dependabot-npm_and_yarn 0.290.0 → 0.292.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/helpers/package-lock.json +114 -134
- data/helpers/package.json +3 -3
- data/lib/dependabot/npm_and_yarn/file_fetcher.rb +4 -1
- data/lib/dependabot/npm_and_yarn/helpers.rb +2 -4
- data/lib/dependabot/npm_and_yarn/package_manager.rb +86 -37
- data/lib/dependabot/npm_and_yarn/version.rb +17 -1
- metadata +6 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e406eab7c13be2bea1200de0103017da062fcd4eda7b30652cc697cf2529c2de
|
|
4
|
+
data.tar.gz: c41b184b80a82577f5ed87eb4df0c0c4bff862350afe5f992b75f04ac6e69f96
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 535024739c08d5e33e7a53a300a75f16009c8227a27b27c8c758501b6328865db2ebeaaace0bc8ae94d5f199d93bd63f76f98164e1524df7896c22784aa04975
|
|
7
|
+
data.tar.gz: e12a28a7d0933ad3fc4ccff35d36948e42b9ea9c884a132f7aed5bd9c33b67ad61037f0b29975c5fc04329a64ef7bcc8703ce3c684e4e278168706eecd1a37a7
|
data/helpers/package-lock.json
CHANGED
|
@@ -12,7 +12,7 @@
|
|
|
12
12
|
"@pnpm/dependency-path": "^5.1.1",
|
|
13
13
|
"@pnpm/lockfile-file": "^9.1.2",
|
|
14
14
|
"detect-indent": "^6.1.0",
|
|
15
|
-
"nock": "^13.5.
|
|
15
|
+
"nock": "^13.5.6",
|
|
16
16
|
"npm": "6.14.18",
|
|
17
17
|
"patch-package": "^8.0.0",
|
|
18
18
|
"semver": "^7.6.3"
|
|
@@ -21,10 +21,10 @@
|
|
|
21
21
|
"helper": "run.js"
|
|
22
22
|
},
|
|
23
23
|
"devDependencies": {
|
|
24
|
-
"eslint": "^9.
|
|
24
|
+
"eslint": "^9.16.0",
|
|
25
25
|
"eslint-config-prettier": "^9.1.0",
|
|
26
26
|
"jest": "^29.7.0",
|
|
27
|
-
"prettier": "^3.
|
|
27
|
+
"prettier": "^3.4.2"
|
|
28
28
|
}
|
|
29
29
|
},
|
|
30
30
|
"node_modules/@aashutoshrathi/word-wrap": {
|
|
@@ -732,12 +732,12 @@
|
|
|
732
732
|
}
|
|
733
733
|
},
|
|
734
734
|
"node_modules/@eslint/config-array": {
|
|
735
|
-
"version": "0.
|
|
736
|
-
"resolved": "https://registry.npmjs.org/@eslint/config-array/-/config-array-0.
|
|
737
|
-
"integrity": "sha512-
|
|
735
|
+
"version": "0.19.1",
|
|
736
|
+
"resolved": "https://registry.npmjs.org/@eslint/config-array/-/config-array-0.19.1.tgz",
|
|
737
|
+
"integrity": "sha512-fo6Mtm5mWyKjA/Chy1BYTdn5mGJoDNjC7C64ug20ADsRDGrA85bN3uK3MaKbeRkRuuIEAR5N33Jr1pbm411/PA==",
|
|
738
738
|
"dev": true,
|
|
739
739
|
"dependencies": {
|
|
740
|
-
"@eslint/object-schema": "^2.1.
|
|
740
|
+
"@eslint/object-schema": "^2.1.5",
|
|
741
741
|
"debug": "^4.3.1",
|
|
742
742
|
"minimatch": "^3.1.2"
|
|
743
743
|
},
|
|
@@ -746,9 +746,9 @@
|
|
|
746
746
|
}
|
|
747
747
|
},
|
|
748
748
|
"node_modules/@eslint/config-array/node_modules/debug": {
|
|
749
|
-
"version": "4.
|
|
750
|
-
"resolved": "https://registry.npmjs.org/debug/-/debug-4.
|
|
751
|
-
"integrity": "sha512-
|
|
749
|
+
"version": "4.4.0",
|
|
750
|
+
"resolved": "https://registry.npmjs.org/debug/-/debug-4.4.0.tgz",
|
|
751
|
+
"integrity": "sha512-6WTZ/IxCY/T6BALoZHaE4ctp9xm+Z5kY/pzYaCHRFeyVhojxlrm+46y68HA6hr0TcwEssoxNiDEUJQjfPZ/RYA==",
|
|
752
752
|
"dev": true,
|
|
753
753
|
"dependencies": {
|
|
754
754
|
"ms": "^2.1.3"
|
|
@@ -763,18 +763,21 @@
|
|
|
763
763
|
}
|
|
764
764
|
},
|
|
765
765
|
"node_modules/@eslint/core": {
|
|
766
|
-
"version": "0.
|
|
767
|
-
"resolved": "https://registry.npmjs.org/@eslint/core/-/core-0.
|
|
768
|
-
"integrity": "sha512-
|
|
766
|
+
"version": "0.9.1",
|
|
767
|
+
"resolved": "https://registry.npmjs.org/@eslint/core/-/core-0.9.1.tgz",
|
|
768
|
+
"integrity": "sha512-GuUdqkyyzQI5RMIWkHhvTWLCyLo1jNK3vzkSyaExH5kHPDHcuL2VOpHjmMY+y3+NC69qAKToBqldTBgYeLSr9Q==",
|
|
769
769
|
"dev": true,
|
|
770
|
+
"dependencies": {
|
|
771
|
+
"@types/json-schema": "^7.0.15"
|
|
772
|
+
},
|
|
770
773
|
"engines": {
|
|
771
774
|
"node": "^18.18.0 || ^20.9.0 || >=21.1.0"
|
|
772
775
|
}
|
|
773
776
|
},
|
|
774
777
|
"node_modules/@eslint/eslintrc": {
|
|
775
|
-
"version": "3.
|
|
776
|
-
"resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-3.
|
|
777
|
-
"integrity": "sha512-
|
|
778
|
+
"version": "3.2.0",
|
|
779
|
+
"resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-3.2.0.tgz",
|
|
780
|
+
"integrity": "sha512-grOjVNN8P3hjJn/eIETF1wwd12DdnwFDoyceUJLYYdkpbwq3nLi+4fqrTAONx7XDALqlL220wC/RHSC/QTI/0w==",
|
|
778
781
|
"dev": true,
|
|
779
782
|
"dependencies": {
|
|
780
783
|
"ajv": "^6.12.4",
|
|
@@ -801,12 +804,12 @@
|
|
|
801
804
|
"dev": true
|
|
802
805
|
},
|
|
803
806
|
"node_modules/@eslint/eslintrc/node_modules/debug": {
|
|
804
|
-
"version": "4.
|
|
805
|
-
"resolved": "https://registry.npmjs.org/debug/-/debug-4.
