Class: Dependabot::GitCommitChecker

Inherits:
Object
  • Object
show all
Defined in:
lib/dependabot/git_commit_checker.rb

Constant Summary collapse

VERSION_REGEX =
/
  (?<version>
    (?<=^v)[0-9]+(?:\-[a-z0-9]+)?
    |
    [0-9]+\.[0-9]+(?:\.[a-z0-9\-]+)*
  )$
/ix.freeze

Instance Method Summary collapse

Constructor Details

#initialize(dependency:, credentials:, ignored_versions: [], requirement_class: nil, version_class: nil) ⇒ GitCommitChecker

Returns a new instance of GitCommitChecker.



24
25
26
27
28
29
30
31
# File 'lib/dependabot/git_commit_checker.rb', line 24

def initialize(dependency:, credentials:, ignored_versions: [],
               requirement_class: nil, version_class: nil)
  @dependency = dependency
  @credentials = credentials
  @ignored_versions = ignored_versions
  @requirement_class = requirement_class
  @version_class = version_class
end

Instance Method Details

#branch_or_ref_in_release?(version) ⇒ Boolean

Returns:

  • (Boolean)


69
70
71
# File 'lib/dependabot/git_commit_checker.rb', line 69

def branch_or_ref_in_release?(version)
  pinned_ref_in_release?(version) || branch_behind_release?(version)
end

#git_dependency?Boolean

Returns:

  • (Boolean)


33
34
35
36
37
# File 'lib/dependabot/git_commit_checker.rb', line 33

def git_dependency?
  return false if dependency_source_details.nil?

  dependency_source_details.fetch(:type) == "git"
end

#git_repo_reachable?Boolean

Returns:

  • (Boolean)


109
110
111
112
113
114
# File 'lib/dependabot/git_commit_checker.rb', line 109

def git_repo_reachable?
  local_upload_pack
  true
rescue Dependabot::GitDependenciesNotReachable
  false
end

#head_commit_for_current_branchObject



73
74
75
76
77
78
79
80
81
82
83
84
85
# File 'lib/dependabot/git_commit_checker.rb', line 73

def head_commit_for_current_branch
  ref = ref_or_branch || "HEAD"

  if pinned?
    return dependency.version ||
           .head_commit_for_ref(ref)
  end

  sha = .head_commit_for_ref(ref)
  return sha if sha

  raise Dependabot::GitDependencyReferenceNotFound, dependency.name
end

#local_tag_for_latest_versionObject



87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
# File 'lib/dependabot/git_commit_checker.rb', line 87

def local_tag_for_latest_version
  tag =
    local_tags.
    select { |t| version_tag?(t.name) && matches_existing_prefix?(t.name) }.
    reject { |t| tag_included_in_ignore_reqs?(t) }.
    reject { |t| tag_is_prerelease?(t) && !wants_prerelease? }.
    max_by do |t|
      version = t.name.match(VERSION_REGEX).named_captures.fetch("version")
      version_class.new(version)
    end

  return unless tag

  version = tag.name.match(VERSION_REGEX).named_captures.fetch("version")
  {
    tag: tag.name,
    version: version_class.new(version),
    commit_sha: tag.commit_sha,
    tag_sha: tag.tag_sha
  }
end

#pinned?Boolean

Returns:

  • (Boolean)


39
40
41
42
43
44
45
46
47
48
49
50
51
52
# File 'lib/dependabot/git_commit_checker.rb', line 39

def pinned?
  raise "Not a git dependency!" unless git_dependency?

  ref = dependency_source_details.fetch(:ref)
  branch = dependency_source_details.fetch(:branch)

  return false if ref.nil?
  return false if branch == ref
  return true if branch
  return true if dependency.version&.start_with?(ref)

  # Check the specified `ref` isn't actually a branch
  !local_upload_pack.match?("refs/heads/#{ref}")
end

#pinned_ref_looks_like_commit_sha?Boolean

Returns:

  • (Boolean)


60
61
62
63
64
65
66
67
# File 'lib/dependabot/git_commit_checker.rb', line 60

def pinned_ref_looks_like_commit_sha?
  return false unless pinned?

  ref = dependency_source_details.fetch(:ref)
  return false unless ref.match?(/^[0-9a-f]{6,40}$/)

  .head_commit_for_ref(ref).nil?
end

#pinned_ref_looks_like_version?Boolean

Returns:

  • (Boolean)


54
55
56
57
58
# File 'lib/dependabot/git_commit_checker.rb', line 54

def pinned_ref_looks_like_version?
  return false unless pinned?

  dependency_source_details.fetch(:ref).match?(VERSION_REGEX)
end