class Dependabot::SecurityAdvisory

def vulnerable?(version)

def vulnerable?(version)
  in_safe_range = safe_versions
                  .any? { |r| r.satisfied_by?(version) }
  # If version is known safe for this advisory, it's not vulnerable
  return false if in_safe_range
  in_vulnerable_range = vulnerable_versions
                        .any? { |r| r.satisfied_by?(version) }
  # If in the vulnerable range and not known safe, it's vulnerable
  return true if in_vulnerable_range
  # If a vulnerable range present but not met, it's not vulnerable
  return false if vulnerable_versions.any?
  # Finally, if no vulnerable range provided, but a safe range provided,
  # and this versions isn't included (checked earlier), it's vulnerable
  safe_versions.any?
end

Extended Modules

Dependabot::SecurityAdvisory::T::Sig

Instance Methods

# affects_version?
# check_version_requirements
# convert_string_version_requirements
# fixed_by?
# initialize
# requirement_class
# version_class
# vulnerable?