RubyGems - dependabot-linguist - Versions diffs - 0.0.1 → 0.212.0 - Mend

dependabot-linguist 0.0.1 → 0.212.0

Files changed (223) hide show

data/Makefile CHANGED Viewed

@@ -1,4 +1,4 @@
-.PHONY: setup setup_github clean docs test build install push_rubygems push_github
+.PHONY: setup setup_github clean docs docs_view demo test build install push_rubygems push_github
 SHELL:=/bin/bash
 # Assumes `gem install bundler`
@@ -17,6 +17,13 @@ clean:
 docs: clean
 	bundle exec rake rdoc
+# http://localhost:8080/
+docs_view: docs
+	ruby -run -e httpd doc
+demo:
+	bundle exec ruby demo_script.rb
 # default (just `rake`) is spec + rubocop, but be pedantic in case this changes.
 test: clean
 	bundle exec rake spec

data/README.md CHANGED Viewed

@@ -1,15 +1,21 @@
 # [dependabot-linguist](https://github.com/Skenvy/dependabot-linguist)
-Use [linguist](https://github.com/github/linguist) to check the contents of a repository, and then scan for [dependabot-core](https://github.com/dependabot/dependabot-core) ecosystems relevant to those languages!
+Use [linguist](https://github.com/github/linguist) to check the contents of a **local** repository, and then scan for [dependabot-core](https://github.com/dependabot/dependabot-core) ecosystems relevant to those languages! With the list of [ecosystems](https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#package-ecosystem) present in a repository, add a [dependabot.y[a]ml](https://docs.github.com/en/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates) ([configuration file](https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file)).
 ## Getting Started
+### [Linguist dependencies](https://github.com/github/linguist#dependencies);
+Before installing this gem, which will install the [github-linguist gem](https://rubygems.org/gems/github-linguist), linguists dependencies should be installed. A number of these are enabling [rugged](https://rubygems.org/gems/rugged), so they can't be "ignored" like [dependabot's setup](https://github.com/dependabot/dependabot-core#setup), which _can_ be ignored for the purpose of **this** gem, which only intends to use the [file fetchers](https://github.com/dependabot/dependabot-core/blob/v0.212.0/common/lib/dependabot/file_fetchers/README.md).
+```bash
+sudo apt-get install build-essential cmake pkg-config libicu-dev zlib1g-dev libcurl4-openssl-dev libssl-dev ruby-dev
+```
+### Install _this_
 [To install the latest from RubyGems](https://rubygems.org/gems/dependabot-linguist);
 ```sh
 gem install dependabot-linguist
 ```
-[Or to install from GitHub's hosted gems](https://github.com/Skenvy/dependabot-linguist/packages/TODO);
+[Or to install from GitHub's hosted gems](https://github.com/Skenvy/dependabot-linguist/packages/1704407);
 ```sh
 gem install dependabot-linguist --source "https://rubygems.pkg.github.com/skenvy"
 ```
-### Add to the Gemfile
+### Or add to the Gemfile
 [Add the RubyGems hosted gem](https://rubygems.org/gems/dependabot-linguist) with bundler;
 ```sh
 bundle add dependabot-linguist
@@ -18,14 +24,42 @@ Or add the following line to your `Gemfile` manually
 ```ruby
 gem "dependabot-linguist", ">= 0.212.0
 ```
-[Add the GitHub hosted gem](https://github.com/Skenvy/dependabot-linguist/packages/TODO);
+[Add the GitHub hosted gem](https://github.com/Skenvy/dependabot-linguist/packages/1704407);
 ```ruby
 source "https://rubygems.pkg.github.com/skenvy" do
   gem "dependabot-linguist", ">= 0.212.0"
 end
 ```
 ## Usage
-TODO
+The two main classes this provides, `::Dependabot::Linguist::Repository` and `::Dependabot::Linguist::DependabotFileValidator`, can be utilised independently, although the intention is that they be utilised together; to discover the contents of a repository that should be watched with a dependabot file by `Repository`, and subsequently using `DependabotFileValidator` to edit an existing, or add a new, dependabot file to watch the directories that were validated earlier. There is also a CLI tool, `dependabot-linguist`, that wraps these classes and surfaces all the available options to them, although adding automated tests for the executable is still a `#TODO`.
+### Use the classes in a ruby script, with defaults
+```ruby
+require "dependabot/linguist"
+# Get the list of directories validated for each ecosystem.
+@repo_path = "." # "here"
+@repo_name = "Skenvy/dependabot-linguist" # If it were evaluating this repo!
+@this_repo = ::Dependabot::Linguist::Repository.new(@repo_path, @repo_name)
+@this_repo.directories_per_ecosystem_validated_by_dependabot
+# Use this list to see what the recommended update to the existing (or add new) config is.
+@validator = ::Dependabot::Linguist::DependabotFileValidator.new(repo_path)
+@validator.load_ecosystem_directories(incoming: @this_repo.directories_per_ecosystem_validated_by_dependabot)
+@validator.new_config
+# If you trust it to write the new config;
+@validator.write_new_config
+# If you have git, and the gh cli tool installed and configured, and trust this
+# tool to handle branching, commiting, pushing, and raising a pull request;
+@validator.commit_new_config
+```
+### Use the CLI
+```bash
+# With no flags, it'll run "here", and print out the recommended new config.
+dependabot-linguist
+# With -w, it'll write the file. You can also specify a path.
+dependabot-linguist ../../some/other/repo -w
+# With -x, you'll be trusting it to raise a pull request of the recommended config.
+# You can also specify a name, which will be required if there isn't a "origin" remote.
+dependabot-linguist ../../some/other/repo Username/Reponame -x
+```
 ## [RDoc generated docs](https://skenvy.github.io/dependabot-linguist/)
 ## Developing
 ### The first time setup

data/demo_script.rb ADDED Viewed

@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+# This demonstrates the typical utility of ::Dependabot::Linguist::Repository
+# and ::Dependabot::Linguist::DependabotFileValidator, by running them both on
+# this repository's root dir. The <repo>/smoke-test/ dir should contain samples
+# that will provide at least one valid entry for each ecosystem. Because this
+# demo is being run on the root of this repository, it will also validate the
+# presence of the .github/workflows/*.y[a]ml files for github-actions.
+# Notably, it must run on a repo root, as the repo path is used to initialise an
+# instance of ::Rugged::Repository, both for creating a ::Linguist::Repository
+# instance, and to load files with ::Rugged::Repository#blob_at. The smoke-test
+# RSpec tests get around this by frobbing temp repos in each test directory.
+require "dependabot/linguist"
+require "yaml"
+repo_path = "." # input for both ::Dependabot::Linguist::(Repository, DependabotFileValidator)
+# The repository name only matters for cloning a public repo, besides ::Dependabot::Source
+this_repo = ::Dependabot::Linguist::Repository.new(repo_path, "Skenvy/dependabot-linguist")
+puts "*"*80
+# puts "\nThe set of files, per linguist language\n"
+# puts this_repo.files_per_linguist_language.to_yaml
+# puts "\nThe set of directories per linguist language\n"
+# puts this_repo.directories_per_linguist_language.to_yaml
+# puts "\nThe package managers\n"
+# puts this_repo.directories_per_package_manager.to_yaml
+# puts "\nThe package ecosystems\n"
+# puts this_repo.directories_per_package_ecosystem.to_yaml
+puts "\nPaydirt; which ecosystem's directory guesses were validated by dependabot!\n"
+puts this_repo.directories_per_ecosystem_validated_by_dependabot.to_yaml
+puts "\n"
+validator = ::Dependabot::Linguist::DependabotFileValidator.new(repo_path, max_open_pull_requests_limit: 3)
+puts "*"*80
+# puts "\nThe dependabot config file path in this repo\n"
+# puts validator.dependabot_file_path
+# puts "\nThe existing dependabot configuration state\n"
+# puts validator.existing_config.to_yaml
+# puts "\nLoad in the results of the ::Dependabot::Linguist::Repository.directories_per_ecosystem_validated_by_dependabot\n"
+validator.load_ecosystem_directories(incoming: this_repo.directories_per_ecosystem_validated_by_dependabot) # .to_yaml
+puts "\nDetermine the drift in configuration -- what already exists, and what should be added (or removed?)\n"
+puts validator.config_drift.to_yaml
+puts "\nOutput the recommended 'new' config for the dependabot file.\n"
+puts validator.new_config.to_yaml
+# puts "\nWrite the new config to the dependabot file\n"
+# puts validator.write_new_config

data/dependabot-linguist.gemspec CHANGED Viewed

@@ -15,8 +15,8 @@ Gem::Specification.new do |spec|
   spec.required_ruby_version = ">= 2.7.0"
   spec.metadata["homepage_uri"] = spec.homepage
   spec.metadata["source_code_uri"] = "https://github.com/Skenvy/dependabot-linguist/tree/main/"
-  # Specify which files should be added to the gem when it is released.
