renovate 43.110.18 → 43.111.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/modules/datasource/npm/get.js +3 -1
- package/dist/modules/datasource/npm/get.js.map +1 -1
- package/dist/modules/datasource/npm/schema.js +29 -0
- package/dist/modules/datasource/npm/schema.js.map +1 -0
- package/dist/modules/datasource/types.d.ts +2 -0
- package/dist/modules/platform/github/schema.d.ts +2 -2
- package/package.json +1 -1
- package/renovate-schema.json +2 -2
|
@@ -6,6 +6,7 @@ import { add, find } from "../../../util/host-rules.js";
|
|
|
6
6
|
import { ExternalHostError } from "../../../types/errors/external-host-error.js";
|
|
7
7
|
import { asTimestamp } from "../../../util/timestamp.js";
|
|
8
8
|
import { PackageHttpCacheProvider } from "../../../util/http/cache/package-http-cache-provider.js";
|
|
9
|
+
import { CachedPackument } from "./schema.js";
|
|
9
10
|
import { isNonEmptyString, isString } from "@sindresorhus/is";
|
|
10
11
|
import { z } from "zod/v3";
|
|
11
12
|
//#region lib/modules/datasource/npm/get.ts
|
|
@@ -49,7 +50,8 @@ async function getDependency(http, registryUrl, packageName) {
|
|
|
49
50
|
const options = { cacheProvider: new PackageHttpCacheProvider({
|
|
50
51
|
namespace: "datasource-npm:cache-provider",
|
|
51
52
|
checkAuthorizationHeader: false,
|
|
52
|
-
checkCacheControlHeader: true
|
|
53
|
+
checkCacheControlHeader: true,
|
|
54
|
+
writeSchema: CachedPackument
|
|
53
55
|
}) };
|
|
54
56
|
if (registryUrl === "https://registry.npmjs.org" && find({ url: "https://registry.npmjs.org" })?.abortOnError === void 0) {
|
|
55
57
|
logger.trace({
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"get.js","names":["hostRules.find"],"sources":["../../../../lib/modules/datasource/npm/get.ts"],"sourcesContent":["import { isNonEmptyString, isString } from '@sindresorhus/is';\nimport { z } from 'zod/v3';\nimport { HOST_DISABLED } from '../../../constants/error-messages.ts';\nimport { logger } from '../../../logger/index.ts';\nimport { ExternalHostError } from '../../../types/errors/external-host-error.ts';\nimport * as hostRules from '../../../util/host-rules.ts';\nimport { PackageHttpCacheProvider } from '../../../util/http/cache/package-http-cache-provider.ts';\nimport type { Http } from '../../../util/http/index.ts';\nimport type { HttpOptions } from '../../../util/http/types.ts';\nimport { regEx } from '../../../util/regex.ts';\nimport { asTimestamp } from '../../../util/timestamp.ts';\nimport { joinUrlParts } from '../../../util/url.ts';\nimport type { Release, ReleaseResult } from '../types.ts';\nimport type { NpmResponse } from './types.ts';\n\nconst SHORT_REPO_REGEX = regEx(\n /^((?<platform>bitbucket|github|gitlab):)?(?<shortRepo>[A-Za-z0-9_.-]+\\/[A-Za-z0-9_.