RubyGems - dependabot-core - Versions diffs - 0.79.4 → 0.80.0 - Mend

dependabot-core 0.79.4 → 0.80.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (30) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1371be2990e098854a92821e9ace94d06f89a67edcfcd2848cbc34a42630e6bb
-  data.tar.gz: 9c8443184cadf3cc2e0c78ceaa985b4bb2cdfd40f4a106c8544a108f315f17cc
+  metadata.gz: 701f1ba64eef71d18de5a4bcec1fbbf5d1d91c5d30e5ab1fcd38870432db5fc7
+  data.tar.gz: b8e5eeb7e4c669bde54cc6bc8085dd78890c25737d6341c788ec182f9c4bae6d
 SHA512:
-  metadata.gz: 930f418bcbf974219dbd2e4b5a7b0cee4983c265de93a54cfa8445e7959d83150eccb1ffa631099691f3b29ee7401e8456d5cb6e4ea04ef37c02987d4b912053
-  data.tar.gz: 41b731241d65f023c60863701487101a5e2c216197d9590c534c6d9a33a551a755dc2cd48373f319eb5b629ca0d8a142affceeb7ba8ccd07c1d5717e1085f057
+  metadata.gz: 63855ffb27f1219d90bff0738e2bbfc798130e11ea2fead012cb038c7a2e79f64fa0a1fa3fdee656746774e5e0f56922ce9a26ce30fa105b55410c9ed8cdbee6
+  data.tar.gz: c6703e69777f5a73112b9a7d75718d173db408743dbaeb9a50617d7297410db3bcd4662564e211ba7ddf66c9473f29a3ed7abfd51b8a5ca2e95929c6a5416f0e

data/CHANGELOG.md CHANGED

@@ -1,3 +1,7 @@
+## v0.80.0, 10 December 2018
+- Extract .NET logic into a separate gem
 ## v0.79.4, 10 December 2018
 - Python: Update remaining relative paths following reorg

data/lib/dependabot/file_fetchers.rb CHANGED

@@ -7,7 +7,6 @@ require "dependabot/file_fetchers/java/gradle"
 require "dependabot/file_fetchers/php/composer"
 require "dependabot/file_fetchers/elixir/hex"
 require "dependabot/file_fetchers/rust/cargo"
-require "dependabot/file_fetchers/dotnet/nuget"
 require "dependabot/file_fetchers/go/dep"
 require "dependabot/file_fetchers/go/modules"
 require "dependabot/file_fetchers/elm/elm_package"
@@ -22,7 +21,6 @@ module Dependabot
       "composer" => FileFetchers::Php::Composer,
       "hex" => FileFetchers::Elixir::Hex,
       "cargo" => FileFetchers::Rust::Cargo,
-      "nuget" => FileFetchers::Dotnet::Nuget,
       "dep" => FileFetchers::Go::Dep,
       "go_modules" => FileFetchers::Go::Modules,
       "elm-package" => FileFetchers::Elm::ElmPackage

data/lib/dependabot/file_parsers.rb CHANGED

@@ -7,7 +7,6 @@ require "dependabot/file_parsers/java/gradle"
 require "dependabot/file_parsers/php/composer"
 require "dependabot/file_parsers/elixir/hex"
 require "dependabot/file_parsers/rust/cargo"
-require "dependabot/file_parsers/dotnet/nuget"
 require "dependabot/file_parsers/go/dep"
 require "dependabot/file_parsers/go/modules"
 require "dependabot/file_parsers/elm/elm_package"
@@ -22,7 +21,6 @@ module Dependabot
       "composer" => FileParsers::Php::Composer,
       "hex" => FileParsers::Elixir::Hex,
       "cargo" => FileParsers::Rust::Cargo,
-      "nuget" => FileParsers::Dotnet::Nuget,
       "dep" => FileParsers::Go::Dep,
       "go_modules" => FileParsers::Go::Modules,
       "elm-package" => FileParsers::Elm::ElmPackage

