dependabot-nuget 0.118.5 → 0.118.11

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5425e1672ba07fbc7213dcbd0ec99ff2294b9f56555f1a044cb615f1e7945151
-  data.tar.gz: da1835d1b6d231769925a2035612c7100dd508aea2d62fcc7101c9112d7fa631
+  metadata.gz: 6a87c899fa45d7ecc2253dbaa6cbd0b0ec7d397eb5cb24ad32767a05ad52d18c
+  data.tar.gz: f55f0cd1d501dbf121a09c9a78869a387622b4608ccb8109acc8bd95db5cb77c
 SHA512:
-  metadata.gz: 33e1250c94957af6cff204f57271b7f78ebf676655c8cab08005b2ac71bc1808dbd7b2e30f2cdf86f2e04cc8d7d361fd97663f890b386ce1494489b73f8a4948
-  data.tar.gz: 9e2fb44b50dc9cacff9edecda258d6ff16a48a70764c88fba76b1a6b3b05f80a4b5524e8e1bf9ceb716e005fa270c9fd8265ea4c2b9855a00067f3a54b3203c7
+  metadata.gz: a8d300039a8005bbd311b9001afb43febf457751201b9ae80f957f8ce783b2c07b47ba364a2615fd85674c2bc29e98cff74b77225f718b33cf38865264e5defc
+  data.tar.gz: cd147a40b676ea0df1dcf52d74c36bc9f2a891a05752f0fd37c28ece4cc075560642c28dc9b93cd17c76047b9a4edd33bd239e631ebfef018f74bd7627643913

data/lib/dependabot/nuget/file_updater/project_file_declaration_finder.rb

@@ -46,10 +46,12 @@ module Dependabot
         def get_element_from_node(node)
           node.at_xpath("/PackageReference") ||
             node.at_xpath("/GlobalPackageReference") ||
+            node.at_xpath("/PackageVersion") ||
             node.at_xpath("/Dependency") ||
             node.at_xpath("/DevelopmentDependency")
         end
 
+        # rubocop:disable Metrics/CyclomaticComplexity
         def fetch_declaration_strings
           deep_find_declarations(declaring_file.content).select do |nd|
             node = Nokogiri::XML(nd)
@@ -66,6 +68,7 @@ module Dependabot
             node_requirement == declaring_requirement.fetch(:requirement)
           end
         end
+        # rubocop:enable Metrics/CyclomaticComplexity
 
         def get_node_version_value(node)
           attribute = "Version"

data/lib/dependabot/nuget/update_checker/repository_finder.rb

@@ -147,6 +147,7 @@ module Dependabot
           config_files.flat_map { |file| repos_from_config_file(file) }
         end
 
+        # rubocop:disable Metrics/CyclomaticComplexity
         def repos_from_config_file(config_file)
           doc = Nokogiri::XML(config_file.content)
           doc.remove_namespaces!
@@ -178,6 +179,7 @@ module Dependabot
 
           sources
         end
+        # rubocop:enable Metrics/CyclomaticComplexity
 
         def default_repository_details
           {

data/lib/dependabot/nuget/update_checker/version_finder.rb

@@ -14,6 +14,8 @@ module Dependabot
       class VersionFinder
         require_relative "repository_finder"
 
+        NUGET_RANGE_REGEX = /[\(\[].*,.*[\)\]]/.freeze
+
         def initialize(dependency:, dependency_files:, credentials:,
                        ignored_versions:, raise_on_ignored: false,
                        security_advisories:)
@@ -67,7 +69,7 @@ module Dependabot
           filtered = possible_versions
 
           ignored_versions.each do |req|
-            ignore_req = requirement_class.new(req.split(","))
+            ignore_req = requirement_class.new(parse_requirement_string(req))
             filtered =
               filtered.
               reject { |v| ignore_req.satisfied_by?(v.fetch(:version)) }
@@ -98,6 +100,12 @@ module Dependabot
           end
         end
 
+        def parse_requirement_string(string)
+          return string if string.match?(NUGET_RANGE_REGEX)
+
+          string.split(",").map(&:strip)
+        end
+
         def available_v3_versions
           v3_nuget_listings.flat_map do |listing|
             listing.
@@ -169,7 +177,7 @@ module Dependabot
           end
 
           dependency.requirements.any? do |req|
-            reqs = (req.fetch(:requirement) || "").split(",").map(&:strip)
+            reqs = parse_requirement_string(req.fetch(:requirement) || "")
             next unless reqs.any? { |r| r.include?("-") }
 
             requirement_class.

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-nuget
 version: !ruby/object:Gem::Version
-  version: 0.118.5
+  version: 0.118.11
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-06-24 00:00:00.000000000 Z
+date: 2020-08-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.118.5
+        version: 0.118.11
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.118.5
+        version: 0.118.11
 - !ruby/object:Gem::Dependency
   name: byebug
   requirement: !ruby/object:Gem::Requirement
@@ -94,34 +94,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.2'
-- !ruby/object:Gem::Dependency
-  name: rspec_junit_formatter
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.4'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.4'
 - !ruby/object:Gem::Dependency
   name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.85.0
+        version: 0.88.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.85.0
+        version: 0.88.0
 - !ruby/object:Gem::Dependency
   name: vcr
   requirement: !ruby/object:Gem::Requirement
@@ -197,7 +183,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: 2.5.0
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.1.2
 signing_key: 
 specification_version: 4
 summary: ".NET (NuGet) support for dependabot"