fix: return None instead of re-raising on invalid YAML in existing dependabot config

jmeridth · jmeridth · commit 421659e9bf41 · 2026-03-29T11:24:12.000-05:00
Fixes #523 ## What Changed build_dependabot_file() to return None instead of re-raising when an existing dependabot config has invalid YAML (e.g., duplicate keys, indentation errors). Updated existing test expectations and added a new test for the duplicate key scenario reported in the issue. ## Why When a repository had an invalid dependabot.yml (such as a duplicate key), the YAML parse error crashed the entire program, preventing all remaining repositories from being processed. Returning None allows the caller's existing `if dependabot_file is None` check to skip the repo and continue. ## Notes - The error message is still printed via the existing `print(f"YAML indentation error: {e}")` so users can identify which repo has a broken config. - The second test at line 175 (indentation error) also changed from `assertRaises` to `assertIsNone` since it exercises the same code path. Signed-off-by: jmeridth <jmeridth@gmail.com>
diff --git a/dependabot_file.py b/dependabot_file.py
@@ -251,7 +251,7 @@ def build_dependabot_file(
             dependabot_file = yaml.load(base64.b64decode(existing_config.content))
         except ruamel.yaml.YAMLError as e:
             print(f"YAML indentation error: {e}")
-            raise
+            return None
     else:
         dependabot_file = copy.deepcopy(data)
 
diff --git a/test_dependabot_file.py b/test_dependabot_file.py
@@ -131,6 +131,29 @@ def test_build_dependabot_file_with_2_space_indent_existing_config_bundler_with_
         )
         self.assertEqual(result, expected_result)
 
+    def test_build_dependabot_file_with_duplicate_key_in_existing_config(self):
+        """Test that a duplicate key in existing dependabot config returns None instead of crashing"""
+        repo = MagicMock()
+        repo.file_contents.side_effect = lambda f, filename="Gemfile": f == filename
+
+        existing_config = MagicMock()
+        existing_config.content = base64.b64encode(b"""
+version: 2
+updates:
+  - package-ecosystem: "maven"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    schedule:
+      interval: "weekly"
+      day: "friday"
+""")
+
+        result = build_dependabot_file(
+            repo, False, [], {}, existing_config, "weekly", "", [], None
+        )
+        self.assertIsNone(result)
+
     def test_build_dependabot_file_with_weird_space_indent_existing_config_bundler_with_update(
         self,
     ):
@@ -152,10 +175,10 @@ def test_build_dependabot_file_with_weird_space_indent_existing_config_bundler_w
     prefix: "chore(deps)"
   """)
 
-        with self.assertRaises(ruamel.yaml.YAMLError):
-            build_dependabot_file(
-                repo, False, [], {}, existing_config, "weekly", "", [], None
-            )
+        result = build_dependabot_file(
+            repo, False, [], {}, existing_config, "weekly", "", [], None
+        )
+        self.assertIsNone(result)
 
     def test_build_dependabot_file_with_incorrect_indentation_in_extra_dependabot_config_file(
         self,
