Class: Dependabot::Uv::UpdateChecker

Inherits:

Dependabot::UpdateCheckers::Base

• Object
• Dependabot::UpdateCheckers::Base
• Dependabot::Uv::UpdateChecker

Defined in:

lib/dependabot/uv/update_checker.rb,
lib/dependabot/uv/update_checker/lock_file_resolver.rb,
lib/dependabot/uv/update_checker/pip_version_resolver.rb,
lib/dependabot/uv/update_checker/requirements_updater.rb,
lib/dependabot/uv/update_checker/latest_version_finder.rb,
lib/dependabot/uv/update_checker/pip_compile_version_resolver.rb

Defined Under Namespace

Classes: LatestVersionFinder, LockFileResolver, PipCompileVersionResolver, PipVersionResolver, RequirementsUpdater

Constant Summary

MAIN_PYPI_INDEXES =

%w(
  https://pypi.python.org/simple/
  https://pypi.org/simple/
).freeze

VERSION_REGEX =

/[0-9]+(?:\.[A-Za-z0-9\-_]+)*/

Instance Method Summary

• #latest_resolvable_version ⇒ Object
• #latest_resolvable_version_with_no_unlock ⇒ Object
• #latest_version ⇒ Object
• #lowest_resolvable_security_fix_version ⇒ Object
• #lowest_security_fix_version ⇒ Object
• #requirements_unlocked_or_can_be? ⇒ Boolean
• #requirements_update_strategy ⇒ Object
• #updated_requirements ⇒ Object

Instance Method Details

#latest_resolvable_version ⇒ Object

# File 'lib/dependabot/uv/update_checker.rb', line 36

def latest_resolvable_version
  @latest_resolvable_version ||=
    if resolver_type == :requirements
      resolver.latest_resolvable_version
    elsif resolver_type == :pip_compile && resolver.resolvable?(version: latest_version)
      latest_version
    else
      resolver.latest_resolvable_version(
        requirement: unlocked_requirement_string
      )
    end
end

#latest_resolvable_version_with_no_unlock ⇒ Object

# File 'lib/dependabot/uv/update_checker.rb', line 49

def latest_resolvable_version_with_no_unlock
  @latest_resolvable_version_with_no_unlock ||=
    if resolver_type == :requirements
      resolver.latest_resolvable_version_with_no_unlock
    else
      resolver.latest_resolvable_version(
        requirement: current_requirement_string
      )
    end
end

#latest_version ⇒ Object

# File 'lib/dependabot/uv/update_checker.rb', line 32

def latest_version
  @latest_version ||= fetch_latest_version
end

#lowest_resolvable_security_fix_version ⇒ Object

# File 'lib/dependabot/uv/update_checker.rb', line 64

def lowest_resolvable_security_fix_version
  raise "Dependency not vulnerable!" unless vulnerable?

  return @lowest_resolvable_security_fix_version if defined?(@lowest_resolvable_security_fix_version)

  @lowest_resolvable_security_fix_version =
    fetch_lowest_resolvable_security_fix_version
end

#lowest_security_fix_version ⇒ Object

# File 'lib/dependabot/uv/update_checker.rb', line 60

def lowest_security_fix_version
  latest_version_finder.lowest_security_fix_version
end

#requirements_unlocked_or_can_be? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dependabot/uv/update_checker.rb', line 82

def requirements_unlocked_or_can_be?
  !requirements_update_strategy.lockfile_only?
end

#requirements_update_strategy ⇒ Object

# File 'lib/dependabot/uv/update_checker.rb', line 86

def requirements_update_strategy
  # If passed in as an option (in the base class) honour that option
  return @requirements_update_strategy if @requirements_update_strategy

  # Otherwise, check if this is a library or not
  library? ? RequirementsUpdateStrategy::WidenRanges : RequirementsUpdateStrategy::BumpVersions
end

#updated_requirements ⇒ Object

# File 'lib/dependabot/uv/update_checker.rb', line 73

def updated_requirements
  RequirementsUpdater.new(
    requirements: requirements,
    latest_resolvable_version: preferred_resolvable_version&.to_s,
    update_strategy: requirements_update_strategy,
    has_lockfile: requirements_text_file?
  ).updated_requirements
end