dependabot-nuget 0.250.0 → 0.252.0

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-nuget
 version: !ruby/object:Gem::Version
-  version: 0.250.0
+  version: 0.252.0
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-04-02 00:00:00.000000000 Z
+date: 2024-04-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.250.0
+        version: 0.252.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.250.0
+        version: 0.252.0
 - !ruby/object:Gem::Dependency
   name: rubyzip
   requirement: !ruby/object:Gem::Requirement
@@ -267,6 +267,7 @@ files:
 - helpers/lib/NuGetUpdater/.gitignore
 - helpers/lib/NuGetUpdater/Directory.Build.props
 - helpers/lib/NuGetUpdater/Directory.Common.props
+- helpers/lib/NuGetUpdater/Directory.Packages.props
 - helpers/lib/NuGetUpdater/NuGetProjects/Directory.Build.props
 - helpers/lib/NuGetUpdater/NuGetProjects/Directory.Build.targets
 - helpers/lib/NuGetUpdater/NuGetProjects/Directory.Packages.props
@@ -288,13 +289,22 @@ files:
 - helpers/lib/NuGetUpdater/NuGetProjects/NuGet.Resolver/NuGet.Resolver.csproj
 - helpers/lib/NuGetUpdater/NuGetProjects/NuGet.Versioning/NuGet.Versioning.csproj
 - helpers/lib/NuGetUpdater/NuGetProjects/README.md
+- helpers/lib/NuGetUpdater/NuGetUpdater.Cli.Test/EntryPointTests.Discover.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Cli.Test/EntryPointTests.FrameworkCheck.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Cli.Test/EntryPointTests.Update.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Cli.Test/NuGetUpdater.Cli.Test.csproj
+- helpers/lib/NuGetUpdater/NuGetUpdater.Cli/Commands/DiscoverCommand.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Cli/Commands/FrameworkCheckCommand.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Cli/Commands/UpdateCommand.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Cli/NuGetUpdater.Cli.csproj
 - helpers/lib/NuGetUpdater/NuGetUpdater.Cli/Program.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Discover/DiscoveryWorkerTestBase.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Discover/DiscoveryWorkerTests.DotNetToolsJson.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Discover/DiscoveryWorkerTests.GlobalJson.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Discover/DiscoveryWorkerTests.PackagesConfig.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Discover/DiscoveryWorkerTests.Project.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Discover/DiscoveryWorkerTests.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Discover/ExpectedDiscoveryResults.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Files/DotNetToolsJsonBuildFileTests.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Files/GlobalJsonBuildFileTests.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Files/PackagesConfigBuildFileTests.cs
@@ -313,11 +323,28 @@ files:
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Update/UpdateWorkerTests.Mixed.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Update/UpdateWorkerTests.PackagesConfig.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Update/UpdateWorkerTests.Sdk.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Utilities/AssertEx.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Utilities/DiffUtil.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Utilities/JsonHelperTests.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Utilities/MSBuildHelperTests.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Utilities/SdkPackageUpdaterHelperTests.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Dependency.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/DependencyType.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/DirectoryPackagesPropsDiscovery.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/DirectoryPackagesPropsDiscoveryResult.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/DiscoveryWorker.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/DotNetToolsJsonDiscovery.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/DotNetToolsJsonDiscoveryResult.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/GlobalJsonDiscovery.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/GlobalJsonDiscoveryResult.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/IDiscoveryResult.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/PackagesConfigDiscovery.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/PackagesConfigDiscoveryResult.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/ProjectDiscoveryResult.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/SdkProjectDiscovery.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/WorkspaceDiscoveryResult.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/EvaluationResult.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/EvaluationResultType.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Files/BuildFile.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Files/DotNetToolsJsonBuildFile.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Files/GlobalJsonBuildFile.cs
@@ -329,6 +356,7 @@ files:
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/FrameworkChecker/FrameworkCompatibilityService.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/FrameworkChecker/SupportedFrameworks.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/NuGetUpdater.Core.csproj
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Property.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/BindingRedirectManager.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/BindingRedirectResolver.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/ConfigurationFile.cs
@@ -340,6 +368,8 @@ files:
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/UpdaterWorker.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/WebApplicationTargetsConditionPatcher.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/XmlFilePreAndPostProcessor.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/HashSetExtensions.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/ImmutableArrayExtensions.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/JsonHelper.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/Logger.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/MSBuildHelper.cs
@@ -351,17 +381,19 @@ files:
 - helpers/lib/NuGetUpdater/xunit.runner.json
 - lib/dependabot/nuget.rb
 - lib/dependabot/nuget/cache_manager.rb
+- lib/dependabot/nuget/discovery/dependency_details.rb
+- lib/dependabot/nuget/discovery/dependency_file_discovery.rb
+- lib/dependabot/nuget/discovery/directory_packages_props_discovery.rb
+- lib/dependabot/nuget/discovery/discovery_json_reader.rb
+- lib/dependabot/nuget/discovery/evaluation_details.rb
+- lib/dependabot/nuget/discovery/project_discovery.rb
+- lib/dependabot/nuget/discovery/property_details.rb
+- lib/dependabot/nuget/discovery/workspace_discovery.rb
 - lib/dependabot/nuget/file_fetcher.rb
 - lib/dependabot/nuget/file_fetcher/import_paths_finder.rb
 - lib/dependabot/nuget/file_fetcher/sln_project_paths_finder.rb
 - lib/dependabot/nuget/file_parser.rb
-- lib/dependabot/nuget/file_parser/dotnet_tools_json_parser.rb
-- lib/dependabot/nuget/file_parser/global_json_parser.rb
-- lib/dependabot/nuget/file_parser/packages_config_parser.rb
-- lib/dependabot/nuget/file_parser/project_file_parser.rb
-- lib/dependabot/nuget/file_parser/property_value_finder.rb
 - lib/dependabot/nuget/file_updater.rb
-- lib/dependabot/nuget/file_updater/property_value_updater.rb
 - lib/dependabot/nuget/http_response_helpers.rb
 - lib/dependabot/nuget/metadata_finder.rb
 - lib/dependabot/nuget/native_helpers.rb
@@ -385,7 +417,7 @@ licenses:
 - Nonstandard
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.250.0
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.252.0
 post_install_message: 
 rdoc_options: []
 require_paths:

data/lib/dependabot/nuget/file_parser/dotnet_tools_json_parser.rb

@@ -1,71 +0,0 @@
-# typed: strict
-# frozen_string_literal: true
-
-require "json"
-require "sorbet-runtime"
-
-require "dependabot/dependency"
-require "dependabot/nuget/file_parser"
-
-# For details on dotnet-tools.json files see:
-# https://learn.microsoft.com/en-us/dotnet/core/tools/local-tools-how-to-use
-module Dependabot
-  module Nuget
-    class FileParser
-      class DotNetToolsJsonParser
-        extend T::Sig
-
-        require "dependabot/file_parsers/base/dependency_set"
-
-        sig { params(dotnet_tools_json: Dependabot::DependencyFile).void }
-        def initialize(dotnet_tools_json:)
-          @dotnet_tools_json = dotnet_tools_json
-          @parsed_dotnet_tools_json = T.let(nil, T.nilable(T::Hash[String, T.untyped]))
-        end
-
-        sig { returns(Dependabot::FileParsers::Base::DependencySet) }
-        def dependency_set
-          dependency_set = Dependabot::FileParsers::Base::DependencySet.new
-
-          tools = parsed_dotnet_tools_json.fetch("tools", {})
-
-          raise Dependabot::DependencyFileNotParseable, dotnet_tools_json.path unless tools.is_a?(Hash)
-
-          tools.each do |dependency_name, node|
-            raise Dependabot::DependencyFileNotParseable, dotnet_tools_json.path unless node.is_a?(Hash)
-
-            version = node["version"]
-            dependency_set <<
-              Dependency.new(
-                name: dependency_name,
-                version: version,
-                package_manager: "nuget",
-                requirements: [{
-                  requirement: version,
-                  file: dotnet_tools_json.name,
-                  groups: ["dependencies"],
-                  source: nil
-                }]
-              )
-          end
-
-          dependency_set
-        end
-
-        private
-
-        sig { returns(Dependabot::DependencyFile) }
-        attr_reader :dotnet_tools_json
-
-        sig { returns(T::Hash[String, T.untyped]) }
-        def parsed_dotnet_tools_json
-          # Remove BOM if present as JSON should be UTF-8
-          content = T.must(dotnet_tools_json.content)
-          @parsed_dotnet_tools_json ||= JSON.parse(content.delete_prefix("\uFEFF"))
-        rescue JSON::ParserError
-          raise Dependabot::DependencyFileNotParseable, dotnet_tools_json.path
-        end
-      end
-    end
-  end
-end

