Skip to content

Remove use of Dependabot::DependencySnapshot from the UpdateGraphCommand #13128

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 3 commits into
base: main
Choose a base branch
from
Draft

Remove use of Dependabot::DependencySnapshot from the UpdateGraphCommand #13128

wants to merge 3 commits into from
+61 −58

Conversation

brrygrdn
Copy link
Contributor

What are you trying to accomplish?

The UpdateGraphCommand is slightly simpler than the UpdateFilesCommand as it doesn't need to do modal operation between version/security updates or PR grouping strategies, it just needs to iterate over N directories and submit a snapshot for each.

The Dependabot::DependencySnapshot component also early-evaluates the file parser and this is something we'd ideally leave later in the individual graphing operation so we can run additional steps before or after it, or in extreme cases use an alternative parser.

This change reflows the UpdateGraphCommand and rearranges the responsibilities so that:

  • The Dependabot::DependencySnapshot component is dropped in favour of plucking things out of the Environment.job_definition
    • We drop support for the job.directory key as a back compat concern our new command will not need to care about
  • The GithubApi::DependencySubmission component is now focused exclusively on serialising data into the right JSON for sending to the API
  • The Dependabot::DependencyGrapher now receives the parser to user to get the dependencies
  • The overall command is now compatible with multi-directory jobs, emitting one API call per directory

Anything you want to highlight for special attention from reviewers?

Mainly that the new testing surfaces make sense

How will you know you've accomplished your goal?

The overall graphing behaviour is unchanged by this, but we can now handle monorepo jobs where we need to parse a few directories at once.

Checklist

  • I have run the complete test suite to ensure all tests and linters pass.
  • I have thoroughly tested my code changes to ensure they work as expected, including adding additional tests for new functionality.
  • I have written clear and descriptive commit messages.
  • I have provided a detailed description of the changes in the pull request, including the problem it addresses, how it fixes the problem, and any relevant details about the implementation.
  • I have ensured that the code is well-documented and easy to understand.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@brrygrdn