|
|
806
|
-
"integrity": "sha512-
|
|
807
|
+
"version": "4.4.0",
|
|
808
|
+
"resolved": "https://registry.npmjs.org/debug/-/debug-4.4.0.tgz",
|
|
809
|
+
"integrity": "sha512-6WTZ/IxCY/T6BALoZHaE4ctp9xm+Z5kY/pzYaCHRFeyVhojxlrm+46y68HA6hr0TcwEssoxNiDEUJQjfPZ/RYA==",
|
|
807
810
|
"dev": true,
|
|
808
811
|
"dependencies": {
|
|
809
|
-
"ms": "2.1.
|
|
812
|
+
"ms": "^2.1.3"
|
|
810
813
|
},
|
|
811
814
|
"engines": {
|
|
812
815
|
"node": ">=6.0"
|
|
@@ -829,34 +832,28 @@
|
|
|
829
832
|
"js-yaml": "bin/js-yaml.js"
|
|
830
833
|
}
|
|
831
834
|
},
|
|
832
|
-
"node_modules/@eslint/eslintrc/node_modules/ms": {
|
|
833
|
-
"version": "2.1.2",
|
|
834
|
-
"resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz",
|
|
835
|
-
"integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==",
|
|
836
|
-
"dev": true
|
|
837
|
-
},
|
|
838
835
|
"node_modules/@eslint/js": {
|
|
839
|
-
"version": "9.
|
|
840
|
-
"resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.
|
|
841
|
-
"integrity": "sha512-
|
|
836
|
+
"version": "9.16.0",
|
|
837
|
+
"resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.16.0.tgz",
|
|
838
|
+
"integrity": "sha512-tw2HxzQkrbeuvyj1tG2Yqq+0H9wGoI2IMk4EOsQeX+vmd75FtJAzf+gTA69WF+baUKRYQ3x2kbLE08js5OsTVg==",
|
|
842
839
|
"dev": true,
|
|
843
840
|
"engines": {
|
|
844
841
|
"node": "^18.18.0 || ^20.9.0 || >=21.1.0"
|
|
845
842
|
}
|
|
846
843
|
},
|
|
847
844
|
"node_modules/@eslint/object-schema": {
|
|
848
|
-
"version": "2.1.
|
|
849
|
-
"resolved": "https://registry.npmjs.org/@eslint/object-schema/-/object-schema-2.1.
|
|
850
|
-
"integrity": "sha512-
|
|
845
|
+
"version": "2.1.5",
|
|
846
|
+
"resolved": "https://registry.npmjs.org/@eslint/object-schema/-/object-schema-2.1.5.tgz",
|
|
847
|
+
"integrity": "sha512-o0bhxnL89h5Bae5T318nFoFzGy+YE5i/gGkoPAgkmTVdRKTiv3p8JHevPiPaMwoloKfEiiaHlawCqaZMqRm+XQ==",
|
|
851
848
|
"dev": true,
|
|
852
849
|
"engines": {
|
|
853
850
|
"node": "^18.18.0 || ^20.9.0 || >=21.1.0"
|
|
854
851
|
}
|
|
855
852
|
},
|
|
856
853
|
"node_modules/@eslint/plugin-kit": {
|
|
857
|
-
"version": "0.2.
|
|
858
|
-
"resolved": "https://registry.npmjs.org/@eslint/plugin-kit/-/plugin-kit-0.2.
|
|
859
|
-
"integrity": "sha512-
|
|
854
|
+
"version": "0.2.4",
|
|
855
|
+
"resolved": "https://registry.npmjs.org/@eslint/plugin-kit/-/plugin-kit-0.2.4.tgz",
|
|
856
|
+
"integrity": "sha512-zSkKow6H5Kdm0ZUQUB2kV5JIXqoG0+uH5YADhaEHswm664N9Db8dXSi0nMJpacpMf+MyyglF1vnZohpEg5yUtg==",
|
|
860
857
|
"dev": true,
|
|
861
858
|
"dependencies": {
|
|
862
859
|
"levn": "^0.4.1"
|
|
@@ -914,9 +911,9 @@
|
|
|
914
911
|
}
|
|
915
912
|
},
|
|
916
913
|
"node_modules/@humanwhocodes/retry": {
|
|
917
|
-
"version": "0.4.
|
|
918
|
-
"resolved": "https://registry.npmjs.org/@humanwhocodes/retry/-/retry-0.4.
|
|
919
|
-
"integrity": "sha512-
|
|
914
|
+
"version": "0.4.1",
|
|
915
|
+
"resolved": "https://registry.npmjs.org/@humanwhocodes/retry/-/retry-0.4.1.tgz",
|
|
916
|
+
"integrity": "sha512-c7hNEllBlenFTHBky65mhq8WD2kbN9Q6gk0bTk8lSBvc554jpXSkST1iePudpt7+A/AQvuHs9EMqjHDXMY1lrA==",
|
|
920
917
|
"dev": true,
|
|
921
918
|
"engines": {
|
|
922
919
|
"node": ">=18.18"
|
|
@@ -4286,9 +4283,9 @@
|
|
|
4286
4283
|
}
|
|
4287
4284
|
},
|
|
4288
4285
|
"node_modules/cross-spawn": {
|
|
4289
|
-
"version": "7.0.
|
|
4290
|
-
"resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.
|
|
4291
|
-
"integrity": "sha512-
|
|
4286
|
+
"version": "7.0.6",
|
|
4287
|
+
"resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz",
|
|
4288
|
+
"integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==",
|
|
4292
4289
|
"dependencies": {
|
|
4293
4290
|
"path-key": "^3.1.0",
|
|
4294
4291
|
"shebang-command": "^2.0.0",
|
|
@@ -4592,26 +4589,26 @@
|
|
|
4592
4589
|
}
|
|
4593
4590
|
},
|
|
4594
4591
|
"node_modules/eslint": {
|
|
4595
|
-
"version": "9.
|
|
4596
|
-
"resolved": "https://registry.npmjs.org/eslint/-/eslint-9.
|
|
4597
|
-
"integrity": "sha512-
|
|
4592
|
+
"version": "9.16.0",
|
|
4593
|
+
"resolved": "https://registry.npmjs.org/eslint/-/eslint-9.16.0.tgz",
|
|
4594
|
+
"integrity": "sha512-whp8mSQI4C8VXd+fLgSM0lh3UlmcFtVwUQjyKCFfsp+2ItAIYhlq/hqGahGqHE6cv9unM41VlqKk2VtKYR2TaA==",
|
|
4598
4595
|
"dev": true,
|
|
4599
4596
|
"dependencies": {
|
|
4600
4597
|
"@eslint-community/eslint-utils": "^4.2.0",
|
|
4601
4598
|
"@eslint-community/regexpp": "^4.12.1",
|
|
4602
|
-
"@eslint/config-array": "^0.
|
|
4603
|
-
"@eslint/core": "^0.
|
|
4604
|
-
"@eslint/eslintrc": "^3.
