dependabot-nuget 0.118.6 → 0.118.12

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ed611fc9c6f6e2289f27d7153772b671119b0502a67b42b79c0201c40a793e39
-  data.tar.gz: 506beab2fac067b461d8e7657bfd563f1bbf5b81ef5a70d8fd8540e8307c47af
+  metadata.gz: 907dfe8dd6a62458578eb23c1a2ade086263ee676a858a5271bddd82123e3868
+  data.tar.gz: f72320993c8b19d8da0fa6fe87809dadfea540e7dd9820e2a5000bc0a32de1f2
 SHA512:
-  metadata.gz: c1eeb65cb9895382c4b1fbf608ed5ccffcd7360dcdc8f0d96f148dd038a15a9fc26ddc311105285e1d1c2049afe41f11dea4efd72e58dc20b0bf1da421efa98e
-  data.tar.gz: e92a7061640ed8142d38821bcd73181b9d24b238886b41d27fb7d0d749c2976fde146874c9b28e6578c36516c4fa44d0eb345e61866b670277788504bd3c3389
+  metadata.gz: 6c0437da3869c0b6a9d86debc140e7052163b7926c39619911fc6003091610afe97b5697b7f2106c6b0891e55646a0b2a830bed5d0feed8464b1e054b4cc73e8
+  data.tar.gz: 5470aac9c9c13b2308edb7a57aa6e67a9753db9ffe0b0af636e0a6d0b80ce461e1d301cd6c6bb4146f103ccb2ba631523a18c23f018366015f1b9207c21067c7

data/lib/dependabot/nuget/file_updater/project_file_declaration_finder.rb

@@ -46,10 +46,12 @@ module Dependabot
         def get_element_from_node(node)
           node.at_xpath("/PackageReference") ||
             node.at_xpath("/GlobalPackageReference") ||
+            node.at_xpath("/PackageVersion") ||
             node.at_xpath("/Dependency") ||
             node.at_xpath("/DevelopmentDependency")
         end
 
+        # rubocop:disable Metrics/CyclomaticComplexity
         def fetch_declaration_strings
           deep_find_declarations(declaring_file.content).select do |nd|
             node = Nokogiri::XML(nd)
@@ -66,6 +68,7 @@ module Dependabot
             node_requirement == declaring_requirement.fetch(:requirement)
           end
         end
+        # rubocop:enable Metrics/CyclomaticComplexity
 
         def get_node_version_value(node)
           attribute = "Version"

data/lib/dependabot/nuget/update_checker/repository_finder.rb

@@ -147,6 +147,7 @@ module Dependabot
           config_files.flat_map { |file| repos_from_config_file(file) }
         end
 
+        # rubocop:disable Metrics/CyclomaticComplexity
         def repos_from_config_file(config_file)
           doc = Nokogiri::XML(config_file.content)
           doc.remove_namespaces!
@@ -178,6 +179,7 @@ module Dependabot
 
           sources
         end
+        # rubocop:enable Metrics/CyclomaticComplexity
 
         def default_repository_details
           {

data/lib/dependabot/nuget/update_checker/version_finder.rb

@@ -14,6 +14,8 @@ module Dependabot
       class VersionFinder
         require_relative "repository_finder"
 
+        NUGET_RANGE_REGEX = /[\(\[].*,.*[\)\]]/.freeze
+
         def initialize(dependency:, dependency_files:, credentials:,
                        ignored_versions:, raise_on_ignored: false,
                        security_advisories:)
@@ -67,7 +69,7 @@ module Dependabot
           filtered = possible_versions
 
           ignored_versions.each do |req|
-            ignore_req = requirement_class.new(req.split(","))
+            ignore_req = requirement_class.new(parse_requirement_string(req))
             filtered =
               filtered.
               reject { |v| ignore_req.satisfied_by?(v.fetch(:version)) }
@@ -98,6 +100,12 @@ module Dependabot
           end
         end
 
+        def parse_requirement_string(string)
+          return string if string.match?(NUGET_RANGE_REGEX)
+
+          string.split(",").map(&:strip)
+        end
+
         def available_v3_versions
           v3_nuget_listings.flat_map do |listing|
             listing.
@@ -169,7 +177,7 @@ module Dependabot
           end
 
           dependency.requirements.any? do |req|
-            reqs = (req.fetch(:requirement) || "").split(",").map(&:strip)
+            reqs = parse_requirement_string(req.fetch(:requirement) || "")
             next unless reqs.any? { |r| r.include?("-") }
 
             requirement_class.

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-nuget
 version: !ruby/object:Gem::Version
-  version: 0.118.6
+  version: 0.118.12
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-06-30 00:00:00.000000000 Z
+date: 2020-08-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.118.6
+        version: 0.118.12
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.118.6
+        version: 0.118.12
 - !ruby/object:Gem::Dependency
   name: byebug
   requirement: !ruby/object:Gem::Requirement
@@ -94,34 +94,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.2'
-- !ruby/object:Gem::Dependency
-  name: rspec_junit_formatter
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.4'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.4'
 - !ruby/object:Gem::Dependency
   name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.85.0
+        version: 0.88.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.85.0
+        version: 0.88.0
 - !ruby/object:Gem::Dependency
   name: vcr
   requirement: !ruby/object:Gem::Requirement
@@ -197,7 +183,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: 2.5.0
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.1.2
 signing_key: 
 specification_version: 4
 summary: ".NET (NuGet) support for dependabot"