Skip to content

Commit

Permalink
Adds changes for experiment to fix expected cotent to change error.
Browse files Browse the repository at this point in the history
  • Loading branch information
@sachin-sandhu
sachin-sandhu committed Jan 28, 2025
1 parent 645c250 commit 868b436
Show file tree
Hide file tree
Showing 8 changed files with 28,618 additions and 1 deletion.
27 changes: 26 additions & 1 deletion npm_and_yarn/lib/dependabot/npm_and_yarn/file_updater/package_json_updater.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,8 +37,12 @@ def updated_package_json
sig { returns(T::Array[Dependabot::Dependency]) }
attr_reader :dependencies

# rubocop:disable Metrics/PerceivedComplexity
sig { returns(T.nilable(String)) }
def updated_package_json_content
# checks if we are updating single dependency in package.json
unique_deps_count = dependencies.map(&:name).to_a.uniq.compact.length

dependencies.reduce(package_json.content.dup) do |content, dep|
updated_requirements(dep)&.each do |new_req|
old_req = old_requirement(dep, new_req)
Expand All @@ -50,7 +54,27 @@ def updated_package_json_content
new_req: new_req
)

raise "Expected content to change!" if content == new_content
Dependabot::Experiments.register(:avoid_duplicate_updates_package_json, true)

if Dependabot::Experiments.enabled?(:avoid_duplicate_updates_package_json) &&
(content == new_content && unique_deps_count > 1)

# (we observed that) package.json does not always contains the same dependencies compared to
# "dependencies" list, for example, dependencies object can contain same name dependency "dep"=> "1.0.0"
# and "dev" => "1.0.1" while package.json can only contain "dep" => "1.0.0",the other dependency is
# not present in package.json so we don't have to update it, this is most likely (as observed)
# a transitive dependency which only needs update in lockfile, So we avoid throwing exception and let
# the update continue.

Dependabot.logger.info("experiment: avoid_duplicate_updates_package_json.
Updating package.json for #{dep.name} ")

raise "Expected content to change!"
end

if !Dependabot::Experiments.enabled?(:avoid_duplicate_updates_package_json) && (content == new_content)
raise "Expected content to change!"
end

content = new_content
end
Expand All @@ -69,6 +93,7 @@ def updated_package_json_content
content
end
end
# rubocop:enable Metrics/PerceivedComplexity

sig do
params(
Expand Down
2 changes: 2 additions & 0 deletions npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater/bun_lockfile_updater_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,8 @@
.with(:enable_shared_helpers_command_timeout).and_return(true)
allow(Dependabot::Experiments).to receive(:enabled?)
.with(:enable_fix_for_pnpm_no_change_error).and_return(true)
allow(Dependabot::Experiments).to receive(:enabled?)
.with(:avoid_duplicate_updates_package_json).and_return(false)
end

after do
Expand Down
2 changes: 2 additions & 0 deletions npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater/npm_lockfile_updater_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,8 @@
.with(:npm_v6_deprecation_warning).and_return(true)
allow(Dependabot::Experiments).to receive(:enabled?)
.with(:enable_fix_for_pnpm_no_change_error).and_return(true)
allow(Dependabot::Experiments).to receive(:enabled?)
.with(:avoid_duplicate_updates_package_json).and_return(false)
end

after do
Expand Down
55 changes: 55 additions & 0 deletions npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater/package_json_updater_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -206,6 +206,61 @@
end
end

context "when updating multiple dependencies that results in 'package.json' update only once" do
before do
Dependabot::Experiments.register(:avoid_duplicate_updates_package_json, true)
end

after do
Dependabot::Experiments.register(:avoid_duplicate_updates_package_json, false)
end

let(:project_name) { "npm8/simple_with_multiple_deps" }
let(:dependencies) do
[
Dependabot::Dependency.new(
name: "cross-spawn",
version: "^7.0.2",
package_manager: "npm_and_yarn",
requirements: [{
file: "package.json",
requirement: "^7.0.6",
groups: ["dependencies"],
source: nil
}],
previous_requirements: [{
file: "package.json",
requirement: "^7.0.2",
groups: ["dependencies"],
source: nil
}]
),
Dependabot::Dependency.new(
name: "dep-spawn",
version: "^6.0.2",
package_manager: "npm_and_yarn",
requirements: [{
file: "package.json",
requirement: "^6.0.2",
groups: ["dependencies"],
source: nil
}],
previous_requirements: [{
file: "package.json",
requirement: "^6.0.1",
groups: ["dependencies"],
source: nil
}]
)
]
end

it "updates both dependency declarations" do
expect { updated_package_json }
.to raise_error("Expected content to change!")
end
end

context "when the dependency is specified as both dev and runtime" do
let(:dependency) do
Dependabot::Dependency.new(
Expand Down
2 changes: 2 additions & 0 deletions npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,8 @@
.with(:enable_shared_helpers_command_timeout).and_return(true)
allow(Dependabot::Experiments).to receive(:enabled?)
.with(:enable_fix_for_pnpm_no_change_error).and_return(true)
allow(Dependabot::Experiments).to receive(:enabled?)
.with(:avoid_duplicate_updates_package_json).and_return(false)
end

after do
Expand Down
2 changes: 2 additions & 0 deletions npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,6 +74,8 @@
.with(:npm_v6_deprecation_warning).and_return(true)
allow(Dependabot::Experiments).to receive(:enabled?)
.with(:enable_fix_for_pnpm_no_change_error).and_return(true)
allow(Dependabot::Experiments).to receive(:enabled?)
.with(:avoid_duplicate_updates_package_json).and_return(false)
end

after do
Expand Down
Loading

0 comments on commit 868b436

Please sign in to comment.