|
|
4605
|
-
"@eslint/js": "9.
|
|
4606
|
-
"@eslint/plugin-kit": "^0.2.
|
|
4599
|
+
"@eslint/config-array": "^0.19.0",
|
|
4600
|
+
"@eslint/core": "^0.9.0",
|
|
4601
|
+
"@eslint/eslintrc": "^3.2.0",
|
|
4602
|
+
"@eslint/js": "9.16.0",
|
|
4603
|
+
"@eslint/plugin-kit": "^0.2.3",
|
|
4607
4604
|
"@humanfs/node": "^0.16.6",
|
|
4608
4605
|
"@humanwhocodes/module-importer": "^1.0.1",
|
|
4609
|
-
"@humanwhocodes/retry": "^0.4.
|
|
4606
|
+
"@humanwhocodes/retry": "^0.4.1",
|
|
4610
4607
|
"@types/estree": "^1.0.6",
|
|
4611
4608
|
"@types/json-schema": "^7.0.15",
|
|
4612
4609
|
"ajv": "^6.12.4",
|
|
4613
4610
|
"chalk": "^4.0.0",
|
|
4614
|
-
"cross-spawn": "^7.0.
|
|
4611
|
+
"cross-spawn": "^7.0.5",
|
|
4615
4612
|
"debug": "^4.3.2",
|
|
4616
4613
|
"escape-string-regexp": "^4.0.0",
|
|
4617
4614
|
"eslint-scope": "^8.2.0",
|
|
@@ -4630,8 +4627,7 @@
|
|
|
4630
4627
|
"lodash.merge": "^4.6.2",
|
|
4631
4628
|
"minimatch": "^3.1.2",
|
|
4632
4629
|
"natural-compare": "^1.4.0",
|
|
4633
|
-
"optionator": "^0.9.3"
|
|
4634
|
-
"text-table": "^0.2.0"
|
|
4630
|
+
"optionator": "^0.9.3"
|
|
4635
4631
|
},
|
|
4636
4632
|
"bin": {
|
|
4637
4633
|
"eslint": "bin/eslint.js"
|
|
@@ -5755,9 +5751,9 @@
|
|
|
5755
5751
|
}
|
|
5756
5752
|
},
|
|
5757
5753
|
"node_modules/ignore": {
|
|
5758
|
-
"version": "5.3.
|
|
5759
|
-
"resolved": "https://registry.npmjs.org/ignore/-/ignore-5.3.
|
|
5760
|
-
"integrity": "sha512-
|
|
5754
|
+
"version": "5.3.2",
|
|
5755
|
+
"resolved": "https://registry.npmjs.org/ignore/-/ignore-5.3.2.tgz",
|
|
5756
|
+
"integrity": "sha512-hsBTNUqQTDwkWtcdYI2i06Y/nUBEsNEDJKjWdigLvegy8kDuJAS8uRlpkkcQpyEXL0Z/pjDy5HBmMjRCJ2gq+g==",
|
|
5761
5757
|
"dev": true,
|
|
5762
5758
|
"engines": {
|
|
5763
5759
|
"node": ">= 4"
|
|
@@ -9007,9 +9003,9 @@
|
|
|
9007
9003
|
"integrity": "sha512-EZSPZB70jiVsivaBLYDCyntd5eH8NTSMOn3rB+HxwdmKThGELLdYv8qVIMWvZEFy9w8ZZpW9h9OB32l1rGtj7g=="
|
|
9008
9004
|
},
|
|
9009
9005
|
"node_modules/nock": {
|
|
9010
|
-
"version": "13.5.
|
|
9011
|
-
"resolved": "https://registry.npmjs.org/nock/-/nock-13.5.
|
|
9012
|
-
"integrity": "sha512-
|
|
9006
|
+
"version": "13.5.6",
|
|
9007
|
+
"resolved": "https://registry.npmjs.org/nock/-/nock-13.5.6.tgz",
|
|
9008
|
+
"integrity": "sha512-o2zOYiCpzRqSzPj0Zt/dQ/DqZeYoaQ7TUonc/xUPjCGl9WeHpNbxgVvOquXYAaJzI0M9BXV3HTzG0p8IUAbBTQ==",
|
|
9013
9009
|
"dependencies": {
|
|
9014
9010
|
"debug": "^4.1.0",
|
|
9015
9011
|
"json-stringify-safe": "^5.0.1",
|
|
@@ -14557,9 +14553,9 @@
|
|
|
14557
14553
|
}
|
|
14558
14554
|
},
|
|
14559
14555
|
"node_modules/prettier": {
|
|
14560
|
-
"version": "3.
|
|
14561
|
-
"resolved": "https://registry.npmjs.org/prettier/-/prettier-3.
|
|
14562
|
-
"integrity": "sha512-
|
|
14556
|
+
"version": "3.4.2",
|
|
14557
|
+
"resolved": "https://registry.npmjs.org/prettier/-/prettier-3.4.2.tgz",
|
|
14558
|
+
"integrity": "sha512-e9MewbtFo+Fevyuxn/4rrcDAaq0IYxPGLvObpQjiZBMAzB9IGmzlnG9RZy3FFas+eBMu2vA0CszMeduow5dIuQ==",
|
|
14563
14559
|
"dev": true,
|
|
14564
14560
|
"bin": {
|
|
14565
14561
|
"prettier": "bin/prettier.cjs"
|
|
@@ -15729,12 +15725,6 @@
|
|
|
15729
15725
|
"node": ">=8"
|
|
15730
15726
|
}
|
|
15731
15727
|
},
|
|
15732
|
-
"node_modules/text-table": {
|
|
15733
|
-
"version": "0.2.0",
|
|
15734
|
-
"resolved": "https://registry.npmjs.org/text-table/-/text-table-0.2.0.tgz",
|
|
15735
|
-
"integrity": "sha1-f17oI66AUgfACvLfSoTsP8+lcLQ=",
|
|
15736
|
-
"dev": true
|
|
15737
|
-
},
|
|
15738
15728
|
"node_modules/thenify": {
|
|
15739
15729
|
"version": "3.3.1",
|
|
15740
15730
|
"resolved": "https://registry.npmjs.org/thenify/-/thenify-3.3.1.tgz",
|
|
@@ -16895,20 +16885,20 @@
|
|
|
16895
16885
|
"dev": true
|
|
16896
16886
|
},
|
|
16897
16887
|
"@eslint/config-array": {
|
|
16898
|
-
"version": "0.
|
|
16899
|
-
"resolved": "https://registry.npmjs.org/@eslint/config-array/-/config-array-0.
|
|
16900
|
-
"integrity": "sha512-
|
|
16888
|
+
"version": "0.19.1",
|
|
16889
|
+
"resolved": "https://registry.npmjs.org/@eslint/config-array/-/config-array-0.19.1.tgz",
|
|
16890
|
+
"integrity": "sha512-fo6Mtm5mWyKjA/Chy1BYTdn5mGJoDNjC7C64ug20ADsRDGrA85bN3uK3MaKbeRkRuuIEAR5N33Jr1pbm411/PA==",
|
|
16901
16891
|
"dev": true,
|
|
16902
16892
|
"requires": {
|
|
16903
|
-
"@eslint/object-schema": "^2.1.