data/lib/dependabot/file_updaters.rb CHANGED

@@ -7,7 +7,6 @@ require "dependabot/file_updaters/java/gradle"
 require "dependabot/file_updaters/php/composer"
 require "dependabot/file_updaters/elixir/hex"
 require "dependabot/file_updaters/rust/cargo"
-require "dependabot/file_updaters/dotnet/nuget"
 require "dependabot/file_updaters/go/dep"
 require "dependabot/file_updaters/go/modules"
 require "dependabot/file_updaters/elm/elm_package"
@@ -22,7 +21,6 @@ module Dependabot
       "composer" => FileUpdaters::Php::Composer,
       "hex" => FileUpdaters::Elixir::Hex,
       "cargo" => FileUpdaters::Rust::Cargo,
-      "nuget" => FileUpdaters::Dotnet::Nuget,
       "dep" => FileUpdaters::Go::Dep,
       "go_modules" => FileUpdaters::Go::Modules,
       "elm-package" => FileUpdaters::Elm::ElmPackage

data/lib/dependabot/file_updaters/ruby/.DS_Store ADDED

Binary file

data/lib/dependabot/metadata_finders.rb CHANGED

@@ -6,7 +6,6 @@ require "dependabot/metadata_finders/java/maven"
 require "dependabot/metadata_finders/php/composer"
 require "dependabot/metadata_finders/elixir/hex"
 require "dependabot/metadata_finders/rust/cargo"
-require "dependabot/metadata_finders/dotnet/nuget"
 require "dependabot/metadata_finders/go/dep"
 require "dependabot/metadata_finders/elm/elm_package"
@@ -20,7 +19,6 @@ module Dependabot
       "composer" => MetadataFinders::Php::Composer,
       "hex" => MetadataFinders::Elixir::Hex,
       "cargo" => MetadataFinders::Rust::Cargo,
-      "nuget" => MetadataFinders::Dotnet::Nuget,
       "dep" => MetadataFinders::Go::Dep,
       "go_modules" => MetadataFinders::Go::Dep,
       "elm-package" => MetadataFinders::Elm::ElmPackage

data/lib/dependabot/update_checkers.rb CHANGED

@@ -7,7 +7,6 @@ require "dependabot/update_checkers/java/gradle"
 require "dependabot/update_checkers/php/composer"
 require "dependabot/update_checkers/elixir/hex"
 require "dependabot/update_checkers/rust/cargo"
-require "dependabot/update_checkers/dotnet/nuget"
 require "dependabot/update_checkers/go/dep"
 require "dependabot/update_checkers/go/modules"
 require "dependabot/update_checkers/elm/elm_package"
@@ -22,7 +21,6 @@ module Dependabot
       "composer" => UpdateCheckers::Php::Composer,
       "hex" => UpdateCheckers::Elixir::Hex,
       "cargo" => UpdateCheckers::Rust::Cargo,
-      "nuget" => UpdateCheckers::Dotnet::Nuget,
       "dep" => UpdateCheckers::Go::Dep,
       "go_modules" => UpdateCheckers::Go::Modules,
       "elm-package" => UpdateCheckers::Elm::ElmPackage

data/lib/dependabot/utils.rb CHANGED

@@ -1,6 +1,5 @@
 # frozen_string_literal: true
-require "dependabot/utils/dotnet/version"
 require "dependabot/utils/elixir/version"
 require "dependabot/utils/java/version"
 require "dependabot/utils/java_script/version"
@@ -9,7 +8,6 @@ require "dependabot/utils/rust/version"
 require "dependabot/utils/go/version"
 require "dependabot/utils/elm/version"
-require "dependabot/utils/dotnet/requirement"
 require "dependabot/utils/elixir/requirement"
 require "dependabot/utils/java/requirement"
 require "dependabot/utils/java_script/requirement"
@@ -27,7 +25,6 @@ module Dependabot
       "bundler" => Gem::Version,
       "submodules" => Gem::Version,
       "docker" => Gem::Version,
-      "nuget" => Utils::Dotnet::Version,
       "maven" => Utils::Java::Version,
       "gradle" => Utils::Java::Version,
       "npm_and_yarn" => Utils::JavaScript::Version,
@@ -54,7 +51,6 @@ module Dependabot
       "bundler" => Utils::Ruby::Requirement,
       "submodules" => Utils::Ruby::Requirement,
       "docker" => Utils::Ruby::Requirement,
-      "nuget" => Utils::Dotnet::Requirement,
       "maven" => Utils::Java::Requirement,
       "gradle" => Utils::Java::Requirement,
       "npm_and_yarn" => Utils::JavaScript::Requirement,

data/lib/dependabot/version.rb CHANGED

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Dependabot
-  VERSION = "0.79.4"
+  VERSION = "0.80.0"
 end

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-core
 version: !ruby/object:Gem::Version
-  version: 0.79.4
+  version: 0.80.0
 platform: ruby
 authors:
 - Dependabot
@@ -375,9 +375,6 @@ files:
 - lib/dependabot/file_fetchers.rb
 - lib/dependabot/file_fetchers/README.md
 - lib/dependabot/file_fetchers/base.rb
-- lib/dependabot/file_fetchers/dotnet/nuget.rb
-- lib/dependabot/file_fetchers/dotnet/nuget/import_paths_finder.rb
-- lib/dependabot/file_fetchers/dotnet/nuget/sln_project_paths_finder.rb
 - lib/dependabot/file_fetchers/elixir/hex.rb
 - lib/dependabot/file_fetchers/elm/elm_package.rb
 - lib/dependabot/file_fetchers/go/dep.rb
@@ -397,10 +394,6 @@ files:
 - lib/dependabot/file_parsers/README.md
 - lib/dependabot/file_parsers/base.rb
 - lib/dependabot/file_parsers/base/dependency_set.rb
-- lib/dependabot/file_parsers/dotnet/nuget.rb
-- lib/dependabot/file_parsers/dotnet/nuget/packages_config_parser.rb
-- lib/dependabot/file_parsers/dotnet/nuget/project_file_parser.rb
-- lib/dependabot/file_parsers/dotnet/nuget/property_value_finder.rb
 - lib/dependabot/file_parsers/elixir/hex.rb
 - lib/dependabot/file_parsers/elm/elm_package.rb
 - lib/dependabot/file_parsers/go/dep.rb
@@ -421,10 +414,6 @@ files:
 - lib/dependabot/file_updaters.rb
 - lib/dependabot/file_updaters/README.md
 - lib/dependabot/file_updaters/base.rb
-- lib/dependabot/file_updaters/dotnet/nuget.rb
-- lib/dependabot/file_updaters/dotnet/nuget/packages_config_declaration_finder.rb
-- lib/dependabot/file_updaters/dotnet/nuget/project_file_declaration_finder.rb
-- lib/dependabot/file_updaters/dotnet/nuget/property_value_updater.rb
 - lib/dependabot/file_updaters/elixir/hex.rb
 - lib/dependabot/file_updaters/elixir/hex/lockfile_updater.rb
 - lib/dependabot/file_updaters/elixir/hex/mixfile_git_pin_updater.rb
@@ -454,6 +443,7 @@ files:
 - lib/dependabot/file_updaters/php/composer.rb
 - lib/dependabot/file_updaters/php/composer/lockfile_updater.rb
 - lib/dependabot/file_updaters/php/composer/manifest_updater.rb
+- lib/dependabot/file_updaters/ruby/.DS_Store
 - lib/dependabot/file_updaters/ruby/bundler.rb
 - lib/dependabot/file_updaters/ruby/bundler/gemfile_updater.rb
 - lib/dependabot/file_updaters/ruby/bundler/gemspec_dependency_name_finder.rb
@@ -474,7 +464,6 @@ files:
 - lib/dependabot/metadata_finders/base/changelog_pruner.rb
 - lib/dependabot/metadata_finders/base/commits_finder.rb
 - lib/dependabot/metadata_finders/base/release_finder.rb
-- lib/dependabot/metadata_finders/dotnet/nuget.rb
 - lib/dependabot/metadata_finders/elixir/hex.rb
 - lib/dependabot/metadata_finders/elm/elm_package.rb
 - lib/dependabot/metadata_finders/go/dep.rb
@@ -497,11 +486,6 @@ files:
 - lib/dependabot/update_checkers.rb
 - lib/dependabot/update_checkers/README.md
 - lib/dependabot/update_checkers/base.rb
-- lib/dependabot/update_checkers/dotnet/nuget.rb
-- lib/dependabot/update_checkers/dotnet/nuget/property_updater.rb
-- lib/dependabot/update_checkers/dotnet/nuget/repository_finder.rb
-- lib/dependabot/update_checkers/dotnet/nuget/requirements_updater.rb
-- lib/dependabot/update_checkers/dotnet/nuget/version_finder.rb
 - lib/dependabot/update_checkers/elixir/hex.rb
 - lib/dependabot/update_checkers/elixir/hex/file_preparer.rb
 - lib/dependabot/update_checkers/elixir/hex/requirements_updater.rb
@@ -547,8 +531,6 @@ files:
 - lib/dependabot/update_checkers/rust/cargo/requirements_updater.rb
 - lib/dependabot/update_checkers/rust/cargo/version_resolver.rb
 - lib/dependabot/utils.rb
-- lib/dependabot/utils/dotnet/requirement.rb
-- lib/dependabot/utils/dotnet/version.rb
 - lib/dependabot/utils/elixir/requirement.rb
 - lib/dependabot/utils/elixir/version.rb
 - lib/dependabot/utils/elm/requirement.rb

data/lib/dependabot/file_fetchers/dotnet/nuget.rb DELETED

@@ -1,215 +0,0 @@
-# frozen_string_literal: true
-require "dependabot/file_fetchers/base"
-module Dependabot
-  module FileFetchers
-    module Dotnet
-      class Nuget < Dependabot::FileFetchers::Base
-        require "dependabot/file_fetchers/dotnet/nuget/import_paths_finder"
-        require "dependabot/file_fetchers/dotnet/nuget/sln_project_paths_finder"
-        def self.required_files_in?(filenames)
-          return true if filenames.any? { |f| f.match?(/^packages\.config$/i) }
-          return true if filenames.any? { |f| f.end_with?(".sln") }
-          filenames.any? { |name| name.match?(%r{^[^/]*\.[a-z]{2}proj$}) }
-        end
-        def self.required_files_message
-          "Repo must contain a .(cs|vb|fs)proj file or a packages.config."
-        end
-        private
-        def fetch_files
-          fetched_files = []
-          fetched_files += project_files
-          fetched_files += directory_build_props_files
-          fetched_files += imported_property_files
-          fetched_files += packages_config_files
-          fetched_files << nuget_config if nuget_config
-          fetched_files = fetched_files.uniq
-          if project_files.none? && packages_config_files.none?
-            raise(
-              Dependabot::DependencyFileNotFound,
-              File.join(directory, "<anything>.(cs|vb|fs)proj")
-            )
-          end
-          fetched_files
-        end
-        def project_files
-          @project_files ||=
-            begin
-              project_files = []
-              project_files << csproj_file if csproj_file
-              project_files << vbproj_file if vbproj_file
-              project_files << fsproj_file if fsproj_file
-              project_files += sln_project_files
-              project_files
-            end
-        rescue Octokit::NotFound, Gitlab::Error::NotFound
-          raise(
-            Dependabot::DependencyFileNotFound,
-            File.join(directory, "<anything>.(cs|vb|fs)proj")
-          )
-        end
-        def packages_config_files
-          return @packages_config_files if @packages_config_files
-          candidate_paths =
-            [*project_files.map { |f| File.dirname(f.name) }, "."].uniq
-          @packages_config_files ||=
-            candidate_paths.map do |dir|
-              file = repo_contents(dir: dir).
-                     find { |f| f.name.casecmp("packages.config").zero? }
-              fetch_file_from_host(File.join(dir, file.name)) if file
-            end.compact
-        end
-        def sln_file
-          return unless sln_file_name
-          @sln_file ||= fetch_file_from_host(sln_file_name)
-        end
-        def sln_file_name
-          sln_files = repo_contents.select { |f| f.name.end_with?(".sln") }
-          # If there are no sln files, just return `nil`
-          return if sln_files.none?
-          # Use the biggest sln file
-          sln_files.max_by(&:size).name
-        end
-        def directory_build_props_files
-          return @directory_build_props_files if @directory_build_checked
-          @directory_build_checked = true
-          attempted_paths = []
-          @directory_build_props_files = []
-          # Don't need to insert "." here, because Directory.Build.props files
-          # can only be used by project files (not packages.config ones)
-          project_files.map { |f| File.dirname(f.name) }.uniq.map do |dir|
-            possible_paths = dir.split("/").map.with_index do |_, i|
-              base = dir.split("/").first(i + 1).join("/")
-              Pathname.new(base + "/Directory.Build.props").cleanpath.to_path
-            end.reverse + ["Directory.Build.props"]
-            possible_paths.each do |path|
-              break if attempted_paths.include?(path)
-              attempted_paths << path
-              @directory_build_props_files << fetch_file_from_host(path)
-            rescue Dependabot::DependencyFileNotFound
-              next
-            end
-          end
-          @directory_build_props_files
-        end
-        def sln_project_files
-          return [] unless sln_file
-          @sln_project_files ||=
-            begin
-              paths = SlnProjectPathsFinder.
-                      new(sln_file: sln_file).
-                      project_paths
-              paths.map do |path|
-                fetch_file_from_host(path)
-              rescue Dependabot::DependencyFileNotFound
-                # Don't worry about missing files too much for now (at least
-                # until we start resolving properties)
-                nil
-              end.compact
-            end
-        end
-        def csproj_file
-          @csproj_file ||=
-            begin
-              file = repo_contents.find { |f| f.name.end_with?(".csproj") }
-              fetch_file_from_host(file.name) if file
-            end
-        end
-        def vbproj_file
-          @vbproj_file ||=
-            begin
-              file = repo_contents.find { |f| f.name.end_with?(".vbproj") }
-              fetch_file_from_host(file.name) if file
-            end
-        end
-        def fsproj_file
-          @fsproj_file ||=
-            begin
-              file = repo_contents.find { |f| f.name.end_with?(".fsproj") }
-              fetch_file_from_host(file.name) if file
-            end
-        end
-        def nuget_config
-          @nuget_config ||=
-            begin
-              file = repo_contents.
-                     find { |f| f.name.casecmp("nuget.config").zero? }
-              file = fetch_file_from_host(file.name) if file
-              file&.tap { |f| f.support_file = true }
-            end
-        end
-        def imported_property_files
-          imported_property_files = []
-          [*project_files, *directory_build_props_files].each do |proj_file|
-            previously_fetched_files = project_files + imported_property_files
-            imported_property_files +=
-              fetch_imported_property_files(
-                file: proj_file,
-                previously_fetched_files: previously_fetched_files
-              )
-          end
-          imported_property_files
-        end
-        def fetch_imported_property_files(file:, previously_fetched_files:)
-          paths =
-            ImportPathsFinder.new(project_file: file).import_paths +
-            ImportPathsFinder.new(project_file: file).project_reference_paths
-          paths.flat_map do |path|
-            next if previously_fetched_files.map(&:name).include?(path)
-            next if file.name == path
-            next if path.include?("$(")
-            fetched_file = fetch_file_from_host(path)
-            grandchild_property_files = fetch_imported_property_files(
-              file: fetched_file,
-              previously_fetched_files: previously_fetched_files + [file]
-            )
-            [fetched_file, *grandchild_property_files]
-          rescue Dependabot::DependencyFileNotFound
-            # Don't worry about missing files too much for now (at least
-            # until we start resolving properties)
-            nil
-          end.compact
-        end
-      end
-    end
-  end
-end

data/lib/dependabot/file_fetchers/dotnet/nuget/import_paths_finder.rb DELETED

@@ -1,51 +0,0 @@
-# frozen_string_literal: true
-require "nokogiri"
-require "pathname"
-require "dependabot/file_fetchers/dotnet/nuget"
-module Dependabot
-  module FileFetchers
-    module Dotnet
-      class Nuget
-        class ImportPathsFinder
-          def initialize(project_file:)
-            @project_file = project_file
-          end
-          def import_paths
-            doc = Nokogiri::XML(project_file.content)
-            doc.remove_namespaces!
-            doc.xpath("/Project/Import").map do |import_node|
-              path = import_node.attribute("Project").value.strip.tr("\\", "/")
-              path = File.join(current_dir, path) unless current_dir.nil?
-              Pathname.new(path).cleanpath.to_path
-            end
-          end
-          def project_reference_paths
-            doc = Nokogiri::XML(project_file.content)
-            doc.remove_namespaces!
-            doc.xpath("/Project/ItemGroup/ProjectReference").map do |node|
-              path = node.attribute("Include").value.strip.tr("\\", "/")
-              path = File.join(current_dir, path) unless current_dir.nil?
-              Pathname.new(path).cleanpath.to_path
-            end
-          end
-          private
-          attr_reader :project_file
-          def current_dir
-            parts = project_file.name.split("/")[0..-2]
-            return if parts.empty?
-            parts.join("/")
-          end
-        end
-      end
-    end
-  end
-end