dependabot-npm_and_yarn 0.322.0 → 0.322.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 488fd289f115af8e630da43e7f3bbfac216b7d3df3cfb0c9a15977c6f962fc54
|
|
4
|
+
data.tar.gz: 0ee19ced17a63790ee72987906b440808511235ab7de80edbd4c5c507b203cee
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f795b738773716b8c8fec85843ef1e45da6f8d6639dade1ab2fa74c3c9934dceb06aba23af11073f92a17716feec07da5f78f4d808452c639d968ab6c50f3ec0
|
|
7
|
+
data.tar.gz: f1351e33bccd4850928dbaa03c268b6bef43090d77046c86e4676ddc3d1cfd4bb86abc26dcbfc87c6a5e6bc44f0874b097607c55126867d94bb154a3f73f5b5e
|
|
@@ -74,15 +74,8 @@ module Dependabot
|
|
|
74
74
|
override.params(language_version: T.nilable(T.any(String, Dependabot::Version)))
|
|
75
75
|
.returns(T.nilable(Dependabot::Version))
|
|
76
76
|
end
|
|
77
|
-
def latest_version_with_no_unlock(language_version: nil)
|
|
78
|
-
|
|
79
|
-
return unless valid_npm_details?
|
|
80
|
-
return version_from_dist_tags&.version if specified_dist_tag_requirement?
|
|
81
|
-
|
|
82
|
-
releases = possible_releases
|
|
83
|
-
in_range_versions = filter_out_of_range_versions(releases)
|
|
84
|
-
in_range_versions.find { |r| !yanked_version?(r.version) }&.version
|
|
85
|
-
end
|
|
77
|
+
def latest_version_with_no_unlock(language_version: nil)
|
|
78
|
+
fetch_latest_version_with_no_unlock(language_version: language_version)
|
|
86
79
|
end
|
|
87
80
|
|
|
88
81
|
sig do
|
|
@@ -102,12 +95,13 @@ module Dependabot
|
|
|
102
95
|
with_custom_registry_rescue do
|
|
103
96
|
return unless valid_npm_details?
|
|
104
97
|
|
|
105
|
-
tag_release = version_from_dist_tags
|
|
98
|
+
tag_release = version_from_dist_tags(cooldown: true)
|
|
106
99
|
return tag_release.version if tag_release
|
|
107
100
|
|
|
108
101
|
return if specified_dist_tag_requirement?
|
|
109
102
|
|
|
110
|
-
|
|
103
|
+
filtered_releases = filter_by_cooldown(possible_releases)
|
|
104
|
+
filtered_releases.find { |r| !yanked_version?(r.version) }&.version
|
|
111
105
|
end
|
|
112
106
|
end
|
|
113
107
|
|
|
@@ -119,11 +113,11 @@ module Dependabot
|
|
|
119
113
|
def fetch_latest_version_with_no_unlock(language_version: nil) # rubocop:disable Lint/UnusedMethodArgument
|
|
120
114
|
with_custom_registry_rescue do
|
|
121
115
|
return unless valid_npm_details?
|
|
122
|
-
return version_from_dist_tags&.version if specified_dist_tag_requirement?
|
|
116
|
+
return version_from_dist_tags(cooldown: true)&.version if specified_dist_tag_requirement?
|
|
123
117
|
|
|
124
|
-
|
|
118
|
+
filtered_releases = filter_by_cooldown(possible_releases)
|
|
125
119
|
|
|
126
|
-
in_range_versions = filter_out_of_range_versions(
|
|
120
|
+
in_range_versions = filter_out_of_range_versions(filtered_releases)
|
|
127
121
|
in_range_versions.find { |r| !yanked_version?(r.version) }&.version
|
|
128
122
|
end
|
|
129
123
|
end
|
|
@@ -278,8 +272,11 @@ module Dependabot
|
|
|
278
272
|
!!package_details&.releases&.any?
|
|
279
273
|
end
|
|
280
274
|
|
|
281
|
-
sig
|
|
282
|
-
|
|
275
|
+
sig do
|
|
276
|
+
params(cooldown: T::Boolean)
|
|
277
|
+
.returns(T.nilable(Dependabot::Package::PackageRelease))
|
|
278
|
+
end
|
|
279
|
+
def version_from_dist_tags(cooldown: false) # rubocop:disable Metrics/PerceivedComplexity
|
|
283
280
|
dist_tags = package_details&.dist_tags
|
|
284
281
|
return nil unless dist_tags
|
|
285
282
|
|
|
@@ -290,7 +287,7 @@ module Dependabot
|
|
|
290
287
|
# For cooldown filtering, use filtered releases
|
|
291
288
|
releases = available_versions
|
|
292
289
|
|
|
293
|
-
releases = filter_by_cooldown(releases) if releases
|
|
290
|
+
releases = filter_by_cooldown(releases) if cooldown && releases
|
|
294
291
|
|
|
295
292
|
if dist_tag_req
|
|
296
293
|
release = find_dist_tag_release(dist_tag_req, releases)
|
|
@@ -303,7 +300,9 @@ module Dependabot
|
|
|
303
300
|
|
|
304
301
|
if wants_latest_dist_tag?(latest_version)
|
|
305
302
|
# Find the release object for this version, even if deprecated
|
|
306
|
-
|
|
303
|
+
releases = possible_previous_releases
|
|
304
|
+
releases = filter_by_cooldown(releases) if cooldown
|
|
305
|
+
return releases.find { |r| r.version == latest_version }
|
|
307
306
|
end
|
|
308
307
|
|
|
309
308
|
nil
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-npm_and_yarn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.322.
|
|
4
|
+
version: 0.322.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -15,14 +15,14 @@ dependencies:
|
|
|
15
15
|
requirements:
|
|
16
16
|
- - '='
|
|
17
17
|
- !ruby/object:Gem::Version
|
|
18
|
-
version: 0.322.
|
|
18
|
+
version: 0.322.2
|
|
19
19
|
type: :runtime
|
|
20
20
|
prerelease: false
|
|
21
21
|
version_requirements: !ruby/object:Gem::Requirement
|
|
22
22
|
requirements:
|
|
23
23
|
- - '='
|
|
24
24
|
- !ruby/object:Gem::Version
|
|
25
|
-
version: 0.322.
|
|
25
|
+
version: 0.322.2
|
|
26
26
|
- !ruby/object:Gem::Dependency
|
|
27
27
|
name: debug
|
|
28
28
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -356,7 +356,7 @@ licenses:
|
|
|
356
356
|
- MIT
|
|
357
357
|
metadata:
|
|
358
358
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
359
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.322.
|
|
359
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.322.2
|
|
360
360
|
rdoc_options: []
|
|
361
361
|
require_paths:
|
|
362
362
|
- lib
|