Class: Dependabot::Uv::UpdateChecker

Inherits:
Dependabot::UpdateCheckers::Base
  • Object
show all
Defined in:
lib/dependabot/uv/update_checker.rb,
lib/dependabot/uv/update_checker/index_finder.rb,
lib/dependabot/uv/update_checker/pip_version_resolver.rb,
lib/dependabot/uv/update_checker/requirements_updater.rb,
lib/dependabot/uv/update_checker/latest_version_finder.rb,
lib/dependabot/uv/update_checker/pip_compile_version_resolver.rb

Defined Under Namespace

Classes: IndexFinder, LatestVersionFinder, PipCompileVersionResolver, PipVersionResolver, RequirementsUpdater

Constant Summary collapse

MAIN_PYPI_INDEXES = 
%w(
  https://pypi.python.org/simple/
  https://pypi.org/simple/
).freeze
VERSION_REGEX = 
/[0-9]+(?:\.[A-Za-z0-9\-_]+)*/

Instance Method Summary collapse

Instance Method Details

#latest_resolvable_versionObject 



35
36
37
38
39
40
41
42
43
44
45
46
 
# File 'lib/dependabot/uv/update_checker.rb', line 35

def latest_resolvable_version
  @latest_resolvable_version ||=
    if resolver_type == :requirements
      resolver.latest_resolvable_version
    elsif resolver_type == :pip_compile && resolver.resolvable?(version: latest_version)
      latest_version
    else
      resolver.latest_resolvable_version(
        requirement: unlocked_requirement_string
      )
    end
end

#latest_resolvable_version_with_no_unlockObject 



48
49
50
51
52
53
54
55
56
57
 
# File 'lib/dependabot/uv/update_checker.rb', line 48

def latest_resolvable_version_with_no_unlock
  @latest_resolvable_version_with_no_unlock ||=
    if resolver_type == :requirements
      resolver.latest_resolvable_version_with_no_unlock
    else
      resolver.latest_resolvable_version(
        requirement: current_requirement_string
      )
    end
end

#latest_versionObject 



31
32
33
 
# File 'lib/dependabot/uv/update_checker.rb', line 31

def latest_version
  @latest_version ||= fetch_latest_version
end

#lowest_resolvable_security_fix_versionObject 



63
64
65
66
67
68
69
70
 
# File 'lib/dependabot/uv/update_checker.rb', line 63

def lowest_resolvable_security_fix_version
  raise "Dependency not vulnerable!" unless vulnerable?

  return @lowest_resolvable_security_fix_version if defined?(@lowest_resolvable_security_fix_version)

  @lowest_resolvable_security_fix_version =
    fetch_lowest_resolvable_security_fix_version
end

#lowest_security_fix_versionObject 



59
60
61
 
# File 'lib/dependabot/uv/update_checker.rb', line 59

def lowest_security_fix_version
  latest_version_finder.lowest_security_fix_version
end

#requirements_unlocked_or_can_be?Boolean

Returns:

  • (Boolean) 


81
82
83
 
# File 'lib/dependabot/uv/update_checker.rb', line 81

def requirements_unlocked_or_can_be?
  !requirements_update_strategy.lockfile_only?
end

#requirements_update_strategyObject 



85
86
87
88
89
90
91
 
# File 'lib/dependabot/uv/update_checker.rb', line 85

def requirements_update_strategy
  # If passed in as an option (in the base class) honour that option
  return @requirements_update_strategy if @requirements_update_strategy

  # Otherwise, check if this is a library or not
  library? ? RequirementsUpdateStrategy::WidenRanges : RequirementsUpdateStrategy::BumpVersions
end

#updated_requirementsObject 



72
73
74
75
76
77
78
79
 
# File 'lib/dependabot/uv/update_checker.rb', line 72

def updated_requirements
  RequirementsUpdater.new(
    requirements: requirements,
    latest_resolvable_version: preferred_resolvable_version&.to_s,
    update_strategy: requirements_update_strategy,
    has_lockfile: requirements_text_file?
  ).updated_requirements
end