From 21c78a3ee531d1647f1a9eb9c7177374ec8849eb Mon Sep 17 00:00:00 2001
From: Stuart Morgan <stuartmorgan@google.com>
Date: Wed, 20 Jul 2022 16:30:31 -0400
Subject: [PATCH] [tool] Handle dependabot commit messages

Follow-up to https://github.com/flutter/plugins/pull/6124; that version
works if the tooling actually gets the PR description, but due to
https://github.com/cirruslabs/cirrus-ci-docs/issues/1029 we may get the
commit message instead, so we need to detect that as well.

Part of https://github.com/flutter/flutter/issues/107942
---
 .../tool/lib/src/version_check_command.dart   | 10 +++-
 .../tool/test/version_check_command_test.dart | 58 +++++++++++++++++++
 2 files changed, 66 insertions(+), 2 deletions(-)

diff --git a/script/tool/lib/src/version_check_command.dart b/script/tool/lib/src/version_check_command.dart
index e914d2f080e5..30a45d33a77f 100644
--- a/script/tool/lib/src/version_check_command.dart
+++ b/script/tool/lib/src/version_check_command.dart
@@ -627,7 +627,12 @@ ${indentation}The first version listed in CHANGELOG.md is $fromChangeLog.
 
     // A string that is in all Dependabot PRs, but extremely unlikely to be in
     // any other PR, to identify Dependabot PRs.
-    const String dependabotMarker = 'Dependabot commands and options';
+    const String dependabotPRDescriptionMarker =
+        'Dependabot commands and options';
+    // The same thing, but for the Dependabot commit message, to work around
+    // https://github.com/cirruslabs/cirrus-ci-docs/issues/1029.
+    const String dependabotCommitMessageMarker =
+        'Signed-off-by: dependabot[bot]';
     // Expression to extract the name of the dependency being updated.
     final RegExp dependencyRegex =
         RegExp(r'Bumps? \[(.*?)\]\(.*?\) from [\d.]+ to [\d.]+');
@@ -641,7 +646,8 @@ ${indentation}The first version listed in CHANGELOG.md is $fromChangeLog.
       'mockito-' // mockito-core, mockito-inline, etc.
     };
 
-    if (changeDescription.contains(dependabotMarker)) {
+    if (changeDescription.contains(dependabotPRDescriptionMarker) ||
+        changeDescription.contains(dependabotCommitMessageMarker)) {
       final Match? match = dependencyRegex.firstMatch(changeDescription);
       if (match != null) {
         final String dependency = match.group(1)!;
diff --git a/script/tool/test/version_check_command_test.dart b/script/tool/test/version_check_command_test.dart
index 82133328089e..4586070fd67e 100644
--- a/script/tool/test/version_check_command_test.dart
+++ b/script/tool/test/version_check_command_test.dart
@@ -89,6 +89,23 @@ You can trigger Dependabot actions by commenting on this PR:
 ''';
 }
 
+String _generateFakeDependabotCommitMessage(String package) {
+  return '''
+Bumps [$package](https://github.com/foo/$package) from 1.0.0 to 2.0.0.
+- [Release notes](https://github.com/foo/$package/releases)
+- [Commits](foo/$package@v4.3.1...v4.6.1)
+
+---
+updated-dependencies:
+- dependency-name: $package
+  dependency-type: direct:production
+  update-type: version-update:semver-minor
+...
+
+Signed-off-by: dependabot[bot] <support@github.com>
+''';
+}
+
 class MockProcessResult extends Mock implements io.ProcessResult {}
 
 void main() {
@@ -1290,6 +1307,47 @@ packages/plugin/android/build.gradle
             ]),
           );
         });
+
+        // Tests workaround for
+        // https://github.com/cirruslabs/cirrus-ci-docs/issues/1029.
+        test('allow list works for commit messages', () async {
+          final RepositoryPackage plugin =
+              createFakePlugin('plugin', packagesDir, version: '1.0.0');
+
+          const String changelog = '''
+## 1.0.0
+* Some changes.
+''';
+          plugin.changelogFile.writeAsStringSync(changelog);
+          processRunner.mockProcessesForExecutable['git-show'] = <io.Process>[
+            MockProcess(stdout: 'version: 1.0.0'),
+          ];
+          processRunner.mockProcessesForExecutable['git-diff'] = <io.Process>[
+            MockProcess(stdout: '''
+packages/plugin/android/build.gradle
+'''),
+          ];
+
+          final File changeDescriptionFile =
+              fileSystem.file('change_description.txt');
+          changeDescriptionFile.writeAsStringSync(
+              _generateFakeDependabotCommitMessage('mockito-core'));
+
+          final List<String> output =
+              await _runWithMissingChangeDetection(<String>[
+            '--change-description-file=${changeDescriptionFile.path}'
+          ]);
+
+          expect(
+            output,
+            containsAllInOrder(<Matcher>[
+              contains('Ignoring lack of version change for Dependabot '
+                  'change to a known internal dependency.'),
+              contains('Ignoring lack of CHANGELOG update for Dependabot '
+                  'change to a known internal dependency.'),
+            ]),
+          );
+        });
       });
     });