class Dependabot::Bundler::UpdateChecker::LatestVersionFinder::DependencySource

Constants

GIT
OTHER
PRIVATE_REGISTRY
RUBYGEMS

Attributes

credentials[R]
dependency[R]
dependency_files[R]
options[R]
repo_contents_path[R]

Public Class Methods

new(dependency:, dependency_files:, credentials:, options:) click to toggle source
# File lib/dependabot/bundler/update_checker/latest_version_finder/dependency_source.rb, line 22
def initialize(dependency:,
               dependency_files:,
               credentials:,
               options:)
  @dependency          = dependency
  @dependency_files    = dependency_files
  @credentials         = credentials
  @options             = options
end

Public Instance Methods

git?() click to toggle source
# File lib/dependabot/bundler/update_checker/latest_version_finder/dependency_source.rb, line 77
def git?
  source_type == GIT
end
latest_git_version_details() click to toggle source

The latest version details for the dependency from a git repo

@return [Hash{Symbol => String}, nil]

# File lib/dependabot/bundler/update_checker/latest_version_finder/dependency_source.rb, line 52
def latest_git_version_details
  return unless git?

  source_details =
    dependency.requirements.map { |r| r.fetch(:source) }.
    uniq.compact.first

  SharedHelpers.with_git_configured(credentials: credentials) do
    in_a_native_bundler_context do |tmp_dir|
      NativeHelpers.run_bundler_subprocess(
        bundler_version: bundler_version,
        function: "depencency_source_latest_git_version",
        args: {
          dir: tmp_dir,
          gemfile_name: gemfile.name,
          dependency_name: dependency.name,
          credentials: credentials,
          dependency_source_url: source_details[:url],
          dependency_source_branch: source_details[:branch]
        }
      )
    end
  end.transform_keys(&:to_sym)
end
versions() click to toggle source

The latest version details for the dependency from a registry

@return [Array<Gem::Version>]

# File lib/dependabot/bundler/update_checker/latest_version_finder/dependency_source.rb, line 35
def versions
  return rubygems_versions if dependency.name == "bundler"
  return rubygems_versions unless gemfile

  case source_type
  when OTHER, GIT
    []
  when PRIVATE_REGISTRY
    private_registry_versions
  else
    rubygems_versions
  end
end

Private Instance Methods

bundler_version() click to toggle source
# File lib/dependabot/bundler/update_checker/latest_version_finder/dependency_source.rb, line 149
def bundler_version
  @bundler_version ||= Helpers.bundler_version(lockfile)
end
dependency_rubygems_uri() click to toggle source
# File lib/dependabot/bundler/update_checker/latest_version_finder/dependency_source.rb, line 99
def dependency_rubygems_uri
  "https://rubygems.org/api/v1/versions/#{dependency.name}.json"
end
gemfile() click to toggle source
# File lib/dependabot/bundler/update_checker/latest_version_finder/dependency_source.rb, line 139
def gemfile
  dependency_files.find { |f| f.name == "Gemfile" } ||
    dependency_files.find { |f| f.name == "gems.rb" }
end
lockfile() click to toggle source
# File lib/dependabot/bundler/update_checker/latest_version_finder/dependency_source.rb, line 144
def lockfile
  dependency_files.find { |f| f.name == "Gemfile.lock" } ||
    dependency_files.find { |f| f.name == "gems.locked" }
end
private_registry_versions() click to toggle source
# File lib/dependabot/bundler/update_checker/latest_version_finder/dependency_source.rb, line 103
def private_registry_versions
  @private_registry_versions ||=
    in_a_native_bundler_context do |tmp_dir|
      NativeHelpers.run_bundler_subprocess(
        bundler_version: bundler_version,
        function: "private_registry_versions",
        args: {
          dir: tmp_dir,
          gemfile_name: gemfile.name,
          dependency_name: dependency.name,
          credentials: credentials
        }
      ).map do |version_string|
        Gem::Version.new(version_string)
      end
    end
end
rubygems_versions() click to toggle source
# File lib/dependabot/bundler/update_checker/latest_version_finder/dependency_source.rb, line 83
def rubygems_versions
  @rubygems_versions ||=
    begin
      response = Excon.get(
        dependency_rubygems_uri,
        idempotent: true,
        **SharedHelpers.excon_defaults
      )

      JSON.parse(response.body).
        map { |d| Gem::Version.new(d["number"]) }
    end
rescue JSON::ParserError, Excon::Error::Timeout
  @rubygems_versions = []
end
source_type() click to toggle source
# File lib/dependabot/bundler/update_checker/latest_version_finder/dependency_source.rb, line 121
def source_type
  return @source_type if defined? @source_type
  return @source_type = RUBYGEMS unless gemfile

  @source_type = in_a_native_bundler_context do |tmp_dir|
    NativeHelpers.run_bundler_subprocess(
      bundler_version: bundler_version,
      function: "dependency_source_type",
      args: {
        dir: tmp_dir,
        gemfile_name: gemfile.name,
        dependency_name: dependency.name,
        credentials: credentials
      }
    )
  end
end