diff --git a/.github/linters/.markdown-lint.yml b/.github/linters/.markdown-lint.yml index 833eaff..ee3626f 100644 --- a/.github/linters/.markdown-lint.yml +++ b/.github/linters/.markdown-lint.yml @@ -1,7 +1,7 @@ --- # line length MD013: false -# singe h1 +# single h1 MD025: false # duplicate headers MD024: false diff --git a/.github/workflows/copilot-setup-steps.yml b/.github/workflows/copilot-setup-steps.yml index ed4fae7..6ad6a56 100644 --- a/.github/workflows/copilot-setup-steps.yml +++ b/.github/workflows/copilot-setup-steps.yml @@ -26,12 +26,12 @@ jobs: # If you do not check out your code, Copilot will do this for you. steps: - name: Checkout code - uses: actions/checkout@v6.0.2 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - name: Set up Python - uses: actions/setup-python@v6.2.0 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: 3.12 diff --git a/.github/workflows/docker-ci.yml b/.github/workflows/docker-ci.yml index 1f627ff..bbb93d4 100644 --- a/.github/workflows/docker-ci.yml +++ b/.github/workflows/docker-ci.yml @@ -14,7 +14,7 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.2 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - name: Build the Docker image diff --git a/.github/workflows/python-ci.yml b/.github/workflows/python-ci.yml index e1a24eb..114bf91 100644 --- a/.github/workflows/python-ci.yml +++ b/.github/workflows/python-ci.yml @@ -20,11 +20,11 @@ jobs: matrix: python-version: [3.11, 3.12] steps: - - uses: actions/checkout@v6.0.2 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v6.2.0 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: ${{ matrix.python-version }} - name: Install dependencies diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 36491ad..fa0f8ca 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -25,7 +25,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@v6.0.2 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false @@ -36,7 +36,7 @@ jobs: results_format: sarif publish_results: true - name: "Upload artifact" - uses: actions/upload-artifact@v6.0.0 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: SARIF file path: results.sarif diff --git a/.github/workflows/stale.yaml b/.github/workflows/stale.yaml index eafddaf..79e4168 100644 --- a/.github/workflows/stale.yaml +++ b/.github/workflows/stale.yaml @@ -13,7 +13,7 @@ jobs: issues: write pull-requests: read steps: - - uses: actions/stale@v10.1.1 + - uses: actions/stale@997185467fa4f803885201cee163a9f38240193d # v10.1.1 with: stale-issue-message: "This issue is stale because it has been open 21 days with no activity. Remove stale label or comment or this will be closed in 14 days." close-issue-message: "This issue was closed because it has been stalled for 35 days with no activity." diff --git a/.github/workflows/super-linter.yaml b/.github/workflows/super-linter.yaml index ea7e961..91b00d5 100644 --- a/.github/workflows/super-linter.yaml +++ b/.github/workflows/super-linter.yaml @@ -19,19 +19,19 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@v6.0.2 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 persist-credentials: false - name: Setup Python - uses: actions/setup-python@v6.2.0 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: "3.12" - name: Install dependencies run: | pip install -r requirements.txt -r requirements-test.txt - name: Lint Code Base - uses: super-linter/super-linter@d5b0a2ab116623730dd094f15ddc1b6b25bf7b99 # v8.3.2 + uses: super-linter/super-linter@61abc07d755095a68f4987d1c2c3d1d64408f1f9 # v8.5.0 env: DEFAULT_BRANCH: main GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/evergreen.py b/evergreen.py index accd553..3b22a02 100644 --- a/evergreen.py +++ b/evergreen.py @@ -472,8 +472,7 @@ def get_global_issue_id(ghe, token, organization, repository, issue_number): api_endpoint = f"{ghe}/api/v3" if ghe else "https://api.github.com" url = f"{api_endpoint}/graphql" headers = {"Authorization": f"Bearer {token}"} - data = { - "query": f""" + data = {"query": f""" query {{ repository(owner: "{organization}", name: "{repository}") {{ issue(number: {issue_number}) {{ @@ -481,8 +480,7 @@ def get_global_issue_id(ghe, token, organization, repository, issue_number): }} }} }} - """ - } + """} try: response = requests.post(url, headers=headers, json=data, timeout=20) @@ -506,8 +504,7 @@ def get_global_pr_id(ghe, token, organization, repository, pr_number): api_endpoint = f"{ghe}/api/v3" if ghe else "https://api.github.com" url = f"{api_endpoint}/graphql" headers = {"Authorization": f"Bearer {token}"} - data = { - "query": f""" + data = {"query": f""" query {{ repository(owner: "{organization}", name: "{repository}") {{ pullRequest(number: {pr_number}) {{ @@ -515,8 +512,7 @@ def get_global_pr_id(ghe, token, organization, repository, pr_number): }} }} }} - """ - } + """} try: response = requests.post(url, headers=headers, json=data, timeout=20) diff --git a/test_dependabot_file.py b/test_dependabot_file.py index 61c8901..c796080 100644 --- a/test_dependabot_file.py +++ b/test_dependabot_file.py @@ -35,8 +35,7 @@ def test_build_dependabot_file_with_schedule_day(self): for filename in filename_list: repo.file_contents.side_effect = lambda f, filename=filename: f == filename - expected_result = yaml.load( - b""" + expected_result = yaml.load(b""" version: 2 updates: - package-ecosystem: 'bundler' @@ -44,8 +43,7 @@ def test_build_dependabot_file_with_schedule_day(self): schedule: interval: 'weekly' day: 'tuesday' -""" - ) +""") result = build_dependabot_file( repo, False, [], {}, None, "weekly", "tuesday", [], None ) @@ -58,16 +56,14 @@ def test_build_dependabot_file_with_bundler(self): for filename in filename_list: repo.file_contents.side_effect = lambda f, filename=filename: f == filename - expected_result = yaml.load( - b""" + expected_result = yaml.load(b""" version: 2 updates: - package-ecosystem: 'bundler' directory: '/' schedule: interval: 'weekly' -""" - ) +""") result = build_dependabot_file( repo, False, [], {}, None, "weekly", "", [], None ) @@ -81,8 +77,7 @@ def test_build_dependabot_file_with_existing_config_bundler_no_update(self): # expected_result is None because the existing config already contains the all applicable ecosystems expected_result = None existing_config = MagicMock() - existing_config.content = base64.b64encode( - b""" + existing_config.content = base64.b64encode(b""" version: 2 updates: - package-ecosystem: "bundler" @@ -91,8 +86,7 @@ def test_build_dependabot_file_with_existing_config_bundler_no_update(self): interval: "weekly" commit-message: prefix: "chore(deps)" -""" - ) +""") result = build_dependabot_file( repo, False, [], {}, existing_config, "weekly", "", [], None ) @@ -107,8 +101,7 @@ def test_build_dependabot_file_with_2_space_indent_existing_config_bundler_with_ # expected_result maintains existing ecosystem with custom configuration # and adds new ecosystem - expected_result = yaml.load( - b""" + expected_result = yaml.load(b""" version: 2 updates: - package-ecosystem: "pip" @@ -121,11 +114,9 @@ def test_build_dependabot_file_with_2_space_indent_existing_config_bundler_with_ directory: '/' schedule: interval: 'weekly' -""" - ) +""") existing_config = MagicMock() - existing_config.content = base64.b64encode( - b""" + existing_config.content = base64.b64encode(b""" version: 2 updates: - package-ecosystem: "pip" @@ -134,8 +125,7 @@ def test_build_dependabot_file_with_2_space_indent_existing_config_bundler_with_ interval: "weekly" commit-message: prefix: "chore(deps)" -""" - ) +""") result = build_dependabot_file( repo, False, [], {}, existing_config, "weekly", "", [], None ) @@ -151,8 +141,7 @@ def test_build_dependabot_file_with_weird_space_indent_existing_config_bundler_w # expected_result maintains existing ecosystem with custom configuration # and adds new ecosystem existing_config = MagicMock() - existing_config.content = base64.b64encode( - b""" + existing_config.content = base64.b64encode(b""" version: 2 updates: - package-ecosystem: "pip" @@ -161,8 +150,7 @@ def test_build_dependabot_file_with_weird_space_indent_existing_config_bundler_w interval: "weekly" commit-message: prefix: "chore(deps)" - """ - ) + """) with self.assertRaises(ruamel.yaml.YAMLError): build_dependabot_file( @@ -179,15 +167,13 @@ def test_build_dependabot_file_with_incorrect_indentation_in_extra_dependabot_co # expected_result maintains existing ecosystem with custom configuration # and adds new ecosystem extra_dependabot_config = MagicMock() - extra_dependabot_config.content = base64.b64encode( - b""" + extra_dependabot_config.content = base64.b64encode(b""" npm: type: 'npm' url: 'https://yourprivateregistry/npm/' username: '${{secrets.username}}' password: '${{secrets.password}}' - """ - ) + """) with self.assertRaises(ruamel.yaml.YAMLError): build_dependabot_file( @@ -205,18 +191,15 @@ def test_build_dependabot_file_with_extra_dependabot_config_file(self): # expected_result maintains existing ecosystem with custom configuration # and adds new ecosystem - extra_dependabot_config = yaml.load( - b""" + extra_dependabot_config = yaml.load(b""" npm: type: 'npm' url: 'https://yourprivateregistry/npm/' username: '${{secrets.username}}' password: '${{secrets.password}}' - """ - ) + """) - expected_result = yaml.load( - b""" + expected_result = yaml.load(b""" version: 2 registries: npm: @@ -231,8 +214,7 @@ def test_build_dependabot_file_with_extra_dependabot_config_file(self): - 'npm' schedule: interval: "weekly" -""" - ) +""") result = build_dependabot_file( repo, False, [], {}, None, "weekly", "", [], extra_dependabot_config @@ -246,16 +228,14 @@ def test_build_dependabot_file_with_npm(self): for filename in filename_list: repo.file_contents.side_effect = lambda f, filename=filename: f == filename - expected_result = yaml.load( - b""" + expected_result = yaml.load(b""" version: 2 updates: - package-ecosystem: 'npm' directory: '/' schedule: interval: 'weekly' -""" - ) +""") result = build_dependabot_file( repo, False, [], {}, None, "weekly", "", [], None ) @@ -274,16 +254,14 @@ def test_build_dependabot_file_with_pip(self): for filename in filename_list: repo.file_contents.side_effect = lambda f, filename=filename: f == filename - expected_result = yaml.load( - b""" + expected_result = yaml.load(b""" version: 2 updates: - package-ecosystem: 'pip' directory: '/' schedule: interval: 'weekly' -""" - ) +""") result = build_dependabot_file( repo, False, [], {}, None, "weekly", "", [], None ) @@ -299,16 +277,14 @@ def test_build_dependabot_file_with_cargo(self): for filename in filename_list: repo.file_contents.side_effect = lambda f, filename=filename: f == filename - expected_result = yaml.load( - b""" + expected_result = yaml.load(b""" version: 2 updates: - package-ecosystem: 'cargo' directory: '/' schedule: interval: 'weekly' -""" - ) +""") result = build_dependabot_file( repo, False, [], {}, None, "weekly", "", [], None ) @@ -319,16 +295,14 @@ def test_build_dependabot_file_with_gomod(self): repo = MagicMock() repo.file_contents.side_effect = lambda filename: filename == "go.mod" - expected_result = yaml.load( - b""" + expected_result = yaml.load(b""" version: 2 updates: - package-ecosystem: 'gomod' directory: '/' schedule: interval: 'weekly' -""" - ) +""") result = build_dependabot_file( repo, False, [], {}, None, "weekly", "", [], None ) @@ -344,16 +318,14 @@ def test_build_dependabot_file_with_composer(self): for filename in filename_list: repo.file_contents.side_effect = lambda f, filename=filename: f == filename - expected_result = yaml.load( - b""" + expected_result = yaml.load(b""" version: 2 updates: - package-ecosystem: 'composer' directory: '/' schedule: interval: 'weekly' -""" - ) +""") result = build_dependabot_file( repo, False, [], {}, None, "weekly", "", [], None ) @@ -369,16 +341,14 @@ def test_build_dependabot_file_with_hex(self): for filename in filename_list: repo.file_contents.side_effect = lambda f, filename=filename: f == filename - expected_result = yaml.load( - b""" + expected_result = yaml.load(b""" version: 2 updates: - package-ecosystem: 'mix' directory: '/' schedule: interval: 'weekly' -""" - ) +""") result = build_dependabot_file( repo, False, [], {}, None, "weekly", "", [], None ) @@ -389,16 +359,14 @@ def test_build_dependabot_file_with_nuget(self): repo = MagicMock() repo.file_contents.side_effect = lambda filename: filename.endswith(".csproj") - expected_result = yaml.load( - b""" + expected_result = yaml.load(b""" version: 2 updates: - package-ecosystem: 'nuget' directory: '/' schedule: interval: 'weekly' -""" - ) +""") result = build_dependabot_file( repo, False, [], {}, None, "weekly", "", [], None ) @@ -409,16 +377,14 @@ def test_build_dependabot_file_with_docker(self): repo = MagicMock() repo.file_contents.side_effect = lambda filename: filename == "Dockerfile" - expected_result = yaml.load( - b""" + expected_result = yaml.load(b""" version: 2 updates: - package-ecosystem: 'docker' directory: '/' schedule: interval: 'weekly' -""" - ) +""") result = build_dependabot_file( repo, False, [], {}, None, "weekly", "", [], None ) @@ -429,16 +395,14 @@ def test_build_dependabot_file_with_maven(self): repo = MagicMock() repo.file_contents.side_effect = lambda filename: filename == "pom.xml" - expected_result = yaml.load( - b""" + expected_result = yaml.load(b""" version: 2 updates: - package-ecosystem: 'maven' directory: '/' schedule: interval: 'weekly' -""" - ) +""") result = build_dependabot_file( repo, False, [], {}, None, "weekly", "", [], None ) @@ -449,16 +413,14 @@ def test_build_dependabot_file_with_gradle(self): repo = MagicMock() repo.file_contents.side_effect = lambda filename: filename == "build.gradle" - expected_result = yaml.load( - b""" + expected_result = yaml.load(b""" version: 2 updates: - package-ecosystem: 'gradle' directory: '/' schedule: interval: 'weekly' -""" - ) +""") result = build_dependabot_file( repo, False, [], {}, None, "weekly", "", [], None ) @@ -474,16 +436,14 @@ def test_build_dependabot_file_with_terraform_with_files(self): [("main.tf", None)] if path == "/" else [] ) - expected_result = yaml.load( - b""" + expected_result = yaml.load(b""" version: 2 updates: - package-ecosystem: 'terraform' directory: '/' schedule: interval: 'weekly' -""" - ) +""") result = build_dependabot_file( repo, False, [], {}, None, "weekly", "", [], None ) @@ -524,16 +484,14 @@ def test_build_dependabot_file_with_devcontainers(self): [("devcontainer.json", None)] if path == ".devcontainer" else [] ) - expected_result = yaml.load( - b""" + expected_result = yaml.load(b""" version: 2 updates: - package-ecosystem: 'devcontainers' directory: '/' schedule: interval: 'weekly' -""" - ) +""") result = build_dependabot_file( repo, False, [], None, None, "weekly", "", [], None ) @@ -549,16 +507,14 @@ def test_build_dependabot_file_with_github_actions(self): [("test.yml", None)] if path == ".github/workflows" else [] ) - expected_result = yaml.load( - b""" + expected_result = yaml.load(b""" version: 2 updates: - package-ecosystem: 'github-actions' directory: '/' schedule: interval: 'weekly' -""" - ) +""") result = build_dependabot_file( repo, False, [], None, None, "weekly", "", [], None ) @@ -584,8 +540,7 @@ def test_build_dependabot_file_with_groups(self): repo = MagicMock() repo.file_contents.side_effect = lambda filename: filename == "Dockerfile" - expected_result = yaml.load( - b""" + expected_result = yaml.load(b""" version: 2 updates: - package-ecosystem: 'docker' @@ -597,8 +552,7 @@ def test_build_dependabot_file_with_groups(self): dependency-type: 'production' development-dependencies: dependency-type: 'development' -""" - ) +""") result = build_dependabot_file(repo, True, [], {}, None, "weekly", "", [], None) self.assertEqual(result, expected_result) @@ -654,16 +608,14 @@ def test_build_dependabot_file_for_multiple_repos_with_few_existing_config(self) ) existing_config = MagicMock() - existing_config.content = base64.b64encode( - b""" + existing_config.content = base64.b64encode(b""" version: 2 updates: - package-ecosystem: 'bundler' directory: '/' schedule: interval: 'weekly' -""" - ) +""") exempt_ecosystems = [] result = build_dependabot_file( @@ -686,16 +638,14 @@ def test_build_dependabot_file_for_multiple_repos_with_few_existing_config(self) lambda f, filename=filename: f == filename ) yaml.preserve_quotes = True - expected_result = yaml.load( - b""" + expected_result = yaml.load(b""" version: 2 updates: - package-ecosystem: 'npm' directory: '/' schedule: interval: 'weekly' -""" - ) +""") result = build_dependabot_file( no_existing_config_repo, False, @@ -716,16 +666,14 @@ def test_check_multiple_repos_with_no_dependabot_config(self): mock_repo_1 = MagicMock() mock_repo_1.file_contents.side_effect = lambda filename: filename == "go.mod" - expected_result = yaml.load( - b""" + expected_result = yaml.load(b""" version: 2 updates: - package-ecosystem: 'gomod' directory: '/' schedule: interval: 'weekly' -""" - ) +""") exempt_ecosystems = [] result = build_dependabot_file( mock_repo_1, False, exempt_ecosystems, {}, None, "weekly", "", [], None @@ -738,16 +686,14 @@ def test_check_multiple_repos_with_no_dependabot_config(self): no_existing_config_repo.file_contents.side_effect = ( lambda f, filename=filename: f == filename ) - expected_result = yaml.load( - b""" + expected_result = yaml.load(b""" version: 2 updates: - package-ecosystem: 'npm' directory: '/' schedule: interval: 'weekly' -""" - ) +""") result = build_dependabot_file( no_existing_config_repo, False, @@ -768,8 +714,7 @@ def test_build_dependabot_file_with_label(self): for filename in filename_list: repo.file_contents.side_effect = lambda f, filename=filename: f == filename - expected_result = yaml.load( - b""" + expected_result = yaml.load(b""" version: 2 updates: - package-ecosystem: 'bundler' @@ -778,8 +723,7 @@ def test_build_dependabot_file_with_label(self): interval: 'weekly' labels: - "dependencies" -""" - ) +""") result = build_dependabot_file( repo, False, [], {}, None, "weekly", "", ["dependencies"], None ) @@ -792,8 +736,7 @@ def test_build_dependabot_file_with_labels(self): for filename in filename_list: repo.file_contents.side_effect = lambda f, filename=filename: f == filename - expected_result = yaml.load( - b""" + expected_result = yaml.load(b""" version: 2 updates: - package-ecosystem: 'bundler' @@ -804,8 +747,7 @@ def test_build_dependabot_file_with_labels(self): - "dependencies" - "test1" - "test2" -""" - ) +""") result = build_dependabot_file( repo, False, @@ -826,8 +768,7 @@ def test_build_dependabot_file_preserves_existing_registries(self): # Create existing config with registries but no bundler ecosystem existing_config = MagicMock() - existing_config.content = base64.b64encode( - b""" + existing_config.content = base64.b64encode(b""" version: 2 registries: gradle-artifactory: @@ -840,11 +781,9 @@ def test_build_dependabot_file_preserves_existing_registries(self): directory: "/" schedule: interval: "weekly" -""" - ) +""") - expected_result = yaml.load( - b""" + expected_result = yaml.load(b""" version: 2 registries: gradle-artifactory: @@ -861,8 +800,7 @@ def test_build_dependabot_file_preserves_existing_registries(self): directory: '/' schedule: interval: 'weekly' -""" - ) +""") result = build_dependabot_file( repo, False, [], {}, existing_config, "weekly", "", [], None