dependabot-nuget 0.118.0 → 0.118.5

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 358734874f637a25ab458289df0bc67e87041816f983862b523fdee6dca12aeb
4
- data.tar.gz: 3c5ef311defcd1d7077c58c25c179cc2f4b1066683203d8a84df9c5f0011565b
3
+ metadata.gz: 5425e1672ba07fbc7213dcbd0ec99ff2294b9f56555f1a044cb615f1e7945151
4
+ data.tar.gz: da1835d1b6d231769925a2035612c7100dd508aea2d62fcc7101c9112d7fa631
5
5
  SHA512:
6
- metadata.gz: ebced98e80eeba87603dc59d14a14318b621c6ea04dc67e2a2053162f6e70717ee625cf7c3b74d8295b7cd5ddc471b799d94826c55d2e3532569e8295414bcad
7
- data.tar.gz: 9a9585ffb50ba8b8d3f650391d924dc9fde56f3e97617d397442957da4a8cd30c97d274abe68bcd9cee85184fda3d8035d65970f731ba550fedb50eff2dbcaff
6
+ metadata.gz: 33e1250c94957af6cff204f57271b7f78ebf676655c8cab08005b2ac71bc1808dbd7b2e30f2cdf86f2e04cc8d7d361fd97663f890b386ce1494489b73f8a4948
7
+ data.tar.gz: 9e2fb44b50dc9cacff9edecda258d6ff16a48a70764c88fba76b1a6b3b05f80a4b5524e8e1bf9ceb716e005fa270c9fd8265ea4c2b9855a00067f3a54b3203c7
@@ -117,6 +117,8 @@ module Dependabot
117
117
  possible_paths += [
118
118
  "Directory.Build.props",
119
119
  "Directory.build.props",
120
+ "Directory.Packages.props",
121
+ "Directory.packages.props",
120
122
  "Directory.Build.targets",
121
123
  "Directory.build.targets"
122
124
  ]
@@ -137,6 +139,8 @@ module Dependabot
137
139
  [
138
140
  Pathname.new(base + "/Directory.Build.props").cleanpath.to_path,
139
141
  Pathname.new(base + "/Directory.build.props").cleanpath.to_path,
142
+ Pathname.new(base + "/Directory.Packages.props").cleanpath.to_path,
143
+ Pathname.new(base + "/Directory.packages.props").cleanpath.to_path,
140
144
  Pathname.new(base + "/Directory.Build.targets").cleanpath.to_path,
141
145
  Pathname.new(base + "/Directory.build.targets").cleanpath.to_path
142
146
  ]
@@ -16,6 +16,7 @@ module Dependabot
16
16
 
17
17
  DEPENDENCY_SELECTOR = "ItemGroup > PackageReference, "\
18
18
  "ItemGroup > GlobalPackageReference, "\
19
+ "ItemGroup > PackageVersion, "\
19
20
  "ItemGroup > Dependency, "\
20
21
  "ItemGroup > DevelopmentDependency"
21
22
 
@@ -37,6 +37,12 @@ module Dependabot
37
37
  callsite_file: callsite_file
38
38
  )
39
39
 
40
+ node_details ||=
41
+ find_property_in_directory_build_packages(
42
+ property: property_name,
43
+ callsite_file: callsite_file
44
+ )
45
+
40
46
  node_details ||=
41
47
  find_property_in_packages_props(property: property_name)
42
48
 
@@ -112,6 +118,13 @@ module Dependabot
112
118
  deep_find_prop_node(property: property, file: file)
113
119
  end
114
120
 
121
+ def find_property_in_directory_build_packages(property:, callsite_file:)
122
+ file = build_packages_file_for_project(callsite_file)
123
+ return unless file
124
+
125
+ deep_find_prop_node(property: property, file: file)
126
+ end
127
+
115
128
  def find_property_in_packages_props(property:)
116
129
  file = packages_props_file
117
130
  return unless file
@@ -152,6 +165,22 @@ module Dependabot
152
165
  dependency_files.find { |f| f.name == path }
153
166
  end
154
167
 
168
+ def build_packages_file_for_project(project_file)
169
+ dir = File.dirname(project_file.name)
170
+
171
+ # Nuget walks up the directory structure looking for a
172
+ # Directory.Packages.props file
173
+ possible_paths = dir.split("/").map.with_index do |_, i|
174
+ base = dir.split("/").first(i + 1).join("/")
175
+ Pathname.new(base + "/Directory.Packages.props").cleanpath.to_path
176
+ end.reverse + ["Directory.Packages.props"]
177
+
178
+ path = possible_paths.uniq.
179
+ find { |p| dependency_files.find { |f| f.name == p } }
180
+
181
+ dependency_files.find { |f| f.name == path }
182
+ end
183
+
155
184
  def packages_props_file
156
185
  dependency_files.find { |f| f.name.casecmp("Packages.props").zero? }
157
186
  end
@@ -13,6 +13,8 @@ module Dependabot
13
13
  <PackageReference [^>]*?[^/]>.*?</PackageReference>|
14
14
  <GlobalPackageReference [^>]*?/>|
15
15
  <GlobalPackageReference [^>]*?[^/]>.*?</GlobalPackageReference>|
16
+ <PackageVersion [^>]*?/>|
17
+ <PackageVersion [^>]*?[^/]>.*?</PackageVersion>|
16
18
  <Dependency [^>]*?/>|
17
19
  <Dependency [^>]*?[^/]>.*?</Dependency>|
18
20
  <DevelopmentDependency [^>]*?/>|
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-nuget
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.118.0
4
+ version: 0.118.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-05-29 00:00:00.000000000 Z
11
+ date: 2020-06-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.118.0
19
+ version: 0.118.5
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.118.0
26
+ version: 0.118.5
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -114,28 +114,28 @@ dependencies:
114
114
  requirements:
115
115
  - - "~>"
116
116
  - !ruby/object:Gem::Version
117
- version: 0.83.0
117
+ version: 0.85.0
118
118
  type: :development
119
119
  prerelease: false
120
120
  version_requirements: !ruby/object:Gem::Requirement
121
121
  requirements:
122
122
  - - "~>"
123
123
  - !ruby/object:Gem::Version
124
- version: 0.83.0
124
+ version: 0.85.0
125
125
  - !ruby/object:Gem::Dependency
126
126
  name: vcr
127
127
  requirement: !ruby/object:Gem::Requirement
128
128
  requirements:
129
129
  - - '='
130
130
  - !ruby/object:Gem::Version
131
- version: '5.0'
131
+ version: 6.0.0
132
132
  type: :development
133
133
  prerelease: false
134
134
  version_requirements: !ruby/object:Gem::Requirement
135
135
  requirements:
136
136
  - - '='
137
137
  - !ruby/object:Gem::Version
138
- version: '5.0'
138
+ version: 6.0.0
139
139
  - !ruby/object:Gem::Dependency
140
140
  name: webmock
141
141
  requirement: !ruby/object:Gem::Requirement