dependabot-nuget 0.248.0 → 0.250.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Cli.Test/EntryPointTests.Update.cs +57 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/SdkPackageUpdater.cs +1 -1
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/MSBuildHelper.cs +26 -5
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Update/UpdateWorkerTests.Sdk.cs +31 -0
- data/lib/dependabot/nuget/file_fetcher/import_paths_finder.rb +1 -0
- data/lib/dependabot/nuget/file_fetcher/sln_project_paths_finder.rb +2 -0
- data/lib/dependabot/nuget/file_parser/dotnet_tools_json_parser.rb +1 -0
- data/lib/dependabot/nuget/file_parser/global_json_parser.rb +1 -0
- data/lib/dependabot/nuget/file_parser/packages_config_parser.rb +1 -0
- data/lib/dependabot/nuget/file_parser/project_file_parser.rb +1 -0
- data/lib/dependabot/nuget/file_parser/property_value_finder.rb +2 -0
- data/lib/dependabot/nuget/file_parser.rb +32 -11
- data/lib/dependabot/nuget/file_updater/property_value_updater.rb +1 -0
- data/lib/dependabot/nuget/update_checker/compatibility_checker.rb +28 -7
- data/lib/dependabot/nuget/update_checker/dependency_finder.rb +70 -19
- data/lib/dependabot/nuget/update_checker/nuspec_fetcher.rb +1 -1
- data/lib/dependabot/nuget/update_checker/property_updater.rb +108 -44
- data/lib/dependabot/nuget/update_checker/repository_finder.rb +90 -18
- data/lib/dependabot/nuget/update_checker/tfm_comparer.rb +8 -3
- data/lib/dependabot/nuget/update_checker/tfm_finder.rb +51 -13
- metadata +5 -5
@@ -1,8 +1,9 @@
|
|
1
|
-
# typed:
|
1
|
+
# typed: strong
|
2
2
|
# frozen_string_literal: true
|
3
3
|
|
4
4
|
require "excon"
|
5
5
|
require "nokogiri"
|
6
|
+
require "sorbet-runtime"
|
6
7
|
|
7
8
|
require "dependabot/update_checkers/base"
|
8
9
|
require "dependabot/nuget/version"
|
@@ -13,15 +14,25 @@ require "dependabot/shared_helpers"
|
|
13
14
|
module Dependabot
|
14
15
|
module Nuget
|
15
16
|
class TfmFinder
|
17
|
+
extend T::Sig
|
18
|
+
|
16
19
|
require "dependabot/nuget/file_parser/packages_config_parser"
|
17
20
|
require "dependabot/nuget/file_parser/project_file_parser"
|
18
21
|
|
22
|
+
sig do
|
23
|
+
params(
|
24
|
+
dependency_files: T::Array[Dependabot::DependencyFile],
|
25
|
+
credentials: T::Array[Dependabot::Credential],
|
26
|
+
repo_contents_path: T.nilable(String)
|
27
|
+
).void
|
28
|
+
end
|
19
29
|
def initialize(dependency_files:, credentials:, repo_contents_path:)
|
20
30
|
@dependency_files = dependency_files
|
21
31
|
@credentials = credentials
|
22
32
|
@repo_contents_path = repo_contents_path
|
23
33
|
end
|
24
34
|
|
35
|
+
sig { params(dependency: Dependabot::Dependency).returns(T::Array[String]) }
|
25
36
|
def frameworks(dependency)
|
26
37
|
tfms = Set.new
|
27
38
|
tfms += project_file_tfms(dependency)
|
@@ -31,14 +42,23 @@ module Dependabot
|
|
31
42
|
|
32
43
|
private
|
33
44
|
|
34
|
-
|
45
|
+
sig { returns(T::Array[Dependabot::DependencyFile]) }
|
46
|
+
attr_reader :dependency_files
|
47
|
+
|
48
|
+
sig { returns(T::Array[Dependabot::Credential]) }
|
49
|
+
attr_reader :credentials
|
50
|
+
|
51
|
+
sig { returns(T.nilable(String)) }
|
52
|
+
attr_reader :repo_contents_path
|
35
53
|
|
54
|
+
sig { params(dependency: Dependabot::Dependency).returns(T::Array[String]) }
|
36
55
|
def project_file_tfms(dependency)
|
37
56
|
project_files_with_dependency(dependency).flat_map do |file|
|
38
57
|
project_file_parser.target_frameworks(project_file: file)
|
39
58
|
end
|
40
59
|
end
|
41
60
|
|
61
|
+
sig { params(dependency: Dependabot::Dependency).returns(T::Array[Dependabot::DependencyFile]) }
|
42
62
|
def project_files_with_dependency(dependency)
|
43
63
|
project_files.select do |file|
|
44
64
|
packages_config_contains_dependency?(file, dependency) ||
|
@@ -46,6 +66,7 @@ module Dependabot
|
|
46
66
|
end
|
47
67
|
end
|
48
68
|
|
69
|
+
sig { params(file: Dependabot::DependencyFile, dependency: Dependabot::Dependency).returns(T::Boolean) }
|
49
70
|
def packages_config_contains_dependency?(file, dependency)
|
50
71
|
config_file = find_packages_config_file(file)
|
51
72
|
return false unless config_file
|
@@ -56,36 +77,48 @@ module Dependabot
|
|
56
77
|
end
|
57
78
|
end
|
58
79
|
|
80
|
+
sig { params(file: Dependabot::DependencyFile, dependency: Dependabot::Dependency).returns(T::Boolean) }
|
59
81
|
def project_file_contains_dependency?(file, dependency)
|
60
82
|
project_file_parser.dependency_set(project_file: file).dependencies.any? do |d|
|
61
83
|
d.name.casecmp(dependency.name)&.zero?
|
62
84
|
end
|
63
85
|
end
|
64
86
|
|
87
|
+
sig { params(file: Dependabot::DependencyFile).returns(T.nilable(Dependabot::DependencyFile)) }
|
65
88
|
def find_packages_config_file(file)
|
66
89
|
return file if file.name.end_with?("packages.config")
|
67
90
|
|
68
91
|
filename = File.basename(file.name)
|
69
92
|
search_path = file.name.sub(filename, "packages.config")
|
70
93
|
|
71
|
-
dependency_files.find { |f| f.name.casecmp(search_path)
|
94
|
+
dependency_files.find { |f| f.name.casecmp(search_path)&.zero? }
|
72
95
|
end
|
73
96
|
|
97
|
+
sig { returns(T::Array[String]) }
|
74
98
|
def project_import_file_tfms
|
75
|
-
@project_import_file_tfms ||=
|
76
|
-
|
77
|
-
|
99
|
+
@project_import_file_tfms ||=
|
100
|
+
T.let(
|
101
|
+
project_import_files.flat_map do |file|
|
102
|
+
project_file_parser.target_frameworks(project_file: file)
|
103
|
+
end,
|
104
|
+
T.nilable(T::Array[String])
|
105
|
+
)
|
78
106
|
end
|
79
107
|
|
108
|
+
sig { returns(FileParser::ProjectFileParser) }
|
80
109
|
def project_file_parser
|
81
110
|
@project_file_parser ||=
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
|
111
|
+
T.let(
|
112
|
+
FileParser::ProjectFileParser.new(
|
113
|
+
dependency_files: dependency_files,
|
114
|
+
credentials: credentials,
|
115
|
+
repo_contents_path: repo_contents_path
|
116
|
+
),
|
117
|
+
T.nilable(FileParser::ProjectFileParser)
|
86
118
|
)
|
87
119
|
end
|
88
120
|
|
121
|
+
sig { returns(T::Array[Dependabot::DependencyFile]) }
|
89
122
|
def project_files
|
90
123
|
projfile = /\.[a-z]{2}proj$/
|
91
124
|
packageprops = /[Dd]irectory.[Pp]ackages.props/
|
@@ -96,12 +129,14 @@ module Dependabot
|
|
96
129
|
end
|
97
130
|
end
|
98
131
|
|
132
|
+
sig { returns(T::Array[Dependabot::DependencyFile]) }
|
99
133
|
def packages_config_files
|
100
134
|
dependency_files.select do |f|
|
101
|
-
f.name.split("/").last
|
135
|
+
f.name.split("/").last&.casecmp("packages.config")&.zero?
|
102
136
|
end
|
103
137
|
end
|
104
138
|
|
139
|
+
sig { returns(T::Array[Dependabot::DependencyFile]) }
|
105
140
|
def project_import_files
|
106
141
|
dependency_files -
|
107
142
|
project_files -
|
@@ -111,16 +146,19 @@ module Dependabot
|
|
111
146
|
[dotnet_tools_json]
|
112
147
|
end
|
113
148
|
|
149
|
+
sig { returns(T::Array[Dependabot::DependencyFile]) }
|
114
150
|
def nuget_configs
|
115
151
|
dependency_files.select { |f| f.name.match?(/nuget\.config$/i) }
|
116
152
|
end
|
117
153
|
|
154
|
+
sig { returns(T.nilable(Dependabot::DependencyFile)) }
|
118
155
|
def global_json
|
119
|
-
dependency_files.find { |f| f.name.casecmp("global.json")
|
156
|
+
dependency_files.find { |f| f.name.casecmp("global.json")&.zero? }
|
120
157
|
end
|
121
158
|
|
159
|
+
sig { returns(T.nilable(Dependabot::DependencyFile)) }
|
122
160
|
def dotnet_tools_json
|
123
|
-
dependency_files.find { |f| f.name.casecmp(".config/dotnet-tools.json")
|
161
|
+
dependency_files.find { |f| f.name.casecmp(".config/dotnet-tools.json")&.zero? }
|
124
162
|
end
|
125
163
|
end
|
126
164
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-nuget
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.250.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-
|
11
|
+
date: 2024-04-02 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dependabot-common
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.
|
19
|
+
version: 0.250.0
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.
|
26
|
+
version: 0.250.0
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: rubyzip
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -385,7 +385,7 @@ licenses:
|
|
385
385
|
- Nonstandard
|
386
386
|
metadata:
|
387
387
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
388
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
388
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.250.0
|
389
389
|
post_install_message:
|
390
390
|
rdoc_options: []
|
391
391
|
require_paths:
|