-
Notifications
You must be signed in to change notification settings - Fork 994
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
stop processing if updated_deps is empty #8193
stop processing if updated_deps is empty #8193
Conversation
if updated_deps.empty? | ||
return Dependabot.logger.info( | ||
"No update possible for #{dependency.name} #{dependency.version}" | ||
) | ||
end |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Under what situation can this happen? A test would help
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't understand either why this is needed. If there's no update possible, we should be returning an :update_not_possible
result from the UpdateChecker
(a few lines above this).
If that's not happening, that sounds like a bug in the update checking process.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We found an instance internally where the NuGet updater errored out and the result was an empty update set. While we fixed the specific issue we had, there still remains the possibility that another updater could also error out and result in an empty set, and that's why we ultimately added this check as well, to prevent the pr creator from crashing. If there is a better place for this check we can certainly move it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I see.
I think it makes sense to avoid crashing randomly while trying to create a PR. However, I don't think this is an expected error condition, but a situation that's pointing at a Dependabot bug somewhere.
So, instead of just logging a message, we should be raising an error if this happens. Maybe something like:
raise "Dependabot found some dependency requirements to unlock, yet it failed to update any dependencies"
770f4d7
to
cd0b8ad
Compare
I have adjusted the change per your suggestion, added a test for this scenario, and updated the branch. The PR should be ready for re-review. |
Generating the PR title errors when updated_deps is empty. Related work items: #2087651
80af328
to
918a33e
Compare
As part of the work inside Azure DevOps to improve dependabot (see #8179) there were other updates that needed to be split out into their own PR, specifically not continuing with an update if the updated set was empty.