Class: Dependabot::NpmAndYarn::FileUpdater::BerryLockfileHandler

Inherits:

Object

• Object
• Dependabot::NpmAndYarn::FileUpdater::BerryLockfileHandler

Extended by:

T::Sig

Defined in:

lib/dependabot/npm_and_yarn/file_updater/berry_lockfile_handler.rb

Class Method Summary

• .extract_protocol(key, dep_name) ⇒ Object
• .find_exact_key(parsed, dep_name, version) ⇒ Object
• .parse(lockfile_path) ⇒ Object
• .replace_declaration(lockfile_path, dep_name, version, requirement) ⇒ Object
• .split_descriptor(descriptor) ⇒ Object
• .version_matches?(parsed, dep_name, version) ⇒ Boolean

Class Method Details

.extract_protocol(key, dep_name) ⇒ Object

# File 'lib/dependabot/npm_and_yarn/file_updater/berry_lockfile_handler.rb', line 97

def self.extract_protocol(key, dep_name)
  part = key.split(", ").find { |p| split_descriptor(p)[0] == dep_name }
  return "" unless part

  _, descriptor = split_descriptor(part)
  match = descriptor&.match(/^([a-z]+:)/)
  match ? T.must(match[1]) : ""
end

.find_exact_key(parsed, dep_name, version) ⇒ Object

# File 'lib/dependabot/npm_and_yarn/file_updater/berry_lockfile_handler.rb', line 69

def self.find_exact_key(parsed, dep_name, version)
  parsed.keys.find do |key|
    next false unless key.is_a?(String)

    key.split(", ").any? do |part|
      name, desc = split_descriptor(part)
      name == dep_name && (desc&.end_with?(version) || false)
    end
  end
end

.parse(lockfile_path) ⇒ Object

# File 'lib/dependabot/npm_and_yarn/file_updater/berry_lockfile_handler.rb', line 20

def self.parse(lockfile_path)
  return unless File.exist?(lockfile_path)

  parsed = YAML.safe_load_file(lockfile_path)
  parsed.is_a?(Hash) ? parsed : nil
end

.replace_declaration(lockfile_path, dep_name, version, requirement) ⇒ Object

# File 'lib/dependabot/npm_and_yarn/file_updater/berry_lockfile_handler.rb', line 49

def self.replace_declaration(lockfile_path, dep_name, version, requirement)
  return unless File.exist?(lockfile_path)

  content = File.read(lockfile_path)
  parsed = parse(lockfile_path)
  return unless parsed

  exact_key = find_exact_key(parsed, dep_name, version)
  return unless exact_key

  protocol = extract_protocol(exact_key, dep_name)
  new_key = "#{dep_name}@#{protocol}#{requirement}"

  escaped = Regexp.escape(exact_key)
  File.write(lockfile_path, content.gsub(/^"#{escaped}":/m, "\"#{new_key}\":"))
end

.split_descriptor(descriptor) ⇒ Object

# File 'lib/dependabot/npm_and_yarn/file_updater/berry_lockfile_handler.rb', line 83

def self.split_descriptor(descriptor)
  if descriptor.start_with?("@")
    at_index = descriptor.index("@", 1)
    return [descriptor, nil] unless at_index

    [T.must(descriptor[0...at_index]), descriptor[(at_index + 1)..]]
  else
    parts = descriptor.split("@", 2)
    [T.must(parts[0]), parts[1]]
  end
end

.version_matches?(parsed, dep_name, version) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dependabot/npm_and_yarn/file_updater/berry_lockfile_handler.rb', line 29

def self.version_matches?(parsed, dep_name, version)
  parsed.any? do |key, value|
    next false unless value.is_a?(Hash)

    key.to_s.split(", ").any? { |part| split_descriptor(part)[0] == dep_name } &&
      value["version"] == version
  end
end