Class: Dependabot::GoModules::UpdateChecker

Inherits:
UpdateCheckers::Base
  • Object
show all
Defined in:
lib/dependabot/go_modules/update_checker.rb,
lib/dependabot/go_modules/update_checker/latest_version_finder.rb

Defined Under Namespace

Classes: LatestVersionFinder

Instance Method Summary collapse

Instance Method Details

#latest_resolvable_versionObject 



15
16
17
18
19
20
21
22
23
24
25
26
27
28
 
# File 'lib/dependabot/go_modules/update_checker.rb', line 15

def latest_resolvable_version
  # We don't yet support updating indirect dependencies for go_modules
  #
  # To update indirect dependencies we'll need to promote the indirect
  # dependency to the go.mod file forcing the resolver to pick this
  # version (possibly as `// indirect`)
  unless dependency.top_level?
    return unless dependency.version

    return version_class.new(dependency.version)
  end

  latest_version_finder.latest_version
end

#latest_resolvable_version_with_no_unlockObject 



53
54
55
56
 
# File 'lib/dependabot/go_modules/update_checker.rb', line 53

def latest_resolvable_version_with_no_unlock
  # Irrelevant, since Go modules uses a single dependency file
  nil
end

#latest_versionObject

This is currently used to short-circuit latest_resolvable_version, with the assumption that it’ll be quicker than checking resolvability. As this is quite quick in Go anyway, we just alias.



33
34
35
 
# File 'lib/dependabot/go_modules/update_checker.rb', line 33

def latest_version
  latest_resolvable_version
end

#lowest_resolvable_security_fix_versionObject 



37
38
39
40
41
42
43
44
45
46
47
 
# File 'lib/dependabot/go_modules/update_checker.rb', line 37

def lowest_resolvable_security_fix_version
  raise "Dependency not vulnerable!" unless vulnerable?

  unless dependency.top_level?
    return unless dependency.version

    return version_class.new(dependency.version)
  end

  lowest_security_fix_version
end

#lowest_security_fix_versionObject 



49
50
51
 
# File 'lib/dependabot/go_modules/update_checker.rb', line 49

def lowest_security_fix_version
  latest_version_finder.lowest_security_fix_version
end

#updated_requirementsObject 



58
59
60
61
62
 
# File 'lib/dependabot/go_modules/update_checker.rb', line 58

def updated_requirements
  dependency.requirements.map do |req|
    req.merge(requirement: latest_version)
  end
end