Class: Dependabot::UpdateCheckers::Base

Inherits:

Object

• Object
• Dependabot::UpdateCheckers::Base

Extended by:

T::Helpers, T::Sig

Defined in:

lib/dependabot/update_checkers/base.rb

Instance Attribute Summary

• #credentials ⇒ Object readonly

  Returns the value of attribute credentials.

• #dependency ⇒ Object readonly

  Returns the value of attribute dependency.

• #dependency_files ⇒ Object readonly

  Returns the value of attribute dependency_files.

• #dependency_group ⇒ Object readonly

  Returns the value of attribute dependency_group.

• #ignored_versions ⇒ Object readonly

  Returns the value of attribute ignored_versions.

• #options ⇒ Object readonly

  Returns the value of attribute options.

• #raise_on_ignored ⇒ Object readonly

  Returns the value of attribute raise_on_ignored.

• #repo_contents_path ⇒ Object readonly

  Returns the value of attribute repo_contents_path.

• #requirements_update_strategy ⇒ Object readonly

  Returns the value of attribute requirements_update_strategy.

• #security_advisories ⇒ Object readonly

  Returns the value of attribute security_advisories.

• #update_cooldown ⇒ Object readonly

  Returns the value of attribute update_cooldown.

Instance Method Summary

• #can_update?(requirements_to_unlock:) ⇒ Boolean
• #conflicting_dependencies ⇒ Object
• #ignore_requirements ⇒ Object
• #initialize(dependency:, dependency_files:, credentials:, repo_contents_path: nil, ignored_versions: [], raise_on_ignored: false, security_advisories: [], requirements_update_strategy: nil, dependency_group: nil, update_cooldown: nil, options: {}) ⇒ Base constructor

  A new instance of Base.

• #latest_resolvable_previous_version(_updated_version) ⇒ Object
• #latest_resolvable_version ⇒ Object
• #latest_resolvable_version_with_no_unlock ⇒ Object
• #latest_version ⇒ Object
• #lowest_resolvable_security_fix_version ⇒ Object
• #lowest_security_fix_version ⇒ Object
• #preferred_resolvable_version ⇒ Object
• #requirement_class ⇒ Object
• #requirements_unlocked_or_can_be? ⇒ Boolean
• #up_to_date? ⇒ Boolean
• #updated_dependencies(requirements_to_unlock:) ⇒ Object
• #updated_requirements ⇒ Object
• #version_class ⇒ Object
• #vulnerable? ⇒ Boolean

Constructor Details

#initialize(dependency:, dependency_files:, credentials:, repo_contents_path: nil, ignored_versions: [], raise_on_ignored: false, security_advisories: [], requirements_update_strategy: nil, dependency_group: nil, update_cooldown: nil, options: {}) ⇒ Base

Returns a new instance of Base.

# File 'lib/dependabot/update_checkers/base.rb', line 68

def initialize(
  dependency:,
  dependency_files:,
  credentials:,
  repo_contents_path: nil,
  ignored_versions: [],
  raise_on_ignored: false,
  security_advisories: [],
  requirements_update_strategy: nil,
  dependency_group: nil,
  update_cooldown: nil,
  options: {}
)
  @dependency = dependency
  @dependency_files = dependency_files
  @repo_contents_path = repo_contents_path
  @credentials = credentials
  @requirements_update_strategy = requirements_update_strategy
  @ignored_versions = ignored_versions
  @raise_on_ignored = raise_on_ignored
  @security_advisories = security_advisories
  @dependency_group = dependency_group
  @update_cooldown = update_cooldown
  @options = options
end

Instance Attribute Details

#credentials ⇒ Object (readonly)

Returns the value of attribute credentials.

# File 'lib/dependabot/update_checkers/base.rb', line 29

def credentials
  @credentials
end

#dependency ⇒ Object (readonly)

Returns the value of attribute dependency.

# File 'lib/dependabot/update_checkers/base.rb', line 20

def dependency
  @dependency
end

#dependency_files ⇒ Object (readonly)

Returns the value of attribute dependency_files.

# File 'lib/dependabot/update_checkers/base.rb', line 23

def dependency_files
  @dependency_files
end

#dependency_group ⇒ Object (readonly)

Returns the value of attribute dependency_group.

# File 'lib/dependabot/update_checkers/base.rb', line 44

def dependency_group
  @dependency_group
end

#ignored_versions ⇒ Object (readonly)

Returns the value of attribute ignored_versions.

# File 'lib/dependabot/update_checkers/base.rb', line 32

def ignored_versions
  @ignored_versions
end

#options ⇒ Object (readonly)

Returns the value of attribute options.

# File 'lib/dependabot/update_checkers/base.rb', line 50

def options
  @options
end

#raise_on_ignored ⇒ Object (readonly)

Returns the value of attribute raise_on_ignored.

# File 'lib/dependabot/update_checkers/base.rb', line 35

def raise_on_ignored
  @raise_on_ignored
end

#repo_contents_path ⇒ Object (readonly)

Returns the value of attribute repo_contents_path.

# File 'lib/dependabot/update_checkers/base.rb', line 26

def repo_contents_path
  @repo_contents_path
end

#requirements_update_strategy ⇒ Object (readonly)

Returns the value of attribute requirements_update_strategy.

