dependabot-npm_and_yarn 0.216.0 → 0.216.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/helpers/package-lock.json +30 -30
- data/helpers/package.json +2 -2
- data/lib/dependabot/npm_and_yarn/file_parser/json_lock.rb +2 -4
- metadata +6 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 239ea74bfa12a1156995f658945575829fd543be7c7db2986fe00ad6124b111d
|
|
4
|
+
data.tar.gz: 9f65a09fc63f0579d77ce551c1e1929edfe347598741d311112a27f44d020252
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3d81beca1ebbdc44ced78f2f375dc9f1ef39558021dba7c1982fea116bce47a906926d429c38787354439b8828efa12516d165e3781f215cb83a30c99c375ea9
|
|
7
|
+
data.tar.gz: 200a5946ddd36daa5b687a634f79cb5c84718f94b771c1b6e5a04d6ab8654d82362d6b4c6c8c1016e313dd12a633452116dfe9329c5dc8248fdecd47d25dc735
|
data/helpers/package-lock.json
CHANGED
|
@@ -7,11 +7,11 @@
|
|
|
7
7
|
"name": "@dependabot/helper",
|
|
8
8
|
"dependencies": {
|
|
9
9
|
"@dependabot/yarn-lib": "^1.22.19",
|
|
10
|
-
"@npmcli/arborist": "^6.2.
|
|
10
|
+
"@npmcli/arborist": "^6.2.7",
|
|
11
11
|
"detect-indent": "^6.1.0",
|
|
12
12
|
"nock": "^13.3.0",
|
|
13
13
|
"npm": "6.14.18",
|
|
14
|
-
"semver": "^7.
|
|
14
|
+
"semver": "^7.4.0"
|
|
15
15
|
},
|
|
16
16
|
"bin": {
|
|
17
17
|
"helper": "run.js"
|
|
@@ -1780,9 +1780,9 @@
|
|
|
1780
1780
|
}
|
|
1781
1781
|
},
|
|
1782
1782
|
"node_modules/@npmcli/arborist": {
|
|
1783
|
-
"version": "6.2.
|
|
1784
|
-
"resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-6.2.
|
|
1785
|
-
"integrity": "sha512
|
|
1783
|
+
"version": "6.2.7",
|
|
1784
|
+
"resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-6.2.7.tgz",
|
|
1785
|
+
"integrity": "sha512-7Gp1lZEweW1GzoMOo0Z10zAm4SKZsVYUWtFSCrahXmV5H3Mp4Pgwg1nIgkXj4LkjqT+fLsXmjK6rQBauDH64Jg==",
|
|
1786
1786
|
"dependencies": {
|
|
1787
1787
|
"@isaacs/string-locale-compare": "^1.1.0",
|
|
1788
1788
|
"@npmcli/fs": "^3.1.0",
|
|
@@ -1800,7 +1800,7 @@
|
|
|
1800
1800
|
"hosted-git-info": "^6.1.1",
|
|
1801
1801
|
"json-parse-even-better-errors": "^3.0.0",
|
|
1802
1802
|
"json-stringify-nice": "^1.1.4",
|
|
1803
|
-
"minimatch": "^
|
|
1803
|
+
"minimatch": "^7.4.2",
|
|
1804
1804
|
"nopt": "^7.0.0",
|
|
1805
1805
|
"npm-install-checks": "^6.0.0",
|
|
1806
1806
|
"npm-package-arg": "^10.1.0",
|
|
@@ -1811,7 +1811,7 @@
|
|
|
1811
1811
|
"parse-conflict-json": "^3.0.0",
|
|
1812
1812
|
"proc-log": "^3.0.0",
|
|
1813
1813
|
"promise-all-reject-late": "^1.0.0",
|
|
1814
|
-
"promise-call-limit": "^1.0.
