Class: Dependabot::GitCommitChecker

Inherits:

Object

• Object
• Dependabot::GitCommitChecker

Defined in:

lib/dependabot/git_commit_checker.rb

Constant Summary

VERSION_REGEX =

/
  (?<version>
    (?<=^v)[0-9]+(?:\-[a-z0-9]+)?
    |
    [0-9]+\.[0-9]+(?:\.[a-z0-9\-]+)*
  )$
/ix

Instance Method Summary

• #allowed_version_tags ⇒ Object
• #branch_or_ref_in_release?(version) ⇒ Boolean
• #current_version ⇒ Object
• #filter_lower_versions(tags) ⇒ Object
• #git_dependency? ⇒ Boolean
• #git_repo_reachable? ⇒ Boolean
• #head_commit_for_current_branch ⇒ Object
• #head_commit_for_local_branch(name) ⇒ Object
• #initialize(dependency:, credentials:, ignored_versions: [], raise_on_ignored: false, requirement_class: nil, version_class: nil) ⇒ GitCommitChecker constructor

  A new instance of GitCommitChecker.

• #local_tag_for_latest_version ⇒ Object
• #local_tag_for_pinned_version ⇒ Object
• #local_tags_for_latest_version_commit_sha ⇒ Object
• #max_version_tag(tags) ⇒ Object
• #pinned? ⇒ Boolean
• #pinned_ref_looks_like_commit_sha? ⇒ Boolean
• #pinned_ref_looks_like_version? ⇒ Boolean
• #ref_looks_like_commit_sha?(ref) ⇒ Boolean

Constructor Details

#initialize(dependency:, credentials:, ignored_versions: [], raise_on_ignored: false, requirement_class: nil, version_class: nil) ⇒ GitCommitChecker

Returns a new instance of GitCommitChecker.

# File 'lib/dependabot/git_commit_checker.rb', line 24

def initialize(dependency:, credentials:,
               ignored_versions: [], raise_on_ignored: false,
               requirement_class: nil, version_class: nil)
  @dependency = dependency
  @credentials = credentials
  @ignored_versions = ignored_versions
  @raise_on_ignored = raise_on_ignored
  @requirement_class = requirement_class
  @version_class = version_class
end

Instance Method Details

#allowed_version_tags ⇒ Object

# File 'lib/dependabot/git_commit_checker.rb', line 145

def allowed_version_tags
  tags =
    local_tags.
    select { |t| version_tag?(t.name) && matches_existing_prefix?(t.name) }
  filtered = tags.
             reject { |t| tag_included_in_ignore_requirements?(t) }
  if @raise_on_ignored && filter_lower_versions(filtered).empty? && filter_lower_versions(tags).any?
    raise Dependabot::AllVersionsIgnored
  end

  filtered.
    reject { |t| tag_is_prerelease?(t) && !wants_prerelease? }
end

#branch_or_ref_in_release?(version) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dependabot/git_commit_checker.rb', line 81

def branch_or_ref_in_release?(version)
  pinned_ref_in_release?(version) || branch_behind_release?(version)
end

#current_version ⇒ Object

# File 'lib/dependabot/git_commit_checker.rb', line 159

def current_version
  return unless dependency.version && version_tag?(dependency.version)

  version = dependency.version.match(VERSION_REGEX).named_captures.fetch("version")
  version_class.new(version)
end

#filter_lower_versions(tags) ⇒ Object

# File 'lib/dependabot/git_commit_checker.rb', line 166

def filter_lower_versions(tags)
  return tags unless current_version

  versions = tags.map do |t|
    version = t.name.match(VERSION_REGEX).named_captures.fetch("version")
    version_class.new(version)
  end

  versions.select do |version|
    version > current_version
  end
end

#git_dependency? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dependabot/git_commit_checker.rb', line 35

def git_dependency?
  return false if dependency_source_details.nil?

  dependency_source_details.fetch(:type) == "git"
end

#git_repo_reachable? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dependabot/git_commit_checker.rb', line 190

def git_repo_reachable?
  local_upload_pack
  true
rescue Dependabot::GitDependenciesNotReachable
  false
end

#head_commit_for_current_branch ⇒ Object

Raises:

