class Dependabot::Cargo::UpdateChecker::LatestVersionFinder
Attributes
credentials[R]
dependency[R]
dependency_files[R]
ignored_versions[R]
security_advisories[R]
Public Class Methods
new(dependency:, dependency_files:, credentials:, ignored_versions:, raise_on_ignored: false, security_advisories:)
click to toggle source
# File lib/dependabot/cargo/update_checker/latest_version_finder.rb, line 11 def initialize(dependency:, dependency_files:, credentials:, ignored_versions:, raise_on_ignored: false, security_advisories:) @dependency = dependency @dependency_files = dependency_files @credentials = credentials @ignored_versions = ignored_versions @raise_on_ignored = raise_on_ignored @security_advisories = security_advisories end
Public Instance Methods
latest_version()
click to toggle source
# File lib/dependabot/cargo/update_checker/latest_version_finder.rb, line 22 def latest_version @latest_version ||= fetch_latest_version end
lowest_security_fix_version()
click to toggle source
# File lib/dependabot/cargo/update_checker/latest_version_finder.rb, line 26 def lowest_security_fix_version @lowest_security_fix_version ||= fetch_lowest_security_fix_version end
Private Instance Methods
available_versions()
click to toggle source
# File lib/dependabot/cargo/update_checker/latest_version_finder.rb, line 76 def available_versions crates_listing. fetch("versions", []). reject { |v| v["yanked"] }. map { |v| version_class.new(v.fetch("num")) } end
crates_listing()
click to toggle source
# File lib/dependabot/cargo/update_checker/latest_version_finder.rb, line 83 def crates_listing return @crates_listing unless @crates_listing.nil? response = Excon.get( "https://crates.io/api/v1/crates/#{dependency.name}", idempotent: true, **SharedHelpers.excon_defaults ) @crates_listing = JSON.parse(response.body) rescue Excon::Error::Timeout retrying ||= false raise if retrying retrying = true sleep(rand(1.0..5.0)) && retry end
fetch_latest_version()
click to toggle source
# File lib/dependabot/cargo/update_checker/latest_version_finder.rb, line 35 def fetch_latest_version versions = available_versions versions = filter_prerelease_versions(versions) versions = filter_ignored_versions(versions) versions.max end
fetch_lowest_security_fix_version()
click to toggle source
# File lib/dependabot/cargo/update_checker/latest_version_finder.rb, line 42 def fetch_lowest_security_fix_version versions = available_versions versions = filter_prerelease_versions(versions) versions = Dependabot::UpdateCheckers::VersionFilters.filter_vulnerable_versions(versions, security_advisories) versions = filter_ignored_versions(versions) versions = filter_lower_versions(versions) versions.min end
filter_ignored_versions(versions_array)
click to toggle source
# File lib/dependabot/cargo/update_checker/latest_version_finder.rb, line 59 def filter_ignored_versions(versions_array) filtered = versions_array. reject { |v| ignore_requirements.any? { |r| r.satisfied_by?(v) } } if @raise_on_ignored && filter_lower_versions(filtered).empty? && filter_lower_versions(versions_array).any? raise Dependabot::AllVersionsIgnored end filtered end
filter_lower_versions(versions_array)
click to toggle source
# File lib/dependabot/cargo/update_checker/latest_version_finder.rb, line 69 def filter_lower_versions(versions_array) return versions_array unless dependency.version && version_class.correct?(dependency.version) versions_array. select { |version| version > version_class.new(dependency.version) } end
filter_prerelease_versions(versions_array)
click to toggle source
# File lib/dependabot/cargo/update_checker/latest_version_finder.rb, line 53 def filter_prerelease_versions(versions_array) return versions_array if wants_prerelease? versions_array.reject(&:prerelease?) end
ignore_requirements()
click to toggle source
# File lib/dependabot/cargo/update_checker/latest_version_finder.rb, line 113 def ignore_requirements ignored_versions.flat_map { |req| requirement_class.requirements_array(req) } end
requirement_class()
click to toggle source
# File lib/dependabot/cargo/update_checker/latest_version_finder.rb, line 121 def requirement_class Utils.requirement_class_for_package_manager( dependency.package_manager ) end
version_class()
click to toggle source
# File lib/dependabot/cargo/update_checker/latest_version_finder.rb, line 117 def version_class Utils.version_class_for_package_manager(dependency.package_manager) end
wants_prerelease?()
click to toggle source
# File lib/dependabot/cargo/update_checker/latest_version_finder.rb, line 101 def wants_prerelease? if dependency.version && version_class.new(dependency.version).prerelease? return true end dependency.requirements.any? do |req| reqs = (req.fetch(:requirement) || "").split(",").map(&:strip) reqs.any? { |r| r.match?(/[A-Za-z]/) } end end