-  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
+  spec.require_paths = ["lib"]
   spec.files = Dir.chdir(__dir__) do
     `git ls-files -z`.split("\x0").reject do |f|
       (f == __FILE__) || f.match(%r{\A(?:(?:bin|test|spec|features)/|\.(?:git|travis|circleci)|appveyor)})
@@ -24,7 +24,18 @@ Gem::Specification.new do |spec|
   end
   spec.bindir = "exe"
   spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
-  spec.require_paths = ["lib"]
-  # Uncomment to register a new dependency of your gem
-  # spec.add_dependency "example-gem", "~> 1.0"
+  spec.add_dependency "rugged", "~> 1.5.0"
+  spec.add_dependency "github-linguist", "7.23.0"
+  # All ecosystem gems from https://rubygems.org/profiles/dependabot can be
+  # required via https://rubygems.org/gems/dependabot-omnibus/versions/0.212.0
+  # which will include all dependencies of omnibus (16 ecosystems and common).
+  # https://github.com/dependabot/dependabot-core/blob/v0.212.0/omnibus/dependabot-omnibus.gemspec#L24-L40
+  spec.add_dependency "dependabot-omnibus", "0.212.0"
+  # spec.add_development_dependency "aruba", "~> 2.1" # TODO
+  spec.add_development_dependency "rake", "~> 13.0"
+  spec.add_development_dependency "rdoc", "~> 6.0"
+  spec.add_development_dependency "rspec", "~> 3.12"
+  spec.add_development_dependency "rubocop", "~> 1.37"
 end

data/devlog.md ADDED Viewed

@@ -0,0 +1,186 @@
+# Devlog
+## Patching Linguist
+### Surfacing _all **relevant** languages_
+A decision on how to patch linguist to surface "all _relevant_ languages" could either be greedy, by making it such that **every** language was surfaced, or minimal so that only a supplied list of languages that would not otherwise, are surfaced. For the greedy approach to patching version `7.23.0`, we would two patches. A good example for why this is necessary is that both gradle and maven are `type: data`, and maven is also `group: XML`. Normally, this would prevent either of these from being reported by linguist unless globs to them were referenced with `linguist-detectable` in a `.gitattributes` file; as explained in [Overrides](https://github.com/github/linguist/blob/v7.23.0/docs/overrides.md). Rather that interact with these, as a repo might include its own `.gitattributes` file, and there is some (?) discussion around adding a "build configuration"-esque type, at a **minimum** a patch is needed to "ungroup" something like maven, that even if set to be detectable, would report itself as "XML" in the output.
+Firstly, we'd need to patch the [`Linguist::BlobHelper::include_in_language_stats`](https://github.com/github/linguist/blob/v7.23.0/lib/linguist/blob_helper.rb) to no longer rely on [`DETECTABLE_TYPES`](https://github.com/github/linguist/blob/v7.23.0/lib/linguist/blob_helper.rb#L376) to avoid surfacing `:type`'s that aren't `:programming` or `:markup`. Something along the lines of;
+```ruby
+require 'linguist'
+module Linguist
+  module BlobHelper
+    # Patch out the possibly falsey "detectable"; 'detect' everything!
+    def include_in_language_stats?
+      !vendored? &&
+      !documentation? &&
+      !generated? &&
+      language # && ( defined?(detectable?) && !detectable?.nil? ?
