Class: Dependabot::Bun::UpdateChecker::VersionResolver

Inherits:

Object

• Object
• Dependabot::Bun::UpdateChecker::VersionResolver

Extended by:

T::Sig

Defined in:

lib/dependabot/bun/update_checker/version_resolver.rb

Constant Summary

TIGHTLY_COUPLED_MONOREPOS =

T.let(
  {
    "vue" => %w(vue vue-template-compiler)
  }.freeze,
  T::Hash[String, T::Array[String]]
)

NPM6_PEER_DEP_ERROR_REGEX =

Error message returned by ‘npm install` (for NPM 6): react-dom@15.2.0 requires a peer of react@^15.2.0 \ but none is installed. You must install peer dependencies yourself.

/
  (?<requiring_dep>[^\s]+)\s
  requires\sa\speer\sof\s
  (?<required_dep>.+?)\sbut\snone\sis\sinstalled.
/x

NPM8_PEER_DEP_ERROR_REGEX =

Error message returned by ‘npm install` (for NPM 8): npm ERR! Could not resolve dependency: npm ERR! peer react@“^16.14.0” from react-dom@16.14.0

or with two semver constraints: npm ERR! Could not resolve dependency: npm ERR! peer @opentelemetry/api@“>=1.0.0 <1.1.0” from @opentelemetry/context-async-hooks@1.0.1

/
  npm\s(?:WARN|ERR!)\sCould\snot\sresolve\sdependency:\n
  npm\s(?:WARN|ERR!)\speer\s(?<required_dep>\S+@\S+(\s\S+)?)\sfrom\s(?<requiring_dep>\S+@\S+)
/x

Instance Method Summary

• #dependency_updates_from_full_unlock ⇒ Object
• #initialize(dependency:, dependency_files:, credentials:, latest_allowable_version:, latest_version_finder:, repo_contents_path:, dependency_group: nil, raise_on_ignored: false, update_cooldown: nil) ⇒ VersionResolver constructor

  rubocop:disable Metrics/AbcSize.

• #latest_resolvable_previous_version(updated_version) ⇒ Object
• #latest_resolvable_version ⇒ Object
• #latest_version_resolvable_with_full_unlock? ⇒ Boolean

Constructor Details

#initialize(dependency:, dependency_files:, credentials:, latest_allowable_version:, latest_version_finder:, repo_contents_path:, dependency_group: nil, raise_on_ignored: false, update_cooldown: nil) ⇒ VersionResolver

rubocop:disable Metrics/AbcSize

# File 'lib/dependabot/bun/update_checker/version_resolver.rb', line 73

def initialize( # rubocop:disable Metrics/AbcSize
  dependency:,
  dependency_files:,
  credentials:,
  latest_allowable_version:,
  latest_version_finder:,
  repo_contents_path:,
  dependency_group: nil,
  raise_on_ignored: false,
  update_cooldown: nil
)
  @dependency               = dependency
  @dependency_files         = dependency_files
  @credentials              = credentials
  @latest_allowable_version = latest_allowable_version
  @dependency_group = dependency_group

  @latest_version_finder = T.let({}, T::Hash[Dependabot::Dependency, PackageLatestVersionFinder])
  @latest_version_finder[dependency] = latest_version_finder
  @repo_contents_path = repo_contents_path
  @raise_on_ignored = raise_on_ignored
  @update_cooldown = update_cooldown

  @types_package = T.let(nil, T.nilable(Dependabot::Dependency))
  @original_package = T.let(nil, T.nilable(Dependabot::Dependency))
  @latest_types_package_version = T.let(nil, T.nilable(Dependabot::Version))
  @dependency_files_builder = T.let(nil, T.nilable(DependencyFilesBuilder))
  @resolve_latest_previous_version = T.let({}, T::Hash[Dependabot::Dependency, T.nilable(String)])
  @paths_requiring_update_check = T.let(nil, T.nilable(T::Array[String]))
  @top_level_dependencies = T.let(nil, T.nilable(T::Array[Dependabot::Dependency]))
  @old_peer_dependency_errors = T.let(
    nil, T.nilable(T::Array[T.any(T::Hash[String, T.nilable(String)], String)])
  )
  @peer_dependency_errors = T.let(nil, T.nilable(T::Array[T.any(T::Hash[String, T.nilable(String)], String)]))
end

Instance Method Details

#dependency_updates_from_full_unlock ⇒ Object

# File 'lib/dependabot/bun/update_checker/version_resolver.rb', line 139

def dependency_updates_from_full_unlock
  return if git_dependency?(dependency)
  return updated_monorepo_dependencies if part_of_tightly_locked_monorepo?
  return if newly_broken_peer_reqs_from_dep.any?
  return if original_package_update_available?

  updates = [{
    dependency: dependency,
    version: latest_allowable_version,
    previous_version: latest_resolvable_previous_version(
      latest_allowable_version
    )
  }]
  newly_broken_peer_reqs_on_dep.each do |peer_req|
    dep_name = peer_req.fetch(:requiring_dep_name)
    dep = top_level_dependencies.find { |d| d.name == dep_name }

    # Can't handle reqs from sub-deps or git source deps (yet)
    return nil if dep.nil?
    return nil if git_dependency?(dep)

    updated_version =
      latest_version_of_dep_with_satisfied_peer_reqs(dep)
    return nil unless updated_version

    updates << {
      dependency: dep,
      version: updated_version,
      previous_version: resolve_latest_previous_version(
        dep, updated_version
      )
    }
  end
  updates += updated_types_dependencies if types_update_available?
  updates.uniq
end

#latest_resolvable_previous_version(updated_version) ⇒ Object

# File 'lib/dependabot/bun/update_checker/version_resolver.rb', line 133

def latest_resolvable_previous_version(updated_version)
  resolve_latest_previous_version(dependency, updated_version)
end

#latest_resolvable_version ⇒ Object

# File 'lib/dependabot/bun/update_checker/version_resolver.rb', line 110

def latest_resolvable_version
  return latest_allowable_version if git_dependency?(dependency)
  return if part_of_tightly_locked_monorepo?
  return if types_update_available?
  return if original_package_update_available?

  return latest_allowable_version unless relevant_unmet_peer_dependencies.any?

  satisfying_versions.first
end

#latest_version_resolvable_with_full_unlock? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dependabot/bun/update_checker/version_resolver.rb', line 122

def latest_version_resolvable_with_full_unlock?
  return false if dependency_updates_from_full_unlock.nil?

  true
end