dependabot-nuget 0.118.1 → 0.118.6

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/nuget/file_fetcher.rb +4 -0
  3. data/lib/dependabot/nuget/file_parser/project_file_parser.rb +1 -0
  4. data/lib/dependabot/nuget/file_parser/property_value_finder.rb +29 -0
  5. data/lib/dependabot/nuget/file_updater/project_file_declaration_finder.rb +2 -0
  6. metadata +8 -8
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: c5f7f10f473bffa09c4a33d8aac12e6f92e9508cd7db69de390c61ac86d1c432
4
- data.tar.gz: 6f60b22cfe18bd7be4c7e003dd566c53fe7a1730eb6656db885f85751d5eb311
3
+ metadata.gz: ed611fc9c6f6e2289f27d7153772b671119b0502a67b42b79c0201c40a793e39
4
+ data.tar.gz: 506beab2fac067b461d8e7657bfd563f1bbf5b81ef5a70d8fd8540e8307c47af
5
5
  SHA512:
6
- metadata.gz: 8a7d0013b1b7f4d6d2833d71ed61d28b569412ca7206de972df540846ae91d39c2176a3b81fb5198ab9a6c57149554299d687c08e029db2aadeb561ef1b3b993
7
- data.tar.gz: 04ca3f6ea2bf0eb1e94d59a23b6f473e5797f33141e5f7f444612e9199a3c2ac90cdec8a8d4ffc5bb813900c9a22faa0dadc4750eac798c1fa4c7cf8416cf5b2
6
+ metadata.gz: c1eeb65cb9895382c4b1fbf608ed5ccffcd7360dcdc8f0d96f148dd038a15a9fc26ddc311105285e1d1c2049afe41f11dea4efd72e58dc20b0bf1da421efa98e
7
+ data.tar.gz: e92a7061640ed8142d38821bcd73181b9d24b238886b41d27fb7d0d749c2976fde146874c9b28e6578c36516c4fa44d0eb345e61866b670277788504bd3c3389
data/lib/dependabot/nuget/file_fetcher.rb CHANGED
@@ -117,6 +117,8 @@ module Dependabot
117
117
  possible_paths += [
118
118
  "Directory.Build.props",
119
119
  "Directory.build.props",
120
+ "Directory.Packages.props",
121
+ "Directory.packages.props",
120
122
  "Directory.Build.targets",
121
123
  "Directory.build.targets"
122
124
  ]
@@ -137,6 +139,8 @@ module Dependabot
137
139
  [
138
140
  Pathname.new(base + "/Directory.Build.props").cleanpath.to_path,
139
141
  Pathname.new(base + "/Directory.build.props").cleanpath.to_path,
142
+ Pathname.new(base + "/Directory.Packages.props").cleanpath.to_path,
143
+ Pathname.new(base + "/Directory.packages.props").cleanpath.to_path,
140
144
  Pathname.new(base + "/Directory.Build.targets").cleanpath.to_path,
141
145
  Pathname.new(base + "/Directory.build.targets").cleanpath.to_path
142
146
  ]
data/lib/dependabot/nuget/file_parser/project_file_parser.rb CHANGED
@@ -16,6 +16,7 @@ module Dependabot
16
16
 
17
17
  DEPENDENCY_SELECTOR = "ItemGroup > PackageReference, "\
18
18
  "ItemGroup > GlobalPackageReference, "\
19
+ "ItemGroup > PackageVersion, "\
19
20
  "ItemGroup > Dependency, "\
20
21
  "ItemGroup > DevelopmentDependency"
21
22
 
data/lib/dependabot/nuget/file_parser/property_value_finder.rb CHANGED
@@ -37,6 +37,12 @@ module Dependabot
37
37
  callsite_file: callsite_file
38
38
  )
39
39
 
40
+ node_details ||=
41
+ find_property_in_directory_build_packages(
42
+ property: property_name,
43
+ callsite_file: callsite_file
44
+ )
45
+
40
46
  node_details ||=
41
47
  find_property_in_packages_props(property: property_name)
42
48
 
@@ -112,6 +118,13 @@ module Dependabot
112
118
  deep_find_prop_node(property: property, file: file)
113
119
  end
114
120
 
121
+ def find_property_in_directory_build_packages(property:, callsite_file:)
122
+ file = build_packages_file_for_project(callsite_file)
123
+ return unless file
124
+
125
+ deep_find_prop_node(property: property, file: file)
126
+ end
127
+
115
128
  def find_property_in_packages_props(property:)
116
129
  file = packages_props_file
117
130
  return unless file
@@ -152,6 +165,22 @@ module Dependabot
152
165
  dependency_files.find { |f| f.name == path }
153
166
  end
154
167
 
168
+ def build_packages_file_for_project(project_file)
169
+ dir = File.dirname(project_file.name)
170
+
171
+ # Nuget walks up the directory structure looking for a
172
+ # Directory.Packages.props file
173
+ possible_paths = dir.split("/").map.with_index do |_, i|
174
+ base = dir.split("/").first(i + 1).join("/")
175
+ Pathname.new(base + "/Directory.Packages.props").cleanpath.to_path
176
+ end.reverse + ["Directory.Packages.props"]
177
+
178
+ path = possible_paths.uniq.
179
+ find { |p| dependency_files.find { |f| f.name == p } }
180
+
181
+ dependency_files.find { |f| f.name == path }
182
+ end
183
+
155
184
  def packages_props_file
156
185
  dependency_files.find { |f| f.name.casecmp("Packages.props").zero? }
157
186
  end
data/lib/dependabot/nuget/file_updater/project_file_declaration_finder.rb CHANGED
@@ -13,6 +13,8 @@ module Dependabot
13
13
  <PackageReference [^>]*?[^/]>.*?</PackageReference>|
14
14
  <GlobalPackageReference [^>]*?/>|
15
15
  <GlobalPackageReference [^>]*?[^/]>.*?</GlobalPackageReference>|
16
+ <PackageVersion [^>]*?/>|
17
+ <PackageVersion [^>]*?[^/]>.*?</PackageVersion>|
16
18
  <Dependency [^>]*?/>|
17
19
  <Dependency [^>]*?[^/]>.*?</Dependency>|
18
20
  <DevelopmentDependency [^>]*?/>|
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-nuget
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.118.1
4
+ version: 0.118.6
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-06-04 00:00:00.000000000 Z
11
+ date: 2020-06-30 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.118.1
19
+ version: 0.118.6
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.118.1
26
+ version: 0.118.6
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -114,28 +114,28 @@ dependencies:
114
114
  requirements:
115
115
  - - "~>"
116
116
  - !ruby/object:Gem::Version
117
- version: 0.83.0
117
+ version: 0.85.0
118
118
  type: :development
119
119
  prerelease: false
120
120
  version_requirements: !ruby/object:Gem::Requirement
121
121
  requirements:
122
122
  - - "~>"
123
123
  - !ruby/object:Gem::Version
124
- version: 0.83.0
124
+ version: 0.85.0
125
125
  - !ruby/object:Gem::Dependency
126
126
  name: vcr
127
127
  requirement: !ruby/object:Gem::Requirement
128
128
  requirements:
129
129
  - - '='
130
130
  - !ruby/object:Gem::Version
131
- version: '5.0'
131
+ version: 6.0.0
132
132
  type: :development
133
133
  prerelease: false
134
134
  version_requirements: !ruby/object:Gem::Requirement
135
135
  requirements:
136
136
  - - '='
137
137
  - !ruby/object:Gem::Version
138
- version: '5.0'
138
+ version: 6.0.0
139
139
  - !ruby/object:Gem::Dependency
140
140
  name: webmock
141
141
  requirement: !ruby/object:Gem::Requirement