dependabot-nuget 0.243.0 → 0.244.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6ecad798e54b8e04842c43e88be3ba17db4d9db05593913fa8709a60abe4ff6c
-  data.tar.gz: 3180c91c48986b9512477e05fe9479f02bf64dd2aa4c1883bcdc8e2b48b7459c
+  metadata.gz: be3a65448fe495f267cc054563bd29fd5a2142bb07613e2ed70a1cd21490bae5
+  data.tar.gz: 1fa876f1715e1ab11ccd5e0c323e58cd60b68d08560efe63a4c563755d36b1ca
 SHA512:
-  metadata.gz: 3a01fbdf21447a7816e2a421ae23fb26facf9dfa1a96ad0e1182f160d5b615cc8100b6c7733465cd9894acd64300066fde48540f8062c60fbb0ca8684e5b25de
-  data.tar.gz: 43d41b0c9b051671f5bafc6d050ca95d6c9f3e959ce6f1bdea896b834a1de3e0c63ee4b9e96ff981b216d33fee79be3f530736f9763ccddff2899bcc47f449e0
+  metadata.gz: b22d903bfd1bab554a9513aac135e7f4ea8e055ce8e6a5f163c9d8331e87c258805d333043953c5b7beeaeba6404792694150e7e9c035de29cd1568a09b2fc22
+  data.tar.gz: 00abcf17c29b5f98242b8ca97ab28c79f88e7c2425430f08d549364b16b160d640841ccd2e2b4c01978e96d7b0b4d51826795247f8087d1af6a4962abfba7809

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/SdkPackageUpdater.cs

@@ -33,7 +33,7 @@ internal static class SdkPackageUpdater
         var tfms = MSBuildHelper.GetTargetFrameworkMonikers(buildFiles);
 
         // Get the set of all top-level dependencies in the current project
-        var topLevelDependencies = MSBuildHelper.GetTopLevelPackageDependenyInfos(buildFiles).ToArray();
+        var topLevelDependencies = MSBuildHelper.GetTopLevelPackageDependencyInfos(buildFiles).ToArray();
 
         var packageFoundInDependencies = false;
         var packageNeedsUpdating = false;
@@ -128,7 +128,7 @@ internal static class SdkPackageUpdater
             UpdateTopLevelDepdendency(buildFiles, dependencyName, previousDependencyVersion, newDependencyVersion, packagesAndVersions, logger);
         }
 
-        var updatedTopLevelDependencies = MSBuildHelper.GetTopLevelPackageDependenyInfos(buildFiles);
+        var updatedTopLevelDependencies = MSBuildHelper.GetTopLevelPackageDependencyInfos(buildFiles);
         foreach (var tfm in tfms)
         {
             var updatedPackages = await MSBuildHelper.GetAllPackageDependenciesAsync(repoRootPath, projectPath, tfm, updatedTopLevelDependencies.ToArray(), logger);

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/MSBuildHelper.cs

@@ -15,6 +15,7 @@ using Microsoft.Build.Definition;
 using Microsoft.Build.Evaluation;
 using Microsoft.Build.Exceptions;
 using Microsoft.Build.Locator;
+using Microsoft.Extensions.FileSystemGlobbing;
 
 using NuGetUpdater.Core.Utilities;
 
@@ -101,6 +102,7 @@ internal static partial class MSBuildHelper
     {
         var projectStack = new Stack<(string folderPath, ProjectRootElement)>();
         var projectRootElement = ProjectRootElement.Open(projFilePath);
+        var processedProjectFiles = new HashSet<string>(StringComparer.OrdinalIgnoreCase);
 
         projectStack.Push((Path.GetFullPath(Path.GetDirectoryName(projFilePath)!), projectRootElement));
 
@@ -114,27 +116,42 @@ internal static partial class MSBuildHelper
                     continue;
                 }
 
-                projectPath = PathHelper.GetFullPathFromRelative(folderPath, projectPath);
+                Matcher matcher = new Matcher();
+                matcher.AddInclude(PathHelper.NormalizePathToUnix(projectReference.Include));
 
