Class: Dependabot::Python::UpdateChecker

Inherits:
UpdateCheckers::Base
  • Object
show all
Defined in:
lib/dependabot/python/update_checker.rb,
lib/dependabot/python/update_checker/index_finder.rb,
lib/dependabot/python/update_checker/pip_version_resolver.rb,
lib/dependabot/python/update_checker/requirements_updater.rb,
lib/dependabot/python/update_checker/latest_version_finder.rb,
lib/dependabot/python/update_checker/pipenv_version_resolver.rb,
lib/dependabot/python/update_checker/poetry_version_resolver.rb,
lib/dependabot/python/update_checker/pip_compile_version_resolver.rb

Defined Under Namespace

Classes: IndexFinder, LatestVersionFinder, PipCompileVersionResolver, PipVersionResolver, PipenvVersionResolver, PoetryVersionResolver, RequirementsUpdater

Constant Summary collapse

MAIN_PYPI_INDEXES = 
%w(
  https://pypi.python.org/simple/
  https://pypi.org/simple/
).freeze
VERSION_REGEX = 
/[0-9]+(?:\.[A-Za-z0-9\-_]+)*/

Instance Method Summary collapse

Instance Method Details

#latest_resolvable_versionObject 



37
38
39
40
41
42
43
44
45
46
47
48
 
# File 'lib/dependabot/python/update_checker.rb', line 37

def latest_resolvable_version
  @latest_resolvable_version ||=
    if resolver_type == :requirements
      resolver.latest_resolvable_version
    elsif resolver_type == :pip_compile && resolver.resolvable?(version: latest_version)
      latest_version
    else
      resolver.latest_resolvable_version(
        requirement: unlocked_requirement_string
      )
    end
end

#latest_resolvable_version_with_no_unlockObject 



50
51
52
53
54
55
56
57
58
59
 
# File 'lib/dependabot/python/update_checker.rb', line 50

def latest_resolvable_version_with_no_unlock
  @latest_resolvable_version_with_no_unlock ||=
    if resolver_type == :requirements
      resolver.latest_resolvable_version_with_no_unlock
    else
      resolver.latest_resolvable_version(
        requirement: current_requirement_string
      )
    end
end

#latest_versionObject 



33
34
35
 
# File 'lib/dependabot/python/update_checker.rb', line 33

def latest_version
  @latest_version ||= fetch_latest_version
end

#lowest_resolvable_security_fix_versionObject 



65
66
67
68
69
70
71
72
 
# File 'lib/dependabot/python/update_checker.rb', line 65

def lowest_resolvable_security_fix_version
  raise "Dependency not vulnerable!" unless vulnerable?

  return @lowest_resolvable_security_fix_version if defined?(@lowest_resolvable_security_fix_version)

  @lowest_resolvable_security_fix_version =
    fetch_lowest_resolvable_security_fix_version
end

#lowest_security_fix_versionObject 



61
62
63
 
# File 'lib/dependabot/python/update_checker.rb', line 61

def lowest_security_fix_version
  latest_version_finder.lowest_security_fix_version
end

#requirements_unlocked_or_can_be?Boolean

Returns:

  • (Boolean) 


83
84
85
 
# File 'lib/dependabot/python/update_checker.rb', line 83

def requirements_unlocked_or_can_be?
  !requirements_update_strategy.lockfile_only?
end

#requirements_update_strategyObject 



87
88
89
90
91
92
93
 
# File 'lib/dependabot/python/update_checker.rb', line 87

def requirements_update_strategy
  # If passed in as an option (in the base class) honour that option
  return @requirements_update_strategy if @requirements_update_strategy

  # Otherwise, check if this is a library or not
  library? ? RequirementsUpdateStrategy::WidenRanges : RequirementsUpdateStrategy::BumpVersions
end

#updated_requirementsObject 



74
75
76
77
78
79
80
81
 
# File 'lib/dependabot/python/update_checker.rb', line 74

def updated_requirements
  RequirementsUpdater.new(
    requirements: requirements,
    latest_resolvable_version: preferred_resolvable_version&.to_s,
    update_strategy: requirements_update_strategy,
    has_lockfile: !(pipfile_lock || poetry_lock).nil?
  ).updated_requirements
end