dependabot-common 0.129.3 → 0.129.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: caa3a193af53d69a8c06fc60d972a0571418b6192dacf2ce20b2b7ddc9011b60
-  data.tar.gz: d9f6046100711920da02ee7c5a7cf5049d67e3d0c2c614c0ad39bccb31445354
+  metadata.gz: afed21fb500f1de6d025f3824fa4a64eff41d0816d44106e044f4a54de984bfe
+  data.tar.gz: 3c8c4a17267398cc4efbdc4974a1f8dc78e71aa74f08e194029cb01438938457
 SHA512:
-  metadata.gz: f5f0891b60e259e31374cd338c0e155d9dfee28bbe3ee252149b46a9849c5a5bda070aa91384270970e430d331a047a673116a07dc262f70df1708510216993a
-  data.tar.gz: afcb0cc9ef39a72177eb3880815c139a4d904b860aa257b8c14d4d8427786d85c9ba11862a4581066255b1fc1c19492ea4772be620a96c9e93159f887408101b
+  metadata.gz: 7539dc5753d2f66e23cc7b2f5f77b8d7a01e39480b08df5362e08e5012c7249613edc0e25c2dbce80968e40034fdd64b3c4d10adb5ac190a7e870d2288786f05
+  data.tar.gz: 6e776353cf20627d05453b2334dbd112f7ab1bf48e959be8f88093d4a4ea74416c557161e14eafc9ef0dd8049d10c52aef7474f2c95541378a0470d34bb047dd

data/lib/dependabot/clients/bitbucket.rb

@@ -12,6 +12,19 @@ module Dependabot
 
       class Forbidden < StandardError; end
 
+      #######################
+      # Constructor methods #
+      #######################
+
+      def self.for_source(source:, credentials:)
+        credential =
+          credentials.
+          select { |cred| cred["type"] == "git_source" }.
+          find { |cred| cred["host"] == source.hostname }
+
+        new(credentials: credential)
+      end
+
       ##########
       # Client #
       ##########
@@ -53,6 +66,81 @@ module Dependabot
         response.body
       end
 
+      def commits(repo, branch_name = nil)
+        commits_path = "#{repo}/commits/#{branch_name}?pagelen=100"
+        next_page_url = base_url + commits_path
+        paginate({ "next" => next_page_url })
+      end
+
+      def branch(repo, branch_name)
+        branch_path = "#{repo}/refs/branches/#{branch_name}"
+        response = get(base_url + branch_path)
+
+        JSON.parse(response.body)
+      end
+
+      def pull_requests(repo, source_branch, target_branch)
+        pr_path = "#{repo}/pullrequests"
+        # Get pull requests with any status
+        pr_path += "?status=OPEN&status=MERGED&status=DECLINED&status=SUPERSEDED"
+        next_page_url = base_url + pr_path
+        pull_requests = paginate({ "next" => next_page_url })
+
+        pull_requests unless source_branch && target_branch
+
+        pull_requests.select do |pr|
+          pr_source_branch = pr.fetch("source").fetch("branch").fetch("name")
+          pr_target_branch = pr.fetch("destination").fetch("branch").fetch("name")
+          pr_source_branch == source_branch && pr_target_branch == target_branch
+        end
+      end
+
+      # rubocop:disable Metrics/ParameterLists
+      def create_commit(repo, branch_name, base_commit, commit_message, files,
+                        author_details)
+        parameters = {
+          message: commit_message, # TODO: Format markup in commit message
+          author: "#{author_details.fetch(:name)} <#{author_details.fetch(:email)}>",
+          parents: base_commit,
+          branch: branch_name
+        }
+
+        files.each do |file|
+          absolute_path = file.name.start_with?("/") ? file.name : "/" + file.name
+          parameters[absolute_path] = file.content
+        end
+
+        body = encode_form_parameters(parameters)
+
+        commit_path = "#{repo}/src"
+        post(base_url + commit_path, body, "application/x-www-form-urlencoded")
+      end
+      # rubocop:enable Metrics/ParameterLists
+
+      # rubocop:disable Metrics/ParameterLists
+      def create_pull_request(repo, pr_name, source_branch, target_branch,
+                              pr_description, _labels, _work_item = nil)
+        content = {
+          title: pr_name,
+          source: {
+            branch: {
+              name: source_branch
+            }
+          },
+          destination: {
+            branch: {
+              name: target_branch
+            }
+          },
+          description: pr_description,
+          close_source_branch: true
+        }
+
+        pr_path = "#{repo}/pullrequests"
+        post(base_url + pr_path, content.to_json)
+      end
+      # rubocop:enable Metrics/ParameterLists
+
       def tags(repo)
         path = "#{repo}/refs/tags?pagelen=100"
         response = get(base_url + path)
@@ -90,6 +178,28 @@ module Dependabot
         response
       end
 
+      def post(url, body, content_type = "application/json")
+        response = Excon.post(
+          url,
+          body: body,
+          user: credentials&.fetch("username", nil),
+          password: credentials&.fetch("password", nil),
+          idempotent: false,
+          **SharedHelpers.excon_defaults(
+            headers: auth_header.merge(
+              {
+                "Content-Type" => content_type
+              }
+            )
+          )
+        )
+        raise Unauthorized if response.status == 401
+        raise Forbidden if response.status == 403
+        raise NotFound if response.status == 404
+
+        response
+      end
+
       private
 
       def auth_header_for(token)
@@ -98,6 +208,37 @@ module Dependabot
         { "Authorization" => "Bearer #{token}" }
       end
 
+      def encode_form_parameters(parameters)
+        parameters.map do |key, value|
+          URI.encode_www_form_component(key.to_s) + "=" + URI.encode_www_form_component(value.to_s)
+        end.join("&")
+      end
+
+      # Takes a hash with optional `values` and `next` fields
+      # Returns an enumerator.
+      #
+      # Can be used a few ways:
+      # With GET:
+      #     paginate ({"next" => url})
+      # or
+      #     paginate(JSON.parse(get(url).body))
+      #
+      # With POST (for endpoints that provide POST methods for long query parameters)
+      #     response = post(url, body)
+      #     first_page = JSON.parse(repsonse.body)
+      #     paginate(first_page)
+      def paginate(page)
+        Enumerator.new do |yielder|
+          loop do
+            page.fetch("values", []).each { |value| yielder << value }
+            break unless page.key?("next")
+
+            next_page_url = page.fetch("next")
+            page = JSON.parse(get(next_page_url).body)
+          end
+        end
+      end
+
       attr_reader :auth_header
       attr_reader :credentials
 

data/lib/dependabot/pull_request_creator.rb

@@ -5,6 +5,7 @@ require "dependabot/metadata_finders"
 module Dependabot
   class PullRequestCreator
     require "dependabot/pull_request_creator/azure"
+    require "dependabot/pull_request_creator/bitbucket"
     require "dependabot/pull_request_creator/codecommit"
     require "dependabot/pull_request_creator/github"
     require "dependabot/pull_request_creator/gitlab"
@@ -88,6 +89,7 @@ module Dependabot
       when "github" then github_creator.create
       when "gitlab" then gitlab_creator.create
       when "azure" then azure_creator.create
+      when "bitbucket" then bitbucket_creator.create
       when "codecommit" then codecommit_creator.create
       else raise "Unsupported provider #{source.provider}"
       end
@@ -162,6 +164,22 @@ module Dependabot
       )
     end
 
+    def bitbucket_creator
+      Bitbucket.new(
+        source: source,
+        branch_name: branch_namer.new_branch_name,
+        base_commit: base_commit,
+        credentials: credentials,
+        files: files,
+        commit_message: message_builder.commit_message,
+        pr_description: message_builder.pr_message,
+        pr_name: message_builder.pr_name,
+        author_details: author_details,
+        labeler: labeler,
+        work_item: provider_metadata&.fetch(:work_item, nil)
+      )
+    end
+
     def codecommit_creator
       Codecommit.new(
         source: source,

data/lib/dependabot/pull_request_creator/bitbucket.rb

@@ -0,0 +1,96 @@
+# frozen_string_literal: true
+
+require "dependabot/clients/bitbucket"
+require "dependabot/pull_request_creator"
+
+module Dependabot
+  class PullRequestCreator
+    class Bitbucket
+      attr_reader :source, :branch_name, :base_commit, :credentials,
+                  :files, :commit_message, :pr_description, :pr_name,
+                  :author_details, :labeler, :work_item
+
+      def initialize(source:, branch_name:, base_commit:, credentials:,
+                     files:, commit_message:, pr_description:, pr_name:,
+                     author_details:, labeler: nil, work_item: nil)
+        @source         = source
+        @branch_name    = branch_name
+        @base_commit    = base_commit
+        @credentials    = credentials
+        @files          = files
+        @commit_message = commit_message
+        @pr_description = pr_description
+        @pr_name        = pr_name
+        @author_details = author_details
+        @labeler        = labeler
+        @work_item      = work_item
+      end
+
+      def create
+        return if branch_exists? && pull_request_exists?
+
+        # FIXME: Copied from Azure, but not verified whether this is true
+        # For Bitbucket we create or update a branch in the same request as creating
+        # a commit (so we don't need create or update branch logic here)
+        create_commit
+
+        create_pull_request
+      end
+
+      private
+
+      def bitbucket_client_for_source
+        @bitbucket_client_for_source ||=
+          Dependabot::Clients::Bitbucket.for_source(
+            source: source,
+            credentials: credentials
+          )
+      end
+
+      def branch_exists?
+        bitbucket_client_for_source.branch(source.repo, branch_name)
+      rescue Clients::Bitbucket::NotFound
+        false
+      end
+
+      def pull_request_exists?
+        bitbucket_client_for_source.pull_requests(
+          source.repo,
+          branch_name,
+          source.branch || default_branch
+        ).any?
+      end
+
+      def create_commit
+        author = author_details&.slice(:name, :email)
+        author = nil unless author&.any?
+
+        bitbucket_client_for_source.create_commit(
+          source.repo,
+          branch_name,
+          base_commit,
+          commit_message,
+          files,
+          author
+        )
+      end
+
+      def create_pull_request
+        bitbucket_client_for_source.create_pull_request(
+          source.repo,
+          pr_name,
+          branch_name,
+          source.branch || default_branch,
+          pr_description,
+          labeler&.labels_for_pr,
+          work_item
+        )
+      end
+
+      def default_branch
+        @default_branch ||=
+          bitbucket_client_for_source.fetch_default_branch(source.repo)
+      end
+    end
+  end
+end

data/lib/dependabot/pull_request_creator/pr_name_prefixer.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require "dependabot/clients/azure"
+require "dependabot/clients/bitbucket"
 require "dependabot/clients/codecommit"
 require "dependabot/clients/github_with_retries"
 require "dependabot/clients/gitlab_with_retries"
@@ -264,6 +265,7 @@ module Dependabot
         when "github" then recent_github_commit_messages
         when "gitlab" then recent_gitlab_commit_messages
         when "azure" then recent_azure_commit_messages
+        when "bitbucket" then recent_bitbucket_commit_messages
         when "codecommit" then recent_codecommit_commit_messages
         else raise "Unsupported provider: #{source.provider}"
         end
@@ -307,6 +309,18 @@ module Dependabot
           map(&:strip)
       end
 
+      def recent_bitbucket_commit_messages
+        @recent_bitbucket_commit_messages ||=
+          bitbucket_client_for_source.commits(source.repo)
+
+        @recent_bitbucket_commit_messages.
+          reject { |c| bitbucket_commit_author_email(c) == dependabot_email }.
+          map { |c| c.fetch("message", nil) }.
+          compact.
+          reject { |m| m.start_with?("Merge") }.
+          map(&:strip)
+      end
+
       def recent_codecommit_commit_messages
         @recent_codecommit_commit_messages ||=
           codecommit_client_for_source.commits
@@ -324,6 +338,7 @@ module Dependabot
           when "github" then last_github_dependabot_commit_message
           when "gitlab" then last_gitlab_dependabot_commit_message
           when "azure" then last_azure_dependabot_commit_message
+          when "bitbucket" then last_bitbucket_dependabot_commit_message
           when "codecommit" then last_codecommit_dependabot_commit_message
           else raise "Unsupported provider: #{source.provider}"
           end
@@ -365,6 +380,16 @@ module Dependabot
           strip
       end
 
+      def last_bitbucket_dependabot_commit_message
+        @recent_bitbucket_commit_messages ||=
+          bitbucket_client_for_source.commits(source.repo)
+
+        @recent_bitbucket_commit_messages.
+          find { |c| bitbucket_commit_author_email(c) == dependabot_email }&.
+          fetch("message", nil)&.
+          strip
+      end
+
       def last_codecommit_dependabot_commit_message
         @recent_codecommit_commit_messages ||=
           codecommit_client_for_source.commits(source.repo)
@@ -379,6 +404,11 @@ module Dependabot
         commit.fetch("author").fetch("email", "")
       end
 
+      def bitbucket_commit_author_email(commit)
+        matches = commit.fetch("author").fetch("raw").match(/<(.*)>/)
+        matches ? matches[1] : ""
+      end
+
       def github_client_for_source
         @github_client_for_source ||=
           Dependabot::Clients::GithubWithRetries.for_source(
@@ -403,6 +433,14 @@ module Dependabot
           )
       end
 
+      def bitbucket_client_for_source
+        @bitbucket_client_for_source ||=
+          Dependabot::Clients::Bitbucket.for_source(
+            source: source,
+            credentials: credentials
+          )
+      end
+
       def codecommit_client_for_source
         @codecommit_client_for_source ||=
           Dependabot::Clients::CodeCommit.for_source(

data/lib/dependabot/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Dependabot
-  VERSION = "0.129.3"
+  VERSION = "0.129.4"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-common
 version: !ruby/object:Gem::Version
-  version: 0.129.3
+  version: 0.129.4
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-01-05 00:00:00.000000000 Z
+date: 2021-01-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-codecommit
@@ -168,20 +168,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '2.0'
-- !ruby/object:Gem::Dependency
-  name: parseconfig
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.0'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.0'
 - !ruby/object:Gem::Dependency
   name: parser
   requirement: !ruby/object:Gem::Requirement
@@ -396,6 +382,7 @@ files:
 - lib/dependabot/metadata_finders/base/release_finder.rb
 - lib/dependabot/pull_request_creator.rb
 - lib/dependabot/pull_request_creator/azure.rb
+- lib/dependabot/pull_request_creator/bitbucket.rb
 - lib/dependabot/pull_request_creator/branch_namer.rb
 - lib/dependabot/pull_request_creator/codecommit.rb
 - lib/dependabot/pull_request_creator/commit_signer.rb