Class: Dependabot::GitCommitChecker

Inherits:
Object
  • Object
show all
Defined in:
lib/dependabot/git_commit_checker.rb

Constant Summary collapse

VERSION_REGEX =
/(?<version>[0-9]+\.[0-9]+(?:\.[a-zA-Z0-9\-]+)*)$/.freeze

Instance Method Summary collapse

Constructor Details

#initialize(dependency:, credentials:, ignored_versions: [], requirement_class: nil, version_class: nil) ⇒ GitCommitChecker

Returns a new instance of GitCommitChecker.



19
20
21
22
23
24
25
26
# File 'lib/dependabot/git_commit_checker.rb', line 19

def initialize(dependency:, credentials:, ignored_versions: [],
               requirement_class: nil, version_class: nil)
  @dependency = dependency
  @credentials = credentials
  @ignored_versions = ignored_versions
  @requirement_class = requirement_class
  @version_class = version_class
end

Instance Method Details

#branch_or_ref_in_release?(version) ⇒ Boolean

Returns:

  • (Boolean)


55
56
57
# File 'lib/dependabot/git_commit_checker.rb', line 55

def branch_or_ref_in_release?(version)
  pinned_ref_in_release?(version) || branch_behind_release?(version)
end

#git_dependency?Boolean

Returns:

  • (Boolean)


28
29
30
31
32
# File 'lib/dependabot/git_commit_checker.rb', line 28

def git_dependency?
  return false if dependency_source_details.nil?

  dependency_source_details.fetch(:type) == "git"
end

#git_repo_reachable?Boolean

Returns:

  • (Boolean)


98
99
100
101
102
103
# File 'lib/dependabot/git_commit_checker.rb', line 98

def git_repo_reachable?
  local_upload_pack
  true
rescue Dependabot::GitDependenciesNotReachable
  false
end

#head_commit_for_current_branchObject



59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
# File 'lib/dependabot/git_commit_checker.rb', line 59

def head_commit_for_current_branch
  return dependency.version if pinned?

  branch_ref = ref_or_branch ? "refs/heads/#{ref_or_branch}" : "HEAD"

  # Remove the opening clause of the upload pack as this isn't always
  # followed by a line break. When it isn't (e.g., with Bitbucket) it causes
  # problems for our `sha_for_update_pack_line` logic
  line = local_upload_pack.
         gsub(/.*git-upload-pack/, "").
         lines.find { |l| l.include?(" #{branch_ref}") }

  return sha_for_update_pack_line(line) if line

  raise Dependabot::GitDependencyReferenceNotFound, dependency.name
end

#local_tag_for_latest_versionObject



76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
# File 'lib/dependabot/git_commit_checker.rb', line 76

def local_tag_for_latest_version
  tag =
    local_tags.
    select { |t| version_tag?(t.name) && matches_existing_prefix?(t.name) }.
    reject { |t| tag_included_in_ignore_reqs?(t) }.
    reject { |t| tag_is_prerelease?(t) && !wants_prerelease? }.
    max_by do |t|
      version = t.name.match(VERSION_REGEX).named_captures.fetch("version")
      version_class.new(version)
    end

  return unless tag

  version = tag.name.match(VERSION_REGEX).named_captures.fetch("version")
  {
    tag: tag.name,
    version: version_class.new(version),
    commit_sha: tag.commit_sha,
    tag_sha: tag.tag_sha
  }
end

#pinned?Boolean

Returns:

  • (Boolean)


34
35
36
37
38
39
40
41
42
43
44
45
46
47
# File 'lib/dependabot/git_commit_checker.rb', line 34

def pinned?
  raise "Not a git dependency!" unless git_dependency?

  ref = dependency_source_details.fetch(:ref)
  branch = dependency_source_details.fetch(:branch)

  return false if ref.nil?
  return false if branch == ref
  return true if branch
  return true if dependency.version&.start_with?(ref)

  # Check the specified `ref` isn't actually a branch
  !local_upload_pack.match?("refs/heads/#{ref}")
end

#pinned_ref_looks_like_version?Boolean

Returns:

  • (Boolean)


49
50
51
52
53
# File 'lib/dependabot/git_commit_checker.rb', line 49

def pinned_ref_looks_like_version?
  return false unless pinned?

  dependency_source_details.fetch(:ref).match?(VERSION_REGEX)
end