New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix Duplicate Dependencies Showing in PR summary table #9436
Fix Duplicate Dependencies Showing in PR summary table #9436
Conversation
I started searching about why we are getting duplicate dependencies and got my answer here so made changes in the message builder. #<Dependabot::Dependency:0x0000ffffa6e74c48
@metadata={:directory=>"/"},
@name="tapioca",
@package_manager="bundler",
@previous_requirements=[{:requirement=>">= 0", :groups=>[:development], :source=>nil, :file=>"Gemfile"}],
@previous_version="0.12.0",
@removed=false,
@requirements=[{:requirement=>">= 0", :groups=>[:development], :source=>nil, :file=>"Gemfile"}],
@version="0.13.1">,
#<Dependabot::Dependency:0x0000ffffa6e85458
@metadata={},
@name="tapioca",
@package_manager="bundler",
@previous_requirements=[{:requirement=>">= 0", :groups=>[:development], :source=>nil, :file=>"Gemfile"}],
@previous_version="0.12.0",
@removed=false,
@requirements=[{:requirement=>">= 0", :groups=>[:development], :source=>nil, :file=>"Gemfile"}],
@version="0.13.1">, |
Can we add a test to prevent regression? |
I have tested against the test repo. I am adding the test. |
There's also a mention of the table showing a dependency updating from a commit to a version, even though they didn't actually update: #7695 (comment) Is a fix for that going to be part of this PR? |
No. This will fix the duplicate entry. I can look into that as well. But first will let this ship |
d8215ab
to
7d078fa
Compare
common/spec/dependabot/pull_request_creator/message_builder_spec.rb
Outdated
Show resolved
Hide resolved
Since we're only uniq'ing by name, wouldn't the dependencies that gets removed from the PR body be random? I wonder if the "to" and "from" version can change for a duplicate dependency if you run the same job twice The note at dependabot-core/updater/lib/dependabot/updater/dependency_group_change_batch.rb Lines 65 to 71 in d53fce0
|
We could check for unique by name, from and to to be thorough? |
@jurre and @Nishnha : I have updated the code to remove duplicates based on name, to and from versions.
Dep A - previous version 1.2.4 latest version 1.2.5
Dep A - previous version 1.2.4 latest version 1.2.6
Dep A - previous version 1.2.1 latest version 1.2.5
Dep A - previous version 1.2.4 latest version 1.2.5 |
All the smoke test errors are due to rate limit exceeded. |
common/spec/dependabot/pull_request_creator/message_builder_spec.rb
Outdated
Show resolved
Hide resolved
67ebcd9
to
3ebb6fb
Compare
Co-authored-by: Jurre <jurre@github.com>
f689a4f
to
beb7acc
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice
@honeyankit @Nishnha @landongrindheim Could this have caused the regression seen in #9457? |
* Fix the duplicate dependencies in PR summary table Co-authored-by: Jurre <jurre@github.com>
Context
This PR resolves the issue of duplicated entries in the group update PR's summary table by ensuring that only unique dependencies are considered in the message builder. These are then displayed in the PR summary table.
Fixes: #7695