Sha256: 38ebdf62aad9d72b3307b2ebedd721a9eb95b73cd4bf49d9320ad1ff3aceecaa
Contents?: true
Size: 1.85 KB
Versions: 84
Compression:
Stored size: 1.85 KB
Contents
# frozen_string_literal: true
require "excon"
require "dependabot/metadata_finders/base"
require "dependabot/shared_helpers"
require "dependabot/utils"
module Dependabot
module MetadataFinders
module Php
class Composer < Dependabot::MetadataFinders::Base
private
def look_up_source
source_from_dependency || look_up_source_from_packagist
end
def source_from_dependency
source_url =
dependency.requirements.
map { |r| r.fetch(:source) }.compact.
first&.fetch(:url, nil)
Source.from_url(source_url)
end
def look_up_source_from_packagist
return nil if packagist_listing&.fetch("packages", nil) == []
unless packagist_listing&.dig("packages", dependency.name.downcase)
return nil
end
version_listings =
packagist_listing["packages"][dependency.name.downcase].
select { |version, _| Utils::Php::Version.correct?(version) }.
sort_by { |version, _| Utils::Php::Version.new(version) }.
map { |_, listing| listing }.
reverse
potential_source_urls =
version_listings.
flat_map { |info| [info["homepage"], info.dig("source", "url")] }.
compact
source_url = potential_source_urls.find { |url| Source.from_url(url) }
Source.from_url(source_url)
end
def packagist_listing
return @packagist_listing unless @packagist_listing.nil?
response = Excon.get(
"https://packagist.org/p/#{dependency.name.downcase}.json",
idempotent: true,
**SharedHelpers.excon_defaults
)
return nil unless response.status == 200
@packagist_listing = JSON.parse(response.body)
end
end
end
end
end
Version data entries
84 entries across 84 versions & 1 rubygems