RubyGems - dependabot-common - Versions diffs - 0.272.0 → 0.274.0 - Mend

dependabot-common 0.272.0 → 0.274.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

checksums.yaml +4 -4
data/lib/dependabot/notices.rb +91 -49
data/lib/dependabot/pull_request_creator/branch_namer/base.rb +32 -9
data/lib/dependabot/pull_request_creator/branch_namer/dependency_group_strategy.rb +3 -1
data/lib/dependabot/pull_request_creator/branch_namer.rb +8 -1
data/lib/dependabot/pull_request_creator/message_builder.rb +1 -2
data/lib/dependabot/pull_request_creator.rb +9 -3
data/lib/dependabot.rb +1 -1
metadata +3 -3

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 317e2fbaa5340fe4a995a419da5ace365912a1a47de42ebc79adf23cc704b98c
-  data.tar.gz: 214d238bc3b6de57972e5676aac6e6b837187fb6fee5c050d673257ed751ef9c
+  metadata.gz: b66339af7fa82be186be4ee8d99c24b172a12a4f2233da1bebe2817f154066bf
+  data.tar.gz: eeec78de4dda472c4a53845919ff52a047569cbc57591fd413be347ccce48d0c
 SHA512:
-  metadata.gz: 64b49b8b1dec8d348b62090c5d67b5793f1ded64126b493fbc848aea8075ccaaa2c852cf14702bfd3bcea4c26b79a0e99cfe54f9d0a7f326af8a97aa2f53bd34
-  data.tar.gz: e1020c4794c5ca79434d4c488d20f565fbc6b0694f03def3e948700803aa46fa6ecfa19bdf740b83b68764bd9624c46496e51fe8dddecebeda6b1d6afe9370ad
+  metadata.gz: 785f6759f110b6fe1ddbe90140f11a5232765af5d89e61d375cb6c65bbfa5638d465da7881cea0c500a11a01ea91771466fab3e27a38023d88132455df3b85a7
+  data.tar.gz: 85c60d21f9a03997bf4b18dd8048c05934a6a01e755bce68e3adbea553662d62d16c24610103731c9d6e145030dcf67730f3961c9aefce9a893ae3da782c6d4b