|
|
1814
|
+
"promise-call-limit": "^1.0.2",
|
|
1815
1815
|
"read-package-json-fast": "^3.0.2",
|
|
1816
1816
|
"semver": "^7.3.7",
|
|
1817
1817
|
"ssri": "^10.0.1",
|
|
@@ -1850,9 +1850,9 @@
|
|
|
1850
1850
|
}
|
|
1851
1851
|
},
|
|
1852
1852
|
"node_modules/@npmcli/arborist/node_modules/minimatch": {
|
|
1853
|
-
"version": "
|
|
1854
|
-
"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-
|
|
1855
|
-
"integrity": "sha512-
|
|
1853
|
+
"version": "7.4.6",
|
|
1854
|
+
"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-7.4.6.tgz",
|
|
1855
|
+
"integrity": "sha512-sBz8G/YjVniEz6lKPNpKxXwazJe4c19fEfV2GDMX6AjFz+MX9uDWIZW8XreVhkFW3fkIdTv/gxWr/Kks5FFAVw==",
|
|
1856
1856
|
"dependencies": {
|
|
1857
1857
|
"brace-expansion": "^2.0.1"
|
|
1858
1858
|
},
|
|
@@ -13297,9 +13297,9 @@
|
|
|
13297
13297
|
}
|
|
13298
13298
|
},
|
|
13299
13299
|
"node_modules/promise-call-limit": {
|
|
13300
|
-
"version": "1.0.
|
|
13301
|
-
"resolved": "https://registry.npmjs.org/promise-call-limit/-/promise-call-limit-1.0.
|
|
13302
|
-
"integrity": "sha512-
|
|
13300
|
+
"version": "1.0.2",
|
|
13301
|
+
"resolved": "https://registry.npmjs.org/promise-call-limit/-/promise-call-limit-1.0.2.tgz",
|
|
13302
|
+
"integrity": "sha512-1vTUnfI2hzui8AEIixbdAJlFY4LFDXqQswy/2eOlThAscXCY4It8FdVuI0fMJGAB2aWGbdQf/gv0skKYXmdrHA==",
|
|
13303
13303
|
"funding": {
|
|
13304
13304
|
"url": "https://github.com/sponsors/isaacs"
|
|
13305
13305
|
}
|
|
@@ -13882,9 +13882,9 @@
|
|
|
13882
13882
|
"integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg=="
|
|
13883
13883
|
},
|
|
13884
13884
|
"node_modules/semver": {
|
|
13885
|
-
"version": "7.
|
|
13886
|
-
"resolved": "https://registry.npmjs.org/semver/-/semver-7.
|
|
13887
|
-
"integrity": "sha512-
|
|
13885
|
+
"version": "7.4.0",
|
|
13886
|
+
"resolved": "https://registry.npmjs.org/semver/-/semver-7.4.0.tgz",
|
|
13887
|
+
"integrity": "sha512-RgOxM8Mw+7Zus0+zcLEUn8+JfoLpj/huFTItQy2hsM4khuC1HYRDp0cU482Ewn/Fcy6bCjufD8vAj7voC66KQw==",
|
|
13888
13888
|
"dependencies": {
|
|
13889
13889
|
"lru-cache": "^6.0.0"
|
|
13890
13890
|
},
|
|
@@ -16370,9 +16370,9 @@
|
|
|
16370
16370
|
}
|
|
16371
16371
|
},
|
|
16372
16372
|
"@npmcli/arborist": {
|
|
16373
|
-
"version": "6.2.
|
|
16374
|
-
"resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-6.2.
