dependabot-common 0.272.0 → 0.274.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/notices.rb +91 -49
  3. data/lib/dependabot/pull_request_creator/branch_namer/base.rb +32 -9
  4. data/lib/dependabot/pull_request_creator/branch_namer/dependency_group_strategy.rb +3 -1
  5. data/lib/dependabot/pull_request_creator/branch_namer.rb +8 -1
  6. data/lib/dependabot/pull_request_creator/message_builder.rb +1 -2
  7. data/lib/dependabot/pull_request_creator.rb +9 -3
  8. data/lib/dependabot.rb +1 -1
  9. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 317e2fbaa5340fe4a995a419da5ace365912a1a47de42ebc79adf23cc704b98c
4
- data.tar.gz: 214d238bc3b6de57972e5676aac6e6b837187fb6fee5c050d673257ed751ef9c
3
+ metadata.gz: b66339af7fa82be186be4ee8d99c24b172a12a4f2233da1bebe2817f154066bf
4
+ data.tar.gz: eeec78de4dda472c4a53845919ff52a047569cbc57591fd413be347ccce48d0c
5
5
  SHA512:
6
- metadata.gz: 64b49b8b1dec8d348b62090c5d67b5793f1ded64126b493fbc848aea8075ccaaa2c852cf14702bfd3bcea4c26b79a0e99cfe54f9d0a7f326af8a97aa2f53bd34
7
- data.tar.gz: e1020c4794c5ca79434d4c488d20f565fbc6b0694f03def3e948700803aa46fa6ecfa19bdf740b83b68764bd9624c46496e51fe8dddecebeda6b1d6afe9370ad
6
+ metadata.gz: 785f6759f110b6fe1ddbe90140f11a5232765af5d89e61d375cb6c65bbfa5638d465da7881cea0c500a11a01ea91771466fab3e27a38023d88132455df3b85a7
7
+ data.tar.gz: 85c60d21f9a03997bf4b18dd8048c05934a6a01e755bce68e3adbea553662d62d16c24610103731c9d6e145030dcf67730f3961c9aefce9a893ae3da782c6d4b
data/lib/dependabot/notices.rb CHANGED
@@ -6,32 +6,51 @@ require "dependabot/package_manager"
6
6
 
7
7
  module Dependabot
8
8
  class Notice
9
+ module NoticeMode
10
+ INFO = "INFO"
11
+ WARN = "WARN"
12
+ ERROR = "ERROR"
13
+ end
14
+
9
15
  extend T::Sig
10
16
 
11
17
  sig { returns(String) }
12
- attr_reader :mode, :type, :package_manager_name, :message, :markdown
18
+ attr_reader :mode, :type, :package_manager_name, :title, :description
19
+
20
+ sig { returns(T::Boolean) }
21
+ attr_reader :show_in_pr, :show_alert
13
22
 
14
23
  # Initializes a new Notice object.
15
24
  # @param mode [String] The mode of the notice (e.g., "WARN", "ERROR").
16
25
  # @param type [String] The type of the notice (e.g., "bundler_deprecated_warn").
17
26
  # @param package_manager_name [String] The name of the package manager (e.g., "bundler").
18
- # @param message [String] The main message of the notice.
19
- # @param markdown [String] The markdown formatted message.
27
+ # @param title [String] The title of the notice.
28
+ # @param description [String] The main description of the notice.
29
+ # @param show_in_pr [Boolean] Whether the notice should be shown in a pull request.
30
+ # @param show_alert [Boolean] Whether the notice should be shown in alerts.
20
31
  sig do
21
32
  params(
22
33
  mode: String,
23
34
  type: String,
24
35
  package_manager_name: String,
25
- message: String,
26
- markdown: String
36
+ title: String,
37
+ description: String,
38
+ show_in_pr: T::Boolean,
39
+ show_alert: T::Boolean
27
40
  ).void
28
41
  end
29
- def initialize(mode:, type:, package_manager_name:, message: "", markdown: "")
42
+ def initialize(
43
+ mode:, type:, package_manager_name:,
44
+ title: "", description: "",
45
+ show_in_pr: false, show_alert: false
46
+ )
30
47
  @mode = mode
31
48
  @type = type
32
49
  @package_manager_name = package_manager_name
33
- @message = message
34
- @markdown = markdown
50
+ @title = title
51
+ @description = description
52
+ @show_in_pr = show_in_pr
53
+ @show_alert = show_alert
35
54
  end
36
55
 
