Class: Dependabot::Docker::Version

Inherits:

Version

Object
Version
Dependabot::Docker::Version

Defined in:: lib/dependabot/docker/version.rb

Overview

In the special case of Java, the version string may also contain optional “update number” and “identifier” components. See www.oracle.com/java/technologies/javase/versioning-naming.html for a description of Java versions.

Constant Summary collapse

DOCKER_VERSION_REGEX = The regex has limits for the 0,255 and 1,255 repetitions to avoid infinite limits which makes codeql angry. A docker image cannot be longer than 255 characters anyways.

/^(?<prefix>[a-z._\-]{0,255})[_\-v]?(?<version>.{1,255})$/

Instance Attribute Summary collapse

#release_part ⇒ Object readonly

Returns the value of attribute release_part.

Class Method Summary collapse

.correct?(version) ⇒ Boolean

Instance Method Summary collapse

#<=>(other) ⇒ Object
#initialize(version) ⇒ Version constructor

A new instance of Version.
#segments ⇒ Object
#sort_criteria ⇒ Object
#to_semver ⇒ Object

Constructor Details

#initialize(version) ⇒ `Version`

Returns a new instance of Version.

# File 'lib/dependabot/docker/version.rb', line 20

def initialize(version)
  parsed_version = version.match(DOCKER_VERSION_REGEX)
  release_part, update_part = parsed_version[:version].split("_", 2)

  # The numeric_version is needed here to validate the version string (ex: 20.9.0-alpine3.18)
  # when the call is made via Depenedabot Api to convert the image version to semver.
  release_part = Tag.new(release_part.chomp(".").chomp("-").chomp("_")).numeric_version

  @release_part = Dependabot::Version.new(release_part.tr("-", "."))
  @update_part = Dependabot::Version.new(update_part&.start_with?(/[0-9]/) ? update_part : 0)

  super(@release_part)
end

Instance Attribute Details

#release_part ⇒ `Object` (readonly)

Returns the value of attribute release_part.



58
59
60

# File 'lib/dependabot/docker/version.rb', line 58

def release_part
  @release_part
end

Class Method Details

.correct?(version) ⇒ `Boolean`

Returns:

(Boolean)

# File 'lib/dependabot/docker/version.rb', line 34

def self.correct?(version)
  return true if version.is_a?(Gem::Version)

  # We can't call new here because Gem::Version calls self.correct? in its initialize method
  # causing an infinite loop, so instead we check if the release_part of the version is correct
  parsed_version = version.match(DOCKER_VERSION_REGEX)
  return false if parsed_version.nil?

  release_part, = parsed_version[:version].split("_", 2)
  release_part = Tag.new(release_part.chomp(".").chomp("-").chomp("_")).numeric_version || parsed_version
  super(release_part.to_s)
rescue ArgumentError
  # if we can't instantiate a version, it can't be correct
  false
end

Instance Method Details

#<=>(other) ⇒ `Object`



60
61
62

# File 'lib/dependabot/docker/version.rb', line 60

def <=>(other)
  sort_criteria <=> other.sort_criteria
end

#segments ⇒ `Object`



54
55
56

# File 'lib/dependabot/docker/version.rb', line 54

def segments
  @release_part.segments
end

#sort_criteria ⇒ `Object`



64
65
66

# File 'lib/dependabot/docker/version.rb', line 64

def sort_criteria
  [@release_part, @update_part]
end

#to_semver ⇒ `Object`



50
51
52

# File 'lib/dependabot/docker/version.rb', line 50

def to_semver
  @release_part.to_semver
end