Class: Dependabot::GitCommitChecker

Inherits:

Object

• Object
• Dependabot::GitCommitChecker

Defined in:

lib/dependabot/git_commit_checker.rb

Constant Summary

VERSION_REGEX =

/(?<version>[0-9]+\.[0-9]+(?:\.[a-zA-Z0-9\-]+)*)$/.freeze

KNOWN_HOSTS =

/github\.com|bitbucket\.org|gitlab.com/.freeze

Instance Method Summary

• #branch_or_ref_in_release?(version) ⇒ Boolean
• #git_dependency? ⇒ Boolean
• #head_commit_for_current_branch ⇒ Object
• #initialize(dependency:, credentials:, ignored_versions: [], requirement_class: nil, version_class: nil) ⇒ GitCommitChecker constructor

  A new instance of GitCommitChecker.

• #local_tag_for_latest_version ⇒ Object
• #pinned? ⇒ Boolean
• #pinned_ref_looks_like_version? ⇒ Boolean

Constructor Details

#initialize(dependency:, credentials:, ignored_versions: [], requirement_class: nil, version_class: nil) ⇒ GitCommitChecker

Returns a new instance of GitCommitChecker.

# File 'lib/dependabot/git_commit_checker.rb', line 17

def initialize(dependency:, credentials:, ignored_versions: [],
               requirement_class: nil, version_class: nil)
  @dependency = dependency
  @credentials = credentials
  @ignored_versions = ignored_versions
  @requirement_class = requirement_class
  @version_class = version_class
end

Instance Method Details

#branch_or_ref_in_release?(version) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dependabot/git_commit_checker.rb', line 53

def branch_or_ref_in_release?(version)
  pinned_ref_in_release?(version) || branch_behind_release?(version)
end

#git_dependency? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dependabot/git_commit_checker.rb', line 26

def git_dependency?
  return false if dependency_source_details.nil?

  dependency_source_details.fetch(:type) == "git"
end

#head_commit_for_current_branch ⇒ Object

Raises:

• (Dependabot::GitDependencyReferenceNotFound)

# File 'lib/dependabot/git_commit_checker.rb', line 57

def head_commit_for_current_branch
  return dependency.version if pinned?

  branch_ref = ref_or_branch ? "refs/heads/#{ref_or_branch}" : "HEAD"

  # Remove the opening clause of the upload pack as this isn't always
  # followed by a line break. When it isn't (e.g., with Bitbucket) it causes
  # problems for our `sha_for_update_pack_line` logic
  line = local_upload_pack.
         gsub(/.*git-upload-pack/, "").
         lines.find { |l| l.include?(" #{branch_ref}") }

  return sha_for_update_pack_line(line) if line

  raise Dependabot::GitDependencyReferenceNotFound, dependency.name
end

#local_tag_for_latest_version ⇒ Object

# File 'lib/dependabot/git_commit_checker.rb', line 74

def local_tag_for_latest_version
  tag =
    local_tags.
    select { |t| t.name.match?(VERSION_REGEX) }.
    reject { |t| tag_included_in_ignore_reqs?(t) }.
    reject { |t| tag_is_prerelease?(t) && !wants_prerelease? }.
    max_by do |t|
      version = t.name.match(VERSION_REGEX).named_captures.fetch("version")
      version_class.new(version)
    end

  return unless tag

  {
    tag: tag.name,
    commit_sha: tag.commit_sha,
    tag_sha: tag.tag_sha
  }
end

#pinned? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dependabot/git_commit_checker.rb', line 32

def pinned?
  raise "Not a git dependency!" unless git_dependency?

  ref = dependency_source_details.fetch(:ref)
  branch = dependency_source_details.fetch(:branch)

  return false if ref.nil?
  return false if branch == ref
  return true if branch
  return true if dependency.version&.start_with?(ref)

  # Check the specified `ref` isn't actually a branch
  !local_upload_pack.match?("refs/heads/#{ref}")
end

#pinned_ref_looks_like_version? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dependabot/git_commit_checker.rb', line 47

def pinned_ref_looks_like_version?
  return false unless pinned?

  dependency_source_details.fetch(:ref).match?(VERSION_REGEX)
end