37
56
  # Converts the Notice object to a hash.
@@ -42,23 +61,25 @@ module Dependabot
42
61
  mode: @mode,
43
62
  type: @type,
44
63
  package_manager_name: @package_manager_name,
45
- message: @message,
46
- markdown: @markdown
64
+ title: @title,
65
+ description: @description,
66
+ show_in_pr: @show_in_pr,
67
+ show_alert: @show_alert
47
68
  }
48
69
  end
49
70
 
50
- # Generates a message for supported versions.
71
+ # Generates a description for supported versions.
51
72
  # @param supported_versions [Array<Dependabot::Version>, nil] The supported versions of the package manager.
52
73
  # @param support_later_versions [Boolean] Whether later versions are supported.
53
- # @return [String, nil] The generated message or nil if no supported versions are provided.
74
+ # @return [String, nil] The generated description or nil if no supported versions are provided.
54
75
  sig do
55
76
  params(
56
77
  supported_versions: T.nilable(T::Array[Dependabot::Version]),
57
78
  support_later_versions: T::Boolean
58
79
  ).returns(String)
59
80
  end
60
- def self.generate_supported_versions_message(supported_versions, support_later_versions)
61
- return "" unless supported_versions&.any?
81
+ def self.generate_supported_versions_description(supported_versions, support_later_versions)
82
+ return "Please upgrade your package manager version" unless supported_versions&.any?
62
83
 
63
84
  versions_string = supported_versions.map { |version| "`v#{version}`" }
64
85
 
@@ -66,11 +87,11 @@ module Dependabot
66
87
 
67
88
  versions_string = versions_string.join(", ")
68
89
 
69
- later_message = support_later_versions ? ", or later" : ""
90
+ later_description = support_later_versions ? ", or later" : ""
70
91
 
71
- return "Please upgrade to version #{versions_string}#{later_message}." if supported_versions.count == 1
92
+ return "Please upgrade to version #{versions_string}#{later_description}." if supported_versions.count == 1
72
93
 
73
- "Please upgrade to one of the following versions: #{versions_string}#{later_message}."
94
+ "Please upgrade to one of the following versions: #{versions_string}#{later_description}."
74
95
  end
75
96
 
76
97
  # Generates a support notice for the given package manager.
@@ -100,30 +121,26 @@ module Dependabot
100
121
  def self.generate_pm_deprecation_notice(package_manager)
101
122
  return nil unless package_manager.deprecated?
102
123
 
103
- mode = "WARN"
104
- supported_versions_message = generate_supported_versions_message(
124
+ mode = NoticeMode::WARN
125
+ supported_versions_description = generate_supported_versions_description(
105
126
  package_manager.supported_versions,
106
127
  package_manager.support_later_versions?
107
128
  )
108
- notice_type = "#{package_manager.name}_deprecated_#{mode.downcase}"
109
- message = "Dependabot will stop supporting `#{package_manager.name} v#{package_manager.version}`!"
110
- ## Create a warning markdown message
111
- markdown = "> [!WARNING]\n"
112
- ## Add the deprecation warning to the message
113
- markdown += "> #{message}\n>\n"
114
-
115
- ## Add the supported versions to the message
116
- unless supported_versions_message.empty?
117
- message += "\n#{supported_versions_message}\n"
118
- markdown += "> #{supported_versions_message}\n>\n"
119
- end
129
+ notice_type = "#{package_manager.name}_deprecated_warn"
130
+ title = "Package manager deprecation notice"
131
+ description = "Dependabot will stop supporting `#{package_manager.name} v#{package_manager.version}`!"
132
+
133
+ ## Add the supported versions to the description
134
+ description += "\n\n#{supported_versions_description}\n" unless supported_versions_description.empty?
120
135
 
121
136
  Notice.new(
122
137
  mode: mode,
123
138
  type: notice_type,
124
139
  package_manager_name: package_manager.name,
125
- message: message,
126
- markdown: markdown
140
+ title: title,
141
+ description: description,
142
+ show_in_pr: true,
143
+ show_alert: true
127
144
  )
128
145
  end
129
146
 
@@ -138,31 +155,56 @@ module Dependabot
138
155
  def self.generate_pm_unsupported_notice(package_manager)
139
156
  return nil unless package_manager.unsupported?
140
157
 
141
- mode = "ERROR"
142
- supported_versions_message = generate_supported_versions_message(
158
+ mode = NoticeMode::ERROR
159
+ supported_versions_description = generate_supported_versions_description(
143
160
  package_manager.supported_versions,
144
161
  package_manager.support_later_versions?
145
162
  )
146
- notice_type = "#{package_manager.name}_unsupported_#{mode.downcase}"
147
- message = "Dependabot no longer supports `#{package_manager.name} v#{package_manager.version}`!"
148
- ## Create an error markdown message
149
- markdown = "> [!IMPORTANT]\n"
150
- ## Add the error message to the message
151
- markdown += "> #{message}\n>\n"
152
-
153
- ## Add the supported versions to the message
154
- unless supported_versions_message.empty?
155
- message += "\n#{supported_versions_message}\n"
156
- markdown += "> #{supported_versions_message}\n>\n"
157
- end
163
+ notice_type = "#{package_manager.name}_unsupported_error"
164
+ title = "Package manager unsupported notice"
165
+ description = "Dependabot no longer supports `#{package_manager.name} v#{package_manager.version}`!"
166
+
167
+ ## Add the supported versions to the description
168
+ description += "\n\n#{supported_versions_description}\n" unless supported_versions_description.empty?
158
169
 
159
170
  Notice.new(
160
171
  mode: mode,
161
172
  type: notice_type,
162
173
  package_manager_name: package_manager.name,
163
- message: message,
164
- markdown: markdown
174
+ title: title,
175
+ description: description,
176
+ show_in_pr: true,
177
+ show_alert: true
165
178
  )
166
179
  end
180
+
181
+ sig { params(notice: Notice).returns(T.nilable(String)) }
182
+ def self.markdown_from_description(notice)
183
+ description = notice.description
184
+
185
+ return if description.empty?
186
+
187
+ markdown = "> [!#{markdown_mode(notice.mode)}]\n"
188
+ # Log each non-empty line of the deprecation notice description
189
+ description.each_line do |line|
190
+ line = line.strip
191
+ markdown += "> #{line}\n"
192
+ end
193
+ markdown
194
+ end
195
+
196
+ sig { params(mode: String).returns(String) }
197
+ def self.markdown_mode(mode)
198
+ case mode
199
+ when NoticeMode::INFO
200
+ "INFO"
201
+ when NoticeMode::WARN
202
+ "WARNING"
203
+ when NoticeMode::ERROR
204
+ "IMPORTANT"
205
+ else
206
+ "INFO"
207
+ end
208
+ end
167
209
  end
168
210
  end
data/lib/dependabot/pull_request_creator/branch_namer/base.rb CHANGED
@@ -18,6 +18,9 @@ module Dependabot
18
18
  sig { returns(T.nilable(String)) }
19
19
  attr_reader :target_branch
20
20
 
21
+ sig { returns(T::Array[String]) }
22
+ attr_reader :existing_branches
23
+
21
24
  sig { returns(String) }
22
25
  attr_reader :separator
23
26
 
@@ -32,20 +35,22 @@ module Dependabot
32
35
  dependencies: T::Array[Dependency],
33
36
  files: T::Array[DependencyFile],
34
37
  target_branch: T.nilable(String),
38
+ existing_branches: T::Array[String],
35
39
  separator: String,
36
40
  prefix: String,
37
41
  max_length: T.nilable(Integer)
38
42
  )
39
43
  .void
40
44
  end
41
- def initialize(dependencies:, files:, target_branch:, separator: "/",
42
- prefix: "dependabot", max_length: nil)
43
- @dependencies = dependencies
44
- @files = files
45
- @target_branch = target_branch
46
- @separator = separator
47
- @prefix = prefix
48
- @max_length = max_length
45
+ def initialize(dependencies:, files:, target_branch:, existing_branches: [],
46
+ separator: "/", prefix: "dependabot", max_length: nil)
47
+ @dependencies = dependencies
48
+ @files = files
49
+ @target_branch = target_branch
50
+ @existing_branches = existing_branches
51
+ @separator = separator
52
+ @prefix = prefix
53
+ @max_length = max_length
49
54
  end
50
55
 