|
|
16893
|
+
"@eslint/object-schema": "^2.1.5",
|
|
16904
16894
|
"debug": "^4.3.1",
|
|
16905
16895
|
"minimatch": "^3.1.2"
|
|
16906
16896
|
},
|
|
16907
16897
|
"dependencies": {
|
|
16908
16898
|
"debug": {
|
|
16909
|
-
"version": "4.
|
|
16910
|
-
"resolved": "https://registry.npmjs.org/debug/-/debug-4.
|
|
16911
|
-
"integrity": "sha512-
|
|
16899
|
+
"version": "4.4.0",
|
|
16900
|
+
"resolved": "https://registry.npmjs.org/debug/-/debug-4.4.0.tgz",
|
|
16901
|
+
"integrity": "sha512-6WTZ/IxCY/T6BALoZHaE4ctp9xm+Z5kY/pzYaCHRFeyVhojxlrm+46y68HA6hr0TcwEssoxNiDEUJQjfPZ/RYA==",
|
|
16912
16902
|
"dev": true,
|
|
16913
16903
|
"requires": {
|
|
16914
16904
|
"ms": "^2.1.3"
|
|
@@ -16917,15 +16907,18 @@
|
|
|
16917
16907
|
}
|
|
16918
16908
|
},
|
|
16919
16909
|
"@eslint/core": {
|
|
16920
|
-
"version": "0.
|
|
16921
|
-
"resolved": "https://registry.npmjs.org/@eslint/core/-/core-0.
|
|
16922
|
-
"integrity": "sha512-
|
|
16923
|
-
"dev": true
|
|
16910
|
+
"version": "0.9.1",
|
|
16911
|
+
"resolved": "https://registry.npmjs.org/@eslint/core/-/core-0.9.1.tgz",
|
|
16912
|
+
"integrity": "sha512-GuUdqkyyzQI5RMIWkHhvTWLCyLo1jNK3vzkSyaExH5kHPDHcuL2VOpHjmMY+y3+NC69qAKToBqldTBgYeLSr9Q==",
|
|
16913
|
+
"dev": true,
|
|
16914
|
+
"requires": {
|
|
16915
|
+
"@types/json-schema": "^7.0.15"
|
|
16916
|
+
}
|
|
16924
16917
|
},
|
|
16925
16918
|
"@eslint/eslintrc": {
|
|
16926
|
-
"version": "3.
|
|
16927
|
-
"resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-3.
|
|
16928
|
-
"integrity": "sha512-
|
|
16919
|
+
"version": "3.2.0",
|
|
16920
|
+
"resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-3.2.0.tgz",
|
|
16921
|
+
"integrity": "sha512-grOjVNN8P3hjJn/eIETF1wwd12DdnwFDoyceUJLYYdkpbwq3nLi+4fqrTAONx7XDALqlL220wC/RHSC/QTI/0w==",
|
|
16929
16922
|
"dev": true,
|
|
16930
16923
|
"requires": {
|
|
16931
16924
|
"ajv": "^6.12.4",
|
|
@@ -16946,12 +16939,12 @@
|
|
|
16946
16939
|
"dev": true
|
|
16947
16940
|
},
|
|
16948
16941
|
"debug": {
|
|
16949
|
-
"version": "4.
|
|
16950
|
-
"resolved": "https://registry.npmjs.org/debug/-/debug-4.
|
|
16951
|
-
"integrity": "sha512-
|
|
16942
|
+
"version": "4.4.0",
|
|
16943
|
+
"resolved": "https://registry.npmjs.org/debug/-/debug-4.4.0.tgz",
|
|
16944
|
+
"integrity": "sha512-6WTZ/IxCY/T6BALoZHaE4ctp9xm+Z5kY/pzYaCHRFeyVhojxlrm+46y68HA6hr0TcwEssoxNiDEUJQjfPZ/RYA==",
|
|
16952
16945
|
"dev": true,
|
|
16953
16946
|
"requires": {
|
|
16954
|
-
"ms": "2.1.
|
|
16947
|
+
"ms": "^2.1.3"
|
|
16955
16948
|
}
|
|
16956
16949
|
},
|
|
16957
16950
|
"js-yaml": {
|
|
@@ -16962,31 +16955,25 @@
|
|
|
16962
16955
|
"requires": {
|
|
16963
16956
|
"argparse": "^2.0.1"
|
|
16964
16957
|
}
|
|
16965
|
-
},
|
|
16966
|
-
"ms": {
|
|
16967
|
-
"version": "2.1.2",
|
|
16968
|
-
"resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz",
|
|
16969
|
-
"integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==",
|
|
16970
|
-
"dev": true
|
|
16971
16958
|
}
|
|
16972
16959
|
}
|
|
16973
16960
|
},
|
|
16974
16961
|
"@eslint/js": {
|
|
16975
|
-
"version": "9.
|
|
16976
|
-
"resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.
|
|
16977
|
-
"integrity": "sha512-
|
|
16962
|
+
"version": "9.16.0",
|
|
16963
|
+
"resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.16.0.tgz",
|
|
16964
|
+
"integrity": "sha512-tw2HxzQkrbeuvyj1tG2Yqq+0H9wGoI2IMk4EOsQeX+vmd75FtJAzf+gTA69WF+baUKRYQ3x2kbLE08js5OsTVg==",
|
|
16978
16965
|
"dev": true
|
|
16979
16966
|
},
|
|
16980
16967
|
"@eslint/object-schema": {
|
|
16981
|
-
"version": "2.1.
|
|
16982
|
-
"resolved": "https://registry.npmjs.org/@eslint/object-schema/-/object-schema-2.1.
|
|
16983
|
-
"integrity": "sha512-
|
|
16968
|
+
"version": "2.1.5",
|
|
16969
|
+
"resolved": "https://registry.npmjs.org/@eslint/object-schema/-/object-schema-2.1.5.tgz",
|
|
16970
|
+
"integrity": "sha512-o0bhxnL89h5Bae5T318nFoFzGy+YE5i/gGkoPAgkmTVdRKTiv3p8JHevPiPaMwoloKfEiiaHlawCqaZMqRm+XQ==",
|
|
16984
16971
|
"dev": true
|
|
16985
16972
|
},
|
|
16986
16973
|
"@eslint/plugin-kit": {
|
|
16987
|
-
"version": "0.2.
|
|
16988
|
-
"resolved": "https://registry.npmjs.org/@eslint/plugin-kit/-/plugin-kit-0.2.
