From f71537dfb703b5334e616a95334523bb4c7def33 Mon Sep 17 00:00:00 2001
From: "S.Sandhu" <167903774+sachin-sandhu@users.noreply.github.com>
Date: Mon, 12 Aug 2024 22:50:53 -0400
Subject: [PATCH] Fixes Dependabot::SharedHelpers::HelperSubprocessFailed -
 ERR_PNPM_UNSUPPORTED_ENGINE (#10419)

* adds exception handler for PNPM_UNSUPPORTED_ENGINE
---
 .../file_updater/pnpm_lockfile_updater.rb     | 20 ++++++
 .../pnpm_lockfile_updater_spec.rb             | 63 +++++++++++++++++++
 .../projects/pnpm/unsupported_engine/.npmrc   |  1 +
 .../pnpm/unsupported_engine/package.json      | 13 ++++
 .../pnpm/unsupported_engine/pnpm-lock.yaml    |  6 ++
 .../pnpm/unsupported_engine_npm/.npmrc        |  1 +
 .../pnpm/unsupported_engine_npm/package.json  | 15 +++++
 .../unsupported_engine_npm/pnpm-lock.yaml     |  9 +++
 .../pnpm/unsupported_engine_pnpm/.npmrc       |  5 ++
 .../pnpm/unsupported_engine_pnpm/package.json | 10 +++
 .../unsupported_engine_pnpm/pnpm-lock.yaml    |  6 ++
 11 files changed, 149 insertions(+)
 create mode 100644 npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine/.npmrc
 create mode 100644 npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine/package.json
 create mode 100644 npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine/pnpm-lock.yaml
 create mode 100644 npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine_npm/.npmrc
 create mode 100644 npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine_npm/package.json
 create mode 100644 npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine_npm/pnpm-lock.yaml
 create mode 100644 npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine_pnpm/.npmrc
 create mode 100644 npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine_pnpm/package.json
 create mode 100644 npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine_pnpm/pnpm-lock.yaml

diff --git a/npm_and_yarn/lib/dependabot/npm_and_yarn/file_updater/pnpm_lockfile_updater.rb b/npm_and_yarn/lib/dependabot/npm_and_yarn/file_updater/pnpm_lockfile_updater.rb
index 04878262b17..d38e76b69d7 100644
--- a/npm_and_yarn/lib/dependabot/npm_and_yarn/file_updater/pnpm_lockfile_updater.rb
+++ b/npm_and_yarn/lib/dependabot/npm_and_yarn/file_updater/pnpm_lockfile_updater.rb
@@ -51,6 +51,11 @@ def updated_pnpm_lock_content(pnpm_lock)
         ERR_PNPM_FETCH_500 = /ERR_PNPM_FETCH_500.*GET (?<dependency_url>.*):  - 500/
         ERR_PNPM_FETCH_502 = /ERR_PNPM_FETCH_502.*GET (?<dependency_url>.*):  - 502/
 
+        # ERR_PNPM_UNSUPPORTED_ENGINE
+        ERR_PNPM_UNSUPPORTED_ENGINE = /ERR_PNPM_UNSUPPORTED_ENGINE/
+        PACAKGE_MANAGER = /Your (?<pkg_mgr>.*) version is incompatible with/
+        VERSION_REQUIREMENT = /Expected version: (?<supported_ver>.*)\nGot: (?<detected_ver>.*)\n/
+
         def run_pnpm_update(pnpm_lock:)
           SharedHelpers.in_a_temporary_repo_directory(base_dir, repo_contents_path) do
             File.write(".npmrc", npmrc_content(pnpm_lock))
@@ -121,6 +126,8 @@ def handle_pnpm_lock_updater_error(error, pnpm_lock)
             raise_package_access_error(error_message, dependency_url, pnpm_lock)
           end
 
+          raise_unsupported_engine_error(error_message, pnpm_lock) if error_message.match?(ERR_PNPM_UNSUPPORTED_ENGINE)
+
           raise
         end
 
@@ -131,6 +138,19 @@ def raise_resolvability_error(error_message, pnpm_lock)
           raise Dependabot::DependencyFileNotResolvable, msg
         end
 
+        def raise_unsupported_engine_error(error_message, _pnpm_lock)
+          unless error_message.match(PACAKGE_MANAGER) &&
+                 error_message.match(VERSION_REQUIREMENT)
+            return
+          end
+
+          package_manager = error_message.match(PACAKGE_MANAGER).named_captures["pkg_mgr"]
+          supported_version = error_message.match(VERSION_REQUIREMENT).named_captures["supported_ver"]
+          detected_version = error_message.match(VERSION_REQUIREMENT).named_captures["detected_ver"]
+
+          raise Dependabot::ToolVersionNotSupported.new(package_manager, supported_version, detected_version)
+        end
+
         def raise_package_access_error(error_message, dependency_url, pnpm_lock)
           package_name = RegistryParser.new(resolved_url: dependency_url, credentials: credentials).dependency_name
           missing_dep = lockfile_dependencies(pnpm_lock)
diff --git a/npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater/pnpm_lockfile_updater_spec.rb b/npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater/pnpm_lockfile_updater_spec.rb
index 521e1e0e50c..bd935b97211 100644
--- a/npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater/pnpm_lockfile_updater_spec.rb
+++ b/npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater/pnpm_lockfile_updater_spec.rb
@@ -93,6 +93,69 @@
       end
     end
 
+    context "when there is a unsupported engine response from registry" do
+      let(:dependency_name) { "@blocknote/core" }
+      let(:version) { "0.15.4" }
+      let(:previous_version) { "0.15.3 " }
+      let(:requirements) do
+        [{
+          file: "package.json",
+          requirement: "0.15.4",
+          groups: ["dependencies"],
+          source: nil
+        }]
+      end
+
+      let(:project_name) { "pnpm/unsupported_engine" }
+
+      it "raises a helpful error" do
+        expect { updated_pnpm_lock_content }
+          .to raise_error(Dependabot::ToolVersionNotSupported)
+      end
+    end
+
+    context "when there is a unsupported engine (npm) response from registry" do
+      let(:dependency_name) { "@npmcli/fs" }
+      let(:version) { "3.1.1" }
+      let(:previous_version) { "3.1.0 " }
+      let(:requirements) do
+        [{
+          file: "package.json",
+          requirement: "3.1.1",
+          groups: ["devDependencies"],
+          source: nil
+        }]
+      end
+
+      let(:project_name) { "pnpm/unsupported_engine_npm" }
+
+      it "raises a helpful error" do
+        expect { updated_pnpm_lock_content }
+          .to raise_error(Dependabot::ToolVersionNotSupported)
+      end
+    end
+
+    context "when there is a unsupported engine response (pnpm) from registry" do
+      let(:dependency_name) { "eslint" }
+      let(:version) { "9.9.0" }
+      let(:previous_version) { "8.32.0" }
+      let(:requirements) do
+        [{
+          file: "package.json",
+          requirement: "9.9.0",
+          groups: ["devDependencies"],
+          source: nil
+        }]
+      end
+
+      let(:project_name) { "pnpm/unsupported_engine_pnpm" }
+
+      it "raises a helpful error" do
+        expect { updated_pnpm_lock_content }
+          .to raise_error(Dependabot::ToolVersionNotSupported)
+      end
+    end
+
     context "with a dependency that can't be found" do
       let(:project_name) { "pnpm/nonexistent_dependency_yanked_version" }
 
diff --git a/npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine/.npmrc b/npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine/.npmrc
new file mode 100644
index 00000000000..4fd021952d5
--- /dev/null
+++ b/npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine/.npmrc
@@ -0,0 +1 @@
+engine-strict=true
\ No newline at end of file
diff --git a/npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine/package.json b/npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine/package.json
new file mode 100644
index 00000000000..422d63034d3
--- /dev/null
+++ b/npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine/package.json
@@ -0,0 +1,13 @@
+{
+  "name": "test",
+  "version": "1.1.1",
+  "private": true,
+  "dependencies": {
+    "@blocknote/core": "^0.15.3"
+  },
+  "engines": {
+    "pnpm": ">=8.0.0 <11.0.0",
+    "node": ">=18.0.0 <19.0.0"
+  },
+  "packageManager": "pnpm@8.4.0+sha1.73c608c602d520c436c7b250330315d83ffcc1ee"
+}
\ No newline at end of file
diff --git a/npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine/pnpm-lock.yaml b/npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine/pnpm-lock.yaml
new file mode 100644
index 00000000000..dcb7b27e477
--- /dev/null
+++ b/npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine/pnpm-lock.yaml
@@ -0,0 +1,6 @@
+lockfileVersion: '6.0'
+
+dependencies:
+  '@blocknote/core':
+    specifier: ^0.15.3
+    version: 0.15.3
diff --git a/npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine_npm/.npmrc b/npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine_npm/.npmrc
new file mode 100644
index 00000000000..4fd021952d5
--- /dev/null
+++ b/npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine_npm/.npmrc
@@ -0,0 +1 @@
+engine-strict=true
\ No newline at end of file
diff --git a/npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine_npm/package.json b/npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine_npm/package.json
new file mode 100644
index 00000000000..f2d70ac8720
--- /dev/null
+++ b/npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine_npm/package.json
@@ -0,0 +1,15 @@
+
+{
+  "name": "name",
+  "version": "0.0.0",
+  "private": true,
+  "devDependencies": {
+    "@npmcli/fs": "3.1.0"
+  },
+  "engines": {
+    "node": "20.11.1",
+    "npm": "use pnpm",
+    "pnpm": ">=9",
+    "yarn": "use pnpm"
+  }
+}
diff --git a/npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine_npm/pnpm-lock.yaml b/npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine_npm/pnpm-lock.yaml
new file mode 100644
index 00000000000..c8dbf479ad6
--- /dev/null
+++ b/npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine_npm/pnpm-lock.yaml
@@ -0,0 +1,9 @@
+lockfileVersion: '9.0'
+
+importers:
+
+  .:
+    dependencies:
+  '@npmcli/fs@3.1.0':
+    resolution: {integrity: sha512-7kZUAaLscfgbwBQRbvdMYaZOWyMEcPTH/tJjnyAWJ/dvvs9Ef+CERx/qJb9GExJpl1qipaDGn7KqHnFGGixd0w==}
+    engines: {node: ^14.17.0 || ^16.13.0 || >=18.0.0}
diff --git a/npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine_pnpm/.npmrc b/npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine_pnpm/.npmrc
new file mode 100644
index 00000000000..a423292be30
--- /dev/null
+++ b/npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine_pnpm/.npmrc
@@ -0,0 +1,5 @@
+strict-peer-dependencies=false
+engine-strict=true
+registry=https://registry.npmjs.org/
+hoist-pattern[]=*eslint*
+use-node-version=18.0.0
diff --git a/npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine_pnpm/package.json b/npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine_pnpm/package.json
new file mode 100644
index 00000000000..f7103644e26
--- /dev/null
+++ b/npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine_pnpm/package.json
@@ -0,0 +1,10 @@
+{
+  "name": "abc",
+  "packageManager": "pnpm@8.15.1",
+  "engines": {
+    "node": "^14.16.0 || ^16.10.0 || ^17.0.0 || ^18.0.0 || ^19.0.0 || ^20.0.0"
+  },
+  "devDependencies": {
+    "eslint": "^8.32.0"
+  }
+}
diff --git a/npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine_pnpm/pnpm-lock.yaml b/npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine_pnpm/pnpm-lock.yaml
new file mode 100644
index 00000000000..2b110ba9657
--- /dev/null
+++ b/npm_and_yarn/spec/fixtures/projects/pnpm/unsupported_engine_pnpm/pnpm-lock.yaml
@@ -0,0 +1,6 @@
+lockfileVersion: '6.0'
+
+devDependencies:
+  eslint:
+    specifier: ^8.32.0
+    version: 8.57.0