dependabot-npm_and_yarn 0.294.0 → 0.296.0

data/lib/dependabot/npm_and_yarn.rb

@@ -146,6 +146,10 @@ module Dependabot
     # if not package found with specified version
     YARN_PACKAGE_NOT_FOUND = /MessageError: Couldn't find any versions for "(?<pkg>.*?)" that matches "(?<ver>.*?)"/
 
+    YN0001_DEPS_RESOLUTION_FAILED = T.let({
+      DEPS_INCORRECT_MET: /peer dependencies are incorrectly met/
+    }.freeze, T::Hash[String, Regexp])
+
     YN0001_FILE_NOT_RESOLVED_CODES = T.let({
       FIND_PACKAGE_LOCATION: /YN0001:(.*?)UsageError: Couldn't find the (?<pkg>.*) state file/,
       NO_CANDIDATE_FOUND: /YN0001:(.*?)Error: (?<pkg>.*): No candidates found/,
@@ -165,6 +169,8 @@ module Dependabot
       REQUIREMENT_NOT_PROVIDED: /(?<dep>.*)(.*?)doesn't provide (?<pkg>.*)(.*?), requested by (?<parent>.*)/
     }.freeze, T::Hash[String, Regexp])
 
+    YN0086_DEPS_RESOLUTION_FAILED = /peer dependencies are incorrectly met/
+
     # registry returns malformed response
     REGISTRY_NOT_REACHABLE = /Received malformed response from registry for "(?<ver>.*)". The registry may be down./
 
@@ -227,6 +233,12 @@ module Dependabot
             end
           end
 
+          YN0001_DEPS_RESOLUTION_FAILED.each do |(_yn0001_key, yn0001_regex)|
+            if (msg = message.match(yn0001_regex))
+              return Dependabot::DependencyFileNotResolvable.new(msg)
+            end
+          end
+
           Dependabot::DependabotError.new(message)
         }
       },
@@ -351,6 +363,13 @@ module Dependabot
             Dependabot::DependencyNotFound.new(message)
           end
         }
+      },
+      "YN0086" => {
+        message: "deps resolution failed",
+        handler: lambda { |message, _error, _params|
+          msg = message.match(YN0086_DEPS_RESOLUTION_FAILED)
+          Dependabot::DependencyFileNotResolvable.new(msg || message)
+        }
       }
     }.freeze, T::Hash[String, {
       message: T.any(String, NilClass),

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-npm_and_yarn
 version: !ruby/object:Gem::Version
-  version: 0.294.0
+  version: 0.296.0
 platform: ruby
 authors:
 - Dependabot
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-01-23 00:00:00.000000000 Z
+date: 2025-02-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.294.0
+        version: 0.296.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.294.0
+        version: 0.296.0
 - !ruby/object:Gem::Dependency
   name: debug
   requirement: !ruby/object:Gem::Requirement
@@ -307,6 +307,7 @@ files:
 - helpers/test/yarn/updater.test.js
 - lib/dependabot/npm_and_yarn.rb
 - lib/dependabot/npm_and_yarn/bun_package_manager.rb
+- lib/dependabot/npm_and_yarn/constraint_helper.rb
 - lib/dependabot/npm_and_yarn/dependency_files_filterer.rb
 - lib/dependabot/npm_and_yarn/file_fetcher.rb
 - lib/dependabot/npm_and_yarn/file_fetcher/path_dependency_builder.rb
@@ -323,6 +324,7 @@ files:
 - lib/dependabot/npm_and_yarn/file_updater/package_json_preparer.rb
 - lib/dependabot/npm_and_yarn/file_updater/package_json_updater.rb
 - lib/dependabot/npm_and_yarn/file_updater/pnpm_lockfile_updater.rb
+- lib/dependabot/npm_and_yarn/file_updater/pnpm_workspace_updater.rb
 - lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb
 - lib/dependabot/npm_and_yarn/helpers.rb
 - lib/dependabot/npm_and_yarn/language.rb
@@ -354,7 +356,7 @@ licenses:
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.294.0
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.296.0
 post_install_message:
 rdoc_options: []
 require_paths: