Class: SilentPackageManager::UpdateChecker

Inherits:

Dependabot::UpdateCheckers::Base

• Object
• Dependabot::UpdateCheckers::Base
• SilentPackageManager::UpdateChecker

Extended by:

T::Sig

Defined in:

lib/dependabot/silent/update_checker.rb

Instance Method Summary

• #initialize(*args, **kwargs) ⇒ UpdateChecker constructor

  A new instance of UpdateChecker.

• #latest_resolvable_version ⇒ Object
• #latest_version ⇒ Object
• #latest_version_resolvable_with_full_unlock? ⇒ Boolean
• #lowest_resolvable_security_fix_version ⇒ Object
• #lowest_security_fix_version ⇒ Object
• #up_to_date? ⇒ Boolean
• #updated_requirements ⇒ Object

Constructor Details

#initialize(*args, **kwargs) ⇒ UpdateChecker

Returns a new instance of UpdateChecker.

# File 'lib/dependabot/silent/update_checker.rb', line 16

def initialize(*args, **kwargs)
  super
  @available_versions = T.let(nil, T.nilable(T::Array[SilentPackageManager::Version]))
end

Instance Method Details

#latest_resolvable_version ⇒ Object

# File 'lib/dependabot/silent/update_checker.rb', line 62

def latest_resolvable_version
  latest_version
end

#latest_version ⇒ Object

# File 'lib/dependabot/silent/update_checker.rb', line 22

def latest_version
  return next_git_version if git_dependency?

  versions = available_versions
  versions = filter_ignored_versions(versions)
  versions.max.to_s
end

#latest_version_resolvable_with_full_unlock? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dependabot/silent/update_checker.rb', line 31

def latest_version_resolvable_with_full_unlock?
  # For ecosystems that have lockfiles, the updater allows an ecosystem to try progressively
  # more aggressive approaches to dependency unlocking. This method represents the most aggressive
  # approach that allows for updating all dependencies to try to get the target dependency to update.
  # We're going to let the specs handle testing that logic, returning false here.
  false
end

#lowest_resolvable_security_fix_version ⇒ Object

# File 'lib/dependabot/silent/update_checker.rb', line 50

def lowest_resolvable_security_fix_version
  raise "Dependency not vulnerable!" unless vulnerable?

  lowest_security_fix_version
end

#lowest_security_fix_version ⇒ Object

# File 'lib/dependabot/silent/update_checker.rb', line 40

def lowest_security_fix_version
  versions = available_versions
  versions = filter_lower_versions(versions)
  Dependabot::UpdateCheckers::VersionFilters.filter_vulnerable_versions(
    versions,
    security_advisories
  ).min
end

#up_to_date? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dependabot/silent/update_checker.rb', line 57

def up_to_date?
  dependency.version == latest_version
end

#updated_requirements ⇒ Object

# File 'lib/dependabot/silent/update_checker.rb', line 67

def updated_requirements
  dependency.requirements.map do |req|
    req.merge(requirement: preferred_resolvable_version)
  end
end