
|
+
end
|
|
399
|
+
def self.install(name, version, env: {})
|
|
394
400
|
Dependabot.logger.info("Installing \"#{name}@#{version}\"")
|
|
395
401
|
|
|
396
|
-
|
|
397
|
-
|
|
398
|
-
|
|
402
|
+
begin
|
|
403
|
+
# Try to install the specified version
|
|
404
|
+
output = package_manager_install(name, version, env: env)
|
|
405
|
+
|
|
406
|
+
# Confirm success based on the output
|
|
407
|
+
if output.match?(/Adding #{name}@.* to the cache/)
|
|
408
|
+
Dependabot.logger.info("#{name}@#{version} successfully installed.")
|
|
399
409
|
|
|
400
|
-
|
|
410
|
+
Dependabot.logger.info("Activating currently installed version of #{name}: #{version}")
|
|
411
|
+
package_manager_activate(name, version)
|
|
412
|
+
|
|
413
|
+
else
|
|
414
|
+
Dependabot.logger.error("Corepack installation output unexpected: #{output}")
|
|
415
|
+
fallback_to_local_version(name)
|
|
416
|
+
end
|
|
417
|
+
rescue StandardError => e
|
|
418
|
+
Dependabot.logger.error("Error installing #{name}@#{version}: #{e.message}")
|
|
419
|
+
fallback_to_local_version(name)
|
|
420
|
+
end
|
|
421
|
+
|
|
422
|
+
# Verify the installed version
|
|
423
|
+
installed_version = package_manager_version(name)
|
|
401
424
|
|
|
402
425
|
installed_version
|
|
403
426
|
end
|
|
404
427
|
|
|
428
|
+
# Attempt to activate the local version of the package manager
|
|
429
|
+
sig { params(name: String).void }
|
|
430
|
+
def self.fallback_to_local_version(name)
|
|
431
|
+
Dependabot.logger.info("Falling back to activate the currently installed version of #{name}.")
|
|
432
|
+
|
|
433
|
+
# Fetch the currently installed version directly from the environment
|
|
434
|
+
current_version = local_package_manager_version(name)
|
|
435
|
+
Dependabot.logger.info("Activating currently installed version of #{name}: #{current_version}")
|
|
436
|
+
|
|
437
|
+
# Prepare the existing version
|
|
438
|
+
package_manager_activate(name, current_version)
|
|
439
|
+
end
|
|
440
|
+
|
|
405
441
|
# Install the package manager for specified version by using corepack
|
|
406
|
-
sig
|
|
407
|
-
|
|
442
|
+
sig do
|
|
443
|
+
params(
|
|
444
|
+
name: String,
|
|
445
|
+
version: String,
|
|
446
|
+
env: T.nilable(T::Hash[String, String])
|
|
447
|
+
)
|
|
448
|
+
.returns(String)
|
|
449
|
+
end
|
|
450
|
+
def self.package_manager_install(name, version, env: {})
|
|
408
451
|
Dependabot::SharedHelpers.run_shell_command(
|
|
409
452
|
"corepack install #{name}@#{version} --global --cache-only",
|
|
410
|
-
fingerprint: "corepack install <name>@<version> --global --cache-only"
|
|
453
|
+
fingerprint: "corepack install <name>@<version> --global --cache-only",
|
|
454
|
+
env: env
|
|
411
455
|
).strip
|
|
412
456
|
end
|
|
413
457
|
|
|
414
458
|
# Prepare the package manager for use by using corepack
|
|
415
|
-
sig { params(name: String, version: String).
|
|
459
|
+
sig { params(name: String, version: String).returns(String) }
|
|
416
460
|
def self.package_manager_activate(name, version)
|
|
417
461
|
Dependabot::SharedHelpers.run_shell_command(
|
|
418
462
|
"corepack prepare #{name}@#{version} --activate",
|
|
419
|
-
fingerprint: "corepack prepare --activate"
|
|
463
|
+
fingerprint: "corepack prepare <name>@<version> --activate"
|
|
464
|
+
).strip
|
|
465
|
+
end
|
|
466
|
+
|
|
467
|
+
# Fetch the currently installed version of the package manager directly
|
|
468
|
+
# from the system without involving Corepack
|
|
469
|
+
sig { params(name: String).returns(String) }
|
|
470
|
+
def self.local_package_manager_version(name)
|
|
471
|
+
Dependabot::SharedHelpers.run_shell_command(
|
|
472
|
+
"#{name} -v",
|
|
473
|
+
fingerprint: "#{name} -v"
|
|
420
474
|
).strip
|
|
421
475
|
end
|
|
422
476
|
|
|
@@ -427,7 +481,8 @@ module Dependabot
|
|
|
427
481
|
|
|
428
482
|
version = package_manager_run_command(name, "-v").strip
|
|
429
483
|
|
|
430
|
-
Dependabot.logger.info("
|
|
484
|
+
Dependabot.logger.info("Installed version of #{name}: #{version}")
|
|
485
|
+
|
|
431
486
|
version
|
|
432
487
|
rescue StandardError => e
|
|
433
488
|
Dependabot.logger.error("Error fetching version for package manager #{name}: #{e.message}")
|
|
@@ -445,14 +500,11 @@ module Dependabot
|
|
|
445
500
|
def self.package_manager_run_command(name, command, fingerprint: nil)
|
|
446
501
|
full_command = "corepack #{name} #{command}"
|
|
447
502
|
|
|
448
|
-
Dependabot.logger.info("Running package manager command: #{full_command}")
|
|
449
|
-
|
|
450
503
|
result = Dependabot::SharedHelpers.run_shell_command(
|
|
451
504
|
full_command,
|
|
452
505
|
fingerprint: "corepack #{name} #{fingerprint || command}"
|
|
453
506
|
).strip
|
|
454
507
|
|
|
455
|
-
Dependabot.logger.info("Command executed successfully: #{full_command}")
|
|
456
508
|
result
|
|
457
509
|
rescue StandardError => e
|
|
458
510
|
Dependabot.logger.error("Error running package manager command: #{full_command}, Error: #{e.message}")
|
|
@@ -5,6 +5,7 @@ require "dependabot/shared_helpers"
|
|
|
5
5
|
require "dependabot/ecosystem"
|
|
6
6
|
require "dependabot/npm_and_yarn/requirement"
|
|
7
7
|
require "dependabot/npm_and_yarn/version_selector"
|
|
8
|
+
require "dependabot/npm_and_yarn/registry_helper"
|
|
8
9
|
|
|
9
10
|
module Dependabot
|
|
10
11
|
module NpmAndYarn
|
|
@@ -61,14 +62,13 @@ module Dependabot
|
|
|
61
62
|
|
|
62
63
|
# Keep versions in ascending order
|
|
63
64
|
SUPPORTED_VERSIONS = T.let([
|
|
64
|
-
Version.new(NPM_V6),
|
|
65
65
|
Version.new(NPM_V7),
|
|
66
66
|
Version.new(NPM_V8),
|
|
67
67
|
Version.new(NPM_V9),
|
|
68
68
|
Version.new(NPM_V10)
|
|
69
69
|
].freeze, T::Array[Dependabot::Version])
|
|
70
70
|
|
|
71
|
-
DEPRECATED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
|
|
71
|
+
DEPRECATED_VERSIONS = T.let([Version.new(NPM_V6)].freeze, T::Array[Dependabot::Version])
|
|
72
72
|
|
|
73
73
|
sig do
|
|
74
74
|
params(
|
|
@@ -88,12 +88,17 @@ module Dependabot
|
|
|
88
88
|
|
|
89
89
|
sig { override.returns(T::Boolean) }
|
|
90
90
|
def deprecated?
|
|
91
|
-
false
|
|
91
|
+
return false if unsupported?
|
|
92
|
+
return false unless Dependabot::Experiments.enabled?(:npm_v6_deprecation_warning)
|
|
93
|
+
|
|
94
|
+
deprecated_versions.include?(version)
|
|
92
95
|
end
|
|
93
96
|
|
|
94
97
|
sig { override.returns(T::Boolean) }
|
|
95
98
|
def unsupported?
|
|
96
|
-
false
|
|
99
|
+
return false unless Dependabot::Experiments.enabled?(:npm_v6_unsupported_error)
|
|
100
|
+
|
|
101
|
+
supported_versions.all? { |supported| supported > version }
|
|
97
102
|
end
|
|
98
103
|
end
|
|
99
104
|
|
|
@@ -311,17 +316,24 @@ module Dependabot
|
|
|
311
316
|
sig do
|
|
312
317
|
params(
|
|
313
318
|
package_json: T.nilable(T::Hash[String, T.untyped]),
|
|
314
|
-
lockfiles: T::Hash[Symbol, T.nilable(Dependabot::DependencyFile)]
|
|
319
|
+
lockfiles: T::Hash[Symbol, T.nilable(Dependabot::DependencyFile)],
|
|
320
|
+
registry_config_files: T::Hash[Symbol, T.nilable(Dependabot::DependencyFile)],
|
|
321
|
+
credentials: T.nilable(T::Array[Dependabot::Credential])
|
|
315
322
|
).void
|
|
316
323
|
end
|
|
317
|
-
def initialize(package_json, lockfiles
|
|
324
|
+
def initialize(package_json, lockfiles, registry_config_files, credentials)
|
|
318
325
|
@package_json = package_json
|
|
319
326
|
@lockfiles = lockfiles
|
|
327
|
+
@registry_helper = T.let(
|
|
328
|
+
RegistryHelper.new(registry_config_files, credentials),
|
|
329
|
+
Dependabot::NpmAndYarn::RegistryHelper
|
|
330
|
+
)
|
|
320
331
|
@package_manager_detector = T.let(PackageManagerDetector.new(lockfiles, package_json), PackageManagerDetector)
|
|
321
332
|
@manifest_package_manager = T.let(package_json&.fetch(MANIFEST_PACKAGE_MANAGER_KEY, nil), T.nilable(String))
|
|
322
333
|
@engines = T.let(package_json&.fetch(MANIFEST_ENGINES_KEY, nil), T.nilable(T::Hash[String, T.untyped]))
|
|
323
334
|
|
|
324
335
|
@installed_versions = T.let({}, T::Hash[String, String])
|
|
336
|
+
@registries = T.let({}, T::Hash[String, String])
|
|
325
337
|
|
|
326
338
|
@language = T.let(nil, T.nilable(Ecosystem::VersionManager))
|
|
327
339
|
@language_requirement = T.let(nil, T.nilable(Requirement))
|
|
@@ -379,8 +391,8 @@ module Dependabot
|
|
|
379
391
|
end
|
|
380
392
|
|
|
381
393
|
# rubocop:disable Metrics/CyclomaticComplexity
|
|
382
|
-
# rubocop:disable Metrics/PerceivedComplexity
|
|
383
394
|
# rubocop:disable Metrics/AbcSize
|
|
395
|
+
# rubocop:disable Metrics/PerceivedComplexity
|
|
384
396
|
sig { params(name: String).returns(T.nilable(T.any(Integer, String))) }
|
|
385
397
|
def setup(name)
|
|
386
398
|
# we prioritize version mentioned in "packageManager" instead of "engines"
|
|
@@ -438,6 +450,9 @@ module Dependabot
|
|
|
438
450
|
end
|
|
439
451
|
version
|
|
440
452
|
end
|
|
453
|
+
# rubocop:enable Metrics/CyclomaticComplexity
|
|
454
|
+
# rubocop:enable Metrics/AbcSize
|
|
455
|
+
