From 5ac6f65ea2b87811ca954293d233e818257953c6 Mon Sep 17 00:00:00 2001 From: Kurt McKee Date: Mon, 15 Jul 2024 08:04:34 -0500 Subject: [PATCH 1/2] Revert "Add pip-compile to dependabot-2.0.json (#3580)" This reverts commit 9addce7dbcb47fbd5272fbea8fdbe94069b26b99. pip-compile is the name of the tool supported by Dependabot. It is not a valid string value. --- src/schemas/json/dependabot-2.0.json | 1 - 1 file changed, 1 deletion(-) diff --git a/src/schemas/json/dependabot-2.0.json b/src/schemas/json/dependabot-2.0.json index eff360b1267..5446bd758fb 100644 --- a/src/schemas/json/dependabot-2.0.json +++ b/src/schemas/json/dependabot-2.0.json @@ -663,7 +663,6 @@ "npm", "nuget", "pip", - "pip-compile", "pub", "swift", "terraform" From 5ea057ded457f47a8cffa05a5b468f90f4da337d Mon Sep 17 00:00:00 2001 From: Kurt McKee Date: Mon, 15 Jul 2024 08:15:15 -0500 Subject: [PATCH 2/2] Dependabot 2.0: Add negative tests for tool names This may help prevent confusion surrounding tool names being listed in the documentation (like "pip-compile") that are invalid YAML values and must instead be configured with a specific YAML (like "pip"). --- ...osystem-tool-name-not-yaml-value-elm-package.json | 12 ++++++++++++ ...ckage-ecosystem-tool-name-not-yaml-value-hex.json | 12 ++++++++++++ ...osystem-tool-name-not-yaml-value-pip-compile.json | 12 ++++++++++++ ...ge-ecosystem-tool-name-not-yaml-value-pipenv.json | 12 ++++++++++++ ...kage-ecosystem-tool-name-not-yaml-value-pnpm.json | 12 ++++++++++++ ...ge-ecosystem-tool-name-not-yaml-value-poetry.json | 12 ++++++++++++ ...kage-ecosystem-tool-name-not-yaml-value-yarn.json | 12 ++++++++++++ 7 files changed, 84 insertions(+) create mode 100644 src/negative_test/dependabot-2.0/package-ecosystem-tool-name-not-yaml-value-elm-package.json create mode 100644 src/negative_test/dependabot-2.0/package-ecosystem-tool-name-not-yaml-value-hex.json create mode 100644 src/negative_test/dependabot-2.0/package-ecosystem-tool-name-not-yaml-value-pip-compile.json create mode 100644 src/negative_test/dependabot-2.0/package-ecosystem-tool-name-not-yaml-value-pipenv.json create mode 100644 src/negative_test/dependabot-2.0/package-ecosystem-tool-name-not-yaml-value-pnpm.json create mode 100644 src/negative_test/dependabot-2.0/package-ecosystem-tool-name-not-yaml-value-poetry.json create mode 100644 src/negative_test/dependabot-2.0/package-ecosystem-tool-name-not-yaml-value-yarn.json diff --git a/src/negative_test/dependabot-2.0/package-ecosystem-tool-name-not-yaml-value-elm-package.json b/src/negative_test/dependabot-2.0/package-ecosystem-tool-name-not-yaml-value-elm-package.json new file mode 100644 index 00000000000..b7c6fd346b8 --- /dev/null +++ b/src/negative_test/dependabot-2.0/package-ecosystem-tool-name-not-yaml-value-elm-package.json @@ -0,0 +1,12 @@ +{ + "updates": [ + { + "directory": "/", + "package-ecosystem": "elm-package", + "schedule": { + "interval": "monthly" + } + } + ], + "version": 2 +} diff --git a/src/negative_test/dependabot-2.0/package-ecosystem-tool-name-not-yaml-value-hex.json b/src/negative_test/dependabot-2.0/package-ecosystem-tool-name-not-yaml-value-hex.json new file mode 100644 index 00000000000..76c6056be11 --- /dev/null +++ b/src/negative_test/dependabot-2.0/package-ecosystem-tool-name-not-yaml-value-hex.json @@ -0,0 +1,12 @@ +{ + "updates": [ + { + "directory": "/", + "package-ecosystem": "hex", + "schedule": { + "interval": "monthly" + } + } + ], + "version": 2 +} diff --git a/src/negative_test/dependabot-2.0/package-ecosystem-tool-name-not-yaml-value-pip-compile.json b/src/negative_test/dependabot-2.0/package-ecosystem-tool-name-not-yaml-value-pip-compile.json new file mode 100644 index 00000000000..d0596651ef6 --- /dev/null +++ b/src/negative_test/dependabot-2.0/package-ecosystem-tool-name-not-yaml-value-pip-compile.json @@ -0,0 +1,12 @@ +{ + "updates": [ + { + "directory": "/", + "package-ecosystem": "pip-compile", + "schedule": { + "interval": "monthly" + } + } + ], + "version": 2 +} diff --git a/src/negative_test/dependabot-2.0/package-ecosystem-tool-name-not-yaml-value-pipenv.json b/src/negative_test/dependabot-2.0/package-ecosystem-tool-name-not-yaml-value-pipenv.json new file mode 100644 index 00000000000..cced0c63e26 --- /dev/null +++ b/src/negative_test/dependabot-2.0/package-ecosystem-tool-name-not-yaml-value-pipenv.json @@ -0,0 +1,12 @@ +{ + "updates": [ + { + "directory": "/", + "package-ecosystem": "pipenv", + "schedule": { + "interval": "monthly" + } + } + ], + "version": 2 +} diff --git a/src/negative_test/dependabot-2.0/package-ecosystem-tool-name-not-yaml-value-pnpm.json b/src/negative_test/dependabot-2.0/package-ecosystem-tool-name-not-yaml-value-pnpm.json new file mode 100644 index 00000000000..3f9f0d1798e --- /dev/null +++ b/src/negative_test/dependabot-2.0/package-ecosystem-tool-name-not-yaml-value-pnpm.json @@ -0,0 +1,12 @@ +{ + "updates": [ + { + "directory": "/", + "package-ecosystem": "pnpm", + "schedule": { + "interval": "monthly" + } + } + ], + "version": 2 +} diff --git a/src/negative_test/dependabot-2.0/package-ecosystem-tool-name-not-yaml-value-poetry.json b/src/negative_test/dependabot-2.0/package-ecosystem-tool-name-not-yaml-value-poetry.json new file mode 100644 index 00000000000..0d581f28ac6 --- /dev/null +++ b/src/negative_test/dependabot-2.0/package-ecosystem-tool-name-not-yaml-value-poetry.json @@ -0,0 +1,12 @@ +{ + "updates": [ + { + "directory": "/", + "package-ecosystem": "poetry", + "schedule": { + "interval": "monthly" + } + } + ], + "version": 2 +} diff --git a/src/negative_test/dependabot-2.0/package-ecosystem-tool-name-not-yaml-value-yarn.json b/src/negative_test/dependabot-2.0/package-ecosystem-tool-name-not-yaml-value-yarn.json new file mode 100644 index 00000000000..258eb96f209 --- /dev/null +++ b/src/negative_test/dependabot-2.0/package-ecosystem-tool-name-not-yaml-value-yarn.json @@ -0,0 +1,12 @@ +{ + "updates": [ + { + "directory": "/", + "package-ecosystem": "yarn", + "schedule": { + "interval": "monthly" + } + } + ], + "version": 2 +}