• (Dependabot::GitDependencyReferenceNotFound)

# File 'lib/dependabot/git_commit_checker.rb', line 85

def head_commit_for_current_branch
  ref = ref_or_branch || "HEAD"

  if pinned?
    return dependency.version ||
           local_repo_git_metadata_fetcher.head_commit_for_ref(ref)
  end

  sha = local_repo_git_metadata_fetcher.head_commit_for_ref(ref)
  return sha if sha

  raise Dependabot::GitDependencyReferenceNotFound, dependency.name
end

#head_commit_for_local_branch(name) ⇒ Object

# File 'lib/dependabot/git_commit_checker.rb', line 99

def head_commit_for_local_branch(name)
  local_repo_git_metadata_fetcher.head_commit_for_ref(name)
end

#local_tag_for_latest_version ⇒ Object

# File 'lib/dependabot/git_commit_checker.rb', line 122

def local_tag_for_latest_version
  tag = max_version_tag(allowed_version_tags)

  return unless tag

  version = tag.name.match(VERSION_REGEX).named_captures.fetch("version")
  {
    tag: tag.name,
    version: version_class.new(version),
    commit_sha: tag.commit_sha,
    tag_sha: tag.tag_sha
  }
end

#local_tag_for_pinned_version ⇒ Object

# File 'lib/dependabot/git_commit_checker.rb', line 179

def local_tag_for_pinned_version
  return unless pinned?

  ref = dependency_source_details.fetch(:ref)
  tags = local_tags.select { |t| t.commit_sha == ref && version_class.correct?(t.name) }.
         sort_by { |t| version_class.new(t.name) }
  return if tags.empty?

  tags[-1].name
end

#local_tags_for_latest_version_commit_sha ⇒ Object

# File 'lib/dependabot/git_commit_checker.rb', line 103

def local_tags_for_latest_version_commit_sha
  tags = allowed_version_tags
  max_tag = max_version_tag(tags)

  return [] unless max_tag

  tags.
    select { |t| t.commit_sha == max_tag.commit_sha }.
    map do |t|
      version = t.name.match(VERSION_REGEX).named_captures.fetch("version")
      {
        tag: t.name,
        version: version_class.new(version),
        commit_sha: t.commit_sha,
        tag_sha: t.tag_sha
      }
    end
end

#max_version_tag(tags) ⇒ Object

# File 'lib/dependabot/git_commit_checker.rb', line 136

def max_version_tag(tags)
  tags.
    max_by do |t|
    version = t.name.match(VERSION_REGEX).named_captures.
              fetch("version")
    version_class.new(version)
  end
end

#pinned? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dependabot/git_commit_checker.rb', line 41

def pinned?
  raise "Not a git dependency!" unless git_dependency?

  ref = dependency_source_details.fetch(:ref)
  branch = dependency_source_details.fetch(:branch)

  return false if ref.nil?
  return false if branch == ref
  return true if branch
  return true if dependency.version&.start_with?(ref)

  # If the specified `ref` is actually a tag, we're pinned
  return true if local_upload_pack.match?(%r{ refs/tags/#{ref}$})

  # If the specified `ref` is actually a branch, we're NOT pinned
  return false if local_upload_pack.match?(%r{ refs/heads/#{ref}$})

  # Otherwise, assume we're pinned
  true
end

#pinned_ref_looks_like_commit_sha? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dependabot/git_commit_checker.rb', line 68

def pinned_ref_looks_like_commit_sha?
  ref = dependency_source_details.fetch(:ref)
  ref_looks_like_commit_sha?(ref)
end

#pinned_ref_looks_like_version? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dependabot/git_commit_checker.rb', line 62

def pinned_ref_looks_like_version?
  return false unless pinned?

  dependency_source_details.fetch(:ref).match?(VERSION_REGEX)
end

#ref_looks_like_commit_sha?(ref) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dependabot/git_commit_checker.rb', line 73

def ref_looks_like_commit_sha?(ref)
  return false unless ref&.match?(/^[0-9a-f]{6,40}$/)

  return false unless pinned?

  local_repo_git_metadata_fetcher.head_commit_for_ref(ref).nil?
end