dependabot-core 0.79.4 → 0.80.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/lib/dependabot/file_fetchers.rb +0 -2
- data/lib/dependabot/file_parsers.rb +0 -2
- data/lib/dependabot/file_updaters.rb +0 -2
- data/lib/dependabot/file_updaters/ruby/.DS_Store +0 -0
- data/lib/dependabot/metadata_finders.rb +0 -2
- data/lib/dependabot/update_checkers.rb +0 -2
- data/lib/dependabot/utils.rb +0 -4
- data/lib/dependabot/version.rb +1 -1
- metadata +2 -20
- data/lib/dependabot/file_fetchers/dotnet/nuget.rb +0 -215
- data/lib/dependabot/file_fetchers/dotnet/nuget/import_paths_finder.rb +0 -51
- data/lib/dependabot/file_fetchers/dotnet/nuget/sln_project_paths_finder.rb +0 -55
- data/lib/dependabot/file_parsers/dotnet/nuget.rb +0 -85
- data/lib/dependabot/file_parsers/dotnet/nuget/packages_config_parser.rb +0 -65
- data/lib/dependabot/file_parsers/dotnet/nuget/project_file_parser.rb +0 -156
- data/lib/dependabot/file_parsers/dotnet/nuget/property_value_finder.rb +0 -131
- data/lib/dependabot/file_updaters/dotnet/nuget.rb +0 -151
- data/lib/dependabot/file_updaters/dotnet/nuget/packages_config_declaration_finder.rb +0 -69
- data/lib/dependabot/file_updaters/dotnet/nuget/project_file_declaration_finder.rb +0 -78
- data/lib/dependabot/file_updaters/dotnet/nuget/property_value_updater.rb +0 -64
- data/lib/dependabot/metadata_finders/dotnet/nuget.rb +0 -116
- data/lib/dependabot/update_checkers/dotnet/nuget.rb +0 -127
- data/lib/dependabot/update_checkers/dotnet/nuget/property_updater.rb +0 -97
- data/lib/dependabot/update_checkers/dotnet/nuget/repository_finder.rb +0 -232
- data/lib/dependabot/update_checkers/dotnet/nuget/requirements_updater.rb +0 -81
- data/lib/dependabot/update_checkers/dotnet/nuget/version_finder.rb +0 -231
- data/lib/dependabot/utils/dotnet/requirement.rb +0 -90
- data/lib/dependabot/utils/dotnet/version.rb +0 -22
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 701f1ba64eef71d18de5a4bcec1fbbf5d1d91c5d30e5ab1fcd38870432db5fc7
|
4
|
+
data.tar.gz: b8e5eeb7e4c669bde54cc6bc8085dd78890c25737d6341c788ec182f9c4bae6d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 63855ffb27f1219d90bff0738e2bbfc798130e11ea2fead012cb038c7a2e79f64fa0a1fa3fdee656746774e5e0f56922ce9a26ce30fa105b55410c9ed8cdbee6
|
7
|
+
data.tar.gz: c6703e69777f5a73112b9a7d75718d173db408743dbaeb9a50617d7297410db3bcd4662564e211ba7ddf66c9473f29a3ed7abfd51b8a5ca2e95929c6a5416f0e
|
data/CHANGELOG.md
CHANGED
@@ -7,7 +7,6 @@ require "dependabot/file_fetchers/java/gradle"
|
|
7
7
|
require "dependabot/file_fetchers/php/composer"
|
8
8
|
require "dependabot/file_fetchers/elixir/hex"
|
9
9
|
require "dependabot/file_fetchers/rust/cargo"
|
10
|
-
require "dependabot/file_fetchers/dotnet/nuget"
|
11
10
|
require "dependabot/file_fetchers/go/dep"
|
12
11
|
require "dependabot/file_fetchers/go/modules"
|
13
12
|
require "dependabot/file_fetchers/elm/elm_package"
|
@@ -22,7 +21,6 @@ module Dependabot
|
|
22
21
|
"composer" => FileFetchers::Php::Composer,
|
23
22
|
"hex" => FileFetchers::Elixir::Hex,
|
24
23
|
"cargo" => FileFetchers::Rust::Cargo,
|
25
|
-
"nuget" => FileFetchers::Dotnet::Nuget,
|
26
24
|
"dep" => FileFetchers::Go::Dep,
|
27
25
|
"go_modules" => FileFetchers::Go::Modules,
|
28
26
|
"elm-package" => FileFetchers::Elm::ElmPackage
|
@@ -7,7 +7,6 @@ require "dependabot/file_parsers/java/gradle"
|
|
7
7
|
require "dependabot/file_parsers/php/composer"
|
8
8
|
require "dependabot/file_parsers/elixir/hex"
|
9
9
|
require "dependabot/file_parsers/rust/cargo"
|
10
|
-
require "dependabot/file_parsers/dotnet/nuget"
|
11
10
|
require "dependabot/file_parsers/go/dep"
|
12
11
|
require "dependabot/file_parsers/go/modules"
|
13
12
|
require "dependabot/file_parsers/elm/elm_package"
|
@@ -22,7 +21,6 @@ module Dependabot
|
|
22
21
|
"composer" => FileParsers::Php::Composer,
|
23
22
|
"hex" => FileParsers::Elixir::Hex,
|
24
23
|
"cargo" => FileParsers::Rust::Cargo,
|
25
|
-
"nuget" => FileParsers::Dotnet::Nuget,
|
26
24
|
"dep" => FileParsers::Go::Dep,
|
27
25
|
"go_modules" => FileParsers::Go::Modules,
|
28
26
|
"elm-package" => FileParsers::Elm::ElmPackage
|
@@ -7,7 +7,6 @@ require "dependabot/file_updaters/java/gradle"
|
|
7
7
|
require "dependabot/file_updaters/php/composer"
|
8
8
|
require "dependabot/file_updaters/elixir/hex"
|
9
9
|
require "dependabot/file_updaters/rust/cargo"
|
10
|
-
require "dependabot/file_updaters/dotnet/nuget"
|
11
10
|
require "dependabot/file_updaters/go/dep"
|
12
11
|
require "dependabot/file_updaters/go/modules"
|
13
12
|
require "dependabot/file_updaters/elm/elm_package"
|
@@ -22,7 +21,6 @@ module Dependabot
|
|
22
21
|
"composer" => FileUpdaters::Php::Composer,
|
23
22
|
"hex" => FileUpdaters::Elixir::Hex,
|
24
23
|
"cargo" => FileUpdaters::Rust::Cargo,
|
25
|
-
"nuget" => FileUpdaters::Dotnet::Nuget,
|
26
24
|
"dep" => FileUpdaters::Go::Dep,
|
27
25
|
"go_modules" => FileUpdaters::Go::Modules,
|
28
26
|
"elm-package" => FileUpdaters::Elm::ElmPackage
|
Binary file
|
@@ -6,7 +6,6 @@ require "dependabot/metadata_finders/java/maven"
|
|
6
6
|
require "dependabot/metadata_finders/php/composer"
|
7
7
|
require "dependabot/metadata_finders/elixir/hex"
|
8
8
|
require "dependabot/metadata_finders/rust/cargo"
|
9
|
-
require "dependabot/metadata_finders/dotnet/nuget"
|
10
9
|
require "dependabot/metadata_finders/go/dep"
|
11
10
|
require "dependabot/metadata_finders/elm/elm_package"
|
12
11
|
|
@@ -20,7 +19,6 @@ module Dependabot
|
|
20
19
|
"composer" => MetadataFinders::Php::Composer,
|
21
20
|
"hex" => MetadataFinders::Elixir::Hex,
|
22
21
|
"cargo" => MetadataFinders::Rust::Cargo,
|
23
|
-
"nuget" => MetadataFinders::Dotnet::Nuget,
|
24
22
|
"dep" => MetadataFinders::Go::Dep,
|
25
23
|
"go_modules" => MetadataFinders::Go::Dep,
|
26
24
|
"elm-package" => MetadataFinders::Elm::ElmPackage
|
@@ -7,7 +7,6 @@ require "dependabot/update_checkers/java/gradle"
|
|
7
7
|
require "dependabot/update_checkers/php/composer"
|
8
8
|
require "dependabot/update_checkers/elixir/hex"
|
9
9
|
require "dependabot/update_checkers/rust/cargo"
|
10
|
-
require "dependabot/update_checkers/dotnet/nuget"
|
11
10
|
require "dependabot/update_checkers/go/dep"
|
12
11
|
require "dependabot/update_checkers/go/modules"
|
13
12
|
require "dependabot/update_checkers/elm/elm_package"
|
@@ -22,7 +21,6 @@ module Dependabot
|
|
22
21
|
"composer" => UpdateCheckers::Php::Composer,
|
23
22
|
"hex" => UpdateCheckers::Elixir::Hex,
|
24
23
|
"cargo" => UpdateCheckers::Rust::Cargo,
|
25
|
-
"nuget" => UpdateCheckers::Dotnet::Nuget,
|
26
24
|
"dep" => UpdateCheckers::Go::Dep,
|
27
25
|
"go_modules" => UpdateCheckers::Go::Modules,
|
28
26
|
"elm-package" => UpdateCheckers::Elm::ElmPackage
|
data/lib/dependabot/utils.rb
CHANGED
@@ -1,6 +1,5 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require "dependabot/utils/dotnet/version"
|
4
3
|
require "dependabot/utils/elixir/version"
|
5
4
|
require "dependabot/utils/java/version"
|
6
5
|
require "dependabot/utils/java_script/version"
|
@@ -9,7 +8,6 @@ require "dependabot/utils/rust/version"
|
|
9
8
|
require "dependabot/utils/go/version"
|
10
9
|
require "dependabot/utils/elm/version"
|
11
10
|
|
12
|
-
require "dependabot/utils/dotnet/requirement"
|
13
11
|
require "dependabot/utils/elixir/requirement"
|
14
12
|
require "dependabot/utils/java/requirement"
|
15
13
|
require "dependabot/utils/java_script/requirement"
|
@@ -27,7 +25,6 @@ module Dependabot
|
|
27
25
|
"bundler" => Gem::Version,
|
28
26
|
"submodules" => Gem::Version,
|
29
27
|
"docker" => Gem::Version,
|
30
|
-
"nuget" => Utils::Dotnet::Version,
|
31
28
|
"maven" => Utils::Java::Version,
|
32
29
|
"gradle" => Utils::Java::Version,
|
33
30
|
"npm_and_yarn" => Utils::JavaScript::Version,
|
@@ -54,7 +51,6 @@ module Dependabot
|
|
54
51
|
"bundler" => Utils::Ruby::Requirement,
|
55
52
|
"submodules" => Utils::Ruby::Requirement,
|
56
53
|
"docker" => Utils::Ruby::Requirement,
|
57
|
-
"nuget" => Utils::Dotnet::Requirement,
|
58
54
|
"maven" => Utils::Java::Requirement,
|
59
55
|
"gradle" => Utils::Java::Requirement,
|
60
56
|
"npm_and_yarn" => Utils::JavaScript::Requirement,
|
data/lib/dependabot/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-core
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.80.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
@@ -375,9 +375,6 @@ files:
|
|
375
375
|
- lib/dependabot/file_fetchers.rb
|
376
376
|
- lib/dependabot/file_fetchers/README.md
|
377
377
|
- lib/dependabot/file_fetchers/base.rb
|
378
|
-
- lib/dependabot/file_fetchers/dotnet/nuget.rb
|
379
|
-
- lib/dependabot/file_fetchers/dotnet/nuget/import_paths_finder.rb
|
380
|
-
- lib/dependabot/file_fetchers/dotnet/nuget/sln_project_paths_finder.rb
|
381
378
|
- lib/dependabot/file_fetchers/elixir/hex.rb
|
382
379
|
- lib/dependabot/file_fetchers/elm/elm_package.rb
|
383
380
|
- lib/dependabot/file_fetchers/go/dep.rb
|
@@ -397,10 +394,6 @@ files:
|
|
397
394
|
- lib/dependabot/file_parsers/README.md
