Class: Dependabot::UpdateCheckers::JavaScript::NpmAndYarn::VersionResolver

Inherits:

Object

• Object
• Dependabot::UpdateCheckers::JavaScript::NpmAndYarn::VersionResolver

Defined in:

lib/dependabot/update_checkers/java_script/npm_and_yarn/version_resolver.rb

Constant Summary

TIGHTLY_COUPLED_MONOREPOS =

{
  "vue" => %w(vue vue-template-compiler)
}.freeze

YARN_PEER_DEP_ERROR_REGEX =

Error message from yarn add: “ > @reach/router@1.2.1” has incorrect \ peer dependency “react@15.x || 16.x || 16.4.0-alpha.0911da3” “ > react-burger-menu@1.9.9” has unmet \ peer dependency “react@>=0.14.0 <16.0.0”.

/
  "\s>\s(?<requiring_dep>[^"]+)"\s
  has\s(incorrect|unmet)\speer\sdependency\s
  "(?<required_dep>[^"]+)"
/x.freeze

NPM_PEER_DEP_ERROR_REGEX =

Error message from npm install: react-dom@15.2.0 requires a peer of react@^15.2.0 \ but none is installed. You must install peer dependencies yourself.

/
  (?<requiring_dep>[^\s]+)\s
  requires\sa\speer\sof\s
  (?<required_dep>.+?)\sbut\snone\sis\sinstalled.
/x.freeze

Instance Method Summary

• #dependency_updates_from_full_unlock ⇒ Object
• #initialize(dependency:, credentials:, dependency_files:, latest_allowable_version:, latest_version_finder:) ⇒ VersionResolver constructor

  A new instance of VersionResolver.

• #latest_resolvable_version ⇒ Object
• #latest_version_resolvable_with_full_unlock? ⇒ Boolean

Constructor Details

#initialize(dependency:, credentials:, dependency_files:, latest_allowable_version:, latest_version_finder:) ⇒ VersionResolver

Returns a new instance of VersionResolver.

# File 'lib/dependabot/update_checkers/java_script/npm_and_yarn/version_resolver.rb', line 49

def initialize(dependency:, credentials:, dependency_files:,
               latest_allowable_version:, latest_version_finder:)
  @dependency               = dependency
  @credentials              = credentials
  @dependency_files         = dependency_files
  @latest_allowable_version = latest_allowable_version

  @latest_version_finder = {}
  @latest_version_finder[dependency] = latest_version_finder
end

Instance Method Details

#dependency_updates_from_full_unlock ⇒ Object

# File 'lib/dependabot/update_checkers/java_script/npm_and_yarn/version_resolver.rb', line 77

def dependency_updates_from_full_unlock
  return if git_dependency?(dependency)
  if part_of_tightly_locked_monorepo?
    return updated_monorepo_dependencies
  end
  return if newly_broken_peer_reqs_from_dep.any?

  updates =
    [{ dependency: dependency, version: latest_allowable_version }]
  newly_broken_peer_reqs_on_dep.each do |peer_req|
    dep_name = peer_req.fetch(:requiring_dep_name)
    dep = top_level_dependencies.find { |d| d.name == dep_name }

    # Can't handle reqs from sub-deps or git source deps (yet)
    return nil if dep.nil?
    return nil if git_dependency?(dep)

    updated_version =
      latest_version_of_dep_with_satisfied_peer_reqs(dep)
    return nil unless updated_version

    updates << { dependency: dep, version: updated_version }
  end

  updates
end

#latest_resolvable_version ⇒ Object

# File 'lib/dependabot/update_checkers/java_script/npm_and_yarn/version_resolver.rb', line 60

def latest_resolvable_version
  return latest_allowable_version if git_dependency?(dependency)
  return if part_of_tightly_locked_monorepo?

  unless relevant_unmet_peer_dependencies.any?
    return latest_allowable_version
  end

  satisfying_versions.first
end

#latest_version_resolvable_with_full_unlock? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dependabot/update_checkers/java_script/npm_and_yarn/version_resolver.rb', line 71

def latest_version_resolvable_with_full_unlock?
  return false if dependency_updates_from_full_unlock.nil?

  true
end