class Dependabot::NpmAndYarn::DependencyFilesFilterer

Attributes

dependency_files[R]
updated_dependencies[R]

Public Class Methods

new(dependency_files:, updated_dependencies:) click to toggle source
# File lib/dependabot/npm_and_yarn/dependency_files_filterer.rb, line 12
def initialize(dependency_files:, updated_dependencies:)
  @dependency_files = dependency_files
  @updated_dependencies = updated_dependencies
end

Public Instance Methods

files_requiring_update() click to toggle source
# File lib/dependabot/npm_and_yarn/dependency_files_filterer.rb, line 17
def files_requiring_update
  @files_requiring_update ||=
    dependency_files.select do |file|
      package_files_requiring_update.include?(file) ||
        package_required_lockfile?(file) ||
        workspaces_lockfile?(file)
    end
end
package_files_requiring_update() click to toggle source
# File lib/dependabot/npm_and_yarn/dependency_files_filterer.rb, line 26
def package_files_requiring_update
  @package_files_requiring_update ||=
    dependency_files.select do |file|
      dependency_manifest_requirements.include?(file.name)
    end
end

Private Instance Methods

dependency_manifest_requirements() click to toggle source
# File lib/dependabot/npm_and_yarn/dependency_files_filterer.rb, line 37
def dependency_manifest_requirements
  @dependency_manifest_requirements ||=
    updated_dependencies.flat_map do |dep|
      dep.requirements.map { |requirement| requirement[:file] }
    end
end
lockfile?(file) click to toggle source
# File lib/dependabot/npm_and_yarn/dependency_files_filterer.rb, line 87
def lockfile?(file)
  file.name.end_with?(
    "package-lock.json",
    "yarn.lock",
    "npm-shrinkwrap.json"
  )
end
lockfile_dependencies(lockfile) click to toggle source
# File lib/dependabot/npm_and_yarn/dependency_files_filterer.rb, line 75
def lockfile_dependencies(lockfile)
  @lockfile_dependencies ||= {}
  @lockfile_dependencies[lockfile.name] ||=
    NpmAndYarn::FileParser::LockfileParser.new(
      dependency_files: [lockfile]
    ).parse
end
manifest?(file) click to toggle source
# File lib/dependabot/npm_and_yarn/dependency_files_filterer.rb, line 83
def manifest?(file)
  file.name.end_with?("package.json")
end
package_required_lockfile?(lockfile) click to toggle source
# File lib/dependabot/npm_and_yarn/dependency_files_filterer.rb, line 44
def package_required_lockfile?(lockfile)
  return false unless lockfile?(lockfile)

  package_files_requiring_update.any? do |package_file|
    File.dirname(package_file.name) == File.dirname(lockfile.name)
  end
end
parsed_root_package_json() click to toggle source
# File lib/dependabot/npm_and_yarn/dependency_files_filterer.rb, line 59
def parsed_root_package_json
  @parsed_root_package_json ||=
    begin
      package = dependency_files.find { |f| f.name == "package.json" }
      JSON.parse(package.content)
    end
end
updated_dependencies_in_lockfile?(lockfile) click to toggle source
# File lib/dependabot/npm_and_yarn/dependency_files_filterer.rb, line 67
def updated_dependencies_in_lockfile?(lockfile)
  lockfile_dependencies(lockfile).any? do |sub_dep|
    updated_dependencies.any? do |updated_dep|
      sub_dep.name == updated_dep.name
    end
  end
end
workspaces_lockfile?(lockfile) click to toggle source
# File lib/dependabot/npm_and_yarn/dependency_files_filterer.rb, line 52
def workspaces_lockfile?(lockfile)
  return false unless ["yarn.lock", "package-lock.json"].include?(lockfile.name)
  return false unless parsed_root_package_json["workspaces"]

  updated_dependencies_in_lockfile?(lockfile)
end