dependabot-npm_and_yarn 0.296.3 → 0.297.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/npm_and_yarn/file_parser/pnpm_lock.rb +0 -31
  3. data/lib/dependabot/npm_and_yarn/file_updater/pnpm_lockfile_updater.rb +4 -11
  4. data/lib/dependabot/npm_and_yarn/file_updater.rb +1 -1
  5. metadata +5 -5
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 56f7eddcbd18308f0a86bac274e0df81afa396afa8f605f2c9a637d811f3b4ca
4
- data.tar.gz: 2c5c93c19f6e5ec444e84c9074cbf4e442df58bb17304b5a7971ee8483d6237c
3
+ metadata.gz: 3862fc25d8f44cc776d39560672c0ff2762a21aaef35b0a2087f32f18222f13a
4
+ data.tar.gz: c88b7b6c38d6a5dd123360c54390f782af91b72eedbab7475fdad5b1a07c8afd
5
5
  SHA512:
6
- metadata.gz: 5a9f09604b9daa2cdc42b6977d89873be5ca321e91b001dc583ca7428710c577eb6f64649ddb2bf74f3973d6f5d142e58ac9ccbaae6f5a0d02c02534e212c7e9
7
- data.tar.gz: d56564a4f06e2f6dc8410bfc10c160d266859f0227d48348dd69d950440d0cc542967cb3c3c5dc45f552e61b5682f76e66d9206d4b2ab617217ea09a4fa1f9cd
6
+ metadata.gz: 44c09dffc1a392ba6c8ab10df7c3242043ca66878821fef5ca4ca6e4ffd4f17b7f220586d9fc68e4aaca97b93edcd4a740211ad31f9dfc55e8983593f4761a4f
7
+ data.tar.gz: dbfb94d2ea4d1a9afb23054ac0b997b8a5a1741286c0077d8425236ed87a86bf3916fc7f038e91d19217d344348df8c822b4a1593040b528fd1c3a13c04bc9e8
data/lib/dependabot/npm_and_yarn/file_parser/pnpm_lock.rb CHANGED
@@ -26,37 +26,6 @@ module Dependabot
26
26
  end
27
27
 
28
28
  def dependencies
29
- if Dependabot::Experiments.enabled?(:enable_fix_for_pnpm_no_change_error)
30
- return dependencies_with_prioritization
31
- end
32
-
33
- dependency_set = Dependabot::FileParsers::Base::DependencySet.new
34
-
35
- parsed.each do |details|
36
- next if details["aliased"]
37
-
38
- name = details["name"]
39
- version = details["version"]
40
-
41
- dependency_args = {
42
- name: name,
43
- version: version,
44
- package_manager: "npm_and_yarn",
45
- requirements: []
46
- }
47
-
48
- if details["dev"]
49
- dependency_args[:subdependency_metadata] =
50
- [{ production: !details["dev"] }]
51
- end
52
-
53
- dependency_set << Dependency.new(**dependency_args)
54
- end
55
-
56
- dependency_set
57
- end
58
-
59
- def dependencies_with_prioritization
60
29
  dependency_set = Dependabot::FileParsers::Base::DependencySet.new
61
30
 
62
31
  # Separate dependencies into two categories: with specifiers and without specifiers.
data/lib/dependabot/npm_and_yarn/file_updater/pnpm_lockfile_updater.rb CHANGED
@@ -127,17 +127,10 @@ module Dependabot
127
127
  "#{d.name}@#{d.version}"
128
128
  end.join(" ")
129
129
 
130
- if Dependabot::Experiments.enabled?(:enable_fix_for_pnpm_no_change_error)
131
- Helpers.run_pnpm_command(
132
- "update #{dependency_updates} --lockfile-only --no-save -r",
133
- fingerprint: "update <dependency_updates> --lockfile-only --no-save -r"
134
- )
135
- else
136
- Helpers.run_pnpm_command(
137
- "install #{dependency_updates} --lockfile-only --ignore-workspace-root-check",
138
- fingerprint: "install <dependency_updates> --lockfile-only --ignore-workspace-root-check"
139
- )
140
- end
130
+ Helpers.run_pnpm_command(
131
+ "update #{dependency_updates} --lockfile-only --no-save -r",
132
+ fingerprint: "update <dependency_updates> --lockfile-only --no-save -r"
133
+ )
141
134
  end
142
135
 
143
136
  def run_pnpm_install
data/lib/dependabot/npm_and_yarn/file_updater.rb CHANGED
@@ -62,7 +62,7 @@ module Dependabot
62
62
  end
63
63
 
64
64
  if updated_files.none?
65
- if Dependabot::Experiments.enabled?(:enable_fix_for_pnpm_no_change_error) && original_pnpm_locks.any?
65
+ if original_pnpm_locks.any?
66
66
  raise_tool_not_supported_for_pnpm_if_transitive
67
67
  raise_miss_configured_tooling_if_pnpm_subdirectory
68
68
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-npm_and_yarn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.296.3
4
+ version: 0.297.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2025-02-12 00:00:00.000000000 Z
11
+ date: 2025-02-19 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.296.3
19
+ version: 0.297.1
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.296.3
26
+ version: 0.297.1
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -356,7 +356,7 @@ licenses:
356
356
  - MIT
357
357
  metadata:
358
358
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
359
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.296.3
359
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.297.1
360
360
  post_install_message:
361
361
  rdoc_options: []
362
362
  require_paths: