dependabot-nuget 0.267.0 → 0.270.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Cli.Test/EntryPointTests.Update.cs +1 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/AnalyzeWorker.cs +6 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/CompatabilityChecker.cs +16 -13
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/Requirement.cs +8 -1
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/SdkPackageUpdater.cs +33 -14
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/DependencyConflictResolver.cs +689 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/MSBuildHelper.cs +226 -23
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Analyze/AnalyzeWorkerTests.cs +84 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Analyze/RequirementTests.cs +14 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/TemporaryEnvironment.cs +23 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Update/UpdateWorkerTests.PackagesConfig.cs +164 -55
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Update/UpdateWorkerTests.Sdk.cs +186 -10
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Utilities/MSBuildHelperTests.cs +785 -1
- data/lib/dependabot/nuget/file_updater.rb +44 -22
- data/lib/dependabot/nuget/native_helpers.rb +6 -1
- metadata +7 -5
@@ -16,19 +16,49 @@ module Dependabot
|
|
16
16
|
class FileUpdater < Dependabot::FileUpdaters::Base
|
17
17
|
extend T::Sig
|
18
18
|
|
19
|
-
sig { override.returns(T::Array[Regexp]) }
|
20
|
-
def self.updated_files_regex
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
19
|
+
sig { override.params(allowlist_enabled: T::Boolean).returns(T::Array[Regexp]) }
|
20
|
+
def self.updated_files_regex(allowlist_enabled = false)
|
21
|
+
if allowlist_enabled
|
22
|
+
[
|
23
|
+
/^.*\.([a-z]{2})?proj$/,
|
24
|
+
/^packages\.config$/i,
|
25
|
+
/^app\.config$/i,
|
26
|
+
/^web\.config$/i,
|
27
|
+
/^global\.json$/i,
|
28
|
+
/^dotnet-tools\.json$/i,
|
29
|
+
/^Directory\.Build\.props$/i,
|
30
|
+
/^Directory\.Build\.targets$/i,
|
31
|
+
/^Packages\.props$/i
|
32
|
+
]
|
33
|
+
else
|
34
|
+
# Old regex. After 100% rollout of the allowlist, this will be removed.
|
35
|
+
[
|
36
|
+
%r{^[^/]*\.([a-z]{2})?proj$},
|
37
|
+
/^.*\.([a-z]{2})?proj$/,
|
38
|
+
/^packages\.config$/i,
|
39
|
+
/^app\.config$/i,
|
40
|
+
/^web\.config$/i,
|
41
|
+
/^global\.json$/i,
|
42
|
+
/^dotnet-tools\.json$/i,
|
43
|
+
/^Directory\.Build\.props$/i,
|
44
|
+
/^Directory\.Build\.targets$/i,
|
45
|
+
/^Packages\.props$/i
|
46
|
+
]
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
sig { params(original_content: T.nilable(String), updated_content: String).returns(T::Boolean) }
|
51
|
+
def self.differs_in_more_than_blank_lines?(original_content, updated_content)
|
52
|
+
# Compare the line counts of the original and updated content, but ignore lines only containing white-space.
|
53
|
+
# This prevents false positives when there are trailing empty lines in the original content, for example.
|
54
|
+
original_lines = (original_content&.lines || []).map(&:strip).reject(&:empty?)
|
55
|
+
updated_lines = updated_content.lines.map(&:strip).reject(&:empty?)
|
56
|
+
|
57
|
+
# if the line count differs, then something changed
|
58
|
+
return true unless original_lines.count == updated_lines.count
|
59
|
+
|
60
|
+
# check each line pair, ignoring blanks (filtered above)
|
61
|
+
original_lines.zip(updated_lines).any? { |pair| pair[0] != pair[1] }
|
32
62
|
end
|
33
63
|
|
34
64
|
sig { override.returns(T::Array[Dependabot::DependencyFile]) }
|
@@ -45,7 +75,7 @@ module Dependabot
|
|
45
75
|
normalized_content = normalize_content(f, updated_content)
|
46
76
|
next if normalized_content == f.content
|
47
77
|
|
48
|
-
next
|
78
|
+
next unless FileUpdater.differs_in_more_than_blank_lines?(f.content, normalized_content)
|
49
79
|
|
50
80
|
puts "The contents of file [#{f.name}] were updated."
|
51
81
|
|
@@ -217,14 +247,6 @@ module Dependabot
|
|
217
247
|
|
218
248
|
raise "No project file or packages.config!"
|
219
249
|
end
|
220
|
-
|
221
|
-
sig { params(original_content: T.nilable(String), updated_content: String).returns(T::Boolean) }
|
222
|
-
def only_deleted_lines?(original_content, updated_content)
|
223
|
-
original_lines = original_content&.lines || []
|
224
|
-
updated_lines = updated_content.lines
|
225
|
-
|
226
|
-
original_lines.count > updated_lines.count
|
227
|
-
end
|
228
250
|
end
|
229
251
|
end
|
230
252
|
end
|
@@ -242,7 +242,12 @@ module Dependabot
|
|
242
242
|
puts "running NuGet updater:\n" + command
|
243
243
|
|
244
244
|
NuGetConfigCredentialHelpers.patch_nuget_config_for_action(credentials) do
|
245
|
-
|
245
|
+
env = {}
|
246
|
+
env["UseNewNugetPackageResolver"] = "true" if Dependabot::Experiments.enabled?(:nuget_dependency_solver)
|
247
|
+
output = SharedHelpers.run_shell_command(command,
|
248
|
+
allow_unsafe_shell_command: true,
|
249
|
+
fingerprint: fingerprint,
|
250
|
+
env: env)
|
246
251
|
puts output
|
247
252
|
|
248
253
|
result_contents = File.read(update_result_file_path)
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-nuget
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.270.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-
|
11
|
+
date: 2024-08-15 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dependabot-common
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.
|
19
|
+
version: 0.270.0
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.
|
26
|
+
version: 0.270.0
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: rubyzip
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -326,6 +326,7 @@ files:
|
|
326
326
|
- helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/MockNuGetPackage.cs
|
327
327
|
- helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/NuGetUpdater.Core.Test.csproj
|
328
328
|
- helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/TemporaryDirectory.cs
|
329
|
+
- helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/TemporaryEnvironment.cs
|
329
330
|
- helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/TestBase.cs
|
330
331
|
- helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/TestExtensions.cs
|
331
332
|
- helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/TestHttpServer.cs
|
@@ -399,6 +400,7 @@ files:
|
|
399
400
|
- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/UpdaterWorker.cs
|
400
401
|
- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/WebApplicationTargetsConditionPatcher.cs
|
401
402
|
- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/XmlFilePreAndPostProcessor.cs
|
403
|
+
- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/DependencyConflictResolver.cs
|
402
404
|
- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/HashSetExtensions.cs
|
403
405
|
- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/ImmutableArrayExtensions.cs
|
404
406
|
- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/JsonHelper.cs
|
@@ -461,7 +463,7 @@ licenses:
|
|
461
463
|
- MIT
|
462
464
|
metadata:
|
463
465
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
464
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
466
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.270.0
|
465
467
|
post_install_message:
|
466
468
|
rdoc_options: []
|
467
469
|
require_paths:
|