dependabot-npm_and_yarn 0.186.0 → 0.186.1
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6ba76f738d1063edb7f67ffd5e91446dc499e4ce3c5669f30cd24549a81de2c7
|
|
4
|
+
data.tar.gz: 66a0dcbf534d029bf52515a562586adf5787a164456c2ebb4569ebf4997fbb1a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: dd992188087707f9dbb6a40410e4e73831e8517c51735a627284dce456a50c5bab2624a0b7af29b86526ae6e2d61f03e5a210a383826df25f66f22c4a5e13843
|
|
7
|
+
data.tar.gz: a175aa22539ef2f3ec0e0c0adf6f70e2e883aa4fdcea6ed46a881241268b1c1245478835aaa7142dedef8b9639861500474a8dc767cd71cc622cdbeb65fb0c50
|
|
@@ -3,17 +3,17 @@
|
|
|
3
3
|
module Dependabot
|
|
4
4
|
module NpmAndYarn
|
|
5
5
|
class PackageName
|
|
6
|
-
|
|
7
|
-
PACKAGE_NAME_REGEX = %r{
|
|
6
|
+
PACKAGE_NAME_REGEX = %r{
|
|
8
7
|
\A # beginning of string
|
|
9
8
|
(?=.{1,214}\z) # enforce length (1 - 214)
|
|
10
9
|
(@(?<scope>[a-z0-9\-~][a-z0-9\-\._~]*)\/)? # capture 'scope' if present
|
|
11
10
|
(?<name>[a-z0-9\-~][a-z0-9\-._~]*) # capture package name
|
|
12
11
|
\z # end of string
|
|
13
12
|
}xi.freeze # multi-line/case-insensitive
|
|
13
|
+
|
|
14
14
|
TYPES_PACKAGE_NAME_REGEX = %r{
|
|
15
15
|
\A # beginning of string
|
|
16
|
-
|
|
16
|
+
@types\/ # starts with @types/
|
|
17
17
|
((?<scope>.+)__)? # capture scope
|
|
18
18
|
(?<name>.+) # capture name
|
|
19
19
|
\z # end of string
|
|
@@ -81,7 +81,7 @@ module Dependabot
|
|
|
81
81
|
end
|
|
82
82
|
|
|
83
83
|
def types_package?
|
|
84
|
-
|
|
84
|
+
"types".casecmp?(@scope)
|
|
85
85
|
end
|
|
86
86
|
end
|
|
87
87
|
end
|
|
@@ -252,7 +252,10 @@ module Dependabot
|
|
|
252
252
|
|
|
253
253
|
return false unless latest_allowable_version.backwards_compatible_with?(latest_types_package_version)
|
|
254
254
|
|
|
255
|
+
return false unless version_class.correct?(types_package.version)
|
|
256
|
+
|
|
255
257
|
current_types_package_version = version_class.new(types_package.version)
|
|
258
|
+
|
|
256
259
|
return false unless current_types_package_version < latest_types_package_version
|
|
257
260
|
|
|
258
261
|
true
|
|
@@ -261,9 +264,12 @@ module Dependabot
|
|
|
261
264
|
def original_package_update_available?
|
|
262
265
|
return false if original_package.nil?
|
|
263
266
|
|
|
264
|
-
|
|
267
|
+
return false unless version_class.correct?(original_package.version)
|
|
268
|
+
|
|
265
269
|
original_package_version = version_class.new(original_package.version)
|
|
266
270
|
|
|
271
|
+
latest_version = latest_version_finder(original_package).latest_version_from_registry
|
|
272
|
+
|
|
267
273
|
original_package_version < latest_version
|
|
268
274
|
end
|
|
269
275
|
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-npm_and_yarn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.186.
|
|
4
|
+
version: 0.186.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.186.
|
|
19
|
+
version: 0.186.1
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.186.
|
|
26
|
+
version: 0.186.1
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debase
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|