dependabot-core 0.76.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/CHANGELOG.md +6408 -0
- data/LICENSE +37 -0
- data/README.md +115 -0
- data/helpers/elixir/bin/check_update.exs +92 -0
- data/helpers/elixir/bin/do_update.exs +39 -0
- data/helpers/elixir/bin/parse_deps.exs +103 -0
- data/helpers/elixir/bin/run.exs +76 -0
- data/helpers/elixir/mix.exs +21 -0
- data/helpers/elixir/mix.lock +3 -0
- data/helpers/go/Makefile +9 -0
- data/helpers/go/go.mod +9 -0
- data/helpers/go/go.sum +5 -0
- data/helpers/go/importresolver/main.go +34 -0
- data/helpers/go/main.go +77 -0
- data/helpers/go/updatechecker/main.go +107 -0
- data/helpers/go/updater/go.mod +3 -0
- data/helpers/go/updater/go.sum +2 -0
- data/helpers/go/updater/helpers.go +57 -0
- data/helpers/go/updater/main.go +48 -0
- data/helpers/npm/.agignore +1 -0
- data/helpers/npm/.envrc +2 -0
- data/helpers/npm/.eslintrc +14 -0
- data/helpers/npm/.nvimrc +7 -0
- data/helpers/npm/bin/run.js +34 -0
- data/helpers/npm/lib/helpers.js +25 -0
- data/helpers/npm/lib/peer-dependency-checker.js +102 -0
- data/helpers/npm/lib/subdependency-updater.js +48 -0
- data/helpers/npm/lib/updater.js +95 -0
- data/helpers/npm/package.json +17 -0
- data/helpers/npm/test/fixtures/npm-left-pad.json +1 -0
- data/helpers/npm/test/fixtures/updater/original/package-lock.json +16 -0
- data/helpers/npm/test/fixtures/updater/original/package.json +9 -0
- data/helpers/npm/test/fixtures/updater/updated/package-lock.json +16 -0
- data/helpers/npm/test/helpers.js +7 -0
- data/helpers/npm/test/updater.test.js +50 -0
- data/helpers/npm/yarn.lock +6120 -0
- data/helpers/php/.php_cs +34 -0
- data/helpers/php/bin/run.php +57 -0
- data/helpers/php/composer.json +14 -0
- data/helpers/php/composer.lock +1521 -0
- data/helpers/php/composer.phar +0 -0
- data/helpers/php/setup.sh +4 -0
- data/helpers/php/src/DependabotInstallationManager.php +61 -0
- data/helpers/php/src/DependabotPluginManager.php +23 -0
- data/helpers/php/src/ExceptionIO.php +25 -0
- data/helpers/php/src/Hasher.php +21 -0
- data/helpers/php/src/UpdateChecker.php +123 -0
- data/helpers/php/src/Updater.php +97 -0
- data/helpers/python/lib/__init__.py +0 -0
- data/helpers/python/lib/hasher.py +23 -0
- data/helpers/python/lib/parser.py +130 -0
- data/helpers/python/requirements.txt +9 -0
- data/helpers/python/run.py +18 -0
- data/helpers/test/run.rb +15 -0
- data/helpers/utils/git-credential-store-immutable +10 -0
- data/helpers/yarn/.agignore +1 -0
- data/helpers/yarn/.envrc +2 -0
- data/helpers/yarn/.eslintrc +14 -0
- data/helpers/yarn/.nvimrc +7 -0
- data/helpers/yarn/bin/run.js +36 -0
- data/helpers/yarn/lib/fix-duplicates.js +53 -0
- data/helpers/yarn/lib/helpers.js +5 -0
- data/helpers/yarn/lib/lockfile-parser.js +21 -0
- data/helpers/yarn/lib/peer-dependency-checker.js +130 -0
- data/helpers/yarn/lib/replace-lockfile-declaration.js +45 -0
- data/helpers/yarn/lib/subdependency-updater.js +69 -0
- data/helpers/yarn/lib/updater.js +254 -0
- data/helpers/yarn/package.json +17 -0
- data/helpers/yarn/test/fixtures/updater/original/package.json +6 -0
- data/helpers/yarn/test/fixtures/updater/original/yarn.lock +11 -0
- data/helpers/yarn/test/fixtures/updater/updated/yarn.lock +12 -0
- data/helpers/yarn/test/fixtures/updater/with-version-comments/package.json +5 -0
- data/helpers/yarn/test/fixtures/updater/with-version-comments/yarn.lock +13 -0
- data/helpers/yarn/test/fixtures/yarnpkg-is-positive.json +1 -0
- data/helpers/yarn/test/fixtures/yarnpkg-left-pad.json +1 -0
- data/helpers/yarn/test/helpers.js +7 -0
- data/helpers/yarn/test/updater.test.js +93 -0
- data/helpers/yarn/yarn.lock +4912 -0
- data/lib/bundler_definition_bundler_version_patch.rb +15 -0
- data/lib/bundler_definition_ruby_version_patch.rb +14 -0
- data/lib/bundler_git_source_patch.rb +27 -0
- data/lib/dependabot.rb +4 -0
- data/lib/dependabot/clients/bitbucket.rb +101 -0
- data/lib/dependabot/clients/github_with_retries.rb +117 -0
- data/lib/dependabot/clients/gitlab.rb +72 -0
- data/lib/dependabot/dependency.rb +118 -0
- data/lib/dependabot/dependency_file.rb +54 -0
- data/lib/dependabot/errors.rb +179 -0
- data/lib/dependabot/file_fetchers.rb +48 -0
- data/lib/dependabot/file_fetchers/README.md +65 -0
- data/lib/dependabot/file_fetchers/base.rb +302 -0
- data/lib/dependabot/file_fetchers/docker/docker.rb +40 -0
- data/lib/dependabot/file_fetchers/dotnet/nuget.rb +215 -0
- data/lib/dependabot/file_fetchers/dotnet/nuget/import_paths_finder.rb +51 -0
- data/lib/dependabot/file_fetchers/dotnet/nuget/sln_project_paths_finder.rb +55 -0
- data/lib/dependabot/file_fetchers/elixir/hex.rb +78 -0
- data/lib/dependabot/file_fetchers/elm/elm_package.rb +52 -0
- data/lib/dependabot/file_fetchers/git/submodules.rb +73 -0
- data/lib/dependabot/file_fetchers/go/dep.rb +69 -0
- data/lib/dependabot/file_fetchers/go/modules.rb +64 -0
- data/lib/dependabot/file_fetchers/java/gradle.rb +56 -0
- data/lib/dependabot/file_fetchers/java/gradle/settings_file_parser.rb +66 -0
- data/lib/dependabot/file_fetchers/java/maven.rb +127 -0
- data/lib/dependabot/file_fetchers/java_script/npm_and_yarn.rb +330 -0
- data/lib/dependabot/file_fetchers/java_script/npm_and_yarn/path_dependency_builder.rb +107 -0
- data/lib/dependabot/file_fetchers/php/composer.rb +131 -0
- data/lib/dependabot/file_fetchers/python/pip.rb +305 -0
- data/lib/dependabot/file_fetchers/ruby/bundler.rb +185 -0
- data/lib/dependabot/file_fetchers/ruby/bundler/child_gemfile_finder.rb +70 -0
- data/lib/dependabot/file_fetchers/ruby/bundler/path_gemspec_finder.rb +114 -0
- data/lib/dependabot/file_fetchers/ruby/bundler/require_relative_finder.rb +67 -0
- data/lib/dependabot/file_fetchers/rust/cargo.rb +240 -0
- data/lib/dependabot/file_parsers.rb +48 -0
- data/lib/dependabot/file_parsers/README.md +45 -0
- data/lib/dependabot/file_parsers/base.rb +31 -0
- data/lib/dependabot/file_parsers/base/dependency_set.rb +77 -0
- data/lib/dependabot/file_parsers/docker/docker.rb +164 -0
- data/lib/dependabot/file_parsers/dotnet/nuget.rb +85 -0
- data/lib/dependabot/file_parsers/dotnet/nuget/packages_config_parser.rb +65 -0
- data/lib/dependabot/file_parsers/dotnet/nuget/project_file_parser.rb +156 -0
- data/lib/dependabot/file_parsers/dotnet/nuget/property_value_finder.rb +131 -0
- data/lib/dependabot/file_parsers/elixir/hex.rb +134 -0
- data/lib/dependabot/file_parsers/elm/elm_package.rb +136 -0
- data/lib/dependabot/file_parsers/git/submodules.rb +69 -0
- data/lib/dependabot/file_parsers/go/dep.rb +163 -0
- data/lib/dependabot/file_parsers/go/modules.rb +34 -0
- data/lib/dependabot/file_parsers/go/modules/go_mod_parser.rb +134 -0
- data/lib/dependabot/file_parsers/java/gradle.rb +236 -0
- data/lib/dependabot/file_parsers/java/gradle/property_value_finder.rb +90 -0
- data/lib/dependabot/file_parsers/java/gradle/repositories_finder.rb +145 -0
- data/lib/dependabot/file_parsers/java/maven.rb +252 -0
- data/lib/dependabot/file_parsers/java/maven/property_value_finder.rb +166 -0
- data/lib/dependabot/file_parsers/java/maven/repositories_finder.rb +188 -0
- data/lib/dependabot/file_parsers/java_script/npm_and_yarn.rb +394 -0
- data/lib/dependabot/file_parsers/php/composer.rb +177 -0
- data/lib/dependabot/file_parsers/python/pip.rb +223 -0
- data/lib/dependabot/file_parsers/python/pip/pipfile_files_parser.rb +154 -0
- data/lib/dependabot/file_parsers/python/pip/poetry_files_parser.rb +141 -0
- data/lib/dependabot/file_parsers/python/pip/setup_file_parser.rb +160 -0
- data/lib/dependabot/file_parsers/ruby/bundler.rb +295 -0
- data/lib/dependabot/file_parsers/ruby/bundler/file_preparer.rb +85 -0
- data/lib/dependabot/file_parsers/ruby/bundler/gemfile_checker.rb +48 -0
- data/lib/dependabot/file_parsers/rust/cargo.rb +213 -0
- data/lib/dependabot/file_updaters.rb +48 -0
- data/lib/dependabot/file_updaters/README.md +58 -0
- data/lib/dependabot/file_updaters/base.rb +52 -0
- data/lib/dependabot/file_updaters/docker/docker.rb +133 -0
- data/lib/dependabot/file_updaters/dotnet/nuget.rb +151 -0
- data/lib/dependabot/file_updaters/dotnet/nuget/packages_config_declaration_finder.rb +69 -0
- data/lib/dependabot/file_updaters/dotnet/nuget/project_file_declaration_finder.rb +78 -0
- data/lib/dependabot/file_updaters/dotnet/nuget/property_value_updater.rb +64 -0
- data/lib/dependabot/file_updaters/elixir/hex.rb +71 -0
- data/lib/dependabot/file_updaters/elixir/hex/lockfile_updater.rb +147 -0
- data/lib/dependabot/file_updaters/elixir/hex/mixfile_git_pin_updater.rb +53 -0
- data/lib/dependabot/file_updaters/elixir/hex/mixfile_requirement_updater.rb +74 -0
- data/lib/dependabot/file_updaters/elixir/hex/mixfile_sanitizer.rb +28 -0
- data/lib/dependabot/file_updaters/elixir/hex/mixfile_updater.rb +98 -0
- data/lib/dependabot/file_updaters/elm/elm_package.rb +79 -0
- data/lib/dependabot/file_updaters/elm/elm_package/elm_json_updater.rb +69 -0
- data/lib/dependabot/file_updaters/elm/elm_package/elm_package_updater.rb +69 -0
- data/lib/dependabot/file_updaters/git/submodules.rb +38 -0
- data/lib/dependabot/file_updaters/go/dep.rb +77 -0
- data/lib/dependabot/file_updaters/go/dep/lockfile_updater.rb +219 -0
- data/lib/dependabot/file_updaters/go/dep/manifest_updater.rb +155 -0
- data/lib/dependabot/file_updaters/go/modules.rb +71 -0
- data/lib/dependabot/file_updaters/go/modules/go_mod_updater.rb +81 -0
- data/lib/dependabot/file_updaters/java/gradle.rb +176 -0
- data/lib/dependabot/file_updaters/java/gradle/dependency_set_updater.rb +66 -0
- data/lib/dependabot/file_updaters/java/gradle/property_value_updater.rb +58 -0
- data/lib/dependabot/file_updaters/java/maven.rb +155 -0
- data/lib/dependabot/file_updaters/java/maven/declaration_finder.rb +132 -0
- data/lib/dependabot/file_updaters/java/maven/property_value_updater.rb +61 -0
- data/lib/dependabot/file_updaters/java_script/npm_and_yarn.rb +159 -0
- data/lib/dependabot/file_updaters/java_script/npm_and_yarn/npm_lockfile_updater.rb +532 -0
- data/lib/dependabot/file_updaters/java_script/npm_and_yarn/npmrc_builder.rb +191 -0
- data/lib/dependabot/file_updaters/java_script/npm_and_yarn/package_json_preparer.rb +91 -0
- data/lib/dependabot/file_updaters/java_script/npm_and_yarn/package_json_updater.rb +220 -0
- data/lib/dependabot/file_updaters/java_script/npm_and_yarn/yarn_lockfile_updater.rb +475 -0
- data/lib/dependabot/file_updaters/php/composer.rb +78 -0
- data/lib/dependabot/file_updaters/php/composer/lockfile_updater.rb +264 -0
- data/lib/dependabot/file_updaters/php/composer/manifest_updater.rb +70 -0
- data/lib/dependabot/file_updaters/python/pip.rb +147 -0
- data/lib/dependabot/file_updaters/python/pip/pip_compile_file_updater.rb +363 -0
- data/lib/dependabot/file_updaters/python/pip/pipfile_file_updater.rb +397 -0
- data/lib/dependabot/file_updaters/python/pip/pipfile_preparer.rb +125 -0
- data/lib/dependabot/file_updaters/python/pip/poetry_file_updater.rb +289 -0
- data/lib/dependabot/file_updaters/python/pip/pyproject_preparer.rb +105 -0
- data/lib/dependabot/file_updaters/python/pip/requirement_file_updater.rb +166 -0
- data/lib/dependabot/file_updaters/python/pip/requirement_replacer.rb +95 -0
- data/lib/dependabot/file_updaters/python/pip/setup_file_sanitizer.rb +91 -0
- data/lib/dependabot/file_updaters/ruby/bundler.rb +121 -0
- data/lib/dependabot/file_updaters/ruby/bundler/gemfile_updater.rb +116 -0
- data/lib/dependabot/file_updaters/ruby/bundler/gemspec_dependency_name_finder.rb +52 -0
- data/lib/dependabot/file_updaters/ruby/bundler/gemspec_sanitizer.rb +298 -0
- data/lib/dependabot/file_updaters/ruby/bundler/gemspec_updater.rb +64 -0
- data/lib/dependabot/file_updaters/ruby/bundler/git_pin_replacer.rb +80 -0
- data/lib/dependabot/file_updaters/ruby/bundler/git_source_remover.rb +102 -0
- data/lib/dependabot/file_updaters/ruby/bundler/lockfile_updater.rb +384 -0
- data/lib/dependabot/file_updaters/ruby/bundler/requirement_replacer.rb +188 -0
- data/lib/dependabot/file_updaters/rust/cargo.rb +83 -0
- data/lib/dependabot/file_updaters/rust/cargo/lockfile_updater.rb +251 -0
- data/lib/dependabot/file_updaters/rust/cargo/manifest_updater.rb +162 -0
- data/lib/dependabot/git_commit_checker.rb +412 -0
- data/lib/dependabot/metadata_finders.rb +46 -0
- data/lib/dependabot/metadata_finders/README.md +53 -0
- data/lib/dependabot/metadata_finders/base.rb +117 -0
- data/lib/dependabot/metadata_finders/base/changelog_finder.rb +317 -0
- data/lib/dependabot/metadata_finders/base/changelog_pruner.rb +177 -0
- data/lib/dependabot/metadata_finders/base/commits_finder.rb +217 -0
- data/lib/dependabot/metadata_finders/base/release_finder.rb +251 -0
- data/lib/dependabot/metadata_finders/docker/docker.rb +18 -0
- data/lib/dependabot/metadata_finders/dotnet/nuget.rb +116 -0
- data/lib/dependabot/metadata_finders/elixir/hex.rb +69 -0
- data/lib/dependabot/metadata_finders/elm/elm_package.rb +22 -0
- data/lib/dependabot/metadata_finders/git/submodules.rb +20 -0
- data/lib/dependabot/metadata_finders/go/dep.rb +56 -0
- data/lib/dependabot/metadata_finders/java/maven.rb +173 -0
- data/lib/dependabot/metadata_finders/java_script/npm_and_yarn.rb +215 -0
- data/lib/dependabot/metadata_finders/php/composer.rb +66 -0
- data/lib/dependabot/metadata_finders/python/pip.rb +120 -0
- data/lib/dependabot/metadata_finders/ruby/bundler.rb +150 -0
- data/lib/dependabot/metadata_finders/rust/cargo.rb +64 -0
- data/lib/dependabot/pull_request_creator.rb +151 -0
- data/lib/dependabot/pull_request_creator/branch_namer.rb +170 -0
- data/lib/dependabot/pull_request_creator/commit_signer.rb +63 -0
- data/lib/dependabot/pull_request_creator/github.rb +233 -0
- data/lib/dependabot/pull_request_creator/gitlab.rb +122 -0
- data/lib/dependabot/pull_request_creator/labeler.rb +361 -0
- data/lib/dependabot/pull_request_creator/message_builder.rb +888 -0
- data/lib/dependabot/pull_request_updater.rb +43 -0
- data/lib/dependabot/pull_request_updater/github.rb +151 -0
- data/lib/dependabot/shared_helpers.rb +201 -0
- data/lib/dependabot/source.rb +120 -0
- data/lib/dependabot/update_checkers.rb +48 -0
- data/lib/dependabot/update_checkers/README.md +67 -0
- data/lib/dependabot/update_checkers/base.rb +220 -0
- data/lib/dependabot/update_checkers/docker/docker.rb +290 -0
- data/lib/dependabot/update_checkers/dotnet/nuget.rb +127 -0
- data/lib/dependabot/update_checkers/dotnet/nuget/property_updater.rb +97 -0
- data/lib/dependabot/update_checkers/dotnet/nuget/repository_finder.rb +232 -0
- data/lib/dependabot/update_checkers/dotnet/nuget/requirements_updater.rb +81 -0
- data/lib/dependabot/update_checkers/dotnet/nuget/version_finder.rb +231 -0
- data/lib/dependabot/update_checkers/elixir/hex.rb +274 -0
- data/lib/dependabot/update_checkers/elixir/hex/file_preparer.rb +193 -0
- data/lib/dependabot/update_checkers/elixir/hex/requirements_updater.rb +177 -0
- data/lib/dependabot/update_checkers/elixir/hex/version_resolver.rb +175 -0
- data/lib/dependabot/update_checkers/elm/elm_package.rb +126 -0
- data/lib/dependabot/update_checkers/elm/elm_package/cli_parser.rb +33 -0
- data/lib/dependabot/update_checkers/elm/elm_package/elm_18_version_resolver.rb +234 -0
- data/lib/dependabot/update_checkers/elm/elm_package/elm_19_version_resolver.rb +198 -0
- data/lib/dependabot/update_checkers/elm/elm_package/requirements_updater.rb +75 -0
- data/lib/dependabot/update_checkers/git/submodules.rb +52 -0
- data/lib/dependabot/update_checkers/go/dep.rb +311 -0
- data/lib/dependabot/update_checkers/go/dep/file_preparer.rb +221 -0
- data/lib/dependabot/update_checkers/go/dep/latest_version_finder.rb +169 -0
- data/lib/dependabot/update_checkers/go/dep/requirements_updater.rb +223 -0
- data/lib/dependabot/update_checkers/go/dep/version_resolver.rb +164 -0
- data/lib/dependabot/update_checkers/go/modules.rb +112 -0
- data/lib/dependabot/update_checkers/java/gradle.rb +148 -0
- data/lib/dependabot/update_checkers/java/gradle/multi_dependency_updater.rb +105 -0
- data/lib/dependabot/update_checkers/java/gradle/version_finder.rb +183 -0
- data/lib/dependabot/update_checkers/java/maven.rb +159 -0
- data/lib/dependabot/update_checkers/java/maven/property_updater.rb +127 -0
- data/lib/dependabot/update_checkers/java/maven/requirements_updater.rb +92 -0
- data/lib/dependabot/update_checkers/java/maven/version_finder.rb +225 -0
- data/lib/dependabot/update_checkers/java_script/npm_and_yarn.rb +280 -0
- data/lib/dependabot/update_checkers/java_script/npm_and_yarn/latest_version_finder.rb +342 -0
- data/lib/dependabot/update_checkers/java_script/npm_and_yarn/library_detector.rb +69 -0
- data/lib/dependabot/update_checkers/java_script/npm_and_yarn/registry_finder.rb +226 -0
- data/lib/dependabot/update_checkers/java_script/npm_and_yarn/requirements_updater.rb +197 -0
- data/lib/dependabot/update_checkers/java_script/npm_and_yarn/subdependency_version_resolver.rb +228 -0
- data/lib/dependabot/update_checkers/java_script/npm_and_yarn/version_resolver.rb +452 -0
- data/lib/dependabot/update_checkers/php/composer.rb +165 -0
- data/lib/dependabot/update_checkers/php/composer/requirements_updater.rb +243 -0
- data/lib/dependabot/update_checkers/php/composer/version_resolver.rb +203 -0
- data/lib/dependabot/update_checkers/python/pip.rb +227 -0
- data/lib/dependabot/update_checkers/python/pip/latest_version_finder.rb +252 -0
- data/lib/dependabot/update_checkers/python/pip/pip_compile_version_resolver.rb +380 -0
- data/lib/dependabot/update_checkers/python/pip/pipfile_version_resolver.rb +559 -0
- data/lib/dependabot/update_checkers/python/pip/poetry_version_resolver.rb +300 -0
- data/lib/dependabot/update_checkers/python/pip/requirements_updater.rb +367 -0
- data/lib/dependabot/update_checkers/ruby/bundler.rb +324 -0
- data/lib/dependabot/update_checkers/ruby/bundler/file_preparer.rb +278 -0
- data/lib/dependabot/update_checkers/ruby/bundler/force_updater.rb +261 -0
- data/lib/dependabot/update_checkers/ruby/bundler/latest_version_finder.rb +169 -0
- data/lib/dependabot/update_checkers/ruby/bundler/requirements_updater.rb +264 -0
- data/lib/dependabot/update_checkers/ruby/bundler/ruby_requirement_setter.rb +115 -0
- data/lib/dependabot/update_checkers/ruby/bundler/shared_bundler_helpers.rb +243 -0
- data/lib/dependabot/update_checkers/ruby/bundler/version_resolver.rb +255 -0
- data/lib/dependabot/update_checkers/rust/cargo.rb +282 -0
- data/lib/dependabot/update_checkers/rust/cargo/file_preparer.rb +202 -0
- data/lib/dependabot/update_checkers/rust/cargo/requirements_updater.rb +175 -0
- data/lib/dependabot/update_checkers/rust/cargo/version_resolver.rb +242 -0
- data/lib/dependabot/utils.rb +84 -0
- data/lib/dependabot/utils/docker/credentials_finder.rb +65 -0
- data/lib/dependabot/utils/dotnet/requirement.rb +90 -0
- data/lib/dependabot/utils/dotnet/version.rb +22 -0
- data/lib/dependabot/utils/elixir/requirement.rb +53 -0
- data/lib/dependabot/utils/elixir/version.rb +59 -0
- data/lib/dependabot/utils/elm/requirement.rb +92 -0
- data/lib/dependabot/utils/elm/version.rb +19 -0
- data/lib/dependabot/utils/go/path_converter.rb +74 -0
- data/lib/dependabot/utils/go/requirement.rb +152 -0
- data/lib/dependabot/utils/go/shared_helper.rb +20 -0
- data/lib/dependabot/utils/go/version.rb +40 -0
- data/lib/dependabot/utils/java/requirement.rb +110 -0
- data/lib/dependabot/utils/java/version.rb +179 -0
- data/lib/dependabot/utils/java_script/requirement.rb +117 -0
- data/lib/dependabot/utils/java_script/version.rb +30 -0
- data/lib/dependabot/utils/php/requirement.rb +97 -0
- data/lib/dependabot/utils/php/version.rb +22 -0
- data/lib/dependabot/utils/python/requirement.rb +130 -0
- data/lib/dependabot/utils/python/version.rb +88 -0
- data/lib/dependabot/utils/ruby/requirement.rb +26 -0
- data/lib/dependabot/utils/rust/requirement.rb +108 -0
- data/lib/dependabot/utils/rust/version.rb +32 -0
- data/lib/dependabot/version.rb +5 -0
- data/lib/python_requirement_parser.rb +33 -0
- data/lib/python_versions.rb +21 -0
- metadata +641 -0
|
@@ -0,0 +1,117 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require "dependabot/utils/java_script/version"
|
|
4
|
+
|
|
5
|
+
module Dependabot
|
|
6
|
+
module Utils
|
|
7
|
+
module JavaScript
|
|
8
|
+
class Requirement < Gem::Requirement
|
|
9
|
+
AND_SEPARATOR = /(?<=[a-zA-Z0-9*])\s+(?:&+\s+)?(?!\s*[|-])/.freeze
|
|
10
|
+
OR_SEPARATOR = /(?<=[a-zA-Z0-9*])\s*\|+/.freeze
|
|
11
|
+
|
|
12
|
+
# Override the version pattern to allow a 'v' prefix
|
|
13
|
+
quoted = OPS.keys.map { |k| Regexp.quote(k) }.join("|")
|
|
14
|
+
version_pattern = "v?#{Gem::Version::VERSION_PATTERN}"
|
|
15
|
+
|
|
16
|
+
PATTERN_RAW = "\\s*(#{quoted})?\\s*(#{version_pattern})\\s*"
|
|
17
|
+
PATTERN = /\A#{PATTERN_RAW}\z/.freeze
|
|
18
|
+
|
|
19
|
+
def self.parse(obj)
|
|
20
|
+
if obj.is_a?(Gem::Version)
|
|
21
|
+
return ["=", Utils::JavaScript::Version.new(obj.to_s)]
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
unless (matches = PATTERN.match(obj.to_s))
|
|
25
|
+
msg = "Illformed requirement [#{obj.inspect}]"
|
|
26
|
+
raise BadRequirementError, msg
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
return DefaultRequirement if matches[1] == ">=" && matches[2] == "0"
|
|
30
|
+
|
|
31
|
+
[matches[1] || "=", Utils::JavaScript::Version.new(matches[2])]
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
# Returns an array of requirements. At least one requirement from the
|
|
35
|
+
# returned array must be satisfied for a version to be valid.
|
|
36
|
+
def self.requirements_array(requirement_string)
|
|
37
|
+
return [new(nil)] if requirement_string.nil?
|
|
38
|
+
|
|
39
|
+
# Removing parentheses is technically wrong but they are extremely
|
|
40
|
+
# rarely used.
|
|
41
|
+
# TODO: Handle complicated parenthesised requirements
|
|
42
|
+
requirement_string = requirement_string.gsub(/[()]/, "")
|
|
43
|
+
requirement_string.strip.split(OR_SEPARATOR).map do |req_string|
|
|
44
|
+
requirements = req_string.strip.split(AND_SEPARATOR)
|
|
45
|
+
new(requirements)
|
|
46
|
+
end
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
def initialize(*requirements)
|
|
50
|
+
requirements = requirements.flatten.flat_map do |req_string|
|
|
51
|
+
convert_js_constraint_to_ruby_constraint(req_string)
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
super(requirements)
|
|
55
|
+
end
|
|
56
|
+
|
|
57
|
+
private
|
|
58
|
+
|
|
59
|
+
# rubocop:disable Metrics/PerceivedComplexity
|
|
60
|
+
def convert_js_constraint_to_ruby_constraint(req_string)
|
|
61
|
+
return req_string if req_string.match?(/^([A-Za-uw-z]|v[^\d])/)
|
|
62
|
+
|
|
63
|
+
req_string = req_string.gsub(/(?:\.|^)[xX*]/, "")
|
|
64
|
+
|
|
65
|
+
if req_string.empty? then ">= 0"
|
|
66
|
+
elsif req_string.start_with?("~") then convert_tilde_req(req_string)
|
|
67
|
+
elsif req_string.start_with?("^") then convert_caret_req(req_string)
|
|
68
|
+
elsif req_string.include?(" - ") then convert_hyphen_req(req_string)
|
|
69
|
+
elsif req_string.match?(/[<>]/) then req_string
|
|
70
|
+
else ruby_range(req_string)
|
|
71
|
+
end
|
|
72
|
+
end
|
|
73
|
+
# rubocop:enable Metrics/PerceivedComplexity
|
|
74
|
+
|
|
75
|
+
def convert_tilde_req(req_string)
|
|
76
|
+
version = req_string.gsub(/^~\>?/, "")
|
|
77
|
+
parts = version.split(".")
|
|
78
|
+
parts << "0" if parts.count < 3
|
|
79
|
+
"~> #{parts.join('.')}"
|
|
80
|
+
end
|
|
81
|
+
|
|
82
|
+
def convert_hyphen_req(req_string)
|
|
83
|
+
lower_bound, upper_bound = req_string.split(/\s+-\s+/)
|
|
84
|
+
[">= #{lower_bound}", "<= #{upper_bound}"]
|
|
85
|
+
end
|
|
86
|
+
|
|
87
|
+
def ruby_range(req_string)
|
|
88
|
+
parts = req_string.split(".")
|
|
89
|
+
# If we have three or more parts then this is an exact match
|
|
90
|
+
return req_string if parts.count >= 3
|
|
91
|
+
|
|
92
|
+
# If we have fewer than three parts we do a partial match
|
|
93
|
+
parts << "0"
|
|
94
|
+
"~> #{parts.join('.')}"
|
|
95
|
+
end
|
|
96
|
+
|
|
97
|
+
def convert_caret_req(req_string)
|
|
98
|
+
version = req_string.gsub(/^\^/, "")
|
|
99
|
+
parts = version.split(".")
|
|
100
|
+
parts = parts.fill(0, parts.length...3)
|
|
101
|
+
first_non_zero = parts.find { |d| d != "0" }
|
|
102
|
+
first_non_zero_index =
|
|
103
|
+
first_non_zero ? parts.index(first_non_zero) : parts.count - 1
|
|
104
|
+
upper_bound = parts.map.with_index do |part, i|
|
|
105
|
+
if i < first_non_zero_index then part
|
|
106
|
+
elsif i == first_non_zero_index then (part.to_i + 1).to_s
|
|
107
|
+
elsif i > first_non_zero_index && i == 2 then "0.a"
|
|
108
|
+
else 0
|
|
109
|
+
end
|
|
110
|
+
end.join(".")
|
|
111
|
+
|
|
112
|
+
[">= #{version}", "< #{upper_bound}"]
|
|
113
|
+
end
|
|
114
|
+
end
|
|
115
|
+
end
|
|
116
|
+
end
|
|
117
|
+
end
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
# JavaScript pre-release versions use 1.0.1-rc1 syntax, which Gem::Version
|
|
4
|
+
# converts into 1.0.1.pre.rc1. We override the `to_s` method to stop that
|
|
5
|
+
# alteration.
|
|
6
|
+
#
|
|
7
|
+
# See https://semver.org/ for details of node's version syntax.
|
|
8
|
+
|
|
9
|
+
module Dependabot
|
|
10
|
+
module Utils
|
|
11
|
+
module JavaScript
|
|
12
|
+
class Version < Gem::Version
|
|
13
|
+
def self.correct?(version)
|
|
14
|
+
version = version.gsub(/^v/, "") if version.is_a?(String)
|
|
15
|
+
super(version)
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
def initialize(version)
|
|
19
|
+
@version_string = version.to_s
|
|
20
|
+
version = version.gsub(/^v/, "") if version.is_a?(String)
|
|
21
|
+
super
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
def to_s
|
|
25
|
+
@version_string
|
|
26
|
+
end
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
end
|
|
30
|
+
end
|
|
@@ -0,0 +1,97 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require "dependabot/utils/php/version"
|
|
4
|
+
|
|
5
|
+
module Dependabot
|
|
6
|
+
module Utils
|
|
7
|
+
module Php
|
|
8
|
+
class Requirement < Gem::Requirement
|
|
9
|
+
AND_SEPARATOR =
|
|
10
|
+
/(?<=[a-zA-Z0-9*])(?<!\sas)[\s,]+(?![\s,]*[|-]|as)/.freeze
|
|
11
|
+
OR_SEPARATOR = /(?<=[a-zA-Z0-9*])[\s,]*\|\|?\s*/.freeze
|
|
12
|
+
|
|
13
|
+
def self.parse(obj)
|
|
14
|
+
new_obj = obj.gsub(/@\w+/, "").gsub(/[a-z0-9\-_\.]*\sas\s+/i, "")
|
|
15
|
+
super(new_obj)
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
# Returns an array of requirements. At least one requirement from the
|
|
19
|
+
# returned array must be satisfied for a version to be valid.
|
|
20
|
+
def self.requirements_array(requirement_string)
|
|
21
|
+
requirement_string.strip.split(OR_SEPARATOR).map do |req_string|
|
|
22
|
+
new(req_string)
|
|
23
|
+
end
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
def initialize(*requirements)
|
|
27
|
+
requirements =
|
|
28
|
+
requirements.flatten.
|
|
29
|
+
flat_map { |req_string| req_string.split(AND_SEPARATOR) }.
|
|
30
|
+
flat_map { |req| convert_php_constraint_to_ruby_constraint(req) }
|
|
31
|
+
|
|
32
|
+
super(requirements)
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
private
|
|
36
|
+
|
|
37
|
+
# rubocop:disable Metrics/PerceivedComplexity
|
|
38
|
+
def convert_php_constraint_to_ruby_constraint(req_string)
|
|
39
|
+
req_string = req_string.gsub(/v(?=\d)/, "")
|
|
40
|
+
|
|
41
|
+
# Return an unlikely version if a dev requirement is specified. This
|
|
42
|
+
# ensures that the dev-requirement doesn't match anything.
|
|
43
|
+
return "0-dev-branch-match" if req_string.strip.start_with?("dev-")
|
|
44
|
+
|
|
45
|
+
if req_string.start_with?("*") then ">= 0"
|
|
46
|
+
elsif req_string.include?("*") then convert_wildcard_req(req_string)
|
|
47
|
+
elsif req_string.match?(/^~[^>]/) then convert_tilde_req(req_string)
|
|
48
|
+
elsif req_string.start_with?("^") then convert_caret_req(req_string)
|
|
49
|
+
elsif req_string.match?(/\s-\s/) then convert_hyphen_req(req_string)
|
|
50
|
+
else req_string
|
|
51
|
+
end
|
|
52
|
+
end
|
|
53
|
+
# rubocop:enable Metrics/PerceivedComplexity
|
|
54
|
+
|
|
55
|
+
def convert_wildcard_req(req_string)
|
|
56
|
+
version = req_string.gsub(/^~/, "").gsub(/(?:\.|^)\*/, "")
|
|
57
|
+
"~> #{version}.0"
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
def convert_tilde_req(req_string)
|
|
61
|
+
version = req_string.gsub(/^~/, "")
|
|
62
|
+
"~> #{version}"
|
|
63
|
+
end
|
|
64
|
+
|
|
65
|
+
def convert_caret_req(req_string)
|
|
66
|
+
version = req_string.gsub(/^\^/, "")
|
|
67
|
+
parts = version.split(".")
|
|
68
|
+
first_non_zero = parts.find { |d| d != "0" }
|
|
69
|
+
first_non_zero_index =
|
|
70
|
+
first_non_zero ? parts.index(first_non_zero) : parts.count - 1
|
|
71
|
+
upper_bound = parts.map.with_index do |part, i|
|
|
72
|
+
if i < first_non_zero_index then part
|
|
73
|
+
elsif i == first_non_zero_index then (part.to_i + 1).to_s
|
|
74
|
+
else 0
|
|
75
|
+
end
|
|
76
|
+
end.join(".")
|
|
77
|
+
|
|
78
|
+
[">= #{version}", "< #{upper_bound}"]
|
|
79
|
+
end
|
|
80
|
+
|
|
81
|
+
def convert_hyphen_req(req_string)
|
|
82
|
+
req_string = req_string
|
|
83
|
+
lower_bound, upper_bound = req_string.split(/\s+-\s+/)
|
|
84
|
+
if upper_bound.split(".").count < 3
|
|
85
|
+
upper_bound_parts = upper_bound.split(".")
|
|
86
|
+
upper_bound_parts[-1] = (upper_bound_parts[-1].to_i + 1).to_s
|
|
87
|
+
upper_bound = upper_bound_parts.join(".")
|
|
88
|
+
|
|
89
|
+
[">= #{lower_bound}", "< #{upper_bound}"]
|
|
90
|
+
else
|
|
91
|
+
[">= #{lower_bound}", "<= #{upper_bound}"]
|
|
92
|
+
end
|
|
93
|
+
end
|
|
94
|
+
end
|
|
95
|
+
end
|
|
96
|
+
end
|
|
97
|
+
end
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
# PHP pre-release versions use 1.0.1-rc1 syntax, which Gem::Version
|
|
4
|
+
# converts into 1.0.1.pre.rc1. We override the `to_s` method to stop that
|
|
5
|
+
# alteration.
|
|
6
|
+
|
|
7
|
+
module Dependabot
|
|
8
|
+
module Utils
|
|
9
|
+
module Php
|
|
10
|
+
class Version < Gem::Version
|
|
11
|
+
def initialize(version)
|
|
12
|
+
@version_string = version.to_s
|
|
13
|
+
super
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
def to_s
|
|
17
|
+
@version_string
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
end
|
|
21
|
+
end
|
|
22
|
+
end
|
|
@@ -0,0 +1,130 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require "dependabot/utils/python/version"
|
|
4
|
+
|
|
5
|
+
module Dependabot
|
|
6
|
+
module Utils
|
|
7
|
+
module Python
|
|
8
|
+
class Requirement < Gem::Requirement
|
|
9
|
+
OR_SEPARATOR = /(?<=[a-zA-Z0-9*])\s*\|+/.freeze
|
|
10
|
+
|
|
11
|
+
# Add equality and arbitrary-equality matchers
|
|
12
|
+
OPS["=="] = ->(v, r) { v == r }
|
|
13
|
+
OPS["==="] = ->(v, r) { v.to_s == r.to_s }
|
|
14
|
+
|
|
15
|
+
quoted = OPS.keys.sort_by(&:length).reverse.
|
|
16
|
+
map { |k| Regexp.quote(k) }.join("|")
|
|
17
|
+
version_pattern = Utils::Python::Version::VERSION_PATTERN
|
|
18
|
+
|
|
19
|
+
PATTERN_RAW = "\\s*(#{quoted})?\\s*(#{version_pattern})\\s*"
|
|
20
|
+
PATTERN = /\A#{PATTERN_RAW}\z/.freeze
|
|
21
|
+
|
|
22
|
+
def self.parse(obj)
|
|
23
|
+
if obj.is_a?(Gem::Version)
|
|
24
|
+
return ["=", Utils::Python::Version.new(obj.to_s)]
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
unless (matches = PATTERN.match(obj.to_s))
|
|
28
|
+
msg = "Illformed requirement [#{obj.inspect}]"
|
|
29
|
+
raise BadRequirementError, msg
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
return DefaultRequirement if matches[1] == ">=" && matches[2] == "0"
|
|
33
|
+
|
|
34
|
+
[matches[1] || "=", Utils::Python::Version.new(matches[2])]
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
# Returns an array of requirements. At least one requirement from the
|
|
38
|
+
# returned array must be satisfied for a version to be valid.
|
|
39
|
+
#
|
|
40
|
+
# NOTE: Or requirements are only valid for Poetry.
|
|
41
|
+
def self.requirements_array(requirement_string)
|
|
42
|
+
return [new(nil)] if requirement_string.nil?
|
|
43
|
+
|
|
44
|
+
requirement_string.strip.split(OR_SEPARATOR).map do |req_string|
|
|
45
|
+
new(req_string.strip)
|
|
46
|
+
end
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
def initialize(*requirements)
|
|
50
|
+
requirements = requirements.flatten.flat_map do |req_string|
|
|
51
|
+
next if req_string.nil?
|
|
52
|
+
|
|
53
|
+
req_string.split(",").map do |r|
|
|
54
|
+
convert_python_constraint_to_ruby_constraint(r)
|
|
55
|
+
end
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
super(requirements)
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
def satisfied_by?(version)
|
|
62
|
+
version = Utils::Python::Version.new(version.to_s)
|
|
63
|
+
super
|
|
64
|
+
end
|
|
65
|
+
|
|
66
|
+
def exact?
|
|
67
|
+
return false unless @requirements.size == 1
|
|
68
|
+
|
|
69
|
+
%w(= == ===).include?(@requirements[0][0])
|
|
70
|
+
end
|
|
71
|
+
|
|
72
|
+
private
|
|
73
|
+
|
|
74
|
+
def convert_python_constraint_to_ruby_constraint(req_string)
|
|
75
|
+
return nil if req_string.nil?
|
|
76
|
+
return nil if req_string == "*"
|
|
77
|
+
|
|
78
|
+
req_string = req_string.gsub("~=", "~>")
|
|
79
|
+
req_string = req_string.gsub(/(?<=\d)[<=>].*/, "")
|
|
80
|
+
|
|
81
|
+
if req_string.match?(/~[^>]/) then convert_tilde_req(req_string)
|
|
82
|
+
elsif req_string.start_with?("^") then convert_caret_req(req_string)
|
|
83
|
+
elsif req_string.include?(".*") then convert_wildcard(req_string)
|
|
84
|
+
else req_string
|
|
85
|
+
end
|
|
86
|
+
end
|
|
87
|
+
|
|
88
|
+
# Poetry uses ~ requirements.
|
|
89
|
+
# https://github.com/sdispater/poetry#tilde-requirements
|
|
90
|
+
def convert_tilde_req(req_string)
|
|
91
|
+
version = req_string.gsub(/^~\>?/, "")
|
|
92
|
+
parts = version.split(".")
|
|
93
|
+
parts << "0" if parts.count < 3
|
|
94
|
+
"~> #{parts.join('.')}"
|
|
95
|
+
end
|
|
96
|
+
|
|
97
|
+
# Poetry uses ^ requirements
|
|
98
|
+
# https://github.com/sdispater/poetry#caret-requirement
|
|
99
|
+
def convert_caret_req(req_string)
|
|
100
|
+
version = req_string.gsub(/^\^/, "")
|
|
101
|
+
parts = version.split(".")
