tinglesoftware · mburumaxwell · Sep 22, 2024 · Sep 22, 2024
diff --git a/.github/workflows/extension.yml b/.github/workflows/extension.yml
@@ -50,6 +50,13 @@ jobs:
         uses: actions/setup-node@v4
         with:
           node-version: '18.x'
+          cache: npm
+
+      - name: Install (root)
+        run: npm install
+
+      - name: Format check (root)
+        run: npm run format:check
 
       - name: Install
         run: npm install

diff --git a/extension/tasks/dependabot/dependabotV2/index.ts b/extension/tasks/dependabot/dependabotV2/index.ts
@@ -1,18 +1,20 @@
-import { which, setResult, TaskResult } from "azure-pipelines-task-lib/task"
-import { debug, warning, error } from "azure-pipelines-task-lib/task"
+import { debug, error, setResult, TaskResult, warning, which } from 'azure-pipelines-task-lib/task';
+import { AzureDevOpsWebApiClient } from './utils/azure-devops/AzureDevOpsWebApiClient';
 import { DependabotCli } from './utils/dependabot-cli/DependabotCli';
-import { AzureDevOpsWebApiClient } from "./utils/azure-devops/AzureDevOpsWebApiClient";
-import { IDependabotUpdate } from "./utils/dependabot/interfaces/IDependabotConfig";
-import { DependabotOutputProcessor, parseProjectDependencyListProperty, parsePullRequestProperties } from "./utils/dependabot-cli/DependabotOutputProcessor";
-import { DependabotJobBuilder } from "./utils/dependabot-cli/DependabotJobBuilder";
+import { DependabotJobBuilder } from './utils/dependabot-cli/DependabotJobBuilder';
+import {
+  DependabotOutputProcessor,
+  parseProjectDependencyListProperty,
+  parsePullRequestProperties,
+} from './utils/dependabot-cli/DependabotOutputProcessor';
+import { IDependabotUpdate } from './utils/dependabot/interfaces/IDependabotConfig';
 import parseDependabotConfigFile from './utils/dependabot/parseConfigFile';
 import parseTaskInputConfiguration from './utils/getSharedVariables';
 
 async function run() {
   let dependabot: DependabotCli = undefined;
   let failedJobs: number = 0;
   try {
-
     // Check if required tools are installed
     debug('Checking for `docker` install...');
     which('docker', true);
@@ -33,25 +35,35 @@ async function run() {
 
     // Initialise the DevOps API clients
     // There are two clients; one for authoring pull requests and one for auto-approving pull requests (if configured)
-    const prAuthorClient = new AzureDevOpsWebApiClient(taskInputs.organizationUrl.toString(), taskInputs.systemAccessToken);
-    const prApproverClient = taskInputs.autoApprove ? new AzureDevOpsWebApiClient(taskInputs.organizationUrl.toString(), taskInputs.autoApproveUserToken || taskInputs.systemAccessToken) : null;
+    const prAuthorClient = new AzureDevOpsWebApiClient(
+      taskInputs.organizationUrl.toString(),
+      taskInputs.systemAccessToken,
+    );
+    const prApproverClient = taskInputs.autoApprove
+      ? new AzureDevOpsWebApiClient(
+          taskInputs.organizationUrl.toString(),
+          taskInputs.autoApproveUserToken || taskInputs.systemAccessToken,
+        )
+      : null;
 
     // Fetch the active pull requests created by the author user
     const prAuthorActivePullRequests = await prAuthorClient.getActivePullRequestProperties(
-      taskInputs.project, taskInputs.repository, await prAuthorClient.getUserId()
+      taskInputs.project,
+      taskInputs.repository,
+      await prAuthorClient.getUserId(),
     );
 
     // Initialise the Dependabot updater
     dependabot = new DependabotCli(
       DependabotCli.CLI_IMAGE_LATEST, // TODO: Add config for this?
       new DependabotOutputProcessor(taskInputs, prAuthorClient, prApproverClient, prAuthorActivePullRequests),
-      taskInputs.debug
+      taskInputs.debug,
     );
 
     const dependabotUpdaterOptions = {
       collectorImage: undefined, // TODO: Add config for this?
       proxyImage: undefined, // TODO: Add config for this?
-      updaterImage: undefined // TODO: Add config for this?
+      updaterImage: undefined, // TODO: Add config for this?
     };
 
     // If update identifiers are specified, select them; otherwise handle all
@@ -75,49 +87,61 @@ async function run() {
       const dependencyList = parseProjectDependencyListProperty(
         await prAuthorClient.getProjectProperties(taskInputs.project),
         taskInputs.repository,
-        update["package-ecosystem"]
+        update['package-ecosystem'],
       );
 
       // Parse the Dependabot metadata for the existing pull requests that are related to this update
       // Dependabot will use this to determine if we need to create new pull requests or update/close existing ones
-      const existingPullRequests = parsePullRequestProperties(prAuthorActivePullRequests, update["package-ecosystem"]);
+      const existingPullRequests = parsePullRequestProperties(prAuthorActivePullRequests, update['package-ecosystem']);
       const existingPullRequestDependencies = Object.entries(existingPullRequests).map(([id, deps]) => deps);
 
       // Run an update job for "all dependencies"; this will create new pull requests for dependencies that need updating
-      const allDependenciesJob = DependabotJobBuilder.newUpdateAllJob(taskInputs, updateId, update, dependabotConfig.registries, dependencyList['dependencies'], existingPullRequestDependencies);
+      const allDependenciesJob = DependabotJobBuilder.newUpdateAllJob(
+        taskInputs,
+        updateId,
+        update,
+        dependabotConfig.registries,
+        dependencyList['dependencies'],
+        existingPullRequestDependencies,
+      );
       const allDependenciesUpdateOutputs = await dependabot.update(allDependenciesJob, dependabotUpdaterOptions);
-      if (!allDependenciesUpdateOutputs || allDependenciesUpdateOutputs.filter(u => !u.success).length > 0) {
-        allDependenciesUpdateOutputs.filter(u => !u.success).forEach(u => exception(u.error));
+      if (!allDependenciesUpdateOutputs || allDependenciesUpdateOutputs.filter((u) => !u.success).length > 0) {
+        allDependenciesUpdateOutputs.filter((u) => !u.success).forEach((u) => exception(u.error));
         failedJobs++;
       }
 
       // Run an update job for each existing pull request; this will resolve merge conflicts and close pull requests that are no longer needed
       if (!taskInputs.skipPullRequests) {
         for (const pullRequestId in existingPullRequests) {
-          const updatePullRequestJob = DependabotJobBuilder.newUpdatePullRequestJob(taskInputs, pullRequestId, update, dependabotConfig.registries, existingPullRequestDependencies, existingPullRequests[pullRequestId]);
+          const updatePullRequestJob = DependabotJobBuilder.newUpdatePullRequestJob(
+            taskInputs,
+            pullRequestId,
+            update,
+            dependabotConfig.registries,
+            existingPullRequestDependencies,
+            existingPullRequests[pullRequestId],
+          );
           const updatePullRequestOutputs = await dependabot.update(updatePullRequestJob, dependabotUpdaterOptions);
-          if (!updatePullRequestOutputs || updatePullRequestOutputs.filter(u => !u.success).length > 0) {
-            updatePullRequestOutputs.filter(u => !u.success).forEach(u => exception(u.error));
+          if (!updatePullRequestOutputs || updatePullRequestOutputs.filter((u) => !u.success).length > 0) {
+            updatePullRequestOutputs.filter((u) => !u.success).forEach((u) => exception(u.error));
             failedJobs++;
           }
         }
       } else if (existingPullRequests.keys.length > 0) {
         warning(`Skipping update of existing pull requests as 'skipPullRequests' is set to 'true'`);
       }
-
     }
 
     setResult(
       failedJobs ? TaskResult.Failed : TaskResult.Succeeded,
-      failedJobs ? `${failedJobs} update job(s) failed, check logs for more information` : `All update jobs completed successfully`
+      failedJobs
+        ? `${failedJobs} update job(s) failed, check logs for more information`
+        : `All update jobs completed successfully`,
     );
-
-  }
-  catch (e) {
+  } catch (e) {
     setResult(TaskResult.Failed, e?.message);
     exception(e);
-  }
-  finally {
+  } finally {
     dependabot?.cleanup();
   }
 }

diff --git a/extension/tasks/dependabot/dependabotV2/task.json b/extension/tasks/dependabot/dependabotV2/task.json
@@ -48,7 +48,6 @@
     }
   ],
   "inputs": [
-
     {
       "name": "skipPullRequests",
       "type": "boolean",
@@ -131,7 +130,7 @@
       "helpMarkDown": "A personal access token of the user of that shall be used to approve the created PR automatically. If the same user that creates the PR should approve, this can be left empty. This won't work with if the Build Service with the build service account!",
       "visibleRule": "autoApprove=true"
     },
-    { 
+    {
       "name": "authorEmail",
       "type": "string",
       "groupName": "pull_requests",
@@ -194,7 +193,7 @@
       "required": false,
       "helpMarkDown": "The raw Personal Access Token for accessing GitHub repositories. Use this in place of `gitHubConnection` such as when it is not possible to create a service connection."
     },
-    
+
     {
       "name": "storeDependencyList",
       "type": "boolean",