Skip to content

Fix ignore option for gitsubmodule #14352

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
thavaahariharangit merged 1 commit into from
Mar 3, 2026
+67 −24
Merged

Fix ignore option for gitsubmodule #14352

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 5 additions & 1 deletion git_submodules/lib/dependabot/git_submodules/update_checker.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,8 +62,12 @@ def fetch_latest_version
T.let(
LatestVersionFinder.new(
dependency: dependency,
dependency_files: dependency_files,
credentials: credentials,
cooldown_options: update_cooldown
ignored_versions: ignored_versions,
security_advisories: security_advisories,
cooldown_options: update_cooldown,
raise_on_ignored: raise_on_ignored
).latest_tag,
T.nilable(String)
)
Expand Down
23 changes: 1 addition & 22 deletions git_submodules/lib/dependabot/git_submodules/update_checker/latest_version_finder.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,24 +18,12 @@ class UpdateChecker
class LatestVersionFinder < Dependabot::Package::PackageLatestVersionFinder
extend T::Sig

sig do
params(
dependency: Dependabot::Dependency,
credentials: T::Array[Dependabot::Credential],
cooldown_options: T.nilable(Dependabot::Package::ReleaseCooldownOptions)
).void
end
def initialize(dependency:, credentials:, cooldown_options:)
@dependency = dependency
@credentials = credentials
@cooldown_options = cooldown_options
end

sig { returns(T.nilable(String)) }
def latest_tag
releases = version_list

releases = filter_by_cooldown(T.must(releases))
releases = filter_ignored_versions(releases)

# if there are no releases after applying filters, we fallback to the current tag to avoid empty results
releases = apply_post_fetch_latest_versions_filter(releases)
Expand Down Expand Up @@ -116,15 +104,6 @@ def apply_post_fetch_latest_versions_filter(releases)
releases
end

sig { returns(Dependabot::Dependency) }
attr_reader :dependency

sig { returns(T::Array[Dependabot::Credential]) }
attr_reader :credentials

sig { returns(T.nilable(Dependabot::Package::ReleaseCooldownOptions)) }
attr_reader :cooldown_options

sig { override.returns(T.nilable(Dependabot::Package::PackageDetails)) }
def package_details; end
end
Expand Down
62 changes: 61 additions & 1 deletion git_submodules/spec/dependabot/git_submodules/update_checker/latest_version_finder_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,11 +38,18 @@
"password" => "token"
}]
end
let(:ignored_versions) { [] }
let(:security_advisories) { [] }
let(:raise_on_ignored) { false }
let(:checker) do
described_class.new(
dependency: dependency,
dependency_files: [],
credentials: credentials,
cooldown_options: cooldown_options
ignored_versions: ignored_versions,
security_advisories: security_advisories,
cooldown_options: cooldown_options,
raise_on_ignored: raise_on_ignored
)
end

Expand Down Expand Up @@ -129,4 +136,57 @@
it { is_expected.to eq("95a470a557091cdbdc9f68a178b60bd19329942c") }
end
end

describe "#latest_tag with ignored_versions" do
subject { checker.latest_tag }

let(:tagged_sha) { "3c96b37d962e02d37f6b66b63af104c44249544d" }
let(:untagged_sha) { "50581639a03761c649e09e9618e26d3beb6a4198" }
let(:releases) do
[
Dependabot::Package::PackageRelease.new(
version: Dependabot::GitSubmodules::Version.new("1.2.3"),
tag: tagged_sha
),
Dependabot::Package::PackageRelease.new(
version: Dependabot::GitSubmodules::Version.new("0.0.0-0.5"),
tag: untagged_sha
)
]
end

before do
allow(checker).to receive(:version_list).and_return(releases)
end

context "when the user is ignoring all later versions" do
let(:ignored_versions) { ["> 0.0.0"] }

it { is_expected.to eq(untagged_sha) }
end

context "when the user has ignored all versions" do
let(:ignored_versions) { [">= 0"] }
let(:releases) do
[
Dependabot::Package::PackageRelease.new(
version: Dependabot::GitSubmodules::Version.new("1.2.3"),
tag: tagged_sha
)
]
end

it "returns nil" do
expect(checker.latest_tag).to be_nil
end

context "when raise_on_ignored is set" do
let(:raise_on_ignored) { true }

it "raises an error" do
expect { checker.latest_tag }.to raise_error(Dependabot::AllVersionsIgnored)
end
end
end
end
end
Loading