-]+)$/,\n);\n\nconst platformMapping: Record<string, string> = {\n bitbucket: 'https://bitbucket.org/',\n github: 'https://github.com/',\n gitlab: 'https://gitlab.com/',\n};\n\ninterface PackageSource {\n sourceUrl: string | null;\n sourceDirectory: string | null;\n}\n\nconst PackageSource = z\n .union([\n z\n .string()\n .nonempty()\n .transform((repository): PackageSource => {\n let sourceUrl: string | null = null;\n const sourceDirectory = null;\n const shortMatch = repository.match(SHORT_REPO_REGEX);\n if (shortMatch?.groups) {\n const { platform = 'github', shortRepo } = shortMatch.groups;\n sourceUrl = platformMapping[platform] + shortRepo;\n } else {\n sourceUrl = repository;\n }\n return { sourceUrl, sourceDirectory };\n }),\n z\n .object({\n url: z.string().nonempty().nullish(),\n directory: z.string().nonempty().nullish(),\n })\n .transform(({ url, directory }) => {\n const res: PackageSource = { sourceUrl: null, sourceDirectory: null };\n\n if (url) {\n res.sourceUrl = url;\n }\n\n if (directory) {\n res.sourceDirectory = directory;\n }\n\n return res;\n }),\n ])\n .catch({ sourceUrl: null, sourceDirectory: null });\n\nexport async function getDependency(\n http: Http,\n registryUrl: string,\n packageName: string,\n): Promise<ReleaseResult | null> {\n logger.trace(`npm.getDependency(${packageName})`);\n\n const packageUrl = joinUrlParts(registryUrl, packageName.replace('/', '%2F'));\n\n try {\n const cacheProvider = new PackageHttpCacheProvider({\n namespace: 'datasource-npm:cache-provider',\n checkAuthorizationHeader: false, // We don't rely on whether user token is provided or not\n checkCacheControlHeader: true,\n });\n const options: HttpOptions = { cacheProvider };\n\n // set abortOnError for registry.npmjs.org if no hostRule with explicit abortOnError exists\n if (\n registryUrl === 'https://registry.npmjs.org' &&\n hostRules.find({ url: 'https://registry.npmjs.org' })?.abortOnError ===\n undefined\n ) {\n logger.trace(\n { packageName, registry: 'https://registry.npmjs.org' },\n 'setting abortOnError hostRule for well known host',\n );\n hostRules.add({\n matchHost: 'https://registry.npmjs.org',\n abortOnError: true,\n });\n }\n\n const resp = await http.getJsonUnchecked<NpmResponse>(packageUrl, options);\n const { body: res } = resp;\n if (!res.versions || !Object.keys(res.versions).length) {\n // Registry returned a 200 OK but with no versions\n logger.debug(`No versions returned for npm dependency ${packageName}`);\n return null;\n }\n\n const latestVersion = res.versions[res['dist-tags']?.latest ?? ''];\n res.repository ??= latestVersion?.repository;\n res.homepage ??= latestVersion?.homepage;\n\n const { sourceUrl, sourceDirectory } = PackageSource.parse(res.repository);\n\n // Simplify response before caching and returning\n const dep: ReleaseResult = {\n homepage: res.homepage,\n releases: [],\n tags: res['dist-tags'],\n registryUrl,\n };\n\n if (sourceUrl) {\n dep.sourceUrl = sourceUrl;\n }\n\n if (sourceDirectory) {\n dep.sourceDirectory = sourceDirectory;\n }\n\n if (latestVersion?.deprecated) {\n dep.deprecationMessage = `On registry \\`${registryUrl}\\`, the \"latest\" version of dependency \\`${packageName}\\` has the following deprecation notice:\\n\\n\\`${latestVersion.deprecated}\\`\\n\\nMarking the latest version of an npm package as deprecated results in the entire package being considered deprecated, so contact the package author you think this is a mistake.`;\n }\n dep.releases = Object.keys(res.versions).map((version) => {\n const release: Release = {\n version,\n gitRef: res.versions?.[version].gitHead,\n dependencies: res.versions?.