dependabot-nuget 0.244.0 → 0.245.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4e67c27ae4f1d9736ba0db82edf309551b56c5337213f72a71d5dc7502e2a91d
|
4
|
+
data.tar.gz: f04858bb986a722dbe26aae525f26885dbd7cc0dc514ee099ab5fed628dfbc43
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 9fc5b619a387d372e8b91007cb3a1983e93b891874e87e475286d177e3075a911c98cda226746f7e8bb792ba83da409ba9abaa29402857d3b01e82850bffbbc9
|
7
|
+
data.tar.gz: '0919b3eb28f2d1c1aa5e3d137eb0ef4d443458f92aaddfca0628353d9b49d2ad6b2ccc6698102f55ada4c04517017c143d5115c1ff0d6ba701c422b6547923f2'
|
@@ -360,7 +360,17 @@ internal static partial class MSBuildHelper
|
|
360
360
|
await File.WriteAllTextAsync(tempProjectPath, projectContents);
|
361
361
|
|
362
362
|
// prevent directory crawling
|
363
|
-
await File.WriteAllTextAsync(
|
363
|
+
await File.WriteAllTextAsync(
|
364
|
+
Path.Combine(tempDir.FullName, "Directory.Build.props"),
|
365
|
+
"""
|
366
|
+
<Project>
|
367
|
+
<PropertyGroup>
|
368
|
+
<!-- For Windows-specific apps -->
|
369
|
+
<EnableWindowsTargeting>true</EnableWindowsTargeting>
|
370
|
+
</PropertyGroup>
|
371
|
+
</Project>
|
372
|
+
""");
|
373
|
+
|
364
374
|
await File.WriteAllTextAsync(Path.Combine(tempDir.FullName, "Directory.Build.targets"), "<Project />");
|
365
375
|
await File.WriteAllTextAsync(Path.Combine(tempDir.FullName, "Directory.Packages.props"), "<Project />");
|
366
376
|
|
@@ -50,6 +50,38 @@ public partial class UpdateWorkerTests
|
|
50
50
|
""");
|
51
51
|
}
|
52
52
|
|
53
|
+
[Fact]
|
54
|
+
public async Task UpdateVersionAttribute_InProjectFile_ForPackageReferenceInclude_Windows()
|
55
|
+
{
|
56
|
+
// update Newtonsoft.Json from 9.0.1 to 13.0.1
|
57
|
+
await TestUpdateForProject("Newtonsoft.Json", "9.0.1", "13.0.1",
|
58
|
+
// initial
|
59
|
+
projectContents: $"""
|
60
|
+
<Project Sdk="Microsoft.NET.Sdk">
|
61
|
+
<PropertyGroup>
|
62
|
+
<TargetFramework>net8.0-windows10.0.19041.0</TargetFramework>
|
63
|
+
<RuntimeIdentifier>win-x64</RuntimeIdentifier>
|
64
|
+
</PropertyGroup>
|
65
|
+
|
66
|
+
<ItemGroup>
|
67
|
+
<PackageReference Include="Newtonsoft.Json" Version="9.0.1" />
|
68
|
+
</ItemGroup>
|
69
|
+
</Project>
|
70
|
+
""",
|
71
|
+
// expected
|
72
|
+
expectedProjectContents: $"""
|
73
|
+
<Project Sdk="Microsoft.NET.Sdk">
|
74
|
+
<PropertyGroup>
|
75
|
+
<TargetFramework>net8.0-windows10.0.19041.0</TargetFramework>
|
76
|
+
<RuntimeIdentifier>win-x64</RuntimeIdentifier>
|
77
|
+
</PropertyGroup>
|
78
|
+
|
79
|
+
<ItemGroup>
|
80
|
+
<PackageReference Include="Newtonsoft.Json" Version="13.0.1" />
|
81
|
+
</ItemGroup>
|
82
|
+
</Project>
|
83
|
+
""");
|
84
|
+
}
|
53
85
|
|
54
86
|
[Theory]
|
55
87
|
[InlineData("$(NewtonsoftJsonVersion")]
|
@@ -45,7 +45,7 @@ module Dependabot
|
|
45
45
|
|
46
46
|
puts "running NuGet updater:\n" + command
|
47
47
|
|
48
|
-
output = SharedHelpers.run_shell_command(command, fingerprint: fingerprint)
|
48
|
+
output = SharedHelpers.run_shell_command(command, allow_unsafe_shell_command: true, fingerprint: fingerprint)
