dependabot-npm_and_yarn 0.119.3 → 0.119.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2340984d63e9e3857a9e46bf2c2fa48c95909b054a05360fdb886967801e0b2c
-  data.tar.gz: 132deb9d358b3b7954c29fd3e740ec733a90fd9667f09e5486b34f6a17c8a9ee
+  metadata.gz: ef2adfce3682f36c0240bcdf876235f4f5d3c62a8e6ee4d1117471ab92de8dd2
+  data.tar.gz: a43a079c74eb3032fc878680b011995424311d67f8b748cafcb97505e8f923a9
 SHA512:
-  metadata.gz: 2a2677b777e682fee09368e516f11e36aed89a0ac8dec28f966f193392eef8adf1f8b78e9679a195ce62c897093d6b6dd4ccb19c70280d77e85035c46ea2ab5d
-  data.tar.gz: a27d191b48036f2abfe5904a5f2caf28686017fd4afa3b695a2671b1080310534d69e7a0f43dc9d124668999d6239d42a0ff64444c1aac619f618c744d898ca1
+  metadata.gz: 549602f8438cf4ad4520acce0fd311b3208c0ec756804c874ca74b5babe6a1e4426ec7eebc43206850cb7d9d8bebc40e7b6c2dc8cd5c76df29158a9815eb5857
+  data.tar.gz: 02bbe98a9b1461ae3f25abc2108fd1b8a8ba7cc6fdcf6e0e5c13ee8f359a5f361dd747f5b14f42d41c78312d3c03267abe125a8784e68bdeb2ccf8a70f268704

data/lib/dependabot/npm_and_yarn/file_fetcher.rb

@@ -31,7 +31,6 @@ module Dependabot
 
       private
 
-      # rubocop:disable Metrics/PerceivedComplexity
       def fetch_files
         fetched_files = []
         fetched_files << package_json
@@ -48,8 +47,6 @@ module Dependabot
         fetched_files.uniq
       end
 
-      # rubocop:enable Metrics/PerceivedComplexity
-
       def package_json
         @package_json ||= fetch_file_from_host("package.json")
       end
@@ -173,6 +170,7 @@ module Dependabot
         ].uniq
       end
 
+      # rubocop:disable Metrics/PerceivedComplexity
       # rubocop:disable Metrics/AbcSize
       def path_dependency_details_from_manifest(file)
         return [] unless file.name.end_with?("package.json")
@@ -208,6 +206,7 @@ module Dependabot
         raise Dependabot::DependencyFileNotParseable, file.path
       end
       # rubocop:enable Metrics/AbcSize
+      # rubocop:enable Metrics/PerceivedComplexity
 
       def path_dependency_details_from_npm_lockfile(parsed_lockfile)
         path_starts = NPM_PATH_DEPENDENCY_STARTS

data/lib/dependabot/npm_and_yarn/file_updater/npmrc_builder.rb

@@ -127,7 +127,6 @@ module Dependabot
           build_npmrc_content_from_lockfile
         end
 
-        # rubocop:disable Metrics/PerceivedComplexity
         def credential_lines_for_npmrc
           lines = []
           registry_credentials.each do |cred|
@@ -154,8 +153,8 @@ module Dependabot
           # Work around a suspected yarn bug
           ["always-auth = true"] + lines
         end
-        # rubocop:enable Metrics/PerceivedComplexity
 
+        # rubocop:disable Metrics/PerceivedComplexity
         def registry_scopes(registry)
           # Central registries don't just apply to scopes
           return if CENTRAL_REGISTRIES.include?(registry)
@@ -182,6 +181,7 @@ module Dependabot
 
           scopes.map { |scope| "@#{scope}:registry=https://#{registry}" }
         end
+        # rubocop:enable Metrics/PerceivedComplexity
 
         def registry_credentials
           credentials.select { |cred| cred.fetch("type") == "npm_registry" }

data/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb

@@ -171,7 +171,7 @@ module Dependabot
           # Local path error: When installing a git dependency which
           # is using local file paths for sub-dependencies (e.g. unbuilt yarn
           # workspace project)
-          sub_dep_local_path_err = "Package \"\" refers to a non-existing file"
+          sub_dep_local_path_err = 'Package "" refers to a non-existing file'
           if error_message.match?(INVALID_PACKAGE) ||
              error_message.start_with?(sub_dep_local_path_err)
             raise_resolvability_error(error_message, yarn_lock)

data/lib/dependabot/npm_and_yarn/requirement.rb

@@ -56,7 +56,6 @@ module Dependabot
 
       private
 
-      # rubocop:disable Metrics/PerceivedComplexity
       def convert_js_constraint_to_ruby_constraint(req_string)
         return req_string if req_string.match?(/^([A-Za-uw-z]|v[^\d])/)
 
@@ -72,7 +71,6 @@ module Dependabot
         else ruby_range(req_string)
         end
       end
-      # rubocop:enable Metrics/PerceivedComplexity
 
       def convert_tilde_req(req_string)
         version = req_string.gsub(/^~\>?[\s=]*/, "")
@@ -112,11 +110,10 @@ module Dependabot
         "~> #{parts.join('.')}"
       end
 
-      # rubocop:disable Metrics/PerceivedComplexity
       def convert_caret_req(req_string)
         version = req_string.gsub(/^\^[\s=]*/, "")
         parts = version.split(".")
-        parts = parts.fill("x", parts.length...3)
+        parts.fill("x", parts.length...3)
         first_non_zero = parts.find { |d| d != "0" }
         first_non_zero_index =
           first_non_zero ? parts.index(first_non_zero) : parts.count - 1
@@ -133,7 +130,6 @@ module Dependabot
 
         [">= #{version}", "< #{upper_bound}"]
       end
-      # rubocop:enable Metrics/PerceivedComplexity
     end
   end
 end

data/lib/dependabot/npm_and_yarn/update_checker/latest_version_finder.rb

@@ -167,6 +167,7 @@ module Dependabot
           wants_latest_dist_tag?(latest) ? latest : nil
         end
 
+        # rubocop:disable Metrics/PerceivedComplexity
         def related_to_current_pre?(version)
           current_version = dependency.version
           if current_version &&
@@ -188,6 +189,7 @@ module Dependabot
             false
           end
         end
+        # rubocop:enable Metrics/PerceivedComplexity
 
         def specified_dist_tag_requirement?
           dependency.requirements.any? do |req|

data/lib/dependabot/npm_and_yarn/update_checker/subdependency_version_resolver.rb

@@ -82,7 +82,6 @@ module Dependabot
           version_class.new(updated_version)
         end
 
-        # rubocop:disable Metrics/PerceivedComplexity
         def run_yarn_updater(path, lockfile_name)
           SharedHelpers.with_git_configured(credentials: credentials) do
             Dir.chdir(path) do
@@ -107,8 +106,6 @@ module Dependabot
           sleep(rand(3.0..10.0)) && retry
         end
 
-        # rubocop:enable Metrics/PerceivedComplexity
-
         def run_npm_updater(path, lockfile_name)
           SharedHelpers.with_git_configured(credentials: credentials) do
             Dir.chdir(path) do

data/lib/dependabot/npm_and_yarn/update_checker/version_resolver.rb

@@ -130,6 +130,7 @@ module Dependabot
             )
         end
 
+        # rubocop:disable Metrics/PerceivedComplexity
         def resolve_latest_previous_version(dep, updated_version)
           return dep.version if dep.version
 
@@ -160,6 +161,7 @@ module Dependabot
             latest_previous_version
           end
         end
+        # rubocop:enable Metrics/PerceivedComplexity
 
         def part_of_tightly_locked_monorepo?
           monorepo_dep_names =

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-npm_and_yarn
 version: !ruby/object:Gem::Version
-  version: 0.119.3
+  version: 0.119.4
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-09-10 00:00:00.000000000 Z
+date: 2020-09-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.119.3
+        version: 0.119.4
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.119.3
+        version: 0.119.4
 - !ruby/object:Gem::Dependency
   name: byebug
   requirement: !ruby/object:Gem::Requirement
@@ -100,14 +100,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.88.0
+        version: 0.90.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.88.0
+        version: 0.90.0
 - !ruby/object:Gem::Dependency
   name: vcr
   requirement: !ruby/object:Gem::Requirement