|
|
102
|
+
parts = parts.fill(0, parts.length...3)
|
|
103
|
+
first_non_zero = parts.find { |d| d != "0" }
|
|
104
|
+
first_non_zero_index =
|
|
105
|
+
first_non_zero ? parts.index(first_non_zero) : parts.count - 1
|
|
106
|
+
upper_bound = parts.map.with_index do |part, i|
|
|
107
|
+
if i < first_non_zero_index then part
|
|
108
|
+
elsif i == first_non_zero_index then (part.to_i + 1).to_s
|
|
109
|
+
elsif i > first_non_zero_index && i == 2 then "0.a"
|
|
110
|
+
else 0
|
|
111
|
+
end
|
|
112
|
+
end.join(".")
|
|
113
|
+
|
|
114
|
+
[">= #{version}", "< #{upper_bound}"]
|
|
115
|
+
end
|
|
116
|
+
|
|
117
|
+
def convert_wildcard(req_string)
|
|
118
|
+
# Note: This isn't perfect. It replaces the "!= 1.0.*" case with
|
|
119
|
+
# "!= 1.0.0". There's no way to model this correctly in Ruby :'(
|
|
120
|
+
req_string.
|
|
121
|
+
split(".").
|
|
122
|
+
first(req_string.split(".").index("*") + 1).
|
|
123
|
+
join(".").
|
|
124
|
+
tr("*", "0").
|
|
125
|
+
gsub(/^(?<!!)=*/, "~>")
|
|
126
|
+
end
|
|
127
|
+
end
|
|
128
|
+
end
|
|
129
|
+
end
|
|
130
|
+
end
|
|
@@ -0,0 +1,88 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
# Python versions can include a local version identifier, which Ruby can't
|
|
4
|
+
# parser. This class augments Gem::Version with local version identifier info.
|
|
5
|
+
# See https://www.python.org/dev/peps/pep-0440 for details.
|
|
6
|
+
|
|
7
|
+
module Dependabot
|
|
8
|
+
module Utils
|
|
9
|
+
module Python
|
|
10
|
+
class Version < Gem::Version
|
|
11
|
+
attr_reader :local_version
|
|
12
|
+
|
|
13
|
+
VERSION_PATTERN = '[0-9]+[0-9a-zA-Z]*(?>\.[0-9a-zA-Z]+)*' \
|
|
14
|
+
'(-[0-9A-Za-z-]+(\.[0-9a-zA-Z-]+)*)?' \
|
|
15
|
+
'(\+[0-9a-zA-Z]+(\.[0-9a-zA-Z]+)*)?'
|
|
16
|
+
ANCHORED_VERSION_PATTERN = /\A\s*(#{VERSION_PATTERN})?\s*\z/.freeze
|
|
17
|
+
|
|
18
|
+
def self.correct?(version)
|
|
19
|
+
return false if version.nil?
|
|
20
|
+
|
|
21
|
+
version.to_s.match?(ANCHORED_VERSION_PATTERN)
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
def initialize(version)
|
|
25
|
+
@version_string = version.to_s
|
|
26
|
+
version, @local_version = version.split("+")
|
|
27
|
+
version ||= ""
|
|
28
|
+
version = normalise_prerelease(version)
|
|
29
|
+
if @local_version
|
|
30
|
+
@local_version = normalise_prerelease(@local_version)
|
|
31
|
+
end
|
|
32
|
+
super
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
def to_s
|
|
36
|
+
@version_string
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
def inspect # :nodoc:
|
|
40
|
+
"#<#{self.class} #{@version_string}>"
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
def <=>(other)
|
|
44
|
+
version_comparison = super(other)
|
|
45
|
+
return version_comparison unless version_comparison.zero?
|
|
46
|
+
|
|
47
|
+
unless other.is_a?(Utils::Python::Version)
|
|
48
|
+
return local_version.nil? ? 0 : 1
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
# Local version comparison works differently in Python: `1.0.beta`
|
|
52
|
+
# compares as greater than `1.0`. To accommodate, we make the
|
|
53
|
+
# strings the same length before comparing.
|
|
54
|
+
lhsegments = local_version.to_s.split(".").map(&:downcase)
|
|
55
|
+
rhsegments = other.local_version.to_s.split(".").map(&:downcase)
|
|
56
|
+
limit = [lhsegments.count, rhsegments.count].min
|
|
57
|
+
|
|
58
|
+
lhs = ["1", *lhsegments.first(limit)].join(".")
|
|
59
|
+
rhs = ["1", *rhsegments.first(limit)].join(".")
|
|
60
|
+
|
|
61
|
+
local_comparison = Gem::Version.new(lhs) <=> Gem::Version.new(rhs)
|
|
62
|
+
|
|
63
|
+
return local_comparison unless local_comparison.zero?
|
|
64
|
+
|
|
65
|
+
lhsegments.count <=> rhsegments.count
|
|
66
|
+
end
|
|
67
|
+
|
|
68
|
+
private
|
|
69
|
+
|
|
70
|
+
def normalise_prerelease(version)
|
|
71
|
+
# Python has reserved words for release states, which are treated
|
|
72
|
+
# as equal (e.g., preview, pre and rc).
|
|
73
|
+
# Further, Python treats dashes as a separator between version
|
|
74
|
+
# parts and treats the alphabetical characters in strings as the
|
|
75
|
+
# start of a new version part (so 1.1a2 == 1.1.alpha.2).
|
|
76
|
+
version.
|
|
77
|
+
gsub("alpha", "a").
|
|
78
|
+
gsub("beta", "b").
|
|
79
|
+
gsub("preview", "rc").
|
|
80
|
+
gsub("pre", "rc").
|
|
81
|
+
gsub(/([\d.\-_])c([\d.\-_])?/, '\1rc\2').
|
|
82
|
+
tr("-", ".").
|
|
83
|
+
gsub(/(\d)([a-z])/i, '\1.\2')
|
|
84
|
+
end
|
|
85
|
+
end
|
|
86
|
+
end
|
|
87
|
+
end
|
|
88
|
+
end
|