fix: check that the author is defined when comparing it with dependab… (#258)

marco-ippolito · web-flow · commit 64a2b9837155 · 2022-08-23T09:57:29.000+01:00
* fix: check that the author is defined when comparing it with dependabot author

* fix: added unkown commit author test case
diff --git a/dist/index.js b/dist/index.js
@@ -10463,7 +10463,7 @@ module.exports = async function run() {
 
     const commits = await client.getPullRequestCommits(pr.number)
 
-    if (!commits.every(commit => commit.author.login === dependabotAuthor)) {
+    if (!commits.every(commit => commit.author?.login === dependabotAuthor)) {
       return logWarning('PR contains non dependabot commits, skipping.')
     }
 
diff --git a/src/action.js b/src/action.js
@@ -56,7 +56,7 @@ module.exports = async function run() {
 
     const commits = await client.getPullRequestCommits(pr.number)
 
-    if (!commits.every(commit => commit.author.login === dependabotAuthor)) {
+    if (!commits.every(commit => commit.author?.login === dependabotAuthor)) {
       return logWarning('PR contains non dependabot commits, skipping.')
     }
 
diff --git a/test/action.test.js b/test/action.test.js
@@ -134,38 +134,45 @@ tap.test('should skip non-dependabot PR', async () => {
   sinon.assert.notCalled(stubs.mergeStub)
 })
 
-tap.test('should skip PR with non dependabot commit', async () => {
-  const PR_NUMBER = Math.random()
-  const { action, stubs } = buildStubbedAction({
-    payload: {
-      pull_request: {
-        user: {
-          login: BOT_NAME,
+const prCommitsStubs = [
+  {
+    author: {
+      login: 'not dependabot',
+    },
+  },
+  {
+    author: undefined,
+  },
+]
+
+for (const prCommitsStub of prCommitsStubs) {
+  tap.test('should skip PR with non dependabot commit', async () => {
+    const PR_NUMBER = Math.random()
+    const { action, stubs } = buildStubbedAction({
+      payload: {
+        pull_request: {
+          user: {
+            login: BOT_NAME,
+          },
+          number: PR_NUMBER,
         },
-        number: PR_NUMBER,
       },
-    },
-    inputs: { PR_NUMBER },
-  })
+      inputs: { PR_NUMBER },
+    })
 
-  stubs.prCommitsStub.resolves([
-    {
-      author: {
-        login: 'not dependabot',
-      },
-    },
-  ])
+    stubs.prCommitsStub.resolves([prCommitsStub])
 
-  await action()
+    await action()
 
-  sinon.assert.calledOnce(stubs.prCommitsStub)
-  sinon.assert.calledWithExactly(
-    stubs.logStub.logWarning,
-    'PR contains non dependabot commits, skipping.'
-  )
-  sinon.assert.notCalled(stubs.approveStub)
-  sinon.assert.notCalled(stubs.mergeStub)
-})
+    sinon.assert.calledOnce(stubs.prCommitsStub)
+    sinon.assert.calledWithExactly(
+      stubs.logStub.logWarning,
+      'PR contains non dependabot commits, skipping.'
+    )
+    sinon.assert.notCalled(stubs.approveStub)
+    sinon.assert.notCalled(stubs.mergeStub)
+  })
+}
 
 tap.test(
   'should skip PR if dependabot commit signatures cannot be verified',

Original file line number	Diff line number	Diff line change
`@@ -10463,7 +10463,7 @@ module.exports = async function run() {`
`10463`	`10463`
`10464`	`10464`	`const commits = await client.getPullRequestCommits(pr.number)`
`10465`	`10465`
`10466`		`- if (!commits.every(commit => commit.author.login === dependabotAuthor)) {`
	`10466`	`+ if (!commits.every(commit => commit.author?.login === dependabotAuthor)) {`
`10467`	`10467`	`return logWarning('PR contains non dependabot commits, skipping.')`
`10468`	`10468`	`}`
`10469`	`10469`
Original file line number	Diff line number	Diff line change
`@@ -56,7 +56,7 @@ module.exports = async function run() {`
`56`	`56`
`57`	`57`	`const commits = await client.getPullRequestCommits(pr.number)`
`58`	`58`
`59`		`- if (!commits.every(commit => commit.author.login === dependabotAuthor)) {`
	`59`	`+ if (!commits.every(commit => commit.author?.login === dependabotAuthor)) {`
`60`	`60`	`return logWarning('PR contains non dependabot commits, skipping.')`
`61`	`61`	`}`
`62`	`62`