class Dependabot::Hex::FileUpdater::LockfileUpdater

Attributes

credentials[R]
dependencies[R]
dependency_files[R]

Public Class Methods

new(dependencies:, dependency_files:, credentials:) click to toggle source
# File lib/dependabot/hex/file_updater/lockfile_updater.rb, line 15
def initialize(dependencies:, dependency_files:, credentials:)
  @dependencies = dependencies
  @dependency_files = dependency_files
  @credentials = credentials
end

Public Instance Methods

updated_lockfile_content() click to toggle source
# File lib/dependabot/hex/file_updater/lockfile_updater.rb, line 21
def updated_lockfile_content
  @updated_lockfile_content ||=
    SharedHelpers.in_a_temporary_directory do
      write_temporary_dependency_files
      FileUtils.cp(elixir_helper_do_update_path, "do_update.exs")

      SharedHelpers.with_git_configured(credentials: credentials) do
        SharedHelpers.run_helper_subprocess(
          env: mix_env,
          command: "mix run #{elixir_helper_path}",
          function: "get_updated_lockfile",
          args: [Dir.pwd, dependency.name, organization_credentials]
        )
      end
    end

  post_process_lockfile(@updated_lockfile_content)
end

Private Instance Methods

dependency() click to toggle source
# File lib/dependabot/hex/file_updater/lockfile_updater.rb, line 44
def dependency
  # For now, we'll only ever be updating a single dep for Elixir
  dependencies.first
end
elixir_helper_do_update_path() click to toggle source
# File lib/dependabot/hex/file_updater/lockfile_updater.rb, line 123
def elixir_helper_do_update_path
  File.join(NativeHelpers.hex_helpers_dir, "lib/do_update.exs")
end
elixir_helper_path() click to toggle source
# File lib/dependabot/hex/file_updater/lockfile_updater.rb, line 119
def elixir_helper_path
  File.join(NativeHelpers.hex_helpers_dir, "lib/run.exs")
end
lock_mixfile_dependency_versions(mixfile_content, filename) click to toggle source
# File lib/dependabot/hex/file_updater/lockfile_updater.rb, line 86
def lock_mixfile_dependency_versions(mixfile_content, filename)
  dependencies.
    reduce(mixfile_content.dup) do |content, dep|
      # Run on the updated mixfile content, so we're updating from the
      # updated requirements
      req_details = dep.requirements.find { |r| r[:file] == filename }

      next content unless req_details
      next content unless Hex::Version.correct?(dep.version)

      MixfileRequirementUpdater.new(
        dependency_name: dep.name,
        mixfile_content: content,
        previous_requirement: req_details.fetch(:requirement),
        updated_requirement: dep.version,
        insert_if_bare: true
      ).updated_content
    end
end
lockfile() click to toggle source
# File lib/dependabot/hex/file_updater/lockfile_updater.rb, line 131
def lockfile
  @lockfile ||= dependency_files.find { |f| f.name == "mix.lock" }
end
mix_env() click to toggle source
# File lib/dependabot/hex/file_updater/lockfile_updater.rb, line 110
def mix_env
  {
    "MIX_EXS" => File.join(NativeHelpers.hex_helpers_dir, "mix.exs"),
    "MIX_LOCK" => File.join(NativeHelpers.hex_helpers_dir, "mix.lock"),
    "MIX_DEPS" => File.join(NativeHelpers.hex_helpers_dir, "deps"),
    "MIX_QUIET" => "1"
  }
end
mixfile_content_for_lockfile_generation(file) click to toggle source
# File lib/dependabot/hex/file_updater/lockfile_updater.rb, line 73
def mixfile_content_for_lockfile_generation(file)
  content = updated_mixfile_content(file)
  content = lock_mixfile_dependency_versions(content, file.name)
  sanitize_mixfile(content)
end
mixfiles() click to toggle source
# File lib/dependabot/hex/file_updater/lockfile_updater.rb, line 127
def mixfiles
  dependency_files.select { |f| f.name.end_with?("mix.exs") }
end
organization_credentials() click to toggle source
# File lib/dependabot/hex/file_updater/lockfile_updater.rb, line 135
def organization_credentials
  credentials.select { |cred| cred["type"] == "hex_organization" }.
    flat_map { |cred| [cred["organization"], cred.fetch("token", "")] }
end
post_process_lockfile(content) click to toggle source
# File lib/dependabot/hex/file_updater/lockfile_updater.rb, line 49
def post_process_lockfile(content)
  return content unless lockfile.content.start_with?("%{\"")
  return content if content.start_with?("%{\"")

  # Substitute back old file beginning and ending
  content.sub(/\A%\{\n  "/, "%{\"").sub(/\},\n\}/, "}}")
end
sanitize_mixfile(content) click to toggle source
# File lib/dependabot/hex/file_updater/lockfile_updater.rb, line 106
def sanitize_mixfile(content)
  MixfileSanitizer.new(mixfile_content: content).sanitized_content
end
updated_mixfile_content(file) click to toggle source
# File lib/dependabot/hex/file_updater/lockfile_updater.rb, line 79
def updated_mixfile_content(file)
  MixfileUpdater.new(
    dependencies: dependencies,
    mixfile: file
  ).updated_mixfile_content
end
write_temporary_dependency_files() click to toggle source
# File lib/dependabot/hex/file_updater/lockfile_updater.rb, line 57
def write_temporary_dependency_files
  mixfiles.each do |file|
    path = file.name
    FileUtils.mkdir_p(Pathname.new(path).dirname)
    File.write(path, mixfile_content_for_lockfile_generation(file))
  end

  File.write("mix.lock", lockfile.content)

  dependency_files.select(&:support_file).each do |file|
    path = file.name
    FileUtils.mkdir_p(Pathname.new(path).dirname)
    File.write(path, sanitize_mixfile(file.content))
  end
end