RubyGems - dependabot-common - Versions diffs - 0.169.0 → 0.169.4 - Mend

dependabot-common 0.169.0 → 0.169.4

Files changed (4) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b69cf25533f4218407e3e5581b6ecc414f8f6c44e14dfbb6b81609bc454e7ae1
-  data.tar.gz: 0cb7b69d15ad3d1e3a72a3e3db4b482c7412ea323376ab26fe37dda7855eefa3
+  metadata.gz: d3cf73a6aa2da602e4b4ff963280039afae244d61818b695cd4b121d4cca1746
+  data.tar.gz: d447c6a0ea4049e886fa57efd77558e111a33947583bd7d4eac0263af3a48fb3
 SHA512:
-  metadata.gz: 445762adea434c028ad7de6eb5f0e4e20602a35ffca40ad31b755b4d17832b3ffb8b52dedbf9b20a0c5876e4876683360dface607a946205e53bf6f2f64d771c
-  data.tar.gz: 5af51494acbd8abe2ccd2654e611816352de52c0ffded03528ab753185a2c1a576da896f83c0bad1354aa6f6e20e660945bdbf0cf668a1880a19953b170edb92
+  metadata.gz: 9e2b9e0ee7db5cad8bfc0bafa0ab92919a98121de4285c26c4f6fe6e4d5d705543293be971486ccd30df53be14244214fe8ec8396b4443f79c7d5ab12f9e99b0
+  data.tar.gz: 7381b329f5565fc1017ee124acadb183814636513dbe1a15a44e5d3559ac2f2742bbe4cec2bb693c6058b6e41b1bc3c3399fe6a7a61ae5dd5e290a5126ee6727

@@ -9,6 +9,8 @@ module Dependabot
   class PullRequestCreator
     # rubocop:disable Metrics/ClassLength
     class Github
+      MAX_PR_DESCRIPTION_LENGTH = 65_536 # characters (see #create_pull_request)
       attr_reader :source, :branch_name, :base_commit, :credentials,
                   :files, :pr_description, :pr_name, :commit_message,
                   :author_details, :signature_key, :custom_headers,
@@ -347,6 +349,18 @@ module Dependabot
       end
       def create_pull_request
+        # Limit PR description to MAX_PR_DESCRIPTION_LENGTH (65,536) characters
+        # and truncate with message if over. The API limit is 262,144 bytes
+        # (https://github.community/t/maximum-length-for-the-comment-body-in-issues-and-pr/148867/2).
+        # As Ruby strings are UTF-8 encoded, this is a pessimistic limit: it
+        # presumes the case where all characters are 4 bytes.
+        pr_description = @pr_description.dup
+        if pr_description && pr_description.length > MAX_PR_DESCRIPTION_LENGTH
+          truncated_msg = "...\n\n_Description has been truncated_"
+          truncate_length = MAX_PR_DESCRIPTION_LENGTH - truncated_msg.length
+          pr_description = (pr_description[0, truncate_length] + truncated_msg)
+        end
         github_client_for_source.create_pull_request(
           source.repo,
           target_branch,

data/lib/dependabot/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Dependabot
-  VERSION = "0.169.0"
+  VERSION = "0.169.4"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-common
 version: !ruby/object:Gem::Version
-  version: 0.169.0
+  version: 0.169.4
 platform: ruby
 authors:
 - Dependabot
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-11-23 00:00:00.000000000 Z
+date: 2021-12-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -469,7 +469,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: 2.7.3
 requirements: []
-rubygems_version: 3.2.22
+rubygems_version: 3.2.32
 signing_key:
 specification_version: 4
 summary: Shared code used between Dependabot package managers