dependabot-nuget 0.212.0 → 0.213.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (13) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/nuget/file_parser/global_json_parser.rb +1 -1
  3. data/lib/dependabot/nuget/file_parser/project_file_parser.rb +3 -3
  4. data/lib/dependabot/nuget/file_parser/property_value_finder.rb +1 -1
  5. data/lib/dependabot/nuget/file_updater/packages_config_declaration_finder.rb +1 -1
  6. data/lib/dependabot/nuget/file_updater/project_file_declaration_finder.rb +4 -4
  7. data/lib/dependabot/nuget/metadata_finder.rb +1 -15
  8. data/lib/dependabot/nuget/requirement.rb +1 -1
  9. data/lib/dependabot/nuget/update_checker/repository_finder.rb +17 -17
  10. data/lib/dependabot/nuget/update_checker/version_finder.rb +1 -1
  11. data/lib/dependabot/nuget/version.rb +1 -1
  12. data/lib/dependabot/nuget.rb +8 -1
  13. metadata +13 -55
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f2670db3fd0c6b63fef409230620f4167fb0832deb5df3133dc9762e54104746
4
- data.tar.gz: 749cd634dde39e45264654b33e3cfd0f8759ead2e9b808906dd33bf8299b7948
3
+ metadata.gz: a5f084f252deef0d960dff54bc9d3bbef2c21b38f6853f19a3ea5229f239660f
4
+ data.tar.gz: 8fd0eac3457d63ba3132ea4d9955e041439303310cb6a8b6f89fce60ade5faf7
5
5
  SHA512:
6
- metadata.gz: f0c433d102aa4773f20f75b33e0e8566335fe05948abadb9b854e66cedb15ce0061daa1a8b00977ac00ea139d48b86b114a986e192fb2e9aa526b08811285f28
7
- data.tar.gz: efab05fc35e9daa61950bae053557ffbeb864fbbb04cbeb052fbf1f6b478ee303d330ed51ec99b3b357f36ac7efe47e9f1ab1ae503563e1fe013240ae9926ebb
6
+ metadata.gz: 24446f402afc0c8f466cc1d74c6d03386a7436b297f04ad166a95fa69d741dfd195b8778c3edfdbf2d6baccb64d3a1ace47fc54de88b73bef3dc71b8579a8e46
7
+ data.tar.gz: d19f127b8a9a8890fc60be39912e6b30669b0fb371813f6b0547841740ce3061caea3fae953c10d29e849503f8807fdd322ca6ac0c41a670b6233b906b0bba71
data/lib/dependabot/nuget/file_parser/global_json_parser.rb CHANGED
@@ -33,7 +33,7 @@ module Dependabot
33
33
  requirements: [{
34
34
  requirement: version,
35
35
  file: global_json.name,
36
- groups: [],
36
+ groups: ["dependencies"],
37
37
  source: nil
38
38
  }]
39
39
  )
data/lib/dependabot/nuget/file_parser/project_file_parser.rb CHANGED
@@ -20,9 +20,9 @@ module Dependabot
20
20
  "ItemGroup > Dependency, " \
21
21
  "ItemGroup > DevelopmentDependency"
22
22
 
23
- PROJECT_SDK_REGEX = %r{^([^/]+)/(\d+(?:[.]\d+(?:[.]\d+)?)?(?:[+-].*)?)$}.freeze
24
- PROPERTY_REGEX = /\$\((?<property>.*?)\)/.freeze
25
- ITEM_REGEX = /\@\((?<property>.*?)\)/.freeze
23
+ PROJECT_SDK_REGEX = %r{^([^/]+)/(\d+(?:[.]\d+(?:[.]\d+)?)?(?:[+-].*)?)$}
24
+ PROPERTY_REGEX = /\$\((?<property>.*?)\)/
25
+ ITEM_REGEX = /\@\((?<property>.*?)\)/
26
26
 
27
27
  def initialize(dependency_files:)
28
28
  @dependency_files = dependency_files
data/lib/dependabot/nuget/file_parser/property_value_finder.rb CHANGED
@@ -10,7 +10,7 @@ module Dependabot
10
10
  module Nuget
11
11
  class FileParser
12
12
  class PropertyValueFinder
13
- PROPERTY_REGEX = /\$\((?<property>.*?)\)/.freeze
13
+ PROPERTY_REGEX = /\$\((?<property>.*?)\)/
14
14
 