-                var projectExtension = Path.GetExtension(projectPath).ToLowerInvariant();
-                if (projectExtension == ".proj")
+                string searchDirectory = PathHelper.NormalizePathToUnix(folderPath);
+
+                IEnumerable<string> files = matcher.GetResultsInFullPath(searchDirectory);
+
+                foreach (var file in files)
                 {
-                    // If there is some MSBuild logic that needs to run to fully resolve the path skip the project
-                    if (File.Exists(projectPath))
+                    // Check that we haven't already processed this file
+                    if (processedProjectFiles.Contains(file))
                     {
-                        var additionalProjectRootElement = ProjectRootElement.Open(projectPath);
-                        projectStack.Push((Path.GetFullPath(Path.GetDirectoryName(projectPath)!), additionalProjectRootElement));
+                        continue;
+                    }
+
+                    var projectExtension = Path.GetExtension(file).ToLowerInvariant();
+                    if (projectExtension == ".proj")
+                    {
+                        // If there is some MSBuild logic that needs to run to fully resolve the path skip the project
+                        if (File.Exists(file))
+                        {
+                            var additionalProjectRootElement = ProjectRootElement.Open(file);
+                            projectStack.Push((Path.GetFullPath(Path.GetDirectoryName(file)!), additionalProjectRootElement));
+                            processedProjectFiles.Add(file);
+                        }
+                    }
+                    else if (projectExtension == ".csproj" || projectExtension == ".vbproj" || projectExtension == ".fsproj")
+                    {
+                        yield return file;
                     }
-                }
-                else if (projectExtension == ".csproj" || projectExtension == ".vbproj" || projectExtension == ".fsproj")
-                {
-                    yield return projectPath;
                 }
             }
         }
     }
 
-    public static IEnumerable<Dependency> GetTopLevelPackageDependenyInfos(ImmutableArray<ProjectBuildFile> buildFiles)
+    public static IEnumerable<Dependency> GetTopLevelPackageDependencyInfos(ImmutableArray<ProjectBuildFile> buildFiles)
     {
         Dictionary<string, (string, bool)> packageInfo = new(StringComparer.OrdinalIgnoreCase);
         Dictionary<string, string> packageVersionInfo = new(StringComparer.OrdinalIgnoreCase);

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Update/UpdateWorker.DirsProj.cs

@@ -170,6 +170,158 @@ public partial class UpdateWorkerTests
                 ]);
         }
 
+        [Fact]
+        public async Task UpdateSingleDependencyInNestedDirsProjUsingWildcard()
+        {
+            await TestUpdateForDirsProj("Newtonsoft.Json", "9.0.1", "13.0.1",
+                // initial
+                projectContents: """
+                <Project Sdk="Microsoft.Build.NoTargets">
+                
+                  <ItemGroup>
+                    <ProjectReference Include="src/*.proj" />
+                  </ItemGroup>
+
+                </Project>
+                """,
+                additionalFiles:
+                [
+                    ("src/dirs.proj",
+                        """
+                        <Project Sdk="Microsoft.Build.NoTargets">
+                        
+                          <ItemGroup>
+                            <ProjectReference Include="test-project/test-project.csproj" />
+                          </ItemGroup>
+
+                        </Project>
+                        """),
+                    ("src/test-project/test-project.csproj",
+                        """
+                        <Project Sdk="Microsoft.NET.Sdk">
+                          <PropertyGroup>
+                            <TargetFramework>netstandard2.0</TargetFramework>
+                          </PropertyGroup>
+                        
+                          <ItemGroup>
+                            <PackageReference Include="Newtonsoft.Json" Version="9.0.1" />
+                          </ItemGroup>
+                        </Project>
+                        """)
+                ],
+                // expected
+                expectedProjectContents: """
+                <Project Sdk="Microsoft.Build.NoTargets">
+                
+                  <ItemGroup>
+                    <ProjectReference Include="src/*.proj" />
+                  </ItemGroup>
+
+                </Project>
+                """,
+                additionalFilesExpected:
+                [
+                    ("src/dirs.proj",
+                        """
+                        <Project Sdk="Microsoft.Build.NoTargets">
+                        
+                          <ItemGroup>
+                            <ProjectReference Include="test-project/test-project.csproj" />
+                          </ItemGroup>
+
+                        </Project>
+                        """),
+                    ("src/test-project/test-project.csproj",
+                        """
+                        <Project Sdk="Microsoft.NET.Sdk">
+                          <PropertyGroup>
+                            <TargetFramework>netstandard2.0</TargetFramework>
+                          </PropertyGroup>
+                        
+                          <ItemGroup>
+                            <PackageReference Include="Newtonsoft.Json" Version="13.0.1" />
+                          </ItemGroup>
+                        </Project>
+                        """)
+                ]);
+        }
+
+        [Fact]
+        public async Task UpdateSingleDependencyInNestedDirsProjUsingRecursiveWildcard()
+        {
+            await TestUpdateForDirsProj("Newtonsoft.Json", "9.0.1", "13.0.1",
+                // initial
+                projectContents: """
+                <Project Sdk="Microsoft.Build.NoTargets">
+                
+                  <ItemGroup>
+                    <ProjectReference Include="**/*.proj" />
+                  </ItemGroup>
+
+                </Project>
+                """,
+                additionalFiles:
+                [
+                    ("src/dirs.proj",
+                        """
+                        <Project Sdk="Microsoft.Build.NoTargets">
+                        
+                          <ItemGroup>
+                            <ProjectReference Include="test-project/test-project.csproj" />
+                          </ItemGroup>
+
+                        </Project>
+                        """),
+                    ("src/test-project/test-project.csproj",
+                        """
+                        <Project Sdk="Microsoft.NET.Sdk">
+                          <PropertyGroup>
+                            <TargetFramework>netstandard2.0</TargetFramework>
+                          </PropertyGroup>
+                        
+                          <ItemGroup>
+                            <PackageReference Include="Newtonsoft.Json" Version="9.0.1" />
+                          </ItemGroup>
+                        </Project>
+                        """)
+                ],
+                // expected
+                expectedProjectContents: """
+                <Project Sdk="Microsoft.Build.NoTargets">
+                
+                  <ItemGroup>
+                    <ProjectReference Include="**/*.proj" />
+                  </ItemGroup>
+
+                </Project>
+                """,
+                additionalFilesExpected:
+                [
+                    ("src/dirs.proj",
+                        """
+                        <Project Sdk="Microsoft.Build.NoTargets">
+                        
+                          <ItemGroup>
+                            <ProjectReference Include="test-project/test-project.csproj" />
+                          </ItemGroup>
+
+                        </Project>
+                        """),
+                    ("src/test-project/test-project.csproj",
+                        """
+                        <Project Sdk="Microsoft.NET.Sdk">
+                          <PropertyGroup>
+                            <TargetFramework>netstandard2.0</TargetFramework>
+                          </PropertyGroup>
+                        
+                          <ItemGroup>
+                            <PackageReference Include="Newtonsoft.Json" Version="13.0.1" />
+                          </ItemGroup>
+                        </Project>
+                        """)
+                ]);
+        }
+
         static async Task TestUpdateForDirsProj(
             string dependencyName,
             string oldVersion,

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Utilities/MSBuildHelperTests.cs

@@ -128,7 +128,7 @@ public class MSBuildHelperTests
     }
 
     [Theory]
-    [MemberData(nameof(GetTopLevelPackageDependenyInfosTestData))]
+    [MemberData(nameof(GetTopLevelPackageDependencyInfosTestData))]
     public async Task TopLevelPackageDependenciesCanBeDetermined((string Path, string Content)[] buildFileContents, Dependency[] expectedTopLevelDependencies)
     {
         using var testDirectory = new TemporaryDirectory();
@@ -140,7 +140,7 @@ public class MSBuildHelperTests
             buildFiles.Add(ProjectBuildFile.Parse(testDirectory.DirectoryPath, fullPath, content));
         }
 
-        var actualTopLevelDependencies = MSBuildHelper.GetTopLevelPackageDependenyInfos(buildFiles.ToImmutableArray());
+        var actualTopLevelDependencies = MSBuildHelper.GetTopLevelPackageDependencyInfos(buildFiles.ToImmutableArray());
         Assert.Equal(expectedTopLevelDependencies, actualTopLevelDependencies);
     }
 
@@ -383,7 +383,7 @@ public class MSBuildHelperTests
         }
     }
 
-    public static IEnumerable<object[]> GetTopLevelPackageDependenyInfosTestData()
+    public static IEnumerable<object[]> GetTopLevelPackageDependencyInfosTestData()
     {
         // simple case
         yield return

data/lib/dependabot/nuget/file_parser/project_file_parser.rb

@@ -14,7 +14,9 @@ require "dependabot/nuget/nuget_client"
 module Dependabot
   module Nuget
     class FileParser
-      class ProjectFileParser
+      class ProjectFileParser # rubocop:disable Metrics/ClassLength
+        extend T::Sig
+
         require "dependabot/file_parsers/base/dependency_set"
         require_relative "property_value_finder"
         require_relative "../update_checker/repository_finder"
@@ -46,16 +48,20 @@ module Dependabot
           CacheManager.cache("dependency_url_search_cache")
         end
 
-        def initialize(dependency_files:, credentials:)
+        def initialize(dependency_files:, credentials:, repo_contents_path:)
           @dependency_files       = dependency_files
           @credentials            = credentials
+          @repo_contents_path     = repo_contents_path
         end
 
-        def dependency_set(project_file:)
+        def dependency_set(project_file:, visited_project_files: Set.new)
           key = "#{project_file.name.downcase}::#{project_file.content.hash}"
           cache = ProjectFileParser.dependency_set_cache
 
-          cache[key] ||= parse_dependencies(project_file)
+          visited_project_files.add(cache[key])
+
+          # Pass the visited_project_files set to parse_dependencies
+          cache[key] ||= parse_dependencies(project_file, visited_project_files)
         end
 
         def downstream_file_references(project_file:)
@@ -70,7 +76,10 @@ module Dependabot
             dep_file = get_attribute_value(project_reference_node, "Include")
             full_project_path = full_path(project_file, dep_file)
             full_project_path = full_project_path[1..-1] if full_project_path.start_with?("/")
-            file_set << full_project_path if full_project_path
+            full_project_paths = expand_wildcards_in_project_reference_path(full_project_path)
+            full_project_paths.each do |full_project_path_expanded|
+              file_set << full_project_path_expanded if full_project_path_expanded
+            end
           end
 
           file_set
@@ -115,7 +124,7 @@ module Dependabot
           result
         end
 
-        def parse_dependencies(project_file)
+        def parse_dependencies(project_file, visited_project_files)
           dependency_set = Dependabot::FileParsers::Base::DependencySet.new
 
           doc = Nokogiri::XML(project_file.content)
@@ -134,7 +143,7 @@ module Dependabot
 
           add_global_package_references(dependency_set)
 
-          add_transitive_dependencies(project_file, doc, dependency_set)
+          add_transitive_dependencies(project_file, doc, dependency_set, visited_project_files)
 
           # Look for SDK references; see:
           # https://docs.microsoft.com/en-us/visualstudio/msbuild/how-to-use-project-sdk
@@ -160,12 +169,16 @@ module Dependabot
           end
         end
 
-        def add_transitive_dependencies(project_file, doc, dependency_set)
+        def add_transitive_dependencies(project_file, doc, dependency_set, visited_project_files)
           add_transitive_dependencies_from_packages(dependency_set)
-          add_transitive_dependencies_from_project_references(project_file, doc, dependency_set)
+          add_transitive_dependencies_from_project_references(project_file, doc, dependency_set, visited_project_files)
         end
 
-        def add_transitive_dependencies_from_project_references(project_file, doc, dependency_set)
+        def add_transitive_dependencies_from_project_references(project_file, doc, dependency_set,
+                                                                visited_project_files)
+
+          # if visited_project_files is an empty set then new up a new set
+          visited_project_files = Set.new if visited_project_files.nil?
           # Look for regular project references
           project_refs = doc.css(PROJECT_REFERENCE_SELECTOR)
           # Look for ProjectFile references (dirs.proj)
@@ -179,21 +192,51 @@ module Dependabot
 
             full_project_path = full_path(project_file, relative_path)
 
-            referenced_file = dependency_files.find { |f| f.name == full_project_path }
-            next unless referenced_file
-
-            dependency_set(project_file: referenced_file).dependencies.each do |dep|
-              dependency = Dependency.new(
-                name: dep.name,
-                version: dep.version,
-                package_manager: dep.package_manager,
-                requirements: []
-              )
-              dependency_set << dependency
+            full_project_paths = expand_wildcards_in_project_reference_path(full_project_path)
+
+            full_project_paths.each do |path|
+              # Check if we've already visited this project file
+              next if visited_project_files.include?(path)
+
+              visited_project_files.add(path)
+              referenced_file = dependency_files.find { |f| f.name == path }
+              next unless referenced_file
+
+              dependency_set(project_file: referenced_file,
+                             visited_project_files: visited_project_files).dependencies.each do |dep|
+                dependency = Dependency.new(
+                  name: dep.name,
+                  version: dep.version,
+                  package_manager: dep.package_manager,
+                  requirements: []
+                )
+                dependency_set << dependency
+              end
             end
           end
         end
 
+        sig { params(full_path: T.untyped).returns(T::Array[T.nilable(String)]) }
+        def expand_wildcards_in_project_reference_path(full_path)
+          full_path = T.let(File.join(@repo_contents_path, full_path), T.nilable(String))
+          expanded_wildcard = Dir.glob(T.must(full_path))
+
+          filtered_paths = []
+
+          # For each expanded path, remove the @repo_contents_path prefix and leading slash
+          expanded_wildcard.map do |path|
+            # Remove @repo_contents_path prefix
+            path = path.sub(@repo_contents_path, "")
+            # Remove leading slash
+            path = path[1..-1] if path.start_with?("/")
+            filtered_paths << path
+            path # Return the modified path
+          end
+
+          # If the wildcard didn't match anything, strip the @repo_contents_path prefix and return the original path.
+          filtered_paths.any? ? filtered_paths : [T.must(full_path).sub(@repo_contents_path, "")[1..-1]]
+        end
+
         def add_transitive_dependencies_from_packages(dependency_set)
           transitive_dependencies_from_packages(dependency_set.dependencies).each { |dep| dependency_set << dep }
         end
@@ -205,7 +248,8 @@ module Dependabot
             UpdateChecker::DependencyFinder.new(
               dependency: dependency,
               dependency_files: dependency_files,
-              credentials: credentials
+              credentials: credentials,
+              repo_contents_path: @repo_contents_path
             ).transitive_dependencies.each do |transitive_dep|
               visited_dep = transitive_dependencies[transitive_dep.name.downcase]
               next if !visited_dep.nil? && visited_dep.numeric_version > transitive_dep.numeric_version

data/lib/dependabot/nuget/file_parser.rb

@@ -78,7 +78,8 @@ module Dependabot
         @project_file_parser ||= T.let(
           ProjectFileParser.new(
             dependency_files: dependency_files,
-            credentials: credentials
+            credentials: credentials,
+            repo_contents_path: @repo_contents_path
           ),
           T.nilable(Dependabot::Nuget::FileParser::ProjectFileParser)
         )

data/lib/dependabot/nuget/file_updater.rb

@@ -144,7 +144,8 @@ module Dependabot
         @project_file_parser ||=
           FileParser::ProjectFileParser.new(
             dependency_files: dependency_files,
-            credentials: credentials
+            credentials: credentials,
+            repo_contents_path: repo_contents_path
           )
       end
 

data/lib/dependabot/nuget/update_checker/dependency_finder.rb

@@ -26,10 +26,11 @@ module Dependabot
           CacheManager.cache("dependency_finder_fetch_dependencies")
         end
 
-        def initialize(dependency:, dependency_files:, credentials:)
+        def initialize(dependency:, dependency_files:, credentials:, repo_contents_path:)
           @dependency             = dependency
           @dependency_files       = dependency_files
           @credentials            = credentials
+          @repo_contents_path     = repo_contents_path
         end
 
         def transitive_dependencies
@@ -93,7 +94,7 @@ module Dependabot
 
         private
 
-        attr_reader :dependency, :dependency_files, :credentials
+        attr_reader :dependency, :dependency_files, :credentials, :repo_contents_path
 
         def updated_requirements(dep, target_version_details)
           @updated_requirements ||= {}
@@ -219,7 +220,8 @@ module Dependabot
             credentials: credentials,
             ignored_versions: [],
             raise_on_ignored: false,
-            security_advisories: []
+            security_advisories: [],
+            repo_contents_path: repo_contents_path
           )
         end
       end

data/lib/dependabot/nuget/update_checker/property_updater.rb

@@ -14,7 +14,7 @@ module Dependabot
 
         def initialize(dependency:, dependency_files:, credentials:,
                        target_version_details:, ignored_versions:,
-                       raise_on_ignored: false)
+                       raise_on_ignored: false, repo_contents_path:)
           @dependency       = dependency
           @dependency_files = dependency_files
           @credentials      = credentials
@@ -23,6 +23,7 @@ module Dependabot
           @target_version   = target_version_details&.fetch(:version)
           @source_details   = target_version_details
                               &.slice(:nuspec_url, :repo_url, :source_url)
+          @repo_contents_path = repo_contents_path
         end
 
         def update_possible?
@@ -36,7 +37,8 @@ module Dependabot
                 credentials: credentials,
                 ignored_versions: ignored_versions,
                 raise_on_ignored: @raise_on_ignored,
-                security_advisories: []
+                security_advisories: [],
+                repo_contents_path: repo_contents_path
               ).versions.map { |v| v.fetch(:version) }
 
               versions.include?(target_version) || versions.none?
@@ -74,13 +76,14 @@ module Dependabot
         private
 
         attr_reader :dependency, :dependency_files, :target_version,
-                    :source_details, :credentials, :ignored_versions
+                    :source_details, :credentials, :ignored_versions, :repo_contents_path
 
         def process_updated_peer_dependencies(dependency, dependencies)
           DependencyFinder.new(
             dependency: dependency,
             dependency_files: dependency_files,
-            credentials: credentials
+            credentials: credentials,
+            repo_contents_path: repo_contents_path
           ).updated_peer_dependencies.each do |peer_dependency|
             # Only keep one copy of each dependency, the one with the highest target version.
             visited_dependency = dependencies[peer_dependency.name.downcase]

data/lib/dependabot/nuget/update_checker/tfm_finder.rb

@@ -16,9 +16,10 @@ module Dependabot
       require "dependabot/nuget/file_parser/packages_config_parser"
       require "dependabot/nuget/file_parser/project_file_parser"
 
-      def initialize(dependency_files:, credentials:)
+      def initialize(dependency_files:, credentials:, repo_contents_path:)
         @dependency_files       = dependency_files
         @credentials            = credentials
+        @repo_contents_path     = repo_contents_path
       end
 
       def frameworks(dependency)
@@ -30,7 +31,7 @@ module Dependabot
 
       private
 
-      attr_reader :dependency_files, :credentials
+      attr_reader :dependency_files, :credentials, :repo_contents_path
 
       def project_file_tfms(dependency)
         project_files_with_dependency(dependency).flat_map do |file|
@@ -80,7 +81,8 @@ module Dependabot
         @project_file_parser ||=
           FileParser::ProjectFileParser.new(
             dependency_files: dependency_files,
-            credentials: credentials
+            credentials: credentials,
+            repo_contents_path: repo_contents_path
           )
       end
 

data/lib/dependabot/nuget/update_checker/version_finder.rb

@@ -18,13 +18,15 @@ module Dependabot
 
         def initialize(dependency:, dependency_files:, credentials:,
                        ignored_versions:, raise_on_ignored: false,
-                       security_advisories:)
+                       security_advisories:,
+                       repo_contents_path:)
           @dependency          = dependency
           @dependency_files    = dependency_files
           @credentials         = credentials
           @ignored_versions    = ignored_versions
           @raise_on_ignored    = raise_on_ignored
           @security_advisories = security_advisories
+          @repo_contents_path  = repo_contents_path
         end
 
         def latest_version_details
@@ -58,7 +60,7 @@ module Dependabot
         end
 
         attr_reader :dependency, :dependency_files, :credentials,
-                    :ignored_versions, :security_advisories
+                    :ignored_versions, :security_advisories, :repo_contents_path
 
         private
 
@@ -101,7 +103,8 @@ module Dependabot
             dependency: dependency,
             tfm_finder: TfmFinder.new(
               dependency_files: dependency_files,
-              credentials: credentials
+              credentials: credentials,
+              repo_contents_path: repo_contents_path
             )
           )
         end

data/lib/dependabot/nuget/update_checker.rb

@@ -107,7 +107,8 @@ module Dependabot
         updated_dependencies += DependencyFinder.new(
           dependency: updated_dependency,
           dependency_files: dependency_files,
-          credentials: credentials
+          credentials: credentials,
+          repo_contents_path: @repo_contents_path
         ).updated_peer_dependencies
         updated_dependencies
       end
@@ -135,7 +136,8 @@ module Dependabot
             credentials: credentials,
             ignored_versions: ignored_versions,
             raise_on_ignored: @raise_on_ignored,
-            security_advisories: security_advisories
+            security_advisories: security_advisories,
+            repo_contents_path: @repo_contents_path
           )
       end
 
@@ -147,7 +149,8 @@ module Dependabot
             target_version_details: latest_version_details,
             credentials: credentials,
             ignored_versions: ignored_versions,
-            raise_on_ignored: @raise_on_ignored
+            raise_on_ignored: @raise_on_ignored,
+            repo_contents_path: @repo_contents_path
           )
       end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-nuget
 version: !ruby/object:Gem::Version
-  version: 0.243.0
+  version: 0.244.0
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-02-13 00:00:00.000000000 Z
+date: 2024-02-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.243.0
+        version: 0.244.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.243.0
+        version: 0.244.0
 - !ruby/object:Gem::Dependency
   name: rubyzip
   requirement: !ruby/object:Gem::Requirement
@@ -371,7 +371,7 @@ licenses:
 - Nonstandard
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.243.0
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.244.0
 post_install_message: 
 rdoc_options: []
 require_paths: