RubyGems - dependabot-core - Versions diffs - 0.79.4 → 0.80.0 - Mend

dependabot-core 0.79.4 → 0.80.0

Files changed (30) hide show

data/lib/dependabot/update_checkers/dotnet/nuget/requirements_updater.rb DELETED

@@ -1,81 +0,0 @@
-# frozen_string_literal: true
-#######################################################################
-# For more details on Dotnet version constraints, see:                #
-# https://docs.microsoft.com/en-us/nuget/reference/package-versioning #
-#######################################################################
-require "dependabot/update_checkers/dotnet/nuget"
-require "dependabot/utils/dotnet/version"
-module Dependabot
-  module UpdateCheckers
-    module Dotnet
-      class Nuget
-        class RequirementsUpdater
-          VERSION_REGEX = /[0-9a-zA-Z]+(?:\.[a-zA-Z0-9\-]+)*/.freeze
-          def initialize(requirements:, latest_version:, source_details:)
-            @requirements = requirements
-            @source_details = source_details
-            return unless latest_version
-            @latest_version = version_class.new(latest_version)
-          end
-          def updated_requirements
-            return requirements unless latest_version
-            # Note: Order is important here. The FileUpdater needs the updated
-            # requirement at index `i` to correspond to the previous requirement
-            # at the same index.
-            requirements.map do |req|
-              next req if req.fetch(:requirement).nil?
-              next req if req.fetch(:requirement).include?(",")
-              new_req =
-                if req.fetch(:requirement).include?("*")
-                  update_wildcard_requirement(req.fetch(:requirement))
-                else
-                  # Since range requirements are excluded by the line above we
-                  # can just do a `gsub` on anything that looks like a version
-                  req[:requirement].gsub(VERSION_REGEX, latest_version.to_s)
-                end
-              next req if new_req == req.fetch(:requirement)
-              req.merge(requirement: new_req, source: updated_source)
-            end
-          end
-          private
-          attr_reader :requirements, :latest_version, :source_details
-          def version_class
-            Utils::Dotnet::Version
-          end
-          def update_wildcard_requirement(req_string)
-            precision = req_string.split("*").first.split(/\.|\-/).count
-            wilcard_section = req_string.partition(/(?=[.\-]\*)/).last
-            version_parts = latest_version.segments.first(precision)
-            version = version_parts.join(".")
-            version + wilcard_section
-          end
-          def updated_source
-            {
-              type: "nuget_repo",
-              url: source_details.fetch(:repo_url),
-              nuspec_url: source_details.fetch(:nuspec_url),
-              source_url: source_details.fetch(:source_url)
-            }
-          end
-        end
-      end
-    end
-  end
-end

data/lib/dependabot/update_checkers/dotnet/nuget/version_finder.rb DELETED

@@ -1,231 +0,0 @@
-# frozen_string_literal: true
-require "excon"
-require "nokogiri"
-require "dependabot/utils/dotnet/version"
-require "dependabot/utils/dotnet/requirement"
-require "dependabot/update_checkers/dotnet/nuget"
-require "dependabot/shared_helpers"
-module Dependabot
-  module UpdateCheckers
-    module Dotnet
-      class Nuget
-        class VersionFinder
-          require_relative "repository_finder"
-          def initialize(dependency:, dependency_files:, credentials:,
-                         ignored_versions: [])
-            @dependency = dependency
-            @dependency_files = dependency_files
-            @credentials = credentials
-            @ignored_versions = ignored_versions
-          end
-          def latest_version_details
-            @latest_version_details ||=
-              begin
-                tmp_versions = versions
-                unless wants_prerelease?
-                  tmp_versions.reject! { |d| d.fetch(:version).prerelease? }
-                end
-                tmp_versions.reject! do |hash|
-                  ignore_reqs.any? { |r| r.satisfied_by?(hash.fetch(:version)) }
-                end
-                tmp_versions.max_by { |hash| hash.fetch(:version) }
-              end
-          end
-          def versions
-            available_v3_versions + available_v2_versions
-          end
-          attr_reader :dependency, :dependency_files, :credentials,
-                      :ignored_versions
-          private
-          def available_v3_versions
-            v3_nuget_listings.flat_map do |listing|
-              listing.
-                fetch("versions", []).
-                map do |v|
-                  nuspec_url =
-                    listing.fetch("listing_details").
-                    fetch(:versions_url).
-                    gsub(/index\.json$/, "#{v}/#{sanitized_name}.nuspec")
-                  {
-                    version: version_class.new(v),
-                    nuspec_url: nuspec_url,
-                    source_url: nil,
-                    repo_url:
-                      listing.fetch("listing_details").fetch(:repository_url)
-                  }
-                end
-            end
-          end
-          def available_v2_versions
-            v2_nuget_listings.flat_map do |listing|
-              body = listing.fetch("xml_body", [])
-              doc = Nokogiri::XML(body)
-              doc.remove_namespaces!
-              doc.xpath("/feed/entry").map do |entry|
-                listed = entry.at_xpath("./properties/Listed")&.content&.strip
-                next if listed&.casecmp("false")&.zero?
-                entry_details = dependency_details_from_v2_entry(entry)
-                entry_details.merge(
-                  repo_url: listing.fetch("listing_details").
-                            fetch(:repository_url)
-                )
-              end.compact
-            end
-          end
-          def dependency_details_from_v2_entry(entry)
-            version = entry.at_xpath("./properties/Version").content.strip
-            source_urls = []
-            [
-              entry.at_xpath("./properties/ProjectUrl").content,
-              entry.at_xpath("./properties/ReleaseNotes").content
-            ].join(" ").scan(Source::SOURCE_REGEX) do
-              source_urls << Regexp.last_match.to_s
-            end
-            source_url = source_urls.find { |url| Source.from_url(url) }
-            source_url = Source.from_url(source_url)&.url if source_url
-            {
-              version: version_class.new(version),
-              nuspec_url: nil,
-              source_url: source_url
-            }
-          end
-          def wants_prerelease?
-            if dependency.version &&
-               version_class.correct?(dependency.version) &&
-               version_class.new(dependency.version).prerelease?
-              return true
-            end
-            dependency.requirements.any? do |req|
-              reqs = (req.fetch(:requirement) || "").split(",").map(&:strip)
-              reqs.any? { |r| r.include?("-") }
-            end
-          end
-          def v3_nuget_listings
-            return @v3_nuget_listings unless @v3_nuget_listings.nil?
-            dependency_urls.
-              select { |details| details.fetch(:repository_type) == "v3" }.
-              map do |url_details|
-                versions = versions_for_v3_repository(url_details)
-                next unless versions
-                { "versions" => versions, "listing_details" => url_details }
-              end.compact
-          end
-          def v2_nuget_listings
-            return @v2_nuget_listings unless @v2_nuget_listings.nil?
-            dependency_urls.
-              select { |details| details.fetch(:repository_type) == "v2" }.
-              map do |url_details|
-                response = Excon.get(
-                  url_details[:versions_url],
-                  headers: url_details[:auth_header],
-                  idempotent: true,
-                  **excon_defaults
-                )
-                next unless response.status == 200
-                {
-                  "xml_body" => response.body,
-                  "listing_details" => url_details
-                }
-              end.compact
-          end
-          def versions_for_v3_repository(repository_details)
-            # If we have a search URL we use it (since it will exclude unlisted
-            # versions)
-            if repository_details[:search_url]
-              response = Excon.get(
-                repository_details[:search_url],
-                headers: repository_details[:auth_header],
-                idempotent: true,
-                **excon_defaults
-              )
-              return unless response.status == 200
-              JSON.parse(response.body).fetch("data").
-                find { |d| d.fetch("id").casecmp(sanitized_name).zero? }&.
-                fetch("versions")&.
-                map { |d| d.fetch("version") }
-            # Otherwise, use the versions URL
-            elsif repository_details[:versions_url]
-              response = Excon.get(
-                repository_details[:versions_url],
-                headers: repository_details[:auth_header],
-                idempotent: true,
-                **excon_defaults
-              )
-              return unless response.status == 200
-              JSON.parse(response.body).fetch("versions")
-            end
-          end
-          def dependency_urls
-            @dependency_urls ||=
-              RepositoryFinder.new(
-                dependency: dependency,
-                credentials: credentials,
-                config_file: nuget_config
-              ).dependency_urls
-          end
-          def ignore_reqs
-            ignored_versions.map { |req| requirement_class.new(req.split(",")) }
-          end
-          def nuget_config
-            @nuget_config ||=
-              dependency_files.find { |f| f.name.casecmp("nuget.config").zero? }
-          end
-          def sanitized_name
-            dependency.name.downcase
-          end
-          def version_class
-            Utils::Dotnet::Version
-          end
-          def requirement_class
-            Utils::Dotnet::Requirement
-          end
-          def excon_defaults
-            # For large JSON files we sometimes need a little longer than for
-            # other languages. For example, see:
-            # https://dotnet.myget.org/F/aspnetcore-dev/api/v3/query?
-            # q=microsoft.aspnetcore.mvc&prerelease=true
-            SharedHelpers.excon_defaults.merge(
-              connect_timeout: 10,
-              write_timeout: 10,
-              read_timeout: 10
-            )
-          end
-        end
-      end
-    end
-  end
-end

data/lib/dependabot/utils/dotnet/requirement.rb DELETED

@@ -1,90 +0,0 @@
-# frozen_string_literal: true
-require "dependabot/utils/dotnet/version"
-# For details on .NET version constraints see:
-# https://docs.microsoft.com/en-us/nuget/reference/package-versioning
-module Dependabot
-  module Utils
-    module Dotnet
-      class Requirement < Gem::Requirement
-        def self.parse(obj)
-          if obj.is_a?(Gem::Version)
-            return ["=", Utils::Dotnet::Version.new(obj.to_s)]
-          end
-          unless (matches = PATTERN.match(obj.to_s))
-            msg = "Illformed requirement [#{obj.inspect}]"
-            raise BadRequirementError, msg
-          end
-          return DefaultRequirement if matches[1] == ">=" && matches[2] == "0"
-          [matches[1] || "=", Utils::Dotnet::Version.new(matches[2])]
-        end
-        # For consistency with other langauges, we define a requirements array.
-        # Dotnet doesn't have an `OR` separator for requirements, so it always
-        # contains a single element.
-        def self.requirements_array(requirement_string)
-          [new(requirement_string)]
-        end
-        def initialize(*requirements)
-          requirements = requirements.flatten.flat_map do |req_string|
-            convert_dotnet_constraint_to_ruby_constraint(req_string)
-          end
-          super(requirements)
-        end
-        def satisfied_by?(version)
-          version = Utils::Dotnet::Version.new(version.to_s)
-          super
-        end
-        private
-        def convert_dotnet_constraint_to_ruby_constraint(req_string)
-          return unless req_string
-          if req_string&.start_with?("(", "[")
-            return convert_dotnet_range_to_ruby_range(req_string)
-          end
-          return req_string.split(",").map(&:strip) if req_string.include?(",")
-          return req_string unless req_string.include?("*")
-          convert_wildcard_req(req_string)
-        end
-        def convert_dotnet_range_to_ruby_range(req_string)
-          lower_b, upper_b = req_string.split(",").map(&:strip)
-          lower_b =
-            if ["(", "["].include?(lower_b) then nil
-            elsif lower_b.start_with?("(") then "> #{lower_b.sub(/\(\s*/, '')}"
-            else ">= #{lower_b.sub(/\[\s*/, '').strip}"
-            end
-          upper_b =
-            if [")", "]"].include?(upper_b) then nil
-            elsif upper_b.end_with?(")") then "< #{upper_b.sub(/\s*\)/, '')}"
-            else "<= #{upper_b.sub(/\s*\]/, '').strip}"
-            end
-          [lower_b, upper_b].compact
-        end
-        def convert_wildcard_req(req_string)
-          return ">= 0" if req_string.start_with?("*")
-          defined_part = req_string.split("*").first
-          suffix = defined_part.end_with?(".") ? "0" : "a"
-          version = defined_part + suffix
-          "~> #{version}"
-        end
-      end
-    end
-  end
-end

data/lib/dependabot/utils/dotnet/version.rb DELETED

@@ -1,22 +0,0 @@
-# frozen_string_literal: true
-# Dotnet pre-release versions use 1.0.1-rc1 syntax, which Gem::Version
-# converts into 1.0.1.pre.rc1. We override the `to_s` method to stop that
-# alteration.
-module Dependabot
-  module Utils
-    module Dotnet
-      class Version < Gem::Version
-        def initialize(version)
-          @version_string = version.to_s
-          super
-        end
-        def to_s
-          @version_string
-        end
-      end
-    end
-  end
-end