Merge pull request #6274 from dependabot/deivid-rodriguez/more-error-…

…aggregation More error aggregation
dependabot · Dec 7, 2022 · 3005635 · 3005635
2 parents 66fc969 + 339c426
commit 3005635
Show file tree

Hide file tree

Showing 5 changed files with 51 additions and 26 deletions.
diff --git a/npm_and_yarn/lib/dependabot/npm_and_yarn/file_updater/npm_lockfile_updater.rb b/npm_and_yarn/lib/dependabot/npm_and_yarn/file_updater/npm_lockfile_updater.rb
@@ -205,7 +205,19 @@ def run_npm8_top_level_updater(top_level_dependencies:)
             "--ignore-scripts",
             "--package-lock-only"
           ].join(" ")
-          SharedHelpers.run_shell_command(command)
+
+          fingerprint = [
+            "npm",
+            "install",
+            "<install_args>",
+            "--force",
+            "--dry-run",
+            "false",
+            "--ignore-scripts",
+            "--package-lock-only"
+          ].join(" ")
+
+          SharedHelpers.run_shell_command(command, fingerprint: fingerprint)
           { lockfile_basename => File.read(lockfile_basename) }
         end
 

diff --git a/npm_and_yarn/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb b/npm_and_yarn/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb
@@ -149,16 +149,18 @@ def run_yarn_berry_top_level_updater(top_level_dependency_updates:, yarn_lock:)
           # lockfile in the right state. Otherwise we'll need to manually update
           # the lockfile.
 
-          command = if top_level_dependency_updates.all? { |dep| requirements_changed?(dep[:name]) }
-                      "yarn install #{Helpers.yarn_berry_args}".strip
-                    else
-                      updates = top_level_dependency_updates.collect do |dep|
-                        dep[:name]
-                      end
-
-                      "yarn up -R #{updates.join(' ')} #{Helpers.yarn_berry_args}".strip
-                    end
-          Helpers.run_yarn_commands(command)
+          if top_level_dependency_updates.all? { |dep| requirements_changed?(dep[:name]) }
+            Helpers.run_yarn_command("yarn install #{yarn_berry_args}".strip)
+          else
+            updates = top_level_dependency_updates.collect do |dep|
+              dep[:name]
+            end
+
+            Helpers.run_yarn_command(
+              "yarn up -R #{updates.join(' ')} #{yarn_berry_args}".strip,
+              fingerprint: "yarn up -R <dependency_names> #{yarn_berry_args}".strip
+            )
+          end
           { yarn_lock.name => File.read(yarn_lock.name) }
         end
 
@@ -171,14 +173,20 @@ def run_yarn_berry_subdependency_updater(yarn_lock:)
           dep = sub_dependencies.first
           update = "#{dep.name}@#{dep.version}"
 
-          Helpers.run_yarn_commands(
-            "yarn add #{update} #{Helpers.yarn_berry_args}".strip,
-            "yarn dedupe #{dep.name} #{Helpers.yarn_berry_args}".strip,
-            "yarn remove #{dep.name} #{Helpers.yarn_berry_args}".strip
-          )
+          commands = [
+            ["yarn add #{update} #{yarn_berry_args}".strip, "yarn add <update> #{yarn_berry_args}".strip],
+            ["yarn dedupe #{dep.name} #{yarn_berry_args}".strip, "yarn dedupe <dep_name> #{yarn_berry_args}".strip],
+            ["yarn remove #{dep.name} #{yarn_berry_args}".strip, "yarn remove <dep_name> #{yarn_berry_args}".strip]
+          ]
+
+          Helpers.run_yarn_commands(*commands)
           { yarn_lock.name => File.read(yarn_lock.name) }
         end
 
+        def yarn_berry_args
+          Helpers.yarn_berry_args
+        end
+
         def run_yarn_top_level_updater(top_level_dependency_updates:)
           SharedHelpers.run_helper_subprocess(
             command: NativeHelpers.helper_path,

diff --git a/npm_and_yarn/lib/dependabot/npm_and_yarn/helpers.rb b/npm_and_yarn/lib/dependabot/npm_and_yarn/helpers.rb
@@ -85,13 +85,13 @@ def self.setup_yarn_berry
       # contain malicious code.
       def self.run_yarn_commands(*commands)
         setup_yarn_berry
-        commands.each { |cmd| SharedHelpers.run_shell_command(cmd) }
+        commands.each { |cmd, fingerprint| SharedHelpers.run_shell_command(cmd, fingerprint: fingerprint) }
       end
 
       # Run a single yarn command returning stdout/stderr
-      def self.run_yarn_command(command)
+      def self.run_yarn_command(command, fingerprint: nil)
         setup_yarn_berry
-        SharedHelpers.run_shell_command(command)
+        SharedHelpers.run_shell_command(command, fingerprint: fingerprint)
       end
 
       def self.dependencies_with_all_versions_metadata(dependency_set)

diff --git a/npm_and_yarn/lib/dependabot/npm_and_yarn/update_checker/subdependency_version_resolver.rb b/npm_and_yarn/lib/dependabot/npm_and_yarn/update_checker/subdependency_version_resolver.rb
@@ -116,8 +116,9 @@ def run_yarn_updater(path, lockfile_name)
         def run_yarn_berry_updater(path, lockfile_name)
           SharedHelpers.with_git_configured(credentials: credentials) do
             Dir.chdir(path) do
-              Helpers.run_yarn_commands(
-                "yarn up -R #{dependency.name} #{Helpers.yarn_berry_args}".strip
+              Helpers.run_yarn_command(
+                "yarn up -R #{dependency.name} #{Helpers.yarn_berry_args}".strip,
+                fingerprint: "yarn up -R <dependency_name> #{Helpers.yarn_berry_args}".strip
               )
               { lockfile_name => File.read(lockfile_name) }
             end

diff --git a/python/lib/dependabot/python/update_checker/poetry_version_resolver.rb b/python/lib/dependabot/python/update_checker/poetry_version_resolver.rb
@@ -100,7 +100,7 @@ def fetch_latest_resolvable_version_string(requirement:)
                 end
 
                 # Shell out to Poetry, which handles everything for us.
-                run_poetry_command(poetry_update_command)
+                run_poetry_update_command
 
                 updated_lockfile =
                   if File.exist?("poetry.lock") then File.read("poetry.lock")
@@ -163,8 +163,11 @@ def handle_poetry_errors(error)
 
         # Using `--lock` avoids doing an install.
         # Using `--no-interaction` avoids asking for passwords.
-        def poetry_update_command
-          "pyenv exec poetry update #{dependency.name} --lock --no-interaction"
+        def run_poetry_update_command
+          run_poetry_command(
+            "pyenv exec poetry update #{dependency.name} --lock --no-interaction",
+            fingerprint: "pyenv exec poetry update <dependency_name> --lock --no-interaction"
+          )
         end
 
         def check_original_requirements_resolvable
@@ -174,7 +177,7 @@ def check_original_requirements_resolvable
             SharedHelpers.with_git_configured(credentials: credentials) do
               write_temporary_dependency_files(update_pyproject: false)
 
-              run_poetry_command(poetry_update_command)
+              run_poetry_update_command
 
               @original_reqs_resolvable = true
             rescue SharedHelpers::HelperSubprocessFailed => e
@@ -331,7 +334,7 @@ def lockfile
           poetry_lock || pyproject_lock
         end
 
-        def run_poetry_command(command)
+        def run_poetry_command(command, fingerprint: nil)
           start = Time.now
           command = SharedHelpers.escape_command(command)
           stdout, process = Open3.capture2e(command)
@@ -345,6 +348,7 @@ def run_poetry_command(command)
             message: stdout,
             error_context: {
               command: command,
+              fingerprint: fingerprint,
               time_taken: time_taken,
               process_exit_value: process.to_s
             }