[version].dependencies,\n devDependencies: res.versions?.[version].devDependencies,\n attestation: isString(res.versions?.[version].dist?.attestations?.url),\n };\n const releaseTimestamp = asTimestamp(res.time?.[version]);\n if (releaseTimestamp) {\n release.releaseTimestamp = releaseTimestamp;\n }\n if (res.versions?.[version].deprecated) {\n release.isDeprecated = true;\n }\n const nodeConstraint = res.versions?.[version].engines?.node;\n if (isNonEmptyString(nodeConstraint)) {\n release.constraints = { node: [nodeConstraint] };\n }\n const source = PackageSource.parse(res.versions?.[version].repository);\n if (source.sourceUrl && source.sourceUrl !== dep.sourceUrl) {\n release.sourceUrl = source.sourceUrl;\n }\n if (\n source.sourceDirectory &&\n source.sourceDirectory !== dep.sourceDirectory\n ) {\n release.sourceDirectory = source.sourceDirectory;\n }\n if (dep.deprecationMessage) {\n release.isDeprecated = true;\n }\n return release;\n });\n\n const isPublic = resp.headers?.['cache-control']\n ?.toLocaleLowerCase()\n ?.split(regEx(/\\s*,\\s*/))\n ?.includes('public');\n if (!isPublic) {\n dep.isPrivate = true;\n }\n\n logger.trace({ dep }, 'dep');\n return dep;\n } catch (err) {\n const actualError = err instanceof ExternalHostError ? err.err : err;\n const ignoredStatusCodes = [401, 402, 403, 404];\n const ignoredResponseCodes = ['ENOTFOUND'];\n if (\n actualError.message === HOST_DISABLED ||\n ignoredStatusCodes.includes(actualError.statusCode) ||\n ignoredResponseCodes.includes(actualError.code)\n ) {\n return null;\n }\n\n if (err instanceof ExternalHostError) {\n if (actualError.name === 'ParseError' && actualError.body) {\n actualError.body = 'err.body deleted by Renovate';\n err.err = actualError;\n }\n throw err;\n }\n logger.debug({ err }, 'Unknown npm lookup error');\n return null;\n }\n}\n"],"mappings":";;;;;;;;;;;AAeA,MAAM,mBAAmB,MACvB,2FACD;AAED,MAAM,kBAA0C;CAC9C,WAAW;CACX,QAAQ;CACR,QAAQ;CACT;AAOD,MAAM,gBAAgB,EACnB,MAAM,CACL,EACG,QAAQ,CACR,UAAU,CACV,WAAW,eAA8B;CACxC,IAAI,YAA2B;CAC/B,MAAM,kBAAkB;CACxB,MAAM,aAAa,WAAW,MAAM,iBAAiB;AACrD,KAAI,YAAY,QAAQ;EACtB,MAAM,EAAE,WAAW,UAAU,cAAc,WAAW;AACtD,cAAY,gBAAgB,YAAY;OAExC,aAAY;AAEd,QAAO;EAAE;EAAW;EAAiB;EACrC,EACJ,EACG,OAAO;CACN,KAAK,EAAE,QAAQ,CAAC,UAAU,CAAC,SAAS;CACpC,WAAW,EAAE,QAAQ,CAAC,UAAU,CAAC,SAAS;CAC3C,CAAC,CACD,WAAW,EAAE,KAAK,gBAAgB;CACjC,MAAM,MAAqB;EAAE,WAAW;EAAM,iBAAiB;EAAM;AAErE,KAAI,IACF,KAAI,YAAY;AAGlB,KAAI,UACF,KAAI,kBAAkB;AAGxB,QAAO;EACP,CACL,CAAC,CACD,MAAM;CAAE,WAAW;CAAM,iBAAiB;CAAM,CAAC;AAEpD,eAAsB,cACpB,MACA,aACA,aAC+B;AAC/B,QAAO,MAAM,qBAAqB,YAAY,GAAG;CAEjD,MAAM,aAAa,aAAa,aAAa,YAAY,QAAQ,KAAK,MAAM,CAAC;AAE7E,KAAI;EAMF,MAAM,UAAuB,EAAE,eALT,IAAI,yBAAyB;GACjD,WAAW;GACX,0BAA0B;GAC1B,yBAAyB;GAC1B,CAAC,EAC4C;AAG9C,MACE,gBAAgB,gCAChBA,KAAe,EAAE,KAAK,8BAA8B,CAAC,EAAE,iBACrD,KAAA,GACF;AACA,UAAO,MACL;IAAE;IAAa,UAAU;IAA8B,EACvD,oDACD;AACD,OAAc;IACZ,WAAW;IACX,cAAc;IACf,CAAC;;EAGJ,MAAM,OAAO,MAAM,KAAK,iBAA8B,YAAY,QAAQ;EAC1E,MAAM,EAAE,MAAM,QAAQ;AACtB,MAAI,CAAC,IAAI,YAAY,CAAC,OAAO,KAAK,IAAI,SAAS,CAAC,QAAQ;AAEtD,UAAO,MAAM,2CAA2C,cAAc;AACtE,UAAO;;EAGT,MAAM,gBAAgB,IAAI,SAAS,IAAI,cAAc,UAAU;AAC/D,MAAI,eAAe,eAAe;AAClC,MAAI,aAAa,eAAe;EAEhC,MAAM,EAAE,WAAW,oBAAoB,cAAc,MAAM,IAAI,WAAW;EAG1E,MAAM,MAAqB;GACzB,UAAU,IAAI;GACd,UAAU,EAAE;GACZ,MAAM,IAAI;GACV;GACD;AAED,MAAI,UACF,KAAI,YAAY;AAGlB,MAAI,gBACF,KAAI,kBAAkB;AAGxB,MAAI,eAAe,WACjB,KAAI,qBAAqB,iBAAiB,YAAY,2CAA2C,YAAY,gDAAgD,cAAc,WAAW;AAExL,MAAI,WAAW,OAAO,KAAK,IAAI,SAAS,CAAC,KAAK,YAAY;GACxD,MAAM,UAAmB;IACvB;IACA,QAAQ,IAAI,WAAW,SAAS;IAChC,cAAc,IAAI,WAAW,SAAS;IACtC,iBAAiB,IAAI,WAAW,SAAS;IACzC,aAAa,SAAS,IAAI,WAAW,SAAS,MAAM,cAAc,IAAI;IACvE;GACD,MAAM,mBAAmB,YAAY,IAAI,OAAO,SAAS;AACzD,OAAI,iBACF,SAAQ,mBAAmB;AAE7B,OAAI,IAAI,WAAW,SAAS,WAC1B,SAAQ,eAAe;GAEzB,MAAM,iBAAiB,IAAI,WAAW,SAAS,SAAS;AACxD,OAAI,iBAAiB,eAAe,CAClC,SAAQ,cAAc,EAAE,MAAM,CAAC,eAAe,EAAE;GAElD,MAAM,SAAS,cAAc,MAAM,IAAI,WAAW,SAAS,WAAW;AACtE,OAAI,OAAO,aAAa,OAAO,cAAc,IAAI,UAC/C,SAAQ,YAAY,OAAO;AAE7B,OACE,OAAO,mBACP,OAAO,oBAAoB,IAAI,gBAE/B,SAAQ,kBAAkB,OAAO;AAEnC,OAAI,IAAI,mBACN,SAAQ,eAAe;AAEzB,UAAO;IACP;AAMF,MAAI,CAJa,KAAK,UAAU,kBAC5B,mBAAmB,EACnB,MAAM,MAAM,UAAU,CAAC,EACvB,SAAS,SAAS,CAEpB,KAAI,YAAY;AAGlB,SAAO,MAAM,EAAE,KAAK,EAAE,MAAM;AAC5B,SAAO;UACA,KAAK;EACZ,MAAM,cAAc,eAAe,oBAAoB,IAAI,MAAM;AAGjE,MACE,YAAY,YAAA,mBAHa;GAAC;GAAK;GAAK;GAAK;GAAI,CAI1B,SAAS,YAAY,WAAW,IAHxB,CAAC,YAAY,CAInB,SAAS,YAAY,KAAK,CAE/C,QAAO;AAGT,MAAI,eAAe,mBAAmB;AACpC,OAAI,YAAY,SAAS,gBAAgB,YAAY,MAAM;AACzD,gBAAY,OAAO;AACnB,QAAI,MAAM;;AAEZ,SAAM;;AAER,SAAO,MAAM,EAAE,KAAK,EAAE,2BAA2B;AACjD,SAAO"}
|
|
1
|
+
{"version":3,"file":"get.js","names":["hostRules.find"],"sources":["../../../../lib/modules/datasource/npm/get.ts"],"sourcesContent":["import { isNonEmptyString, isString } from '@sindresorhus/is';\nimport { z } from 'zod/v3';\nimport { HOST_DISABLED } from '../../../constants/error-messages.ts';\nimport { logger } from '../../../logger/index.ts';\nimport { ExternalHostError } from '../../../types/errors/external-host-error.ts';\nimport * as hostRules from '../../../util/host-rules.ts';\nimport { PackageHttpCacheProvider } from '../../../util/http/cache/package-http-cache-provider.ts';\nimport type { Http } from '../../../util/http/index.ts';\nimport type { HttpOptions } from '../../../util/http/types.ts';\nimport { regEx } from '../../../util/regex.ts';\nimport { asTimestamp } from '../../../util/timestamp.ts';\nimport { joinUrlParts } from '../../../util/url.ts';\nimport type { Release, ReleaseResult } from '../types.ts';\nimport { CachedPackument } from './schema.ts';\nimport type { NpmResponse } from './types.ts';\n\nconst SHORT_REPO_REGEX = regEx(\n /^((?<platform>bitbucket|github|gitlab):)?(?<shortRepo>[A-Za-z0-9_.-]+\\/[A-Za-z0-9_.-]+)$/,\n);\n\nconst platformMapping: Record<string, string> = {\n bitbucket: 'https://bitbucket.org/',\n github: 'https://github.com/',\n gitlab: 'https://gitlab.com/',\n};\n\ninterface PackageSource {\n sourceUrl: string | null;\n sourceDirectory: string | null;\n}\n\nconst PackageSource = z\n .union([\n z\n .string()\n .nonempty()\n .transform((repository): PackageSource => {\n let sourceUrl: string | null = null;\n const sourceDirectory = null;\n const shortMatch = repository.match(SHORT_REPO_REGEX);\n if (shortMatch?.groups) {\n const { platform = 'github', shortRepo } = shortMatch.groups;\n sourceUrl = platformMapping[platform] + shortRepo;\n } else {\n sourceUrl = repository;\n }\n return { sourceUrl, sourceDirectory };\n }),\n z\n .object({\n url: z.string().nonempty().nullish(),\n directory: z.string().nonempty().nullish(),\n })\n .transform(({ url, directory }) => {\n const res: PackageSource = { sourceUrl: null, sourceDirectory: null };\n\n if (url) {\n res.sourceUrl = url;\n }\n\n if (directory) {\n res.sourceDirectory = directory;\n }\n\n return res;\n }),\n ])\n .catch({ sourceUrl: null, sourceDirectory: null });\n\nexport async function getDependency(\n http: Http,\n registryUrl: string,\n packageName: string,\n): Promise<ReleaseResult | null> {\n logger.trace(`npm.getDependency(${packageName})`);\n\n const packageUrl = joinUrlParts(registryUrl, packageName.replace('/', '%2F'));\n\n try {\n const cacheProvider = new PackageHttpCacheProvider({\n namespace: 'datasource-npm:cache-provider',\n checkAuthorizationHeader: false, // We don't rely on whether user token is provided or not\n checkCacheControlHeader: true,\n writeSchema: CachedPackument,\n });\n const options: HttpOptions = { cacheProvider };\n\n // set abortOnError for registry.npmjs.org if no hostRule with explicit abortOnError exists\n if (\n registryUrl === 'https://registry.npmjs.org' &&\n hostRules.find({ url: 'https://registry.npmjs.org' })?.abortOnError ===\n undefined\n ) {\n logger.trace(\n { packageName, registry: 'https://registry.npmjs.org' },\n 'setting abortOnError hostRule for well known host',\n );\n hostRules.add({\n matchHost: 'https://registry.npmjs.org',\n abortOnError: true,\n });\n }\n\n const resp = await http.getJsonUnchecked<NpmResponse>(packageUrl, options);\n const { body: res } = resp;\n if (!res.versions || !Object.keys(res.versions).length) {\n // Registry returned a 200 OK but with no versions\n logger.debug(`No versions returned for npm dependency ${packageName}`);\n return null;\n }\n\n const latestVersion = res.versions[res['dist-tags']?.latest ?? ''];\n res.repository ??= latestVersion?.repository;\n res.homepage ??= latestVersion?.homepage;\n\n const { sourceUrl, sourceDirectory } = PackageSource.parse(res.repository);\n\n // Simplify response before caching and returning\n const dep: ReleaseResult = {\n homepage: res.homepage,\n releases: [],\n tags: res['dist-tags'],\n registryUrl,\n };\n\n if (sourceUrl) {\n dep.sourceUrl = sourceUrl;\n }\n\n if (sourceDirectory) {\n dep.sourceDirectory = sourceDirectory;\n }\n\n if (latestVersion?.deprecated) {\n dep.deprecationMessage = `On registry \\`${registryUrl}\\`, the \"latest\" version of dependency \\`${packageName}\\` has the following deprecation notice:\\n\\n\\`${latestVersion.deprecated}\\`\\n\\nMarking the latest version of an npm package as deprecated results in the entire package being considered deprecated, so contact the package author you think this is a mistake.`;\n }\n dep.releases = Object.keys(res.versions).map((version) => {\n const release: Release = {\n version,\n gitRef: res.versions?.[version].gitHead,\n dependencies: res.versions?.[version].dependencies,\n devDependencies: res.versions?.[version].devDependencies,\n attestation: isString(res.versions?.[version].dist?.attestations?.url),\n };\n const releaseTimestamp = asTimestamp(res.time?.