Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add support for refreshing a grouped security update #8497

Merged
merged 2 commits into from
Nov 30, 2023
Merged

add support for refreshing a grouped security update #8497

Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
6b9fc18
add support for refreshing a grouped security update
jakecoffman Nov 30, 2023
5b662e7
lint
jakecoffman Nov 30, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Next Next commit
add support for refreshing a grouped security update
  • Loading branch information
@jakecoffman
jakecoffman committed Nov 30, 2023
commit 6b9fc181bf56431fb487f4e16c08a8d7ea36e0ec
73 changes: 49 additions & 24 deletions updater/lib/dependabot/updater/operations/refresh_group_security_update_pull_request.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,34 +38,21 @@ def initialize(service:, job:, dependency_snapshot:, error_handler:)
end

def perform
Dependabot.logger.info("Starting security update job for #{job.source.repo}")
Dependabot.logger.info("Starting a refresh of grouped security update for #{job.source.repo}")
return record_security_update_dependency_not_found if dependency_snapshot.job_dependencies.empty?

target_dependencies = dependency_snapshot.job_dependencies

if target_dependencies.empty?
record_security_update_dependency_not_found
else
# make a temporary fake group to use the existing logic
group = Dependabot::DependencyGroup.new(
name: "#{job.package_manager} at #{job.source.directory || '/'} security update",
rules: {
"patterns" => "*" # The grouping is more dictated by the dependencies passed in.
}
)
target_dependencies.each do |dep|
group.dependencies << dep
end

dependency_change = compile_all_dependency_changes_for(group)

if dependency_change.updated_dependencies.any?
if dependency_change.updated_dependencies.any?
Dependabot.logger.info("Upserting pull request for '#{group.name}'")
begin
upsert_pull_request_with_error_handling(dependency_change, group)
else
Dependabot.logger.info("Nothing to update for Dependency Group: '#{group.name}'")
rescue StandardError => e
error_handler.handle_job_error(error: e, dependency_group: group)
end

dependency_change
else
Dependabot.logger.info("Nothing to update for Dependency Group: '#{group.name}'")
end

dependency_change
end

private
Expand All @@ -75,6 +62,44 @@ def perform
:dependency_snapshot,
:error_handler,
:created_pull_requests


def group
return @group if defined?(@group)

# make a temporary fake group to use the existing logic
@group = Dependabot::DependencyGroup.new(
name: "#{job.package_manager} at #{job.source.directory || '/'} security update",
rules: {
"patterns" => "*" # The grouping is more dictated by the dependencies passed in.
}
)
dependency_snapshot.job_dependencies.each do |dep|
@group.dependencies << dep
end
@group
end

def dependency_change
return @dependency_change if defined?(@dependency_change)

if job.source.directories.nil?
@dependency_change = compile_all_dependency_changes_for(group)
else
dependency_changes = job.source.directories.map do |directory|
job.source.directory = directory
# Fixes not updating because it already updated in a previous group
dependency_snapshot.handled_dependencies.clear
compile_all_dependency_changes_for(group)
end

# merge the changes together into one
@dependency_change = dependency_changes.first
@dependency_change.merge_changes!(dependency_changes[1..-1]) if dependency_changes.count > 1
@dependency_change
end
end

end
end
end
Expand Down
Loading