Sha256: 216d569832e3bd57740b6bf72bfed7d6bbccfc12848595448e05c00419b3fa36

Contents?: true

Size: 1.79 KB

Versions: 548

Compression:

Stored size: 1.79 KB

Contents

# frozen_string_literal: true

require "dependabot/utils"
require "dependabot/npm_and_yarn/version"
require "dependabot/npm_and_yarn/file_parser/lockfile_parser"

# Used in the sub dependency version resolver and file updater to only run
# yarn/npm helpers on dependency files that require updates. This is useful for
# large monorepos with lots of sub-projects that don't all have the same
# dependencies.
module Dependabot
  module NpmAndYarn
    class SubDependencyFilesFilterer
      def initialize(dependency_files:, updated_dependencies:)
        @dependency_files = dependency_files
        @updated_dependencies = updated_dependencies
      end

      def files_requiring_update
        @files_requiring_update ||=
          begin
            lockfiles.select do |lockfile|
              lockfile_dependencies(lockfile).any? do |sub_dep|
                updated_dependencies.any? do |updated_dep|
                  next false unless sub_dep.name == updated_dep.name

                  version_class.new(updated_dep.version) >
                    version_class.new(sub_dep.version)
                end
              end
            end
          end
      end

      private

      attr_reader :dependency_files, :updated_dependencies

      def lockfile_dependencies(lockfile)
        @lockfile_dependencies ||= {}
        @lockfile_dependencies[lockfile.name] ||=
          NpmAndYarn::FileParser::LockfileParser.new(
            dependency_files: [lockfile]
          ).parse
      end

      def lockfiles
        dependency_files.select { |file| lockfile?(file) }
      end

      def lockfile?(file)
        file.name.end_with?(
          "package-lock.json",
          "yarn.lock",
          "npm-shrinkwrap.json"
        )
      end

      def version_class
        NpmAndYarn::Version
      end
    end
  end
end

Version data entries

548 entries across 548 versions & 1 rubygems

Version Path
dependabot-npm_and_yarn-0.138.6 lib/dependabot/npm_and_yarn/sub_dependency_files_filterer.rb
dependabot-npm_and_yarn-0.138.5 lib/dependabot/npm_and_yarn/sub_dependency_files_filterer.rb
dependabot-npm_and_yarn-0.138.4 lib/dependabot/npm_and_yarn/sub_dependency_files_filterer.rb
dependabot-npm_and_yarn-0.138.3 lib/dependabot/npm_and_yarn/sub_dependency_files_filterer.rb
dependabot-npm_and_yarn-0.138.2 lib/dependabot/npm_and_yarn/sub_dependency_files_filterer.rb
dependabot-npm_and_yarn-0.138.1 lib/dependabot/npm_and_yarn/sub_dependency_files_filterer.rb
dependabot-npm_and_yarn-0.138.0 lib/dependabot/npm_and_yarn/sub_dependency_files_filterer.rb
dependabot-npm_and_yarn-0.137.2 lib/dependabot/npm_and_yarn/sub_dependency_files_filterer.rb
dependabot-npm_and_yarn-0.137.1 lib/dependabot/npm_and_yarn/sub_dependency_files_filterer.rb
dependabot-npm_and_yarn-0.137.0 lib/dependabot/npm_and_yarn/sub_dependency_files_filterer.rb
dependabot-npm_and_yarn-0.136.0 lib/dependabot/npm_and_yarn/sub_dependency_files_filterer.rb
dependabot-npm_and_yarn-0.135.0 lib/dependabot/npm_and_yarn/sub_dependency_files_filterer.rb
dependabot-npm_and_yarn-0.134.2 lib/dependabot/npm_and_yarn/sub_dependency_files_filterer.rb
dependabot-npm_and_yarn-0.134.1 lib/dependabot/npm_and_yarn/sub_dependency_files_filterer.rb
dependabot-npm_and_yarn-0.134.0 lib/dependabot/npm_and_yarn/sub_dependency_files_filterer.rb
dependabot-npm_and_yarn-0.133.6 lib/dependabot/npm_and_yarn/sub_dependency_files_filterer.rb
dependabot-npm_and_yarn-0.133.5 lib/dependabot/npm_and_yarn/sub_dependency_files_filterer.rb
dependabot-npm_and_yarn-0.133.4 lib/dependabot/npm_and_yarn/sub_dependency_files_filterer.rb
dependabot-npm_and_yarn-0.133.3 lib/dependabot/npm_and_yarn/sub_dependency_files_filterer.rb
dependabot-npm_and_yarn-0.133.2 lib/dependabot/npm_and_yarn/sub_dependency_files_filterer.rb