# File 'lib/dependabot/update_checkers/base.rb', line 41

def requirements_update_strategy
  @requirements_update_strategy
end

#security_advisories ⇒ Object (readonly)

Returns the value of attribute security_advisories.

# File 'lib/dependabot/update_checkers/base.rb', line 38

def security_advisories
  @security_advisories
end

#update_cooldown ⇒ Object (readonly)

Returns the value of attribute update_cooldown.

# File 'lib/dependabot/update_checkers/base.rb', line 47

def update_cooldown
  @update_cooldown
end

Instance Method Details

#can_update?(requirements_to_unlock:) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dependabot/update_checkers/base.rb', line 104

def can_update?(requirements_to_unlock:)
  # Can't update if all versions are being ignored
  return false if ignore_requirements.include?(requirement_class.new(">= 0"))

  if dependency.version
    version_can_update?(requirements_to_unlock: requirements_to_unlock)
  else
    # TODO: Handle full unlock updates for dependencies without a lockfile
    return false if requirements_to_unlock == :none

    requirements_can_update?
  end
end

#conflicting_dependencies ⇒ Object

# File 'lib/dependabot/update_checkers/base.rb', line 176

def conflicting_dependencies
  [] # return an empty array for ecosystems that don't support this yet
end

#ignore_requirements ⇒ Object

# File 'lib/dependabot/update_checkers/base.rb', line 223

def ignore_requirements
  ignored_versions.flat_map { |req| requirement_class.requirements_array(req) }
end

#latest_resolvable_previous_version(_updated_version) ⇒ Object

# File 'lib/dependabot/update_checkers/base.rb', line 181

def latest_resolvable_previous_version(_updated_version)
  dependency.version
end

#latest_resolvable_version ⇒ Object

Raises:

• (NotImplementedError)

# File 'lib/dependabot/update_checkers/base.rb', line 148

def latest_resolvable_version
  raise NotImplementedError, "#{self.class} must implement #latest_resolvable_version"
end

#latest_resolvable_version_with_no_unlock ⇒ Object

Raises:

• (NotImplementedError)

# File 'lib/dependabot/update_checkers/base.rb', line 165

def latest_resolvable_version_with_no_unlock
  raise NotImplementedError, "#{self.class} must implement #latest_resolvable_version_with_no_unlock"
end

#latest_version ⇒ Object

Raises:

• (NotImplementedError)

# File 'lib/dependabot/update_checkers/base.rb', line 131

def latest_version
  raise NotImplementedError, "#{self.class} must implement #latest_version"
end

#lowest_resolvable_security_fix_version ⇒ Object

Raises:

• (NotImplementedError)

# File 'lib/dependabot/update_checkers/base.rb', line 160

def lowest_resolvable_security_fix_version
  raise NotImplementedError, "#{self.class} must implement #lowest_resolvable_security_fix_version"
end

#lowest_security_fix_version ⇒ Object

Raises:

• (NotImplementedError)

# File 'lib/dependabot/update_checkers/base.rb', line 155

def lowest_security_fix_version
  raise NotImplementedError, "#{self.class} must implement #lowest_security_fix_version"
end

#preferred_resolvable_version ⇒ Object

# File 'lib/dependabot/update_checkers/base.rb', line 136

def preferred_resolvable_version
  # If this dependency is vulnerable, prefer trying to update to the
  # lowest_resolvable_security_fix_version. Otherwise update all the way
  # to the latest_resolvable_version.
  return lowest_resolvable_security_fix_version if vulnerable?

  latest_resolvable_version
rescue NotImplementedError
  latest_resolvable_version
end

#requirement_class ⇒ Object

# File 'lib/dependabot/update_checkers/base.rb', line 196

def requirement_class
  dependency.requirement_class
end

#requirements_unlocked_or_can_be? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dependabot/update_checkers/base.rb', line 204

def requirements_unlocked_or_can_be?
  true
end

#up_to_date? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dependabot/update_checkers/base.rb', line 95

def up_to_date?
  if dependency.version
    version_up_to_date?
  else
    requirements_up_to_date?
  end
end

#updated_dependencies(requirements_to_unlock:) ⇒ Object

# File 'lib/dependabot/update_checkers/base.rb', line 119

def updated_dependencies(requirements_to_unlock:)
  return [] unless can_update?(requirements_to_unlock: requirements_to_unlock)

  case requirements_to_unlock&.to_sym
  when :none then [updated_dependency_without_unlock]
  when :own then [updated_dependency_with_own_req_unlock]
  when :all then updated_dependencies_after_full_unlock
  else raise "Unknown unlock level '#{requirements_to_unlock}'"
  end
end

#updated_requirements ⇒ Object

Raises:

• (NotImplementedError)

# File 'lib/dependabot/update_checkers/base.rb', line 186

def updated_requirements
  raise NotImplementedError
end

#version_class ⇒ Object

# File 'lib/dependabot/update_checkers/base.rb', line 191

def version_class
  dependency.version_class
end

#vulnerable? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dependabot/update_checkers/base.rb', line 209

def vulnerable?
  return false if security_advisories.none?

  # Can't (currently) detect whether dependencies without a version
  # (i.e., for repos without a lockfile) are vulnerable
  return false unless dependency.version

  # Can't (currently) detect whether git dependencies are vulnerable
  return false if existing_version_is_sha?

  active_advisories.any?
end