Fix Dependabot config indentation issue

[varunsh-coder]

No description provided.

[step-security-bot]

Please find StepSecurity AI-CodeWise code comments inline or below.

remediation/dependabot/dependabotconfig.go

Please refer to 5 inline comments.

remediation/dependabot/dependabotconfig_test.go

No feedback for this file.

testfiles/dependabotfiles/input/High-Indentation.yml

No feedback for this file.

testfiles/dependabotfiles/input/No-Indentation.yml

Please refer to 1 inline comments.

testfiles/dependabotfiles/input/Same-ecosystem-different-directory.yml

No feedback for this file.

testfiles/dependabotfiles/output/High-Indentation.yml

Please refer to 2 inline comments.

testfiles/dependabotfiles/output/No-Indentation.yml

Please refer to 1 inline comments.

Feedback

We appreciate your feedback in helping us improve the service! To provide feedback, please use emojis on this comment. If you find a comment helpful, give it a 👍. If they aren't useful, kindly express that with a 👎. If you have questions or detailed feedback, please create n GitHub issue in StepSecurity/AI-CodeWise.

[step-security-bot]

• [High]Handle error in json unmarshalling
  There is a json.Unmarshal operation that can potentially return an error. As such, the error should be handled appropriately instead of returning it directly. Handle the error by logging, returning an error message or by taking some other appropriate action. code line:json.Unmarshal([]byte(dependabotConfig), &updateDependabotConfigRequest)

[step-security-bot]

• [Medium]Use the correct YAML library
  The current library being used is from an older version of YAML. The new library is YAML V3, see 'gopkg.in/yaml.v3'. Replace the current import path with 'gopkg.in/yaml.v3' code line:gopkg.in/yaml.v2

[step-security-bot]

• [Medium]Sort the ecosystem names by alphabetical order
  The ecosystem packages are currently in a random order. Sort the ecosystem names by alphabetical order. code line:for _, Update := range updateDependabotConfigRequest.Ecosystems {

[step-security-bot]

• [Low]Check if inputConfigFile is empty
  The current code does not check if inputConfigFile is empty or not. Add a condition to check if inputConfigFile is empty or not. code line:inputConfigFile := []byte(updateDependabotConfigRequest.Content)

[step-security-bot]

• [Low]Check for final newline character
  The final YAML output does not always end with a newline. Add a newline character if the output does not end with one. code line:response.FinalOutput = finalOutput.String()

[step-security-bot]

• [Low]Add an end of file newline character
  The last line of a file should always end with a newline character. Without a newline character, some text editors may not display the last line properly, or may automatically add one, which can cause confusion or make diffs harder to read. Add a newline to the end of the file code line:+ interval: daily

[step-security-bot]

• [Low]Remove redundant 'interval' key
  'interval' key is already specified in the parent level, hence it is not needed in this child level. Remove the child 'interval' key. code line: interval: daily

[step-security-bot]

• [Low]Add a package manager lock file
  A lock file helps to prevent version conflicts when installing dependencies. Add a lock file for the package manager. code line:- package-ecosystem: npm

[step-security-bot]

• [Medium]Avoid using root directory as the directory to run updates in
  The current configuration is running updates in the root directory which can be dangerous and update unexpected packages. Specify the exact directory you would like to update. code line:- package-ecosystem: github-actions