dependabot-npm_and_yarn 0.292.0 → 0.294.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/helpers/lib/npm/vulnerability-auditor.js +16 -16
- data/helpers/lib/npm6/updater.js +1 -1
- data/lib/dependabot/npm_and_yarn/bun_package_manager.rb +46 -0
- data/lib/dependabot/npm_and_yarn/dependency_files_filterer.rb +2 -1
- data/lib/dependabot/npm_and_yarn/file_fetcher.rb +61 -35
- data/lib/dependabot/npm_and_yarn/file_parser/bun_lock.rb +141 -0
- data/lib/dependabot/npm_and_yarn/file_parser/lockfile_parser.rb +33 -27
- data/lib/dependabot/npm_and_yarn/file_parser/pnpm_lock.rb +47 -0
- data/lib/dependabot/npm_and_yarn/file_parser.rb +17 -9
- data/lib/dependabot/npm_and_yarn/file_updater/bun_lockfile_updater.rb +144 -0
- data/lib/dependabot/npm_and_yarn/file_updater/pnpm_lockfile_updater.rb +127 -12
- data/lib/dependabot/npm_and_yarn/file_updater.rb +66 -0
- data/lib/dependabot/npm_and_yarn/helpers.rb +54 -2
- data/lib/dependabot/npm_and_yarn/language.rb +45 -0
- data/lib/dependabot/npm_and_yarn/npm_package_manager.rb +70 -0
- data/lib/dependabot/npm_and_yarn/package_manager.rb +16 -196
- data/lib/dependabot/npm_and_yarn/pnpm_package_manager.rb +55 -0
- data/lib/dependabot/npm_and_yarn/sub_dependency_files_filterer.rb +1 -0
- data/lib/dependabot/npm_and_yarn/update_checker/dependency_files_builder.rb +14 -7
- data/lib/dependabot/npm_and_yarn/update_checker/subdependency_version_resolver.rb +14 -0
- data/lib/dependabot/npm_and_yarn/update_checker/version_resolver.rb +19 -0
- data/lib/dependabot/npm_and_yarn/version.rb +4 -0
- data/lib/dependabot/npm_and_yarn/yarn_package_manager.rb +56 -0
- metadata +12 -5
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-npm_and_yarn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.294.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2025-01-
|
|
11
|
+
date: 2025-01-23 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.294.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.294.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -306,15 +306,18 @@ files:
|
|
|
306
306
|
- helpers/test/yarn/helpers.js
|
|
307
307
|
- helpers/test/yarn/updater.test.js
|
|
308
308
|
- lib/dependabot/npm_and_yarn.rb
|
|
309
|
+
- lib/dependabot/npm_and_yarn/bun_package_manager.rb
|
|
309
310
|
- lib/dependabot/npm_and_yarn/dependency_files_filterer.rb
|
|
310
311
|
- lib/dependabot/npm_and_yarn/file_fetcher.rb
|
|
311
312
|
- lib/dependabot/npm_and_yarn/file_fetcher/path_dependency_builder.rb
|
|
312
313
|
- lib/dependabot/npm_and_yarn/file_parser.rb
|
|
314
|
+
- lib/dependabot/npm_and_yarn/file_parser/bun_lock.rb
|
|
313
315
|
- lib/dependabot/npm_and_yarn/file_parser/json_lock.rb
|
|
314
316
|
- lib/dependabot/npm_and_yarn/file_parser/lockfile_parser.rb
|
|
315
317
|
- lib/dependabot/npm_and_yarn/file_parser/pnpm_lock.rb
|
|
316
318
|
- lib/dependabot/npm_and_yarn/file_parser/yarn_lock.rb
|
|
317
319
|
- lib/dependabot/npm_and_yarn/file_updater.rb
|
|
320
|
+
- lib/dependabot/npm_and_yarn/file_updater/bun_lockfile_updater.rb
|
|
318
321
|
- lib/dependabot/npm_and_yarn/file_updater/npm_lockfile_updater.rb
|
|
319
322
|
- lib/dependabot/npm_and_yarn/file_updater/npmrc_builder.rb
|
|
320
323
|
- lib/dependabot/npm_and_yarn/file_updater/package_json_preparer.rb
|
|
@@ -322,10 +325,13 @@ files:
|
|
|
322
325
|
- lib/dependabot/npm_and_yarn/file_updater/pnpm_lockfile_updater.rb
|
|
323
326
|
- lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb
|
|
324
327
|
- lib/dependabot/npm_and_yarn/helpers.rb
|
|
328
|
+
- lib/dependabot/npm_and_yarn/language.rb
|
|
325
329
|
- lib/dependabot/npm_and_yarn/metadata_finder.rb
|
|
326
330
|
- lib/dependabot/npm_and_yarn/native_helpers.rb
|
|
331
|
+
- lib/dependabot/npm_and_yarn/npm_package_manager.rb
|
|
327
332
|
- lib/dependabot/npm_and_yarn/package_manager.rb
|
|
328
333
|
- lib/dependabot/npm_and_yarn/package_name.rb
|
|
334
|
+
- lib/dependabot/npm_and_yarn/pnpm_package_manager.rb
|
|
329
335
|
- lib/dependabot/npm_and_yarn/registry_helper.rb
|
|
330
336
|
- lib/dependabot/npm_and_yarn/registry_parser.rb
|
|
331
337
|
- lib/dependabot/npm_and_yarn/requirement.rb
|
|
@@ -342,12 +348,13 @@ files:
|
|
|
342
348
|
- lib/dependabot/npm_and_yarn/update_checker/vulnerability_auditor.rb
|
|
343
349
|
- lib/dependabot/npm_and_yarn/version.rb
|
|
344
350
|
- lib/dependabot/npm_and_yarn/version_selector.rb
|
|
351
|
+
- lib/dependabot/npm_and_yarn/yarn_package_manager.rb
|
|
345
352
|
homepage: https://github.com/dependabot/dependabot-core
|
|
346
353
|
licenses:
|
|
347
354
|
- MIT
|
|
348
355
|
metadata:
|
|
349
356
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
350
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
357
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.294.0
|
|
351
358
|
post_install_message:
|
|
352
359
|
rdoc_options: []
|
|
353
360
|
require_paths:
|