data/lib/dependabot/notices.rb CHANGED Viewed

@@ -6,32 +6,51 @@ require "dependabot/package_manager"
 module Dependabot
   class Notice
+    module NoticeMode
+      INFO = "INFO"
+      WARN = "WARN"
+      ERROR = "ERROR"
+    end
     extend T::Sig
     sig { returns(String) }
-    attr_reader :mode, :type, :package_manager_name, :message, :markdown
+    attr_reader :mode, :type, :package_manager_name, :title, :description
+    sig { returns(T::Boolean) }
+    attr_reader :show_in_pr, :show_alert
     # Initializes a new Notice object.
     # @param mode [String] The mode of the notice (e.g., "WARN", "ERROR").
     # @param type [String] The type of the notice (e.g., "bundler_deprecated_warn").
     # @param package_manager_name [String] The name of the package manager (e.g., "bundler").
-    # @param message [String] The main message of the notice.
-    # @param markdown [String] The markdown formatted message.
+    # @param title [String] The title of the notice.
+    # @param description [String] The main description of the notice.
+    # @param show_in_pr [Boolean] Whether the notice should be shown in a pull request.
+    # @param show_alert [Boolean] Whether the notice should be shown in alerts.
     sig do
       params(
         mode: String,
         type: String,
         package_manager_name: String,
-        message: String,
-        markdown: String
+        title: String,
+        description: String,
+        show_in_pr: T::Boolean,
+        show_alert: T::Boolean
       ).void
     end
-    def initialize(mode:, type:, package_manager_name:, message: "", markdown: "")
+    def initialize(
+      mode:, type:, package_manager_name:,
+      title: "", description: "",
+      show_in_pr: false, show_alert: false
+    )
       @mode = mode
       @type = type
       @package_manager_name = package_manager_name
-      @message = message
-      @markdown = markdown
+      @title = title
+      @description = description
+      @show_in_pr = show_in_pr
+      @show_alert = show_alert
     end
     # Converts the Notice object to a hash.
@@ -42,23 +61,25 @@ module Dependabot
         mode: @mode,
         type: @type,
         package_manager_name: @package_manager_name,
-        message: @message,
-        markdown: @markdown
+        title: @title,
+        description: @description,
+        show_in_pr: @show_in_pr,
+        show_alert: @show_alert
       }
     end
-    # Generates a message for supported versions.
+    # Generates a description for supported versions.
     # @param supported_versions [Array<Dependabot::Version>, nil] The supported versions of the package manager.
     # @param support_later_versions [Boolean] Whether later versions are supported.
-    # @return [String, nil] The generated message or nil if no supported versions are provided.
+    # @return [String, nil] The generated description or nil if no supported versions are provided.
     sig do
       params(
         supported_versions: T.nilable(T::Array[Dependabot::Version]),
         support_later_versions: T::Boolean
       ).returns(String)
     end
-    def self.generate_supported_versions_message(supported_versions, support_later_versions)
-      return "" unless supported_versions&.any?
+    def self.generate_supported_versions_description(supported_versions, support_later_versions)
+      return "Please upgrade your package manager version" unless supported_versions&.any?
       versions_string = supported_versions.map { |version| "`v#{version}`" }
@@ -66,11 +87,11 @@ module Dependabot
       versions_string = versions_string.join(", ")
-      later_message = support_later_versions ? ", or later" : ""
+      later_description = support_later_versions ? ", or later" : ""
-      return "Please upgrade to version #{versions_string}#{later_message}." if supported_versions.count == 1
+      return "Please upgrade to version #{versions_string}#{later_description}." if supported_versions.count == 1
-      "Please upgrade to one of the following versions: #{versions_string}#{later_message}."
+      "Please upgrade to one of the following versions: #{versions_string}#{later_description}."
     end
     # Generates a support notice for the given package manager.
@@ -100,30 +121,26 @@ module Dependabot
     def self.generate_pm_deprecation_notice(package_manager)
       return nil unless package_manager.deprecated?
-      mode = "WARN"
-      supported_versions_message = generate_supported_versions_message(
+      mode = NoticeMode::WARN
+      supported_versions_description = generate_supported_versions_description(
         package_manager.supported_versions,
         package_manager.support_later_versions?
       )
-      notice_type = "#{package_manager.name}_deprecated_#{mode.downcase}"
-      message = "Dependabot will stop supporting `#{package_manager.name} v#{package_manager.version}`!"
-      ## Create a warning markdown message
-      markdown = "> [!WARNING]\n"
-      ## Add the deprecation warning to the message
-      markdown += "> #{message}\n>\n"
-      ## Add the supported versions to the message
-      unless supported_versions_message.empty?
-        message += "\n#{supported_versions_message}\n"
-        markdown += "> #{supported_versions_message}\n>\n"
-      end
+      notice_type = "#{package_manager.name}_deprecated_warn"
+      title = "Package manager deprecation notice"
+      description = "Dependabot will stop supporting `#{package_manager.name} v#{package_manager.version}`!"
+      ## Add the supported versions to the description
+      description += "\n\n#{supported_versions_description}\n" unless supported_versions_description.empty?
       Notice.new(
         mode: mode,
         type: notice_type,
         package_manager_name: package_manager.name,
-        message: message,
-        markdown: markdown
+        title: title,
+        description: description,
+        show_in_pr: true,
+        show_alert: true
       )
     end
@@ -138,31 +155,56 @@ module Dependabot
     def self.generate_pm_unsupported_notice(package_manager)
       return nil unless package_manager.unsupported?
-      mode = "ERROR"
-      supported_versions_message = generate_supported_versions_message(
+      mode = NoticeMode::ERROR
+      supported_versions_description = generate_supported_versions_description(
         package_manager.supported_versions,
         package_manager.support_later_versions?
       )
-      notice_type = "#{package_manager.name}_unsupported_#{mode.downcase}"
-      message = "Dependabot no longer supports `#{package_manager.name} v#{package_manager.version}`!"
-      ## Create an error markdown message
-      markdown = "> [!IMPORTANT]\n"
-      ## Add the error message to the message
-      markdown += "> #{message}\n>\n"
-      ## Add the supported versions to the message
-      unless supported_versions_message.empty?
-        message += "\n#{supported_versions_message}\n"
-        markdown += "> #{supported_versions_message}\n>\n"
-      end
+      notice_type = "#{package_manager.name}_unsupported_error"
+      title = "Package manager unsupported notice"
+      description = "Dependabot no longer supports `#{package_manager.name} v#{package_manager.version}`!"
+      ## Add the supported versions to the description
+      description += "\n\n#{supported_versions_description}\n" unless supported_versions_description.empty?
       Notice.new(
         mode: mode,
         type: notice_type,
         package_manager_name: package_manager.name,
-        message: message,
-        markdown: markdown
+        title: title,
+        description: description,
+        show_in_pr: true,
+        show_alert: true
       )
     end
+    sig { params(notice: Notice).returns(T.nilable(String)) }
+    def self.markdown_from_description(notice)
+      description = notice.description
+      return if description.empty?
+      markdown = "> [!#{markdown_mode(notice.mode)}]\n"
+      # Log each non-empty line of the deprecation notice description
+      description.each_line do |line|
+        line = line.strip
+        markdown += "> #{line}\n"
+      end
+      markdown
+    end
+    sig { params(mode: String).returns(String) }
+    def self.markdown_mode(mode)
+      case mode
+      when NoticeMode::INFO
+        "INFO"
+      when NoticeMode::WARN
+        "WARNING"
+      when NoticeMode::ERROR
+        "IMPORTANT"
+      else
+        "INFO"
+      end
+    end
   end
 end

data/lib/dependabot/pull_request_creator/branch_namer/base.rb CHANGED Viewed

@@ -18,6 +18,9 @@ module Dependabot
         sig { returns(T.nilable(String)) }
         attr_reader :target_branch
+        sig { returns(T::Array[String]) }
+        attr_reader :existing_branches
         sig { returns(String) }
         attr_reader :separator
@@ -32,20 +35,22 @@ module Dependabot
             dependencies: T::Array[Dependency],
             files: T::Array[DependencyFile],
             target_branch: T.nilable(String),
+            existing_branches: T::Array[String],
             separator: String,
             prefix: String,
             max_length: T.nilable(Integer)
           )
             .void
         end
-        def initialize(dependencies:, files:, target_branch:, separator: "/",
-                       prefix: "dependabot", max_length: nil)
-          @dependencies  = dependencies
-          @files         = files
-          @target_branch = target_branch
-          @separator     = separator
-          @prefix        = prefix
-          @max_length    = max_length
+        def initialize(dependencies:, files:, target_branch:, existing_branches: [],
+                       separator: "/", prefix: "dependabot", max_length: nil)
+          @dependencies      = dependencies
+          @files             = files
+          @target_branch     = target_branch
+          @existing_branches = existing_branches
+          @separator         = separator
+          @prefix            = prefix
+          @max_length        = max_length
         end
         sig { overridable.returns(String) }
@@ -69,7 +74,25 @@ module Dependabot
             sanitized_name[[T.must(max_length) - sha.size, 0].max..] = sha
           end
-          sanitized_name
+          if Dependabot::Experiments.enabled?(:dedup_branch_names)
+            dedup_existing_branches(sanitized_name)
+          else
+            sanitized_name
+          end
+        end
+        sig { params(ref: String).returns(String) }
+        def dedup_existing_branches(ref)
+          return ref unless existing_branches.include?(ref)
+          i = 1
+          new_ref = "#{ref}-#{i}"
+          while existing_branches.include?(new_ref)
+            i += 1
+            new_ref = "#{ref}-#{i}"
+          end
+          new_ref
         end
         sig { params(ref: String).returns(String) }

data/lib/dependabot/pull_request_creator/branch_namer/dependency_group_strategy.rb CHANGED Viewed

@@ -17,6 +17,7 @@ module Dependabot
             target_branch: T.nilable(String),
             dependency_group: Dependabot::DependencyGroup,
             includes_security_fixes: T::Boolean,
+            existing_branches: T::Array[String],
             separator: String,
             prefix: String,
             max_length: T.nilable(Integer)
@@ -24,11 +25,12 @@ module Dependabot
             .void
         end
         def initialize(dependencies:, files:, target_branch:, dependency_group:, includes_security_fixes:,
-                       separator: "/", prefix: "dependabot", max_length: nil)
+                       existing_branches: [], separator: "/", prefix: "dependabot", max_length: nil)
           super(
             dependencies: dependencies,
             files: files,
             target_branch: target_branch,
+            existing_branches: existing_branches,
             separator: separator,
             prefix: prefix,
             max_length: max_length,

data/lib/dependabot/pull_request_creator/branch_namer.rb CHANGED Viewed

@@ -23,6 +23,9 @@ module Dependabot
       sig { returns(T.nilable(String)) }
       attr_reader :target_branch
+      sig { returns(T::Array[String]) }
+      attr_reader :existing_branches
       sig { returns(String) }
       attr_reader :separator
@@ -44,6 +47,7 @@ module Dependabot
           files: T::Array[Dependabot::DependencyFile],
           target_branch: T.nilable(String),
           dependency_group: T.nilable(Dependabot::DependencyGroup),
+          existing_branches: T::Array[String],
           separator: String,
           prefix: String,
           max_length: T.nilable(Integer),
@@ -51,12 +55,13 @@ module Dependabot
         )
           .void
       end
-      def initialize(dependencies:, files:, target_branch:, dependency_group: nil,
+      def initialize(dependencies:, files:, target_branch:, dependency_group: nil, existing_branches: [],
                      separator: "/", prefix: "dependabot", max_length: nil, includes_security_fixes: false)
         @dependencies  = dependencies
         @files         = files
         @target_branch = target_branch
         @dependency_group = dependency_group
+        @existing_branches = existing_branches
         @separator     = separator
         @prefix        = prefix
         @max_length    = max_length
@@ -78,6 +83,7 @@ module Dependabot
               dependencies: dependencies,
               files: files,
               target_branch: target_branch,
+              existing_branches: existing_branches,
               separator: separator,
               prefix: prefix,
               max_length: max_length
@@ -89,6 +95,7 @@ module Dependabot
               target_branch: target_branch,
               dependency_group: T.must(dependency_group),
               includes_security_fixes: includes_security_fixes,
+              existing_branches: existing_branches,
               separator: separator,
               prefix: prefix,
               max_length: max_length

data/lib/dependabot/pull_request_creator/message_builder.rb CHANGED Viewed

@@ -143,8 +143,7 @@ module Dependabot
       def pr_notices
         notices = @notices || []
         unique_messages = notices.filter_map do |notice|
-          markdown = notice.markdown if notice
-          markdown unless markdown.empty?
+          Dependabot::Notice.markdown_from_description(notice) if notice.show_in_pr
         end.uniq
         message = unique_messages.join("\n\n")

data/lib/dependabot/pull_request_creator.rb CHANGED Viewed

@@ -115,6 +115,9 @@ module Dependabot
     sig { returns(T.nilable(T.any(T::Array[String], Integer))) }
     attr_reader :milestone
+    sig { returns(T::Array[String]) }
+    attr_reader :existing_branches
     sig { returns(String) }
     attr_reader :branch_name_separator
@@ -159,6 +162,7 @@ module Dependabot
         reviewers: Reviewers,
         assignees: T.nilable(T.any(T::Array[String], T::Array[Integer])),
         milestone: T.nilable(T.any(T::Array[String], Integer)),
+        existing_branches: T::Array[String],
         branch_name_separator: String,
         branch_name_prefix: String,
         branch_name_max_length: T.nilable(Integer),
@@ -182,9 +186,9 @@ module Dependabot
                    custom_labels: nil, author_details: nil, signature_key: nil,
                    commit_message_options: {}, vulnerabilities_fixed: {},
                    reviewers: nil, assignees: nil, milestone: nil,
-                   branch_name_separator: "/", branch_name_prefix: "dependabot",
-                   branch_name_max_length: nil, label_language: false,
-                   automerge_candidate: false,
+                   existing_branches: [], branch_name_separator: "/",
+                   branch_name_prefix: "dependabot", branch_name_max_length: nil,
+                   label_language: false, automerge_candidate: false,
                    github_redirection_service: DEFAULT_GITHUB_REDIRECTION_SERVICE,
                    custom_headers: nil, require_up_to_date_base: false,
                    provider_metadata: {}, message: nil, dependency_group: nil, pr_message_max_length: nil,
@@ -204,6 +208,7 @@ module Dependabot
       @assignees                  = assignees
       @milestone                  = milestone
       @vulnerabilities_fixed      = vulnerabilities_fixed
+      @existing_branches          = existing_branches
       @branch_name_separator      = branch_name_separator
       @branch_name_prefix         = branch_name_prefix
       @branch_name_max_length     = branch_name_max_length
@@ -397,6 +402,7 @@ module Dependabot
           files: files,
           target_branch: source.branch,
           dependency_group: dependency_group,
+          existing_branches: existing_branches,
           separator: branch_name_separator,
           prefix: branch_name_prefix,
           max_length: branch_name_max_length,

data/lib/dependabot.rb CHANGED Viewed

@@ -2,5 +2,5 @@
 # frozen_string_literal: true
 module Dependabot
-  VERSION = "0.272.0"
+  VERSION = "0.274.0"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-common
 version: !ruby/object:Gem::Version
-  version: 0.272.0
+  version: 0.274.0
 platform: ruby
 authors:
 - Dependabot
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-08-22 00:00:00.000000000 Z
+date: 2024-09-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-codecommit
@@ -600,7 +600,7 @@ licenses:
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.272.0
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.274.0
 post_install_message:
 rdoc_options: []
 require_paths: