Switch to using the new record_ecosystem_versions endpoint.
#7517
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
github-actions
bot
added
L: ruby:bundler
This was referenced Jul 4, 2023
jeffwidman
changed the title
record_ecosystem_versions endpoint.
jeffwidman
force-pushed
the
switch-to-using-record-ecosystem-versions-endpoint
branch
from
96be1bb
to
bed59e8
Compare
github-actions
bot
removed
L: ruby:bundler
jeffwidman
force-pushed
the
switch-to-using-record-ecosystem-versions-endpoint
branch
2 times, most recently
from
c2c28d2
to
1716d2c
Compare
brrygrdn
approved these changes
Jul 4, 2023
jeffwidman
force-pushed
the
switch-to-using-record-ecosystem-versions-endpoint
branch
from
ad0b2a3
to
1c173d8
Compare
jeffwidman
commented
Jul 4, 2023
| @@ -102,7 +102,7 @@ def clone_repo_contents | |||
| raise Dependabot::RepoNotFound, source | |||
| end | |||
|
|
|||
| def package_manager_version | |||
| def ecosystem_versions | |||
There was a problem hiding this comment.
This needs a code comment explaining the expected shape of the data, or possibly a doc somewhere for devs, but we're still noodling internally on what we want this to look like, so punting on those docs until later.
Right now just want to get it swapped over to this new endpoint so can start prototyping actual code to see how my design ideas hold up to reality--ie, do we want to record more/different info then I expect.
jeffwidman
commented
Jul 4, 2023
jeffwidman
commented
Jul 4, 2023
jeffwidman
commented
Jul 4, 2023
jeffwidman
force-pushed
the
switch-to-using-record-ecosystem-versions-endpoint
branch
from
1c173d8
to
ee51f3c
Compare
|
These test failures indicate may need to port the callers of this as part of this PR as well... or bury the package manager calls in private methods since the rspec './spec/dependabot/bundler/file_fetcher_spec.rb[1:1:1:5]' # Dependabot::Bundler::FileFetcher behaves like a dependency file fetcher the class doesn't define any additional public instance methods |
jeffwidman
force-pushed
the
switch-to-using-record-ecosystem-versions-endpoint
branch
from
ee51f3c
to
824ea46
Compare
github-actions
bot
added
L: ruby:bundler
jeffwidman
force-pushed
the
switch-to-using-record-ecosystem-versions-endpoint
branch
from
824ea46
to
e508a7e
Compare
This flips the `updater` to calling the new `record_ecosystem_versions` endpoint. Additionally, this flips the per-ecosystem implementations of `package_manager_version` to this new `ecosystem_versions` hash. Note that we expect the shape of the data to be slightly different in the long term for these metrics... ie, we plan to record a `min`/`max`/`raw` or something along those lines for the range of versions supported by the manifest. However, changing that will be done in separate PR's for easier review/discussion/audit of those individual ecosystems. Co-authored-by: Barry Gordon <896971+brrygrdn@users.noreply.github.com>
jeffwidman
force-pushed
the
switch-to-using-record-ecosystem-versions-endpoint
branch
from
e508a7e
to
0c2aeae
Compare
jeffwidman
deleted the
switch-to-using-record-ecosystem-versions-endpoint
branch
jeffwidman
added a commit
to dependabot/cli
that referenced
this pull request
Jul 11, 2023
This endpoint was renamed in dependabot/dependabot-core#7517 and the accompanying internal API change. So the mock here needs updating. Also updated the struct.
jeffwidman
added a commit
to dependabot/cli
that referenced
this pull request
Jul 11, 2023
This endpoint was renamed in dependabot/dependabot-core#7517 and the accompanying internal API change. So the mock here needs updating. Also updated the struct.
jeffwidman
added a commit
to dependabot/cli
that referenced
this pull request
Jul 11, 2023
) This endpoint was renamed in dependabot/dependabot-core#7517 and the accompanying internal API change. So the mock here needs updating. Also updated the struct.
