Class: Dependabot::Gradle::UpdateChecker::VersionFinder

Inherits:

Object

• Object
• Dependabot::Gradle::UpdateChecker::VersionFinder

Defined in:

lib/dependabot/gradle/update_checker/version_finder.rb

Constant Summary

GOOGLE_MAVEN_REPO =

"https://maven.google.com"

GRADLE_PLUGINS_REPO =

"https://plugins.gradle.org/m2"

KOTLIN_PLUGIN_REPO_PREFIX =

"org.jetbrains.kotlin"

TYPE_SUFFICES =

%w(jre android java).freeze

GRADLE_RANGE_REGEX =

/[\(\[].*,.*[\)\]]/.freeze

Instance Method Summary

• #initialize(dependency:, dependency_files:, credentials:, ignored_versions:, raise_on_ignored: false, security_advisories:) ⇒ VersionFinder constructor

  A new instance of VersionFinder.

• #latest_version_details ⇒ Object
• #lowest_security_fix_version_details ⇒ Object
• #versions ⇒ Object

Constructor Details

#initialize(dependency:, dependency_files:, credentials:, ignored_versions:, raise_on_ignored: false, security_advisories:) ⇒ VersionFinder

Returns a new instance of VersionFinder.

# File 'lib/dependabot/gradle/update_checker/version_finder.rb', line 21

def initialize(dependency:, dependency_files:, credentials:,
               ignored_versions:, raise_on_ignored: false,
               security_advisories:)
  @dependency          = dependency
  @dependency_files    = dependency_files
  @credentials         = credentials
  @ignored_versions    = ignored_versions
  @raise_on_ignored    = raise_on_ignored
  @security_advisories = security_advisories
  @forbidden_urls      = []
end

Instance Method Details

#latest_version_details ⇒ Object

# File 'lib/dependabot/gradle/update_checker/version_finder.rb', line 33

def latest_version_details
  possible_versions = versions

  possible_versions = filter_prereleases(possible_versions)
  possible_versions = filter_date_based_versions(possible_versions)
  possible_versions = filter_version_types(possible_versions)
  possible_versions = filter_ignored_versions(possible_versions)

  possible_versions.last
end

#lowest_security_fix_version_details ⇒ Object

# File 'lib/dependabot/gradle/update_checker/version_finder.rb', line 44

def lowest_security_fix_version_details
  possible_versions = versions

  possible_versions = filter_prereleases(possible_versions)
  possible_versions = filter_date_based_versions(possible_versions)
  possible_versions = filter_version_types(possible_versions)
  possible_versions = filter_vulnerable_versions(possible_versions)
  possible_versions = filter_ignored_versions(possible_versions)
  possible_versions = filter_lower_versions(possible_versions)

  possible_versions.first
end

#versions ⇒ Object

Raises:

• (PrivateSourceAuthenticationFailure)

# File 'lib/dependabot/gradle/update_checker/version_finder.rb', line 57

def versions
  version_details =
    repositories.map do |repository_details|
      url = repository_details.fetch("url")
      next google_version_details if url == GOOGLE_MAVEN_REPO

      dependency_metadata(repository_details).css("versions > version").
        select { |node| version_class.correct?(node.content) }.
        map { |node| version_class.new(node.content) }.
        map { |version| { version: version, source_url: url } }
    end.flatten.compact

  raise PrivateSourceAuthenticationFailure, forbidden_urls.first if version_details.none? && forbidden_urls.any?

  version_details.sort_by { |details| details.fetch(:version) }
end