feat(depbot): Update how isEnabled works for Dependabot

GeekMasher · GeekMasher · commit 31a525c5cecb · 2024-01-10T12:30:49.000Z
- Use hasVulnerabilityAlertsEnabled from API
- Update GraphQL query
- Update examples
diff --git a/examples/dependabot.py b/examples/dependabot.py
@@ -6,9 +6,13 @@
     os.environ.get("GITHUB_REPOSITORY", "GeekMasher/ghastoolkit"),
 )
 
-depgraph = Dependabot()
+dependabot = Dependabot()
 
-alerts = depgraph.getAlerts()
+if not dependabot.isEnabled():
+    print("Dependabot is not enabled")
+    exit(1)
+
+alerts = dependabot.getAlerts()
 print(f"Total Alerts :: {len(alerts)}")
 
 for alert in alerts:
diff --git a/src/ghastoolkit/octokit/dependabot.py b/src/ghastoolkit/octokit/dependabot.py
@@ -24,10 +24,12 @@ def __init__(self, repository: Optional[Repository] = None) -> None:
     def isEnabled(self) -> bool:
         """Is Dependabot enabled."""
         try:
-            self.graphql.query(
+            data = self.graphql.query(
                 "GetDependencyStatus",
                 options={"owner": self.repository.owner, "repo": self.repository.repo},
             )
+            if not data.get("hasVulnerabilityAlertsEnabled", False):
+                return False
             return True
         except:
             logger.debug(f"Failed to get alert count")
diff --git a/src/ghastoolkit/octokit/graphql/__init__.py b/src/ghastoolkit/octokit/graphql/__init__.py
@@ -1,9 +1,7 @@
 DEPENDENCY_GRAPH_STATUS = """\
 {
     repository(owner: "$owner", name: "$repo") {
-        vulnerabilityAlerts(first: 100, states: [OPEN], $cursor) {
-            totalCount
-        }
+        hasVulnerabilityAlertsEnabled
     }
 }
 """

Original file line number	Diff line number	Diff line change
`@@ -1,9 +1,7 @@`
`1`	`1`	`DEPENDENCY_GRAPH_STATUS = """\`
`2`	`2`	`{`
`3`	`3`	`repository(owner: "$owner", name: "$repo") {`
`4`		`- vulnerabilityAlerts(first: 100, states: [OPEN], $cursor) {`
`5`		`- totalCount`
`6`		`- }`
	`4`	`+ hasVulnerabilityAlertsEnabled`
`7`	`5`	`}`
`8`	`6`	`}`
`9`	`7`	`"""`