Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 031051b

Browse files
aashahaashah
committed
improve dependabot error message
1 parent 4bded57 commit 031051b

2 files changed

Lines changed: 47 additions & 3 deletions

File tree

pkg/github/dependabot.go

Lines changed: 15 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -69,7 +69,7 @@ func GetDependabotAlert(t translations.TranslationHelperFunc) inventory.ServerTo
6969
alert, resp, err := client.Dependabot.GetRepoAlert(ctx, owner, repo, alertNumber)
7070
if err != nil {
7171
return ghErrors.NewGitHubAPIErrorResponse(ctx,
72-
fmt.Sprintf("failed to get alert with number '%d'", alertNumber),
72+
dependabotErrMsg(fmt.Sprintf("failed to get alert with number '%d'", alertNumber), owner, repo, resp),
7373
resp,
7474
err,
7575
), nil, nil
@@ -160,7 +160,7 @@ func ListDependabotAlerts(t translations.TranslationHelperFunc) inventory.Server
160160
})
161161
if err != nil {
162162
return ghErrors.NewGitHubAPIErrorResponse(ctx,
163-
fmt.Sprintf("failed to list alerts for repository '%s/%s'", owner, repo),
163+
dependabotErrMsg(fmt.Sprintf("failed to list alerts for repository '%s/%s'", owner, repo), owner, repo, resp),
164164
resp,
165165
err,
166166
), nil, nil
@@ -184,3 +184,16 @@ func ListDependabotAlerts(t translations.TranslationHelperFunc) inventory.Server
184184
},
185185
)
186186
}
187+
188+
// dependabotErrMsg enhances error messages for dependabot API failures by
189+
// appending a hint about token permissions when the response indicates
190+
// the token may lack access to the repository (403 or 404).
191+
func dependabotErrMsg(base, owner, repo string, resp *github.Response) string {
192+
if resp != nil && (resp.StatusCode == http.StatusForbidden || resp.StatusCode == http.StatusNotFound) {
193+
return fmt.Sprintf("%s. Your token may not have access to Dependabot alerts on %s/%s. "+
194+
"To access Dependabot alerts, the token needs the 'security_events' scope or, for fine-grained tokens, "+
195+
"Dependabot alerts read permission for this specific repository.",
196+
base, owner, repo)
197+
}
198+
return base
199+
}

pkg/github/dependabot_test.go

Lines changed: 32 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -66,7 +66,23 @@ func Test_GetDependabotAlert(t *testing.T) {
6666
"alertNumber": float64(9999),
6767
},
6868
expectError: true,
69-
expectedErrMsg: "failed to get alert",
69+
expectedErrMsg: "Your token may not have access to Dependabot alerts on owner/repo",
70+
},
71+
{
72+
name: "alert fetch forbidden",
73+
mockedClient: MockHTTPClientWithHandlers(map[string]http.HandlerFunc{
74+
GetReposDependabotAlertsByOwnerByRepoByAlertNumber: http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
75+
w.WriteHeader(http.StatusForbidden)
76+
_, _ = w.Write([]byte(`{"message": "Resource not accessible by integration"}`))
77+
}),
78+
}),
79+
requestArgs: map[string]any{
80+
"owner": "owner",
81+
"repo": "repo",
82+
"alertNumber": float64(42),
83+
},
84+
expectError: true,
85+
expectedErrMsg: "Your token may not have access to Dependabot alerts on owner/repo",
7086
},
7187
}
7288

@@ -208,6 +224,21 @@ func Test_ListDependabotAlerts(t *testing.T) {
208224
expectError: true,
209225
expectedErrMsg: "failed to list alerts",
210226
},
227+
{
228+
name: "alerts listing forbidden includes token hint",
229+
mockedClient: MockHTTPClientWithHandlers(map[string]http.HandlerFunc{
230+
GetReposDependabotAlertsByOwnerByRepo: http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
231+
w.WriteHeader(http.StatusForbidden)
232+
_, _ = w.Write([]byte(`{"message": "Resource not accessible by integration"}`))
233+
}),
234+
}),
235+
requestArgs: map[string]any{
236+
"owner": "owner",
237+
"repo": "repo",
238+
},
239+
expectError: true,
240+
expectedErrMsg: "Your token may not have access to Dependabot alerts on owner/repo",
241+
},
211242
}
212243

213244
for _, tc := range tests {

0 commit comments

Comments
 (0)