nhcarrigan/minori
9
0
Fork 0
generated from nhcarrigan/template
Code Issues Pull Requests 8 Actions Releases Activity

feat: add auto-merge for non-major dependency updates
Node.js CI / CI (pull_request) Failing after 8s
Details
Security Scan and Upload / Security & DefectDojo Upload (pull_request) Successful in 50s
Details

Browse Source 
Minori now automatically merges dependency update PRs when:
- The update is NOT a major version bump (to avoid breaking changes)
- The CI checks pass (status = "success")
- An existing PR for the dependency update is found

This reduces manual work for safe, non-breaking dependency updates
whilst still requiring human review for potentially breaking changes.

Changes:
- Add version comparison utility to detect major version bumps
- Add Gitea service methods for commit status and PR merging
- Add auto-merge logic to update orchestrator
- Add comprehensive tests for new functionality
This commit is contained in:
Hikari
2026-02-20 19:31:03 -08:00
committed by Naomi Carrigan
parent 2bb7208bab
commit 86d8c1ac93
7 changed files with 479 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/services/giteaService.ts
+78
View File
@@ -7,6 +7,7 @@
import axios, { isAxiosError, type AxiosInstance } from "axios";
import { config } from "../config.js";
import type {
GiteaCombinedStatus,
GiteaFile,
GiteaPullRequest,
GiteaRepository,
@@ -142,6 +143,83 @@ class GiteaService {
);
return data;
}
/**
* Gets the combined commit status for a specific commit.
* @param owner - The repository owner.
* @param repo - The repository name.
* @param sha - The commit SHA.
* @returns The combined status of all checks for the commit.
*/
public async getCommitStatus(
owner: string,
repo: string,
sha: string,
): Promise<GiteaCombinedStatus> {
const { data } = await this.client.get<GiteaCombinedStatus>(
`/repos/${owner}/${repo}/commits/${sha}/status`,
);
return data;
}
/**
* Merges a pull request.
* @param owner - The repository owner.
* @param repo - The repository name.
* @param index - The pull request index number.
* @returns True if the merge was successful, false otherwise.
*/
public async mergePullRequest(
owner: string,
repo: string,
index: number,
): Promise<boolean> {
try {
await this.client.post(
`/repos/${owner}/${repo}/pulls/${String(index)}/merge`,
{
/* eslint-disable @typescript-eslint/naming-convention -- Gitea API uses snake_case */
Do: "merge",
MergeMessageField: "",
MergeTitleField: "",
delete_branch_after_merge: true,
force_merge: false,
head_commit_id: "",
merge_when_checks_succeed: false,
/* eslint-enable @typescript-eslint/naming-convention -- End Gitea API */
},
);
return true;
} catch (error) {
if (isAxiosError(error)) {
return false;
}
throw error;
}
}
/**
* Deletes a repository branch by name.
* @param owner - The repository owner.
* @param repo - The repository name.
* @param branch - The branch name to remove.
* @returns True if successful, false otherwise.
*/
public async deleteBranch(
owner: string,
repo: string,
branch: string,
): Promise<boolean> {
try {
await this.client.delete(`/repos/${owner}/${repo}/branches/${branch}`);
return true;
} catch (error) {
if (isAxiosError(error)) {
return false;
}
throw error;
}
}
}
export { GiteaService };
src/services/updateOrchestratorService.ts
+111 -9
View File
@@ -6,6 +6,10 @@
import { config } from "../config.js";
import { logger } from "../utils/logger.js";
import {
isMajorVersionBump,
stripVersionPrefix,
} from "../utils/versionComparison.js";
import { DependencyAnalyzerService } from "./dependencyAnalyzerService.js";
import { GiteaService } from "./giteaService.js";
import {
@@ -17,15 +21,6 @@ import { NpmService } from "./npmService.js";
import type { GiteaRepository } from "../types/gitea.types.js";
import type { DependencyUpdate, PackageJson } from "../types/package.types.js";
/**
* Strips version prefix characters from a version string.
* @param version - The version string with potential prefixes.
* @returns The version without prefix characters.
*/
const stripVersionPrefix = (version: string): string => {
return version.replace(/^[<=>^~]*/, "");
};
/**
* Generates the body content for a PR.
* @param update - The dependency update information.
@@ -142,6 +137,103 @@ class UpdateOrchestratorService {
await logger.log("info", "Dependency update check complete!");
}
/**
* Attempts to merge an existing PR after checking CI status.
* @param repo - The repository information.
* @param update - The dependency update details.
* @param matchingPR - The existing PR with head SHA and number.
* @param matchingPR.head - The PR head information.
* @param matchingPR.head.sha - The commit SHA to check.
* @param matchingPR.number - The PR number for merging.
* @returns True if merge was attempted, false otherwise.
*/
private async attemptPRMerge(
repo: GiteaRepository,
update: DependencyUpdate,
matchingPR: { head: { sha: string }; number: number },
): Promise<boolean> {
const commitStatus = await this.giteaService.getCommitStatus(
config.giteaOrg,
repo.name,
matchingPR.head.sha,
);
if (commitStatus.state !== "success") {
await logger.log(
"info",
` PR exists for ${update.packageName} but CI status is ${commitStatus.state}, skipping auto-merge...`,
);
return true;
}
await logger.log(
"info",
` Auto-merging PR for ${update.packageName} (CI passed, non-major bump)...`,
);
const merged = await this.giteaService.mergePullRequest(
config.giteaOrg,
repo.name,
matchingPR.number,
);
if (merged) {
await logger.log(
"info",
` Successfully merged PR for ${update.packageName}`,
);
return true;
}
await logger.log(
"warn",
` Failed to merge PR for ${update.packageName}`,
);
return true;
}
/**
* Checks if an existing PR can be auto-merged based on CI status and version bump type.
* @param repo - The repository information.
* @param update - The dependency update details.
* @param branchName - The branch name for the PR.
* @returns True if the PR exists and was handled, false otherwise.
*/
private async checkAndMergeExistingPR(
repo: GiteaRepository,
update: DependencyUpdate,
branchName: string,
): Promise<boolean> {
const existingPRs = await this.giteaService.listPullRequests(
config.giteaOrg,
repo.name,
"open",
);
const matchingPR = existingPRs.find((pr) => {
return pr.head.ref === branchName;
});
if (matchingPR === undefined) {
return false;
}
const isMajorBump = isMajorVersionBump(
update.currentVersion,
update.latestVersion,
);
if (isMajorBump) {
await logger.log(
"info",
` PR exists for ${update.packageName} but is a major version bump, skipping auto-merge...`,
);
return true;
}
return await this.attemptPRMerge(repo, update, matchingPR);
}
/**
* Creates or updates a PR for a dependency update.
* @param repo - The repository information.
@@ -157,6 +249,16 @@ class UpdateOrchestratorService {
= `${config.prBranchPrefix}${update.packageName.replaceAll(/[/@]/g, "-")}`;
try {
const existingPRMerged = await this.checkAndMergeExistingPR(
repo,
update,
branchName,
);
if (existingPRMerged) {
return;
}
const result = await createOrUpdateBranch({
branchName: branchName,
clonedRepo: clonedRepo,
src/types/gitea.types.ts
+28 -1
View File
@@ -39,6 +39,33 @@ interface GiteaPullRequest {
state: "closed" | "open";
title: string;
}
interface GiteaCommitStatus {
context: string;
created_at: string;
description: string;
id: number;
state: "error" | "failure" | "pending" | "success" | "warning";
target_url: string;
updated_at: string;
url: string;
}
interface GiteaCombinedStatus {
commit_url: string;
repository: GiteaRepository;
sha: string;
state: "error" | "failure" | "pending" | "success" | "warning";
statuses: Array<GiteaCommitStatus>;
total_count: number;
url: string;
}
/* eslint-enable @typescript-eslint/naming-convention -- End Gitea API types */
export type { GiteaFile, GiteaPullRequest, GiteaRepository };
export type {
GiteaCombinedStatus,
GiteaCommitStatus,
GiteaFile,
GiteaPullRequest,
GiteaRepository,
};
src/utils/versionComparison.ts
+64
View File
@@ -0,0 +1,64 @@
/**
* @copyright NHCarrigan
* @license Naomi's Public License
* @author Naomi Carrigan
*/
/**
* Strips version prefix characters from a version string.
* @param version - The version string with potential prefixes.
* @returns The version without prefix characters.
*/
const stripVersionPrefix = (version: string): string => {
return version.replace(/^[<=>^~]*/, "");
};
/**
* Parses a semantic version string into its components.
* @param version - The version string to parse (e.g., "1.2.3").
* @returns An object with major, minor, and patch numbers, or null if invalid.
*/
const parseVersion = (
version: string,
): { major: number; minor: number; patch: number } | null => {
const cleaned = stripVersionPrefix(version);
const parts = cleaned.split(".");
if (parts.length < 3) {
return null;
}
const major = Number.parseInt(parts[0] ?? "0", 10);
const minor = Number.parseInt(parts[1] ?? "0", 10);
const patchPart = parts[2] ?? "0";
const patch = Number.parseInt(patchPart.split("-")[0] ?? "0", 10);
if (Number.isNaN(major) || Number.isNaN(minor) || Number.isNaN(patch)) {
return null;
}
return { major, minor, patch };
};
/**
* Determines if a version update is a major version bump.
* A major bump occurs when the major version number increases.
* @param fromVersion - The current version.
* @param toVersion - The target version.
* @returns True if this is a major version bump, false otherwise.
*/
const isMajorVersionBump = (
fromVersion: string,
toVersion: string,
): boolean => {
const from = parseVersion(fromVersion);
const to = parseVersion(toVersion);
if (from === null || to === null) {
return false;
}
return to.major > from.major;
};
export { isMajorVersionBump, stripVersionPrefix };