dependabot-npm_and_yarn 0.297.0 → 0.297.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/npm_and_yarn/file_parser/pnpm_lock.rb +0 -31
  3. data/lib/dependabot/npm_and_yarn/file_updater/pnpm_lockfile_updater.rb +4 -11
  4. data/lib/dependabot/npm_and_yarn/file_updater.rb +1 -1
  5. metadata +5 -5
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: db692ebc45a4eb2613ef8b07ea99296182eaa0dccefb00cb63f58dc04cea8583
4
- data.tar.gz: 5f1eed80cd80760f98764264e3e1b28f6268c17455e7c362a00d5ab881d8840f
3
+ metadata.gz: 3862fc25d8f44cc776d39560672c0ff2762a21aaef35b0a2087f32f18222f13a
4
+ data.tar.gz: c88b7b6c38d6a5dd123360c54390f782af91b72eedbab7475fdad5b1a07c8afd
5
5
  SHA512:
6
- metadata.gz: dfdf08ab0edc80277c21fd5836a53cf0c49468f8222bd615c41f3eb04ab5930df2f8ce0e5af2f8abee714dd5adfe3fba7efd636afa5918d4caf20d9ef248708e
7
- data.tar.gz: a918c8ab92b805ff7e89a7b6bd674ddf693ba655bf3540a472b62c7162eacd16995d644d69c87e4e10006bbc2359fe93140670a64942e9374240962e4ff65aae
6
+ metadata.gz: 44c09dffc1a392ba6c8ab10df7c3242043ca66878821fef5ca4ca6e4ffd4f17b7f220586d9fc68e4aaca97b93edcd4a740211ad31f9dfc55e8983593f4761a4f
7
+ data.tar.gz: dbfb94d2ea4d1a9afb23054ac0b997b8a5a1741286c0077d8425236ed87a86bf3916fc7f038e91d19217d344348df8c822b4a1593040b528fd1c3a13c04bc9e8
data/lib/dependabot/npm_and_yarn/file_parser/pnpm_lock.rb CHANGED
@@ -26,37 +26,6 @@ module Dependabot
26
26
  end
27
27
 
28
28
  def dependencies
29
- if Dependabot::Experiments.enabled?(:enable_fix_for_pnpm_no_change_error)
30
- return dependencies_with_prioritization
31
- end
32
-
33
- dependency_set = Dependabot::FileParsers::Base::DependencySet.new
34
-
35
- parsed.each do |details|
36
- next if details["aliased"]
37
-
38
- name = details["name"]
39
- version = details["version"]
40
-
41
- dependency_args = {
42
- name: name,
43
- version: version,
44
- package_manager: "npm_and_yarn",
45
- requirements: []
46
- }
47
-
48
- if details["dev"]
49
- dependency_args[:subdependency_metadata] =
50
- [{ production: !details["dev"] }]
51
- end
52
-
53
- dependency_set << Dependency.new(**dependency_args)
54
- end
55
-
56
- dependency_set
57
- end
58
-
59
- def dependencies_with_prioritization
60
29
  dependency_set = Dependabot::FileParsers::Base::DependencySet.new
61
30
 
62
31
  # Separate dependencies into two categories: with specifiers and without specifiers.
data/lib/dependabot/npm_and_yarn/file_updater/pnpm_lockfile_updater.rb CHANGED
@@ -127,17 +127,10 @@ module Dependabot
127
127
  "#{d.name}@#{d.version}"
128
128
  end.join(" ")
129
129
 
130
- if Dependabot::Experiments.enabled?(:enable_fix_for_pnpm_no_change_error)
131
- Helpers.run_pnpm_command(
132
- "update #{dependency_updates} --lockfile-only --no-save -r",
133
- fingerprint: "update <dependency_updates> --lockfile-only --no-save -r"
134
- )
135
- else
136
- Helpers.run_pnpm_command(
137
- "install #{dependency_updates} --lockfile-only --ignore-workspace-root-check",
138
- fingerprint: "install <dependency_updates> --lockfile-only --ignore-workspace-root-check"
139
- )
140
- end
130
+ Helpers.run_pnpm_command(
131
+ "update #{dependency_updates} --lockfile-only --no-save -r",
132
+ fingerprint: "update <dependency_updates> --lockfile-only --no-save -r"
133
+ )
141
134
  end
142
135
 
143
136
  def run_pnpm_install
data/lib/dependabot/npm_and_yarn/file_updater.rb CHANGED
@@ -62,7 +62,7 @@ module Dependabot
62
62
  end
63
63
 
64
64
  if updated_files.none?
65
- if Dependabot::Experiments.enabled?(:enable_fix_for_pnpm_no_change_error) && original_pnpm_locks.any?
65
+ if original_pnpm_locks.any?
66
66
  raise_tool_not_supported_for_pnpm_if_transitive
67
67
  raise_miss_configured_tooling_if_pnpm_subdirectory
68
68
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-npm_and_yarn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.297.0
4
+ version: 0.297.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2025-02-13 00:00:00.000000000 Z
11
+ date: 2025-02-19 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.297.0
19
+ version: 0.297.1
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.297.0
26
+ version: 0.297.1
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -356,7 +356,7 @@ licenses:
356
356
  - MIT
357
357
  metadata:
358
358
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
359
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.297.0
359
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.297.1
360
360
  post_install_message:
361
361
  rdoc_options: []
362
362
  require_paths: