class Dependabot::Bundler::UpdateChecker::LatestVersionFinder
Attributes
credentials[R]
dependency[R]
dependency_files[R]
ignored_versions[R]
options[R]
repo_contents_path[R]
security_advisories[R]
Public Class Methods
new(dependency:, dependency_files:, repo_contents_path: nil, credentials:, ignored_versions:, raise_on_ignored: false, security_advisories:, options:)
click to toggle source
# File lib/dependabot/bundler/update_checker/latest_version_finder.rb, line 17 def initialize(dependency:, dependency_files:, repo_contents_path: nil, credentials:, ignored_versions:, raise_on_ignored: false, security_advisories:, options:) @dependency = dependency @dependency_files = dependency_files @repo_contents_path = repo_contents_path @credentials = credentials @ignored_versions = ignored_versions @raise_on_ignored = raise_on_ignored @security_advisories = security_advisories @options = options end
Public Instance Methods
latest_version_details()
click to toggle source
# File lib/dependabot/bundler/update_checker/latest_version_finder.rb, line 30 def latest_version_details @latest_version_details ||= fetch_latest_version_details end
lowest_security_fix_version()
click to toggle source
# File lib/dependabot/bundler/update_checker/latest_version_finder.rb, line 34 def lowest_security_fix_version @lowest_security_fix_version ||= fetch_lowest_security_fix_version end
Private Instance Methods
dependency_source()
click to toggle source
# File lib/dependabot/bundler/update_checker/latest_version_finder.rb, line 105 def dependency_source @dependency_source ||= DependencySource.new( dependency: dependency, dependency_files: dependency_files, credentials: credentials, options: options ) end
fetch_latest_version_details()
click to toggle source
# File lib/dependabot/bundler/update_checker/latest_version_finder.rb, line 44 def fetch_latest_version_details return dependency_source.latest_git_version_details if dependency_source.git? relevant_versions = dependency_source.versions relevant_versions = filter_prerelease_versions(relevant_versions) relevant_versions = filter_ignored_versions(relevant_versions) relevant_versions.empty? ? nil : { version: relevant_versions.max } end
fetch_lowest_security_fix_version()
click to toggle source
# File lib/dependabot/bundler/update_checker/latest_version_finder.rb, line 54 def fetch_lowest_security_fix_version return if dependency_source.git? relevant_versions = dependency_source.versions relevant_versions = filter_prerelease_versions(relevant_versions) relevant_versions = Dependabot::UpdateCheckers::VersionFilters.filter_vulnerable_versions(relevant_versions, security_advisories) relevant_versions = filter_ignored_versions(relevant_versions) relevant_versions = filter_lower_versions(relevant_versions) relevant_versions.min end
filter_ignored_versions(versions_array)
click to toggle source
# File lib/dependabot/bundler/update_checker/latest_version_finder.rb, line 73 def filter_ignored_versions(versions_array) filtered = versions_array. reject { |v| ignore_requirements.any? { |r| r.satisfied_by?(v) } } if @raise_on_ignored && filter_lower_versions(filtered).empty? && filter_lower_versions(versions_array).any? raise AllVersionsIgnored end filtered end
filter_lower_versions(versions_array)
click to toggle source
# File lib/dependabot/bundler/update_checker/latest_version_finder.rb, line 83 def filter_lower_versions(versions_array) return versions_array unless dependency.version && Gem::Version.correct?(dependency.version) versions_array. select { |version| version > Gem::Version.new(dependency.version) } end
filter_prerelease_versions(versions_array)
click to toggle source
# File lib/dependabot/bundler/update_checker/latest_version_finder.rb, line 67 def filter_prerelease_versions(versions_array) return versions_array if wants_prerelease? versions_array.reject(&:prerelease?) end
gemfile()
click to toggle source
# File lib/dependabot/bundler/update_checker/latest_version_finder.rb, line 124 def gemfile dependency_files.find { |f| f.name == "Gemfile" } || dependency_files.find { |f| f.name == "gems.rb" } end
ignore_requirements()
click to toggle source
# File lib/dependabot/bundler/update_checker/latest_version_finder.rb, line 114 def ignore_requirements ignored_versions.flat_map { |req| requirement_class.requirements_array(req) } end
requirement_class()
click to toggle source
# File lib/dependabot/bundler/update_checker/latest_version_finder.rb, line 118 def requirement_class Utils.requirement_class_for_package_manager( dependency.package_manager ) end
wants_prerelease?()
click to toggle source
# File lib/dependabot/bundler/update_checker/latest_version_finder.rb, line 90 def wants_prerelease? @wants_prerelease ||= begin current_version = dependency.version if current_version && Gem::Version.correct?(current_version) && Gem::Version.new(current_version).prerelease? true else dependency.requirements.any? do |req| req[:requirement].match?(/[a-z]/i) end end end end