dependabot-common 0.169.2 → 0.169.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/pull_request_creator/github.rb +14 -0
  3. data/lib/dependabot/version.rb +1 -1
  4. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 820c80bbb8523f135149038faf4d10975db0f176c65c503928ed60c265e04a1e
4
- data.tar.gz: 8ea90759f8a49f8691b90e2735c43c355dc8e83a8f7487732aff8f8dff9db18b
3
+ metadata.gz: b8a205305372fc94bc744bbc8d398e31761ce36a3885f7883d550aa3f63af865
4
+ data.tar.gz: da55d148ed2f839749d5b5aa39da62917135794fb217fe6705f95ee01701f5fe
5
5
  SHA512:
6
- metadata.gz: 790673cefe994c1e897a18c89fb60e2e61d6345b82cc3b7ca5d6e004e71ab4df76f5c7de4e976aaf29c88e7838f397255cca60da464ed6ed46f7dd9b80ff1804
7
- data.tar.gz: 4c1b9fca81be25ca51b7d9be524f991c23851cb38b40ec00a1b6b55c1e7ab6f5c43fef9ef1e929f929ae24145c15f1dfcadc757c54ed40642014c01d62d850c1
6
+ metadata.gz: a690bcd061ba9d5e2e45f22b63d10149928e828bfa3e4ad30514cc0fbd083916aa5e46251cd5b3157e56a535752080824c2d4c15352ed876d6482be60e96bb78
7
+ data.tar.gz: 28aa3a165cb01d33dea1b9d8d8a897cf569979a88ff8f5103c57180b0d4c9ab4e21c4465325ef722106d1d825dc817f110b887fb1c84ab0335bd88d8ae0b372a
data/lib/dependabot/pull_request_creator/github.rb CHANGED
@@ -9,6 +9,8 @@ module Dependabot
9
9
  class PullRequestCreator
10
10
  # rubocop:disable Metrics/ClassLength
11
11
  class Github
12
+ MAX_PR_DESCRIPTION_LENGTH = 65_536 # characters (see #create_pull_request)
13
+
12
14
  attr_reader :source, :branch_name, :base_commit, :credentials,
13
15
  :files, :pr_description, :pr_name, :commit_message,
14
16
  :author_details, :signature_key, :custom_headers,
@@ -347,6 +349,18 @@ module Dependabot
347
349
  end
348
350
 
349
351
  def create_pull_request
352
+ # Limit PR description to MAX_PR_DESCRIPTION_LENGTH (65,536) characters
353
+ # and truncate with message if over. The API limit is 262,144 bytes
354
+ # (https://github.community/t/maximum-length-for-the-comment-body-in-issues-and-pr/148867/2).
355
+ # As Ruby strings are UTF-8 encoded, this is a pessimistic limit: it
356
+ # presumes the case where all characters are 4 bytes.
357
+ pr_description = @pr_description.dup
358
+ if pr_description && pr_description.length > MAX_PR_DESCRIPTION_LENGTH
359
+ truncated_msg = "...\n\n_Description has been truncated_"
360
+ truncate_length = MAX_PR_DESCRIPTION_LENGTH - truncated_msg.length
361
+ pr_description = (pr_description[0, truncate_length] + truncated_msg)
362
+ end
363
+
350
364
  github_client_for_source.create_pull_request(
351
365
  source.repo,
352
366
  target_branch,
data/lib/dependabot/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Dependabot
4
- VERSION = "0.169.2"
4
+ VERSION = "0.169.3"
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.169.2
4
+ version: 0.169.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-11-30 00:00:00.000000000 Z
11
+ date: 2021-12-02 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -469,7 +469,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
469
469
  - !ruby/object:Gem::Version
470
470
  version: 2.7.3
471
471
  requirements: []
472
- rubygems_version: 3.2.22
472
+ rubygems_version: 3.2.32
473
473
  signing_key:
474
474
  specification_version: 4
475
475
  summary: Shared code used between Dependabot package managers