Skip to content

Commit

Permalink
Strict type `Dependabot::PullRequestCreator::MessageBuilder::Metadata…
Browse files Browse the repository at this point in the history
…Presenter`
  • Loading branch information
JamieMagee committed Jan 30, 2024
1 parent ff9cd8d commit ad6e0b7
Showing 1 changed file with 50 additions and 9 deletions.
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# typed: true
# typed: strict
# frozen_string_literal: true

require "sorbet-runtime"
Expand All @@ -11,8 +11,20 @@ class MetadataPresenter
extend T::Sig
extend Forwardable

attr_reader :dependency, :source, :metadata_finder,
:vulnerabilities_fixed, :github_redirection_service
sig { returns(Dependabot::Dependency) }
attr_reader :dependency

sig { returns(Dependabot::Source) }
attr_reader :source

sig { returns(Dependabot::MetadataFinders::Base) }
attr_reader :metadata_finder

sig { returns(T.nilable(T::Array[T::Hash[String, String]])) }
attr_reader :vulnerabilities_fixed

sig { returns(T.nilable(String)) }
attr_reader :github_redirection_service

def_delegators :metadata_finder,
:changelog_url,
Expand All @@ -26,6 +38,16 @@ class MetadataPresenter
:upgrade_guide_url,
:upgrade_guide_text

sig do
params(
dependency: Dependabot::Dependency,
source: Dependabot::Source,
metadata_finder: Dependabot::MetadataFinders::Base,
vulnerabilities_fixed: T.nilable(T::Array[T::Hash[String, String]]),
github_redirection_service: T.nilable(String)
)
.void
end
def initialize(dependency:, source:, metadata_finder:,
vulnerabilities_fixed:, github_redirection_service:)
@dependency = dependency
Expand All @@ -35,6 +57,7 @@ def initialize(dependency:, source:, metadata_finder:,
@github_redirection_service = github_redirection_service
end

sig { returns(String) }
def to_s
msg = ""
msg += vulnerabilities_cascade
Expand All @@ -49,11 +72,12 @@ def to_s

private

sig { returns(String) }
def vulnerabilities_cascade
return "" unless vulnerabilities_fixed&.any?

msg = ""
vulnerabilities_fixed.each do |v|
T.must(vulnerabilities_fixed).each do |v|
msg += serialized_vulnerability_details(v)
end

Expand All @@ -63,6 +87,7 @@ def vulnerabilities_cascade
build_details_tag(summary: "Vulnerabilities fixed", body: msg)
end

sig { returns(String) }
def release_cascade
return "" unless releases_text && releases_url

Expand All @@ -80,6 +105,7 @@ def release_cascade
build_details_tag(summary: "Release notes", body: msg)
end

sig { returns(String) }
def changelog_cascade
return "" unless changelog_url && changelog_text

Expand All @@ -95,6 +121,7 @@ def changelog_cascade
build_details_tag(summary: "Changelog", body: msg)
end

sig { returns(String) }
def upgrade_guide_cascade
return "" unless upgrade_guide_url && upgrade_guide_text

Expand All @@ -110,6 +137,7 @@ def upgrade_guide_cascade
build_details_tag(summary: "Upgrade guide", body: msg)
end

sig { returns(String) }
def commits_cascade
return "" unless commits_url && commits

Expand Down Expand Up @@ -138,6 +166,7 @@ def commits_cascade
build_details_tag(summary: "Commits", body: msg)
end

sig { returns(String) }
def maintainer_changes_cascade
return "" unless maintainer_changes

Expand All @@ -147,6 +176,7 @@ def maintainer_changes_cascade
)
end

sig { params(summary: String, body: String).returns(String) }
def build_details_tag(summary:, body:)
# Bitbucket does not support <details> tag (https://jira.atlassian.com/browse/BCLOUD-20231)
# CodeCommit does not support the <details> tag (no url available)
Expand All @@ -159,10 +189,11 @@ def build_details_tag(summary:, body:)
end
end

sig { params(details: T::Hash[String, String]).returns(String) }
def serialized_vulnerability_details(details)
msg = vulnerability_source_line(details)

msg += "> **#{details['title'].lines.map(&:strip).join(' ')}**\n" if details["title"]
msg += "> **#{T.must(details['title']).lines.map(&:strip).join(' ')}**\n" if details["title"]

if (description = details["description"])
description.strip.lines.first(20).each { |line| msg += "> #{line}" }
Expand All @@ -175,6 +206,7 @@ def serialized_vulnerability_details(details)
msg + "\n"
end

sig { params(details: T::Hash[String, String]).returns(String) }
def vulnerability_source_line(details)
if details["source_url"] && details["source_name"]
"*Sourced from [#{details['source_name']}]" \
Expand All @@ -186,6 +218,7 @@ def vulnerability_source_line(details)
end
end

sig { params(details: T::Hash[String, T.untyped]).returns(String) }
def vulnerability_version_range_lines(details)
msg = ""
%w(
Expand All @@ -203,18 +236,20 @@ def vulnerability_version_range_lines(details)
msg
end

sig { params(text: String).returns(String) }
def link_issues(text:)
IssueLinker
.new(source_url: source_url)
.link_issues(text: text)
end

sig { params(text: String, base_url: String).returns(String) }
def fix_relative_links(text:, base_url:)
text.gsub(/\[.*?\]\([^)]+\)/) do |link|
next link if link.include?("://")

relative_path = link.match(/\((.*?)\)/).captures.last
base = base_url.split("://").last.gsub(%r{[^/]*$}, "")
relative_path = T.must(T.must(link.match(/\((.*?)\)/)).captures.last)
base = T.must(base_url.split("://").last).gsub(%r{[^/]*$}, "")
path = File.join(base, relative_path)
absolute_path =
base_url.sub(
Expand All @@ -225,6 +260,7 @@ def fix_relative_links(text:, base_url:)
end
end

sig { params(text: String, limit: Integer).returns(String) }
def quote_and_truncate(text, limit: 50)
lines = text.split("\n")
lines.first(limit).tap do |limited_lines|
Expand All @@ -233,32 +269,37 @@ def quote_and_truncate(text, limit: 50)
end.join
end

sig { returns(String) }
def truncated_line
# Tables can spill out of truncated details, so we close them
"></tr></table> \n ... (truncated)\n"
end

sig { returns(String) }
def break_tag
source_provider_supports_html? ? "\n<br />" : "\n\n"
end

sig { returns(T::Boolean) }
def source_provider_supports_html?
!%w(bitbucket codecommit).include?(source.provider)
end

sig { params(text: String, unsafe: T::Boolean).returns(String) }
def sanitize_links_and_mentions(text, unsafe: false)
LinkAndMentionSanitizer
.new(github_redirection_service: github_redirection_service)
.sanitize_links_and_mentions(text: text, unsafe: unsafe, format_html: source_provider_supports_html?)
end

sig { params(text: String).returns(String) }
def sanitize_template_tags(text)
text.gsub(/\<.*?\>/) do |tag|
tag_contents = tag.match(/\<(.*?)\>/).captures.first.strip
tag_contents = tag.match(/\<(.*?)\>/)&.captures&.first&.strip

# Unclosed calls to template overflow out of the blockquote block,
# wrecking the rest of our PRs. Other tags don't share this problem.
next "\\#{tag}" if tag_contents.start_with?("template")
next "\\#{tag}" if tag_contents&.start_with?("template")

tag
end
Expand Down

0 comments on commit ad6e0b7

Please sign in to comment.