|
|
16989
|
-
"integrity": "sha512-
|
|
16974
|
+
"version": "0.2.4",
|
|
16975
|
+
"resolved": "https://registry.npmjs.org/@eslint/plugin-kit/-/plugin-kit-0.2.4.tgz",
|
|
16976
|
+
"integrity": "sha512-zSkKow6H5Kdm0ZUQUB2kV5JIXqoG0+uH5YADhaEHswm664N9Db8dXSi0nMJpacpMf+MyyglF1vnZohpEg5yUtg==",
|
|
16990
16977
|
"dev": true,
|
|
16991
16978
|
"requires": {
|
|
16992
16979
|
"levn": "^0.4.1"
|
|
@@ -17023,9 +17010,9 @@
|
|
|
17023
17010
|
"dev": true
|
|
17024
17011
|
},
|
|
17025
17012
|
"@humanwhocodes/retry": {
|
|
17026
|
-
"version": "0.4.
|
|
17027
|
-
"resolved": "https://registry.npmjs.org/@humanwhocodes/retry/-/retry-0.4.
|
|
17028
|
-
"integrity": "sha512-
|
|
17013
|
+
"version": "0.4.1",
|
|
17014
|
+
"resolved": "https://registry.npmjs.org/@humanwhocodes/retry/-/retry-0.4.1.tgz",
|
|
17015
|
+
"integrity": "sha512-c7hNEllBlenFTHBky65mhq8WD2kbN9Q6gk0bTk8lSBvc554jpXSkST1iePudpt7+A/AQvuHs9EMqjHDXMY1lrA==",
|
|
17029
17016
|
"dev": true
|
|
17030
17017
|
},
|
|
17031
17018
|
"@isaacs/cliui": {
|
|
@@ -19545,9 +19532,9 @@
|
|
|
19545
19532
|
}
|
|
19546
19533
|
},
|
|
19547
19534
|
"cross-spawn": {
|
|
19548
|
-
"version": "7.0.
|
|
19549
|
-
"resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.
|
|
19550
|
-
"integrity": "sha512-
|
|
19535
|
+
"version": "7.0.6",
|
|
19536
|
+
"resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz",
|
|
19537
|
+
"integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==",
|
|
19551
19538
|
"requires": {
|
|
19552
19539
|
"path-key": "^3.1.0",
|
|
19553
19540
|
"shebang-command": "^2.0.0",
|
|
@@ -19780,26 +19767,26 @@
|
|
|
19780
19767
|
"integrity": "sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ="
|
|
19781
19768
|
},
|
|
19782
19769
|
"eslint": {
|
|
19783
|
-
"version": "9.
|
|
19784
|
-
"resolved": "https://registry.npmjs.org/eslint/-/eslint-9.
|
|
19785
|
-
"integrity": "sha512-
|
|
19770
|
+
"version": "9.16.0",
|
|
19771
|
+
"resolved": "https://registry.npmjs.org/eslint/-/eslint-9.16.0.tgz",
|
|
19772
|
+
"integrity": "sha512-whp8mSQI4C8VXd+fLgSM0lh3UlmcFtVwUQjyKCFfsp+2ItAIYhlq/hqGahGqHE6cv9unM41VlqKk2VtKYR2TaA==",
|
|
19786
19773
|
"dev": true,
|
|
19787
19774
|
"requires": {
|
|
19788
19775
|
"@eslint-community/eslint-utils": "^4.2.0",
|
|
19789
19776
|
"@eslint-community/regexpp": "^4.12.1",
|
|
19790
|
-
"@eslint/config-array": "^0.
|
|
19791
|
-
"@eslint/core": "^0.
|
|
19792
|
-
"@eslint/eslintrc": "^3.
|
|
19793
|
-
"@eslint/js": "9.
|
|
19794
|
-
"@eslint/plugin-kit": "^0.2.
|
|
19777
|
+
"@eslint/config-array": "^0.19.0",
|
|
19778
|
+
"@eslint/core": "^0.9.0",
|
|
19779
|
+
"@eslint/eslintrc": "^3.2.0",
|
|
19780
|
+
"@eslint/js": "9.16.0",
|
|
19781
|
+
"@eslint/plugin-kit": "^0.2.3",
|
|
19795
19782
|
"@humanfs/node": "^0.16.6",
|
|
19796
19783
|
"@humanwhocodes/module-importer": "^1.0.1",
|
|
19797
|
-
"@humanwhocodes/retry": "^0.4.
|
|
19784
|
+
"@humanwhocodes/retry": "^0.4.1",
|
|
19798
19785
|
"@types/estree": "^1.0.6",
|
|
19799
19786
|
"@types/json-schema": "^7.0.15",
|
|
19800
19787
|
"ajv": "^6.12.4",
|
|
19801
19788
|
"chalk": "^4.0.0",
|
|
19802
|
-
"cross-spawn": "^7.0.
|
|
19789
|
+
"cross-spawn": "^7.0.5",
|
|
19803
19790
|
"debug": "^4.3.2",
|
|
19804
19791
|
"escape-string-regexp": "^4.0.0",
|
|
19805
19792
|
"eslint-scope": "^8.2.0",
|
|
@@ -19818,8 +19805,7 @@
|
|
|
19818
19805
|
"lodash.merge": "^4.6.2",
|
|
19819
19806
|
"minimatch": "^3.1.2",
|
|
19820
19807
|
"natural-compare": "^1.4.0",
|
|
19821
|
-
"optionator": "^0.9.3"
|
|
19822
|
-
"text-table": "^0.2.0"
|
|
19808
|
+
"optionator": "^0.9.3"
|
|
19823
19809
|
},
|
|
19824
19810
|
"dependencies": {
|
|
19825
19811
|
"ansi-styles": {
|
|
@@ -20629,9 +20615,9 @@
|
|
|
20629
20615
|
}
|
|
20630
20616
|
},
|
|
20631
20617
|
"ignore": {
|
|
20632
|
-
"version": "5.3.
|
|
20633
|
-
"resolved": "https://registry.npmjs.org/ignore/-/ignore-5.3.
|
|
20634
|
-
"integrity": "sha512-
|
|
20618
|
+
"version": "5.3.2",
|
|
20619
|
+
"resolved": "https://registry.npmjs.org/ignore/-/ignore-5.3.2.tgz",
|
|
20620
|
+
"integrity": "sha512-hsBTNUqQTDwkWtcdYI2i06Y/nUBEsNEDJKjWdigLvegy8kDuJAS8uRlpkkcQpyEXL0Z/pjDy5HBmMjRCJ2gq+g==",
|
|
20635
20621
|
"dev": true
|
|
20636
20622
|
},
|
|
20637
20623
|
"ignore-walk": {
|
|
@@ -23068,9 +23054,9 @@
|
|
|
23068
23054
|
"integrity": "sha512-EZSPZB70jiVsivaBLYDCyntd5eH8NTSMOn3rB+HxwdmKThGELLdYv8qVIMWvZEFy9w8ZZpW9h9OB32l1rGtj7g=="
|
|
23069
23055
|
},
|
|
23070
23056
|
"nock": {
|
|
23071
|
-
"version": "13.5.
|
|
23072
|
-
"resolved": "https://registry.npmjs.org/nock/-/nock-13.5.
