dependabot-npm_and_yarn 0.111.37 → 0.111.38

Sign up to get free protection for your applications and to get access to all the features.
Files changed (3) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/npm_and_yarn/file_parser.rb +9 -8
  3. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f30dbfdf26399c943c9f1b0bb67dd2163ca07becd0daff092d6dee01ff59df72
4
- data.tar.gz: e3e8b240bd7d347c6d1d0354ce4b76b840380c6619897df220ed8800d047314a
3
+ metadata.gz: 6b6ecffa06bdfd737a3431994beb6533dc9c768acc4ea0e19a7c5989da1c2b41
4
+ data.tar.gz: 654134bf4ee9058b17d5d96a9f782fcd55b311c455758f3e1f80609df5806ff4
5
5
  SHA512:
6
- metadata.gz: 45cac958df5db965b2eff0a7b7d7483a389a6e37c1d487ff106f9318c5d47f5dd5cc8b5b3a1315994ebdc1a0c8dd8219da75b01b0ff8479f9e8f53437f457bd2
7
- data.tar.gz: 7e8b02b9784e7c7b803fa1760b11f322829a72e9db56f514999a63a0b09d73fc7bc42d109dc464a9d386750915b62564ba5c784b4e50001b34f3ffdd9b2e563d
6
+ metadata.gz: be49cf210cb5bf05d2a20a2e412e51d5e93614fc9893cb1cb240d356566cd5414803143923600f7b40c0e8343c48178328ea0d8069e9da4d06f5850847dc2652
7
+ data.tar.gz: 8939801d668406c3a8c30e298b503e667510c411c65e23ec297d500a25d8d0d19deb49c00fbb0c58e07a8fc83e36faee1e103a44cfa5c13a5e0dd233c1b9c141
data/lib/dependabot/npm_and_yarn/file_parser.rb CHANGED
@@ -177,17 +177,18 @@ module Dependabot
177
177
  requirement: requirement,
178
178
  manifest_name: manifest_name
179
179
  )
180
- lock_version = lockfile_details&.fetch("version", nil)
181
- lock_res = lockfile_details&.fetch("resolved", nil)
182
180
 
183
- return lock_version.split("#").last if lock_version&.include?("#")
184
- return lock_res.split("#").last if lock_res&.include?("#")
181
+ [
182
+ lockfile_details&.fetch("version", nil)&.split("#")&.last,
183
+ lockfile_details&.fetch("resolved", nil)&.split("#")&.last,
184
+ lockfile_details&.fetch("resolved", nil)&.split("/")&.last
185
+ ].find { |str| commit_sha?(str) }
186
+ end
185
187
 
186
- if lock_res && lock_res.split("/").last.match?(/^[0-9a-f]{40}$/)
187
- return lock_res.split("/").last
188
- end
188
+ def commit_sha?(string)
189
+ return false unless string.is_a?(String)
189
190
 
190
- nil
191
+ string.match?(/^[0-9a-f]{40}$/)
191
192
  end
192
193
 
193
194
  def version_from_git_revision(requirement, git_revision)
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-npm_and_yarn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.111.37
4
+ version: 0.111.38
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-07-28 00:00:00.000000000 Z
11
+ date: 2019-07-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.111.37
19
+ version: 0.111.38
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.111.37
26
+ version: 0.111.38
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement