-
Notifications
You must be signed in to change notification settings - Fork 950
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
dry-run: generate ignored versions from "update-types" #3513
Conversation
f4e9669
to
80b93ec
Compare
80b93ec
to
7375421
Compare
Ops thanks for flagging!
…On Wed, 21 Apr 2021 at 17:41, Pete Wagner ***@***.***> wrote:
***@***.**** commented on this pull request.
------------------------------
In common/lib/dependabot/config/ignore_condition.rb
<#3513 (comment)>
:
> + private
+
+ def versions_by_type(dep)
+ case @update_types.first # FIXME: flatmap
+ when :ignore_patch_versions
+ [ignore_version(dep.version, 4)]
+ when :ignore_minor_versions
+ [ignore_version(dep.version, 3)]
+ when :ignore_major_versions
+ [ignore_version(dep.version, 2)]
+ else
+ []
+ end
+ end
+
+ def ignore_version(version, precision)
That link 404s for our external friends :/
I think the equivalent "a" for pre-release is on L46, I'll include
pre-release considerations in the test suite.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#3513 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAAE5RPOUNQSGJLB5WBHCBDTJ3545ANCNFSM43GCOA3A>
.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I marked RFR as this is code complete and roughly what I was going for.
As noted, the way conditions are aggregated needs some attention:
- What if there are multiple matches with identical
update-types:
? - What if there are multiple matches with different
update-types:
? - What if there are
update-types:
andversions:
?
This definitely isn't shippable, but is a worthy iteration.
select { |ic| ic.dependency_name == dep.name }. # FIXME: wildcard support | ||
map(&:versions). | ||
select { |ic| ic.dependency_name == dependency.name }. # FIXME: wildcard support | ||
map { |ic| ic.ignored_versions(dependency) }. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Concern: as I as alluding to in https://github.com/dependabot/dependabot-core/pull/3536/files#r617772124 , this isn't going to behave when multiple conditions match the target dependency...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not sure I follow, do we have a test case for this that will fail currently?
I was looking at moving the dependency name checking into the IgnoreCondition class but would mean returning an empty ignored_versions
if the dependency name doesn't match the ic.dependency_name
which seems confusing to me but unsure if I'm missing something else?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this isn't going to behave when multiple conditions match the target dependency
Is this case tested here?: https://github.com/dependabot/dependabot-core/pull/3513/files#diff-1bee1e376554d0d150b3a22f7b1ca87ac8d9de442cebf942c2f0e3f7fcc50c04R56
ignored = reqs.any? { |req| req.satisfied_by?(version) } | ||
expect(ignored).to eq(true), "Expected #{v} to be ignored, but was allowed" | ||
end | ||
end |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice test helpers 👍
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is looking good! Tests are real clear and easy to follow 💯
I've been testing this on dry-runs and it's working well 🎉 Should we ship this and start incorporating in updater? Not sure if it's worth refactoring the wildcard matching as I see it possibly being more confusing having the dependency name filtering done in the individual IgnoreCondition but might have missed some edge-case that's not working.
Tried to add some tests around this. Added a uniq on the generated version requirements but seems to work? 🤔 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've been testing a bunch of dry-runs with different ignore setups and looking good so far! 🚢
This was a thing before the refactor - it was replaced with `try { Integer(x) } catch (ArgumentError e) {}`, to handle this case. Co-authored-by: Philip Harrison <philip@mailharrison.com>
Continuing #3512 and #3525 , this migrates
Dependabot::Config::UpdateConfig::IgnoreCondition
toDependabot::Config::IgnoreCondition
, and amends the#ignored_versions()
function to support dynamically ignored version ranges, as specified by #2219 (comment) .This iteration supports the functionality via the
dry-run.rb
script, 🎉 . Dependabot doesn't yet recognize the syntax, but it will parse a.github/dependabot.yaml
configuration file:Related