|
|
16375
|
-
"integrity": "sha512
|
|
16373
|
+
"version": "6.2.7",
|
|
16374
|
+
"resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-6.2.7.tgz",
|
|
16375
|
+
"integrity": "sha512-7Gp1lZEweW1GzoMOo0Z10zAm4SKZsVYUWtFSCrahXmV5H3Mp4Pgwg1nIgkXj4LkjqT+fLsXmjK6rQBauDH64Jg==",
|
|
16376
16376
|
"requires": {
|
|
16377
16377
|
"@isaacs/string-locale-compare": "^1.1.0",
|
|
16378
16378
|
"@npmcli/fs": "^3.1.0",
|
|
@@ -16390,7 +16390,7 @@
|
|
|
16390
16390
|
"hosted-git-info": "^6.1.1",
|
|
16391
16391
|
"json-parse-even-better-errors": "^3.0.0",
|
|
16392
16392
|
"json-stringify-nice": "^1.1.4",
|
|
16393
|
-
"minimatch": "^
|
|
16393
|
+
"minimatch": "^7.4.2",
|
|
16394
16394
|
"nopt": "^7.0.0",
|
|
16395
16395
|
"npm-install-checks": "^6.0.0",
|
|
16396
16396
|
"npm-package-arg": "^10.1.0",
|
|
@@ -16401,7 +16401,7 @@
|
|
|
16401
16401
|
"parse-conflict-json": "^3.0.0",
|
|
16402
16402
|
"proc-log": "^3.0.0",
|
|
16403
16403
|
"promise-all-reject-late": "^1.0.0",
|
|
16404
|
-
"promise-call-limit": "^1.0.
|
|
16404
|
+
"promise-call-limit": "^1.0.2",
|
|
16405
16405
|
"read-package-json-fast": "^3.0.2",
|
|
16406
16406
|
"semver": "^7.3.7",
|
|
16407
16407
|
"ssri": "^10.0.1",
|
|
@@ -16428,9 +16428,9 @@
|
|
|
16428
16428
|
"integrity": "sha512-iZbGHafX/59r39gPwVPRBGw0QQKnA7tte5pSMrhWOW7swGsVvVTjmfyAV9pNqk8YGT7tRCdxRu8uzcgZwoDooA=="
|
|
16429
16429
|
},
|
|
16430
16430
|
"minimatch": {
|
|
16431
|
-
"version": "
|
|
16432
|
-
"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-
|
|
16433
|
-
"integrity": "sha512-
|
|
16431
|
+
"version": "7.4.6",
|
|
16432
|
+
"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-7.4.6.tgz",
|
|
16433
|
+
"integrity": "sha512-sBz8G/YjVniEz6lKPNpKxXwazJe4c19fEfV2GDMX6AjFz+MX9uDWIZW8XreVhkFW3fkIdTv/gxWr/Kks5FFAVw==",
|
|
16434
16434
|
"requires": {
|
|
16435
16435
|
"brace-expansion": "^2.0.1"
|
|
16436
16436
|
}
|
|
@@ -25022,9 +25022,9 @@
|
|
|
25022
25022
|
"integrity": "sha512-vuf0Lf0lOxyQREH7GDIOUMLS7kz+gs8i6B+Yi8dC68a2sychGrHTJYghMBD6k7eUcH0H5P73EckCA48xijWqXw=="
|
|
25023
25023
|
},
|
|
25024
25024
|
"promise-call-limit": {
|
|
25025
|
-
"version": "1.0.
|
|
25026
|
-
"resolved": "https://registry.npmjs.org/promise-call-limit/-/promise-call-limit-1.0.
|
|
25027
|
-
"integrity": "sha512-
|
|
25025
|
+
"version": "1.0.2",
|
|
25026
|
+
"resolved": "https://registry.npmjs.org/promise-call-limit/-/promise-call-limit-1.0.2.tgz",
|
|
25027
|
+
"integrity": "sha512-1vTUnfI2hzui8AEIixbdAJlFY4LFDXqQswy/2eOlThAscXCY4It8FdVuI0fMJGAB2aWGbdQf/gv0skKYXmdrHA=="
|
|
25028
25028
|
},
|
|
25029
25029
|
"promise-inflight": {
|
|
25030
25030
|
"version": "1.0.1",
|
|
@@ -25457,9 +25457,9 @@
|
|
|
25457
25457
|
"integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg=="
|
|
25458
25458
|
},
|
|
25459
25459
|
"semver": {
|
|
25460
|
-
"version": "7.
