From e4845c786f69a6170039d9d6e4e6220c40ccee58 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Rodr=C3=ADguez?= Date: Thu, 20 Oct 2022 00:30:48 +0200 Subject: [PATCH] Fix error when parsing Gitlab changelogs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This bug was causing Dependabot to not be able to create PRs to bump the oauth2 ruby gem. This is a fairly popular Ruby gem. It's hosted a gitlab.com, and uses gemspec metadata to declare how to find it's changelog. The URL it uses is `https://gitlab.com/oauth-xx/oauth2/-/tree/v2.0.9/CHANGELOG.md`, which Dependabot was not parsing properly, causing runtime errors. This is a regression from 49d1a13fca921000b8f9a76612a67d9098431ebd. Before, when trying to create a PR bump the oauth2 rubygem, you would get: ``` ๐ŸŒ https://rubygems.org/api/v1/gems/oauth2.json ๐ŸŒ https://gitlab.com/oauth-xx/oauth2/-/tree/v2.0.9.git/info/refs /home/dependabot/dependabot-core/common/lib/dependabot/git_metadata_fetcher.rb:68:in `fetch_upload_pack_for': Server error at https://gitlab.com/oauth-xx/oauth2/-/tree/v2.0.9/: Internal server error (RuntimeError) from /home/dependabot/dependabot-core/common/lib/dependabot/git_metadata_fetcher.rb:17:in `upload_pack' from /home/dependabot/dependabot-core/common/lib/dependabot/git_metadata_fetcher.rb:23:in `tags' from /home/dependabot/dependabot-core/common/lib/dependabot/metadata_finders/base/commits_finder.rb:177:in `fetch_dependency_tags' from /home/dependabot/dependabot-core/common/lib/dependabot/metadata_finders/base/commits_finder.rb:169:in `dependency_tags' from /home/dependabot/dependabot-core/common/lib/dependabot/metadata_finders/base/commits_finder.rb:60:in `new_tag' from /home/dependabot/dependabot-core/common/lib/dependabot/metadata_finders/base/changelog_finder.rb:151:in `tag_for_new_version' from /home/dependabot/dependabot-core/common/lib/dependabot/metadata_finders/base/changelog_finder.rb:106:in `relevant_tag_changelog' from /home/dependabot/dependabot-core/common/lib/dependabot/metadata_finders/base/changelog_finder.rb:70:in `changelog' from /home/dependabot/dependabot-core/common/lib/dependabot/metadata_finders/base/changelog_finder.rb:33:in `changelog_url' from /home/dependabot/dependabot-core/common/lib/dependabot/metadata_finders/base.rb:40:in `changelog_url' from /usr/local/lib/ruby/3.1.0/forwardable.rb:238:in `changelog_url' from /home/dependabot/dependabot-core/common/lib/dependabot/pull_request_creator/message_builder/metadata_presenter.rb:81:in `changelog_cascade' from /home/dependabot/dependabot-core/common/lib/dependabot/pull_request_creator/message_builder/metadata_presenter.rb:39:in `to_s' from /home/dependabot/dependabot-core/common/lib/dependabot/pull_request_creator/message_builder.rb:395:in `metadata_cascades_for_dep' from /home/dependabot/dependabot-core/common/lib/dependabot/pull_request_creator/message_builder.rb:365:in `metadata_cascades' from /home/dependabot/dependabot-core/common/lib/dependabot/pull_request_creator/message_builder.rb:50:in `pr_message' from /home/dependabot/dependabot-core/common/lib/dependabot/pull_request_creator/message_builder.rb:64:in `message' from bin/dry-run.rb:797:in `block in
' from bin/dry-run.rb:661:in `each' from bin/dry-run.rb:661:in `
' ``` After: ``` ๐ŸŒ https://rubygems.org/api/v1/gems/oauth2.json ๐ŸŒ https://gitlab.com/oauth-xx/oauth2/raw/main/CHANGELOG.md ๐ŸŒ https://gitlab.com/oauth-xx/oauth2.git/info/refs Pull Request Title: Bump oauth2 from 2.0.8 to 2.0.9 --description-- Bumps [oauth2](https://gitlab.com/oauth-xx/oauth2) from 2.0.8 to 2.0.9.
Changelog

Sourced from oauth2's changelog.

[2.0.9] - 2022-09-16 ([tag][2.0.9t])

Added

Changed

  • Complete migration to main branch as default (@โ€‹pboling)
  • Complete migration to Gitlab, updating all links, and references in VCS-managed files (@โ€‹pboling)
Commits
  • 8c88ad2 ๐Ÿ”– Prepare release 2.0.9
  • 39f0f2a โœ๏ธ Correct typos in CHANGELOG.md
  • bbd2431 ๐Ÿ”– Prepare release 2.0.9
  • e9d70c9 โœ๏ธ Correct typos in CHANGELOG.md
  • 1e81b62 ๐Ÿ”ง Migration from Github to Gitlab
  • ef8c2c1 ๐Ÿ”ง Migration from Github to Gitlab
  • 10d9a83 โœ… More tests
  • 5e405dc ๐Ÿ”ง Migration from Github to Gitlab
  • 272edd6 โฌ†๏ธ Allow rack v3
  • 260a8bb ๐Ÿ”ง Complete migration from master to main branch
  • Additional commits viewable in compare view

--/description-- --commit-- Bump oauth2 from 2.0.8 to 2.0.9 Bumps [oauth2](https://gitlab.com/oauth-xx/oauth2) from 2.0.8 to 2.0.9. - [Release notes](https://gitlab.com/oauth-xx/oauth2/tags) - [Changelog](https://gitlab.com/oauth-xx/oauth2/blob/main/CHANGELOG.md) - [Commits](https://gitlab.com/oauth-xx/oauth2/compare/v2.0.8...v2.0.9) --/commit-- ``` --- common/lib/dependabot/source.rb | 4 ++-- common/spec/dependabot/source_spec.rb | 7 +++++++ 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/common/lib/dependabot/source.rb b/common/lib/dependabot/source.rb index 4e96625b200..f7342f2b898 100644 --- a/common/lib/dependabot/source.rb +++ b/common/lib/dependabot/source.rb @@ -21,8 +21,8 @@ class Source GITLAB_SOURCE = %r{ (?gitlab) (?:\.com)[/:] - (?(?!\.git|/tree|/blob)[\w./-]+?)(?:\.git)? - (?:(?:/tree|/blob)/(?[^/]+)/(?.*)[\#|/].*)?$ + (?[^/]+/(?:(?!\.git)[^/])+((?!/tree|/blob/|/-)/[^/]+)?) + (?:(?:/tree|/blob)/(?[^/]+)/(?.*)[\#|/].*)? }x.freeze BITBUCKET_SOURCE = %r{ diff --git a/common/spec/dependabot/source_spec.rb b/common/spec/dependabot/source_spec.rb index d1c132b0e44..aaed836cc0e 100644 --- a/common/spec/dependabot/source_spec.rb +++ b/common/spec/dependabot/source_spec.rb @@ -256,6 +256,13 @@ its(:directory) { is_expected.to eq("dir") } end + context "with a GitLab changelog link" do + let(:url) { "https://gitlab.com/oauth-xx/oauth2/-/tree/v2.0.9/CHANGELOG.md" } + its(:provider) { is_expected.to eq("gitlab") } + its(:repo) { is_expected.to eq("oauth-xx/oauth2") } + its(:directory) { is_expected.to be_nil } + end + context "with a GitLab subgroup URL" do let(:url) { "https://gitlab.com/org/group/abc/blob/master/dir/readme.md" } its(:provider) { is_expected.to eq("gitlab") }