dependabot-nuget 0.118.7 → 0.118.13

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d5c8fa9faf44b0ec2a7e2827c403c1e3c0480ca2ddf82ca216854b101df3682e
-  data.tar.gz: da9f76f0f87d0f6dd8e3ac44f67b9fb5b85998a89565789a9dc4e0204b57f7f1
+  metadata.gz: 60755fc220e9ec22e3a9116e31c253a9b47a1465dafb649658135d65c9acb74f
+  data.tar.gz: 60d99fb6e33005ead75b496c8b8fdf96446ce7104373bb8911d3b197b3b95eda
 SHA512:
-  metadata.gz: b10872d4524080fc69279a5ac51ce9064effcbd5b60ecfa6619d8abbf744600a1da3efc2769b9b04276c5ba3d3e651231118b310ad521f785372eba35f489fc2
-  data.tar.gz: d2b62ef8a83c46608e4426d2395447a806d7491fbe209d69002bfe110e78041ae2ca32e9fdcab8187038a49a9c38987a5ef11b0307462ef0c13cb30ffe4cab59
+  metadata.gz: 1db5892b966ba86914539434fad499a375551470c72fd74152598a9e3827aadc2fbf92ecc563da3ceacadc4777327454e3788d39aef7150193bea6271b3080f6
+  data.tar.gz: '0291682b2bf0cd5dd1930da1fbe41727c9bb72ef0a7fc747f5bf53e893ba99c74a5794d647f01da5ab6178d83da31fe8fe0269a3734edf15baacff5622d96633'

data/lib/dependabot/nuget/file_updater/project_file_declaration_finder.rb

@@ -46,10 +46,12 @@ module Dependabot
         def get_element_from_node(node)
           node.at_xpath("/PackageReference") ||
             node.at_xpath("/GlobalPackageReference") ||
+            node.at_xpath("/PackageVersion") ||
             node.at_xpath("/Dependency") ||
             node.at_xpath("/DevelopmentDependency")
         end
 
+        # rubocop:disable Metrics/CyclomaticComplexity
         def fetch_declaration_strings
           deep_find_declarations(declaring_file.content).select do |nd|
             node = Nokogiri::XML(nd)
@@ -66,6 +68,7 @@ module Dependabot
             node_requirement == declaring_requirement.fetch(:requirement)
           end
         end
+        # rubocop:enable Metrics/CyclomaticComplexity
 
         def get_node_version_value(node)
           attribute = "Version"

data/lib/dependabot/nuget/update_checker/repository_finder.rb

@@ -147,6 +147,7 @@ module Dependabot
           config_files.flat_map { |file| repos_from_config_file(file) }
         end
 
+        # rubocop:disable Metrics/CyclomaticComplexity
         def repos_from_config_file(config_file)
           doc = Nokogiri::XML(config_file.content)
           doc.remove_namespaces!
@@ -178,6 +179,7 @@ module Dependabot
 
           sources
         end
+        # rubocop:enable Metrics/CyclomaticComplexity
 
         def default_repository_details
           {

data/lib/dependabot/nuget/update_checker/version_finder.rb

@@ -14,6 +14,8 @@ module Dependabot
       class VersionFinder
         require_relative "repository_finder"
 
+        NUGET_RANGE_REGEX = /[\(\[].*,.*[\)\]]/.freeze
+
         def initialize(dependency:, dependency_files:, credentials:,
                        ignored_versions:, raise_on_ignored: false,
                        security_advisories:)
@@ -67,7 +69,7 @@ module Dependabot
           filtered = possible_versions
 
           ignored_versions.each do |req|
-            ignore_req = requirement_class.new(req.split(","))
+            ignore_req = requirement_class.new(parse_requirement_string(req))
             filtered =
               filtered.
               reject { |v| ignore_req.satisfied_by?(v.fetch(:version)) }
@@ -98,6 +100,12 @@ module Dependabot
           end
         end
 
+        def parse_requirement_string(string)
+          return string if string.match?(NUGET_RANGE_REGEX)
+
+          string.split(",").map(&:strip)
+        end
+
         def available_v3_versions
           v3_nuget_listings.flat_map do |listing|
             listing.
@@ -169,7 +177,7 @@ module Dependabot
           end
 
           dependency.requirements.any? do |req|
-            reqs = (req.fetch(:requirement) || "").split(",").map(&:strip)
+            reqs = parse_requirement_string(req.fetch(:requirement) || "")
             next unless reqs.any? { |r| r.include?("-") }
 
             requirement_class.

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-nuget
 version: !ruby/object:Gem::Version
-  version: 0.118.7
+  version: 0.118.13
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-07-02 00:00:00.000000000 Z
+date: 2020-08-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.118.7
+        version: 0.118.13
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.118.7
+        version: 0.118.13
 - !ruby/object:Gem::Dependency
   name: byebug
   requirement: !ruby/object:Gem::Requirement
@@ -94,34 +94,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.2'
-- !ruby/object:Gem::Dependency
-  name: rspec_junit_formatter
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.4'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.4'
 - !ruby/object:Gem::Dependency
   name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.85.0
+        version: 0.88.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.85.0
+        version: 0.88.0
 - !ruby/object:Gem::Dependency
   name: vcr
   requirement: !ruby/object:Gem::Requirement
@@ -197,7 +183,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: 2.5.0
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.1.2
 signing_key: 
 specification_version: 4
 summary: ".NET (NuGet) support for dependabot"