dependabot-npm_and_yarn 0.95.62 → 0.95.63

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/npm_and_yarn/update_checker/latest_version_finder.rb +2 -0
  3. data/lib/dependabot/npm_and_yarn/update_checker/version_resolver.rb +5 -1
  4. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a8e87ec52325b41f2b47f9687d9712e40e424f5c86ac6e754a67c519fa3be87f
4
- data.tar.gz: c522110307924e73ae33e1bf3dcfc1d9c3c3e29fbd6fb31b0c857fa95c9a9270
3
+ metadata.gz: ddf5206c65ee1fe5742abeb1ce49d52206253e7c909570b8197125eb1ba1ac21
4
+ data.tar.gz: 04bb96bd62d89a7a08a9b685bdde11c26a297bd63d4f81ecebe64dff6d2f3a52
5
5
  SHA512:
6
- metadata.gz: 7538c2e6a752faee7df2826024e47c77330003d0d91a6bff85e95af54ed165a7455a0a78270977a0b60829c14870d6db7dea3a00ef376fdf371aa491a0ffdcb8
7
- data.tar.gz: bdf1b709136179646c757dc1c2e8da585f59da2e0d31344a32afd1a4415641e79322897c2ba41cb9f2e3f85fd374f79244f57d04294bf706d472adcf7dcdc026
6
+ metadata.gz: '090f384b76a47f8f27ba6061c92d397db5068513a01a8541f397de1c66008a93db00e06b40ac8df79c084ad178ca1dfcadfe15364e76e3f1b2ed7e8ce41b7b93'
7
+ data.tar.gz: 7d57e6de875cc5aecd7c33ded706e97ad1725326f202ba92c8ed78c6e2af0bf594b523e67027db728d8536095087e662a2bd167d6c841f91b4354ce7e68a9b3f
data/lib/dependabot/npm_and_yarn/update_checker/latest_version_finder.rb CHANGED
@@ -236,6 +236,8 @@ module Dependabot
236
236
  JSON.parse(npm_response.body)
237
237
  rescue JSON::ParserError, Excon::Error::Timeout,
238
238
  RegistryError => error
239
+ return if git_dependency?
240
+
239
241
  retry_count ||= 0
240
242
  retry_count += 1
241
243
  raise_npm_details_error(error) if retry_count > 2
data/lib/dependabot/npm_and_yarn/update_checker/version_resolver.rb CHANGED
@@ -217,13 +217,17 @@ module Dependabot
217
217
  end
218
218
 
219
219
  def error_details_from_captures(captures)
220
+ # Note "requiring_dep_version" is used to create a unique list of
221
+ # issues when the requirement name/version is the same
220
222
  {
221
223
  requirement_name:
222
224
  captures.fetch("required_dep").sub(/@[^@]+$/, ""),
223
225
  requirement_version:
224
226
  captures.fetch("required_dep").split("@").last,
225
227
  requiring_dep_name:
226
- captures.fetch("requiring_dep").sub(/@[^@]+$/, "")
228
+ captures.fetch("requiring_dep").sub(/@[^@]+$/, ""),
229
+ requiring_dep_version:
230
+ captures.fetch("requiring_dep").split("@").last
227
231
  }
228
232
  end
229
233
 
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-npm_and_yarn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.95.62
4
+ version: 0.95.63
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.95.62
19
+ version: 0.95.63
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.95.62
26
+ version: 0.95.63
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement