dependabot-npm_and_yarn 0.314.0 → 0.316.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/helpers/package-lock.json +7 -6
  3. data/lib/dependabot/npm_and_yarn/file_fetcher.rb +1 -3
  4. data/lib/dependabot/npm_and_yarn/update_checker.rb +0 -2
  5. metadata +8 -8
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b83ea61f28c9a2d5162838b41afb235d627aaa8335a0c1e5886db0ee388c0638
4
- data.tar.gz: 3a3af8e6f177c26c51a05e1eedfecdc4971700fd5426deb3113cb231185427a6
3
+ metadata.gz: 16d535e031cc2fc4f3f59ad9aee85bce716260d41b76096d57a53c78090a9899
4
+ data.tar.gz: 3538d93dbc952b9773f9bfa9e8a3e8c9038d94f794d624a18d94ab0d92e9a03f
5
5
  SHA512:
6
- metadata.gz: a573a8f3f839eaaaa181e207d0d97ccdbbdc04372d3c0236b8e5c5069de3ed6ce7e7b7758e0e10f4bb843ea6ec47f1b6fb6b7550904e16273b7b96f037505fc1
7
- data.tar.gz: ededfb51eac747c81727d168a509505aaf2422b02a6749458425ca132b68075766967b161fcd4b54f50c073771675bb409311be0db7a8ec2e85837a15aa72728
6
+ metadata.gz: 784c403b64d93d0d4896007a3290cc6c0ba9c51e1ffa214ad8ad3a81736a1e2d478b346b403791e6127bed4005ada004894a431c1dd3b81ca7cbdb83b73ea92a
7
+ data.tar.gz: 76681332af9e4306942f6002bdaa6ff50fa3652e62e271a9b47043e3bc4e7c65c75d10b39e035b4a357185c3a15d24dd6f0f51b7378a6aa71ca3ca72e9c16b0a
data/helpers/package-lock.json CHANGED
@@ -15674,9 +15674,10 @@
15674
15674
  }
15675
15675
  },
15676
15676
  "node_modules/tar-fs": {
15677
- "version": "1.16.3",
15678
- "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-1.16.3.tgz",
15679
- "integrity": "sha512-NvCeXpYx7OsmOh8zIOP/ebG55zZmxLE0etfWRbWok+q2Qo8x/vOR/IJT1taADXPe+jsiu9axDb3X4B+iIgNlKw==",
15677
+ "version": "1.16.5",
15678
+ "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-1.16.5.tgz",
15679
+ "integrity": "sha512-1ergVCCysmwHQNrOS+Pjm4DQ4nrGp43+Xnu4MRGjCnQu/m3hEgLNS78d5z+B8OJ1hN5EejJdCSFZE1oM6AQXAQ==",
15680
+ "license": "MIT",
15680
15681
  "dependencies": {
15681
15682
  "chownr": "^1.0.1",
15682
15683
  "mkdirp": "^0.5.1",
@@ -28050,9 +28051,9 @@
28050
28051
  }
28051
28052
  },
28052
28053
  "tar-fs": {
28053
- "version": "1.16.3",
28054
- "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-1.16.3.tgz",
28055
- "integrity": "sha512-NvCeXpYx7OsmOh8zIOP/ebG55zZmxLE0etfWRbWok+q2Qo8x/vOR/IJT1taADXPe+jsiu9axDb3X4B+iIgNlKw==",
28054
+ "version": "1.16.5",
28055
+ "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-1.16.5.tgz",
28056
+ "integrity": "sha512-1ergVCCysmwHQNrOS+Pjm4DQ4nrGp43+Xnu4MRGjCnQu/m3hEgLNS78d5z+B8OJ1hN5EejJdCSFZE1oM6AQXAQ==",
28056
28057
  "requires": {
28057
28058
  "chownr": "^1.0.1",
28058
28059
  "mkdirp": "^0.5.1",
data/lib/dependabot/npm_and_yarn/file_fetcher.rb CHANGED
@@ -339,14 +339,12 @@ module Dependabot
339
339
  return @pnpm_workspace_yaml if defined?(@pnpm_workspace_yaml)
340
340
 
341
341
  @pnpm_workspace_yaml = T.let(
342
- fetch_support_file(PNPMPackageManager::PNPM_WS_YML_FILENAME),
342
+ fetch_file_if_present(PNPMPackageManager::PNPM_WS_YML_FILENAME),
343
343
  T.nilable(DependencyFile)
344
344
  )
345
345
 
346
346
  # Only fetch from parent directories if the file wasn't found initially
347
347
  @pnpm_workspace_yaml ||= fetch_file_from_parent_directories(PNPMPackageManager::PNPM_WS_YML_FILENAME)
348
-
349
- @pnpm_workspace_yaml
350
348
  end
351
349
 
352
350
  sig { returns(T.nilable(DependencyFile)) }
data/lib/dependabot/npm_and_yarn/update_checker.rb CHANGED
@@ -1,8 +1,6 @@
1
1
  # typed: strict
2
2
  # frozen_string_literal: true
3
3
 
4
- require "set"
5
-
6
4
  require "dependabot/git_commit_checker"
7
5
  require "dependabot/requirements_update_strategy"
8
6
  require "dependabot/shared_helpers"
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-npm_and_yarn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.314.0
4
+ version: 0.316.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  bindir: bin
9
9
  cert_chain: []
10
- date: 2025-05-22 00:00:00.000000000 Z
10
+ date: 1980-01-02 00:00:00.000000000 Z
11
11
  dependencies:
12
12
  - !ruby/object:Gem::Dependency
13
13
  name: dependabot-common
@@ -15,14 +15,14 @@ dependencies:
15
15
  requirements:
16
16
  - - '='
17
17
  - !ruby/object:Gem::Version
18
- version: 0.314.0
18
+ version: 0.316.0
19
19
  type: :runtime
20
20
  prerelease: false
21
21
  version_requirements: !ruby/object:Gem::Requirement
22
22
  requirements:
23
23
  - - '='
24
24
  - !ruby/object:Gem::Version
25
- version: 0.314.0
25
+ version: 0.316.0
26
26
  - !ruby/object:Gem::Dependency
27
27
  name: debug
28
28
  requirement: !ruby/object:Gem::Requirement
@@ -356,7 +356,7 @@ licenses:
356
356
  - MIT
357
357
  metadata:
358
358
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
359
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.314.0
359
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.316.0
360
360
  rdoc_options: []
361
361
  require_paths:
362
362
  - lib
@@ -364,14 +364,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
364
364
  requirements:
365
365
  - - ">="
366
366
  - !ruby/object:Gem::Version
367
- version: 3.1.0
367
+ version: 3.3.0
368
368
  required_rubygems_version: !ruby/object:Gem::Requirement
369
369
  requirements:
370
370
  - - ">="
371
371
  - !ruby/object:Gem::Version
372
- version: 3.1.0
372
+ version: 3.3.0
373
373
  requirements: []
374
- rubygems_version: 3.6.3
374
+ rubygems_version: 3.6.9
375
375
  specification_version: 4
376
376
  summary: Provides Dependabot support for Javascript (npm and yarn)
377
377
  test_files: []