Class: Dependabot::Dep::FileUpdater::LockfileUpdater

Inherits:
Object
  • Object
show all
Defined in:
lib/dependabot/dep/file_updater/lockfile_updater.rb

Instance Method Summary collapse

Constructor Details

#initialize(dependencies:, dependency_files:, credentials:) ⇒ LockfileUpdater

Returns a new instance of LockfileUpdater.



15
16
17
18
19
# File 'lib/dependabot/dep/file_updater/lockfile_updater.rb', line 15

def initialize(dependencies:, dependency_files:, credentials:)
  @dependencies = dependencies
  @dependency_files = dependency_files
  @credentials = credentials
end

Instance Method Details

#updated_lockfile_contentObject



21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
# File 'lib/dependabot/dep/file_updater/lockfile_updater.rb', line 21

def updated_lockfile_content
  deps = dependencies.select { |d| appears_in_lockfile(d) }
  return lockfile.content if deps.none?

  base_directory = File.join("src", "project",
                             dependency_files.first.directory)
  base_parts = base_directory.split("/").length
  updated_content =
    SharedHelpers.in_a_temporary_directory(base_directory) do |dir|
      write_temporary_dependency_files

      SharedHelpers.with_git_configured(credentials: credentials) do
        # Shell out to dep, which handles everything for us.
        # Note: We are currently doing a full install here (we're not
        # passing no-vendor) because dep needs to generate the digests
        # for each project.
        cmd_parts = ["dep", "ensure", "-update"] + deps.map(&:name)
        command = Shellwords.join(cmd_parts)
        dir_parts = dir.realpath.to_s.split("/")
        gopath = File.join(dir_parts[0..-(base_parts + 1)])
        run_shell_command(command, "GOPATH" => gopath)
      end

      File.read("Gopkg.lock")
    end

  updated_content
end