dependabot-npm_and_yarn 0.99.3 → 0.99.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/npm_and_yarn/file_updater/npm_lockfile_updater.rb +2 -2
- data/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb +2 -2
- data/lib/dependabot/npm_and_yarn/update_checker/latest_version_finder.rb +2 -3
- data/lib/dependabot/npm_and_yarn/update_checker/subdependency_version_resolver.rb +5 -5
- data/lib/dependabot/npm_and_yarn/update_checker/version_resolver.rb +5 -5
- metadata +6 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 78c9a8df79004b06110c76e9c99c03a9a440b0503605ed2842cd11f4b4eee27e
|
|
4
|
+
data.tar.gz: 3abb8a4869ae0b8f3aa7132d08357cf0f5f31e46c77f1dbd6f19eb87545e5bc4
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8e2e7a405f71da67b3d04551d268408fe75c99dbf11716d49356756605a3a9364b7d584b4558136e7366c5b62573d657ef648731a85fbd2255d8d38b8f84c1f6
|
|
7
|
+
data.tar.gz: d7a7dedaca735984480dbfbad459200fbfd587c3daf9ebfddfed9d497cc213e54d9b528c66b0999c4e692b7436d49043b9f37d0ed7ccfc4fc9352d7bd9362c48
|
|
@@ -37,8 +37,8 @@ module Dependabot
|
|
|
37
37
|
updated_content = updated_files.fetch(lockfile_name)
|
|
38
38
|
post_process_npm_lockfile(lockfile.content, updated_content)
|
|
39
39
|
end
|
|
40
|
-
rescue SharedHelpers::HelperSubprocessFailed =>
|
|
41
|
-
handle_npm_updater_error(
|
|
40
|
+
rescue SharedHelpers::HelperSubprocessFailed => e
|
|
41
|
+
handle_npm_updater_error(e, lockfile)
|
|
42
42
|
end
|
|
43
43
|
|
|
44
44
|
private
|
|
@@ -61,8 +61,8 @@ module Dependabot
|
|
|
61
61
|
)
|
|
62
62
|
updated_files.fetch(lockfile_name)
|
|
63
63
|
end
|
|
64
|
-
rescue SharedHelpers::HelperSubprocessFailed =>
|
|
65
|
-
handle_yarn_lock_updater_error(
|
|
64
|
+
rescue SharedHelpers::HelperSubprocessFailed => e
|
|
65
|
+
handle_yarn_lock_updater_error(e, yarn_lock)
|
|
66
66
|
end
|
|
67
67
|
|
|
68
68
|
def run_current_yarn_update(path:, lockfile_name:)
|
|
@@ -235,13 +235,12 @@ module Dependabot
|
|
|
235
235
|
|
|
236
236
|
check_npm_response(npm_response)
|
|
237
237
|
JSON.parse(npm_response.body)
|
|
238
|
-
rescue JSON::ParserError, Excon::Error::Timeout,
|
|
239
|
-
RegistryError => error
|
|
238
|
+
rescue JSON::ParserError, Excon::Error::Timeout, RegistryError => e
|
|
240
239
|
return if git_dependency?
|
|
241
240
|
|
|
242
241
|
retry_count ||= 0
|
|
243
242
|
retry_count += 1
|
|
244
|
-
raise_npm_details_error(
|
|
243
|
+
raise_npm_details_error(e) if retry_count > 2
|
|
245
244
|
sleep(rand(3.0..10.0)) && retry
|
|
246
245
|
end
|
|
247
246
|
end
|
|
@@ -93,12 +93,12 @@ module Dependabot
|
|
|
93
93
|
)
|
|
94
94
|
end
|
|
95
95
|
end
|
|
96
|
-
rescue SharedHelpers::HelperSubprocessFailed =>
|
|
96
|
+
rescue SharedHelpers::HelperSubprocessFailed => e
|
|
97
97
|
unfindable_str = "find package \"#{dependency.name}"
|
|
98
|
-
raise unless
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
98
|
+
raise unless e.message.include?("The registry may be down") ||
|
|
99
|
+
e.message.include?("ETIMEDOUT") ||
|
|
100
|
+
e.message.include?("ENOBUFS") ||
|
|
101
|
+
e.message.include?(unfindable_str)
|
|
102
102
|
|
|
103
103
|
retry_count ||= 0
|
|
104
104
|
retry_count += 1
|
|
@@ -186,14 +186,14 @@ module Dependabot
|
|
|
186
186
|
filtered_package_files.flat_map do |file|
|
|
187
187
|
path = Pathname.new(file.name).dirname
|
|
188
188
|
run_checker(path: path, version: version)
|
|
189
|
-
rescue SharedHelpers::HelperSubprocessFailed =>
|
|
189
|
+
rescue SharedHelpers::HelperSubprocessFailed => e
|
|
190
190
|
errors = []
|
|
191
|
-
if
|
|
192
|
-
|
|
191
|
+
if e.message.match?(NPM_PEER_DEP_ERROR_REGEX)
|
|
192
|
+
e.message.scan(NPM_PEER_DEP_ERROR_REGEX) do
|
|
193
193
|
errors << Regexp.last_match.named_captures
|
|
194
194
|
end
|
|
195
|
-
elsif
|
|
196
|
-
|
|
195
|
+
elsif e.message.match?(YARN_PEER_DEP_ERROR_REGEX)
|
|
196
|
+
e.message.scan(YARN_PEER_DEP_ERROR_REGEX) do
|
|
197
197
|
errors << Regexp.last_match.named_captures
|
|
198
198
|
end
|
|
199
199
|
else raise
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-npm_and_yarn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.99.
|
|
4
|
+
version: 0.99.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-04-
|
|
11
|
+
date: 2019-04-10 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.99.
|
|
19
|
+
version: 0.99.4
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.99.
|
|
26
|
+
version: 0.99.4
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -100,14 +100,14 @@ dependencies:
|
|
|
100
100
|
requirements:
|
|
101
101
|
- - "~>"
|
|
102
102
|
- !ruby/object:Gem::Version
|
|
103
|
-
version: 0.
|
|
103
|
+
version: 0.67.2
|
|
104
104
|
type: :development
|
|
105
105
|
prerelease: false
|
|
106
106
|
version_requirements: !ruby/object:Gem::Requirement
|
|
107
107
|
requirements:
|
|
108
108
|
- - "~>"
|
|
109
109
|
- !ruby/object:Gem::Version
|
|
110
|
-
version: 0.
|
|
110
|
+
version: 0.67.2
|
|
111
111
|
- !ruby/object:Gem::Dependency
|
|
112
112
|
name: vcr
|
|
113
113
|
requirement: !ruby/object:Gem::Requirement
|