Class: Dependabot::Cargo::FileUpdater::LockfileUpdater

Inherits:
Object
  • Object
show all
Extended by:
T::Sig
Defined in:
lib/dependabot/cargo/file_updater/lockfile_updater.rb

Overview

rubocop:disable Metrics/ClassLength

Constant Summary collapse

LOCKFILE_ENTRY_REGEX = 
/
  \[\[package\]\]\n
  (?:(?!^\[(?:\[package|metadata)).)+
/mx
LOCKFILE_CHECKSUM_REGEX = 
/^"checksum .*$/

Instance Method Summary collapse

Constructor Details

#initialize(dependencies:, dependency_files:, credentials:) ⇒ LockfileUpdater

Returns a new instance of LockfileUpdater.



34
35
36
37
38
39
40
41
42
43
44
45
 
# File 'lib/dependabot/cargo/file_updater/lockfile_updater.rb', line 34

def initialize(dependencies:, dependency_files:, credentials:)
  @dependencies = T.let(dependencies, T::Array[Dependabot::Dependency])
  @dependency_files = T.let(dependency_files, T::Array[Dependabot::DependencyFile])
  @credentials = T.let(credentials, T::Array[Dependabot::Credential])
  @custom_specification = T.let(nil, T.nilable(String))
  @git_ssh_requirements_to_swap = T.let(nil, T.nilable(T::Hash[String, String]))
  @manifest_files = T.let(nil, T.nilable(T::Array[Dependabot::DependencyFile]))
  @path_dependency_files = T.let(nil, T.nilable(T::Array[Dependabot::DependencyFile]))
  @lockfile = T.let(nil, T.nilable(Dependabot::DependencyFile))
  @toolchain = T.let(nil, T.nilable(Dependabot::DependencyFile))
  @config = T.let(nil, T.nilable(Dependabot::DependencyFile))
end

Instance Method Details

#updated_lockfile_contentObject 



48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
 
# File 'lib/dependabot/cargo/file_updater/lockfile_updater.rb', line 48

def updated_lockfile_content
  base_directory = T.must(dependency_files.first).directory
  SharedHelpers.in_a_temporary_directory(base_directory) do
    write_temporary_dependency_files

    SharedHelpers.with_git_configured(credentials: credentials) do
      # Shell out to Cargo, which handles everything for us, and does
      # so without doing an install (so it's fast).
      run_cargo_command("cargo update -p #{dependency_spec}", fingerprint: "cargo update -p <dependency_spec>")
    end

    updated_lockfile = File.read("Cargo.lock")
    updated_lockfile = post_process_lockfile(updated_lockfile)

    next updated_lockfile if updated_lockfile.include?(desired_lockfile_content)

    # If exact version match fails, accept any update
    if dependency_updated?(updated_lockfile, dependency)
      actual_version = extract_actual_version(updated_lockfile, dependency.name)
      if actual_version && actual_version != dependency.version
        Dependabot.logger.info(
          "Cargo selected version #{actual_version} instead of #{dependency.version} for #{dependency.name} " \
          "due to dependency constraints"
        )
      end
      next updated_lockfile
    end

    raise "Failed to update #{dependency.name}!"
  end
rescue Dependabot::SharedHelpers::HelperSubprocessFailed => e
  retry if better_specification_needed?(e)
  handle_cargo_error(e)
end