class Dependabot::NpmAndYarn::UpdateChecker::LibraryDetector
Attributes
package_json_file[R]
Public Class Methods
new(package_json_file:)
click to toggle source
# File lib/dependabot/npm_and_yarn/update_checker/library_detector.rb, line 11 def initialize(package_json_file:) @package_json_file = package_json_file end
Public Instance Methods
library?()
click to toggle source
# File lib/dependabot/npm_and_yarn/update_checker/library_detector.rb, line 15 def library? return false unless package_json_may_be_for_library? npm_response_matches_package_json? end
Private Instance Methods
escaped_project_name()
click to toggle source
# File lib/dependabot/npm_and_yarn/update_checker/library_detector.rb, line 57 def escaped_project_name project_name&.gsub("/", "%2F") end
npm_response_matches_package_json?()
click to toggle source
# File lib/dependabot/npm_and_yarn/update_checker/library_detector.rb, line 34 def npm_response_matches_package_json? project_description = parsed_package_json["description"] return false unless project_description # Check if the project is listed on npm. If it is, it's a library @project_npm_response ||= Excon.get( "https://registry.npmjs.org/#{escaped_project_name}", idempotent: true, **SharedHelpers.excon_defaults ) return false unless @project_npm_response.status == 200 @project_npm_response.body.force_encoding("UTF-8").encode. include?(project_description) rescue Excon::Error::Socket, Excon::Error::Timeout, URI::InvalidURIError false end
package_json_may_be_for_library?()
click to toggle source
# File lib/dependabot/npm_and_yarn/update_checker/library_detector.rb, line 25 def package_json_may_be_for_library? return false unless project_name return false if project_name.match?(/\{\{.*\}\}/) return false unless parsed_package_json["version"] return false if parsed_package_json["private"] true end
parsed_package_json()
click to toggle source
# File lib/dependabot/npm_and_yarn/update_checker/library_detector.rb, line 61 def parsed_package_json @parsed_package_json ||= JSON.parse(package_json_file.content) end
project_name()
click to toggle source
# File lib/dependabot/npm_and_yarn/update_checker/library_detector.rb, line 53 def project_name parsed_package_json.fetch("name", nil) end