dependabot-npm_and_yarn 0.98.45 → 0.98.46
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/npm_and_yarn/file_updater/npmrc_builder.rb +12 -7
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 5a958491b70aae36d9ca054c9f6d593f5d432e0fac36869525f57ab440785fc9
|
4
|
+
data.tar.gz: 35fbab926d71a74daeecdb60ffadc04cfc3d294a1a304f3716d48cd69243894b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f587105c6a8623c7df301277e2589f2bde453b4fc73d658883fc770a0335ec7f6e35f3dafeb81a4bcdc282cdcee37f3ac88cf9266502f3641b570e728be79666
|
7
|
+
data.tar.gz: 21c53d2207a905e3895252341cda0c2f51a9b11718a87e20a0d46fbce3f4586b36c4df16a5d90d46e035293cbe2ac43b891d2ace4b74f805a51d9de5aa9c7b6e
|
@@ -40,7 +40,7 @@ module Dependabot
|
|
40
40
|
return unless global_registry
|
41
41
|
|
42
42
|
"registry = https://#{global_registry['registry']}\n"\
|
43
|
-
"#{global_registry_auth_line}
|
43
|
+
"#{global_registry_auth_line}"\
|
44
44
|
"always-auth = true"
|
45
45
|
end
|
46
46
|
|
@@ -62,16 +62,17 @@ module Dependabot
|
|
62
62
|
end
|
63
63
|
|
64
64
|
def global_registry_auth_line
|
65
|
-
token = global_registry.fetch("token")
|
65
|
+
token = global_registry.fetch("token", nil)
|
66
|
+
return "" unless token
|
66
67
|
|
67
68
|
if token.include?(":")
|
68
69
|
encoded_token = Base64.encode64(token).delete("\n")
|
69
|
-
"_auth = #{encoded_token}"
|
70
|
+
"_auth = #{encoded_token}\n"
|
70
71
|
elsif Base64.decode64(token).ascii_only? &&
|
71
72
|
Base64.decode64(token).include?(":")
|
72
|
-
"_auth = #{token.delete("\n")}"
|
73
|
+
"_auth = #{token.delete("\n")}\n"
|
73
74
|
else
|
74
|
-
"_authToken = #{token}"
|
75
|
+
"_authToken = #{token}\n"
|
75
76
|
end
|
76
77
|
end
|
77
78
|
|
@@ -94,7 +95,7 @@ module Dependabot
|
|
94
95
|
|
95
96
|
initial_content +
|
96
97
|
"registry = https://#{global_registry['registry']}\n"\
|
97
|
-
"#{global_registry_auth_line}
|
98
|
+
"#{global_registry_auth_line}"\
|
98
99
|
"always-auth = true\n"
|
99
100
|
end
|
100
101
|
|
@@ -112,6 +113,7 @@ module Dependabot
|
|
112
113
|
build_npmrc_content_from_lockfile
|
113
114
|
end
|
114
115
|
|
116
|
+
# rubocop:disable Metrics/PerceivedComplexity
|
115
117
|
def credential_lines_for_npmrc
|
116
118
|
lines = []
|
117
119
|
registry_credentials.each do |cred|
|
@@ -119,7 +121,9 @@ module Dependabot
|
|
119
121
|
|
120
122
|
lines << registry_scope(registry) if registry_scope(registry)
|
121
123
|
|
122
|
-
token = cred.fetch("token")
|
124
|
+
token = cred.fetch("token", nil)
|
125
|
+
next unless token
|
126
|
+
|
123
127
|
if token.include?(":")
|
124
128
|
encoded_token = Base64.encode64(token).delete("\n")
|
125
129
|
lines << "//#{registry}:_auth=#{encoded_token}"
|
@@ -136,6 +140,7 @@ module Dependabot
|
|
136
140
|
# Work around a suspected yarn bug
|
137
141
|
["always-auth = true"] + lines
|
138
142
|
end
|
143
|
+
# rubocop:enable Metrics/PerceivedComplexity
|
139
144
|
|
140
145
|
def registry_scope(registry)
|
141
146
|
# Central registries don't just apply to scopes
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-npm_and_yarn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.98.
|
4
|
+
version: 0.98.46
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.98.
|
19
|
+
version: 0.98.46
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.98.
|
26
|
+
version: 0.98.46
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: byebug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|