Fix dependency parsing from Renovate dependency dashboard

This changes the parsing to only process lines between the 'Detected dependencies' header and the next horizontal rule, which fixes an issue where dependency references in previous sections of the dashboard were being parsed incorrectly and sometimes causing weird results.
dxw · Sep 12, 2024 · e1a00ce · e1a00ce
1 parent 77d7cf9
commit e1a00ce
Show file tree

Hide file tree

Showing 2 changed files with 32 additions and 7 deletions.
diff --git a/renovate/dependencyDashboard.js b/renovate/dependencyDashboard.js
@@ -8,6 +8,12 @@ export class Dependency {
 // Matches CR LF or CR or LF.
 const LINE_SEPARATOR_REGEX = /\r?\n|\r|\n/g;
 
+// Matches the part of the Dependency Dashboard body text between the header and the horizontal rule,
+// without capturing the header or the horizontal rule itself.
+//
+// This will prevent false positives from being detected in the preamble.
+const DETECTED_DEPENDENCIES_SECTION_REGEX = /(?<=## Detected dependencies)(.*)(?=---)/s;
+
 // Matches text in backticks separated by a space.
 // Group 1 is interpreted as the name, and group 2 the version.
 // Examples:
@@ -27,11 +33,20 @@ const DEPENDENCY_NAME_AND_VERSION_REGEX = /`(\S+?) (.*)`/;
 
 const issueIsRenovateDependencyDashboard = (issue) => issue.user.login === "renovate[bot]" && issue.pull_request === undefined;
 
-const parseDependenciesFromDashboard = (issue) => issue
-  .body
-  .split(LINE_SEPARATOR_REGEX)
-  .map(parseDependencyFromLine)
-  .filter((dependency) => dependency !== null);
+const getDetectedDependencies = (issue) => {
+  const match = issue.body.match(DETECTED_DEPENDENCIES_SECTION_REGEX);
+
+  if (match === null) {
+    return null;
+  }
+
+  return match[0];
+}
+
+const parseDependenciesFromDashboard = (issue) => getDetectedDependencies(issue)
+  ?.split(LINE_SEPARATOR_REGEX)
+  ?.map(parseDependencyFromLine)
+  ?.filter((dependency) => dependency !== null);
 
 const parseDependencyFromLine = (line) => {
   const match = line.match(DEPENDENCY_NAME_AND_VERSION_REGEX);
@@ -50,7 +65,7 @@ export const handleIssuesApiResponse = (response) => {
     return [];
   }
 
-  return parseDependenciesFromDashboard(dependencyDashboardIssue);
+  return parseDependenciesFromDashboard(dependencyDashboardIssue) ?? [];
 }
 export const getDependenciesForRepo = ({ octokit, repository }) => {
   return octokit.request(repository.issues_url).then(handleIssuesApiResponse);

diff --git a/renovate/dependencyDashboard.test.js b/renovate/dependencyDashboard.test.js
@@ -24,7 +24,17 @@ describe("handleIssuesApiResponse", () => {
           user: {
             login: "renovate[bot]",
           },
-          body: "# Dependency Dashboard\nList of dependencies:\n- `libquux v4.1.1.rc4`\n- `@xyzzy/utils \"~> 22.04 Questing Quokka\"`\n\nHere's some more:\n- `baz-framework ^0.1`",
+          body: "# Dependency Dashboard\n"
+            + "Here's some things in the preamble that should not be picked up:\n"
+            + "`fake-dependency`, `another-fake-dependency`\n"
+            + "\n"
+            + "## Detected dependencies\n"
+            + "- `libquux v4.1.1.rc4`\n"
+            + "- `@xyzzy/utils \"~> 22.04 Questing Quokka\"`\n"
+            + "\n"
+            + "Here's some more:\n"
+            + "- `baz-framework ^0.1`\n"
+            + "---",
         }
       ]
     };