class Dependabot::NpmAndYarn::FileUpdater::PackageJsonPreparer

Attributes

package_json_content[R]

Public Class Methods

new(package_json_content:) click to toggle source
# File lib/dependabot/npm_and_yarn/file_updater/package_json_preparer.rb, line 10
def initialize(package_json_content:)
  @package_json_content = package_json_content
end

Public Instance Methods

prepared_content() click to toggle source
# File lib/dependabot/npm_and_yarn/file_updater/package_json_preparer.rb, line 14
def prepared_content
  content = package_json_content
  content = replace_ssh_sources(content)
  content = remove_workspace_path_prefixes(content)
  content = remove_invalid_characters(content)
  content
end
remove_invalid_characters(content) click to toggle source
# File lib/dependabot/npm_and_yarn/file_updater/package_json_preparer.rb, line 53
def remove_invalid_characters(content)
  content.
    gsub(/\{\{[^\}]*?\}\}/, "something"). # {{ nm }} syntax not allowed
    gsub(/(?<!\\)\\ /, " ").          # escaped whitespace not allowed
    gsub(%r{^\s*//.*}, " ")           # comments are not allowed
end
remove_workspace_path_prefixes(content) click to toggle source

A bug prevents Yarn recognising that a directory is part of a workspace if it is specified with a `./` prefix.

# File lib/dependabot/npm_and_yarn/file_updater/package_json_preparer.rb, line 35
def remove_workspace_path_prefixes(content)
  json = JSON.parse(content)
  return content unless json.key?("workspaces")

  workspace_object = json.fetch("workspaces")
  paths_array =
    if workspace_object.is_a?(Hash)
      workspace_object.values_at("packages", "nohoist").
        flatten.compact
    elsif workspace_object.is_a?(Array) then workspace_object
    else raise "Unexpected workspace object"
    end

  paths_array.each { |path| path.gsub!(%r{^\./}, "") }

  json.to_json
end
replace_ssh_sources(content) click to toggle source
# File lib/dependabot/npm_and_yarn/file_updater/package_json_preparer.rb, line 22
def replace_ssh_sources(content)
  updated_content = content

  git_ssh_requirements_to_swap.each do |req|
    new_req = req.gsub(%r{git\+ssh://git@(.*?)[:/]}, 'https://\1/')
    updated_content = updated_content.gsub(req, new_req)
  end

  updated_content
end
swapped_ssh_requirements() click to toggle source
# File lib/dependabot/npm_and_yarn/file_updater/package_json_preparer.rb, line 60
def swapped_ssh_requirements
  git_ssh_requirements_to_swap
end

Private Instance Methods

git_ssh_requirements_to_swap() click to toggle source
# File lib/dependabot/npm_and_yarn/file_updater/package_json_preparer.rb, line 68
def git_ssh_requirements_to_swap
  return @git_ssh_requirements_to_swap if @git_ssh_requirements_to_swap

  @git_ssh_requirements_to_swap = []

  NpmAndYarn::FileParser::DEPENDENCY_TYPES.each do |t|
    JSON.parse(package_json_content).fetch(t, {}).each do |_, req|
      next unless req.is_a?(String)
      next unless req.start_with?("git+ssh:")

      req = req.split("#").first
      @git_ssh_requirements_to_swap << req
    end
  end

  @git_ssh_requirements_to_swap
end