+      #   detectable? :
+      #   DETECTABLE_TYPES.include?(language.type)
+      # )
+    end
+  end
+end
+```
+The other change we'd need to make would be in how the `group` of a language is determined. The [language yaml file](https://github.com/github/linguist/blob/v7.23.0/lib/linguist/languages.yml) is [read in](https://github.com/github/linguist/blob/v7.23.0/lib/linguist/language.rb#L495) and [loaded as yaml](https://github.com/github/linguist/blob/v7.23.0/lib/linguist/language.rb#L502). A ["group" option](https://github.com/github/linguist/blob/v7.23.0/lib/linguist/language.rb#L540) will become the `:group_name` and then [used in initialisation to set the `@group_name`](https://github.com/github/linguist/blob/v7.23.0/lib/linguist/language.rb#L293-L299), which is then used to determine the `@group`. We could do away with groups by patching `Linguist::Language::group` to return the `self.name` that would be assigned to the `group_name` if there was no `group` option input. Something like;
+```ruby
+module Linguist
+  class Language
+    def group
+      @group ||= Language.find_by_name(self.name)
+    end
+  end
+end
+```
+The alternatively to both of these that is more minimal, is to selectively set the `@type` to `:programming` and `@group_name` to `self.name`.
+## Debugging Linguist
+To debug (**printf debugging** tbf tho) certain parts of Linguist's behaviour, these patches, which add `puts` lines to module or class functions, are significant duplications of Linguist's code, so their addition would be under [Linguist's MIT License @v7.23.0](https://github.com/github/linguist/blob/v7.23.0/LICENSE).
+They are all includded under `Copyright (c) 2017 GitHub, Inc.`.
+### Linguist.detect
+```ruby
+# https://github.com/github/linguist/blob/v7.23.0/lib/linguist.rb#L20-L49
+class << Linguist
+  # Public: Detects the Language of the blob.
+  #
+  # blob - an object that includes the Linguist `BlobHelper` interface;
+  #       see Linguist::LazyBlob and Linguist::FileBlob for examples
+  #
+  # Returns Language or nil.
+  def detect(blob, allow_empty: false)
+    # Bail early if the blob is binary or empty.
+    puts "Linguist::detect -- Detecting language on file #{blob.name}"
+    return nil if blob.likely_binary? || blob.binary? || (!allow_empty && blob.empty?)
+    Linguist.instrument("linguist.detection", :blob => blob) do
+      # Call each strategy until one candidate is returned.
+      languages = []
+      returning_strategy = nil
+      STRATEGIES.each do |strategy|
+        returning_strategy = strategy
+        candidates = Linguist.instrument("linguist.strategy", :blob => blob, :strategy => strategy, :candidates => languages) do
+          strategy.call(blob, languages)
+        end
+        if candidates.size == 1
+          languages = candidates
+          break
+        elsif candidates.size > 1
+          # More than one candidate was found, pass them to the next strategy.
+          languages = candidates
+        else
+          # No candidates, try the next strategy
+        end
+      end
+      Linguist.instrument("linguist.detected", :blob => blob, :strategy => returning_strategy, :language => languages.first)
+      languages.first
+    end
+  end
+end
+```
+### Linguist::Repository.compute_stats
+```ruby
+# https://github.com/github/linguist/blob/v7.23.0/lib/linguist/repository.rb#L134-L171
+module Linguist
+  class Repository
+    def compute_stats(old_commit_oid, cache = nil)
+      return {} if current_tree.count_recursive(MAX_TREE_SIZE) >= MAX_TREE_SIZE
+      old_tree = old_commit_oid && Rugged::Commit.lookup(repository, old_commit_oid).tree
+      read_index
+      diff = Rugged::Tree.diff(repository, old_tree, current_tree)
+      # Clear file map and fetch full diff if any .gitattributes files are changed
+      if cache && diff.each_delta.any? { |delta| File.basename(delta.new_file[:path]) == ".gitattributes" }
+        diff = Rugged::Tree.diff(repository, old_tree = nil, current_tree)
+        file_map = {}
+      else
+        file_map = cache ? cache.dup : {}
+      end
+      diff.each_delta do |delta|
+        old = delta.old_file[:path]
+        new = delta.new_file[:path]
+        file_map.delete(old)
+        # next if delta.binary
+        if delta.binary
+          puts "Linguist::Repository::compute_stats -- IGNORE binary file -- #{delta.new_file}"
+          next
+        end
+        if [:added, :modified].include? delta.status
+          # Skip submodules and symlinks
+          mode = delta.new_file[:mode]
+          mode_format = (mode & 0170000)
+          # next if mode_format == 0120000 || mode_format == 040000 || mode_format == 0160000
+          if mode_format == 0120000 || mode_format == 040000 || mode_format == 0160000
+            puts "Linguist::Repository::compute_stats -- IGNORE invalid mode file -- #{delta.new_file}"
+            next
+          else
+            puts "Linguist::Repository::compute_stats -- Process well behaved file -- #{delta.new_file}"
+          end
+          blob = Linguist::LazyBlob.new(repository, delta.new_file[:oid], new, mode.to_s(8))
+          update_file_map(blob, file_map, new)
+          blob.cleanup!