15
15
  def initialize(dependency_files:)
16
16
  @dependency_files = dependency_files
data/lib/dependabot/nuget/file_updater/packages_config_declaration_finder.rb CHANGED
@@ -9,7 +9,7 @@ module Dependabot
9
9
  class PackagesConfigDeclarationFinder
10
10
  DECLARATION_REGEX =
11
11
  %r{<package [^>]*?/>|
12
- <package [^>]*?[^/]>.*?</package>}mx.freeze
12
+ <package [^>]*?[^/]>.*?</package>}mx
13
13
 
14
14
  attr_reader :dependency_name, :declaring_requirement,
15
15
  :packages_config
data/lib/dependabot/nuget/file_updater/project_file_declaration_finder.rb CHANGED
@@ -19,18 +19,18 @@ module Dependabot
19
19
  <Dependency [^>]*?[^/]>.*?</Dependency>|
20
20
  <DevelopmentDependency [^>]*?/>|
21
21
  <DevelopmentDependency [^>]*?[^/]>.*?</DevelopmentDependency>
22
- }mx.freeze
22
+ }mx
23
23
  SDK_IMPORT_REGEX =
24
24
  / <Import [^>]*?Sdk="[^"]*?"[^>]*?Version="[^"]*?"[^>]*?>
25
25
  | <Import [^>]*?Version="[^"]*?"[^>]*?Sdk="[^"]*?"[^>]*?>
26
- /mx.freeze
26
+ /mx
27
27
  SDK_PROJECT_REGEX =
28
28
  / <Project [^>]*?Sdk="[^"]*?"[^>]*?>
29
- /mx.freeze
29
+ /mx
30
30
  SDK_SDK_REGEX =
31
31
  / <Sdk [^>]*?Name="[^"]*?"[^>]*?Version="[^"]*?"[^>]*?>
32
32
  | <Sdk [^>]*?Version="[^"]*?"[^>]*?Name="[^"]*?"[^>]*?>
33
- /mx.freeze
33
+ /mx
34
34
 
35
35
  attr_reader :dependency_name, :declaring_requirement,
36
36
  :dependency_files
data/lib/dependabot/nuget/metadata_finder.rb CHANGED
@@ -121,21 +121,7 @@ module Dependabot
121
121
  source = dependency.requirements.
122
122
  find { |r| r&.fetch(:source) }&.fetch(:source)
123
123
 
124
- if source&.key?(:nuspec_url)
125
- source.fetch(:nuspec_url) ||
126
- "https://api.nuget.org/v3-flatcontainer/" \
127
- "#{dependency.name.downcase}/#{dependency.version}/" \
128
- "#{dependency.name.downcase}.nuspec"
129
- elsif source&.key?(:nuspec_url)
130
- source.fetch("nuspec_url") ||
131
- "https://api.nuget.org/v3-flatcontainer/" \
132
- "#{dependency.name.downcase}/#{dependency.version}/" \
133
- "#{dependency.name.downcase}.nuspec"
134
- else
135
- "https://api.nuget.org/v3-flatcontainer/" \
136
- "#{dependency.name.downcase}/#{dependency.version}/" \
137
- "#{dependency.name.downcase}.nuspec"
138
- end
124
+ return source.fetch(:nuspec_url) if source&.key?(:nuspec_url)
139
125
  end
140
126
 
141
127
  def dependency_source_url
data/lib/dependabot/nuget/requirement.rb CHANGED
@@ -21,7 +21,7 @@ module Dependabot
21
21
  [matches[1] || "=", Nuget::Version.new(matches[2])]
22
22
  end
23
23
 
24
- # For consistency with other langauges, we define a requirements array.
24
+ # For consistency with other languages, we define a requirements array.
25
25
  # Dotnet doesn't have an `OR` separator for requirements, so it always
26
26
  # contains a single element.
27
27
  def self.requirements_array(requirement_string)
data/lib/dependabot/nuget/update_checker/repository_finder.rb CHANGED
@@ -11,6 +11,7 @@ module Dependabot
11
11
  class UpdateChecker
12
12
  class RepositoryFinder
13
13
  DEFAULT_REPOSITORY_URL = "https://api.nuget.org/v3/index.json"
14
+ DEFAULT_REPOSITORY_API_KEY = "nuget.org"
14
15
 
15
16
  def initialize(dependency:, credentials:, config_files: [])
16
17
  @dependency = dependency
@@ -30,7 +31,7 @@ module Dependabot
30
31
  @find_dependency_urls ||=
31
32
  known_repositories.flat_map do |details|
32
33
  if details.fetch(:url) == DEFAULT_REPOSITORY_URL
33
- # Save a request for the default URL, since we already how
34
+ # Save a request for the default URL, since we already know how
34
35
  # it addresses packages
35
36
  next default_repository_details
36
37
  end
@@ -151,27 +152,26 @@ module Dependabot
151
152
  def repos_from_config_file(config_file)
152
153
  doc = Nokogiri::XML(config_file.content)
153
154
  doc.remove_namespaces!
154
- sources =
155
- doc.css("configuration > packageSources > add").map do |node|
156
- {
157
- key:
158
- node.attribute("key")&.value&.strip ||
159
- node.at_xpath("./key")&.content&.strip,
160
- url:
161
- node.attribute("value")&.value&.strip ||
162
- node.at_xpath("./value")&.content&.strip
163
- }
155
+ # analogous to having a root config with the default repository
156
+ base_sources = [{ url: DEFAULT_REPOSITORY_URL, key: "nuget.org" }]
157
+
158
+ sources = []
159
+ doc.css("configuration > packageSources").children.each do |node|
160
+ if node.name == "clear"
161
+ sources.clear
162
+ base_sources.clear
163
+ else
164
+ key = node.attribute("key")&.value&.strip || node.at_xpath("./key")&.content&.strip
165
+ url = node.attribute("value")&.value&.strip || node.at_xpath("./value")&.content&.strip
166
+ sources << { url: url, key: key }
164
167
  end
165
-
168
+ end
169
+ sources += base_sources # TODO: quirky overwrite behavior
166
170
  disabled_sources = disabled_sources(doc)
167
171
  sources.reject! do |s|
168
172
  disabled_sources.include?(s[:key])
169
173
  end
170
174
 
171
- unless doc.css("configuration > packageSources > clear").any?
172
- sources << { url: DEFAULT_REPOSITORY_URL, key: nil }
173
- end
174
-
175
175
  sources.reject! do |s|
176
176
  known_urls = credential_repositories.map { |cr| cr.fetch(:url) }
177
177
  known_urls.include?(s.fetch(:url))
@@ -202,7 +202,7 @@ module Dependabot
202
202
 
203
203
  # rubocop:disable Metrics/PerceivedComplexity
204
204
  def disabled_sources(doc)
205
- doc.css("configuration > disabledPackageSources > add").map do |node|
205
+ doc.css("configuration > disabledPackageSources > add").filter_map do |node|
206
206
  value = node.attribute("value")&.value ||
207
207
  node.at_xpath("./value")&.content
208
208
 
data/lib/dependabot/nuget/update_checker/version_finder.rb CHANGED
@@ -15,7 +15,7 @@ module Dependabot
15
15
  class VersionFinder
16
16
  require_relative "repository_finder"
17
17
 
18
- NUGET_RANGE_REGEX = /[\(\[].*,.*[\)\]]/.freeze
18
+ NUGET_RANGE_REGEX = /[\(\[].*,.*[\)\]]/
19
19
 
20
20
  def initialize(dependency:, dependency_files:, credentials:,
21
21
  ignored_versions:, raise_on_ignored: false,
data/lib/dependabot/nuget/version.rb CHANGED
@@ -11,7 +11,7 @@ module Dependabot
11
11
  module Nuget
12
12
  class Version < Gem::Version
13
13
  VERSION_PATTERN = Gem::Version::VERSION_PATTERN + '(\+[0-9a-zA-Z\-.]+)?'
14
- ANCHORED_VERSION_PATTERN = /\A\s*(#{VERSION_PATTERN})?\s*\z/.freeze
14
+ ANCHORED_VERSION_PATTERN = /\A\s*(#{VERSION_PATTERN})?\s*\z/
15
15
 
16
16
  def self.correct?(version)
17
17
  return false if version.nil?
data/lib/dependabot/nuget.rb CHANGED
@@ -15,4 +15,11 @@ Dependabot::PullRequestCreator::Labeler.
15
15
  register_label_details("nuget", name: ".NET", colour: "7121c6")
16
16
 
17
17
  require "dependabot/dependency"
18
- Dependabot::Dependency.register_production_check("nuget", ->(_) { true })
18
+ Dependabot::Dependency.register_production_check(
19
+ "nuget",
20
+ lambda do |groups|
21
+ return true if groups.empty?
22
+
23
+ groups.include?("dependencies")
24
+ end
25
+ )
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-nuget
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.212.0
4
+ version: 0.213.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-09-06 00:00:00.000000000 Z
11
+ date: 2022-10-31 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,42 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.212.0
19
+ version: 0.213.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.212.0
27
- - !ruby/object:Gem::Dependency
28
- name: debase
29
- requirement: !ruby/object:Gem::Requirement
30
- requirements:
31
- - - '='
32
- - !ruby/object:Gem::Version
33
- version: 0.2.3
34
- type: :development
35
- prerelease: false
36
- version_requirements: !ruby/object:Gem::Requirement
37
- requirements:
38
- - - '='
39
- - !ruby/object:Gem::Version
40
- version: 0.2.3
41
- - !ruby/object:Gem::Dependency
42
- name: debase-ruby_core_source
43
- requirement: !ruby/object:Gem::Requirement
44
- requirements:
45
- - - '='
46
- - !ruby/object:Gem::Version
47
- version: 0.10.16
48
- type: :development
49
- prerelease: false
50
- version_requirements: !ruby/object:Gem::Requirement
51
- requirements:
52
- - - '='
53
- - !ruby/object:Gem::Version
54
- version: 0.10.16
26
+ version: 0.213.0
55
27
  - !ruby/object:Gem::Dependency
56
28
  name: debug
57
29
  requirement: !ruby/object:Gem::Requirement
@@ -86,14 +58,14 @@ dependencies:
86
58
  requirements:
87
59
  - - "~>"
88
60
  - !ruby/object:Gem::Version
89
- version: 3.12.0
61
+ version: 3.13.0
90
62
  type: :development
91
63
  prerelease: false
92
64
  version_requirements: !ruby/object:Gem::Requirement
93
65
  requirements:
94
66
  - - "~>"
95
67
  - !ruby/object:Gem::Version
96
- version: 3.12.0
68
+ version: 3.13.0
97
69
  - !ruby/object:Gem::Dependency
98
70
  name: rake
99
71
  requirement: !ruby/object:Gem::Requirement
@@ -142,42 +114,28 @@ dependencies:
142
114
  requirements:
143
115
  - - "~>"
144
116
  - !ruby/object:Gem::Version
145
- version: 1.36.0
117
+ version: 1.37.1
146
118
  type: :development
147
119
  prerelease: false
148
120
  version_requirements: !ruby/object:Gem::Requirement
149
121
  requirements:
150
122
  - - "~>"
151
123
  - !ruby/object:Gem::Version
152
- version: 1.36.0
124
+ version: 1.37.1
153
125
  - !ruby/object:Gem::Dependency
154
126
  name: rubocop-performance
155
127
  requirement: !ruby/object:Gem::Requirement
156
128
  requirements:
157
129
  - - "~>"
158
130
  - !ruby/object:Gem::Version
159
- version: 1.14.2
160
- type: :development
161
- prerelease: false
162
- version_requirements: !ruby/object:Gem::Requirement
163
- requirements:
164
- - - "~>"
165
- - !ruby/object:Gem::Version
166
- version: 1.14.2
167
- - !ruby/object:Gem::Dependency
168
- name: ruby-debug-ide
169
- requirement: !ruby/object:Gem::Requirement
170
- requirements:
171
- - - "~>"
172
- - !ruby/object:Gem::Version
173
- version: 0.7.3
131
+ version: 1.15.0
174
132
  type: :development
175
133
  prerelease: false
176
134
  version_requirements: !ruby/object:Gem::Requirement
177
135
  requirements:
178
136
  - - "~>"
179
137
  - !ruby/object:Gem::Version
180
- version: 0.7.3
138
+ version: 1.15.0
181
139
  - !ruby/object:Gem::Dependency
182
140
  name: simplecov
183
141
  requirement: !ruby/object:Gem::Requirement
@@ -288,14 +246,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
288
246
  requirements:
289
247
  - - ">="
290
248
  - !ruby/object:Gem::Version
291
- version: 2.7.0
249
+ version: 3.1.0
292
250
  required_rubygems_version: !ruby/object:Gem::Requirement
293
251
  requirements:
294
252
  - - ">="
295
253
  - !ruby/object:Gem::Version
296
- version: 2.7.0
254
+ version: 3.1.0
297
255
  requirements: []
298
- rubygems_version: 3.1.6
256
+ rubygems_version: 3.3.7
299
257
  signing_key:
300
258
  specification_version: 4
301
259
  summary: ".NET (NuGet) support for dependabot"