Sha256: 7897e7732b5a6a07c3db618b2d9b47bd1ccfde5c4a88e696deaea7d4edd8a5f8

Contents?: true

Size: 1.79 KB

Versions: 81

Compression:

Stored size: 1.79 KB

Contents

# frozen_string_literal: true

require "dependabot/utils"

module Dependabot
  module NpmAndYarn
    class DependencyFilesFilterer
      def initialize(dependency_files:, dependencies:)
        @dependencies = dependencies
        @dependency_files = dependency_files
      end

      def filtered_files
        dependency_files.select do |file|
          if manifest?(file)
            package_manifests.include?(file)
          elsif lockfile?(file)
            package_manifests.any? do |package_file|
              File.dirname(package_file.name) == File.dirname(file.name)
            end
          else
            # Include all non-manifest/lockfiles
            # e.g. .npmrc, lerna.json
            true
          end
        end
      end

      def filtered_package_files
        filtered_files.select { |f| manifest?(f) }
      end

      def filtered_lockfiles
        filtered_files.select { |f| lockfile?(f) }
      end

      private

      attr_reader :dependency_files, :dependencies

      def dependency_manifest_requirements
        @dependency_manifest_requirements ||=
          dependencies.flat_map do |dep|
            dep.requirements.map { |requirement| requirement[:file] }
          end
      end

      def package_manifests
        @package_manifests ||=
          dependency_files.select do |file|
            next unless manifest?(file)

            root_manifest?(file) ||
              dependency_manifest_requirements.include?(file.name)
          end
      end

      def root_manifest?(file)
        file.name == "package.json"
      end

      def manifest?(file)
        file.name.end_with?("package.json")
      end

      def lockfile?(file)
        file.name.end_with?(
          "package-lock.json",
          "yarn.lock",
          "npm-shrinkwrap.json"
        )
      end
    end
  end
end

Version data entries

81 entries across 81 versions & 1 rubygems

Version Path
dependabot-npm_and_yarn-0.95.34 lib/dependabot/npm_and_yarn/dependency_files_filterer.rb
dependabot-npm_and_yarn-0.95.33 lib/dependabot/npm_and_yarn/dependency_files_filterer.rb
dependabot-npm_and_yarn-0.95.32 lib/dependabot/npm_and_yarn/dependency_files_filterer.rb
dependabot-npm_and_yarn-0.95.31 lib/dependabot/npm_and_yarn/dependency_files_filterer.rb
dependabot-npm_and_yarn-0.95.30 lib/dependabot/npm_and_yarn/dependency_files_filterer.rb
dependabot-npm_and_yarn-0.95.29 lib/dependabot/npm_and_yarn/dependency_files_filterer.rb
dependabot-npm_and_yarn-0.95.28 lib/dependabot/npm_and_yarn/dependency_files_filterer.rb
dependabot-npm_and_yarn-0.95.27 lib/dependabot/npm_and_yarn/dependency_files_filterer.rb
dependabot-npm_and_yarn-0.95.26 lib/dependabot/npm_and_yarn/dependency_files_filterer.rb
dependabot-npm_and_yarn-0.95.25 lib/dependabot/npm_and_yarn/dependency_files_filterer.rb
dependabot-npm_and_yarn-0.95.24 lib/dependabot/npm_and_yarn/dependency_files_filterer.rb
dependabot-npm_and_yarn-0.95.23 lib/dependabot/npm_and_yarn/dependency_files_filterer.rb
dependabot-npm_and_yarn-0.95.22 lib/dependabot/npm_and_yarn/dependency_files_filterer.rb
dependabot-npm_and_yarn-0.95.21 lib/dependabot/npm_and_yarn/dependency_files_filterer.rb
dependabot-npm_and_yarn-0.95.20 lib/dependabot/npm_and_yarn/dependency_files_filterer.rb
dependabot-npm_and_yarn-0.95.19 lib/dependabot/npm_and_yarn/dependency_files_filterer.rb
dependabot-npm_and_yarn-0.95.18 lib/dependabot/npm_and_yarn/dependency_files_filterer.rb
dependabot-npm_and_yarn-0.95.17 lib/dependabot/npm_and_yarn/dependency_files_filterer.rb
dependabot-npm_and_yarn-0.95.16 lib/dependabot/npm_and_yarn/dependency_files_filterer.rb
dependabot-npm_and_yarn-0.95.15 lib/dependabot/npm_and_yarn/dependency_files_filterer.rb