dependabot-npm_and_yarn 0.95.33 → 0.95.34

Sign up to get free protection for your applications and to get access to all the features.
Files changed (3) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/npm_and_yarn/metadata_finder.rb +28 -12
  3. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a54605a5d3ad8d33e4aeeb52b5b0a715fdf7ac656d70820cf46b64b6897d5bfa
4
- data.tar.gz: 753e5edd7c5e394cae94c53956829567fd1ea45447ea44d9f08ecc593b272b2d
3
+ metadata.gz: 74643b3d4abfbba5f5d8a78a0f13dae2a65fd190564325c138ae1ee0e9807d02
4
+ data.tar.gz: ab79d1130f72465c8952001c7e0d7800162ab4710d0a0e59616d60771de8d9d0
5
5
  SHA512:
6
- metadata.gz: 331554696050713a3510bd9ef6e830fb2da079151af89bd2935bdecd6af9de2ca2dd3a29646b72601209d82c8890d754c5862deb15919fbc2125f7a63c71a773
7
- data.tar.gz: 4a5f90be4634a806ae2d2e7ff86aee14cd328c8ac975b6f9c22363a1985055cebbd01cd63eec2b0b87597256cfe5d20105647e3f190584902cc757acb3319ea4
6
+ metadata.gz: aa6099cb99a700715169c8a04b3b491aa5b416e996338df94a1d0aff365602238cc957a29d2947166617e5182c0ac60185c6cb1879a2ae9825d65cd943d3fb43
7
+ data.tar.gz: f7dda297d8365ea72edbcb90c64d5b42610acdc397a9755ff43551285894a133bcdd467956b49b4dfeae7d3badf671d2f370e1719db4ab5b90a3f770e8b4f1f3
data/lib/dependabot/npm_and_yarn/metadata_finder.rb CHANGED
@@ -71,27 +71,25 @@ module Dependabot
71
71
  def find_source_from_registry
72
72
  # Attempt to use version_listing first, as fetching the entire listing
73
73
  # array can be slow (if it's large)
74
- potential_source_urls =
74
+ potential_sources =
75
75
  [
76
- get_url(latest_version_listing["repository"]),
77
- get_url(latest_version_listing["homepage"]),
78
- get_url(latest_version_listing["bugs"])
76
+ get_source(latest_version_listing["repository"]),
77
+ get_source(latest_version_listing["homepage"]),
78
+ get_source(latest_version_listing["bugs"])
79
79
  ].compact
80
80
 
81
- source_url = potential_source_urls.find { |url| Source.from_url(url) }
82
- return Source.from_url(source_url) if Source.from_url(source_url)
81
+ return potential_sources.first if potential_sources.any?
83
82
 
84
- potential_source_urls =
83
+ potential_sources =
85
84
  all_version_listings.flat_map do |_, listing|
86
85
  [
87
- get_url(listing["repository"]),
88
- get_url(listing["homepage"]),
89
- get_url(listing["bugs"])
86
+ get_source(listing["repository"]),
87
+ get_source(listing["homepage"]),
88
+ get_source(listing["bugs"])
90
89
  ]
91
90
  end.compact
92
91
 
93
- source_url = potential_source_urls.find { |url| Source.from_url(url) }
94
- Source.from_url(source_url)
92
+ potential_sources.first
95
93
  end
96
94
 
97
95
  def new_source
@@ -103,6 +101,17 @@ module Dependabot
103
101
  sources.first
104
102
  end
105
103
 
104
+ def get_source(details)
105
+ potential_url = get_url(details)
106
+ return unless potential_url
107
+
108
+ potential_source = Source.from_url(potential_url)
109
+ return unless potential_source
110
+
111
+ potential_source.directory = get_directory(details)
112
+ potential_source
113
+ end
114
+
106
115
  def get_url(details)
107
116
  case details
108
117
  when String then details
@@ -110,6 +119,13 @@ module Dependabot
110
119
  end
111
120
  end
112
121
 
122
+ def get_directory(details)
123
+ # Only return a directory if it is explicitly specified
124
+ return unless details.is_a?(Hash)
125
+
126
+ details.fetch("directory", nil)
127
+ end
128
+
113
129
  def find_source_from_git_url
114
130
  url = new_source[:url] || new_source.fetch("url")
115
131
  Source.from_url(url)
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-npm_and_yarn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.95.33
4
+ version: 0.95.34
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-02-16 00:00:00.000000000 Z
11
+ date: 2019-02-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.95.33
19
+ version: 0.95.34
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.95.33
26
+ version: 0.95.34
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement