dependabot-nuget 0.244.0 → 0.245.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: be3a65448fe495f267cc054563bd29fd5a2142bb07613e2ed70a1cd21490bae5
4
- data.tar.gz: 1fa876f1715e1ab11ccd5e0c323e58cd60b68d08560efe63a4c563755d36b1ca
3
+ metadata.gz: 4e67c27ae4f1d9736ba0db82edf309551b56c5337213f72a71d5dc7502e2a91d
4
+ data.tar.gz: f04858bb986a722dbe26aae525f26885dbd7cc0dc514ee099ab5fed628dfbc43
5
5
  SHA512:
6
- metadata.gz: b22d903bfd1bab554a9513aac135e7f4ea8e055ce8e6a5f163c9d8331e87c258805d333043953c5b7beeaeba6404792694150e7e9c035de29cd1568a09b2fc22
7
- data.tar.gz: 00abcf17c29b5f98242b8ca97ab28c79f88e7c2425430f08d549364b16b160d640841ccd2e2b4c01978e96d7b0b4d51826795247f8087d1af6a4962abfba7809
6
+ metadata.gz: 9fc5b619a387d372e8b91007cb3a1983e93b891874e87e475286d177e3075a911c98cda226746f7e8bb792ba83da409ba9abaa29402857d3b01e82850bffbbc9
7
+ data.tar.gz: '0919b3eb28f2d1c1aa5e3d137eb0ef4d443458f92aaddfca0628353d9b49d2ad6b2ccc6698102f55ada4c04517017c143d5115c1ff0d6ba701c422b6547923f2'
@@ -360,7 +360,17 @@ internal static partial class MSBuildHelper
360
360
  await File.WriteAllTextAsync(tempProjectPath, projectContents);
361
361
 
362
362
  // prevent directory crawling
363
- await File.WriteAllTextAsync(Path.Combine(tempDir.FullName, "Directory.Build.props"), "<Project />");
363
+ await File.WriteAllTextAsync(
364
+ Path.Combine(tempDir.FullName, "Directory.Build.props"),
365
+ """
366
+ <Project>
367
+ <PropertyGroup>
368
+ <!-- For Windows-specific apps -->
369
+ <EnableWindowsTargeting>true</EnableWindowsTargeting>
370
+ </PropertyGroup>
371
+ </Project>
372
+ """);
373
+
364
374
  await File.WriteAllTextAsync(Path.Combine(tempDir.FullName, "Directory.Build.targets"), "<Project />");
365
375
  await File.WriteAllTextAsync(Path.Combine(tempDir.FullName, "Directory.Packages.props"), "<Project />");
366
376
 
@@ -50,6 +50,38 @@ public partial class UpdateWorkerTests
50
50
  """);
51
51
  }
52
52
 
53
+ [Fact]
54
+ public async Task UpdateVersionAttribute_InProjectFile_ForPackageReferenceInclude_Windows()
55
+ {
56
+ // update Newtonsoft.Json from 9.0.1 to 13.0.1
57
+ await TestUpdateForProject("Newtonsoft.Json", "9.0.1", "13.0.1",
58
+ // initial
59
+ projectContents: $"""
60
+ <Project Sdk="Microsoft.NET.Sdk">
61
+ <PropertyGroup>
62
+ <TargetFramework>net8.0-windows10.0.19041.0</TargetFramework>
63
+ <RuntimeIdentifier>win-x64</RuntimeIdentifier>
64
+ </PropertyGroup>
65
+
66
+ <ItemGroup>
67
+ <PackageReference Include="Newtonsoft.Json" Version="9.0.1" />
68
+ </ItemGroup>
69
+ </Project>
70
+ """,
71
+ // expected
72
+ expectedProjectContents: $"""
73
+ <Project Sdk="Microsoft.NET.Sdk">
74
+ <PropertyGroup>
75
+ <TargetFramework>net8.0-windows10.0.19041.0</TargetFramework>
76
+ <RuntimeIdentifier>win-x64</RuntimeIdentifier>
77
+ </PropertyGroup>
78
+
79
+ <ItemGroup>
80
+ <PackageReference Include="Newtonsoft.Json" Version="13.0.1" />
81
+ </ItemGroup>
82
+ </Project>
83
+ """);
84
+ }
53
85
 
54
86
  [Theory]
55
87
  [InlineData("$(NewtonsoftJsonVersion")]
@@ -45,7 +45,7 @@ module Dependabot
45
45
 
46
46
  puts "running NuGet updater:\n" + command
47
47
 
48
- output = SharedHelpers.run_shell_command(command, fingerprint: fingerprint)
48
+ output = SharedHelpers.run_shell_command(command, allow_unsafe_shell_command: true, fingerprint: fingerprint)
49
49
  puts output
50
50
 
51
51
  # Exit code == 0 means that all project frameworks are compatible
@@ -55,17 +55,11 @@ module Dependabot
55
55
  false
56
56
  end
57
57
 
58
- # rubocop:disable Metrics/MethodLength
59
58
  sig do
60
- params(
61
- repo_root: String,
62
- proj_path: String,
63
- dependency: Dependency,
64
- is_transitive: T::Boolean,
65
- credentials: T::Array[T.untyped]
66
- ).void
59
+ params(repo_root: String, proj_path: String, dependency: Dependency,
60
+ is_transitive: T::Boolean).returns([String, String])
67
61
  end
68
- def self.run_nuget_updater_tool(repo_root:, proj_path:, dependency:, is_transitive:, credentials:)
62
+ def self.get_nuget_updater_tool_command(repo_root:, proj_path:, dependency:, is_transitive:)
69
63
  exe_path = File.join(native_helpers_root, "NuGetUpdater", "NuGetUpdater.Cli")
70
64
  command_parts = [
71
65
  exe_path,
@@ -103,14 +97,29 @@ module Dependabot
103
97
  "--verbose"
104
98
  ].compact.join(" ")
105
99
 
100
+ [command, fingerprint]
101
+ end
102
+
103
+ sig do
104
+ params(
105
+ repo_root: String,
106
+ proj_path: String,
107
+ dependency: Dependency,
108
+ is_transitive: T::Boolean,
109
+ credentials: T::Array[Dependabot::Credential]
110
+ ).void
111
+ end
112
+ def self.run_nuget_updater_tool(repo_root:, proj_path:, dependency:, is_transitive:, credentials:)
113
+ (command, fingerprint) = get_nuget_updater_tool_command(repo_root: repo_root, proj_path: proj_path,
114
+ dependency: dependency, is_transitive: is_transitive)
115
+
106
116
  puts "running NuGet updater:\n" + command
107
117
 
108
118
  NuGetConfigCredentialHelpers.patch_nuget_config_for_action(credentials) do
109
- output = SharedHelpers.run_shell_command(command, fingerprint: fingerprint)
119
+ output = SharedHelpers.run_shell_command(command, allow_unsafe_shell_command: true, fingerprint: fingerprint)
110
120
  puts output
111
121
  end
112
122
  end
113
- # rubocop:enable Metrics/MethodLength
114
123
  end
115
124
  end
116
125
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-nuget
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.244.0
4
+ version: 0.245.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-02-15 00:00:00.000000000 Z
11
+ date: 2024-02-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.244.0
19
+ version: 0.245.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.244.0
26
+ version: 0.245.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: rubyzip
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -371,7 +371,7 @@ licenses:
371
371
  - Nonstandard
372
372
  metadata:
373
373
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
374
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.244.0
374
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.245.0
375
375
  post_install_message:
376
376
  rdoc_options: []
377
377
  require_paths: