Handle branch names containing hyphen separators#450
Conversation
cee26fc to
609e0ae
Compare
src/dependabot/update_metadata.ts
Outdated
| // When a branch delimiter of "-" is used, we need to +1 to end of slice because there is always a hyphen | ||
| // between dependency name and version at the end of the branch name, regardless of configured branch separator. | ||
| // e.g. "fsevents-1.2.13". | ||
| const baseSliceEnd = delim === '-' ? 2 : 1 | ||
| const dirname = `/${chunks.slice(2, -1 * (baseSliceEnd + (dependency['dependency-name'].match(/\//g) || []).length)).join('/') || ''}` |
There was a problem hiding this comment.
The test cases LGTM and this PR makes sense, but I think we should refactor dirname since baseSliceEnd adds some more complexity.
| // When a branch delimiter of "-" is used, we need to +1 to end of slice because there is always a hyphen | |
| // between dependency name and version at the end of the branch name, regardless of configured branch separator. | |
| // e.g. "fsevents-1.2.13". | |
| const baseSliceEnd = delim === '-' ? 2 : 1 | |
| const dirname = `/${chunks.slice(2, -1 * (baseSliceEnd + (dependency['dependency-name'].match(/\//g) || []).length)).join('/') || ''}` | |
| // When a branch delimiter of "-" is used, we need to adjust for the hyphen | |
| // between the dependency name and version at the end of the branch name | |
| // e.g. "fsevents-1.2.13". | |
| const adjustForDelim = delim === '-' ? 2 : 1 | |
| const numDirectorySegments = (dependency['dependency-name'].match(/\//g) || []).length + adjustForDelim | |
| const dirname = `/${chunks.slice(2, -1 * numDirectorySegments).join('/') || ''}` |
There was a problem hiding this comment.
I agree that calculating the directory name needs refactoring - will try to see if I can make it better
There was a problem hiding this comment.
Alright I have tried to refactor it into something that is hopefully easier to follow - open to feedback
| compatScore: await scoreFn(dependency['dependency-name'], lastVersion, nextVersion, chunks[1]), | ||
| maintainerChanges: newMaintainer, | ||
| dependencyGroup: dependencyGroup, | ||
| dependencyGroup, |
There was a problem hiding this comment.
I think we have a weird linter rule that will tell you to do this? Let's ignore it for this PR
| dependencyGroup, | |
| dependencyGroup: dependencyGroup, |
There was a problem hiding this comment.
I will undo this change then
There was a problem hiding this comment.
I know I had asked you to change this, but I was wrong 😭
You had it right the first time. Could you change it back and remove the eslint exception?
There was a problem hiding this comment.
This ESLint rule has been fixed now
| } | ||
|
|
||
| const updatedDependencies = await updateMetadata.parse(commitMessage, body, 'dependabot/nuget/api/main/coffee-rails', 'main', getAlert, getScore) | ||
| const updatedDependencies = await updateMetadata.parse(commitMessage, body, 'dependabot/nuget/api/main/coffee-rails/and/coffeescript', 'main', getAlert, getScore) |
There was a problem hiding this comment.
I think the branch name for this test was incorrect to begin with?
| }) | ||
| .demandCommand(1) | ||
| .help() | ||
| .strict() |
There was a problem hiding this comment.
Adding this option makes the dry run script show an error if you forget to give the "check" argument
| sliceEnd -= 1 | ||
| } | ||
|
|
||
| // If there is more than 1 dependency name being updated, we assume 1 piece of the branch name will be "and". |
|
This LGTM. Before I merge could you undo the eslint exception I commented about in #450 (comment) and could you rebase this branch? It is currently out of date. |
|
Hi! Do you have a plan to merge this changes? Issue still actual |
9514599 to
0626347
Compare
I have undone the ESLint exception as well as rebased the pull request now |
Sorry about this, I failed to notice that this pull request had been approved and was waiting for me to fix up some remaining issues. I have fixed the remaining issues so hopefully there will be no further delay in getting this merged now. |
b4be41a to
a44a9df
Compare
[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [dependabot/fetch-metadata](https://togithub.com/dependabot/fetch-metadata) | action | minor | `v2.0.0` -> `v2.1.0` | --- ### Release Notes <details> <summary>dependabot/fetch-metadata (dependabot/fetch-metadata)</summary> ### [`v2.1.0`](https://togithub.com/dependabot/fetch-metadata/releases/tag/v2.1.0) [Compare Source](https://togithub.com/dependabot/fetch-metadata/compare/v2.0.0...v2.1.0) #### What's Changed - Relax `engine-strict=true` by [@​jeffwidman](https://togithub.com/jeffwidman) in [https://github.com/dependabot/fetch-metadata/pull/510](https://togithub.com/dependabot/fetch-metadata/pull/510) - Handle branch names containing hyphen separators by [@​tspencer244](https://togithub.com/tspencer244) in [https://github.com/dependabot/fetch-metadata/pull/450](https://togithub.com/dependabot/fetch-metadata/pull/450) - Switch to monthly release cadence by [@​jeffwidman](https://togithub.com/jeffwidman) in [https://github.com/dependabot/fetch-metadata/pull/509](https://togithub.com/dependabot/fetch-metadata/pull/509) - v2.1.0 by [@​fetch-metadata-action-automation](https://togithub.com/fetch-metadata-action-automation) in [https://github.com/dependabot/fetch-metadata/pull/518](https://togithub.com/dependabot/fetch-metadata/pull/518) #### New Contributors - [@​tspencer244](https://togithub.com/tspencer244) made their first contribution in [https://github.com/dependabot/fetch-metadata/pull/450](https://togithub.com/dependabot/fetch-metadata/pull/450) **Full Changelog**: dependabot/fetch-metadata@v2.0.0...v2.1.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "after 11pm every weekday,before 7am every weekday,every weekend" in timezone Europe/Brussels, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/kairos-io/provider-kairos). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMTMuMSIsInVwZGF0ZWRJblZlciI6IjM3LjMxMy4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
This fixes an issue for me where I was not receiving anything for "alert-state" on Dependabot pull requests despite them being associated with a Dependabot alert.
I believe the issue is caused from how the directory name is derived from the git branch name, when a hyphen is used for the branch separator.
I think the Dependabot alert processing code appears to be looking for a match between the derived-from-branch package manifest file path and actual path on the Dependabot alert, so it never matches due to incorrectly derived base directory.
Before my changes, a branch name of
dependabot-npm_and_yarn-nested-nested-fsevents-1.2.13would say the directory is/fsevents.My assumptions:
/nested/nested/ecosystem.json, the branch name that uses hyphen separators would bedependabot-ecosystem-nested-nested-dependency-1.2.3