diff --git a/go_modules/lib/dependabot/go_modules/file_updater/go_mod_updater.rb b/go_modules/lib/dependabot/go_modules/file_updater/go_mod_updater.rb index 28ed8b26292..96959a57b91 100644 --- a/go_modules/lib/dependabot/go_modules/file_updater/go_mod_updater.rb +++ b/go_modules/lib/dependabot/go_modules/file_updater/go_mod_updater.rb @@ -66,6 +66,12 @@ class GoModUpdater /Out of diskspace/ ].freeze, T::Array[Regexp]) + GO_LANG = "Go" + + AMBIGUOUS_ERROR_MESSAGE = /ambiguous import: found package (?.*) in multiple modules/ + + GO_VERSION_MISMATCH = /requires go (?.*) .*running go (?.*);/ + GO_MOD_VERSION = /^go 1\.\d+(\.\d+)?$/ sig do @@ -292,6 +298,8 @@ def substitute_all(substitutions) write_go_mod(body) end + # rubocop:disable Metrics/AbcSize + # rubocop:disable Metrics/PerceivedComplexity sig { params(stderr: String).returns(T.noreturn) } def handle_subprocess_error(stderr) # rubocop:disable Metrics/AbcSize stderr = stderr.gsub(Dir.getwd, "") @@ -323,10 +331,21 @@ def handle_subprocess_error(stderr) # rubocop:disable Metrics/AbcSize raise Dependabot::OutOfDisk.new, error_message end + if (matches = stderr.match(AMBIGUOUS_ERROR_MESSAGE)) + raise Dependabot::DependencyFileNotResolvable, matches[:package] + end + + if (matches = stderr.match(GO_VERSION_MISMATCH)) + raise Dependabot::ToolVersionNotSupported.new(GO_LANG, T.must(matches[:current_ver]), + T.must(matches[:req_ver])) + end + # We don't know what happened so we raise a generic error msg = stderr.lines.last(10).join.strip raise Dependabot::DependabotError, msg end + # rubocop:enable Metrics/AbcSize + # rubocop:enable Metrics/PerceivedComplexity sig { params(message: String, regex: Regexp).returns(String) } def filter_error_message(message:, regex:) diff --git a/go_modules/spec/dependabot/go_modules/file_updater/go_mod_updater_spec.rb b/go_modules/spec/dependabot/go_modules/file_updater/go_mod_updater_spec.rb index 209a3119e05..70a290f5888 100644 --- a/go_modules/spec/dependabot/go_modules/file_updater/go_mod_updater_spec.rb +++ b/go_modules/spec/dependabot/go_modules/file_updater/go_mod_updater_spec.rb @@ -953,6 +953,35 @@ expect(error.message).to include("write error. Out of diskspace") end end + + it "detects 'ambiguous package'" do + stderr = <<~ERROR + go: downloading google.golang.org/grpc v1.70.0 + go: github.com/terraform-linters/tflint imports + github.com/terraform-linters/tflint/cmd imports + github.com/terraform-linters/tflint-ruleset-terraform/rules imports + github.com/hashicorp/go-getter imports + cloud.google.com/go/storage imports + google.golang.org: ambiguous import: found package google.golang.org/grpc/stats/otl in multiple modules: + google.golang.org/grpc v1.69.2 (/home/dependabot/go/pkg/mod/stats/opentelemetry) + ERROR + + expect do + updater.send(:handle_subprocess_error, stderr) + end.to raise_error(Dependabot::DependencyFileNotResolvable) + end + + it "detects 'ToolVersionNotSupported'" do + stderr = <<~ERROR + go: downloading google.golang.org/grpc v1.67.3 + go: downloading google.golang.org/grpc v1.70.0 + go: google.golang.org/grpc/stats/otl@v0.0.0-87961b3 requires go >= 1.22.7 (running go 1.22.5; CUAIN=local+auto) + ERROR + + expect do + updater.send(:handle_subprocess_error, stderr) + end.to raise_error(Dependabot::ToolVersionNotSupported) + end end end end