Class: Dependabot::Cargo::UpdateChecker

Inherits:
UpdateCheckers::Base
  • Object
show all
Extended by:
T::Sig
Defined in:
lib/dependabot/cargo/update_checker.rb,
lib/dependabot/cargo/update_checker/file_preparer.rb,
lib/dependabot/cargo/update_checker/version_resolver.rb,
lib/dependabot/cargo/update_checker/requirements_updater.rb,
lib/dependabot/cargo/update_checker/latest_version_finder.rb

Defined Under Namespace

Classes: FilePreparer, LatestVersionFinder, RequirementsUpdater, VersionResolver

Instance Method Summary collapse

Instance Method Details

#latest_resolvable_versionObject 



40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
 
# File 'lib/dependabot/cargo/update_checker.rb', line 40

def latest_resolvable_version
  return if path_dependency?

  @latest_resolvable_version = T.let(
    @latest_resolvable_version ||
      if git_dependency?
        latest_resolvable_version_for_git_dependency
      elsif git_subdependency?
        # TODO: Dependabot can't update git sub-dependencies yet, because
        # they can't be passed to GitCommitChecker.
        nil
      else
        fetch_latest_resolvable_version(unlock_requirement: true)
      end,
    T.nilable(T.any(String, Gem::Version))
  )
end

#latest_resolvable_version_with_no_unlockObject 



77
78
79
80
81
82
83
84
85
86
87
88
89
 
# File 'lib/dependabot/cargo/update_checker.rb', line 77

def latest_resolvable_version_with_no_unlock
  return if path_dependency?

  @latest_resolvable_version_with_no_unlock = T.let(
    @latest_resolvable_version_with_no_unlock ||
      if git_dependency?
        latest_resolvable_commit_with_unchanged_git_source
      else
        fetch_latest_resolvable_version(unlock_requirement: false)
      end,
    T.nilable(T.any(String, Gem::Version))
  )
end

#latest_versionObject 



22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
 
# File 'lib/dependabot/cargo/update_checker.rb', line 22

def latest_version
  return if path_dependency?

  @latest_version = T.let(
    if git_dependency?
      latest_version_for_git_dependency
    elsif git_subdependency?
      # TODO: Dependabot can't update git sub-dependencies yet, because
      # they can't be passed to GitCommitChecker.
      nil
    else
      latest_version_finder.latest_version
    end,
    T.nilable(T.any(String, Gem::Version))
  )
end

#lowest_resolvable_security_fix_versionObject 



64
65
66
67
68
69
70
71
72
73
74
 
# File 'lib/dependabot/cargo/update_checker.rb', line 64

def lowest_resolvable_security_fix_version
  raise "Dependency not vulnerable!" unless vulnerable?

  return @lowest_resolvable_security_fix_version if defined?(@lowest_resolvable_security_fix_version)

  result = fetch_lowest_resolvable_security_fix_version
  @lowest_resolvable_security_fix_version = T.let(
    result.is_a?(Gem::Version) ? result : nil,
    T.nilable(Gem::Version)
  )
end

#lowest_security_fix_versionObject 



59
60
61
 
# File 'lib/dependabot/cargo/update_checker.rb', line 59

def lowest_security_fix_version
  latest_version_finder.lowest_security_fix_version
end

#requirements_unlocked_or_can_be?Boolean

Returns:

  • (Boolean) 


104
105
106
 
# File 'lib/dependabot/cargo/update_checker.rb', line 104

def requirements_unlocked_or_can_be?
  !requirements_update_strategy.lockfile_only?
end

#requirements_update_strategyObject 



109
110
111
112
113
114
115
116
117
118
119
 
# File 'lib/dependabot/cargo/update_checker.rb', line 109

def requirements_update_strategy
  # If passed in as an option (in the base class) honour that option
  return @requirements_update_strategy if @requirements_update_strategy

  # Cargo resolves to the newest compatible version and a bare version is a
  # caret-equivalent (compatible) requirement, so only raise the requirement
  # when it doesn't already allow the new version. Avoids needless churn and
  # MSRV bumps.
  # https://doc.rust-lang.org/cargo/reference/specifying-dependencies.html#caret-requirements
  RequirementsUpdateStrategy::BumpVersionsIfNecessary
end

#updated_requirementsObject 



92
93
94
95
96
97
98
99
100
101
 
# File 'lib/dependabot/cargo/update_checker.rb', line 92

def updated_requirements
  wrap_requirements(
    RequirementsUpdater.new(
      requirements: dependency.requirements,
      updated_source: updated_source,
      target_version: target_version,
      update_strategy: requirements_update_strategy
    ).updated_requirements
  )
end