# rubocop:enable Metrics/PerceivedComplexity
|
|
441
456
|
|
|
442
457
|
sig { params(name: T.nilable(String)).returns(Ecosystem::VersionManager) }
|
|
443
458
|
def package_manager_by_name(name)
|
|
@@ -456,21 +471,15 @@ module Dependabot
|
|
|
456
471
|
Dependabot.logger.info("No version requirement found for #{name}")
|
|
457
472
|
end
|
|
458
473
|
|
|
459
|
-
|
|
474
|
+
package_manager_class.new(
|
|
460
475
|
installed_version,
|
|
461
476
|
requirement: package_manager_requirement
|
|
462
477
|
)
|
|
463
|
-
|
|
464
|
-
Dependabot.logger.info("Package manager resolved for #{name}: #{package_manager_instance}")
|
|
465
|
-
package_manager_instance
|
|
466
478
|
rescue StandardError => e
|
|
467
479
|
Dependabot.logger.error("Error resolving package manager for #{name || 'default'}: #{e.message}")
|
|
468
480
|
raise
|
|
469
481
|
end
|
|
470
482
|
|
|
471
|
-
# rubocop:enable Metrics/CyclomaticComplexity
|
|
472
|
-
# rubocop:enable Metrics/PerceivedComplexity
|
|
473
|
-
# rubocop:enable Metrics/AbcSize
|
|
474
483
|
# Retrieve the installed version of the package manager by executing
|
|
475
484
|
# the "corepack <name> -v" command and using the output.
|
|
476
485
|
# If the output does not match the expected version format (PACKAGE_MANAGER_VERSION_REGEX),
|
|
@@ -504,13 +513,18 @@ module Dependabot
|
|
|
504
513
|
return unless name == PNPMPackageManager::NAME
|
|
505
514
|
return unless Version.new(version) < Version.new("7")
|
|
506
515
|
|
|
507
|
-
raise ToolVersionNotSupported.new(PNPMPackageManager::NAME.upcase, version, "7.*, 8.*")
|
|
516
|
+
raise ToolVersionNotSupported.new(PNPMPackageManager::NAME.upcase, version, "7.*, 8.*, 9.*")
|
|
508
517
|
end
|
|
509
518
|
|
|
510
519
|
sig { params(name: String, version: T.nilable(String)).void }
|
|
511
520
|
def install(name, version)
|
|
512
521
|
if Dependabot::Experiments.enabled?(:enable_corepack_for_npm_and_yarn)
|
|
513
|
-
|
|
522
|
+
env = {}
|
|
523
|
+
if Dependabot::Experiments.enabled?(:enable_private_registry_for_corepack)
|
|
524
|
+
env = @registry_helper.find_corepack_env_variables
|
|
525
|
+
end
|
|
526
|
+
# Use the Helpers.install method to install the package manager
|
|
527
|
+
return Helpers.install(name, version.to_s, env: env)
|
|
514
528
|
end
|
|
515
529
|
|
|
516
530
|
Dependabot.logger.info("Installing \"#{name}@#{version}\"")
|
|
@@ -0,0 +1,188 @@
|
|
|
1
|
+
# typed: strict
|
|
2
|
+
# frozen_string_literal: true
|
|
3
|
+
|
|
4
|
+
require "yaml"
|
|
5
|
+
require "dependabot/dependency_file"
|
|
6
|
+
require "sorbet-runtime"
|
|
7
|
+
|
|
8
|
+
module Dependabot
|
|
9
|
+
module NpmAndYarn
|
|
10
|
+
class RegistryHelper
|
|
11
|
+
extend T::Sig
|
|
12
|
+
|
|
13
|
+
# Keys for configurations
|
|
14
|
+
REGISTRY_KEY = "registry"
|
|
15
|
+
AUTH_KEY = "authToken"
