class Dependabot::SecurityAdvisory

def affects_version?(version)

def affects_version?(version)
  return false unless version_class.correct?(version)
  return false unless [*safe_versions, *vulnerable_versions].any?
  version = version_class.new(version)
  # If version is known safe for this advisory, it's not vulnerable
  return false if safe_versions.any? { |r| r.satisfied_by?(version) }
  # If in the vulnerable range and not known safe, it's vulnerable
  return true if vulnerable_versions.any? { |r| r.satisfied_by?(version) }
  # If a vulnerable range present but not met, it's not vulnerable
  return false if vulnerable_versions.any?
  # Finally, if no vulnerable range provided, but a safe range provided,
  # and this versions isn't included (checked earlier), it's vulnerable
  safe_versions.any?
end

Extended Modules

Dependabot::SecurityAdvisory::T::Sig

Instance Methods

# affects_version?
# check_version_requirements
# convert_string_version_requirements
# fixed_by?
# initialize
# requirement_class
# version_class
# vulnerable?