|
49
49
|
puts output
|
50
50
|
|
51
51
|
# Exit code == 0 means that all project frameworks are compatible
|
@@ -55,17 +55,11 @@ module Dependabot
|
|
55
55
|
false
|
56
56
|
end
|
57
57
|
|
58
|
-
# rubocop:disable Metrics/MethodLength
|
59
58
|
sig do
|
60
|
-
params(
|
61
|
-
|
62
|
-
proj_path: String,
|
63
|
-
dependency: Dependency,
|
64
|
-
is_transitive: T::Boolean,
|
65
|
-
credentials: T::Array[T.untyped]
|
66
|
-
).void
|
59
|
+
params(repo_root: String, proj_path: String, dependency: Dependency,
|
60
|
+
is_transitive: T::Boolean).returns([String, String])
|
67
61
|
end
|
68
|
-
def self.
|
62
|
+
def self.get_nuget_updater_tool_command(repo_root:, proj_path:, dependency:, is_transitive:)
|
69
63
|
exe_path = File.join(native_helpers_root, "NuGetUpdater", "NuGetUpdater.Cli")
|
70
64
|
command_parts = [
|
71
65
|
exe_path,
|
@@ -103,14 +97,29 @@ module Dependabot
|
|
103
97
|
"--verbose"
|
104
98
|
].compact.join(" ")
|
105
99
|
|
100
|
+
[command, fingerprint]
|
101
|
+
end
|
102
|
+
|
103
|
+
sig do
|
104
|
+
params(
|
105
|
+
repo_root: String,
|
106
|
+
proj_path: String,
|
107
|
+
dependency: Dependency,
|
108
|
+
is_transitive: T::Boolean,
|
109
|
+
credentials: T::Array[Dependabot::Credential]
|
110
|
+
).void
|
111
|
+
end
|
112
|
+
def self.run_nuget_updater_tool(repo_root:, proj_path:, dependency:, is_transitive:, credentials:)
|
113
|
+
(command, fingerprint) = get_nuget_updater_tool_command(repo_root: repo_root, proj_path: proj_path,
|
114
|
+
dependency: dependency, is_transitive: is_transitive)
|
115
|
+
|
106
116
|
puts "running NuGet updater:\n" + command
|
107
117
|
|
108
118
|
NuGetConfigCredentialHelpers.patch_nuget_config_for_action(credentials) do
|
109
|
-
output = SharedHelpers.run_shell_command(command, fingerprint: fingerprint)
|
119
|
+
output = SharedHelpers.run_shell_command(command, allow_unsafe_shell_command: true, fingerprint: fingerprint)
|
110
120
|
puts output
|
111
121
|
end
|
112
122
|
end
|
113
|
-
# rubocop:enable Metrics/MethodLength
|
114
123
|
end
|
115
124
|
end
|
116
125
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-nuget
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.245.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-02-
|
11
|
+
date: 2024-02-22 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dependabot-common
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.
|
19
|
+
version: 0.245.0
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.
|
26
|
+
version: 0.245.0
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: rubyzip
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -371,7 +371,7 @@ licenses:
|
|
371
371
|
- Nonstandard
|
372
372
|
metadata:
|
373
373
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
374
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
374
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.245.0
|
375
375
|
post_install_message:
|
376
376
|
rdoc_options: []
|
377
377
|
require_paths:
|