RubyGems - dependabot-nuget - Versions diffs - 0.268.0 → 0.270.0 - Mend

dependabot-nuget 0.268.0 → 0.270.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

data/lib/dependabot/nuget/file_updater.rb CHANGED Viewed

@@ -16,19 +16,35 @@ module Dependabot
     class FileUpdater < Dependabot::FileUpdaters::Base
       extend T::Sig
-      sig { override.returns(T::Array[Regexp]) }
-      def self.updated_files_regex
-        [
-          %r{^[^/]*\.([a-z]{2})?proj$},
-          /^packages\.config$/i,
-          /^app\.config$/i,
-          /^web\.config$/i,
-          /^global\.json$/i,
-          /^dotnet-tools\.json$/i,
-          /^Directory\.Build\.props$/i,
-          /^Directory\.Build\.targets$/i,
-          /^Packages\.props$/i
-        ]
+      sig { override.params(allowlist_enabled: T::Boolean).returns(T::Array[Regexp]) }
+      def self.updated_files_regex(allowlist_enabled = false)
+        if allowlist_enabled
+          [
+            /^.*\.([a-z]{2})?proj$/,
+            /^packages\.config$/i,
+            /^app\.config$/i,
+            /^web\.config$/i,
+            /^global\.json$/i,
+            /^dotnet-tools\.json$/i,
+            /^Directory\.Build\.props$/i,
+            /^Directory\.Build\.targets$/i,
+            /^Packages\.props$/i
+          ]
+        else
+          # Old regex. After 100% rollout of the allowlist, this will be removed.
+          [
+            %r{^[^/]*\.([a-z]{2})?proj$},
+            /^.*\.([a-z]{2})?proj$/,
+            /^packages\.config$/i,
+            /^app\.config$/i,
+            /^web\.config$/i,
+            /^global\.json$/i,
+            /^dotnet-tools\.json$/i,
+            /^Directory\.Build\.props$/i,
+            /^Directory\.Build\.targets$/i,
+            /^Packages\.props$/i
+          ]
+        end
       end
       sig { params(original_content: T.nilable(String), updated_content: String).returns(T::Boolean) }

data/lib/dependabot/nuget/native_helpers.rb CHANGED Viewed

@@ -242,7 +242,12 @@ module Dependabot
         puts "running NuGet updater:\n" + command
         NuGetConfigCredentialHelpers.patch_nuget_config_for_action(credentials) do
-          output = SharedHelpers.run_shell_command(command, allow_unsafe_shell_command: true, fingerprint: fingerprint)
+          env = {}
+          env["UseNewNugetPackageResolver"] = "true" if Dependabot::Experiments.enabled?(:nuget_dependency_solver)
+          output = SharedHelpers.run_shell_command(command,
+                                                   allow_unsafe_shell_command: true,
+                                                   fingerprint: fingerprint,
+                                                   env: env)
           puts output
           result_contents = File.read(update_result_file_path)

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-nuget
 version: !ruby/object:Gem::Version
-  version: 0.268.0
+  version: 0.270.0
 platform: ruby
 authors:
 - Dependabot
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-08-02 00:00:00.000000000 Z
+date: 2024-08-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.268.0
+        version: 0.270.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.268.0
+        version: 0.270.0
 - !ruby/object:Gem::Dependency
   name: rubyzip
   requirement: !ruby/object:Gem::Requirement
@@ -326,6 +326,7 @@ files:
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/MockNuGetPackage.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/NuGetUpdater.Core.Test.csproj
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/TemporaryDirectory.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/TemporaryEnvironment.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/TestBase.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/TestExtensions.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/TestHttpServer.cs
@@ -399,6 +400,7 @@ files:
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/UpdaterWorker.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/WebApplicationTargetsConditionPatcher.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/XmlFilePreAndPostProcessor.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/DependencyConflictResolver.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/HashSetExtensions.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/ImmutableArrayExtensions.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/JsonHelper.cs
@@ -461,7 +463,7 @@ licenses:
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.268.0
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.270.0
 post_install_message:
 rdoc_options: []
 require_paths: