dependabot-common 0.169.2 → 0.169.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/pull_request_creator/github.rb +14 -0
  3. data/lib/dependabot/version.rb +1 -1
  4. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 820c80bbb8523f135149038faf4d10975db0f176c65c503928ed60c265e04a1e
4
- data.tar.gz: 8ea90759f8a49f8691b90e2735c43c355dc8e83a8f7487732aff8f8dff9db18b
3
+ metadata.gz: b8a205305372fc94bc744bbc8d398e31761ce36a3885f7883d550aa3f63af865
4
+ data.tar.gz: da55d148ed2f839749d5b5aa39da62917135794fb217fe6705f95ee01701f5fe
5
5
  SHA512:
6
- metadata.gz: 790673cefe994c1e897a18c89fb60e2e61d6345b82cc3b7ca5d6e004e71ab4df76f5c7de4e976aaf29c88e7838f397255cca60da464ed6ed46f7dd9b80ff1804
7
- data.tar.gz: 4c1b9fca81be25ca51b7d9be524f991c23851cb38b40ec00a1b6b55c1e7ab6f5c43fef9ef1e929f929ae24145c15f1dfcadc757c54ed40642014c01d62d850c1
6
+ metadata.gz: a690bcd061ba9d5e2e45f22b63d10149928e828bfa3e4ad30514cc0fbd083916aa5e46251cd5b3157e56a535752080824c2d4c15352ed876d6482be60e96bb78
7
+ data.tar.gz: 28aa3a165cb01d33dea1b9d8d8a897cf569979a88ff8f5103c57180b0d4c9ab4e21c4465325ef722106d1d825dc817f110b887fb1c84ab0335bd88d8ae0b372a
data/lib/dependabot/pull_request_creator/github.rb CHANGED
@@ -9,6 +9,8 @@ module Dependabot
9
9
  class PullRequestCreator
10
10
  # rubocop:disable Metrics/ClassLength
11
11
  class Github
12
+ MAX_PR_DESCRIPTION_LENGTH = 65_536 # characters (see #create_pull_request)
13
+
12
14
  attr_reader :source, :branch_name, :base_commit, :credentials,
13
15
  :files, :pr_description, :pr_name, :commit_message,
14
16
  :author_details, :signature_key, :custom_headers,
@@ -347,6 +349,18 @@ module Dependabot
347
349
  end
348
350
 
349
351
  def create_pull_request
352
+ # Limit PR description to MAX_PR_DESCRIPTION_LENGTH (65,536) characters
353
+ # and truncate with message if over. The API limit is 262,144 bytes
354
+ # (https://github.community/t/maximum-length-for-the-comment-body-in-issues-and-pr/148867/2).
355
+ # As Ruby strings are UTF-8 encoded, this is a pessimistic limit: it
356
+ # presumes the case where all characters are 4 bytes.
357
+ pr_description = @pr_description.dup
358
+ if pr_description && pr_description.length > MAX_PR_DESCRIPTION_LENGTH
359
+ truncated_msg = "...\n\n_Description has been truncated_"
360
+ truncate_length = MAX_PR_DESCRIPTION_LENGTH - truncated_msg.length
361
+ pr_description = (pr_description[0, truncate_length] + truncated_msg)
362
+ end
363
+
350
364
  github_client_for_source.create_pull_request(
351
365
  source.repo,
352
366
  target_branch,
data/lib/dependabot/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Dependabot
4
- VERSION = "0.169.2"
4
+ VERSION = "0.169.3"
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.169.2
4
+ version: 0.169.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-11-30 00:00:00.000000000 Z
11
+ date: 2021-12-02 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -469,7 +469,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
469
469
  - !ruby/object:Gem::Version
470
470
  version: 2.7.3
471
471
  requirements: []
472
- rubygems_version: 3.2.22
472
+ rubygems_version: 3.2.32
473
473
  signing_key:
474
474
  specification_version: 4
475
475
  summary: Shared code used between Dependabot package managers