RubyGems - dependabot-nuget - Versions diffs - 0.271.0 → 0.273.0 - Mend

dependabot-nuget 0.271.0 → 0.273.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0f17779ebeb91c554c3642c6e83a28f9f2ee7eb6c1677d35b089688bfc6fa637
-  data.tar.gz: d6e33cbab0d4429218df7e0184c9c18bceab5021fc532de0753a216c8ebc80d7
+  metadata.gz: e74194b3b13f1f629b109a0dd66cff5e6063f898a0574b0af4a47204e2eaffa1
+  data.tar.gz: bb02d23751f1c81d9f0eaafd1e9afb1c1fd3ae3f48a0b31f902c62446d431905
 SHA512:
-  metadata.gz: 8c07ed738181748492e32a54dc8181256956174e23fdf645e121cb4f451bb20840c336a116d48f3c5db78b6de192efc991ff3c4ab19f097e1634f9e70fb001f6
-  data.tar.gz: 885a7af5bd7bcdbbd34931a735b28f2fb929cfb63bd1bfb09ab048dfd6d25ba3f6d905303f824693834cc1172ca23996675ef079a2e3d84bb1ce941719025b44
+  metadata.gz: 39c13b396b743cbda78796d1539e67d9d44b222a9ca16edbc79468f29afddd83648434f534feb5f61957be751ec1e5d06b6387ebd4bbcc1aaeb88a2049fee69a
+  data.tar.gz: 16e2fa90c7e2b9214f5b63d88d8591d17a74ccee2db0dd82b0439d07fcbdaa3483297cdd5611fc5fae440e6a2511d5f0d16890166acd1a5035ac375a209f950c

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/DiscoveryWorker.cs CHANGED Viewed

@@ -199,13 +199,21 @@ public partial class DiscoveryWorker
                 }
                 else
                 {
-                    // .csproj, .fsproj, .vbproj
-                    // keep this project and check for references
-                    expandedProjects.Add(candidateEntryPoint);
-                    IEnumerable<string> referencedProjects = ExpandItemGroupFilesFromProject(candidateEntryPoint, "ProjectReference");
-                    foreach (string referencedProject in referencedProjects)
+                    switch (extension)
                     {
-                        filesToExpand.Push(referencedProject);
+                        case ".csproj":
+                        case ".fsproj":
+                        case ".vbproj":
+                            // keep this project and check for references
+                            expandedProjects.Add(candidateEntryPoint);
+                            IEnumerable<string> referencedProjects = ExpandItemGroupFilesFromProject(candidateEntryPoint, "ProjectReference");
+                            foreach (string referencedProject in referencedProjects)
+                            {
+                                filesToExpand.Push(referencedProject);
+                            }
+                            break;
+                        default:
+                            continue;
                     }
                 }
             }

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/MSBuildHelper.cs CHANGED Viewed

@@ -169,7 +169,7 @@ internal static partial class MSBuildHelper
                                                         string.Equals(property.Condition, $"'$({property.Name})' == ''", StringComparison.OrdinalIgnoreCase);
                 if (hasEmptyCondition || conditionIsCheckingForEmptyString)
                 {
-                    properties[property.Name] = new(property.Name, property.Value, buildFile.RelativePath);
+                    properties[property.Name] = new(property.Name, property.Value, PathHelper.NormalizePathToUnix(buildFile.RelativePath));
                 }
             }
         }

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Discover/DiscoveryWorkerTests.cs CHANGED Viewed

@@ -375,6 +375,89 @@ public partial class DiscoveryWorkerTests : DiscoveryWorkerTestBase
         );
     }
+    [Fact]
+    public async Task NonSupportedProjectExtensionsAreSkipped()
+    {
+        await TestDiscoveryAsync(
+            packages:
+            [
+                MockNuGetPackage.CreateSimplePackage("Some.Package", "1.0.0", "net8.0"),
+            ],
+            workspacePath: "/",
+            files: new[]
+            {
+                ("solution.sln", """
+                    Microsoft Visual Studio Solution File, Format Version 12.00
+                    # Visual Studio Version 17
+                    VisualStudioVersion = 17.10.35027.167
+                    MinimumVisualStudioVersion = 10.0.40219.1
+                    Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "supported", "src\supported.csproj", "{4A3B8D8A-A585-4593-8AF3-DED05AE3C40F}"
+                    EndProject
+                    Project("{54435603-DBB4-11D2-8724-00A0C9A8B90C}") = "unsupported", "src\unsupported.vdproj", "{271E533C-8A44-4572-8C18-CD65A79F8658}"
+                    EndProject
+                    Global
+                    	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+                    		Debug|Any CPU = Debug|Any CPU
+                    		Release|Any CPU = Release|Any CPU
+                    	EndGlobalSection
+                    	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+                    		{4A3B8D8A-A585-4593-8AF3-DED05AE3C40F}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+                    		{4A3B8D8A-A585-4593-8AF3-DED05AE3C40F}.Debug|Any CPU.Build.0 = Debug|Any CPU
+                    		{4A3B8D8A-A585-4593-8AF3-DED05AE3C40F}.Release|Any CPU.ActiveCfg = Release|Any CPU
+                    		{4A3B8D8A-A585-4593-8AF3-DED05AE3C40F}.Release|Any CPU.Build.0 = Release|Any CPU
+                    		{271E533C-8A44-4572-8C18-CD65A79F8658}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+                    		{271E533C-8A44-4572-8C18-CD65A79F8658}.Debug|Any CPU.Build.0 = Debug|Any CPU
+                    		{271E533C-8A44-4572-8C18-CD65A79F8658}.Release|Any CPU.ActiveCfg = Release|Any CPU
+                    		{271E533C-8A44-4572-8C18-CD65A79F8658}.Release|Any CPU.Build.0 = Release|Any CPU
+                    	EndGlobalSection
+                    	GlobalSection(SolutionProperties) = preSolution
+                    		HideSolutionNode = FALSE
+                    	EndGlobalSection
+                    	GlobalSection(ExtensibilityGlobals) = postSolution
+                    		SolutionGuid = {EE5BDEF7-1D4D-4773-9659-FC4A3846CD6D}
+                    	EndGlobalSection
+                    EndGlobal
+                    """),
+                ("src/supported.csproj", """
+                    <Project Sdk="Microsoft.NET.Sdk">
+                      <PropertyGroup>
+                        <TargetFramework>net8.0</TargetFramework>
+                      </PropertyGroup>
+                      <ItemGroup>
+                        <PackageReference Include="Some.Package" Version="1.0.0" />
+                      </ItemGroup>
+                    </Project>
+                    """),
+                ("src/unsupported.vdproj", """
+                    "DeployProject"
+                    {
+                    "SomeKey" = "SomeValue"
+                    }
+                    """),
+            },
+            expectedResult: new()
+            {
+                Path = "",
+                Projects = [
+                    new()
+                    {
+                        FilePath = "src/supported.csproj",
+                        TargetFrameworks = ["net8.0"],
+                        ReferencedProjectPaths = [],
+                        ExpectedDependencyCount = 2,
+                        Dependencies = [
+                            new("Microsoft.NET.Sdk", null, DependencyType.MSBuildSdk),
+                            new("Some.Package", "1.0.0", DependencyType.PackageReference, TargetFrameworks: ["net8.0"], IsDirect: true)
+                        ],
+                        Properties = [
+                            new("TargetFramework", "net8.0", @"src/supported.csproj"),
+                        ]
+                    }
+                ]
+            }
+        );
+    }
     [Fact]
     public async Task ResultFileHasCorrectShapeForAuthenticationFailure()
     {

data/lib/dependabot/nuget/file_updater.rb CHANGED Viewed

@@ -16,35 +16,22 @@ module Dependabot
     class FileUpdater < Dependabot::FileUpdaters::Base
       extend T::Sig
-      sig { override.params(allowlist_enabled: T::Boolean).returns(T::Array[Regexp]) }
-      def self.updated_files_regex(allowlist_enabled = false)
-        if allowlist_enabled
-          [
-            /^.*\.([a-z]{2})?proj$/,
-            /^packages\.config$/i,
-            /^app\.config$/i,
-            /^web\.config$/i,
-            /^global\.json$/i,
-            /^dotnet-tools\.json$/i,
-            /^Directory\.Build\.props$/i,
-            /^Directory\.Build\.targets$/i,
-            /^Packages\.props$/i
-          ]
-        else
-          # Old regex. After 100% rollout of the allowlist, this will be removed.
-          [
-            %r{^[^/]*\.([a-z]{2})?proj$},
-            /^.*\.([a-z]{2})?proj$/,
-            /^packages\.config$/i,
-            /^app\.config$/i,
-            /^web\.config$/i,
-            /^global\.json$/i,
-            /^dotnet-tools\.json$/i,
-            /^Directory\.Build\.props$/i,
-            /^Directory\.Build\.targets$/i,
-            /^Packages\.props$/i
-          ]
-        end
+      sig { override.returns(T::Array[Regexp]) }
+      def self.updated_files_regex
+        [
+          /.*\.([a-z]{2})?proj$/, # Matches files with any extension like .csproj, .vbproj, etc., in any directory
+          /packages\.config$/i,           # Matches packages.config in any directory
+          /app\.config$/i,                # Matches app.config in any directory
+          /web\.config$/i,                # Matches web.config in any directory
+          /global\.json$/i,               # Matches global.json in any directory
+          /dotnet-tools\.json$/i,         # Matches dotnet-tools.json in any directory
+          /Directory\.Build\.props$/i,    # Matches Directory.Build.props in any directory
+          /Directory\.Build\.targets$/i,  # Matches Directory.Build.targets in any directory
+          /Directory\.targets$/i,         # Matches Directory.targets in any directory or root directory
+          /Packages\.props$/i, # Matches Packages.props in any directory
+          /.*\.nuspec$/, # Matches any .nuspec files in any directory
+          %r{^\.config/dotnet-tools\.json$} # Matches .config/dotnet-tools.json in only root directory
+        ]
       end
       sig { params(original_content: T.nilable(String), updated_content: String).returns(T::Boolean) }

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-nuget
 version: !ruby/object:Gem::Version
-  version: 0.271.0
+  version: 0.273.0
 platform: ruby
 authors:
 - Dependabot
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-08-15 00:00:00.000000000 Z
+date: 2024-08-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.271.0
+        version: 0.273.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.271.0
+        version: 0.273.0
 - !ruby/object:Gem::Dependency
   name: rubyzip
   requirement: !ruby/object:Gem::Requirement
@@ -463,7 +463,7 @@ licenses:
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.271.0
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.273.0
 post_install_message:
 rdoc_options: []
 require_paths: