dependabot/fetch-metadata
2
0
Fork 0
mirror of https://github.com/dependabot/fetch-metadata.git synced 2026-03-12 18:07:12 -04:00
Code Issues Packages Projects Releases Wiki Activity
674 Commits 8 Branches 28 Tags
v2.5.0
Commit Graph

73 Commits

Author SHA1 Message Date
Thomas Ruggeri
fa144c97df chore: Migrate jest expectation function 
* Replace toBeCalledWith with toHaveBeenCalledWith
 2025-12-22 20:36:27 +00:00
Thomas Ruggeri
33c7a0bfc8 bug: Mock PR body in test 
* Mock body to get consistent testing
* Fix lint warnings
 2025-12-22 20:36:27 +00:00
Stoyan Kolev
59d2b1fb73 fix incorrect parsing of directory when using dependency-group 2025-01-24 13:48:15 -05:00
Thomas Spencer
a44a9dfd95 Handle branch names containing hyphen separators 2024-04-24 11:56:55 +08:00
Nish Sinha
b8e8f8c79b Pull the group name from commit metadata 2023-06-22 16:04:51 -04:00
Nish Sinha
b534cb5e81 FIXME: prevVersion and newVersion are blank for grouped updates 2023-06-08 15:00:44 -04:00
Nish Sinha
9e8fb5b31b Add tests for grouped updates 2023-06-08 14:57:21 -04:00
Nish Sinha
b3648a31bd Use commit data to infer dependency groups instead of the PR body 2023-06-08 13:52:48 -04:00
Nish Sinha
cfab22f699 Add dependency group metadata 2023-06-08 13:48:27 -04:00
Kenichi Kamiya
64bd9b825f Fix library parser to trim trailing LF (#380) 
* Fix test fixture for update requirement pattern

* Fix to parse update fragment with considering "\n"

* `npm run build`
 2023-05-24 01:12:53 +00:00
Michael Waddell
32fd3a60da Added flag if "Maintainer changes" appears in the PR body (#174) 
Ideally this would get passed over in the commit message instead of being part of the (editable) PR body. For now though we can just use the PR body.
 2023-04-24 13:14:30 -07:00
Yeikel
6c2bf2fe33 feat: add option to skip internal verifications (#336) 
Add a `skip-verification` (boolean) option:
 
 - If `true`, the action will not validate the user or the commit verification status
 - Defaults to `false`

Allows for scenarios where users want to add or amend commits on the Dependabot PR, and those commits will not come from the :dependabot: user.

There's a fair bit of discussion on this use case and also why this isn't the default behavior, see:
* https://github.com/dependabot/fetch-metadata/pull/336
* https://github.com/dependabot/fetch-metadata/issues/332
 2023-04-17 12:44:22 -07:00
jonmcquillan
919f913865 Allow leading v on commit message versions (#338) 
Previously, a leading `v` on the version in the commit message (eg, `Bumps org/repo from v1.3.0 to v1.3.2.`) did not populate the `previous-version` and `new-version`, so was also unable to calculate the proper `update-type`.

This fixes that.

Fix #244
 2023-04-12 11:40:23 -07:00
Kenichi Kamiya
0a3f18375a Adjust indent style with existing code 
https://github.com/dependabot/fetch-metadata/pull/224#issuecomment-1399120739
 2023-01-22 21:17:04 +09:00
Kenichi Kamiya
cf0e979712 Merge branch 'main' into fix-get-info-for-library 2023-01-18 12:15:22 +09:00
Mattt
023b335ed9 Fix object-shorthand linter warnings 2022-11-01 05:48:25 -07:00
Barry Gordon
b1673a77b4 Add skip-commit-verification input 2022-06-30 14:36:01 +01:00
Barry Gordon
29dc6db06e getMessage can skip commit verification checks 2022-06-30 14:27:21 +01:00
Kenichi Kamiya
e4063e40b9 Fit parser for libraries 2022-06-30 10:00:44 +09:00
Kenichi Kamiya
cf997547b4 Add test for library and application pattern 
Commit message is different between application and library.
Current parser targets only for application pattern.
This commit will cover libraries.

7444344c03/common/lib/dependabot/pull_request_creator/message_builder.rb (L71-L110)
7444344c03/common/lib/dependabot/pull_request_creator/message_builder.rb (L126-L130)
7444344c03/common/lib/dependabot/pull_request_creator/message_builder.rb (L181-L216)
 2022-06-30 02:02:37 +09:00
Salim Bensiali
50776e5524 Call trimSlashes on the computed manifest path instead of on just 
`directory`
 2022-03-24 07:20:42 +00:00
Salim Bensiali
b31caa4279 Add failing tests for verified_commits.ts\'s getAlert function 2022-03-24 07:18:36 +00:00
Michael Waddell
84741a1a63 If the update-type is missing for some reason, calculate it from the versions 2022-03-04 22:40:59 -06:00
Barry Gordon
0ca01a5553 Merge pull request #146 from pangaeatech/get_compat_score 
Return compatibility score
 2022-02-28 18:10:37 +00:00
Michael Waddell
9a3daafb32 linting 2022-02-26 13:46:10 -06:00
Michael Waddell
4a8756595b Allow fetch-metadata to run on a PR even if it has additional commits, as long as the 0th one was added by dependabot and is verified. 2022-02-26 13:40:40 -06:00
Michael Waddell
e05077052f updating unit test 2022-02-21 19:36:58 -06:00
Michael Waddell
ba0ddd7fd8 disabling by default 2022-02-21 19:36:02 -06:00
Michael Waddell
dd76591256 Merge branch 'flag-security-alerts' into get_compat_score 2022-02-21 19:27:14 -06:00
Michael Waddell
6d854e50fd Merge branch 'main' into get_compat_score 2022-02-21 19:22:05 -06:00
Michael Waddell
e935ee51d1 linting 2022-02-21 19:16:52 -06:00
Michael Waddell
cfcd55c7b9 Make new "get-alerts" functionality off by default 2022-02-21 19:09:53 -06:00
Michael Waddell
582a0e6a5f Merge branch 'main' into flag-security-alerts 2022-02-21 17:41:40 -06:00
Barry Gordon
91c778d976 Fix new Typescript rules 2022-02-21 20:22:22 +00:00
Michael Waddell
e0099a154d Adding compatibility-score to output 2022-02-20 18:43:16 -06:00
Michael Waddell
e79c4e95c1 fixing bug with directory name when the dependency name contains slashes 2022-02-19 21:37:09 -06:00
Michael Waddell
1dafcbca7f unit testing 2022-02-18 22:24:17 -06:00
Michael Waddell
317bd19a8e updating documentation and adding more checks to unit tests 2022-02-17 21:15:55 -06:00
Michael Waddell
7a9c6b6a09 linting 2022-02-17 20:34:09 -06:00
Michael Waddell
4d5384fc6f linting and unit testing 2022-02-17 20:32:55 -06:00
Michael Waddell
d5d6d4da96 Using graphql to pull alert details 
closes #84
closes #102
 2022-02-17 07:45:14 -06:00
Michael Waddell
17e334fb15 Merge branch 'main' into use_author 2022-02-11 20:46:55 -06:00
Michael Waddell
ffbb37fe01 renaming target_branch to target-branch 2022-02-11 14:08:20 -06:00
Michael Waddell
aa297d42a6 linting 2022-02-09 14:21:04 -06:00
Michael Waddell
ca81f5871d have to make a call-out to get the details of the PR 2022-02-09 14:20:09 -06:00
Michael Waddell
7b566f4b94 linting 2022-02-09 13:56:31 -06:00
Michael Waddell
74c5483adb Using branchNames per @Nishnha's suggestion 2022-02-09 13:45:56 -06:00
Michael Waddell
9967bee0ba fixing comment style 2022-02-09 13:45:29 -06:00
Michael Waddell
4d237c6cf0 Update src/dependabot/update_metadata.ts 
Co-authored-by: Nish Sinha <nishnha@github.com>
 2022-02-09 13:42:39 -06:00
Michael Waddell
8001861ce3 Added directory, package-ecosystem and target_branch to output 
closes issue #76
 2022-02-07 17:39:02 -06:00