dependabot-npm_and_yarn 0.99.3 → 0.99.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/npm_and_yarn/file_updater/npm_lockfile_updater.rb +2 -2
- data/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb +2 -2
- data/lib/dependabot/npm_and_yarn/update_checker/latest_version_finder.rb +2 -3
- data/lib/dependabot/npm_and_yarn/update_checker/subdependency_version_resolver.rb +5 -5
- data/lib/dependabot/npm_and_yarn/update_checker/version_resolver.rb +5 -5
- metadata +6 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 78c9a8df79004b06110c76e9c99c03a9a440b0503605ed2842cd11f4b4eee27e
|
|
4
|
+
data.tar.gz: 3abb8a4869ae0b8f3aa7132d08357cf0f5f31e46c77f1dbd6f19eb87545e5bc4
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8e2e7a405f71da67b3d04551d268408fe75c99dbf11716d49356756605a3a9364b7d584b4558136e7366c5b62573d657ef648731a85fbd2255d8d38b8f84c1f6
|
|
7
|
+
data.tar.gz: d7a7dedaca735984480dbfbad459200fbfd587c3daf9ebfddfed9d497cc213e54d9b528c66b0999c4e692b7436d49043b9f37d0ed7ccfc4fc9352d7bd9362c48
|
|
@@ -37,8 +37,8 @@ module Dependabot
|
|
|
37
37
|
updated_content = updated_files.fetch(lockfile_name)
|
|
38
38
|
post_process_npm_lockfile(lockfile.content, updated_content)
|
|
39
39
|
end
|
|
40
|
-
rescue SharedHelpers::HelperSubprocessFailed =>
|
|
41
|
-
handle_npm_updater_error(
|
|
40
|
+
rescue SharedHelpers::HelperSubprocessFailed => e
|
|
41
|
+
handle_npm_updater_error(e, lockfile)
|
|
42
42
|
end
|
|
43
43
|
|
|
44
44
|
private
|
|
@@ -61,8 +61,8 @@ module Dependabot
|
|
|
61
61
|
)
|
|
62
62
|
updated_files.fetch(lockfile_name)
|
|
63
63
|
end
|
|
64
|
-
rescue SharedHelpers::HelperSubprocessFailed =>
|
|
65
|
-
handle_yarn_lock_updater_error(
|
|
64
|
+
rescue SharedHelpers::HelperSubprocessFailed => e
|
|
65
|
+
handle_yarn_lock_updater_error(e, yarn_lock)
|
|
66
66
|
end
|
|
67
67
|
|
|
68
68
|
def run_current_yarn_update(path:, lockfile_name:)
|
|
@@ -235,13 +235,12 @@ module Dependabot
|
|
|
235
235
|
|
|
236
236
|
check_npm_response(npm_response)
|
|
237
237
|
JSON.parse(npm_response.body)
|
|
238
|
-
rescue JSON::ParserError, Excon::Error::Timeout,
|
|
239
|
-
RegistryError => error
|
|
238
|
+
rescue JSON::ParserError, Excon::Error::Timeout, RegistryError => e
|
|
240
239
|
return if git_dependency?
|
|
241
240
|
|
|
242
241
|
retry_count ||= 0
|
|
243
242
|
retry_count += 1
|
|
244
|
-
raise_npm_details_error(
|
|
243
|
+
raise_npm_details_error(e) if retry_count > 2
|
|
245
244
|
sleep(rand(3.0..10.0)) && retry
|
|
246
245
|
end
|
|
247
246
|
end
|
|
@@ -93,12 +93,12 @@ module Dependabot
|
|
|
93
93
|
)
|
|
94
94
|
end
|
|
95
95
|
end
|
|
96
|
-
rescue SharedHelpers::HelperSubprocessFailed =>
|
|
96
|
+
rescue SharedHelpers::HelperSubprocessFailed => e
|
|
97
97
|
unfindable_str = "find package \"#{dependency.name}"
|
|
98
|
-
raise unless
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
98
|
+
raise unless e.message.include?("The registry may be down") ||
|
|
99
|
+
e.message.include?("ETIMEDOUT") ||
|
|
100
|
+
e.message.include?("ENOBUFS") ||
|
|
101
|
+
e.message.include?(unfindable_str)
|
|
102
102
|
|
|
103
103
|
retry_count ||= 0
|
|
104
104
|
retry_count += 1
|
|
@@ -186,14 +186,14 @@ module Dependabot
|
|
|
186
186
|
filtered_package_files.flat_map do |file|
|
|
187
187
|
path = Pathname.new(file.name).dirname
|
|
188
188
|
run_checker(path: path, version: version)
|
|
189
|
-
rescue SharedHelpers::HelperSubprocessFailed =>
|
|
189
|
+
rescue SharedHelpers::HelperSubprocessFailed => e
|
|
190
190
|
errors = []
|
|
191
|
-
if
|
|
192
|
-
|
|
191
|
+
if e.message.match?(NPM_PEER_DEP_ERROR_REGEX)
|
|
192
|
+
e.message.scan(NPM_PEER_DEP_ERROR_REGEX) do
|
|
193
193
|
errors << Regexp.last_match.named_captures
|
|
194
194
|
end
|
|
195
|
-
elsif
|
|
196
|
-
|
|
195
|
+
elsif e.message.match?(YARN_PEER_DEP_ERROR_REGEX)
|
|
196
|
+
e.message.scan(YARN_PEER_DEP_ERROR_REGEX) do
|
|
197
197
|
errors << Regexp.last_match.named_captures
|
|
198
198
|
end
|
|
199
199
|
else raise
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-npm_and_yarn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.99.
|
|
4
|
+
version: 0.99.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-04-
|
|
11
|
+
date: 2019-04-10 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.99.
|
|
19
|
+
version: 0.99.4
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.99.
|
|
26
|
+
version: 0.99.4
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -100,14 +100,14 @@ dependencies:
|
|
|
100
100
|
requirements:
|
|
101
101
|
- - "~>"
|
|
102
102
|
- !ruby/object:Gem::Version
|
|
103
|
-
version: 0.
|
|
103
|
+
version: 0.67.2
|
|
104
104
|
type: :development
|
|
105
105
|
prerelease: false
|
|
106
106
|
version_requirements: !ruby/object:Gem::Requirement
|
|
107
107
|
requirements:
|
|
108
108
|
- - "~>"
|
|
109
109
|
- !ruby/object:Gem::Version
|
|
110
|
-
version: 0.
|
|
110
|
+
version: 0.67.2
|
|
111
111
|
- !ruby/object:Gem::Dependency
|
|
112
112
|
name: vcr
|
|
113
113
|
requirement: !ruby/object:Gem::Requirement
|