update filters properly and fix issues.

kbukum1 · kbukum1 · commit 03520f1250a3 · 2025-04-14T20:26:30.000-07:00
diff --git a/common/lib/dependabot/package/package_latest_version_finder.rb b/common/lib/dependabot/package/package_latest_version_finder.rb
@@ -121,16 +121,16 @@ def available_versions
           .returns(T.nilable(Dependabot::Version))
       end
       def fetch_latest_version(language_version: nil)
-        version_hashes = available_versions
-        return unless version_hashes
-
-        version_hashes = filter_yanked_versions(version_hashes)
-        version_hashes = filter_by_cooldown(version_hashes)
-        versions = filter_unsupported_versions(version_hashes, language_version)
-        versions = filter_prerelease_versions(versions)
-        versions = filter_ignored_versions(versions)
-        versions = apply_post_fetch_latest_versions_filter(versions)
-        versions.max_by(&:version)&.version
+        releases = available_versions
+        return unless releases
+
+        releases = filter_yanked_versions(releases)
+        releases = filter_by_cooldown(releases)
+        releases = filter_unsupported_versions(releases, language_version)
+        releases = filter_prerelease_versions(releases)
+        releases = filter_ignored_versions(releases)
+        releases = apply_post_fetch_latest_versions_filter(releases)
+        releases.max_by(&:version)&.version
       end
 
       sig do
diff --git a/common/lib/dependabot/package/package_release.rb b/common/lib/dependabot/package/package_release.rb
@@ -84,6 +84,20 @@ def initialize(
       def yanked?
         @yanked
       end
+
+      # Overriding the `==` method to compare two PackageRelease objects based on version
+      sig { params(other: Object).returns(T::Boolean) }
+      def ==(other)
+        # Ensure other is a PackageRelease object and compare versions
+        return false unless other.is_a?(PackageRelease)
+
+        version == other.version
+      end
+
+      sig { returns(String) }
+      def to_s
+        version.to_s
+      end
     end
   end
 end
diff --git a/common/spec/dependabot/package/package_latest_version_finder_spec.rb b/common/spec/dependabot/package/package_latest_version_finder_spec.rb
@@ -42,7 +42,7 @@ def package_details
         language = if release[:language]
                      Dependabot::Package::PackageLanguage.new(
                        name: release[:language].fetch(:name, ""),
-                       version: release[:language].fetch(:version, nil)&.then { |v| Dependabot::Version.new(v) },
+                       version: release[:language].fetch(:version, nil)&.then { |v| TestVersion.new(v) },
                        requirement: release[:language].fetch(:requirement, nil)&.then do |r|
                          TestRequirement.new(r)
                        end
@@ -266,7 +266,7 @@ def package_details
   describe "#latest_version" do
     subject(:latest_version) { finder.latest_version }
 
-    it { is_expected.to eq(Gem::Version.new("7.0.0")) }
+    it { is_expected.to eq(TestVersion.new("7.0.0")) }
 
     context "when all supported versions are ignored" do
       let(:ignored_versions) { ["7.0.0", "6.1.4", "6.0.2", "6.0.0"] }
@@ -286,7 +286,7 @@ def package_details
       end
 
       it "ignores prerelease versions" do
-        expect(latest_version).to eq(Gem::Version.new("7.0.0"))
+        expect(latest_version).to eq(TestVersion.new("7.0.0"))
       end
 
       context "when prereleases are allowed" do
@@ -295,7 +295,7 @@ def package_details
         end
 
         it "selects the highest prerelease version" do
-          expect(latest_version).to eq(Gem::Version.new("7.0.0"))
+          expect(latest_version).to eq(TestVersion.new("7.0.0"))
         end
       end
     end
@@ -305,29 +305,29 @@ def package_details
     subject(:latest_version_with_no_unlock) { finder.latest_version_with_no_unlock }
 
     context "when no constraints are present" do
-      it { is_expected.to eq(Gem::Version.new("7.0.0")) }
+      it { is_expected.to eq(TestVersion.new("7.0.0")) }
     end
 
     context "with an exact version requirement" do
       let(:dependency_requirements) do
         [{ file: "Gemfile", requirement: "=6.0.2", groups: [], source: nil }]
       end
 
-      it { is_expected.to eq(Gem::Version.new("6.0.2")) }
+      it { is_expected.to eq(TestVersion.new("6.0.2")) }
     end
 
     context "with an upper bound restriction" do
       let(:dependency_requirements) do
         [{ file: "Gemfile", requirement: ">=6.0.0,<7.0.0", groups: [], source: nil }]
       end
 
-      it { is_expected.to eq(Gem::Version.new("6.1.4")) }
+      it { is_expected.to eq(TestVersion.new("6.1.4")) }
     end
 
     context "when ignored versions affect the latest selection" do
       let(:ignored_versions) { ["7.0.0"] }
 
-      it { is_expected.to eq(Gem::Version.new("6.1.4")) }
+      it { is_expected.to eq(TestVersion.new("6.1.4")) }
     end
   end
 
@@ -344,7 +344,7 @@ def package_details
       ]
     end
 
-    it { is_expected.to eq(Gem::Version.new("6.0.2")) }
+    it { is_expected.to eq(TestVersion.new("6.0.2")) }
 
     context "when no non-vulnerable versions exist" do
       let(:available_releases) do
@@ -356,23 +356,26 @@ def package_details
   end
 
   describe "version filtering" do
-    subject(:filtered_versions) { finder.send(:filter_ignored_versions, versions) }
+    subject(:filtered_versions) { finder.send(:filter_ignored_versions, releases) }
 
-    let(:versions) { [Gem::Version.new("7.0.0"), Gem::Version.new("6.1.4"), Gem::Version.new("6.0.2")] }
+    let(:r1) { Dependabot::Package::PackageRelease.new(version: TestVersion.new("7.0.0")) }
+    let(:r2) { Dependabot::Package::PackageRelease.new(version: TestVersion.new("6.1.4")) }
+    let(:r3) { Dependabot::Package::PackageRelease.new(version: TestVersion.new("6.0.2")) }
+    let(:releases) { [r1, r2, r3] }
 
     context "when no ignored versions are specified" do
       let(:ignored_versions) { [] }
 
       it "returns all versions" do
-        expect(filtered_versions).to eq(versions)
+        expect(filtered_versions).to eq(releases)
       end
     end
 
     context "when ignoring a specific version" do
       let(:ignored_versions) { ["7.0.0"] }
 
       it "removes the ignored version" do
-        expect(filtered_versions).to eq([Gem::Version.new("6.1.4"), Gem::Version.new("6.0.2")])
+        expect(filtered_versions).to eq([r2, r3])
       end
     end
 
diff --git a/common/spec/spec_helper.rb b/common/spec/spec_helper.rb
@@ -211,3 +211,8 @@ def initialize(constraint_string)
     super(requirements)
   end
 end
+
+# Define an anonymous subclass of Dependabot::Requirement for testing purposes
+TestVersion = Class.new(Dependabot::Version) do
+  # Initialize with a version string
+end
