lib/dependabot/composer/update_checker/requirements_updater.rb in dependabot-composer-0.217.0 vs lib/dependabot/composer/update_checker/requirements_updater.rb in dependabot-composer-0.218.0
- old
+ new
@@ -17,11 +17,11 @@
VERSION_REGEX = /(?:#{ALIAS_REGEX})?[0-9]+(?:\.[a-zA-Z0-9*\-]+)*/
AND_SEPARATOR = /(?<=[a-zA-Z0-9*])(?<!\sas)[\s,]+(?![\s,]*[|-]|as)/
OR_SEPARATOR = /(?<=[a-zA-Z0-9*])[\s,]*\|\|?\s*/
SEPARATOR = /(?:#{AND_SEPARATOR})|(?:#{OR_SEPARATOR})/
ALLOWED_UPDATE_STRATEGIES =
- %i(widen_ranges bump_versions bump_versions_if_necessary).freeze
+ %i(lockfile_only widen_ranges bump_versions bump_versions_if_necessary).freeze
def initialize(requirements:, update_strategy:,
latest_resolvable_version:)
@requirements = requirements
@update_strategy = update_strategy
@@ -33,9 +33,10 @@
@latest_resolvable_version =
version_class.new(latest_resolvable_version)
end
def updated_requirements
+ return requirements if update_strategy == :lockfile_only
return requirements unless latest_resolvable_version
requirements.map { |req| updated_requirement(req) }
end