51
56
  sig { overridable.returns(String) }
@@ -69,7 +74,25 @@ module Dependabot
69
74
  sanitized_name[[T.must(max_length) - sha.size, 0].max..] = sha
70
75
  end
71
76
 
72
- sanitized_name
77
+ if Dependabot::Experiments.enabled?(:dedup_branch_names)
78
+ dedup_existing_branches(sanitized_name)
79
+ else
80
+ sanitized_name
81
+ end
82
+ end
83
+
84
+ sig { params(ref: String).returns(String) }
85
+ def dedup_existing_branches(ref)
86
+ return ref unless existing_branches.include?(ref)
87
+
88
+ i = 1
89
+ new_ref = "#{ref}-#{i}"
90
+ while existing_branches.include?(new_ref)
91
+ i += 1
92
+ new_ref = "#{ref}-#{i}"
93
+ end
94
+
95
+ new_ref
73
96
  end
74
97
 
75
98
  sig { params(ref: String).returns(String) }
data/lib/dependabot/pull_request_creator/branch_namer/dependency_group_strategy.rb CHANGED
@@ -17,6 +17,7 @@ module Dependabot
17
17
  target_branch: T.nilable(String),
18
18
  dependency_group: Dependabot::DependencyGroup,
19
19
  includes_security_fixes: T::Boolean,
20
+ existing_branches: T::Array[String],
20
21
  separator: String,
21
22
  prefix: String,
22
23
  max_length: T.nilable(Integer)
@@ -24,11 +25,12 @@ module Dependabot
24
25
  .void
25
26
  end
26
27
  def initialize(dependencies:, files:, target_branch:, dependency_group:, includes_security_fixes:,
27
- separator: "/", prefix: "dependabot", max_length: nil)
28
+ existing_branches: [], separator: "/", prefix: "dependabot", max_length: nil)
28
29
  super(
29
30
  dependencies: dependencies,
30
31
  files: files,
31
32
  target_branch: target_branch,
33
+ existing_branches: existing_branches,
32
34
  separator: separator,
33
35
  prefix: prefix,
34
36
  max_length: max_length,
data/lib/dependabot/pull_request_creator/branch_namer.rb CHANGED
@@ -23,6 +23,9 @@ module Dependabot
23
23
  sig { returns(T.nilable(String)) }
24
24
  attr_reader :target_branch
25
25
 
26
+ sig { returns(T::Array[String]) }
27
+ attr_reader :existing_branches
28
+
26
29
  sig { returns(String) }
27
30
  attr_reader :separator
28
31
 
@@ -44,6 +47,7 @@ module Dependabot
44
47
  files: T::Array[Dependabot::DependencyFile],
45
48
  target_branch: T.nilable(String),
46
49
  dependency_group: T.nilable(Dependabot::DependencyGroup),
50
+ existing_branches: T::Array[String],
47
51
  separator: String,
48
52
  prefix: String,
49
53
  max_length: T.nilable(Integer),
@@ -51,12 +55,13 @@ module Dependabot
51
55
  )
52
56
  .void
53
57
  end
54
- def initialize(dependencies:, files:, target_branch:, dependency_group: nil,
58
+ def initialize(dependencies:, files:, target_branch:, dependency_group: nil, existing_branches: [],
55
59
  separator: "/", prefix: "dependabot", max_length: nil, includes_security_fixes: false)
56
60
  @dependencies = dependencies
57
61
  @files = files
58
62
  @target_branch = target_branch
59
63
  @dependency_group = dependency_group
64
+ @existing_branches = existing_branches
60
65
  @separator = separator
61
66
  @prefix = prefix
62
67
  @max_length = max_length
@@ -78,6 +83,7 @@ module Dependabot
78
83
  dependencies: dependencies,
79
84
  files: files,
80
85
  target_branch: target_branch,
86
+ existing_branches: existing_branches,
81
87
  separator: separator,
82
88
  prefix: prefix,
83
89
  max_length: max_length
@@ -89,6 +95,7 @@ module Dependabot
89
95
  target_branch: target_branch,
90
96
  dependency_group: T.must(dependency_group),
91
97
  includes_security_fixes: includes_security_fixes,
98
+ existing_branches: existing_branches,
92
99
  separator: separator,
93
100
  prefix: prefix,
94
101
  max_length: max_length
data/lib/dependabot/pull_request_creator/message_builder.rb CHANGED
@@ -143,8 +143,7 @@ module Dependabot
143
143
  def pr_notices
144
144
  notices = @notices || []
145
145
  unique_messages = notices.filter_map do |notice|
146
- markdown = notice.markdown if notice
147
- markdown unless markdown.empty?
146
+ Dependabot::Notice.markdown_from_description(notice) if notice.show_in_pr
148
147
  end.uniq
149
148
 