[version]);\n if (releaseTimestamp) {\n release.releaseTimestamp = releaseTimestamp;\n }\n if (res.versions?.[version].deprecated) {\n release.isDeprecated = true;\n }\n const nodeConstraint = res.versions?.[version].engines?.node;\n if (isNonEmptyString(nodeConstraint)) {\n release.constraints = { node: [nodeConstraint] };\n }\n const source = PackageSource.parse(res.versions?.[version].repository);\n if (source.sourceUrl && source.sourceUrl !== dep.sourceUrl) {\n release.sourceUrl = source.sourceUrl;\n }\n if (\n source.sourceDirectory &&\n source.sourceDirectory !== dep.sourceDirectory\n ) {\n release.sourceDirectory = source.sourceDirectory;\n }\n if (dep.deprecationMessage) {\n release.isDeprecated = true;\n }\n return release;\n });\n\n const isPublic = resp.headers?.['cache-control']\n ?.toLocaleLowerCase()\n ?.split(regEx(/\\s*,\\s*/))\n ?.includes('public');\n if (!isPublic) {\n dep.isPrivate = true;\n }\n\n logger.trace({ dep }, 'dep');\n return dep;\n } catch (err) {\n const actualError = err instanceof ExternalHostError ? err.err : err;\n const ignoredStatusCodes = [401, 402, 403, 404];\n const ignoredResponseCodes = ['ENOTFOUND'];\n if (\n actualError.message === HOST_DISABLED ||\n ignoredStatusCodes.includes(actualError.statusCode) ||\n ignoredResponseCodes.includes(actualError.code)\n ) {\n return null;\n }\n\n if (err instanceof ExternalHostError) {\n if (actualError.name === 'ParseError' && actualError.body) {\n actualError.body = 'err.body deleted by Renovate';\n err.err = actualError;\n }\n throw err;\n }\n logger.debug({ err }, 'Unknown npm lookup error');\n return null;\n }\n}\n"],"mappings":";;;;;;;;;;;;AAgBA,MAAM,mBAAmB,MACvB,2FACD;AAED,MAAM,kBAA0C;CAC9C,WAAW;CACX,QAAQ;CACR,QAAQ;CACT;AAOD,MAAM,gBAAgB,EACnB,MAAM,CACL,EACG,QAAQ,CACR,UAAU,CACV,WAAW,eAA8B;CACxC,IAAI,YAA2B;CAC/B,MAAM,kBAAkB;CACxB,MAAM,aAAa,WAAW,MAAM,iBAAiB;AACrD,KAAI,YAAY,QAAQ;EACtB,MAAM,EAAE,WAAW,UAAU,cAAc,WAAW;AACtD,cAAY,gBAAgB,YAAY;OAExC,aAAY;AAEd,QAAO;EAAE;EAAW;EAAiB;EACrC,EACJ,EACG,OAAO;CACN,KAAK,EAAE,QAAQ,CAAC,UAAU,CAAC,SAAS;CACpC,WAAW,EAAE,QAAQ,CAAC,UAAU,CAAC,SAAS;CAC3C,CAAC,CACD,WAAW,EAAE,KAAK,gBAAgB;CACjC,MAAM,MAAqB;EAAE,WAAW;EAAM,iBAAiB;EAAM;AAErE,KAAI,IACF,KAAI,YAAY;AAGlB,KAAI,UACF,KAAI,kBAAkB;AAGxB,QAAO;EACP,CACL,CAAC,CACD,MAAM;CAAE,WAAW;CAAM,iBAAiB;CAAM,CAAC;AAEpD,eAAsB,cACpB,MACA,aACA,aAC+B;AAC/B,QAAO,MAAM,qBAAqB,YAAY,GAAG;CAEjD,MAAM,aAAa,aAAa,aAAa,YAAY,QAAQ,KAAK,MAAM,CAAC;AAE7E,KAAI;EAOF,MAAM,UAAuB,EAAE,eANT,IAAI,yBAAyB;GACjD,WAAW;GACX,0BAA0B;GAC1B,yBAAyB;GACzB,aAAa;GACd,CAAC,EAC4C;AAG9C,MACE,gBAAgB,gCAChBA,KAAe,EAAE,KAAK,8BAA8B,CAAC,EAAE,iBACrD,KAAA,GACF;AACA,UAAO,MACL;IAAE;IAAa,UAAU;IAA8B,EACvD,oDACD;AACD,OAAc;IACZ,WAAW;IACX,cAAc;IACf,CAAC;;EAGJ,MAAM,OAAO,MAAM,KAAK,iBAA8B,YAAY,QAAQ;EAC1E,MAAM,EAAE,MAAM,QAAQ;AACtB,MAAI,CAAC,IAAI,YAAY,CAAC,OAAO,KAAK,IAAI,SAAS,CAAC,QAAQ;AAEtD,UAAO,MAAM,2CAA2C,cAAc;AACtE,UAAO;;EAGT,MAAM,gBAAgB,IAAI,SAAS,IAAI,cAAc,UAAU;AAC/D,MAAI,eAAe,eAAe;AAClC,MAAI,aAAa,eAAe;EAEhC,MAAM,EAAE,WAAW,oBAAoB,cAAc,MAAM,IAAI,WAAW;EAG1E,MAAM,MAAqB;GACzB,UAAU,IAAI;GACd,UAAU,EAAE;GACZ,MAAM,IAAI;GACV;GACD;AAED,MAAI,UACF,KAAI,YAAY;AAGlB,MAAI,gBACF,KAAI,kBAAkB;AAGxB,MAAI,eAAe,WACjB,KAAI,qBAAqB,iBAAiB,YAAY,2CAA2C,YAAY,gDAAgD,cAAc,WAAW;AAExL,MAAI,WAAW,OAAO,KAAK,IAAI,SAAS,CAAC,KAAK,YAAY;GACxD,MAAM,UAAmB;IACvB;IACA,QAAQ,IAAI,WAAW,SAAS;IAChC,cAAc,IAAI,WAAW,SAAS;IACtC,iBAAiB,IAAI,WAAW,SAAS;IACzC,aAAa,SAAS,IAAI,WAAW,SAAS,MAAM,cAAc,IAAI;IACvE;GACD,MAAM,mBAAmB,YAAY,IAAI,OAAO,SAAS;AACzD,OAAI,iBACF,SAAQ,mBAAmB;AAE7B,OAAI,IAAI,WAAW,SAAS,WAC1B,SAAQ,eAAe;GAEzB,MAAM,iBAAiB,IAAI,WAAW,SAAS,SAAS;AACxD,OAAI,iBAAiB,eAAe,CAClC,SAAQ,cAAc,EAAE,MAAM,CAAC,eAAe,EAAE;GAElD,MAAM,SAAS,cAAc,MAAM,IAAI,WAAW,SAAS,WAAW;AACtE,OAAI,OAAO,aAAa,OAAO,cAAc,IAAI,UAC/C,SAAQ,YAAY,OAAO;AAE7B,OACE,OAAO,mBACP,OAAO,oBAAoB,IAAI,gBAE/B,SAAQ,kBAAkB,OAAO;AAEnC,OAAI,IAAI,mBACN,SAAQ,eAAe;AAEzB,UAAO;IACP;AAMF,MAAI,CAJa,KAAK,UAAU,kBAC5B,mBAAmB,EACnB,MAAM,MAAM,UAAU,CAAC,EACvB,SAAS,SAAS,CAEpB,KAAI,YAAY;AAGlB,SAAO,MAAM,EAAE,KAAK,EAAE,MAAM;AAC5B,SAAO;UACA,KAAK;EACZ,MAAM,cAAc,eAAe,oBAAoB,IAAI,MAAM;AAGjE,MACE,YAAY,YAAA,mBAHa;GAAC;GAAK;GAAK;GAAK;GAAI,CAI1B,SAAS,YAAY,WAAW,IAHxB,CAAC,YAAY,CAInB,SAAS,YAAY,KAAK,CAE/C,QAAO;AAGT,MAAI,eAAe,mBAAmB;AACpC,OAAI,YAAY,SAAS,gBAAgB,YAAY,MAAM;AACzD,gBAAY,OAAO;AACnB,QAAI,MAAM;;AAEZ,SAAM;;AAER,SAAO,MAAM,EAAE,KAAK,EAAE,2BAA2B;AACjD,SAAO"}
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
import { z } from "zod/v3";
|
|
2
|
+
//#region lib/modules/datasource/npm/schema.ts
|
|
3
|
+
const Repository = z.union([z.string(), z.object({
|
|
4
|
+
url: z.string().optional(),
|
|
5
|
+
directory: z.string().optional()
|
|
6
|
+
})]);
|
|
7
|
+
const Attestations = z.object({ url: z.string().optional() });
|
|
8
|
+
const Distribution = z.object({ attestations: Attestations.optional() });
|
|
9
|
+
const Version = z.object({
|
|
10
|
+
repository: Repository.optional(),
|
|
11
|
+
homepage: z.string().optional(),
|
|
12
|
+
deprecated: z.union([z.string(), z.boolean()]).optional(),
|
|
13
|
+
gitHead: z.string().optional(),
|
|
14
|
+
dependencies: z.record(z.string()).optional(),
|
|
15
|
+
devDependencies: z.record(z.string()).optional(),
|
|
16
|
+
engines: z.object({ node: z.string().optional() }).optional(),
|
|
17
|
+
dist: Distribution.optional()
|
|
18
|
+
});
|
|
19
|
+
const CachedPackument = z.object({
|
|
20
|
+
versions: z.record(Version).optional(),
|
|
21
|
+
repository: Repository.optional(),
|
|
22
|
+
homepage: z.string().optional(),
|
|
23
|
+
time: z.record(z.string()).optional(),
|
|
24
|
+
"dist-tags": z.record(z.string()).optional()
|
|
25
|
+
});
|
|
26
|
+
//#endregion
|
|
27
|
+
export { CachedPackument };
|
|
28
|
+
|
|
29
|
+
//# sourceMappingURL=schema.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"schema.js","names":[],"sources":["../../../../lib/modules/datasource/npm/schema.ts"],"sourcesContent":["import { z } from 'zod/v3';\n\nconst Repository = z.union([\n z.string(),\n z.object({\n url: z.string().optional(),\n directory: z.string().optional(),\n }),\n]);\n\nconst Attestations = z.object({\n url: z.string().optional(),\n});\n\nconst Distribution = z.object({\n attestations: Attestations.optional(),\n});\n\nconst Version = z.object({\n repository: Repository.optional(),\n homepage: z.string().optional(),\n deprecated: z.union([z.string(), z.boolean()]).optional(),\n gitHead: z.string().optional(),\n dependencies: z.record(z.string()).optional(),\n devDependencies: z.record(z.string()).optional(),\n engines: z.object({ node: z.string().optional() }).optional(),\n dist: Distribution.optional(),\n});\n\nexport const CachedPackument = z.object({\n versions: z.record(Version).optional(),\n repository: Repository.optional(),\n homepage: z.string().optional(),\n time: z.record(z.string()).optional(),\n 'dist-tags': z.record(z.string()).optional(),\n});\n"],"mappings":";;AAEA,MAAM,aAAa,EAAE,MAAM,CACzB,EAAE,QAAQ,EACV,EAAE,OAAO;CACP,KAAK,EAAE,QAAQ,CAAC,UAAU;CAC1B,WAAW,EAAE,QAAQ,CAAC,UAAU;CACjC,CAAC,CACH,CAAC;AAEF,MAAM,eAAe,EAAE,OAAO,EAC5B,KAAK,EAAE,QAAQ,CAAC,UAAU,EAC3B,CAAC;AAEF,MAAM,eAAe,EAAE,OAAO,EAC5B,cAAc,aAAa,UAAU,EACtC,CAAC;AAEF,MAAM,UAAU,EAAE,OAAO;CACvB,YAAY,WAAW,UAAU;CACjC,UAAU,EAAE,QAAQ,CAAC,UAAU;CAC/B,YAAY,EAAE,MAAM,CAAC,EAAE,QAAQ,EAAE,EAAE,SAAS,CAAC,CAAC,CAAC,UAAU;CACzD,SAAS,EAAE,QAAQ,CAAC,UAAU;CAC9B,cAAc,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,UAAU;CAC7C,iBAAiB,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,UAAU;CAChD,SAAS,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC,UAAU;CAC7D,MAAM,aAAa,UAAU;CAC9B,CAAC;AAEF,MAAa,kBAAkB,EAAE,OAAO;CACtC,UAAU,EAAE,OAAO,QAAQ,CAAC,UAAU;CACtC,YAAY,WAAW,UAAU;CACjC,UAAU,EAAE,QAAQ,CAAC,UAAU;CAC/B,MAAM,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,UAAU;CACrC,aAAa,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,UAAU;CAC7C,CAAC"}
|
|
@@ -28,6 +28,8 @@ interface GetReleasesConfig {
|
|
|
28
28
|
packageName: string;
|
|
29
29
|
registryUrl?: string;
|
|
30
30
|
currentValue?: string;
|
|
31
|
+
constraints?: Record<string, string>;
|
|
32
|
+
constraintsFiltering?: ConstraintsFilter;
|
|
31
33
|
}
|
|
32
34
|
interface GetPkgReleasesConfig {
|
|
33
35
|
customDatasources?: Record<string, CustomDatasourceConfig>;
|
|
@@ -14,7 +14,7 @@ declare const GithubVulnerabilityAlerts: z.ZodEffects<z.ZodEffects<z.ZodArray<z.
|
|
|
14
14
|
};
|
|
15
15
|
security_vulnerability: {
|
|
16
16
|
package: {
|
|
17
|
-
ecosystem: "
|
|
17
|
+
ecosystem: "actions" | "composer" | "go" | "maven" | "npm" | "nuget" | "pip" | "rubygems" | "rust";
|
|
18
18
|
name: string;
|
|
19
19
|
};
|
|
20
20
|
vulnerable_version_range: string;
|
|
@@ -39,7 +39,7 @@ declare const GithubVulnerabilityAlerts: z.ZodEffects<z.ZodEffects<z.ZodArray<z.
|
|
|
39
39
|
};
|
|
40
40
|
security_vulnerability: {
|
|
41
41
|
package: {
|
|
42
|
-
ecosystem: "
|
|
42
|
+
ecosystem: "actions" | "composer" | "go" | "maven" | "npm" | "nuget" | "pip" | "rubygems" | "rust";
|
|
43
43
|
name: string;
|
|
44
44
|
};
|
|
45
45
|
vulnerable_version_range: string;
|
package/package.json
CHANGED
package/renovate-schema.json
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
{
|
|
2
2
|
"$id": "https://docs.renovatebot.com/renovate-schema.json",
|
|
3
|
-
"title": "JSON schema for Renovate 43.
|
|
3
|
+
"title": "JSON schema for Renovate 43.111.0 config files (https://renovatebot.com/)",
|
|
4
4
|
"$schema": "http://json-schema.org/draft-07/schema#",
|
|
5
|
-
"x-renovate-version": "43.
|
|
5
|
+
"x-renovate-version": "43.111.0",
|
|
6
6
|
"allowComments": true,
|
|
7
7
|
"type": "object",
|
|
8
8
|
"properties": {
|