dependabot-nuget 0.181.0 → 0.182.2

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 00d509aec39eb1ed4536e8338f908e36ffcecc44c8a6dd1ccfa81259b2cb2407
4
- data.tar.gz: 29b633cea66136163bbf267dd275419e626ebc53e0031b1d2a2c091afbc912f0
3
+ metadata.gz: ebef0362a29b58ce48a895b4fd9363fc7dd82a13f2eed16f46d8cae882707486
4
+ data.tar.gz: cd93a8901b11d2748d0a9a9884985e965d96a219a07fabd117f5f74e3006a36e
5
5
  SHA512:
6
- metadata.gz: d286c00d9ed1c703c971db213ad0feec6530508f69f73ca9c7bdd39589ced2eea7d8f0d9ac22ca2a5e5b722382f736b295d4b70d99c83a2a9c3a7db198a5d2cc
7
- data.tar.gz: 9e68f5838a99fba274c7576b4b72676d6afc28200defafb265df25324304ca34daa2c1d83c7cfafe1aa70db00eeadabbeb02a18893ead7ab078e4d2948ad8a8c
6
+ metadata.gz: f840aa8865ddef6997f8bb2ebf8483dde665b9410d31f828e145e234ea7a31612cf79a4f6a2420b4afd0d59c0f80536ec421df757b663022254e62383c65e021
7
+ data.tar.gz: 93901f5678d96914b74c84a178741a3bccfa575cf161680cbb7a087b4526f165f57313b2739e5d4ebb0aad32f7604038d8562b978d963d36039f1343f26155fc
@@ -12,62 +12,7 @@ module Dependabot
12
12
  def look_up_source
13
13
  return Source.from_url(dependency_source_url) if dependency_source_url
14
14
 
15
- src_repo = look_up_source_in_nuspec(dependency_nuspec_file)
16
- return src_repo if src_repo
17
-
18
- # Fallback to getting source from the search result's projectUrl or licenseUrl.
19
- # GitHub Packages doesn't support getting the `.nuspec`, switch to getting
20
- # that instead once it is supported.
21
- src_repo_from_project
22
- end
23
-
24
- def src_repo_from_project
25
- source = dependency.requirements.find { |r| r&.fetch(:source) }&.fetch(:source)
26
- return unless source
27
-
28
- # Query the service index e.g. https://nuget.pkg.github.com/ORG/index.json
29
- response = Excon.get(
30
- source.fetch(:url),
31
- idempotent: true,
32
- **SharedHelpers.excon_defaults(headers: auth_header)
33
- )
34
- return unless response.status == 200
35
-
36
- # Extract the query url e.g. https://nuget.pkg.github.com/ORG/query
37
- search_base = extract_search_url(response.body)
38
- return unless search_base
39
-
40
- response = Excon.get(
41
- search_base + "?q=#{dependency.name.downcase}&prerelease=true&semVerLevel=2.0.0",
42
- idempotent: true,
43
- **SharedHelpers.excon_defaults(headers: auth_header)
44
- )
45
- return unless response.status == 200
46
-
47
- # Find a projectUrl or licenseUrl that look like a source URL
48
- extract_source_repo(response.body)
49
- end
50
-
51
- def extract_search_url(body)
52
- JSON.parse(body).
53
- fetch("resources", []).
54
- find { |r| r.fetch("@type") == "SearchQueryService" }&.
55
- fetch("@id")
56
- end
57
-
58
- def extract_source_repo(body)
59
- JSON.parse(body).fetch("data", []).each do |search_result|
60
- next unless search_result["id"].downcase == dependency.name.downcase
61
-
62
- if search_result.fetch("projectUrl")
63
- source = Source.from_url(search_result.fetch("projectUrl"))
64
- return source unless source.repo.nil?
65
- end
66
- if search_result.fetch("licenseUrl")
67
- source = Source.from_url(search_result.fetch("licenseUrl"))
68
- return source unless source.repo.nil?
69
- end
70
- end
15
+ look_up_source_in_nuspec(dependency_nuspec_file)
71
16
  end
72
17
 
73
18
  def look_up_source_in_nuspec(nuspec)
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-nuget
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.181.0
4
+ version: 0.182.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-04-19 00:00:00.000000000 Z
11
+ date: 2022-04-25 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.181.0
19
+ version: 0.182.2
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.181.0
26
+ version: 0.182.2
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debase
29
29
  requirement: !ruby/object:Gem::Requirement