File updaters update a dependency file to use the latest version of a given dependency. They rely on information provided to them by update checkers.
There is a Dependabot::FileUpdaters class for each language Dependabot
supports.
Each Dependabot::FileUpdaters class implements the following methods:
| Method | Description |
|---|---|
.updated_files_regex |
An array of regular expressions matching the names of the files this class updates. Intended to be used by integrators when checking whether a commit may cause merge-conflicts with a dependency update pull request. |
#updated_dependency_files |
Returns an array of updated Dependabot::DependencyFile instances, with their content updated to include the updated dependency. |
An integration might look as follows:
require 'dependabot/file_updaters'
unless update_checker.can_update?(requirements_to_update: :own)
raise "Dependency doesn't need update!"
end
dependencies = update_checker.updated_dependencies(requirements_to_update: :own)
file_updater_class = Dependabot::FileUpdaters::Ruby::Bundler
file_updater = file_updater_class.new(
dependencies: dependencies,
dependency_files: files,
credentials: [{
"type" => "git_source",
"host" => "github.com",
"username" => "x-access-token",
"password" => "token"
}]
)
file_updater.updated_dependency_files.each do |file|
puts "Updated #{file.name} with new content:\n\n#{file.content}"
endAll new file updaters should inherit from Dependabot::FileUpdaters::Base and
implement the following methods:
| Method | Description |
|---|---|
.updated_files_regex |
See Public API section. |
#updated_dependency_files |
See Public API section. |
To ensure the above are implemented, you should include
it_behaves_like "a dependency file updater" in your specs for the new file
updater.