|
|
23073
|
-
"integrity": "sha512-
|
|
23057
|
+
"version": "13.5.6",
|
|
23058
|
+
"resolved": "https://registry.npmjs.org/nock/-/nock-13.5.6.tgz",
|
|
23059
|
+
"integrity": "sha512-o2zOYiCpzRqSzPj0Zt/dQ/DqZeYoaQ7TUonc/xUPjCGl9WeHpNbxgVvOquXYAaJzI0M9BXV3HTzG0p8IUAbBTQ==",
|
|
23074
23060
|
"requires": {
|
|
23075
23061
|
"debug": "^4.1.0",
|
|
23076
23062
|
"json-stringify-safe": "^5.0.1",
|
|
@@ -27170,9 +27156,9 @@
|
|
|
27170
27156
|
"integrity": "sha1-gV7R9uvGWSb4ZbMQwHE7yzMVzks="
|
|
27171
27157
|
},
|
|
27172
27158
|
"prettier": {
|
|
27173
|
-
"version": "3.
|
|
27174
|
-
"resolved": "https://registry.npmjs.org/prettier/-/prettier-3.
|
|
27175
|
-
"integrity": "sha512-
|
|
27159
|
+
"version": "3.4.2",
|
|
27160
|
+
"resolved": "https://registry.npmjs.org/prettier/-/prettier-3.4.2.tgz",
|
|
27161
|
+
"integrity": "sha512-e9MewbtFo+Fevyuxn/4rrcDAaq0IYxPGLvObpQjiZBMAzB9IGmzlnG9RZy3FFas+eBMu2vA0CszMeduow5dIuQ==",
|
|
27176
27162
|
"dev": true
|
|
27177
27163
|
},
|
|
27178
27164
|
"pretty-format": {
|
|
@@ -28069,12 +28055,6 @@
|
|
|
28069
28055
|
"minimatch": "^3.0.4"
|
|
28070
28056
|
}
|
|
28071
28057
|
},
|
|
28072
|
-
"text-table": {
|
|
28073
|
-
"version": "0.2.0",
|
|
28074
|
-
"resolved": "https://registry.npmjs.org/text-table/-/text-table-0.2.0.tgz",
|
|
28075
|
-
"integrity": "sha1-f17oI66AUgfACvLfSoTsP8+lcLQ=",
|
|
28076
|
-
"dev": true
|
|
28077
|
-
},
|
|
28078
28058
|
"thenify": {
|
|
28079
28059
|
"version": "3.3.1",
|
|
28080
28060
|
"resolved": "https://registry.npmjs.org/thenify/-/thenify-3.3.1.tgz",
|
data/helpers/package.json
CHANGED
|
@@ -13,7 +13,7 @@
|
|
|
13
13
|
"@dependabot/yarn-lib": "^1.22.22",
|
|
14
14
|
"@npmcli/arborist": "^8.0.0",
|
|
15
15
|
"detect-indent": "^6.1.0",
|
|
16
|
-
"nock": "^13.5.
|
|
16
|
+
"nock": "^13.5.6",
|
|
17
17
|
"npm": "6.14.18",
|
|
18
18
|
"@pnpm/lockfile-file": "^9.1.2",
|
|
19
19
|
"@pnpm/dependency-path": "^5.1.1",
|
|
@@ -21,9 +21,9 @@
|
|
|
21
21
|
"patch-package": "^8.0.0"
|
|
22
22
|
},
|
|
23
23
|
"devDependencies": {
|
|
24
|
-
"eslint": "^9.
|
|
24
|
+
"eslint": "^9.16.0",
|
|
25
25
|
"eslint-config-prettier": "^9.1.0",
|
|
26
26
|
"jest": "^29.7.0",
|
|
27
|
-
"prettier": "^3.
|
|
27
|
+
"prettier": "^3.4.2"
|
|
28
28
|
}
|
|
29
29
|
}
|
|
@@ -614,7 +614,10 @@ module Dependabot
|
|
|
614
614
|
|
|
615
615
|
sig { returns(T.untyped) }
|
|
616
616
|
def parsed_package_json
|
|
617
|
-
JSON.parse(T.must(package_json.content))
|
|
617
|
+
parsed = JSON.parse(T.must(package_json.content))
|
|
618
|
+
raise Dependabot::DependencyFileNotParseable, package_json.path unless parsed.is_a?(Hash)
|
|
619
|
+
|
|
620
|
+
parsed
|
|
618
621
|
rescue JSON::ParserError
|
|
619
622
|
raise Dependabot::DependencyFileNotParseable, package_json.path
|
|
620
623
|
end
|
|
@@ -41,9 +41,7 @@ module Dependabot
|
|
|
41
41
|
# Otherwise, we are going to use old versionining npm 6
|
|
42
42
|
sig { params(lockfile: T.nilable(DependencyFile)).returns(Integer) }
|
|
43
43
|
def self.npm_version_numeric(lockfile)
|
|
44
|
-
if Dependabot::Experiments.enabled?(:
|
|
45
|
-
return npm_version_numeric_latest(lockfile)
|
|
46
|
-
end
|
|
44
|
+
return npm_version_numeric_latest(lockfile) if Dependabot::Experiments.enabled?(:npm_v6_deprecation_warning)
|
|
47
45
|
|
|
48
46
|
fallback_version_npm8 = Dependabot::Experiments.enabled?(:npm_fallback_version_above_v6)
|
|
49
47
|
|
|
@@ -174,7 +172,7 @@ module Dependabot
|
|
|
174
172
|
def self.npm8?(package_lock)
|
|
175
173
|
return true unless package_lock&.content
|
|
176
174
|
|
|
177
|
-
if Dependabot::Experiments.enabled?(:
|
|
175
|
+
if Dependabot::Experiments.enabled?(:npm_v6_deprecation_warning)
|
|
178
176
|
return npm_version_numeric_latest(package_lock) >= NPM_V8
|
|
179
177
|
end
|
|
180
178
|
|
|
@@ -62,39 +62,50 @@ module Dependabot
|
|
|
62
62
|
|
|
63
63
|
# Keep versions in ascending order
|
|
64
64
|
SUPPORTED_VERSIONS = T.let([
|
|
65
|
-
Version.new(NPM_V6),
|
|
66
65
|
Version.new(NPM_V7),
|
|
67
66
|
Version.new(NPM_V8),
|
|
68
67
|
Version.new(NPM_V9),
|
|
69
68
|
Version.new(NPM_V10)
|
|
70
69
|
].freeze, T::Array[Dependabot::Version])
|
|
71
70
|
|
|
72
|
-
DEPRECATED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
|
|
71
|
+
DEPRECATED_VERSIONS = T.let([Version.new(NPM_V6)].freeze, T::Array[Dependabot::Version])
|
|
73
72
|
|
|
74
73
|
sig do
|
|
75
74
|
params(
|
|
76
|
-
|
|
75
|
+
detected_version: T.nilable(String),
|
|
76
|
+
raw_version: T.nilable(String),
|
|
77
77
|
requirement: T.nilable(Dependabot::NpmAndYarn::Requirement)
|
|
78
78
|
).void
|
|
79
79
|
end
|
|
80
|
-
def initialize(raw_version, requirement: nil)
|
|
80
|
+
def initialize(detected_version: nil, raw_version: nil, requirement: nil)
|
|
81
81
|
super(
|
|
82
|
-
NAME,
|
|
83
|
-
Version.new(
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
82
|
+
name: NAME,
|
|
83
|
+
detected_version: detected_version ? Version.new(detected_version) : nil,
|
|
84
|
+
version: raw_version ? Version.new(raw_version) : nil,
|
|
85
|
+
deprecated_versions: DEPRECATED_VERSIONS,
|
|
86
|
+
supported_versions: SUPPORTED_VERSIONS,
|
|
87
|
+
requirement: requirement
|
|
87
88
|
)
|
|
88
89
|
end
|
|
89
90
|
|
|
90
91
|
sig { override.returns(T::Boolean) }
|
|
91
92
|
def deprecated?
|
|
92
|
-
false
|
|
93
|
+
return false unless detected_version
|
|
94
|
+
|
|
95
|
+
return false if unsupported?
|
|
96
|
+
|
|
97
|
+
return false unless Dependabot::Experiments.enabled?(:npm_v6_deprecation_warning)
|
|
98
|
+
|
|
99
|
+
deprecated_versions.include?(detected_version)
|
|
93
100
|
end
|
|
94
101
|
|
|
95
102
|
sig { override.returns(T::Boolean) }
|
|
96
103
|
def unsupported?
|
|
97
|
-
false
|
|
104
|
+
return false unless detected_version
|
|
105
|
+
|
|
106
|
+
return false unless Dependabot::Experiments.enabled?(:npm_v6_unsupported_error)
|
|
107
|
+
|
|
108
|
+
supported_versions.all? { |supported| supported > detected_version }
|
|
98
109
|
end
|
|
99
110
|
end
|
|
100
111
|
|
|
@@ -119,17 +130,19 @@ module Dependabot
|
|
|
119
130
|
|
|
120
131
|
sig do
|
|
121
132
|
params(
|
|
122
|
-
|
|
123
|
-
|
|
133
|
+
detected_version: T.nilable(String),
|
|
134
|
+
raw_version: T.nilable(String),
|
|
135
|
+
requirement: T.nilable(Dependabot::NpmAndYarn::Requirement)
|
|
124
136
|
).void
|
|
125
137
|
end
|
|
126
|
-
def initialize(raw_version, requirement: nil)
|
|
138
|
+
def initialize(detected_version: nil, raw_version: nil, requirement: nil)
|
|
127
139
|
super(
|
|
128
|
-
NAME,
|
|
129
|
-
Version.new(
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
|
|
140
|
+
name: NAME,
|
|
141
|
+
detected_version: detected_version ? Version.new(detected_version) : nil,
|
|
142
|
+
version: raw_version ? Version.new(raw_version) : nil,
|
|
143
|
+
deprecated_versions: DEPRECATED_VERSIONS,
|
|
144
|
+
supported_versions: SUPPORTED_VERSIONS,
|
|
145
|
+
requirement: requirement
|
|
133
146
|
)
|
|
134
147
|
end
|
|
135
148
|
|
|
@@ -164,17 +177,19 @@ module Dependabot
|
|
|
164
177
|
|
|
165
178
|
sig do
|
|
166
179
|
params(
|
|
167
|
-
|
|
168
|
-
|
|
180
|
+
detected_version: T.nilable(String),
|
|
181
|
+
raw_version: T.nilable(String),
|
|
182
|
+
requirement: T.nilable(Dependabot::NpmAndYarn::Requirement)
|
|
169
183
|
).void
|
|
170
184
|
end
|
|
171
|
-
def initialize(raw_version, requirement: nil)
|
|
185
|
+
def initialize(detected_version: nil, raw_version: nil, requirement: nil)
|
|
172
186
|
super(
|
|
173
|
-
NAME,
|
|
174
|
-
Version.new(
|
|
175
|
-
|
|
176
|
-
|
|
177
|
-
|
|
187
|
+
name: NAME,
|
|
188
|
+
detected_version: detected_version ? Version.new(detected_version) : nil,
|
|
189
|
+
version: raw_version ? Version.new(raw_version) : nil,
|
|
190
|
+
deprecated_versions: DEPRECATED_VERSIONS,
|
|
191
|
+
supported_versions: SUPPORTED_VERSIONS,
|
|
192
|
+
requirement: requirement
|
|
178
193
|
)
|
|
179
194
|
end
|
|
180
195
|
|
|
@@ -280,17 +295,19 @@ module Dependabot
|
|
|
280
295
|
|
|
281
296
|
sig do
|
|
282
297
|
params(
|
|
298
|
+
detected_version: T.nilable(String),
|
|
283
299
|
raw_version: T.nilable(String),
|
|
284
|
-
requirement: T.nilable(Requirement)
|
|
300
|
+
requirement: T.nilable(Dependabot::NpmAndYarn::Requirement)
|
|
285
301
|
).void
|
|
286
302
|
end
|
|
287
|
-
def initialize(raw_version, requirement: nil)
|
|
303
|
+
def initialize(detected_version: nil, raw_version: nil, requirement: nil)
|
|
288
304
|
super(
|
|
289
|
-
NAME,
|
|
290
|
-
Version.new(
|
|
291
|
-
|
|
292
|
-
|
|
293
|
-
|
|
305
|
+
name: NAME,
|
|
306
|
+
detected_version: detected_version ? Version.new(detected_version) : nil,
|
|
307
|
+
version: raw_version ? Version.new(raw_version) : nil,
|
|
308
|
+
deprecated_versions: DEPRECATED_VERSIONS,
|
|
309
|
+
supported_versions: SUPPORTED_VERSIONS,
|
|
310
|
+
requirement: requirement
|
|
294
311
|
)
|
|
295
312
|
end
|
|
296
313
|
|
|
@@ -345,7 +362,7 @@ module Dependabot
|
|
|
345
362
|
sig { returns(Ecosystem::VersionManager) }
|
|
346
363
|
def language
|
|
347
364
|
@language ||= Language.new(
|
|
348
|
-
Helpers.node_version,
|
|
365
|
+
raw_version: Helpers.node_version,
|
|
349
366
|
requirement: language_requirement
|
|
350
367
|
)
|
|
351
368
|
end
|
|
@@ -389,6 +406,7 @@ module Dependabot
|
|
|
389
406
|
# rubocop:disable Metrics/CyclomaticComplexity
|
|
390
407
|
# rubocop:disable Metrics/AbcSize
|
|
391
408
|
# rubocop:disable Metrics/PerceivedComplexity
|
|
409
|
+
# rubocop:disable Metrics/MethodLength
|
|
392
410
|
sig { params(name: String).returns(T.nilable(T.any(Integer, String))) }
|
|
393
411
|
def setup(name)
|
|
394
412
|
# we prioritize version mentioned in "packageManager" instead of "engines"
|
|
@@ -401,6 +419,8 @@ module Dependabot
|
|
|
401
419
|
return
|
|
402
420
|
end
|
|
403
421
|
|
|
422
|
+
return package_manager.version.to_s if package_manager.deprecated? || package_manager.unsupported?
|
|
423
|
+
|
|
404
424
|
if @engines && @manifest_package_manager.nil?
|
|
405
425
|
# if "packageManager" doesn't exists in manifest file,
|
|
406
426
|
# we check if we can extract "engines" information
|
|
@@ -449,6 +469,24 @@ module Dependabot
|
|
|
449
469
|
# rubocop:enable Metrics/CyclomaticComplexity
|
|
450
470
|
# rubocop:enable Metrics/AbcSize
|
|
451
471
|
# rubocop:enable Metrics/PerceivedComplexity
|
|
472
|
+
# rubocop:enable Metrics/MethodLength
|
|
473
|
+
|
|
474
|
+
sig { params(name: String).returns(T.nilable(String)) }
|
|
475
|
+
def detect_version(name)
|
|
476
|
+
# we prioritize version mentioned in "packageManager" instead of "engines"
|
|
477
|
+
if @manifest_package_manager&.start_with?("#{name}@")
|
|
478
|
+
detected_version = @manifest_package_manager.split("@").last.to_s
|
|
479
|
+
end
|
|
480
|
+
|
|
481
|
+
# if "packageManager" have no version specified, we check if we can extract "engines" information
|
|
482
|
+
detected_version = check_engine_version(name) if !detected_version || detected_version.empty?
|
|
483
|
+
|
|
484
|
+
# if "packageManager" and "engines" both are not present, we check if we can infer the version
|
|
485
|
+
# from the manifest file lockfileVersion
|
|
486
|
+
detected_version = guessed_version(name) if !detected_version || detected_version.empty?
|
|
487
|
+
|
|
488
|
+
detected_version&.to_s
|
|
489
|
+
end
|
|
452
490
|
|
|
453
491
|
sig { params(name: T.nilable(String)).returns(Ecosystem::VersionManager) }
|
|
454
492
|
def package_manager_by_name(name)
|
|
@@ -457,6 +495,16 @@ module Dependabot
|
|
|
457
495
|
name = ensure_valid_package_manager(name)
|
|
458
496
|
package_manager_class = T.must(PACKAGE_MANAGER_CLASSES[name])
|
|
459
497
|
|
|
498
|
+
detected_version = detect_version(name)
|
|
499
|
+
|
|
500
|
+
# if we have a detected version, we check if it is deprecated or unsupported
|
|
501
|
+
if detected_version
|
|
502
|
+
package_manager = package_manager_class.new(
|
|
503
|
+
detected_version: detected_version.to_s
|
|
504
|
+
)
|
|
505
|
+
return package_manager if package_manager.deprecated? || package_manager.unsupported?
|
|
506
|
+
end
|
|
507
|
+
|
|
460
508
|
installed_version = installed_version(name)
|
|
461
509
|
Dependabot.logger.info("Installed version for #{name}: #{installed_version}")
|
|
462
510
|
|
|
@@ -468,7 +516,8 @@ module Dependabot
|
|
|
468
516
|
end
|
|
469
517
|
|
|
470
518
|
package_manager_class.new(
|
|
471
|
-
|
|
519
|
+
detected_version: detected_version.to_s,
|
|
520
|
+
raw_version: installed_version,
|
|
472
521
|
requirement: package_manager_requirement
|
|
473
522
|
)
|
|
474
523
|
rescue StandardError => e
|
|
@@ -509,7 +558,7 @@ module Dependabot
|
|
|
509
558
|
return unless name == PNPMPackageManager::NAME
|
|
510
559
|
return unless Version.new(version) < Version.new("7")
|
|
511
560
|
|
|
512
|
-
raise ToolVersionNotSupported.new(PNPMPackageManager::NAME.upcase, version, "7.*, 8.*")
|
|
561
|
+
raise ToolVersionNotSupported.new(PNPMPackageManager::NAME.upcase, version, "7.*, 8.*, 9.*")
|
|
513
562
|
end
|
|
514
563
|
|
|
515
564
|
sig { params(name: String, version: T.nilable(String)).void }
|
|
@@ -62,8 +62,10 @@ module Dependabot
|
|
|
62
62
|
|
|
63
63
|
sig { override.params(version: VersionParameter).void }
|
|
64
64
|
def initialize(version)
|
|
65
|
+
version = clean_version(version)
|
|
66
|
+
|
|
65
67
|
@version_string = T.let(version.to_s, String)
|
|
66
|
-
|
|
68
|
+
|
|
67
69
|
@build_info = T.let(nil, T.nilable(String))
|
|
68
70
|
|
|
69
71
|
version, @build_info = version.to_s.split("+") if version.to_s.include?("+")
|
|
@@ -71,6 +73,20 @@ module Dependabot
|
|
|
71
73
|
super(T.must(version))
|
|
72
74
|
end
|
|
73
75
|
|
|
76
|
+
sig { params(version: VersionParameter).returns(VersionParameter) }
|
|
77
|
+
def clean_version(version)
|
|
78
|
+
# Check if version is a string before attempting to match
|
|
79
|
+
if version.is_a?(String)
|
|
80
|
+
# Matches @ followed by x.y.z (digits separated by dots)
|
|
81
|
+
if (match = version.match(/@(\d+\.\d+\.\d+)/))
|
|
82
|
+
version = match[1] # Just "4.5.3"
|
|
83
|
+
end
|
|
84
|
+
version = version&.gsub(/^v/, "")
|
|
85
|
+
end
|
|
86
|
+
|
|
87
|
+
version
|
|
88
|
+
end
|
|
89
|
+
|
|
74
90
|
sig { override.params(version: VersionParameter).returns(Dependabot::NpmAndYarn::Version) }
|
|
75
91
|
def self.new(version)
|
|
76
92
|
T.cast(super, Dependabot::NpmAndYarn::Version)
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-npm_and_yarn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.292.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2025-01-09 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.292.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.292.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -347,7 +347,7 @@ licenses:
|
|
|
347
347
|
- MIT
|
|
348
348
|
metadata:
|
|
349
349
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
350
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
350
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.292.0
|
|
351
351
|
post_install_message:
|
|
352
352
|
rdoc_options: []
|
|
353
353
|
require_paths:
|
|
@@ -363,7 +363,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
363
363
|
- !ruby/object:Gem::Version
|
|
364
364
|
version: 3.1.0
|
|
365
365
|
requirements: []
|
|
366
|
-
rubygems_version: 3.5.
|
|
366
|
+
rubygems_version: 3.5.22
|
|
367
367
|
signing_key:
|
|
368
368
|
specification_version: 4
|
|
369
369
|
summary: Provides Dependabot support for Javascript (npm and yarn)
|