|
|
25461
|
-
"resolved": "https://registry.npmjs.org/semver/-/semver-7.
|
|
25462
|
-
"integrity": "sha512-
|
|
25460
|
+
"version": "7.4.0",
|
|
25461
|
+
"resolved": "https://registry.npmjs.org/semver/-/semver-7.4.0.tgz",
|
|
25462
|
+
"integrity": "sha512-RgOxM8Mw+7Zus0+zcLEUn8+JfoLpj/huFTItQy2hsM4khuC1HYRDp0cU482Ewn/Fcy6bCjufD8vAj7voC66KQw==",
|
|
25463
25463
|
"requires": {
|
|
25464
25464
|
"lru-cache": "^6.0.0"
|
|
25465
25465
|
},
|
data/helpers/package.json
CHANGED
|
@@ -10,11 +10,11 @@
|
|
|
10
10
|
},
|
|
11
11
|
"dependencies": {
|
|
12
12
|
"@dependabot/yarn-lib": "^1.22.19",
|
|
13
|
-
"@npmcli/arborist": "^6.2.
|
|
13
|
+
"@npmcli/arborist": "^6.2.7",
|
|
14
14
|
"detect-indent": "^6.1.0",
|
|
15
15
|
"nock": "^13.3.0",
|
|
16
16
|
"npm": "6.14.18",
|
|
17
|
-
"semver": "^7.
|
|
17
|
+
"semver": "^7.4.0"
|
|
18
18
|
},
|
|
19
19
|
"devDependencies": {
|
|
20
20
|
"eslint": "^8.38.0",
|
|
@@ -40,9 +40,7 @@ module Dependabot
|
|
|
40
40
|
dependency_set = Dependabot::NpmAndYarn::FileParser::DependencySet.new
|
|
41
41
|
|
|
42
42
|
dependencies = object_with_dependencies["dependencies"]
|
|
43
|
-
dependencies ||= object_with_dependencies.fetch("packages", {})
|
|
44
|
-
name.delete_prefix("node_modules/")
|
|
45
|
-
end
|
|
43
|
+
dependencies ||= object_with_dependencies.fetch("packages", {})
|
|
46
44
|
|
|
47
45
|
dependencies.each do |name, details|
|
|
48
46
|
next if name.empty? # v3 lockfiles include an empty key holding info of the current package
|
|
@@ -51,7 +49,7 @@ module Dependabot
|
|
|
51
49
|
next unless version
|
|
52
50
|
|
|
53
51
|
dependency_args = {
|
|
54
|
-
name: name,
|
|
52
|
+
name: name.split("node_modules/").last,
|
|
55
53
|
version: version,
|
|
56
54
|
package_manager: "npm_and_yarn",
|
|
57
55
|
requirements: []
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-npm_and_yarn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.216.
|
|
4
|
+
version: 0.216.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-04-
|
|
11
|
+
date: 2023-04-14 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.216.
|
|
19
|
+
version: 0.216.1
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.216.
|
|
26
|
+
version: 0.216.1
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -114,14 +114,14 @@ dependencies:
|
|
|
114
114
|
requirements:
|
|
115
115
|
- - "~>"
|
|
116
116
|
- !ruby/object:Gem::Version
|
|
117
|
-
version: 1.
|
|
117
|
+
version: 1.50.0
|
|
118
118
|
type: :development
|
|
119
119
|
prerelease: false
|
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
|
121
121
|
requirements:
|
|
122
122
|
- - "~>"
|
|
123
123
|
- !ruby/object:Gem::Version
|
|
124
|
-
version: 1.
|
|
124
|
+
version: 1.50.0
|
|
125
125
|
- !ruby/object:Gem::Dependency
|
|
126
126
|
name: rubocop-performance
|
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|