Sha256: 14fde538d17ab0e84713bef815aa4ade25fdc8e145037dd1af7a22857704125a
Contents?: true
Size: 1.8 KB
Versions: 126
Compression:
Stored size: 1.8 KB
Contents
# frozen_string_literal: true require "excon" require "dependabot/npm_and_yarn/update_checker" require "dependabot/shared_helpers" module Dependabot module NpmAndYarn class UpdateChecker class LibraryDetector def initialize(package_json_file:) @package_json_file = package_json_file end def library? return false unless package_json_may_be_for_library? npm_response_matches_package_json? end private attr_reader :package_json_file def package_json_may_be_for_library? return false unless project_name return false if project_name.match?(/\{\{.*\}\}/) return false unless parsed_package_json["version"] return false if parsed_package_json["private"] true end def npm_response_matches_package_json? project_description = parsed_package_json["description"] return false unless project_description # Check if the project is listed on npm. If it is, it's a library @project_npm_response ||= Excon.get( "https://registry.npmjs.org/#{escaped_project_name}", idempotent: true, **SharedHelpers.excon_defaults ) return false unless @project_npm_response.status == 200 @project_npm_response.body.force_encoding("UTF-8").encode. include?(project_description) rescue Excon::Error::Socket, Excon::Error::Timeout false end def project_name parsed_package_json.fetch("name", nil) end def escaped_project_name project_name&.gsub("/", "%2F") end def parsed_package_json @parsed_package_json ||= JSON.parse(package_json_file.content) end end end end end
Version data entries
126 entries across 126 versions & 1 rubygems