Class: Dependabot::NpmAndYarn::Package::RegistryFinder

Inherits:

Object

• Object
• Dependabot::NpmAndYarn::Package::RegistryFinder

Extended by:

T::Sig

Defined in:

lib/dependabot/npm_and_yarn/package/registry_finder.rb

Constant Summary

GLOBAL_NPM_REGISTRY =

"https://registry.npmjs.org"

CENTRAL_REGISTRIES =

%w(
  https://registry.npmjs.org
  http://registry.npmjs.org
  https://registry.yarnpkg.com
  http://registry.yarnpkg.com
).freeze

NPM_AUTH_TOKEN_REGEX =

%r{//(?<registry>.*)/:_authToken=(?<token>.*)$}

NPM_GLOBAL_REGISTRY_REGEX =

/^registry\s*=\s*['"]?(?<registry>.*?)['"]?$/

YARN_GLOBAL_REGISTRY_REGEX =

/^(?:--)?registry\s+((['"](?<registry>.*)['"])|(?<registry>.*))/

NPM_SCOPED_REGISTRY_REGEX =

/^(?<scope>@[^:]+)\s*:registry\s*=\s*['"]?(?<registry>.*?)['"]?$/

YARN_SCOPED_REGISTRY_REGEX =

/['"](?<scope>@[^:]+):registry['"]\s((['"](?<registry>.*)['"])|(?<registry>.*))/

Class Method Summary

• .central_registry?(registry) ⇒ Boolean

Instance Method Summary

• #auth_headers ⇒ Object
• #custom_registry? ⇒ Boolean
• #dependency_url ⇒ Object
• #initialize(dependency:, credentials:, npmrc_file: nil, yarnrc_file: nil, yarnrc_yml_file: nil) ⇒ RegistryFinder constructor

  A new instance of RegistryFinder.

• #registry ⇒ Object
• #registry_from_rc(dependency_name) ⇒ Object
• #tarball_url(version) ⇒ Object

Constructor Details

#initialize(dependency:, credentials:, npmrc_file: nil, yarnrc_file: nil, yarnrc_yml_file: nil) ⇒ RegistryFinder

Returns a new instance of RegistryFinder.

# File 'lib/dependabot/npm_and_yarn/package/registry_finder.rb', line 39

def initialize(
  dependency:,
  credentials:,
  npmrc_file: nil,
  yarnrc_file: nil,
  yarnrc_yml_file: nil
)
  @dependency = dependency
  @credentials = credentials
  @npmrc_file = npmrc_file
  @yarnrc_file = yarnrc_file
  @yarnrc_yml_file = yarnrc_yml_file

  @registry = T.let(nil, T.nilable(String))
  @first_registry_with_dependency_details = T.let(nil, T.nilable(String))
  @known_registries = T.let([], T::Array[T::Hash[String, T.nilable(String)]])
  @configured_global_registry = T.let(nil, T.nilable(String))
  @global_registry = T.let(nil, T.nilable(String))
  @parsed_yarnrc_yml = T.let(nil, T.nilable(T::Hash[String, T.untyped]))
end

Class Method Details

.central_registry?(registry) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dependabot/npm_and_yarn/package/registry_finder.rb', line 88

def self.central_registry?(registry)
  CENTRAL_REGISTRIES.any? do |r|
    r.include?(registry)
  end
end

Instance Method Details

#auth_headers ⇒ Object

# File 'lib/dependabot/npm_and_yarn/package/registry_finder.rb', line 70

def auth_headers
  auth_header_for(auth_token)
end

#custom_registry? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dependabot/npm_and_yarn/package/registry_finder.rb', line 100

def custom_registry?
  return false if CENTRAL_REGISTRIES.include?(registry_url)

  !(registry_url || "").match?(/registry\.npmjs\.(org|com)/)
end

#dependency_url ⇒ Object

# File 'lib/dependabot/npm_and_yarn/package/registry_finder.rb', line 75

def dependency_url
  "#{registry_url}/#{escaped_dependency_name}"
end

#registry ⇒ Object

# File 'lib/dependabot/npm_and_yarn/package/registry_finder.rb', line 61

def registry
  return @registry if @registry

  @registry = configured_registry || locked_registry || scoped_credential_registry_for_dependency ||
              first_registry_with_dependency_details
  T.must(@registry)
end

#registry_from_rc(dependency_name) ⇒ Object

# File 'lib/dependabot/npm_and_yarn/package/registry_finder.rb', line 95

def registry_from_rc(dependency_name)
  explicit_registry_from_rc(dependency_name) || global_registry
end

#tarball_url(version) ⇒ Object

# File 'lib/dependabot/npm_and_yarn/package/registry_finder.rb', line 80

def tarball_url(version)
  version_without_build_metadata = version.to_s.gsub(/\+.*/, "")

  # Dependency name needs to be unescaped since tarball URLs don't always work with escaped slashes
  "#{registry_url}/#{dependency&.name}/-/#{scopeless_name}-#{version_without_build_metadata}.tgz"
end