Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Refactor some common logic across ecosystems #6164

Merged
merged 4 commits into from
Nov 21, 2022
Merged

Refactor some common logic across ecosystems #6164

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
2b89d5b
Extract a `UpdateChecker::Base#current_version` helper
deivid-rodriguez Nov 16, 2022
c4a8fe3
Remove unused stuff
deivid-rodriguez Nov 16, 2022
b6951a2
Remove unnecessary check
deivid-rodriguez Nov 16, 2022
b30b8d7
Further move common logic down the stack
deivid-rodriguez Nov 17, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 4 additions & 5 deletions bundler/lib/dependabot/bundler/update_checker/latest_version_finder.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -81,18 +81,17 @@ def filter_ignored_versions(versions_array)
end

def filter_lower_versions(versions_array)
return versions_array unless dependency.version && Gem::Version.correct?(dependency.version)
return versions_array unless dependency.numeric_version

versions_array.
select { |version| version > Gem::Version.new(dependency.version) }
select { |version| version > dependency.numeric_version }
end

def wants_prerelease?
@wants_prerelease ||=
begin
current_version = dependency.version
if current_version && Gem::Version.correct?(current_version) &&
Gem::Version.new(current_version).prerelease?
current_version = dependency.numeric_version
if current_version&.prerelease?
true
else
dependency.requirements.any? do |req|
Expand Down
9 changes: 3 additions & 6 deletions cargo/lib/dependabot/cargo/update_checker/latest_version_finder.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -68,10 +68,10 @@ def filter_ignored_versions(versions_array)
end

def filter_lower_versions(versions_array)
return versions_array unless dependency.version && version_class.correct?(dependency.version)
return versions_array unless dependency.numeric_version

versions_array.
select { |version| version > version_class.new(dependency.version) }
select { |version| version > dependency.numeric_version }
end

def available_versions
Expand All @@ -89,10 +89,7 @@ def crates_listing
end

def wants_prerelease?
if dependency.version &&
version_class.new(dependency.version).prerelease?
return true
end
return true if dependency.numeric_version&.prerelease?

dependency.requirements.any? do |req|
reqs = (req.fetch(:requirement) || "").split(",").map(&:strip)
Expand Down
8 changes: 8 additions & 0 deletions common/lib/dependabot/dependency.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,10 @@ def removed?
@removed
end

def numeric_version
@numeric_version ||= version_class.new(version) if version && version_class.correct?(version)
end

def to_h
{
"name" => name,
Expand Down Expand Up @@ -136,6 +140,10 @@ def eql?(other)

private

def version_class
Utils.version_class_for_package_manager(package_manager)
end

def check_values
raise ArgumentError, "blank strings must not be provided as versions" if [version, previous_version].any?("")

Expand Down
13 changes: 2 additions & 11 deletions common/lib/dependabot/git_commit_checker.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,14 +23,11 @@ class GitCommitChecker

def initialize(dependency:, credentials:,
ignored_versions: [], raise_on_ignored: false,
requirement_class: nil, version_class: nil,
consider_version_branches_pinned: false)
@dependency = dependency
@credentials = credentials
@ignored_versions = ignored_versions
@raise_on_ignored = raise_on_ignored
@requirement_class = requirement_class
@version_class = version_class
@consider_version_branches_pinned = consider_version_branches_pinned
end

Expand Down Expand Up @@ -141,8 +138,6 @@ def filter_lower_versions(tags)
end

def local_tag_for_pinned_version
return unless pinned?

ref = dependency_source_details.fetch(:ref)
tags = local_tags.select { |t| t.commit_sha == ref && version_class.correct?(t.name) }.
sort_by { |t| version_class.new(t.name) }
Expand Down Expand Up @@ -443,15 +438,11 @@ def scan_version(name)
end

def version_class
return @version_class if @version_class

Utils.version_class_for_package_manager(dependency.package_manager)
@version_class ||= Utils.version_class_for_package_manager(dependency.package_manager)
end

def requirement_class
return @requirement_class if @requirement_class

Utils.requirement_class_for_package_manager(dependency.package_manager)
@requirement_class ||= Utils.requirement_class_for_package_manager(dependency.package_manager)
end

def local_repo_git_metadata_fetcher
Expand Down
13 changes: 8 additions & 5 deletions common/lib/dependabot/update_checkers/base.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -137,8 +137,7 @@ def vulnerable?
# Can't (currently) detect whether git dependencies are vulnerable
return false if existing_version_is_sha?

version = version_class.new(dependency.version)
security_advisories.any? { |a| a.vulnerable?(version) }
security_advisories.any? { |a| a.vulnerable?(current_version) }
end

def ignore_requirements
Expand Down Expand Up @@ -235,7 +234,7 @@ def numeric_version_up_to_date?
# this case we treat the version as up-to-date so that it's ignored.
return true if latest_version.to_s.match?(/^[0-9a-f]{40}$/)

latest_version <= version_class.new(dependency.version)
latest_version <= current_version
end

def numeric_version_can_update?(requirements_to_unlock:)
Expand All @@ -244,7 +243,7 @@ def numeric_version_can_update?(requirements_to_unlock:)
case requirements_to_unlock&.to_sym
when :none
new_version = latest_resolvable_version_with_no_unlock
new_version && new_version > version_class.new(dependency.version)
new_version && new_version > current_version
when :own
preferred_version_resolvable_with_unlock?
when :all
Expand All @@ -259,7 +258,7 @@ def preferred_version_resolvable_with_unlock?

if existing_version_is_sha?
return false if new_version.to_s.start_with?(dependency.version)
elsif new_version <= version_class.new(dependency.version)
elsif new_version <= current_version
return false
end

Expand All @@ -275,6 +274,10 @@ def requirements_up_to_date?
changed_requirements.none?
end

def current_version
@current_version ||= dependency.numeric_version
end

def can_compare_requirements?
version_from_requirements &&
latest_version &&
Expand Down
8 changes: 4 additions & 4 deletions composer/lib/dependabot/composer/update_checker/latest_version_finder.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -73,15 +73,15 @@ def filter_ignored_versions(versions_array)
end

def filter_lower_versions(versions_array)
return versions_array unless dependency.version && version_class.correct?(dependency.version)
return versions_array unless dependency.numeric_version

versions_array.
select { |version| version > version_class.new(dependency.version) }
select { |version| version > dependency.numeric_version }
end

def wants_prerelease?
current_version = dependency.version
return true if current_version && version_class.new(current_version).prerelease?
current_version = dependency.numeric_version
return true if current_version&.prerelease?

dependency.requirements.any? do |req|
req[:requirement].match?(/\d-[A-Za-z]/)
Expand Down
4 changes: 2 additions & 2 deletions elm/lib/dependabot/elm/update_checker.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -87,10 +87,10 @@ def candidate_versions
end

def filter_lower_versions(versions_array)
return versions_array unless dependency.version && version_class.correct?(dependency.version)
return versions_array unless current_version

versions_array.
select { |version| version > version_class.new(dependency.version) }
select { |version| version > current_version }
end

def all_versions
Expand Down
2 changes: 1 addition & 1 deletion github_actions/lib/dependabot/github_actions/update_checker.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@ def fetch_latest_version_for_git_dependency
# we want to update that tag.
if git_commit_checker.pinned_ref_looks_like_version? && latest_version_tag
latest_version = latest_version_tag.fetch(:version)
return version_class.new(dependency.version) if shortened_semver_eq?(dependency.version, latest_version.to_s)
return current_version if shortened_semver_eq?(dependency.version, latest_version.to_s)

return latest_version
end
Expand Down
4 changes: 2 additions & 2 deletions go_modules/lib/dependabot/go_modules/update_checker.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ def latest_resolvable_version
unless dependency.top_level?
return unless dependency.version

return version_class.new(dependency.version)
return current_version
end

latest_version_finder.latest_version
Expand All @@ -40,7 +40,7 @@ def lowest_resolvable_security_fix_version
unless dependency.top_level?
return unless dependency.version

return version_class.new(dependency.version)
return current_version
end

lowest_security_fix_version
Expand Down
9 changes: 4 additions & 5 deletions go_modules/lib/dependabot/go_modules/update_checker/latest_version_finder.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -143,10 +143,10 @@ def filter_prerelease_versions(versions_array)
end

def filter_lower_versions(versions_array)
return versions_array unless dependency.version && version_class.correct?(dependency.version)
return versions_array unless dependency.numeric_version

versions_array.
select { |version| version > version_class.new(dependency.version) }
select { |version| version > dependency.numeric_version }
end

def filter_ignored_versions(versions_array)
Expand All @@ -162,9 +162,8 @@ def filter_ignored_versions(versions_array)
def wants_prerelease?
@wants_prerelease ||=
begin
current_version = dependency.version
current_version && version_class.correct?(current_version) &&
version_class.new(current_version).prerelease?
current_version = dependency.numeric_version
current_version&.prerelease?
end
end

Expand Down
14 changes: 6 additions & 8 deletions gradle/lib/dependabot/gradle/update_checker/version_finder.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -112,25 +112,23 @@ def filter_ignored_versions(possible_versions)
end

def filter_lower_versions(possible_versions)
return possible_versions unless dependency.version && version_class.correct?(dependency.version)
return possible_versions unless dependency.numeric_version

possible_versions.select do |v|
v.fetch(:version) > version_class.new(dependency.version)
v.fetch(:version) > dependency.numeric_version
end
end

def wants_prerelease?
return false unless dependency.version
return false unless version_class.correct?(dependency.version)
return false unless dependency.numeric_version

version_class.new(dependency.version).prerelease?
dependency.numeric_version.prerelease?
end

def wants_date_based_version?
return false unless dependency.version
return false unless version_class.correct?(dependency.version)
return false unless dependency.numeric_version

version_class.new(dependency.version) >= version_class.new(100)
dependency.numeric_version >= version_class.new(100)
end

def google_version_details
Expand Down
8 changes: 1 addition & 7 deletions hex/lib/dependabot/hex/update_checker.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -231,7 +231,7 @@ def latest_release_from_hex_registry
# rubocop:enable Metrics/PerceivedComplexity

def filter_lower_versions(versions_array)
return versions_array unless current_version && version_class.correct?(current_version)
return versions_array unless current_version

versions_array.select do |version|
version > current_version
Expand All @@ -251,12 +251,6 @@ def hex_registry_response
nil
end

def current_version
return unless dependency.version && version_class.correct?(dependency.version)

version_class.new(dependency.version)
end

def wants_prerelease?
return true if current_version&.prerelease?

Expand Down
14 changes: 6 additions & 8 deletions maven/lib/dependabot/maven/update_checker/version_finder.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -113,25 +113,23 @@ def filter_ignored_versions(possible_versions)
end

def filter_lower_versions(possible_versions)
return possible_versions unless dependency.version && version_class.correct?(dependency.version)
return possible_versions unless dependency.numeric_version

possible_versions.select do |v|
v.fetch(:version) > version_class.new(dependency.version)
v.fetch(:version) > dependency.numeric_version
end
end

def wants_prerelease?
return false unless dependency.version
return false unless version_class.correct?(dependency.version)
return false unless dependency.numeric_version

version_class.new(dependency.version).prerelease?
dependency.numeric_version.prerelease?
end

def wants_date_based_version?
return false unless dependency.version
return false unless version_class.correct?(dependency.version)
return false unless dependency.numeric_version

version_class.new(dependency.version) >= version_class.new(100)
dependency.numeric_version >= version_class.new(100)
end

def released?(version)
Expand Down
2 changes: 1 addition & 1 deletion npm_and_yarn/lib/dependabot/npm_and_yarn/update_checker.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ def up_to_date?
dependency.version &&
version_class.correct?(dependency.version) &&
vulnerable_versions.any? &&
!vulnerable_versions.include?(version_class.new(dependency.version))
!vulnerable_versions.include?(current_version)

super
end
Expand Down
19 changes: 7 additions & 12 deletions npm_and_yarn/lib/dependabot/npm_and_yarn/update_checker/latest_version_finder.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -130,10 +130,10 @@ def filter_out_of_range_versions(versions_array)
end

def filter_lower_versions(versions_array)
return versions_array unless dependency.version && version_class.correct?(dependency.version)
return versions_array unless dependency.numeric_version

versions_array.
select { |version, _| version > version_class.new(dependency.version) }
select { |version, _| version > dependency.numeric_version }
end

def version_from_dist_tags
Expand All @@ -159,13 +159,10 @@ def version_from_dist_tags
wants_latest_dist_tag?(latest) ? latest : nil
end

# rubocop:disable Metrics/PerceivedComplexity
def related_to_current_pre?(version)
current_version = dependency.version
if current_version &&
version_class.correct?(current_version) &&
version_class.new(current_version).prerelease? &&
version_class.new(current_version).release == version.release
current_version = dependency.numeric_version
if current_version&.prerelease? &&
current_version&.release == version.release
return true
end

Expand All @@ -181,7 +178,6 @@ def related_to_current_pre?(version)
false
end
end
# rubocop:enable Metrics/PerceivedComplexity

def specified_dist_tag_requirement?
dependency.requirements.any? do |req|
Expand All @@ -204,10 +200,9 @@ def wants_latest_dist_tag?(latest_version)
end

def current_version_greater_than?(version)
return false unless dependency.version
return false unless version_class.correct?(dependency.version)
return false unless dependency.numeric_version

version_class.new(dependency.version) > version
dependency.numeric_version > version
end

def current_requirement_greater_than?(version)
Expand Down
Loading