150
149
  message = unique_messages.join("\n\n")
data/lib/dependabot/pull_request_creator.rb CHANGED
@@ -115,6 +115,9 @@ module Dependabot
115
115
  sig { returns(T.nilable(T.any(T::Array[String], Integer))) }
116
116
  attr_reader :milestone
117
117
 
118
+ sig { returns(T::Array[String]) }
119
+ attr_reader :existing_branches
120
+
118
121
  sig { returns(String) }
119
122
  attr_reader :branch_name_separator
120
123
 
@@ -159,6 +162,7 @@ module Dependabot
159
162
  reviewers: Reviewers,
160
163
  assignees: T.nilable(T.any(T::Array[String], T::Array[Integer])),
161
164
  milestone: T.nilable(T.any(T::Array[String], Integer)),
165
+ existing_branches: T::Array[String],
162
166
  branch_name_separator: String,
163
167
  branch_name_prefix: String,
164
168
  branch_name_max_length: T.nilable(Integer),
@@ -182,9 +186,9 @@ module Dependabot
182
186
  custom_labels: nil, author_details: nil, signature_key: nil,
183
187
  commit_message_options: {}, vulnerabilities_fixed: {},
184
188
  reviewers: nil, assignees: nil, milestone: nil,
185
- branch_name_separator: "/", branch_name_prefix: "dependabot",
186
- branch_name_max_length: nil, label_language: false,
187
- automerge_candidate: false,
189
+ existing_branches: [], branch_name_separator: "/",
190
+ branch_name_prefix: "dependabot", branch_name_max_length: nil,
191
+ label_language: false, automerge_candidate: false,
188
192
  github_redirection_service: DEFAULT_GITHUB_REDIRECTION_SERVICE,
189
193
  custom_headers: nil, require_up_to_date_base: false,
190
194
  provider_metadata: {}, message: nil, dependency_group: nil, pr_message_max_length: nil,
@@ -204,6 +208,7 @@ module Dependabot
204
208
  @assignees = assignees
205
209
  @milestone = milestone
206
210
  @vulnerabilities_fixed = vulnerabilities_fixed
211
+ @existing_branches = existing_branches
207
212
  @branch_name_separator = branch_name_separator
208
213
  @branch_name_prefix = branch_name_prefix
209
214
  @branch_name_max_length = branch_name_max_length
@@ -397,6 +402,7 @@ module Dependabot
397
402
  files: files,
398
403
  target_branch: source.branch,
399
404
  dependency_group: dependency_group,
405
+ existing_branches: existing_branches,
400
406
  separator: branch_name_separator,
401
407
  prefix: branch_name_prefix,
402
408
  max_length: branch_name_max_length,
data/lib/dependabot.rb CHANGED
@@ -2,5 +2,5 @@
2
2
  # frozen_string_literal: true
3
3
 
4
4
  module Dependabot
5
- VERSION = "0.272.0"
5
+ VERSION = "0.274.0"
6
6
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.272.0
4
+ version: 0.274.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-08-22 00:00:00.000000000 Z
11
+ date: 2024-09-05 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-codecommit
@@ -600,7 +600,7 @@ licenses:
600
600
  - MIT
601
601
  metadata:
602
602
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
603
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.272.0
603
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.274.0
604
604
  post_install_message:
605
605
  rdoc_options: []
606
606
  require_paths: