dependabot-nuget 0.216.1 → 0.217.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/nuget/file_fetcher.rb +7 -0
  3. data/lib/dependabot/nuget/file_parser/dotnet_tools_json_parser.rb +60 -0
  4. data/lib/dependabot/nuget/file_parser.rb +14 -1
  5. data/lib/dependabot/nuget/file_updater.rb +12 -0
  6. data/lib/dependabot/nuget/update_checker/version_finder.rb +2 -2
  7. metadata +5 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d59de5c928c4f52da4ed75a1d3d2bfb189d50e094a9ff23feb4b5f30db191e14
4
- data.tar.gz: ed47f2dbe31c7ba7e24205ecc9919381395f69b6ceb304c3afa744914c023268
3
+ metadata.gz: 9aef8000d04789246d90d3a38cf04be9886bb42f0f0fb02c99a27cbbb22bb9e0
4
+ data.tar.gz: 535031557e7603ac372452fd67e1e5126b116a746a6981fce87773fe4ec46199
5
5
  SHA512:
6
- metadata.gz: 1b28324853a826812cb34f010bd5e9117f9de0f94f9d6d8bf876f3fd7a26ba46838e9bd504248b66ad55285125cddbb47d9c168ee3998367370a4d351c9eebc2
7
- data.tar.gz: 0d0f3e8af3e22bb2db4b8085d2dd8548b5119c120d25a095449e45b73201413cc659f23e7a63db7dcfdfc893bab012c94bc36da273d1ce9e1bc4bb342b92ba4f
6
+ metadata.gz: 65a99a951e8de3190e0d1c4d585cc2a3f353d1f1ab28eb5b4d8abf670d1d7557a0ed4bd523cca6aa659d238ca4da90e15128aa4ee8cce7b3437a59a45cc61b29
7
+ data.tar.gz: 5ff84ccc217802a9794fe3855ddadb8ed106fd65a4d0b4ca0d847e3bc47618fb7ca8548696cbd36daa65842d393077f66305e9806efe31309753b90f39078633
data/lib/dependabot/nuget/file_fetcher.rb CHANGED
@@ -32,6 +32,7 @@ module Dependabot
32
32
  fetched_files += packages_config_files
33
33
  fetched_files += nuget_config_files
34
34
  fetched_files << global_json if global_json
35
+ fetched_files << dotnet_tools_json if dotnet_tools_json
35
36
  fetched_files << packages_props if packages_props
36
37
 
37
38
  fetched_files = fetched_files.uniq
@@ -221,6 +222,12 @@ module Dependabot
221
222
  @global_json ||= fetch_file_if_present("global.json")
222
223
  end
223
224
 
225
+ def dotnet_tools_json
226
+ @dotnet_tools_json ||= fetch_file_if_present(".config/dotnet-tools.json")
227
+ rescue Dependabot::DependencyFileNotFound
228
+ nil
229
+ end
230
+
224
231
  def packages_props
225
232
  @packages_props ||= fetch_file_if_present("Packages.props")
226
233
  end
data/lib/dependabot/nuget/file_parser/dotnet_tools_json_parser.rb ADDED
@@ -0,0 +1,60 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "json"
4
+
5
+ require "dependabot/dependency"
6
+ require "dependabot/nuget/file_parser"
7
+
8
+ # For details on dotnet-tools.json files see:
9
+ # https://learn.microsoft.com/en-us/dotnet/core/tools/local-tools-how-to-use
10
+ module Dependabot
11
+ module Nuget
12
+ class FileParser
13
+ class DotNetToolsJsonParser
14
+ require "dependabot/file_parsers/base/dependency_set"
15
+
16
+ def initialize(dotnet_tools_json:)
17
+ @dotnet_tools_json = dotnet_tools_json
18
+ end
19
+
20
+ def dependency_set
21
+ dependency_set = Dependabot::FileParsers::Base::DependencySet.new
22
+
23
+ tools = parsed_dotnet_tools_json.fetch("tools", {})
24
+
25
+ raise Dependabot::DependencyFileNotParseable, dotnet_tools_json.path unless tools.is_a?(Hash)
26
+
27
+ tools.each do |dependency_name, node|
28
+ raise Dependabot::DependencyFileNotParseable, dotnet_tools_json.path unless node.is_a?(Hash)
29
+
30
+ version = node["version"]
31
+ dependency_set <<
32
+ Dependency.new(
33
+ name: dependency_name,
34
+ version: version,
35
+ package_manager: "nuget",
36
+ requirements: [{
37
+ requirement: version,
38
+ file: dotnet_tools_json.name,
39
+ groups: ["dependencies"],
40
+ source: nil
41
+ }]
42
+ )
43
+ end
44
+
45
+ dependency_set
46
+ end
47
+
48
+ private
49
+
50
+ attr_reader :dotnet_tools_json
51
+
52
+ def parsed_dotnet_tools_json
53
+ @parsed_dotnet_tools_json ||= JSON.parse(dotnet_tools_json.content)
54
+ rescue JSON::ParserError
55
+ raise Dependabot::DependencyFileNotParseable, dotnet_tools_json.path
56
+ end
57
+ end
58
+ end
59
+ end
60
+ end
data/lib/dependabot/nuget/file_parser.rb CHANGED
@@ -15,6 +15,7 @@ module Dependabot
15
15
  require_relative "file_parser/project_file_parser"
16
16
  require_relative "file_parser/packages_config_parser"
17
17
  require_relative "file_parser/global_json_parser"
18
+ require_relative "file_parser/dotnet_tools_json_parser"
18
19
 
19
20
  PACKAGE_CONF_DEPENDENCY_SELECTOR = "packages > packages"
20
21
 
@@ -23,6 +24,7 @@ module Dependabot
23
24
  dependency_set += project_file_dependencies
24
25
  dependency_set += packages_config_dependencies
25
26
  dependency_set += global_json_dependencies if global_json
27
+ dependency_set += dotnet_tools_json_dependencies if dotnet_tools_json
26
28
  dependency_set.dependencies
27
29
  end
28
30
 
@@ -56,6 +58,12 @@ module Dependabot
56
58
  GlobalJsonParser.new(global_json: global_json).dependency_set
57
59
  end
58
60
 
61
+ def dotnet_tools_json_dependencies
62
+ return DependencySet.new unless dotnet_tools_json
63
+
64
+ DotNetToolsJsonParser.new(dotnet_tools_json: dotnet_tools_json).dependency_set
65
+ end
66
+
59
67
  def project_file_parser
60
68
  @project_file_parser ||=
61
69
  ProjectFileParser.new(dependency_files: dependency_files)
@@ -76,7 +84,8 @@ module Dependabot
76
84
  project_files -
77
85
  packages_config_files -
78
86
  nuget_configs -
79
- [global_json]
87
+ [global_json] -
88
+ [dotnet_tools_json]
80
89
  end
81
90
 
82
91
  def nuget_configs
@@ -87,6 +96,10 @@ module Dependabot
87
96
  dependency_files.find { |f| f.name.casecmp("global.json").zero? }
88
97
  end
89
98
 
99
+ def dotnet_tools_json
100
+ dependency_files.find { |f| f.name.casecmp(".config/dotnet-tools.json").zero? }
101
+ end
102
+
90
103
  def check_required_files
91
104
  return if project_files.any? || packages_config_files.any?
92
105
 
data/lib/dependabot/nuget/file_updater.rb CHANGED
@@ -15,6 +15,7 @@ module Dependabot
15
15
  %r{^[^/]*\.[a-z]{2}proj$},
16
16
  /^packages\.config$/i,
17
17
  /^global\.json$/i,
18
+ /^dotnet-tools\.json$/i,
18
19
  /^Directory\.Build\.props$/i,
19
20
  /^Directory\.Build\.targets$/i,
20
21
  /^Packages\.props$/i
@@ -58,6 +59,10 @@ module Dependabot
58
59
  dependency_files.find { |f| f.name.casecmp("global.json").zero? }
59
60
  end
60
61
 
62
+ def dotnet_tools_json
63
+ dependency_files.find { |f| f.name.casecmp(".config/dotnet-tools.json").zero? }
64
+ end
65
+
61
66
  def check_required_files
62
67
  return if project_files.any? || packages_config_files.any?
63
68
 
@@ -128,6 +133,13 @@ module Dependabot
128
133
  "#{Regexp.escape(dependency.previous_version)}"/x
129
134
  ).to_s
130
135
  ]
136
+ elsif requirement.fetch(:file).casecmp(".config/dotnet-tools.json").zero?
137
+ [
138
+ dotnet_tools_json.content.match(
139
+ /"#{Regexp.escape(dependency.name)}"\s*:\s*{\s*"version"\s*:\s*
140
+ "#{Regexp.escape(dependency.previous_version)}"/xm
141
+ ).to_s
142
+ ]
131
143
  else
132
144
  declaration_finder(dependency, requirement).declaration_strings
133
145
  end
data/lib/dependabot/nuget/update_checker/version_finder.rb CHANGED
@@ -307,11 +307,11 @@ module Dependabot
307
307
  end
308
308
 
309
309
  def version_class
310
- Nuget::Version
310
+ dependency.version_class
311
311
  end
312
312
 
313
313
  def requirement_class
314
- Nuget::Requirement
314
+ dependency.requirement_class
315
315
  end
316
316
 
317
317
  def remove_wrapping_zero_width_chars(string)
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-nuget
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.216.1
4
+ version: 0.217.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-04-14 00:00:00.000000000 Z
11
+ date: 2023-04-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.216.1
19
+ version: 0.217.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.216.1
26
+ version: 0.217.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -219,6 +219,7 @@ files:
219
219
  - lib/dependabot/nuget/file_fetcher/import_paths_finder.rb
220
220
  - lib/dependabot/nuget/file_fetcher/sln_project_paths_finder.rb
221
221
  - lib/dependabot/nuget/file_parser.rb
222
+ - lib/dependabot/nuget/file_parser/dotnet_tools_json_parser.rb
222
223
  - lib/dependabot/nuget/file_parser/global_json_parser.rb
223
224
  - lib/dependabot/nuget/file_parser/packages_config_parser.rb
224
225
  - lib/dependabot/nuget/file_parser/project_file_parser.rb