Merge pull request #2949 from dependabot/go-raise-git-unreachable

go_modules raise GitDependenciesNotReachable

go_modules/lib/dependabot/go_modules/file_updater/go_mod_updater.rb

@@ -4,6 +4,7 @@
 require "dependabot/errors"
 require "dependabot/go_modules/file_updater"
 require "dependabot/go_modules/native_helpers"
+require "dependabot/go_modules/resolvability_errors"
 
 module Dependabot
   module GoModules
@@ -14,19 +15,21 @@ class GoModUpdater
         ENVIRONMENT = { "GOPRIVATE" => "*" }.freeze
 
         RESOLVABILITY_ERROR_REGEXES = [
-          # (Private) module could not be fetched
-          /go: .*: git fetch .*: exit status 128/.freeze,
           # The checksum in go.sum does not match the dowloaded content
           /verifying .*: checksum mismatch/.freeze,
+          /go: .*: go.mod has post-v\d+ module path/
+        ].freeze
+
+        REPO_RESOLVABILITY_ERROR_REGEXES = [
+          # (Private) module could not be fetched
+          /go: .*: git fetch .*: exit status 128/.freeze,
           # (Private) module could not be found
           /cannot find module providing package/.freeze,
           # Package in module was likely renamed or removed
           /module .* found \(.*\), but does not contain package/m.freeze,
           # Package does not exist, has been pulled or cannot be reached due to
           # auth problems with either git or the go proxy
-          /go: .*: unknown revision/m.freeze,
-          # Package version doesn't match the module major version
-          /go: .*: go.mod has post-v\d+ module path/m.freeze
+          /go: .*: unknown revision/m.freeze
         ].freeze
 
         MODULE_PATH_MISMATCH_REGEXES = [
@@ -263,13 +266,22 @@ def substitute_all(substitutions)
           write_go_mod(body)
         end
 
+        # rubocop:disable Metrics/AbcSize
+        # rubocop:disable Metrics/PerceivedComplexity
         def handle_subprocess_error(stderr)
           stderr = stderr.gsub(Dir.getwd, "")
 
+          # Package version doesn't match the module major version
           error_regex = RESOLVABILITY_ERROR_REGEXES.find { |r| stderr =~ r }
           if error_regex
             lines = stderr.lines.drop_while { |l| error_regex !~ l }
-            raise Dependabot::DependencyFileNotResolvable.new, lines.join
+            raise Dependabot::DependencyFileNotResolvable, lines.join
+          end
+
+          repo_error_regex = REPO_RESOLVABILITY_ERROR_REGEXES.find { |r| stderr =~ r }
+          if repo_error_regex
+            lines = stderr.lines.drop_while { |l| repo_error_regex !~ l }
+            ResolvabilityErrors.handle(lines.join, credentials: credentials)
           end
 
           path_regex = MODULE_PATH_MISMATCH_REGEXES.find { |r| stderr =~ r }
@@ -289,6 +301,8 @@ def handle_subprocess_error(stderr)
           msg = stderr.lines.last(10).join.strip
           raise Dependabot::DependabotError, msg
         end
+        # rubocop:enable Metrics/PerceivedComplexity
+        # rubocop:enable Metrics/AbcSize
 
         def go_mod_path
           return "go.mod" if directory == "/"

go_modules/lib/dependabot/go_modules/resolvability_errors.rb

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+module Dependabot
+  module GoModules
+    module ResolvabilityErrors
+      GITHUB_REPO_REGEX = %r{github.com/[^:@]*}.freeze
+
+      def self.handle(message, credentials:)
+        mod_path = message.scan(GITHUB_REPO_REGEX).first
+        raise Dependabot::DependencyFileNotResolvable, message unless mod_path
+
+        # Module not found on github.com - query for _any_ version to know if it
+        # doesn't exist (or is private) or we were just given a bad revision by this manifest
+        SharedHelpers.in_a_temporary_directory do
+          SharedHelpers.with_git_configured(credentials: credentials) do
+            File.write("go.mod", "module dummy\n")
+
+            env = { "GOPRIVATE" => "*" }
+            _, _, status = Open3.capture3(env, SharedHelpers.escape_command("go get #{mod_path}"))
+            raise Dependabot::DependencyFileNotResolvable, message if status.success?
+
+            mod_split = mod_path.split("/")
+            repo_path = if mod_split.size > 3
+                          mod_split[0..2].join("/")
+                        else
+                          mod_path
+                        end
+            raise Dependabot::GitDependenciesNotReachable, [repo_path]
+          end
+        end
+      end
+    end
+  end
+end

go_modules/lib/dependabot/go_modules/update_checker.rb

@@ -5,6 +5,7 @@
 require "dependabot/shared_helpers"
 require "dependabot/errors"
 require "dependabot/go_modules/native_helpers"
+require "dependabot/go_modules/resolvability_errors"
 require "dependabot/go_modules/version"
 
 module Dependabot
@@ -14,7 +15,8 @@ class UpdateChecker < Dependabot::UpdateCheckers::Base
         # Package url/proxy doesn't include any redirect meta tags
         /no go-import meta tags/,
         # Package url 404s
-        /404 Not Found/
+        /404 Not Found/,
+        /Repository not found/
       ].freeze
 
       def latest_resolvable_version
@@ -86,7 +88,7 @@ def find_latest_resolvable_version
 
       def handle_subprocess_error(error)
         if RESOLVABILITY_ERROR_REGEXES.any? { |rgx| error.message =~ rgx }
-          raise Dependabot::DependencyFileNotResolvable, error.message
+          ResolvabilityErrors.handle(error.message, credentials: credentials)
         end
 
         raise

go_modules/spec/dependabot/go_modules/file_updater/go_mod_updater_spec.rb

@@ -150,10 +150,12 @@
             let(:project_name) { "non_existent_dependency" }
 
             it "raises the correct error" do
-              error_class = Dependabot::DependencyFileNotResolvable
+              error_class = Dependabot::GitDependenciesNotReachable
               expect { updater.updated_go_sum_content }.
                 to raise_error(error_class) do |error|
                   expect(error.message).to include("hmarr/404")
+                  expect(error.dependency_urls).
+                    to eq(["github.com/hmarr/404"])
                 end
             end
           end