dependabot-nuget 0.117.11 → 0.118.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/nuget/file_fetcher.rb +4 -0
  3. data/lib/dependabot/nuget/file_parser/project_file_parser.rb +1 -0
  4. data/lib/dependabot/nuget/file_parser/property_value_finder.rb +29 -0
  5. data/lib/dependabot/nuget/file_updater/project_file_declaration_finder.rb +2 -0
  6. metadata +8 -8
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: '086c2197a6a562a6de05fa612462f340728ff5887bd9472a771394d56db84432'
4
- data.tar.gz: 440a0ff6854def8b4af4b50f5735dcac5545e6da9f2f9e0c121b7e411cc77d5e
3
+ metadata.gz: 593ccd6084195d8ae51a71d0be6539d28e1abf7caff66e7bb549fa1c98b584a3
4
+ data.tar.gz: 132c26e7ce8b1b2734ae673cd31d4aaf7436ad7875667ae6e753aa9f3d8fcb6f
5
5
  SHA512:
6
- metadata.gz: 116976d7995552011f5b9eaee9ce37e92ea1a7c17143998c70d8095bbe762407bd909ea8564f21a229a8ec420a375fa9e5dda4097375ece0e235711175b2cda8
7
- data.tar.gz: 32af20a089e8013688f1b468e9e62259559241ea95c0e7caaa5869fc196a31844cd7195d4562abab9b1af2e0003cfdd1d4d87df7a0cf951de16a7a32727733f7
6
+ metadata.gz: c7febd892219555c08b32312de5cc29d4f76091c73ad1e5aaca81456e0d588f595dff61aceb92f9d651d2c1441c89e4c0938e970c8fe835f63622f41ab1d715a
7
+ data.tar.gz: 9195a3f8d85dadb32cfd38a36943f7da3d9413092cc8ed6a1b1837e5bc7da0dd1daf259d590712d94dfb718e7d7dee363fd9315c324fe2a578019f48fa4d2fa8
data/lib/dependabot/nuget/file_fetcher.rb CHANGED
@@ -117,6 +117,8 @@ module Dependabot
117
117
  possible_paths += [
118
118
  "Directory.Build.props",
119
119
  "Directory.build.props",
120
+ "Directory.Packages.props",
121
+ "Directory.packages.props",
120
122
  "Directory.Build.targets",
121
123
  "Directory.build.targets"
122
124
  ]
@@ -137,6 +139,8 @@ module Dependabot
137
139
  [
138
140
  Pathname.new(base + "/Directory.Build.props").cleanpath.to_path,
139
141
  Pathname.new(base + "/Directory.build.props").cleanpath.to_path,
142
+ Pathname.new(base + "/Directory.Packages.props").cleanpath.to_path,
143
+ Pathname.new(base + "/Directory.packages.props").cleanpath.to_path,
140
144
  Pathname.new(base + "/Directory.Build.targets").cleanpath.to_path,
141
145
  Pathname.new(base + "/Directory.build.targets").cleanpath.to_path
142
146
  ]
data/lib/dependabot/nuget/file_parser/project_file_parser.rb CHANGED
@@ -16,6 +16,7 @@ module Dependabot
16
16
 
17
17
  DEPENDENCY_SELECTOR = "ItemGroup > PackageReference, "\
18
18
  "ItemGroup > GlobalPackageReference, "\
19
+ "ItemGroup > PackageVersion, "\
19
20
  "ItemGroup > Dependency, "\
20
21
  "ItemGroup > DevelopmentDependency"
21
22
 
data/lib/dependabot/nuget/file_parser/property_value_finder.rb CHANGED
@@ -37,6 +37,12 @@ module Dependabot
37
37
  callsite_file: callsite_file
38
38
  )
39
39
 
40
+ node_details ||=
41
+ find_property_in_directory_build_packages(
42
+ property: property_name,
43
+ callsite_file: callsite_file
44
+ )
45
+
40
46
  node_details ||=
41
47
  find_property_in_packages_props(property: property_name)
42
48
 
@@ -112,6 +118,13 @@ module Dependabot
112
118
  deep_find_prop_node(property: property, file: file)
113
119
  end
114
120
 
121
+ def find_property_in_directory_build_packages(property:, callsite_file:)
122
+ file = build_packages_file_for_project(callsite_file)
123
+ return unless file
124
+
125
+ deep_find_prop_node(property: property, file: file)
126
+ end
127
+
115
128
  def find_property_in_packages_props(property:)
116
129
  file = packages_props_file
117
130
  return unless file
@@ -152,6 +165,22 @@ module Dependabot
152
165
  dependency_files.find { |f| f.name == path }
153
166
  end
154
167
 
168
+ def build_packages_file_for_project(project_file)
169
+ dir = File.dirname(project_file.name)
170
+
171
+ # Nuget walks up the directory structure looking for a
172
+ # Directory.Packages.props file
173
+ possible_paths = dir.split("/").map.with_index do |_, i|
174
+ base = dir.split("/").first(i + 1).join("/")
175
+ Pathname.new(base + "/Directory.Packages.props").cleanpath.to_path
176
+ end.reverse + ["Directory.Packages.props"]
177
+
178
+ path = possible_paths.uniq.
179
+ find { |p| dependency_files.find { |f| f.name == p } }
180
+
181
+ dependency_files.find { |f| f.name == path }
182
+ end
183
+
155
184
  def packages_props_file
156
185
  dependency_files.find { |f| f.name.casecmp("Packages.props").zero? }
157
186
  end
data/lib/dependabot/nuget/file_updater/project_file_declaration_finder.rb CHANGED
@@ -13,6 +13,8 @@ module Dependabot
13
13
  <PackageReference [^>]*?[^/]>.*?</PackageReference>|
14
14
  <GlobalPackageReference [^>]*?/>|
15
15
  <GlobalPackageReference [^>]*?[^/]>.*?</GlobalPackageReference>|
16
+ <PackageVersion [^>]*?/>|
17
+ <PackageVersion [^>]*?[^/]>.*?</PackageVersion>|
16
18
  <Dependency [^>]*?/>|
17
19
  <Dependency [^>]*?[^/]>.*?</Dependency>|
18
20
  <DevelopmentDependency [^>]*?/>|
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-nuget
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.117.11
4
+ version: 0.118.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-05-28 00:00:00.000000000 Z
11
+ date: 2020-06-19 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.117.11
19
+ version: 0.118.4
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.117.11
26
+ version: 0.118.4
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -114,28 +114,28 @@ dependencies:
114
114
  requirements:
115
115
  - - "~>"
116
116
  - !ruby/object:Gem::Version
117
- version: 0.83.0
117
+ version: 0.85.0
118
118
  type: :development
119
119
  prerelease: false
120
120
  version_requirements: !ruby/object:Gem::Requirement
121
121
  requirements:
122
122
  - - "~>"
123
123
  - !ruby/object:Gem::Version
124
- version: 0.83.0
124
+ version: 0.85.0
125
125
  - !ruby/object:Gem::Dependency
126
126
  name: vcr
127
127
  requirement: !ruby/object:Gem::Requirement
128
128
  requirements:
129
129
  - - '='
130
130
  - !ruby/object:Gem::Version
131
- version: '5.0'
131
+ version: 6.0.0
132
132
  type: :development
133
133
  prerelease: false
134
134
  version_requirements: !ruby/object:Gem::Requirement
135
135
  requirements:
136
136
  - - '='
137
137
  - !ruby/object:Gem::Version
138
- version: '5.0'
138
+ version: 6.0.0
139
139
  - !ruby/object:Gem::Dependency
140
140
  name: webmock
141
141
  requirement: !ruby/object:Gem::Requirement