fix: check that the author is defined when comparing it with dependab… (

#258) * fix: check that the author is defined when comparing it with dependabot author * fix: added unkown commit author test case
fastify · Aug 23, 2022 · 64a2b98 · 64a2b98
1 parent 5ff5a73
commit 64a2b98
Show file tree

Hide file tree

Showing 3 changed files with 36 additions and 29 deletions.
diff --git a/dist/index.js b/dist/index.js
@@ -10463,7 +10463,7 @@ module.exports = async function run() {
 
     const commits = await client.getPullRequestCommits(pr.number)
 
-    if (!commits.every(commit => commit.author.login === dependabotAuthor)) {
+    if (!commits.every(commit => commit.author?.login === dependabotAuthor)) {
       return logWarning('PR contains non dependabot commits, skipping.')
     }
 

diff --git a/src/action.js b/src/action.js
@@ -56,7 +56,7 @@ module.exports = async function run() {
 
     const commits = await client.getPullRequestCommits(pr.number)
 
-    if (!commits.every(commit => commit.author.login === dependabotAuthor)) {
+    if (!commits.every(commit => commit.author?.login === dependabotAuthor)) {
       return logWarning('PR contains non dependabot commits, skipping.')
     }
 

diff --git a/test/action.test.js b/test/action.test.js
@@ -134,38 +134,45 @@ tap.test('should skip non-dependabot PR', async () => {
   sinon.assert.notCalled(stubs.mergeStub)
 })
 
-tap.test('should skip PR with non dependabot commit', async () => {
-  const PR_NUMBER = Math.random()
-  const { action, stubs } = buildStubbedAction({
-    payload: {
-      pull_request: {
-        user: {
-          login: BOT_NAME,
+const prCommitsStubs = [
+  {
+    author: {
+      login: 'not dependabot',
+    },
+  },
+  {
+    author: undefined,
+  },
+]
+
+for (const prCommitsStub of prCommitsStubs) {
+  tap.test('should skip PR with non dependabot commit', async () => {
+    const PR_NUMBER = Math.random()
+    const { action, stubs } = buildStubbedAction({
+      payload: {
+        pull_request: {
+          user: {
+            login: BOT_NAME,
+          },
+          number: PR_NUMBER,
         },
-        number: PR_NUMBER,
       },
-    },
-    inputs: { PR_NUMBER },
-  })
+      inputs: { PR_NUMBER },
+    })
 
-  stubs.prCommitsStub.resolves([
-    {
-      author: {
-        login: 'not dependabot',
-      },
-    },
-  ])
+    stubs.prCommitsStub.resolves([prCommitsStub])
 
-  await action()
+    await action()
 
-  sinon.assert.calledOnce(stubs.prCommitsStub)
-  sinon.assert.calledWithExactly(
-    stubs.logStub.logWarning,
-    'PR contains non dependabot commits, skipping.'
-  )
-  sinon.assert.notCalled(stubs.approveStub)
-  sinon.assert.notCalled(stubs.mergeStub)
-})
+    sinon.assert.calledOnce(stubs.prCommitsStub)
+    sinon.assert.calledWithExactly(
+      stubs.logStub.logWarning,
+      'PR contains non dependabot commits, skipping.'
+    )
+    sinon.assert.notCalled(stubs.approveStub)
+    sinon.assert.notCalled(stubs.mergeStub)
+  })
+}
 
 tap.test(
   'should skip PR if dependabot commit signatures cannot be verified',