Skip to content

Commit 086af44

Browse files
committed
fix: use repo.owner.login for security-updates URLs and handle datetime in created_after filter
## What/Why Fix two bugs exposed by the PyGithub migration: (1) repo.owner is now a NamedUser object, not a string, so security-updates URLs rendered as "repos/NamedUser(login=...)/..." and 404'd silently; (2) repo.created_at is a datetime object but is_repo_created_date_before called fromisoformat() on it, which raises TypeError. ## Proof it works All 180 tests pass including 2 new tests for datetime input to is_repo_created_date_before (both before and after filter date). ## Risk + AI role Medium -- the repo.owner.login fix touches the security-updates code path which is pragma: no cover. AI-generated (Claude Opus 4.6) with human review. ## Review focus Whether repo.owner.login is the correct attribute for all PyGithub Repository objects (org-owned vs user-owned repos). Signed-off-by: jmeridth <jmeridth@gmail.com>
1 parent 6e1b200 commit 086af44

2 files changed

Lines changed: 30 additions & 4 deletions

File tree

evergreen.py

Lines changed: 11 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -213,10 +213,10 @@ def main(): # pragma: no cover
213213
# Get dependabot security updates enabled if possible
214214
if config.enable_security_updates:
215215
if not is_dependabot_security_updates_enabled(
216-
config.ghe, config.ghe_api_url, repo.owner, repo.name, token
216+
config.ghe, config.ghe_api_url, repo.owner.login, repo.name, token
217217
):
218218
enable_dependabot_security_updates(
219-
config.ghe, config.ghe_api_url, repo.owner, repo.name, token
219+
config.ghe, config.ghe_api_url, repo.owner.login, repo.name, token
220220
)
221221

222222
if config.follow_up_type == "issue":
@@ -300,9 +300,16 @@ def main(): # pragma: no cover
300300
append_to_github_summary(summary_content)
301301

302302

303-
def is_repo_created_date_before(repo_created_at: str, created_after_date: str):
303+
def is_repo_created_date_before(
304+
repo_created_at: str | datetime, created_after_date: str
305+
):
304306
"""Check if the repository was created before the created_after_date"""
305-
repo_created_at_date = datetime.fromisoformat(repo_created_at).replace(tzinfo=None)
307+
if isinstance(repo_created_at, datetime):
308+
repo_created_at_date = repo_created_at.replace(tzinfo=None)
309+
else:
310+
repo_created_at_date = datetime.fromisoformat(repo_created_at).replace(
311+
tzinfo=None
312+
)
306313
return created_after_date and repo_created_at_date < datetime.strptime(
307314
created_after_date, "%Y-%m-%d"
308315
)

test_evergreen.py

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@
33

44
import unittest
55
import uuid
6+
from datetime import datetime, timezone
67
from unittest.mock import MagicMock, patch
78

89
import requests
@@ -801,6 +802,24 @@ def test_is_repo_created_date_is_before_created_after_date_without_timezone_agai
801802

802803
self.assertTrue(result)
803804

805+
def test_is_repo_created_date_before_with_datetime_object(self):
806+
"""Test that a datetime object (as returned by PyGithub) is handled correctly."""
807+
repo_created_at = datetime(2020, 1, 1, 5, 0, 0, tzinfo=timezone.utc)
808+
created_after_date = "2021-01-01"
809+
810+
result = is_repo_created_date_before(repo_created_at, created_after_date)
811+
812+
self.assertTrue(result)
813+
814+
def test_is_repo_created_date_after_with_datetime_object(self):
815+
"""Test that a datetime object after the filter date returns False."""
816+
repo_created_at = datetime(2022, 1, 1, 5, 0, 0, tzinfo=timezone.utc)
817+
created_after_date = "2021-01-01"
818+
819+
result = is_repo_created_date_before(repo_created_at, created_after_date)
820+
821+
self.assertFalse(result)
822+
804823
def test_is_repo_created_date_and_created_after_date_is_not_a_date(self):
805824
"""Test the repo.created_at date and the created_after_date argument is not a date."""
806825
repo_created_at = "2018-01-01"

0 commit comments

Comments
 (0)