|
|
16
|
+
|
|
17
|
+
# Yarn-specific keys
|
|
18
|
+
NPM_AUTH_TOKEN_KEY_FOR_YARN = "npmAuthToken"
|
|
19
|
+
NPM_SCOPE_KEY_FOR_YARN = "npmScopes"
|
|
20
|
+
NPM_REGISTER_KEY_FOR_YARN = "npmRegistryServer"
|
|
21
|
+
|
|
22
|
+
# Environment variable keys
|
|
23
|
+
COREPACK_NPM_REGISTRY_ENV = "COREPACK_NPM_REGISTRY"
|
|
24
|
+
COREPACK_NPM_TOKEN_ENV = "COREPACK_NPM_TOKEN"
|
|
25
|
+
|
|
26
|
+
sig do
|
|
27
|
+
params(
|
|
28
|
+
registry_config_files: T::Hash[Symbol, T.nilable(Dependabot::DependencyFile)],
|
|
29
|
+
credentials: T.nilable(T::Array[Dependabot::Credential])
|
|
30
|
+
).void
|
|
31
|
+
end
|
|
32
|
+
def initialize(registry_config_files, credentials)
|
|
33
|
+
@registry_config_files = T.let(registry_config_files, T::Hash[Symbol, T.nilable(Dependabot::DependencyFile)])
|
|
34
|
+
@credentials = T.let(credentials, T.nilable(T::Array[Dependabot::Credential]))
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
sig { returns(T::Hash[String, String]) }
|
|
38
|
+
def find_corepack_env_variables
|
|
39
|
+
registry_info = find_registry_and_token
|
|
40
|
+
|
|
41
|
+
env_variables = {}
|
|
42
|
+
env_variables[COREPACK_NPM_REGISTRY_ENV] = registry_info[:registry] if registry_info[:registry]
|
|
43
|
+
env_variables[COREPACK_NPM_TOKEN_ENV] = registry_info[:auth_token] if registry_info[:auth_token]
|
|
44
|
+
|
|
45
|
+
env_variables
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
private
|
|
49
|
+
|
|
50
|
+
sig { returns(T::Hash[Symbol, T.nilable(String)]) }
|
|
51
|
+
def find_registry_and_token
|
|
52
|
+
# Step 1: Check dependabot.yml configuration
|
|
53
|
+
dependabot_config = config_npm_registry_and_token
|
|
54
|
+
return dependabot_config if dependabot_config[:registry]
|
|
55
|
+
|
|
56
|
+
# Step 2: Check .npmrc
|
|
57
|
+
npmrc_config = @registry_config_files[:npmrc]
|
|
58
|
+
npmrc_result = parse_registry_from_npmrc_yarnrc(npmrc_config, "=", "npm")
|
|
59
|
+
|
|
60
|
+
return npmrc_result if npmrc_result[:registry]
|
|
61
|
+
|
|
62
|
+
# Step 3: Check .yarnrc
|
|
63
|
+
yarnrc_config = @registry_config_files[:yarnrc]
|
|
64
|
+
yarnrc_result = parse_registry_from_npmrc_yarnrc(yarnrc_config, " ", "npm")
|
|
65
|
+
return yarnrc_result if yarnrc_result[:registry]
|
|
66
|
+
|
|
67
|
+
# Step 4: Check yarnrc.yml
|
|
68
|
+
yarnrc_yml_config = @registry_config_files[:yarnrc_yml]
|
|
69
|
+
yarnrc_yml_result = parse_npm_from_yarnrc_yml(yarnrc_yml_config)
|
|
70
|
+
return yarnrc_yml_result if yarnrc_yml_result[:registry]
|
|
71
|
+
|
|
72
|
+
# Default values if no registry is found
|
|
73
|
+
{}
|
|
74
|
+
end
|
|
75
|
+
|
|
76
|
+
sig { returns(T::Hash[Symbol, T.nilable(String)]) }
|
|
77
|
+
def config_npm_registry_and_token
|
|
78
|
+
registries = {}
|
|
79
|
+
|
|
80
|
+
return registries unless @credentials&.any?
|
|
81
|
+
|
|
82
|
+
@credentials.each do |cred|
|
|
83
|
+
next unless cred["type"] == "npm_registry" # Skip if not an npm registry
|
|
84
|
+
next unless cred["replaces-base"] # Skip if not a reverse-proxy registry
|
|
85
|
+
|
|
86
|
+
# Set the registry if it's not already set
|
|
87
|
+
registries[:registry] ||= cred["registry"]
|
|
88
|
+
|
|
89
|
+
# Set the token if it's not already set
|
|
90
|
+
registries[:auth_token] ||= cred["token"]
|
|
91
|
+
end
|
|
92
|
+
registries
|
|
93
|
+
end
|
|
94
|
+
|
|
95
|
+
# Find registry and token in .npmrc or .yarnrc file
|
|
96
|
+
sig do
|
|
97
|
+
params(
|
|
98
|
+
file: T.nilable(Dependabot::DependencyFile),
|
|
99
|
+
separator: String
|
|
100
|
+
).returns(T::Hash[Symbol, T.nilable(String)])
|
|
101
|
+
end
|
|
102
|
+
def parse_npm_from_npm_or_yarn_rc(file, separator = "=")
|
|
103
|
+
parse_registry_from_npmrc_yarnrc(file, separator, NpmPackageManager::NAME)
|
|
104
|
+
end
|
|
105
|
+
|
|
106
|
+
# Find registry and token in .npmrc or .yarnrc file
|
|
107
|
+
sig do
|
|
108
|
+
params(
|
|
109
|
+
file: T.nilable(Dependabot::DependencyFile),
|
|
110
|
+
separator: String,
|
|
111
|
+
scope: T.nilable(String)
|
|
112
|
+
).returns(T::Hash[Symbol, T.nilable(String)])
|
|
113
|
+
end
|
|
114
|
+
def parse_registry_from_npmrc_yarnrc(file, separator = "=", scope = nil)
|
|
115
|
+
content = file&.content
|
|
116
|
+
return { registry: nil, auth_token: nil } unless content
|
|
117
|
+
|
|
118
|
+
global_registry = T.let(nil, T.nilable(String))
|
|
119
|
+
scoped_registry = T.let(nil, T.nilable(String))
|
|
120
|
+
auth_token = T.let(nil, T.nilable(String))
|
|
121
|
+
|
|
122
|
+
content.split("\n").each do |line|
|
|
123
|
+
# Split using the provided separator
|
|
124
|
+
key, value = line.strip.split(separator, 2)
|
|
125
|
+
next unless key && value
|
|
126
|
+
|
|
127
|
+
# Remove surrounding quotes from keys and values
|
|
128
|
+
cleaned_key = key.strip.gsub(/\A["']|["']\z/, "")
|
|
129
|
+
cleaned_value = value.strip.gsub(/\A["']|["']\z/, "")
|
|
130
|
+
|
|
131
|
+
case cleaned_key
|
|
132
|
+
when "registry"
|
|
133
|
+
# Case 1: Found a global registry
|
|
134
|
+
global_registry = cleaned_value
|
|
135
|
+
when "_authToken"
|
|
136
|
+
# Case 2: Found an auth token
|
|
137
|
+
auth_token = cleaned_value
|
|
138
|
+
else
|
|
139
|
+
# Handle scoped registry if a scope is provided
|
|
140
|
+
scoped_registry = cleaned_value if scope && cleaned_key == "@#{scope}:registry"
|
|
141
|
+
end
|
|
142
|
+
end
|
|
143
|
+
|
|
144
|
+
# Determine the registry to return (global first, fallback to scoped)
|
|
145
|
+
registry = global_registry || scoped_registry
|
|
146
|
+
|
|
147
|
+
{ registry: registry, auth_token: auth_token }
|
|
148
|
+
end
|
|
149
|
+
|
|
150
|
+
# rubocop:disable Metrics/PerceivedComplexity
|
|
151
|
+
sig { params(file: T.nilable(Dependabot::DependencyFile)).returns(T::Hash[Symbol, T.nilable(String)]) }
|
|
152
|
+
def parse_npm_from_yarnrc_yml(file)
|
|
153
|
+
content = file&.content
|
|
154
|
+
return { registry: nil, auth_token: nil } unless content
|
|
155
|
+
|
|
156
|
+
result = {}
|
|
157
|
+
yaml_data = safe_load_yaml(content)
|
|
158
|
+
|
|
159
|
+
# Step 1: Extract global registry and auth token
|
|
160
|
+
result[:registry] = yaml_data[NPM_REGISTER_KEY_FOR_YARN] if yaml_data.key?(NPM_REGISTER_KEY_FOR_YARN)
|
|
161
|
+
result[:auth_token] = yaml_data[NPM_AUTH_TOKEN_KEY_FOR_YARN] if yaml_data.key?(NPM_AUTH_TOKEN_KEY_FOR_YARN)
|
|
162
|
+
|
|
163
|
+
# Step 2: Fallback to any scoped registry and auth token if global is missing
|
|
164
|
+
if result[:registry].nil? && yaml_data.key?(NPM_SCOPE_KEY_FOR_YARN)
|
|
165
|
+
yaml_data[NPM_SCOPE_KEY_FOR_YARN].each do |_current_scope, config|
|
|
166
|
+
next unless config.is_a?(Hash)
|
|
167
|
+
|
|
168
|
+
result[:registry] ||= config[NPM_REGISTER_KEY_FOR_YARN]
|
|
169
|
+
result[:auth_token] ||= config[NPM_AUTH_TOKEN_KEY_FOR_YARN]
|
|
170
|
+
end
|
|
171
|
+
end
|
|
172
|
+
|
|
173
|
+
result
|
|
174
|
+
end
|
|
175
|
+
# rubocop:enable Metrics/PerceivedComplexity
|
|
176
|
+
|
|
177
|
+
# Safely loads the YAML content and logs any parsing errors
|
|
178
|
+
sig { params(content: String).returns(T::Hash[String, T.untyped]) }
|
|
179
|
+
def safe_load_yaml(content)
|
|
180
|
+
YAML.safe_load(content, permitted_classes: [Symbol, String]) || {}
|
|
181
|
+
rescue Psych::SyntaxError => e
|
|
182
|
+
# Log the error instead of raising it
|
|
183
|
+
Dependabot.logger.error("YAML parsing error: #{e.message}")
|
|
184
|
+
{}
|
|
185
|
+
end
|
|
186
|
+
end
|
|
187
|
+
end
|
|
188
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-npm_and_yarn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.291.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
|
-
autorequire:
|
|
8
|
+
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-12-
|
|
11
|
+
date: 2024-12-19 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.291.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.291.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -326,6 +326,7 @@ files:
|
|
|
326
326
|
- lib/dependabot/npm_and_yarn/native_helpers.rb
|
|
327
327
|
- lib/dependabot/npm_and_yarn/package_manager.rb
|
|
328
328
|
- lib/dependabot/npm_and_yarn/package_name.rb
|
|
329
|
+
- lib/dependabot/npm_and_yarn/registry_helper.rb
|
|
329
330
|
- lib/dependabot/npm_and_yarn/registry_parser.rb
|
|
330
331
|
- lib/dependabot/npm_and_yarn/requirement.rb
|
|
331
332
|
- lib/dependabot/npm_and_yarn/sub_dependency_files_filterer.rb
|
|
@@ -346,8 +347,8 @@ licenses:
|
|
|
346
347
|
- MIT
|
|
347
348
|
metadata:
|
|
348
349
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
349
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
350
|
-
post_install_message:
|
|
350
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.291.0
|
|
351
|
+
post_install_message:
|
|
351
352
|
rdoc_options: []
|
|
352
353
|
require_paths:
|
|
353
354
|
- lib
|
|
@@ -363,7 +364,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
363
364
|
version: 3.1.0
|
|
364
365
|
requirements: []
|
|
365
366
|
rubygems_version: 3.5.9
|
|
366
|
-
signing_key:
|
|
367
|
+
signing_key:
|
|
367
368
|
specification_version: 4
|
|
368
369
|
summary: Provides Dependabot support for Javascript (npm and yarn)
|
|
369
370
|
test_files: []
|