From dbe5f09d4bc4be556f6038fe2f054bb2f96877a2 Mon Sep 17 00:00:00 2001
From: Adam Setch <adam.setch@outlook.com>
Date: Wed, 5 Jul 2023 09:44:36 -0400
Subject: [PATCH] fix(changelog/gitlab): custom endpoint and repository length
 validation (#23165)

---
 .../update/pr/changelog/gitlab/index.spec.ts  | 30 +++++++++++++++++++
 .../update/pr/changelog/gitlab/source.ts      |  4 +++
 .../update/pr/changelog/source.spec.ts        | 11 +++++++
 .../repository/update/pr/changelog/source.ts  |  7 ++++-
 4 files changed, 51 insertions(+), 1 deletion(-)

diff --git a/lib/workers/repository/update/pr/changelog/gitlab/index.spec.ts b/lib/workers/repository/update/pr/changelog/gitlab/index.spec.ts
index 9d4101102c..bce831dde1 100644
--- a/lib/workers/repository/update/pr/changelog/gitlab/index.spec.ts
+++ b/lib/workers/repository/update/pr/changelog/gitlab/index.spec.ts
@@ -4,6 +4,7 @@ import { partial } from '../../../../../../../test/util';
 import * as semverVersioning from '../../../../../../modules/versioning/semver';
 import * as hostRules from '../../../../../../util/host-rules';
 import type { BranchUpgradeConfig } from '../../../../../types';
+import { GitLabChangeLogSource } from './source';
 
 const upgrade = partial<BranchUpgradeConfig>({
   manager: 'some-manager',
@@ -29,6 +30,8 @@ const upgrade = partial<BranchUpgradeConfig>({
 
 const matchHost = 'https://gitlab.com/';
 
+const changelogSource = new GitLabChangeLogSource();
+
 describe('workers/repository/update/pr/changelog/gitlab/index', () => {
   afterEach(() => {
     // FIXME: add missing http mocks
@@ -347,4 +350,31 @@ describe('workers/repository/update/pr/changelog/gitlab/index', () => {
       expect(config.sourceUrl).toBe(sourceUrl); // ensure unmodified function argument
     });
   });
+
+  describe('hasValidRepository', () => {
+    it('handles invalid repository', () => {
+      expect(changelogSource.hasValidRepository('foo')).toBeFalse();
+    });
+
+    it('handles valid repository', () => {
+      expect(changelogSource.hasValidRepository('some/repo')).toBeTrue();
+      expect(changelogSource.hasValidRepository('some/repo/name')).toBeTrue();
+    });
+  });
+
+  describe('getAllTags', () => {
+    it('handles endpoint', async () => {
+      httpMock
+        .scope('https://git.test.com/')
+        .get('/api/v4/projects/some%2Frepo/repository/tags?per_page=100')
+        .reply(200, [
+          { name: 'v5.2.0' },
+          { name: 'v5.4.0' },
+          { name: 'v5.5.0' },
+        ]);
+      expect(
+        await changelogSource.getAllTags('https://git.test.com/', 'some/repo')
+      ).toEqual(['v5.2.0', 'v5.4.0', 'v5.5.0']);
+    });
+  });
 });
diff --git a/lib/workers/repository/update/pr/changelog/gitlab/source.ts b/lib/workers/repository/update/pr/changelog/gitlab/source.ts
index 4dc86c3b99..1127f7bd35 100644
--- a/lib/workers/repository/update/pr/changelog/gitlab/source.ts
+++ b/lib/workers/repository/update/pr/changelog/gitlab/source.ts
@@ -18,4 +18,8 @@ export class GitLabChangeLogSource extends ChangeLogSource {
   ): string {
     return `${baseUrl}${repository}/compare/${prevHead}...${nextHead}`;
   }
+
+  override hasValidRepository(repository: string): boolean {
+    return repository.split('/').length >= 2;
+  }
 }
diff --git a/lib/workers/repository/update/pr/changelog/source.spec.ts b/lib/workers/repository/update/pr/changelog/source.spec.ts
index d28aa4090d..9e22bffe98 100644
--- a/lib/workers/repository/update/pr/changelog/source.spec.ts
+++ b/lib/workers/repository/update/pr/changelog/source.spec.ts
@@ -41,4 +41,15 @@ describe('workers/repository/update/pr/changelog/source', () => {
       );
     });
   });
+
+  describe('hasValidRepository', () => {
+    it('handles invalid repository', () => {
+      expect(changelogSource.hasValidRepository('foo')).toBeFalse();
+      expect(changelogSource.hasValidRepository('some/repo/name')).toBeFalse();
+    });
+
+    it('handles valid repository', () => {
+      expect(changelogSource.hasValidRepository('some/repo')).toBeTrue();
+    });
+  });
 });
diff --git a/lib/workers/repository/update/pr/changelog/source.ts b/lib/workers/repository/update/pr/changelog/source.ts
index 6f746bd683..2f35b16dd7 100644
--- a/lib/workers/repository/update/pr/changelog/source.ts
+++ b/lib/workers/repository/update/pr/changelog/source.ts
@@ -42,6 +42,7 @@ export abstract class ChangeLogSource {
   async getAllTags(endpoint: string, repository: string): Promise<string[]> {
     const tags = (
       await getPkgReleases({
+        registryUrls: [endpoint],
         datasource: this.datasource,
         packageName: repository,
         versioning:
@@ -91,7 +92,7 @@ export abstract class ChangeLogSource {
       return null;
     }
 
-    if (repository.split('/').length !== 2) {
+    if (is.falsy(this.hasValidRepository(repository))) {
       logger.debug(`Invalid ${this.platform} URL found: ${sourceUrl}`);
       return null;
     }
@@ -266,4 +267,8 @@ export abstract class ChangeLogSource {
   protected shouldSkipPackage(config: BranchUpgradeConfig): boolean {
     return false;
   }
+
+  hasValidRepository(repository: string): boolean {
+    return repository.split('/').length === 2;
+  }
 }
-- 
GitLab