class Dependabot::NpmAndYarn::DependencyFilesFilterer
Attributes
dependency_files[R]
updated_dependencies[R]
Public Class Methods
new(dependency_files:, updated_dependencies:)
click to toggle source
# File lib/dependabot/npm_and_yarn/dependency_files_filterer.rb, line 12 def initialize(dependency_files:, updated_dependencies:) @dependency_files = dependency_files @updated_dependencies = updated_dependencies end
Public Instance Methods
files_requiring_update()
click to toggle source
# File lib/dependabot/npm_and_yarn/dependency_files_filterer.rb, line 17 def files_requiring_update @files_requiring_update ||= dependency_files.select do |file| package_files_requiring_update.include?(file) || package_required_lockfile?(file) || workspaces_lockfile?(file) end end
package_files_requiring_update()
click to toggle source
# File lib/dependabot/npm_and_yarn/dependency_files_filterer.rb, line 26 def package_files_requiring_update @package_files_requiring_update ||= dependency_files.select do |file| dependency_manifest_requirements.include?(file.name) end end
Private Instance Methods
dependency_manifest_requirements()
click to toggle source
# File lib/dependabot/npm_and_yarn/dependency_files_filterer.rb, line 37 def dependency_manifest_requirements @dependency_manifest_requirements ||= updated_dependencies.flat_map do |dep| dep.requirements.map { |requirement| requirement[:file] } end end
lockfile?(file)
click to toggle source
# File lib/dependabot/npm_and_yarn/dependency_files_filterer.rb, line 87 def lockfile?(file) file.name.end_with?( "package-lock.json", "yarn.lock", "npm-shrinkwrap.json" ) end
lockfile_dependencies(lockfile)
click to toggle source
# File lib/dependabot/npm_and_yarn/dependency_files_filterer.rb, line 75 def lockfile_dependencies(lockfile) @lockfile_dependencies ||= {} @lockfile_dependencies[lockfile.name] ||= NpmAndYarn::FileParser::LockfileParser.new( dependency_files: [lockfile] ).parse end
manifest?(file)
click to toggle source
# File lib/dependabot/npm_and_yarn/dependency_files_filterer.rb, line 83 def manifest?(file) file.name.end_with?("package.json") end
package_required_lockfile?(lockfile)
click to toggle source
# File lib/dependabot/npm_and_yarn/dependency_files_filterer.rb, line 44 def package_required_lockfile?(lockfile) return false unless lockfile?(lockfile) package_files_requiring_update.any? do |package_file| File.dirname(package_file.name) == File.dirname(lockfile.name) end end
parsed_root_package_json()
click to toggle source
# File lib/dependabot/npm_and_yarn/dependency_files_filterer.rb, line 59 def parsed_root_package_json @parsed_root_package_json ||= begin package = dependency_files.find { |f| f.name == "package.json" } JSON.parse(package.content) end end
updated_dependencies_in_lockfile?(lockfile)
click to toggle source
# File lib/dependabot/npm_and_yarn/dependency_files_filterer.rb, line 67 def updated_dependencies_in_lockfile?(lockfile) lockfile_dependencies(lockfile).any? do |sub_dep| updated_dependencies.any? do |updated_dep| sub_dep.name == updated_dep.name end end end
workspaces_lockfile?(lockfile)
click to toggle source
# File lib/dependabot/npm_and_yarn/dependency_files_filterer.rb, line 52 def workspaces_lockfile?(lockfile) return false unless ["yarn.lock", "package-lock.json"].include?(lockfile.name) return false unless parsed_root_package_json["workspaces"] updated_dependencies_in_lockfile?(lockfile) end