From 73b409a38f63820506519eeea0f1da1377b3e454 Mon Sep 17 00:00:00 2001 From: Hemil K Date: Fri, 6 Sep 2024 10:50:53 -0700 Subject: [PATCH 1/6] Update evergreen.py --- evergreen.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/evergreen.py b/evergreen.py index f5b5e6a..33fc0e8 100644 --- a/evergreen.py +++ b/evergreen.py @@ -107,7 +107,7 @@ def main(): # pragma: no cover dependabot_file = build_dependabot_file( repo, group_dependencies, - exempt_ecosystems, + exempt_ecosystems.copy(), repo_specific_exemptions, existing_config, ) From 2dca5714e2db960fb02def5e1dbb6e6ab739ceeb Mon Sep 17 00:00:00 2001 From: Hemil K Date: Fri, 6 Sep 2024 14:53:49 -0700 Subject: [PATCH 2/6] Update evergreen.py --- evergreen.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/evergreen.py b/evergreen.py index 33fc0e8..f5b5e6a 100644 --- a/evergreen.py +++ b/evergreen.py @@ -107,7 +107,7 @@ def main(): # pragma: no cover dependabot_file = build_dependabot_file( repo, group_dependencies, - exempt_ecosystems.copy(), + exempt_ecosystems, repo_specific_exemptions, existing_config, ) From a976ef122db79803a22d0dc5ef9a048a7227836d Mon Sep 17 00:00:00 2001 From: Hemil K Date: Fri, 6 Sep 2024 14:54:49 -0700 Subject: [PATCH 3/6] Update dependabot_file.py --- dependabot_file.py | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/dependabot_file.py b/dependabot_file.py index 8e818f8..d0b406f 100644 --- a/dependabot_file.py +++ b/dependabot_file.py @@ -65,7 +65,8 @@ def build_dependabot_file( "github-actions": False, } DEFAULT_INDENT = 2 # pylint: disable=invalid-name - + # create a local copy in order to avoid overwriting the global exemption list + exempt_ecosystems_list = exempt_ecosystems.copy() if existing_config: dependabot_file = existing_config.decoded.decode("utf-8") ecosystem_line = next( @@ -86,14 +87,14 @@ def build_dependabot_file( updates: """ - add_existing_ecosystem_to_exempt_list(exempt_ecosystems, existing_config) + add_existing_ecosystem_to_exempt_list(exempt_ecosystems_list, existing_config) # If there are repository specific exemptions, # overwrite the global exemptions for this repo only if repo_specific_exemptions and repo.full_name in repo_specific_exemptions: - exempt_ecosystems = [] + exempt_ecosystems_list = [] for ecosystem in repo_specific_exemptions[repo.full_name]: - exempt_ecosystems.append(ecosystem) + exempt_ecosystems_list.append(ecosystem) package_managers = { "bundler": ["Gemfile", "Gemfile.lock"], @@ -118,7 +119,7 @@ def build_dependabot_file( # Detect package managers where manifest files have known names for manager, manifest_files in package_managers.items(): - if manager in exempt_ecosystems: + if manager in exempt_ecosystems_list: continue for file in manifest_files: try: @@ -132,7 +133,7 @@ def build_dependabot_file( pass # detect package managers with variable file names - if "terraform" not in exempt_ecosystems: + if "terraform" not in exempt_ecosystems_list: try: for file in repo.directory_contents("/"): if file[0].endswith(".tf"): @@ -143,7 +144,7 @@ def build_dependabot_file( break except github3.exceptions.NotFoundError: pass - if "github-actions" not in exempt_ecosystems: + if "github-actions" not in exempt_ecosystems_list: try: for file in repo.directory_contents(".github/workflows"): if file[0].endswith(".yml") or file[0].endswith(".yaml"): From 0d9da227776c9b68054914fd80f555287f8209a1 Mon Sep 17 00:00:00 2001 From: Hemil K Date: Fri, 6 Sep 2024 14:55:07 -0700 Subject: [PATCH 4/6] Update test_dependabot_file.py --- test_dependabot_file.py | 62 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) diff --git a/test_dependabot_file.py b/test_dependabot_file.py index 36b80b6..e12e008 100644 --- a/test_dependabot_file.py +++ b/test_dependabot_file.py @@ -387,6 +387,68 @@ def test_add_existing_ecosystem_to_exempt_list(self): for ecosystem in exempt_ecosystems: self.assertIn(ecosystem, exempt_ecosystems) + def test_build_dependabot_file_for_multiple_repos_with_few_existing_config(self): + """ + Test the case where there are multiple repos with few existing dependabot config + """ + existing_config_repo = MagicMock() + existing_config_repo.file_contents.side_effect = lambda f, filename="Gemfile": f == filename + + existing_config = MagicMock() + existing_config.decoded = b'---\nversion: 2\nupdates:\n - package-ecosystem: "bundler"\n\ + directory: "/"\n schedule:\n interval: "weekly"\n commit-message:\n prefix: "chore(deps)"\n' + exempt_ecosystems = [] + result = build_dependabot_file(existing_config_repo, False, exempt_ecosystems, {}, existing_config) + self.assertEqual(result, None) + + no_existing_config_repo = MagicMock() + filename_list = ["package.json", "package-lock.json", "yarn.lock"] + for filename in filename_list: + no_existing_config_repo.file_contents.side_effect = lambda f, filename=filename: f == filename + expected_result = """--- +version: 2 +updates: + - package-ecosystem: 'npm' + directory: '/' + schedule: + interval: 'weekly' +""" + result = build_dependabot_file(no_existing_config_repo, False, exempt_ecosystems, {}, None) + self.assertEqual(result, expected_result) + + def test_check_multiple_repos_with_no_dependabot_config(self): + """ + Test the case where there is a single repo + """ + mock_repo_1 = MagicMock() + mock_repo_1.file_contents.side_effect = lambda filename: filename == "go.mod" + + expected_result = """--- +version: 2 +updates: + - package-ecosystem: 'gomod' + directory: '/' + schedule: + interval: 'weekly' +""" + exempt_ecosystems = [] + result = build_dependabot_file(mock_repo_1, False, exempt_ecosystems, {}, None) + self.assertEqual(result, expected_result) + + no_existing_config_repo = MagicMock() + filename_list = ["package.json", "package-lock.json", "yarn.lock"] + for filename in filename_list: + no_existing_config_repo.file_contents.side_effect = lambda f, filename=filename: f == filename + expected_result = """--- +version: 2 +updates: + - package-ecosystem: 'npm' + directory: '/' + schedule: + interval: 'weekly' +""" + result = build_dependabot_file(no_existing_config_repo, False, exempt_ecosystems, {}, None) + self.assertEqual(result, expected_result) if __name__ == "__main__": unittest.main() From fe3cd9939b2d357abeed1864ae4140441c75eaa0 Mon Sep 17 00:00:00 2001 From: Hemil K Date: Fri, 6 Sep 2024 16:30:05 -0700 Subject: [PATCH 5/6] Update test_dependabot_file.py --- test_dependabot_file.py | 1 + 1 file changed, 1 insertion(+) diff --git a/test_dependabot_file.py b/test_dependabot_file.py index e12e008..7940176 100644 --- a/test_dependabot_file.py +++ b/test_dependabot_file.py @@ -450,5 +450,6 @@ def test_check_multiple_repos_with_no_dependabot_config(self): result = build_dependabot_file(no_existing_config_repo, False, exempt_ecosystems, {}, None) self.assertEqual(result, expected_result) + if __name__ == "__main__": unittest.main() From 34bc2c2bcc9fee1b0b2ca5ca96ef0e5e117c331b Mon Sep 17 00:00:00 2001 From: Hemil K Date: Fri, 6 Sep 2024 21:38:13 -0700 Subject: [PATCH 6/6] fix lint error --- test_dependabot_file.py | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/test_dependabot_file.py b/test_dependabot_file.py index 7940176..9c4e427 100644 --- a/test_dependabot_file.py +++ b/test_dependabot_file.py @@ -392,19 +392,25 @@ def test_build_dependabot_file_for_multiple_repos_with_few_existing_config(self) Test the case where there are multiple repos with few existing dependabot config """ existing_config_repo = MagicMock() - existing_config_repo.file_contents.side_effect = lambda f, filename="Gemfile": f == filename + existing_config_repo.file_contents.side_effect = ( + lambda f, filename="Gemfile": f == filename + ) existing_config = MagicMock() existing_config.decoded = b'---\nversion: 2\nupdates:\n - package-ecosystem: "bundler"\n\ directory: "/"\n schedule:\n interval: "weekly"\n commit-message:\n prefix: "chore(deps)"\n' exempt_ecosystems = [] - result = build_dependabot_file(existing_config_repo, False, exempt_ecosystems, {}, existing_config) + result = build_dependabot_file( + existing_config_repo, False, exempt_ecosystems, {}, existing_config + ) self.assertEqual(result, None) no_existing_config_repo = MagicMock() filename_list = ["package.json", "package-lock.json", "yarn.lock"] for filename in filename_list: - no_existing_config_repo.file_contents.side_effect = lambda f, filename=filename: f == filename + no_existing_config_repo.file_contents.side_effect = ( + lambda f, filename=filename: f == filename + ) expected_result = """--- version: 2 updates: @@ -413,7 +419,9 @@ def test_build_dependabot_file_for_multiple_repos_with_few_existing_config(self) schedule: interval: 'weekly' """ - result = build_dependabot_file(no_existing_config_repo, False, exempt_ecosystems, {}, None) + result = build_dependabot_file( + no_existing_config_repo, False, exempt_ecosystems, {}, None + ) self.assertEqual(result, expected_result) def test_check_multiple_repos_with_no_dependabot_config(self): @@ -438,7 +446,9 @@ def test_check_multiple_repos_with_no_dependabot_config(self): no_existing_config_repo = MagicMock() filename_list = ["package.json", "package-lock.json", "yarn.lock"] for filename in filename_list: - no_existing_config_repo.file_contents.side_effect = lambda f, filename=filename: f == filename + no_existing_config_repo.file_contents.side_effect = ( + lambda f, filename=filename: f == filename + ) expected_result = """--- version: 2 updates: @@ -447,7 +457,9 @@ def test_check_multiple_repos_with_no_dependabot_config(self): schedule: interval: 'weekly' """ - result = build_dependabot_file(no_existing_config_repo, False, exempt_ecosystems, {}, None) + result = build_dependabot_file( + no_existing_config_repo, False, exempt_ecosystems, {}, None + ) self.assertEqual(result, expected_result)