class Dependabot::Gradle::UpdateChecker
Public Instance Methods
latest_resolvable_version()
click to toggle source
# File lib/dependabot/gradle/update_checker.rb, line 20 def latest_resolvable_version # TODO: Resolve the build.gradle to find the latest version we could # update to without updating any other dependencies at the same time. # # The above is hard. Currently we just return the latest version and # hope (hence this package manager is in beta!) return if git_dependency? return nil if version_comes_from_multi_dependency_property? return nil if version_comes_from_dependency_set? latest_version end
latest_resolvable_version_with_no_unlock()
click to toggle source
# File lib/dependabot/gradle/update_checker.rb, line 45 def latest_resolvable_version_with_no_unlock # Irrelevant, since Gradle has a single dependency file. # # For completeness we ought to resolve the build.gradle and return the # latest version that satisfies the current constraint AND any # constraints placed on it by other dependencies. Seeing as we're # never going to take any action as a result, though, we just return # nil. nil end
latest_version()
click to toggle source
# File lib/dependabot/gradle/update_checker.rb, line 14 def latest_version return if git_dependency? latest_version_details&.fetch(:version) end
lowest_resolvable_security_fix_version()
click to toggle source
# File lib/dependabot/gradle/update_checker.rb, line 37 def lowest_resolvable_security_fix_version return if git_dependency? return nil if version_comes_from_multi_dependency_property? return nil if version_comes_from_dependency_set? lowest_security_fix_version end
lowest_security_fix_version()
click to toggle source
# File lib/dependabot/gradle/update_checker.rb, line 33 def lowest_security_fix_version lowest_security_fix_version_details&.fetch(:version) end
requirements_unlocked_or_can_be?()
click to toggle source
# File lib/dependabot/gradle/update_checker.rb, line 69 def requirements_unlocked_or_can_be? # If the dependency version come from a property we couldn't # interpolate then there's nothing we can do. !dependency.version.include?("$") end
updated_requirements()
click to toggle source
# File lib/dependabot/gradle/update_checker.rb, line 56 def updated_requirements property_names = declarations_using_a_property. map { |req| req.dig(:metadata, :property_name) } RequirementsUpdater.new( requirements: dependency.requirements, latest_version: preferred_resolvable_version&.to_s, source_url: preferred_version_details&.fetch(:source_url), properties_to_update: property_names ).updated_requirements end
Private Instance Methods
all_property_based_dependencies()
click to toggle source
# File lib/dependabot/gradle/update_checker.rb, line 179 def all_property_based_dependencies @all_property_based_dependencies ||= Gradle::FileParser.new( dependency_files: dependency_files, source: nil ).parse.select do |dep| dep.requirements.any? { |req| req.dig(:metadata, :property_name) } end end
declarations_using_a_property()
click to toggle source
# File lib/dependabot/gradle/update_checker.rb, line 173 def declarations_using_a_property @declarations_using_a_property ||= dependency.requirements. select { |req| req.dig(:metadata, :property_name) } end
git_commit_checker()
click to toggle source
# File lib/dependabot/gradle/update_checker.rb, line 145 def git_commit_checker @git_commit_checker ||= GitCommitChecker.new( dependency: dependency, credentials: credentials ) end
git_dependency?()
click to toggle source
# File lib/dependabot/gradle/update_checker.rb, line 141 def git_dependency? git_commit_checker.git_dependency? end
latest_version_details()
click to toggle source
# File lib/dependabot/gradle/update_checker.rb, line 108 def latest_version_details @latest_version_details ||= version_finder.latest_version_details end
latest_version_resolvable_with_full_unlock?()
click to toggle source
# File lib/dependabot/gradle/update_checker.rb, line 77 def latest_version_resolvable_with_full_unlock? unless version_comes_from_multi_dependency_property? || version_comes_from_dependency_set? return false end multi_dependency_updater.update_possible? end
lowest_security_fix_version_details()
click to toggle source
# File lib/dependabot/gradle/update_checker.rb, line 112 def lowest_security_fix_version_details @lowest_security_fix_version_details ||= version_finder.lowest_security_fix_version_details end
multi_dependency_updater()
click to toggle source
# File lib/dependabot/gradle/update_checker.rb, line 129 def multi_dependency_updater @multi_dependency_updater ||= MultiDependencyUpdater.new( dependency: dependency, dependency_files: dependency_files, credentials: credentials, target_version_details: latest_version_details, ignored_versions: ignored_versions, raise_on_ignored: raise_on_ignored ) end
numeric_version_can_update?(requirements_to_unlock:)
click to toggle source
Calls superclass method
# File lib/dependabot/gradle/update_checker.rb, line 96 def numeric_version_can_update?(requirements_to_unlock:) return false unless version_class.correct?(dependency.version) super end
numeric_version_up_to_date?()
click to toggle source
Calls superclass method
# File lib/dependabot/gradle/update_checker.rb, line 90 def numeric_version_up_to_date? return false unless version_class.correct?(dependency.version) super end
preferred_version_details()
click to toggle source
# File lib/dependabot/gradle/update_checker.rb, line 102 def preferred_version_details return lowest_security_fix_version_details if vulnerable? latest_version_details end
updated_dependencies_after_full_unlock()
click to toggle source
# File lib/dependabot/gradle/update_checker.rb, line 86 def updated_dependencies_after_full_unlock multi_dependency_updater.updated_dependencies end
version_comes_from_dependency_set?()
click to toggle source
# File lib/dependabot/gradle/update_checker.rb, line 167 def version_comes_from_dependency_set? dependency.requirements.any? do |req| req.dig(:metadata, :dependency_set) end end
version_comes_from_multi_dependency_property?()
click to toggle source
# File lib/dependabot/gradle/update_checker.rb, line 153 def version_comes_from_multi_dependency_property? declarations_using_a_property.any? do |requirement| property_name = requirement.fetch(:metadata).fetch(:property_name) all_property_based_dependencies.any? do |dep| next false if dep.name == dependency.name dep.requirements.any? do |req| req.dig(:metadata, :property_name) == property_name end end end end
version_finder()
click to toggle source
# File lib/dependabot/gradle/update_checker.rb, line 117 def version_finder @version_finder ||= VersionFinder.new( dependency: dependency, dependency_files: dependency_files, credentials: credentials, ignored_versions: ignored_versions, raise_on_ignored: raise_on_ignored, security_advisories: security_advisories ) end