|
398
395
|
- lib/dependabot/file_parsers/base.rb
|
399
396
|
- lib/dependabot/file_parsers/base/dependency_set.rb
|
400
|
-
- lib/dependabot/file_parsers/dotnet/nuget.rb
|
401
|
-
- lib/dependabot/file_parsers/dotnet/nuget/packages_config_parser.rb
|
402
|
-
- lib/dependabot/file_parsers/dotnet/nuget/project_file_parser.rb
|
403
|
-
- lib/dependabot/file_parsers/dotnet/nuget/property_value_finder.rb
|
404
397
|
- lib/dependabot/file_parsers/elixir/hex.rb
|
405
398
|
- lib/dependabot/file_parsers/elm/elm_package.rb
|
406
399
|
- lib/dependabot/file_parsers/go/dep.rb
|
@@ -421,10 +414,6 @@ files:
|
|
421
414
|
- lib/dependabot/file_updaters.rb
|
422
415
|
- lib/dependabot/file_updaters/README.md
|
423
416
|
- lib/dependabot/file_updaters/base.rb
|
424
|
-
- lib/dependabot/file_updaters/dotnet/nuget.rb
|
425
|
-
- lib/dependabot/file_updaters/dotnet/nuget/packages_config_declaration_finder.rb
|
426
|
-
- lib/dependabot/file_updaters/dotnet/nuget/project_file_declaration_finder.rb
|
427
|
-
- lib/dependabot/file_updaters/dotnet/nuget/property_value_updater.rb
|
428
417
|
- lib/dependabot/file_updaters/elixir/hex.rb
|
429
418
|
- lib/dependabot/file_updaters/elixir/hex/lockfile_updater.rb
|
430
419
|
- lib/dependabot/file_updaters/elixir/hex/mixfile_git_pin_updater.rb
|
@@ -454,6 +443,7 @@ files:
|
|
454
443
|
- lib/dependabot/file_updaters/php/composer.rb
|
455
444
|
- lib/dependabot/file_updaters/php/composer/lockfile_updater.rb
|
456
445
|
- lib/dependabot/file_updaters/php/composer/manifest_updater.rb
|
446
|
+
- lib/dependabot/file_updaters/ruby/.DS_Store
|
457
447
|
- lib/dependabot/file_updaters/ruby/bundler.rb
|
458
448
|
- lib/dependabot/file_updaters/ruby/bundler/gemfile_updater.rb
|
459
449
|
- lib/dependabot/file_updaters/ruby/bundler/gemspec_dependency_name_finder.rb
|
@@ -474,7 +464,6 @@ files:
|
|
474
464
|
- lib/dependabot/metadata_finders/base/changelog_pruner.rb
|
475
465
|
- lib/dependabot/metadata_finders/base/commits_finder.rb
|
476
466
|
- lib/dependabot/metadata_finders/base/release_finder.rb
|
477
|
-
- lib/dependabot/metadata_finders/dotnet/nuget.rb
|
478
467
|
- lib/dependabot/metadata_finders/elixir/hex.rb
|
479
468
|
- lib/dependabot/metadata_finders/elm/elm_package.rb
|
480
469
|
- lib/dependabot/metadata_finders/go/dep.rb
|
@@ -497,11 +486,6 @@ files:
|
|
497
486
|
- lib/dependabot/update_checkers.rb
|
498
487
|
- lib/dependabot/update_checkers/README.md
|
499
488
|
- lib/dependabot/update_checkers/base.rb
|
500
|
-
- lib/dependabot/update_checkers/dotnet/nuget.rb
|
501
|
-
- lib/dependabot/update_checkers/dotnet/nuget/property_updater.rb
|
502
|
-
- lib/dependabot/update_checkers/dotnet/nuget/repository_finder.rb
|
503
|
-
- lib/dependabot/update_checkers/dotnet/nuget/requirements_updater.rb
|
504
|
-
- lib/dependabot/update_checkers/dotnet/nuget/version_finder.rb
|
505
489
|
- lib/dependabot/update_checkers/elixir/hex.rb
|
506
490
|
- lib/dependabot/update_checkers/elixir/hex/file_preparer.rb
|
507
491
|
- lib/dependabot/update_checkers/elixir/hex/requirements_updater.rb
|
@@ -547,8 +531,6 @@ files:
|
|
547
531
|
- lib/dependabot/update_checkers/rust/cargo/requirements_updater.rb
|
548
532
|
- lib/dependabot/update_checkers/rust/cargo/version_resolver.rb
|
549
533
|
- lib/dependabot/utils.rb
|
550
|
-
- lib/dependabot/utils/dotnet/requirement.rb
|
551
|
-
- lib/dependabot/utils/dotnet/version.rb
|
552
534
|
- lib/dependabot/utils/elixir/requirement.rb
|
553
535
|
- lib/dependabot/utils/elixir/version.rb
|
554
536
|
- lib/dependabot/utils/elm/requirement.rb
|
@@ -1,215 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require "dependabot/file_fetchers/base"
|
4
|
-
|
5
|
-
module Dependabot
|
6
|
-
module FileFetchers
|
7
|
-
module Dotnet
|
8
|
-
class Nuget < Dependabot::FileFetchers::Base
|
9
|
-
require "dependabot/file_fetchers/dotnet/nuget/import_paths_finder"
|
10
|
-
require "dependabot/file_fetchers/dotnet/nuget/sln_project_paths_finder"
|
11
|
-
|
12
|
-
def self.required_files_in?(filenames)
|
13
|
-
return true if filenames.any? { |f| f.match?(/^packages\.config$/i) }
|
14
|
-
return true if filenames.any? { |f| f.end_with?(".sln") }
|
15
|
-
|
16
|
-
filenames.any? { |name| name.match?(%r{^[^/]*\.[a-z]{2}proj$}) }
|
17
|
-
end
|
18
|
-
|
19
|
-
def self.required_files_message
|
20
|
-
"Repo must contain a .(cs|vb|fs)proj file or a packages.config."
|
21
|
-
end
|
22
|
-
|
23
|
-
private
|
24
|
-
|
25
|
-
def fetch_files
|
26
|
-
fetched_files = []
|
27
|
-
fetched_files += project_files
|
28
|
-
fetched_files += directory_build_props_files
|
29
|
-
fetched_files += imported_property_files
|
30
|
-
|
31
|
-
fetched_files += packages_config_files
|
32
|
-
fetched_files << nuget_config if nuget_config
|
33
|
-
|
34
|
-
fetched_files = fetched_files.uniq
|
35
|
-
|
36
|
-
if project_files.none? && packages_config_files.none?
|
37
|
-
raise(
|
38
|
-
Dependabot::DependencyFileNotFound,
|
39
|
-
File.join(directory, "<anything>.(cs|vb|fs)proj")
|
40
|
-
)
|
41
|
-
end
|
42
|
-
|
43
|
-
fetched_files
|
44
|
-
end
|
45
|
-
|
46
|
-
def project_files
|
47
|
-
@project_files ||=
|
48
|
-
begin
|
49
|
-
project_files = []
|
50
|
-
project_files << csproj_file if csproj_file
|
51
|
-
project_files << vbproj_file if vbproj_file
|
52
|
-
project_files << fsproj_file if fsproj_file
|
53
|
-
|
54
|
-
project_files += sln_project_files
|
55
|
-
project_files
|
56
|
-
end
|
57
|
-
rescue Octokit::NotFound, Gitlab::Error::NotFound
|
58
|
-
raise(
|
59
|
-
Dependabot::DependencyFileNotFound,
|
60
|
-
File.join(directory, "<anything>.(cs|vb|fs)proj")
|
61
|
-
)
|
62
|
-
end
|
63
|
-
|
64
|
-
def packages_config_files
|
65
|
-
return @packages_config_files if @packages_config_files
|
66
|
-
|
67
|
-
candidate_paths =
|
68
|
-
[*project_files.map { |f| File.dirname(f.name) }, "."].uniq
|
69
|
-
|
70
|
-
@packages_config_files ||=
|
71
|
-
candidate_paths.map do |dir|
|
72
|
-
file = repo_contents(dir: dir).
|
73
|
-
find { |f| f.name.casecmp("packages.config").zero? }
|
74
|
-
fetch_file_from_host(File.join(dir, file.name)) if file
|
75
|
-
end.compact
|
76
|
-
end
|
77
|
-
|
78
|
-
def sln_file
|
79
|
-
return unless sln_file_name
|
80
|
-
|
81
|
-
@sln_file ||= fetch_file_from_host(sln_file_name)
|
82
|
-
end
|
83
|
-
|
84
|
-
def sln_file_name
|
85
|
-
sln_files = repo_contents.select { |f| f.name.end_with?(".sln") }
|
86
|
-
|
87
|
-
# If there are no sln files, just return `nil`
|
88
|
-
return if sln_files.none?
|
89
|
-
|
90
|
-
# Use the biggest sln file
|
91
|
-
sln_files.max_by(&:size).name
|
92
|
-
end
|
93
|
-
|
94
|
-
def directory_build_props_files
|
95
|
-
return @directory_build_props_files if @directory_build_checked
|
96
|
-
|
97
|
-
@directory_build_checked = true
|
98
|
-
attempted_paths = []
|
99
|
-
@directory_build_props_files = []
|
100
|
-
|
101
|
-
# Don't need to insert "." here, because Directory.Build.props files
|
102
|
-
# can only be used by project files (not packages.config ones)
|
103
|
-
project_files.map { |f| File.dirname(f.name) }.uniq.map do |dir|
|
104
|
-
possible_paths = dir.split("/").map.with_index do |_, i|
|
105
|
-
base = dir.split("/").first(i + 1).join("/")
|
106
|
-
Pathname.new(base + "/Directory.Build.props").cleanpath.to_path
|
107
|
-
end.reverse + ["Directory.Build.props"]
|
108
|
-
|
109
|
-
possible_paths.each do |path|
|
110
|
-
break if attempted_paths.include?(path)
|
111
|
-
|
112
|
-
attempted_paths << path
|
113
|
-
@directory_build_props_files << fetch_file_from_host(path)
|
114
|
-
rescue Dependabot::DependencyFileNotFound
|
115
|
-
next
|
116
|
-
end
|
117
|
-
end
|
118
|
-
|
119
|
-
@directory_build_props_files
|
120
|
-
end
|
121
|
-
|
122
|
-
def sln_project_files
|
123
|
-
return [] unless sln_file
|
124
|
-
|
125
|
-
@sln_project_files ||=
|
126
|
-
begin
|
127
|
-
paths = SlnProjectPathsFinder.
|
128
|
-
new(sln_file: sln_file).
|
129
|
-
project_paths
|
130
|
-
|
131
|
-
paths.map do |path|
|
132
|
-
fetch_file_from_host(path)
|
133
|
-
rescue Dependabot::DependencyFileNotFound
|
134
|
-
# Don't worry about missing files too much for now (at least
|
135
|
-
# until we start resolving properties)
|
136
|
-
nil
|
137
|
-
end.compact
|
138
|
-
end
|
139
|
-
end
|
140
|
-
|
141
|
-
def csproj_file
|
142
|
-
@csproj_file ||=
|
143
|
-
begin
|
144
|
-
file = repo_contents.find { |f| f.name.end_with?(".csproj") }
|
145
|
-
fetch_file_from_host(file.name) if file
|
146
|
-
end
|
147
|
-
end
|
148
|
-
|
149
|
-
def vbproj_file
|
150
|
-
@vbproj_file ||=
|
151
|
-
begin
|
152
|
-
file = repo_contents.find { |f| f.name.end_with?(".vbproj") }
|
153
|
-
fetch_file_from_host(file.name) if file
|
154
|
-
end
|
155
|
-
end
|
156
|
-
|
157
|
-
def fsproj_file
|
158
|
-
@fsproj_file ||=
|
159
|
-
begin
|
160
|
-
file = repo_contents.find { |f| f.name.end_with?(".fsproj") }
|
161
|
-
fetch_file_from_host(file.name) if file
|
162
|
-
end
|
163
|
-
end
|
164
|
-
|
165
|
-
def nuget_config
|
166
|
-
@nuget_config ||=
|
167
|
-
begin
|
168
|
-
file = repo_contents.
|
169
|
-
find { |f| f.name.casecmp("nuget.config").zero? }
|
170
|
-
file = fetch_file_from_host(file.name) if file
|
171
|
-
file&.tap { |f| f.support_file = true }
|
172
|
-
end
|
173
|
-
end
|
174
|
-
|
175
|
-
def imported_property_files
|
176
|
-
imported_property_files = []
|
177
|
-
|
178
|
-
[*project_files, *directory_build_props_files].each do |proj_file|
|
179
|
-
previously_fetched_files = project_files + imported_property_files
|
180
|
-
imported_property_files +=
|
181
|
-
fetch_imported_property_files(
|
182
|
-
file: proj_file,
|
183
|
-
previously_fetched_files: previously_fetched_files
|
184
|
-
)
|
185
|
-
end
|
186
|
-
|
187
|
-
imported_property_files
|
188
|
-
end
|
189
|
-
|
190
|
-
def fetch_imported_property_files(file:, previously_fetched_files:)
|
191
|
-
paths =
|
192
|
-
ImportPathsFinder.new(project_file: file).import_paths +
|
193
|
-
ImportPathsFinder.new(project_file: file).project_reference_paths
|
194
|
-
|
195
|
-
paths.flat_map do |path|
|
196
|
-
next if previously_fetched_files.map(&:name).include?(path)
|
197
|
-
next if file.name == path
|
198
|
-
next if path.include?("$(")
|
199
|
-
|
200
|
-
fetched_file = fetch_file_from_host(path)
|
201
|
-
grandchild_property_files = fetch_imported_property_files(
|
202
|
-
file: fetched_file,
|
203
|
-
previously_fetched_files: previously_fetched_files + [file]
|
204
|
-
)
|
205
|
-
[fetched_file, *grandchild_property_files]
|
206
|
-
rescue Dependabot::DependencyFileNotFound
|
207
|
-
# Don't worry about missing files too much for now (at least
|
208
|
-
# until we start resolving properties)
|
209
|
-
nil
|
210
|
-
end.compact
|
211
|
-
end
|
212
|
-
end
|
213
|
-
end
|
214
|
-
end
|
215
|
-
end
|
@@ -1,51 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require "nokogiri"
|
4
|
-
|
5
|
-
require "pathname"
|
6
|
-
require "dependabot/file_fetchers/dotnet/nuget"
|
7
|
-
|
8
|
-
module Dependabot
|
9
|
-
module FileFetchers
|
10
|
-
module Dotnet
|
11
|
-
class Nuget
|
12
|
-
class ImportPathsFinder
|
13
|
-
def initialize(project_file:)
|
14
|
-
@project_file = project_file
|
15
|
-
end
|
16
|
-
|
17
|
-
def import_paths
|
18
|
-
doc = Nokogiri::XML(project_file.content)
|
19
|
-
doc.remove_namespaces!
|
20
|
-
doc.xpath("/Project/Import").map do |import_node|
|
21
|
-
path = import_node.attribute("Project").value.strip.tr("\\", "/")
|
22
|
-
path = File.join(current_dir, path) unless current_dir.nil?
|
23
|
-
Pathname.new(path).cleanpath.to_path
|
24
|
-
end
|
25
|
-
end
|
26
|
-
|
27
|
-
def project_reference_paths
|
28
|
-
doc = Nokogiri::XML(project_file.content)
|
29
|
-
doc.remove_namespaces!
|
30
|
-
doc.xpath("/Project/ItemGroup/ProjectReference").map do |node|
|
31
|
-
path = node.attribute("Include").value.strip.tr("\\", "/")
|
32
|
-
path = File.join(current_dir, path) unless current_dir.nil?
|
33
|
-
Pathname.new(path).cleanpath.to_path
|
34
|
-
end
|
35
|
-
end
|
36
|
-
|
37
|
-
private
|
38
|
-
|
39
|
-
attr_reader :project_file
|
40
|
-
|
41
|
-
def current_dir
|
42
|
-
parts = project_file.name.split("/")[0..-2]
|
43
|
-
return if parts.empty?
|
44
|
-
|
45
|
-
parts.join("/")
|
46
|
-
end
|
47
|
-
end
|
48
|
-
end
|
49
|
-
end
|
50
|
-
end
|
51
|
-
end
|