From 01764b14f2d40c2b233bc777e193fdf5435d68a3 Mon Sep 17 00:00:00 2001 From: Mark Collao Date: Tue, 31 Oct 2023 12:37:34 -0500 Subject: [PATCH 1/3] add dependabot alert update endpoint --- github/dependabot_alerts.go | 30 +++++++++++++++++++++ github/dependabot_alerts_test.go | 46 ++++++++++++++++++++++++++++++++ 2 files changed, 76 insertions(+) diff --git a/github/dependabot_alerts.go b/github/dependabot_alerts.go index 177316b1dc8..9ea1f0396ab 100644 --- a/github/dependabot_alerts.go +++ b/github/dependabot_alerts.go @@ -67,6 +67,17 @@ type DependabotAlert struct { Repository *Repository `json:"repository,omitempty"` } +// DependabotAlertState represents the state of a Dependabot alert to update. +type DependabotAlertState struct { + // The state of the Dependabot alert. A dismissed_reason must be provided when setting the state to dismissed. + State string `json:"state"` + // Required when state is dismissed. A reason for dismissing the alert. + // Can be one of: fix_started, inaccurate, no_bandwidth, not_used, tolerable_risk + DismissedReason *string `json:"dismissed_reason,omitempty"` + // An optional comment associated with dismissing the alert. + DismissedComment *string `json:"dismissed_comment,omitempty"` +} + // ListAlertsOptions specifies the optional parameters to the DependabotService.ListRepoAlerts // and DependabotService.ListOrgAlerts methods. type ListAlertsOptions struct { @@ -136,3 +147,22 @@ func (s *DependabotService) GetRepoAlert(ctx context.Context, owner, repo string return alert, resp, nil } + +// UpdateAlert updates a Dependabot alert. +// +// GitHub API docs: https://docs.github.com/en/rest/dependabot/alerts?apiVersion=2022-11-28#update-a-dependabot-alert +func (s *DependabotService) UpdateAlert(ctx context.Context, owner, repo string, number int, stateInfo *DependabotAlertState) (*DependabotAlert, *Response, error) { + url := fmt.Sprintf("repos/%v/%v/dependabot/alerts/%v", owner, repo, number) + req, err := s.client.NewRequest("PATCH", url, stateInfo) + if err != nil { + return nil, nil, err + } + + alert := new(DependabotAlert) + resp, err := s.client.Do(ctx, req, alert) + if err != nil { + return nil, resp, err + } + + return alert, resp, nil +} diff --git a/github/dependabot_alerts_test.go b/github/dependabot_alerts_test.go index a7c3b14788b..45fd11ee41c 100644 --- a/github/dependabot_alerts_test.go +++ b/github/dependabot_alerts_test.go @@ -131,3 +131,49 @@ func TestDependabotService_ListOrgAlerts(t *testing.T) { return resp, err }) } + +func TestDependabotService_UpdateAlert(t *testing.T) { + client, mux, _, teardown := setup() + defer teardown() + + state := String("dismissed") + dismissedReason := String("no_bandwidth") + dismissedComment := String("no time to fix this") + + alertState := &DependabotAlertState{State: *state, DismissedReason: dismissedReason, DismissedComment: dismissedComment} + + mux.HandleFunc("/repos/o/r/dependabot/alerts/42", func(w http.ResponseWriter, r *http.Request) { + testMethod(t, r, "PATCH") + fmt.Fprint(w, `{"number":42,"state":"dismissed","dismissed_reason":"no_bandwidth","dismissed_comment":"no time to fix this"}`) + }) + + ctx := context.Background() + alert, _, err := client.Dependabot.UpdateAlert(ctx, "o", "r", 42, alertState) + if err != nil { + t.Errorf("Dependabot.UpdateAlert returned error: %v", err) + } + + want := &DependabotAlert{ + Number: Int(42), + State: String("dismissed"), + DismissedReason: String("no_bandwidth"), + DismissedComment: String("no time to fix this"), + } + if !cmp.Equal(alert, want) { + t.Errorf("Dependabot.UpdateAlert returned %+v, want %+v", alert, want) + } + + const methodName = "UpdateAlert" + testBadOptions(t, methodName, func() (err error) { + _, _, err = client.Dependabot.UpdateAlert(ctx, "\n", "\n", 0, alertState) + return err + }) + + testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { + got, resp, err := client.Dependabot.UpdateAlert(ctx, "o", "r", 42, alertState) + if got != nil { + t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got) + } + return resp, err + }) +} From d11a5bea053a6e4d8318359efd7e95ec47888d07 Mon Sep 17 00:00:00 2001 From: Mark Collao Date: Fri, 3 Nov 2023 10:13:04 -0500 Subject: [PATCH 2/3] update generated files from script --- github/github-accessors.go | 16 ++++++++++++++++ github/github-accessors_test.go | 20 ++++++++++++++++++++ 2 files changed, 36 insertions(+) diff --git a/github/github-accessors.go b/github/github-accessors.go index fc79d01d7c8..a489d66cd43 100644 --- a/github/github-accessors.go +++ b/github/github-accessors.go @@ -5302,6 +5302,22 @@ func (d *DependabotAlertEvent) GetSender() *User { return d.Sender } +// GetDismissedComment returns the DismissedComment field if it's non-nil, zero value otherwise. +func (d *DependabotAlertState) GetDismissedComment() string { + if d == nil || d.DismissedComment == nil { + return "" + } + return *d.DismissedComment +} + +// GetDismissedReason returns the DismissedReason field if it's non-nil, zero value otherwise. +func (d *DependabotAlertState) GetDismissedReason() string { + if d == nil || d.DismissedReason == nil { + return "" + } + return *d.DismissedReason +} + // GetCVEID returns the CVEID field if it's non-nil, zero value otherwise. func (d *DependabotSecurityAdvisory) GetCVEID() string { if d == nil || d.CVEID == nil { diff --git a/github/github-accessors_test.go b/github/github-accessors_test.go index ff4a49d7fb7..2c26fb6ba79 100644 --- a/github/github-accessors_test.go +++ b/github/github-accessors_test.go @@ -6244,6 +6244,26 @@ func TestDependabotAlertEvent_GetSender(tt *testing.T) { d.GetSender() } +func TestDependabotAlertState_GetDismissedComment(tt *testing.T) { + var zeroValue string + d := &DependabotAlertState{DismissedComment: &zeroValue} + d.GetDismissedComment() + d = &DependabotAlertState{} + d.GetDismissedComment() + d = nil + d.GetDismissedComment() +} + +func TestDependabotAlertState_GetDismissedReason(tt *testing.T) { + var zeroValue string + d := &DependabotAlertState{DismissedReason: &zeroValue} + d.GetDismissedReason() + d = &DependabotAlertState{} + d.GetDismissedReason() + d = nil + d.GetDismissedReason() +} + func TestDependabotSecurityAdvisory_GetCVEID(tt *testing.T) { var zeroValue string d := &DependabotSecurityAdvisory{CVEID: &zeroValue} From 82aef0389a866b3267b10610af115c9f6c5be346 Mon Sep 17 00:00:00 2001 From: Mark Collao Date: Fri, 3 Nov 2023 10:36:59 -0500 Subject: [PATCH 3/3] add metadata to DependabotService.UpdateAlert --- github/dependabot_alerts.go | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/github/dependabot_alerts.go b/github/dependabot_alerts.go index b26c7c9fcd5..f1ed126c217 100644 --- a/github/dependabot_alerts.go +++ b/github/dependabot_alerts.go @@ -156,7 +156,9 @@ func (s *DependabotService) GetRepoAlert(ctx context.Context, owner, repo string // UpdateAlert updates a Dependabot alert. // -// GitHub API docs: https://docs.github.com/en/rest/dependabot/alerts?apiVersion=2022-11-28#update-a-dependabot-alert +// GitHub API docs: https://docs.github.com/rest/dependabot/alerts#update-a-dependabot-alert +// +//meta:operation PATCH /repos/{owner}/{repo}/dependabot/alerts/{alert_number} func (s *DependabotService) UpdateAlert(ctx context.Context, owner, repo string, number int, stateInfo *DependabotAlertState) (*DependabotAlert, *Response, error) { url := fmt.Sprintf("repos/%v/%v/dependabot/alerts/%v", owner, repo, number) req, err := s.client.NewRequest("PATCH", url, stateInfo)