dependabot-npm_and_yarn 0.340.0 → 0.341.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: bacfbeb07bfb9e2dbb396915b44c9974a7dfe469dfcc43e921a99a6dba959a5c
|
|
4
|
+
data.tar.gz: 8c404ef21a85fd8cc452f420093061e3c2a6ab399651eb32210f746fb2fe3e1b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 5c8cfec9813f86d2cdc006ed7e6c6e6f5223bf2b4fcc2dd6f0e43733adccf84bd59adc4cee3d3ef1c565c24e60c257925884fcfc2d867e9d3bb919d4a0d545fc
|
|
7
|
+
data.tar.gz: 4a9b329efe9659705888b71088d7a9f0f23c8af90a4aa7eca858e859904be5fb6fe9f998292b054867dc325cd232b8b248c91fccdcfa017520ced4075512a5fe
|
|
@@ -85,7 +85,8 @@ module Dependabot
|
|
|
85
85
|
|
|
86
86
|
sig { params(lockfile: DependencyFile).returns(T::Boolean) }
|
|
87
87
|
def workspaces_lockfile?(lockfile)
|
|
88
|
-
return false unless ["yarn.lock", "package-lock.json", "pnpm-lock.yaml", "bun.lock"]
|
|
88
|
+
return false unless ["yarn.lock", "package-lock.json", "pnpm-lock.yaml", "bun.lock", "npm-shrinkwrap.json"]
|
|
89
|
+
.include?(lockfile.name)
|
|
89
90
|
|
|
90
91
|
return false unless parsed_root_package_json["workspaces"] || dependency_files.any? do |file|
|
|
91
92
|
file.name.end_with?("pnpm-workspace.yaml") && File.dirname(file.name) == File.dirname(lockfile.name)
|
|
@@ -36,20 +36,6 @@ module Dependabot
|
|
|
36
36
|
end
|
|
37
37
|
end
|
|
38
38
|
|
|
39
|
-
sig { override.returns(T::Array[Regexp]) }
|
|
40
|
-
def self.updated_files_regex
|
|
41
|
-
[
|
|
42
|
-
%r{^(?:.*/)?package\.json$},
|
|
43
|
-
%r{^(?:.*/)?package-lock\.json$},
|
|
44
|
-
%r{^(?:.*/)?npm-shrinkwrap\.json$},
|
|
45
|
-
%r{^(?:.*/)?yarn\.lock$},
|
|
46
|
-
%r{^(?:.*/)?pnpm-lock\.yaml$},
|
|
47
|
-
%r{^(?:.*/)?pnpm-workspace\.yaml$},
|
|
48
|
-
%r{^(?:.*/)?\.yarn/.*}, # Matches any file within the .yarn/ directory
|
|
49
|
-
%r{^(?:.*/)?\.pnp\.(?:js|cjs)$} # Matches .pnp.js or .pnp.cjs files
|
|
50
|
-
]
|
|
51
|
-
end
|
|
52
|
-
|
|
53
39
|
sig { override.returns(T::Array[DependencyFile]) }
|
|
54
40
|
def updated_dependency_files
|
|
55
41
|
updated_files = T.let([], T::Array[DependencyFile])
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-npm_and_yarn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.341.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -15,14 +15,14 @@ dependencies:
|
|
|
15
15
|
requirements:
|
|
16
16
|
- - '='
|
|
17
17
|
- !ruby/object:Gem::Version
|
|
18
|
-
version: 0.
|
|
18
|
+
version: 0.341.0
|
|
19
19
|
type: :runtime
|
|
20
20
|
prerelease: false
|
|
21
21
|
version_requirements: !ruby/object:Gem::Requirement
|
|
22
22
|
requirements:
|
|
23
23
|
- - '='
|
|
24
24
|
- !ruby/object:Gem::Version
|
|
25
|
-
version: 0.
|
|
25
|
+
version: 0.341.0
|
|
26
26
|
- !ruby/object:Gem::Dependency
|
|
27
27
|
name: debug
|
|
28
28
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -362,7 +362,7 @@ licenses:
|
|
|
362
362
|
- MIT
|
|
363
363
|
metadata:
|
|
364
364
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
365
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
365
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.341.0
|
|
366
366
|
rdoc_options: []
|
|
367
367
|
require_paths:
|
|
368
368
|
- lib
|