dependabot-npm_and_yarn 0.221.0 → 0.222.0
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d1445fe945c303db512eeb95b3d9a2c4803f15586befa6f57fd2892d14744435
|
|
4
|
+
data.tar.gz: 5735e7e87c60b2238d7e3acad792c353f6e84e3f8f3f225b677ab2264a75ea8e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 14e58a580cd32a529c1c772c594029c69901227805d8f0245a3e2817d191a56dcf3b31fec75e1fe923acea70858f9c54843f9bdd47a7681d6ef90ae6ad52a9bd
|
|
7
|
+
data.tar.gz: a4082f1796d39a3139b7be11055e8d7f787f34e3470c18552812d88246934d668419f1137b7665ba7c2c3052d58cc48682351b2b8e3c79fcbf989e53a0441bde
|
|
@@ -14,7 +14,7 @@ module Dependabot
|
|
|
14
14
|
quoted = OPS.keys.map { |k| Regexp.quote(k) }.join("|")
|
|
15
15
|
version_pattern = "v?#{NpmAndYarn::Version::VERSION_PATTERN}"
|
|
16
16
|
|
|
17
|
-
PATTERN_RAW = "\\s*(#{quoted})?\\s*(#{version_pattern})\\s*"
|
|
17
|
+
PATTERN_RAW = "\\s*(#{quoted})?\\s*(#{version_pattern})\\s*".freeze
|
|
18
18
|
PATTERN = /\A#{PATTERN_RAW}\z/
|
|
19
19
|
|
|
20
20
|
def self.parse(obj)
|
|
@@ -79,11 +79,12 @@ module Dependabot
|
|
|
79
79
|
/x
|
|
80
80
|
|
|
81
81
|
def initialize(dependency:, credentials:, dependency_files:,
|
|
82
|
-
latest_allowable_version:, latest_version_finder:, repo_contents_path:)
|
|
82
|
+
latest_allowable_version:, latest_version_finder:, repo_contents_path:, dependency_group: nil)
|
|
83
83
|
@dependency = dependency
|
|
84
84
|
@credentials = credentials
|
|
85
85
|
@dependency_files = dependency_files
|
|
86
86
|
@latest_allowable_version = latest_allowable_version
|
|
87
|
+
@dependency_group = dependency_group
|
|
87
88
|
|
|
88
89
|
@latest_version_finder = {}
|
|
89
90
|
@latest_version_finder[dependency] = latest_version_finder
|
|
@@ -153,7 +154,7 @@ module Dependabot
|
|
|
153
154
|
private
|
|
154
155
|
|
|
155
156
|
attr_reader :dependency, :credentials, :dependency_files,
|
|
156
|
-
:latest_allowable_version, :repo_contents_path
|
|
157
|
+
:latest_allowable_version, :repo_contents_path, :dependency_group
|
|
157
158
|
|
|
158
159
|
def latest_version_finder(dep)
|
|
159
160
|
@latest_version_finder[dep] ||=
|
|
@@ -399,6 +400,17 @@ module Dependabot
|
|
|
399
400
|
dep[:requiring_dep_name] == dependency.name
|
|
400
401
|
end
|
|
401
402
|
|
|
403
|
+
unless dependency_group.nil?
|
|
404
|
+
# Ignore unmet peer dependencies that are in the dependency group because
|
|
405
|
+
# the update is also updating those dependencies.
|
|
406
|
+
relevant_unmet_peer_dependencies.reject! do |dep|
|
|
407
|
+
dependency_group.dependencies.any? do |group_dep|
|
|
408
|
+
dep[:requirement_name] == group_dep.name ||
|
|
409
|
+
dep[:requiring_dep_name] == group_dep.name
|
|
410
|
+
end
|
|
411
|
+
end
|
|
412
|
+
end
|
|
413
|
+
|
|
402
414
|
return [] if relevant_unmet_peer_dependencies.empty?
|
|
403
415
|
|
|
404
416
|
# Prune out any pre-existing warnings
|
|
@@ -330,7 +330,8 @@ module Dependabot
|
|
|
330
330
|
dependency_files: dependency_files,
|
|
331
331
|
latest_allowable_version: latest_version,
|
|
332
332
|
latest_version_finder: latest_version_finder,
|
|
333
|
-
repo_contents_path: repo_contents_path
|
|
333
|
+
repo_contents_path: repo_contents_path,
|
|
334
|
+
dependency_group: dependency_group
|
|
334
335
|
)
|
|
335
336
|
end
|
|
336
337
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-npm_and_yarn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.222.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-07-
|
|
11
|
+
date: 2023-07-25 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.222.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.222.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -280,7 +280,7 @@ licenses:
|
|
|
280
280
|
- Nonstandard
|
|
281
281
|
metadata:
|
|
282
282
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
283
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
283
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.222.0
|
|
284
284
|
post_install_message:
|
|
285
285
|
rdoc_options: []
|
|
286
286
|
require_paths:
|