data/lib/dependabot/nuget/file_parser/global_json_parser.rb

@@ -1,68 +0,0 @@
-# typed: strict
-# frozen_string_literal: true
-
-require "json"
-require "sorbet-runtime"
-
-require "dependabot/dependency"
-require "dependabot/nuget/file_parser"
-
-# For details on global.json files see:
-# https://docs.microsoft.com/en-us/dotnet/core/tools/global-json
-module Dependabot
-  module Nuget
-    class FileParser
-      class GlobalJsonParser
-        extend T::Sig
-
-        require "dependabot/file_parsers/base/dependency_set"
-
-        sig { params(global_json: Dependabot::DependencyFile).void }
-        def initialize(global_json:)
-          @global_json = global_json
-          @parsed_global_json = T.let(nil, T.nilable(T::Hash[String, T.untyped]))
-        end
-
-        sig { returns(Dependabot::FileParsers::Base::DependencySet) }
-        def dependency_set
-          dependency_set = Dependabot::FileParsers::Base::DependencySet.new
-
-          project_sdks = parsed_global_json.fetch("msbuild-sdks", {})
-
-          raise Dependabot::DependencyFileNotParseable, global_json.path unless project_sdks.is_a?(Hash)
-
-          project_sdks.each do |dependency_name, version|
-            dependency_set <<
-              Dependency.new(
-                name: dependency_name,
-                version: version,
-                package_manager: "nuget",
-                requirements: [{
-                  requirement: version,
-                  file: global_json.name,
-                  groups: ["dependencies"],
-                  source: nil
-                }]
-              )
-          end
-
-          dependency_set
-        end
-
-        private
-
-        sig { returns(Dependabot::DependencyFile) }
-        attr_reader :global_json
-
-        sig { returns(T::Hash[String, T.untyped]) }
-        def parsed_global_json
-          # Remove BOM if present as JSON should be UTF-8
-          content = T.must(global_json.content)
-          @parsed_global_json ||= JSON.parse(content.delete_prefix("\uFEFF"))
-        rescue JSON::ParserError
-          raise Dependabot::DependencyFileNotParseable, global_json.path
-        end
-      end
-    end
-  end
-end

data/lib/dependabot/nuget/file_parser/packages_config_parser.rb

@@ -1,92 +0,0 @@
-# typed: strict
-# frozen_string_literal: true
-
-require "nokogiri"
-require "sorbet-runtime"
-
-require "dependabot/dependency"
-require "dependabot/nuget/file_parser"
-require "dependabot/nuget/cache_manager"
-
-# For details on packages.config files see:
-# https://docs.microsoft.com/en-us/nuget/reference/packages-config
-module Dependabot
-  module Nuget
-    class FileParser
-      class PackagesConfigParser
-        extend T::Sig
-        require "dependabot/file_parsers/base/dependency_set"
-
-        DEPENDENCY_SELECTOR = "packages > package"
-
-        sig { returns(T::Hash[String, Dependabot::FileParsers::Base::DependencySet]) }
-        def self.dependency_set_cache
-          CacheManager.cache("packages_config_dependency_set")
-        end
-
-        sig { params(packages_config: Dependabot::DependencyFile).void }
-        def initialize(packages_config:)
-          @packages_config = packages_config
-        end
-
-        sig { returns(Dependabot::FileParsers::Base::DependencySet) }
-        def dependency_set
-          key = "#{packages_config.name.downcase}::#{packages_config.content.hash}"
-          cache = PackagesConfigParser.dependency_set_cache
-
-          cache[key] ||= parse_dependencies
-        end
-
-        private
-
-        sig { returns(Dependabot::DependencyFile) }
-        attr_reader :packages_config
-
-        sig { returns(Dependabot::FileParsers::Base::DependencySet) }
-        def parse_dependencies
-          dependency_set = Dependabot::FileParsers::Base::DependencySet.new
-
-          doc = Nokogiri::XML(packages_config.content)
-          doc.remove_namespaces!
-          doc.css(DEPENDENCY_SELECTOR).each do |dependency_node|
-            dependency_set <<
-              Dependency.new(
-                name: T.must(dependency_name(dependency_node)),
-                version: dependency_version(dependency_node),
-                package_manager: "nuget",
-                requirements: [{
-                  requirement: dependency_version(dependency_node),
-                  file: packages_config.name,
-                  groups: [dependency_type(dependency_node)],
-                  source: nil
-                }]
-              )
-          end
-
-          dependency_set
-        end
-
-        sig { params(dependency_node: Nokogiri::XML::Node).returns(T.nilable(String)) }
-        def dependency_name(dependency_node)
-          dependency_node.attribute("id")&.value&.strip ||
-            dependency_node.at_xpath("./id")&.content&.strip
-        end
-
-        sig { params(dependency_node: Nokogiri::XML::Node).returns(T.nilable(String)) }
-        def dependency_version(dependency_node)
-          # Ranges and wildcards aren't allowed in a packages.config - the
-          # specified requirement is always an exact version.
-          dependency_node.attribute("version")&.value&.strip ||
-            dependency_node.at_xpath("./version")&.content&.strip
-        end
-
-        sig { params(dependency_node: Nokogiri::XML::Node).returns(String) }
-        def dependency_type(dependency_node)
-          val = dependency_node.attribute("developmentDependency")&.value&.strip ||
-                dependency_node.at_xpath("./developmentDependency")&.content&.strip
-          val.to_s.casecmp("true").zero? ? "devDependencies" : "dependencies"
-        end
-      end
-    end
-  end
-end