jeffwidman
added a commit
to dependabot/smoke-tests
that referenced
this pull request
Jul 11, 2023
As of dependabot/dependabot-core#7517 we're now using a `record_ecosystem_versions` endpoint instead of `record_package_manager_versions`. So this updates the test expectations accordingly.
jeffwidman
added a commit
to dependabot/cli
that referenced
this pull request
Jul 11, 2023
I confused myself in the previous two PR's... the `Ecosystem` field is actually removed, and the `PackageManager` field is replaced by the `EcosystemVersions` field. For background context: * #145 * #146 * dependabot/dependabot-core#7492 * dependabot/dependabot-core#7517 Caught this discrepancy over here: * https://github.com/dependabot/smoke-tests/pull/98/files#r1260099204
jeffwidman
added a commit
to dependabot/cli
that referenced
this pull request
Jul 11, 2023
I confused myself in the previous two PR's... the `Ecosystem` field is actually removed, and the top-level `PackageManager` field is replaced by the `EcosystemVersions` field. As explained in #146, there may be an inner `PackageManager` field, which is optional. But no need to map it out in the struct, at least not yet. For background context: * #145 * #146 * dependabot/dependabot-core#7492 * dependabot/dependabot-core#7517 Caught this discrepancy over here: * https://github.com/dependabot/smoke-tests/pull/98/files#r1260099204
jeffwidman
added a commit
to dependabot/cli
that referenced
this pull request
Jul 11, 2023
I confused myself in the previous two PR's... the `Ecosystem` field is actually removed, and the top-level `PackageManager` field is replaced by the `EcosystemVersions` field. As explained in #146, there may be an inner `PackageManager` field, which is optional. But no need to map it out in the struct, at least not yet. For background context: * #145 * #146 * dependabot/dependabot-core#7492 * dependabot/dependabot-core#7517 Caught this discrepancy over here: * https://github.com/dependabot/smoke-tests/pull/98/files#r1260099204
jeffwidman
added a commit
to dependabot/cli
that referenced
this pull request
Jul 11, 2023
I confused myself in the previous two PR's... the `Ecosystem` field is actually removed, and the top-level `PackageManager` field is replaced by the `EcosystemVersions` field. As explained in #146, there may be an inner `PackageManager` field, which is optional. But no need to map it out in the struct, at least not yet. For background context: * #145 * #146 * dependabot/dependabot-core#7492 * dependabot/dependabot-core#7517 Caught this discrepancy over here: * https://github.com/dependabot/smoke-tests/pull/98/files#r1260099204
jeffwidman
added a commit
to dependabot/smoke-tests
that referenced
this pull request
Jul 11, 2023
As of dependabot/dependabot-core#7517 we're now using a `record_ecosystem_versions` endpoint instead of `record_package_manager_versions`. So this updates the test expectations accordingly.
jeffwidman
added a commit
to dependabot/smoke-tests
that referenced
this pull request
Jul 11, 2023
As of dependabot/dependabot-core#7517 we're now using a `record_ecosystem_versions` endpoint instead of `record_package_manager_versions`. So this updates the test expectations accordingly.
brettfo
pushed a commit
to brettfo/dependabot-core
that referenced
this pull request
Oct 11, 2023
This flips the `updater` to calling the new `record_ecosystem_versions` endpoint. Additionally, this flips the per-ecosystem implementations of `package_manager_version` to this new `ecosystem_versions` hash. Note that we expect the shape of the data to be slightly different in the long term for these metrics... ie, we plan to record a `min`/`max`/`raw` or something along those lines for the range of versions supported by the manifest. However, changing that will be done in separate PR's for easier review/discussion/audit of those individual ecosystems. Co-authored-by: Barry Gordon <896971+brrygrdn@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This flips the
updaterto calling the newrecord_ecosystem_versionsendpoint.
Additionally, this flips the per-ecosystem implementations of
package_manager_versionto this newecosystem_versionshash.Note that we expect the shape of the data to be slightly different in
the long term for these metrics... ie, we plan to record a
min/max/rawor something along those lines for the range ofversions supported by the manifest.
However, changing that will be done in separate PR's for easier
review/discussion/audit of those individual ecosystems.
Related:
ecosystemparam #7492