dependabot-npm_and_yarn 0.352.0 → 0.354.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 98ce0e063f5bc785ca708abb36d56bc3e9784a22c6013d9040b84876fb0f2239
|
|
4
|
+
data.tar.gz: a17b204a222dc640eaa06d2de063aa14990a9465fd2acbc542799c1774383465
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 757c17e2b92858a08e460876b4872c67287059e7a847de36255d67decccc86a4912b4d8179fddc9dc97c20cc6c55fbec294fc58ac5627205f573adc62fb597e5
|
|
7
|
+
data.tar.gz: 6410fef7a8f5bc85ee274ff4ad15210132f995bb015cd6d9621d39fb440c3306511866d80f56a3ec9ec8a10025d3b6723d3dd42228dd012269f796c44cd8f59b
|
|
@@ -351,6 +351,7 @@ module Dependabot
|
|
|
351
351
|
end
|
|
352
352
|
|
|
353
353
|
# rubocop:disable Metrics/PerceivedComplexity
|
|
354
|
+
# rubocop:disable Metrics/MethodLength
|
|
354
355
|
sig { params(fetched_files: T::Array[DependencyFile]).returns(T::Array[DependencyFile]) }
|
|
355
356
|
def path_dependencies(fetched_files) # rubocop:disable Metrics/AbcSize
|
|
356
357
|
package_json_files = T.let([], T::Array[DependencyFile])
|
|
@@ -381,6 +382,13 @@ module Dependabot
|
|
|
381
382
|
next
|
|
382
383
|
end
|
|
383
384
|
|
|
385
|
+
if dependency_ignored?(name)
|
|
386
|
+
Dependabot.logger.info(
|
|
387
|
+
"Ignored local path dependency '#{cleaned_name}' for package '#{name}' as it matches the ignore list."
|
|
388
|
+
)
|
|
389
|
+
next
|
|
390
|
+
end
|
|
391
|
+
|
|
384
392
|
begin
|
|
385
393
|
file = fetch_file_from_host(filename, fetch_submodules: true)
|
|
386
394
|
package_json_files << file
|
|
@@ -400,6 +408,7 @@ module Dependabot
|
|
|
400
408
|
package_json_files.tap { |fs| fs.each { |f| f.support_file = true } }
|
|
401
409
|
end
|
|
402
410
|
# rubocop:enable Metrics/PerceivedComplexity
|
|
411
|
+
# rubocop:enable Metrics/MethodLength
|
|
403
412
|
|
|
404
413
|
sig { params(fetched_files: T::Array[DependencyFile]).returns(T::Array[[String, String]]) }
|
|
405
414
|
def path_dependency_details(fetched_files)
|
|
@@ -683,7 +692,19 @@ module Dependabot
|
|
|
683
692
|
def build_unfetchable_deps(unfetchable_deps)
|
|
684
693
|
return [] unless package_lock || yarn_lock
|
|
685
694
|
|
|
686
|
-
unfetchable_deps.
|
|
695
|
+
filtered_deps = unfetchable_deps.reject do |name, _path|
|
|
696
|
+
# Skip ignored dependencies
|
|
697
|
+
if dependency_ignored?(name)
|
|
698
|
+
Dependabot.logger.info(
|
|
699
|
+
"Ignored unfetchable path dependency '#{name}' as it matches the ignore list."
|
|
700
|
+
)
|
|
701
|
+
true
|
|
702
|
+
else
|
|
703
|
+
false
|
|
704
|
+
end
|
|
705
|
+
end
|
|
706
|
+
|
|
707
|
+
filtered_deps.map do |name, path|
|
|
687
708
|
PathDependencyBuilder.new(
|
|
688
709
|
dependency_name: name,
|
|
689
710
|
path: path,
|
|
@@ -44,10 +44,10 @@ module Dependabot
|
|
|
44
44
|
registry = registry_info[:registry]
|
|
45
45
|
registry = "https://#{T.must(registry)}" unless T.must(registry).start_with?("http://", "https://")
|
|
46
46
|
env_variables[COREPACK_NPM_REGISTRY_ENV] = registry
|
|
47
|
+
env_variables[REGISTRY_KEY] = registry
|
|
47
48
|
end
|
|
48
49
|
|
|
49
|
-
|
|
50
|
-
# The token should be configured in .npmrc for security
|
|
50
|
+
env_variables[COREPACK_NPM_TOKEN_ENV] = registry_info[:auth_token] if registry_info[:auth_token]
|
|
51
51
|
|
|
52
52
|
env_variables
|
|
53
53
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-npm_and_yarn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.354.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -15,14 +15,14 @@ dependencies:
|
|
|
15
15
|
requirements:
|
|
16
16
|
- - '='
|
|
17
17
|
- !ruby/object:Gem::Version
|
|
18
|
-
version: 0.
|
|
18
|
+
version: 0.354.0
|
|
19
19
|
type: :runtime
|
|
20
20
|
prerelease: false
|
|
21
21
|
version_requirements: !ruby/object:Gem::Requirement
|
|
22
22
|
requirements:
|
|
23
23
|
- - '='
|
|
24
24
|
- !ruby/object:Gem::Version
|
|
25
|
-
version: 0.
|
|
25
|
+
version: 0.354.0
|
|
26
26
|
- !ruby/object:Gem::Dependency
|
|
27
27
|
name: debug
|
|
28
28
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -361,7 +361,7 @@ licenses:
|
|
|
361
361
|
- MIT
|
|
362
362
|
metadata:
|
|
363
363
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
364
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
364
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.354.0
|
|
365
365
|
rdoc_options: []
|
|
366
366
|
require_paths:
|
|
367
367
|
- lib
|