dependabot-npm_and_yarn 0.292.0 → 0.294.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/helpers/lib/npm/vulnerability-auditor.js +16 -16
- data/helpers/lib/npm6/updater.js +1 -1
- data/lib/dependabot/npm_and_yarn/bun_package_manager.rb +46 -0
- data/lib/dependabot/npm_and_yarn/dependency_files_filterer.rb +2 -1
- data/lib/dependabot/npm_and_yarn/file_fetcher.rb +61 -35
- data/lib/dependabot/npm_and_yarn/file_parser/bun_lock.rb +141 -0
- data/lib/dependabot/npm_and_yarn/file_parser/lockfile_parser.rb +33 -27
- data/lib/dependabot/npm_and_yarn/file_parser/pnpm_lock.rb +47 -0
- data/lib/dependabot/npm_and_yarn/file_parser.rb +17 -9
- data/lib/dependabot/npm_and_yarn/file_updater/bun_lockfile_updater.rb +144 -0
- data/lib/dependabot/npm_and_yarn/file_updater/pnpm_lockfile_updater.rb +127 -12
- data/lib/dependabot/npm_and_yarn/file_updater.rb +66 -0
- data/lib/dependabot/npm_and_yarn/helpers.rb +54 -2
- data/lib/dependabot/npm_and_yarn/language.rb +45 -0
- data/lib/dependabot/npm_and_yarn/npm_package_manager.rb +70 -0
- data/lib/dependabot/npm_and_yarn/package_manager.rb +16 -196
- data/lib/dependabot/npm_and_yarn/pnpm_package_manager.rb +55 -0
- data/lib/dependabot/npm_and_yarn/sub_dependency_files_filterer.rb +1 -0
- data/lib/dependabot/npm_and_yarn/update_checker/dependency_files_builder.rb +14 -7
- data/lib/dependabot/npm_and_yarn/update_checker/subdependency_version_resolver.rb +14 -0
- data/lib/dependabot/npm_and_yarn/update_checker/version_resolver.rb +19 -0
- data/lib/dependabot/npm_and_yarn/version.rb +4 -0
- data/lib/dependabot/npm_and_yarn/yarn_package_manager.rb +56 -0
- metadata +12 -5
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-npm_and_yarn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.294.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2025-01-
|
|
11
|
+
date: 2025-01-23 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.294.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.294.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -306,15 +306,18 @@ files:
|
|
|
306
306
|
- helpers/test/yarn/helpers.js
|
|
307
307
|
- helpers/test/yarn/updater.test.js
|
|
308
308
|
- lib/dependabot/npm_and_yarn.rb
|
|
309
|
+
- lib/dependabot/npm_and_yarn/bun_package_manager.rb
|
|
309
310
|
- lib/dependabot/npm_and_yarn/dependency_files_filterer.rb
|
|
310
311
|
- lib/dependabot/npm_and_yarn/file_fetcher.rb
|
|
311
312
|
- lib/dependabot/npm_and_yarn/file_fetcher/path_dependency_builder.rb
|
|
312
313
|
- lib/dependabot/npm_and_yarn/file_parser.rb
|
|
314
|
+
- lib/dependabot/npm_and_yarn/file_parser/bun_lock.rb
|
|
313
315
|
- lib/dependabot/npm_and_yarn/file_parser/json_lock.rb
|
|
314
316
|
- lib/dependabot/npm_and_yarn/file_parser/lockfile_parser.rb
|
|
315
317
|
- lib/dependabot/npm_and_yarn/file_parser/pnpm_lock.rb
|
|
316
318
|
- lib/dependabot/npm_and_yarn/file_parser/yarn_lock.rb
|
|
317
319
|
- lib/dependabot/npm_and_yarn/file_updater.rb
|
|
320
|
+
- lib/dependabot/npm_and_yarn/file_updater/bun_lockfile_updater.rb
|
|
318
321
|
- lib/dependabot/npm_and_yarn/file_updater/npm_lockfile_updater.rb
|
|
319
322
|
- lib/dependabot/npm_and_yarn/file_updater/npmrc_builder.rb
|
|
320
323
|
- lib/dependabot/npm_and_yarn/file_updater/package_json_preparer.rb
|
|
@@ -322,10 +325,13 @@ files:
|
|
|
322
325
|
- lib/dependabot/npm_and_yarn/file_updater/pnpm_lockfile_updater.rb
|
|
323
326
|
- lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb
|
|
324
327
|
- lib/dependabot/npm_and_yarn/helpers.rb
|
|
328
|
+
- lib/dependabot/npm_and_yarn/language.rb
|
|
325
329
|
- lib/dependabot/npm_and_yarn/metadata_finder.rb
|
|
326
330
|
- lib/dependabot/npm_and_yarn/native_helpers.rb
|
|
331
|
+
- lib/dependabot/npm_and_yarn/npm_package_manager.rb
|
|
327
332
|
- lib/dependabot/npm_and_yarn/package_manager.rb
|
|
328
333
|
- lib/dependabot/npm_and_yarn/package_name.rb
|
|
334
|
+
- lib/dependabot/npm_and_yarn/pnpm_package_manager.rb
|
|
329
335
|
- lib/dependabot/npm_and_yarn/registry_helper.rb
|
|
330
336
|
- lib/dependabot/npm_and_yarn/registry_parser.rb
|
|
331
337
|
- lib/dependabot/npm_and_yarn/requirement.rb
|
|
@@ -342,12 +348,13 @@ files:
|
|
|
342
348
|
- lib/dependabot/npm_and_yarn/update_checker/vulnerability_auditor.rb
|
|
343
349
|
- lib/dependabot/npm_and_yarn/version.rb
|
|
344
350
|
- lib/dependabot/npm_and_yarn/version_selector.rb
|
|
351
|
+
- lib/dependabot/npm_and_yarn/yarn_package_manager.rb
|
|
345
352
|
homepage: https://github.com/dependabot/dependabot-core
|
|
346
353
|
licenses:
|
|
347
354
|
- MIT
|
|
348
355
|
metadata:
|
|
349
356
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
350
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
357
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.294.0
|
|
351
358
|
post_install_message:
|
|
352
359
|
rdoc_options: []
|
|
353
360
|
require_paths:
|