Merge pull request #7878 from dependabot/deivid-rodriguez/improve-gra…

…dle-security-update-errors

Report gradle security update errors when dependency not found in repository

updater/lib/dependabot/updater/operations/create_security_update_pull_request.rb

@@ -40,8 +40,15 @@ def initialize(service:, job:, dependency_snapshot:, error_handler:)
         # risk, so we'll maintain the interface as-is for now, but this is
         # something we should make much more intentional in future.
         def perform
-          Dependabot.logger.info("Starting update job for #{job.source.repo}")
-          dependency_snapshot.job_dependencies.each { |dep| check_and_create_pr_with_error_handling(dep) }
+          Dependabot.logger.info("Starting security update job for #{job.source.repo}")
+
+          target_dependencies = dependency_snapshot.job_dependencies
+
+          if target_dependencies.empty?
+            record_security_update_dependency_not_found
+          else
+            target_dependencies.each { |dep| check_and_create_pr_with_error_handling(dep) }
+          end
         end
 
         private

updater/lib/dependabot/updater/security_update_helpers.rb

@@ -120,6 +120,13 @@ def record_pull_request_exists_for_security_update(existing_pull_request)
         )
       end
 
+      def record_security_update_dependency_not_found
+        service.record_update_job_error(
+          error_type: "security_update_dependency_not_found",
+          error_details: {}
+        )
+      end
+
       def earliest_fixed_version_message(lowest_non_vulnerable_version)
         if lowest_non_vulnerable_version
           "The earliest fixed version is #{lowest_non_vulnerable_version}."