+        end
+      end
+      file_map
+    end
+  end
+end
+```
+### Linguist::Repository.update_file_map
+```ruby
+# https://github.com/github/linguist/blob/v7.23.0/lib/linguist/repository.rb#L173-L177
+module Linguist
+  class Repository
+    def update_file_map(blob, file_map, key)
+      if blob.include_in_language_stats?
+        puts "Linguist::Repository::update_file_map -- Including in language stats; #{blob.name}"
+        file_map[key] = [blob.language.group.name, blob.size]
+      else
+        puts "Linguist::Repository::update_file_map -- NOT including in language stats; #{blob.name}"
+      end
+    end
+  end
+end
+```
+### Linguist::BlobHelper.include_in_language_stats?
+```ruby
+# https://github.com/github/linguist/blob/v7.23.0/lib/linguist/blob_helper.rb#L378-L387
+module Linguist
+  module BlobHelper
+    def include_in_language_stats?
+      if vendored?
+        # https://github.com/github/linguist/blob/v7.23.0/lib/linguist/blob_helper.rb#L219-L232
+        # VendoredRegexp from https://github.com/github/linguist/blob/v7.23.0/lib/linguist/vendor.yml
+        # Wrapped by https://github.com/github/linguist/blob/v7.23.0/lib/linguist/lazy_blob.rb#L56-L62
+        puts "Linguist::BlobHelper::include_in_language_stats? -- Ignore #{self.name} for being vendored"
+        false
+      elsif documentation?
+        # https://github.com/github/linguist/blob/v7.23.0/lib/linguist/blob_helper.rb#L234-L247
+        # DocumentationRegexp from https://github.com/github/linguist/blob/v7.23.0/lib/linguist/documentation.yml
+        # Wrapped by https://github.com/github/linguist/blob/v7.23.0/lib/linguist/lazy_blob.rb#L40-L46
+        puts "Linguist::BlobHelper::include_in_language_stats? -- Ignore #{self.name} for being documentation"
+        false
+      elsif generated?
+        # https://github.com/github/linguist/blob/v7.23.0/lib/linguist/blob_helper.rb#L350-L360
+        # Wrapped by https://github.com/github/linguist/blob/v7.23.0/lib/linguist/lazy_blob.rb#L48-L54
+        puts "Linguist::BlobHelper::include_in_language_stats? -- Ignore #{self.name} for being generated"
+        false
+      else
+        language && ( defined?(detectable?) && !detectable?.nil? ?
+          detectable? :
+          DETECTABLE_TYPES.include?(language.type)
+        )
+      end
+    end
+  end
+end
+```
+## Patching Dependabot
+# Other comments to edit into here
+`bin/console`
+```rb
+# https://github.com/github/linguist/issues/1205
+# https://github.com/github/linguist/issues/3229
+# Linguists dev's wont implement an option to include submodules in a scan, so
+# the best option without adding that functionality in a patch is to keep the
+# smoke-test repo parallel to this one, and run the following to test that.
+```

data/exe/dependabot-linguist ADDED Viewed

@@ -0,0 +1,145 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+# For this to run without the context of the gem being on the path.
+$LOAD_PATH[0, 0] = File.join(File.dirname(__FILE__), "..", "lib")
+previous_verbose = $VERBOSE
+$VERBOSE = nil
+require "dependabot/linguist"
+require "optparse"
+require "yaml"
+$VERBOSE = previous_verbose
+VERSION = ::Dependabot::Linguist::VERSION
+BANNER = <<~BANNER
+Dependabot Linguist v#{VERSION}
+Detect dependabot ecosystems present for a given git repository, based off using
+linguist to determine the files present, that could be relevant to an ecosystem,
+and then verifying that the ecosystem's FileFetcher class is valid on the files.
+Usage: dependabot-linguist
+       dependabot-linguist <path> <name>
+       dependabot-linguist <path> <name> <options>
+BANNER
+def dependabot_linguist(args)
+  # Specify defaults
+  # If path is automatic, then remove the test environment path.
+  repo_path = Dir.pwd.delete_suffix("/tmp/aruba")
+  repo_name = nil
+  ignore_linguist = 0
+  remove_undiscovered = false
+  update_existing = true
+  minimum_interval = "weekly"
+  max_open_pull_requests_limit = 5
+  ecosystem_directories = false
+  print_yaml = true
+  write_file = false
+  submit_pull_request = false
+  verbose = false
+  # Parse opts
+  OptionParser.new do |opts| # rubocop:disable Metrics/BlockLength
+    opts.banner = BANNER
+    opts.version = VERSION
+    opts.on "-i", "--ignore-linguist LEVEL", Integer, "A number, [0, 1, 2] for \"how much to ignore linguist's suggestions\"." do |level|
+      ignore_linguist = level
+    end
+    opts.on "-r", "--remove-undiscovered", "Remove entries in an existing dependabot config that weren't found by this." do
+      remove_undiscovered = true
+    end
+    opts.on "-u", "--no-update-existing", "By default, existing entries are updated. Use this to toggle that off." do
+      update_existing = false
+    end
+    opts.on "-m", "--minimum-interval INTERVAL", String, "The minimum schedule interval; [\"monthly\", \"weekly\", \"daily\"]." do |interval|
+      minimum_interval = interval
+    end
+    opts.on "-l", "--max-open-pull-requests-limit LIMIT", Integer, "Limit dependabot's open PR #. Default 5. 0 to disallow non-security updates." do |limit|
+      max_open_pull_requests_limit = limit
+    end
+    opts.on "-v", "--verbose", "Output more information." do
+      verbose = true
+    end
+    opts.on "-e", "--ecosystem-directories", "Print out the list of directories found for each ecosystem." do
+      ecosystem_directories = true
+    end
+    opts.on "-y", "--no-yaml", "Turn off the default output -- the updated dependabot yaml." do
+      print_yaml = false
+    end
+    opts.on "-w", "--write-file", "Write the new dependabot config to the file." do
+      write_file = true
+    end
+    opts.on "-x", "--pull-request", "Use the external subshell's git/gh cli to commit, push, and PR changes." do
+      submit_pull_request = true
+    end
+    opts.on "-h", "--help", "Show help banner." do
+      puts opts
+      exit
+    end
+  end.parse!(args)
+  # If all output is turned off, then what's the point in running...
+  if [ecosystem_directories, print_yaml, write_file, submit_pull_request].none? true
+    abort BANNER
+  end
+  # Parse optional unopts
+  path_in = args.shift
+  repo_path = path_in if path_in
+  name_in = args.shift
+  repo_name = name_in if name_in
+  # If no name in, then seek the name in the path'd repo.
+  if repo_name.nil?
+    repo = ::Rugged::Repository.new(repo_path)
+    # Assume there is a remote "origin", and the user/host and path are : sep'd
+    repo_name = repo.remotes["origin"].url.delete_suffix(".git").partition(":").last
+    # Specifying the name in the call is a small sacrifice for this assumption.
+    repo.close
+  end
+  this_repo = ::Dependabot::Linguist::Repository.new(
+    repo_path,
+    repo_name,
+    ignore_linguist: ignore_linguist,
+    verbose: verbose
+  )
+  puts this_repo.directories_per_ecosystem_validated_by_dependabot.to_yaml if ecosystem_directories
+  validator = ::Dependabot::Linguist::DependabotFileValidator.new(
+    repo_path,
+    remove_undiscovered: remove_undiscovered,
+    update_existing: update_existing,
+    minimum_interval: minimum_interval,
+    max_open_pull_requests_limit: max_open_pull_requests_limit,
+    verbose: verbose
+  )
+  if [print_yaml, write_file, submit_pull_request].any? true
+    validator.load_ecosystem_directories(incoming: this_repo.directories_per_ecosystem_validated_by_dependabot)
+  end
+  puts validator.new_config.to_yaml if print_yaml
+  validator.write_new_config if write_file || submit_pull_request
+  validator.commit_new_config if submit_pull_request
+end
+dependabot_linguist(ARGV)