dependabot-nuget 0.271.0 → 0.273.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/DiscoveryWorker.cs +14 -6
  3. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/MSBuildHelper.cs +1 -1
  4. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Discover/DiscoveryWorkerTests.cs +83 -0
  5. data/lib/dependabot/nuget/file_updater.rb +16 -29
  6. metadata +5 -5
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 0f17779ebeb91c554c3642c6e83a28f9f2ee7eb6c1677d35b089688bfc6fa637
4
- data.tar.gz: d6e33cbab0d4429218df7e0184c9c18bceab5021fc532de0753a216c8ebc80d7
3
+ metadata.gz: e74194b3b13f1f629b109a0dd66cff5e6063f898a0574b0af4a47204e2eaffa1
4
+ data.tar.gz: bb02d23751f1c81d9f0eaafd1e9afb1c1fd3ae3f48a0b31f902c62446d431905
5
5
  SHA512:
6
- metadata.gz: 8c07ed738181748492e32a54dc8181256956174e23fdf645e121cb4f451bb20840c336a116d48f3c5db78b6de192efc991ff3c4ab19f097e1634f9e70fb001f6
7
- data.tar.gz: 885a7af5bd7bcdbbd34931a735b28f2fb929cfb63bd1bfb09ab048dfd6d25ba3f6d905303f824693834cc1172ca23996675ef079a2e3d84bb1ce941719025b44
6
+ metadata.gz: 39c13b396b743cbda78796d1539e67d9d44b222a9ca16edbc79468f29afddd83648434f534feb5f61957be751ec1e5d06b6387ebd4bbcc1aaeb88a2049fee69a
7
+ data.tar.gz: 16e2fa90c7e2b9214f5b63d88d8591d17a74ccee2db0dd82b0439d07fcbdaa3483297cdd5611fc5fae440e6a2511d5f0d16890166acd1a5035ac375a209f950c
data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/DiscoveryWorker.cs CHANGED
@@ -199,13 +199,21 @@ public partial class DiscoveryWorker
199
199
  }
200
200
  else
201
201
  {
202
- // .csproj, .fsproj, .vbproj
203
- // keep this project and check for references
204
- expandedProjects.Add(candidateEntryPoint);
205
- IEnumerable<string> referencedProjects = ExpandItemGroupFilesFromProject(candidateEntryPoint, "ProjectReference");
206
- foreach (string referencedProject in referencedProjects)
202
+ switch (extension)
207
203
  {
208
- filesToExpand.Push(referencedProject);
204
+ case ".csproj":
205
+ case ".fsproj":
206
+ case ".vbproj":
207
+ // keep this project and check for references
208
+ expandedProjects.Add(candidateEntryPoint);
209
+ IEnumerable<string> referencedProjects = ExpandItemGroupFilesFromProject(candidateEntryPoint, "ProjectReference");
210
+ foreach (string referencedProject in referencedProjects)
211
+ {
212
+ filesToExpand.Push(referencedProject);
213
+ }
214
+ break;
215
+ default:
216
+ continue;
209
217
  }
210
218
  }
211
219
  }
data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/MSBuildHelper.cs CHANGED
@@ -169,7 +169,7 @@ internal static partial class MSBuildHelper
169
169
  string.Equals(property.Condition, $"'$({property.Name})' == ''", StringComparison.OrdinalIgnoreCase);
170
170
  if (hasEmptyCondition || conditionIsCheckingForEmptyString)
171
171
  {
172
- properties[property.Name] = new(property.Name, property.Value, buildFile.RelativePath);
172
+ properties[property.Name] = new(property.Name, property.Value, PathHelper.NormalizePathToUnix(buildFile.RelativePath));
173
173
  }
174
174
  }
175
175
  }
data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Discover/DiscoveryWorkerTests.cs CHANGED
@@ -375,6 +375,89 @@ public partial class DiscoveryWorkerTests : DiscoveryWorkerTestBase
375
375
  );
376
376
  }
377
377
 
378
+ [Fact]
379
+ public async Task NonSupportedProjectExtensionsAreSkipped()
380
+ {
381
+ await TestDiscoveryAsync(
382
+ packages:
383
+ [
384
+ MockNuGetPackage.CreateSimplePackage("Some.Package", "1.0.0", "net8.0"),
385
+ ],
386
+ workspacePath: "/",
387
+ files: new[]
388
+ {
389
+ ("solution.sln", """
390
+ Microsoft Visual Studio Solution File, Format Version 12.00
391
+ # Visual Studio Version 17
392
+ VisualStudioVersion = 17.10.35027.167
393
+ MinimumVisualStudioVersion = 10.0.40219.1
394
+ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "supported", "src\supported.csproj", "{4A3B8D8A-A585-4593-8AF3-DED05AE3C40F}"
395
+ EndProject
396
+ Project("{54435603-DBB4-11D2-8724-00A0C9A8B90C}") = "unsupported", "src\unsupported.vdproj", "{271E533C-8A44-4572-8C18-CD65A79F8658}"
397
+ EndProject
398
+ Global
399
+ GlobalSection(SolutionConfigurationPlatforms) = preSolution
400
+ Debug|Any CPU = Debug|Any CPU
401
+ Release|Any CPU = Release|Any CPU
402
+ EndGlobalSection
403
+ GlobalSection(ProjectConfigurationPlatforms) = postSolution
404
+ {4A3B8D8A-A585-4593-8AF3-DED05AE3C40F}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
405
+ {4A3B8D8A-A585-4593-8AF3-DED05AE3C40F}.Debug|Any CPU.Build.0 = Debug|Any CPU
406
+ {4A3B8D8A-A585-4593-8AF3-DED05AE3C40F}.Release|Any CPU.ActiveCfg = Release|Any CPU
407
+ {4A3B8D8A-A585-4593-8AF3-DED05AE3C40F}.Release|Any CPU.Build.0 = Release|Any CPU
408
+ {271E533C-8A44-4572-8C18-CD65A79F8658}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
409
+ {271E533C-8A44-4572-8C18-CD65A79F8658}.Debug|Any CPU.Build.0 = Debug|Any CPU
410
+ {271E533C-8A44-4572-8C18-CD65A79F8658}.Release|Any CPU.ActiveCfg = Release|Any CPU
411
+ {271E533C-8A44-4572-8C18-CD65A79F8658}.Release|Any CPU.Build.0 = Release|Any CPU
412
+ EndGlobalSection
413
+ GlobalSection(SolutionProperties) = preSolution
414
+ HideSolutionNode = FALSE
415
+ EndGlobalSection
416
+ GlobalSection(ExtensibilityGlobals) = postSolution
417
+ SolutionGuid = {EE5BDEF7-1D4D-4773-9659-FC4A3846CD6D}
418
+ EndGlobalSection
419
+ EndGlobal
420
+ """),
421
+ ("src/supported.csproj", """
422
+ <Project Sdk="Microsoft.NET.Sdk">
423
+ <PropertyGroup>
424
+ <TargetFramework>net8.0</TargetFramework>
425
+ </PropertyGroup>
426
+ <ItemGroup>
427
+ <PackageReference Include="Some.Package" Version="1.0.0" />
428
+ </ItemGroup>
429
+ </Project>
430
+ """),
431
+ ("src/unsupported.vdproj", """
432
+ "DeployProject"
433
+ {
434
+ "SomeKey" = "SomeValue"
435
+ }
436
+ """),
437
+ },
438
+ expectedResult: new()
439
+ {
440
+ Path = "",
441
+ Projects = [
442
+ new()
443
+ {
444
+ FilePath = "src/supported.csproj",
445
+ TargetFrameworks = ["net8.0"],
446
+ ReferencedProjectPaths = [],
447
+ ExpectedDependencyCount = 2,
448
+ Dependencies = [
449
+ new("Microsoft.NET.Sdk", null, DependencyType.MSBuildSdk),
450
+ new("Some.Package", "1.0.0", DependencyType.PackageReference, TargetFrameworks: ["net8.0"], IsDirect: true)
451
+ ],
452
+ Properties = [
453
+ new("TargetFramework", "net8.0", @"src/supported.csproj"),
454
+ ]
455
+ }
456
+ ]
457
+ }
458
+ );
459
+ }
460
+
378
461
  [Fact]
379
462
  public async Task ResultFileHasCorrectShapeForAuthenticationFailure()
380
463
  {
data/lib/dependabot/nuget/file_updater.rb CHANGED
@@ -16,35 +16,22 @@ module Dependabot
16
16
  class FileUpdater < Dependabot::FileUpdaters::Base
17
17
  extend T::Sig
18
18
 
19
- sig { override.params(allowlist_enabled: T::Boolean).returns(T::Array[Regexp]) }
20
- def self.updated_files_regex(allowlist_enabled = false)
21
- if allowlist_enabled
22
- [
23
- /^.*\.([a-z]{2})?proj$/,
24
- /^packages\.config$/i,
25
- /^app\.config$/i,
26
- /^web\.config$/i,
27
- /^global\.json$/i,
28
- /^dotnet-tools\.json$/i,
29
- /^Directory\.Build\.props$/i,
30
- /^Directory\.Build\.targets$/i,
31
- /^Packages\.props$/i
32
- ]
33
- else
34
- # Old regex. After 100% rollout of the allowlist, this will be removed.
35
- [
36
- %r{^[^/]*\.([a-z]{2})?proj$},
37
- /^.*\.([a-z]{2})?proj$/,
38
- /^packages\.config$/i,
39
- /^app\.config$/i,
40
- /^web\.config$/i,
41
- /^global\.json$/i,
42
- /^dotnet-tools\.json$/i,
43
- /^Directory\.Build\.props$/i,
44
- /^Directory\.Build\.targets$/i,
45
- /^Packages\.props$/i
46
- ]
47
- end
19
+ sig { override.returns(T::Array[Regexp]) }
20
+ def self.updated_files_regex
21
+ [
22
+ /.*\.([a-z]{2})?proj$/, # Matches files with any extension like .csproj, .vbproj, etc., in any directory
23
+ /packages\.config$/i, # Matches packages.config in any directory
24
+ /app\.config$/i, # Matches app.config in any directory
25
+ /web\.config$/i, # Matches web.config in any directory
26
+ /global\.json$/i, # Matches global.json in any directory
27
+ /dotnet-tools\.json$/i, # Matches dotnet-tools.json in any directory
28
+ /Directory\.Build\.props$/i, # Matches Directory.Build.props in any directory
29
+ /Directory\.Build\.targets$/i, # Matches Directory.Build.targets in any directory
30
+ /Directory\.targets$/i, # Matches Directory.targets in any directory or root directory
31
+ /Packages\.props$/i, # Matches Packages.props in any directory
32
+ /.*\.nuspec$/, # Matches any .nuspec files in any directory
33
+ %r{^\.config/dotnet-tools\.json$} # Matches .config/dotnet-tools.json in only root directory
34
+ ]
48
35
  end
49
36
 
50
37
  sig { params(original_content: T.nilable(String), updated_content: String).returns(T::Boolean) }
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-nuget
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.271.0
4
+ version: 0.273.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-08-15 00:00:00.000000000 Z
11
+ date: 2024-08-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.271.0
19
+ version: 0.273.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.271.0
26
+ version: 0.273.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: rubyzip
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -463,7 +463,7 @@ licenses:
463
463
  - MIT
464
464
  metadata:
465
465
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
466
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.271.0
466
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.273.0
467
467
  post_install_message:
468
468
  rdoc_options: []
469
469
  require_paths: