RubyGems - dependabot-nuget - Versions diffs - 0.289.0 → 0.290.0 - Mend

dependabot-nuget 0.289.0 → 0.290.0

Files changed (77) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 36551f131fff2d82f525e8eb3bd17f26da2d435f4c44484f2b91e0253f041e8f
-  data.tar.gz: c97b1b5899bfac76abd674bf58f8853b7790b5e90d74089f2f663dd12f82fd89
+  metadata.gz: b3ca35ae6f3d02ce8507984f89e7c929eb75cec515b39af94db530d6600f0caa
+  data.tar.gz: cbd548418a3e25163af5d8543109b520b6c9bd9e2bf5a5869421f8fe838128d1
 SHA512:
-  metadata.gz: '09e24d02174892b6d10f70bd7e26a200ff0f5d352ba3a69d826598a891d52990c3fd1e839088e4d797df0af6edb53fdb9f3ef9205352c2641cc818b3d603fb97'
-  data.tar.gz: 3d9b2b81fee8ff8791796f9d7453f82cdd72a79d2ba3a103303475378fd387d9fb6caedb57688b322dffdb019172ca03910ae6256f79c392d99a233f110e585e
+  metadata.gz: 9395fb4eea720fbcba3b0cef278344b41a9ace7315ce62f5cb193bb05af2aa23553130dab3112cb900d39ad12cadd321e64291d72e4e21e4bbee2f2b7610626a
+  data.tar.gz: d74843dc18cab2fd6a58a31f1df2a4172cb308a3a2e452db7056727666e9f153b611046c25bd78f7c0679abe8be4eb57462886d87c8010ba21ac0a2ee316120e

data/helpers/lib/NuGetUpdater/Directory.Packages.props CHANGED Viewed

@@ -16,7 +16,7 @@
     <PackageVersion Include="Microsoft.Build.Framework" Version="$(MSBuildPackageVersion)" />
     <PackageVersion Include="Microsoft.Build.Tasks.Core" Version="$(MSBuildPackageVersion)" />
     <PackageVersion Include="Microsoft.Build.Utilities.Core" Version="$(MSBuildPackageVersion)" />
-    <PackageVersion Include="Microsoft.CodeAnalysis.CSharp" Version="4.11.0" />
+    <PackageVersion Include="Microsoft.CodeAnalysis.CSharp" Version="4.12.0" />
     <PackageVersion Include="Microsoft.CSharp" Version="4.7.0" />
     <PackageVersion Include="Microsoft.Extensions.FileProviders.Abstractions" Version="9.0.0" />
     <PackageVersion Include="Microsoft.Extensions.FileSystemGlobbing" Version="9.0.0" />

data/helpers/lib/NuGetUpdater/NuGetUpdater.Cli/Commands/AnalyzeCommand.cs CHANGED Viewed

@@ -7,6 +7,7 @@ namespace NuGetUpdater.Cli.Commands;
 internal static class AnalyzeCommand
 {
+    internal static readonly Option<FileInfo> JobPathOption = new("--job-path") { IsRequired = true };
     internal static readonly Option<DirectoryInfo> RepoRootOption = new("--repo-root") { IsRequired = true };
     internal static readonly Option<FileInfo> DependencyFilePathOption = new("--dependency-file-path") { IsRequired = true };
     internal static readonly Option<FileInfo> DiscoveryFilePathOption = new("--discovery-file-path") { IsRequired = true };
@@ -16,6 +17,7 @@ internal static class AnalyzeCommand
     {
         Command command = new("analyze", "Determines how to update a dependency based on the workspace discovery information.")
         {
+            JobPathOption,
             RepoRootOption,
             DependencyFilePathOption,
             DiscoveryFilePathOption,
@@ -24,11 +26,13 @@ internal static class AnalyzeCommand
         command.TreatUnmatchedTokensAsErrors = true;
-        command.SetHandler(async (repoRoot, discoveryPath, dependencyPath, analysisDirectory) =>
+        command.SetHandler(async (jobPath, repoRoot, discoveryPath, dependencyPath, analysisDirectory) =>
         {
-            var worker = new AnalyzeWorker(new ConsoleLogger());
+            var logger = new ConsoleLogger();
+            var experimentsManager = await ExperimentsManager.FromJobFileAsync(jobPath.FullName, logger);
+            var worker = new AnalyzeWorker(experimentsManager, logger);
             await worker.RunAsync(repoRoot.FullName, discoveryPath.FullName, dependencyPath.FullName, analysisDirectory.FullName);
-        }, RepoRootOption, DiscoveryFilePathOption, DependencyFilePathOption, AnalysisFolderOption);
+        }, JobPathOption, RepoRootOption, DiscoveryFilePathOption, DependencyFilePathOption, AnalysisFolderOption);
         return command;
     }

data/helpers/lib/NuGetUpdater/NuGetUpdater.Cli/Commands/RunCommand.cs CHANGED Viewed

@@ -36,7 +36,7 @@ internal static class RunCommand
             var logger = new ConsoleLogger();
             var experimentsManager = await ExperimentsManager.FromJobFileAsync(jobPath.FullName, logger);
             var discoverWorker = new DiscoveryWorker(experimentsManager, logger);
-            var analyzeWorker = new AnalyzeWorker(logger);
+            var analyzeWorker = new AnalyzeWorker(experimentsManager, logger);
             var updateWorker = new UpdaterWorker(experimentsManager, logger);
             var worker = new RunWorker(apiHandler, discoverWorker, analyzeWorker, updateWorker, logger);
             await worker.RunAsync(jobPath, repoContentsPath, baseCommitSha, outputPath);

data/helpers/lib/NuGetUpdater/NuGetUpdater.Cli.Test/EntryPointTests.Analyze.cs CHANGED Viewed

@@ -26,6 +26,8 @@ public partial class EntryPointTests
             await RunAsync(path =>
                 [
                     "analyze",
+                    "--job-path",
+                    Path.Combine(path, "job.json"),
                     "--repo-root",
                     path,
                     "--discovery-file-path",
@@ -144,6 +146,8 @@ public partial class EntryPointTests
             await RunAsync(path =>
                 [
                     "analyze",
+                    "--job-path",
+                    Path.Combine(path, "job.json"),
                     "--repo-root",
                     path,
                     "--discovery-file-path",
@@ -231,6 +235,8 @@ public partial class EntryPointTests
             await RunAsync(path =>
                 [
                     "analyze",
+                    "--job-path",
+                    Path.Combine(path, "job.json"),
                     "--repo-root",
                     path,
                     "--discovery-file-path",
@@ -308,8 +314,16 @@ public partial class EntryPointTests
             );
         }
-        private static async Task RunAsync(Func<string, string[]> getArgs, string dependencyName, TestFile[] initialFiles, ExpectedAnalysisResult expectedResult, MockNuGetPackage[]? packages = null)
+        private static async Task RunAsync(
+            Func<string, string[]> getArgs,
+            string dependencyName,
+            TestFile[] initialFiles,
+            ExpectedAnalysisResult expectedResult,
+            MockNuGetPackage[]? packages = null,
+            ExperimentsManager? experimentsManager = null
+        )
         {
+            experimentsManager ??= new ExperimentsManager();
             var actualResult = await RunAnalyzerAsync(dependencyName, initialFiles, async path =>
             {
                 var sb = new StringBuilder();
@@ -322,8 +336,19 @@ public partial class EntryPointTests
                 try
                 {
+                    await UpdateWorkerTestBase.MockJobFileInDirectory(path, experimentsManager);
                     await UpdateWorkerTestBase.MockNuGetPackagesInDirectory(packages, path);
                     var args = getArgs(path);
+                    // manually pull out the experiments manager for the validate step below
+                    for (int i = 0; i < args.Length - 1; i++)
+                    {
+                        if (args[i] == "--job-path")
+                        {
+                            experimentsManager = await ExperimentsManager.FromJobFileAsync(args[i + 1], new TestLogger());
+                        }
+                    }
                     var result = await Program.Main(args);
                     if (result != 0)
                     {

data/helpers/lib/NuGetUpdater/NuGetUpdater.Cli.Test/EntryPointTests.Discover.cs CHANGED Viewed

@@ -393,7 +393,8 @@ public partial class EntryPointTests
             TestFile[] initialFiles,
             ExpectedWorkspaceDiscoveryResult expectedResult,
             MockNuGetPackage[]? packages = null,
-            ExperimentsManager? experimentsManager = null)
+            ExperimentsManager? experimentsManager = null
+        )
         {
             experimentsManager ??= new ExperimentsManager();
             var actualResult = await RunDiscoveryAsync(initialFiles, async path =>

data/helpers/lib/NuGetUpdater/NuGetUpdater.Cli.Test/EntryPointTests.Run.cs CHANGED Viewed

@@ -41,12 +41,6 @@ public partial class EntryPointTests
                 ],
                 job: new Job()
                 {
-                    AllowedUpdates = [
-                        new()
-                        {
-                            UpdateType = "all"
-                        }
-                    ],
                     Source = new()
                     {
                         Provider = "github",

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/AnalyzeWorker.cs CHANGED Viewed

@@ -16,6 +16,7 @@ public partial class AnalyzeWorker : IAnalyzeWorker
 {
     public const string AnalysisDirectoryName = "./.dependabot/analysis";
+    private readonly ExperimentsManager _experimentsManager;
     private readonly ILogger _logger;
     internal static readonly JsonSerializerOptions SerializerOptions = new()
@@ -24,8 +25,9 @@ public partial class AnalyzeWorker : IAnalyzeWorker
         Converters = { new JsonStringEnumConverter(), new RequirementArrayConverter() },
     };
-    public AnalyzeWorker(ILogger logger)
+    public AnalyzeWorker(ExperimentsManager experimentsManager, ILogger logger)
     {
+        _experimentsManager = experimentsManager;
         _logger = logger;
     }

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/CompatabilityChecker.cs CHANGED Viewed

@@ -80,9 +80,9 @@ internal static class CompatibilityChecker
         NuGetContext nugetContext,
         CancellationToken cancellationToken)
     {
-        var tempPackagePath = GetTempPackagePath(package, nugetContext);
-        var readers = File.Exists(tempPackagePath)
-            ? ReadPackage(tempPackagePath)
+        var packagePath = GetPackagePath(package, nugetContext);
+        var readers = File.Exists(packagePath)
+            ? ReadPackage(packagePath)
             : await DownloadPackageAsync(package, nugetContext, cancellationToken);
         return readers;
     }
@@ -134,10 +134,10 @@ internal static class CompatibilityChecker
         return (isDevDependency, tfms.ToImmutableArray());
     }
-    internal static PackageReaders ReadPackage(string tempPackagePath)
+    internal static PackageReaders ReadPackage(string packagePath)
     {
         var stream = new FileStream(
-              tempPackagePath,
+              packagePath,
               FileMode.Open,
               FileAccess.Read,
               FileShare.Read,
@@ -194,8 +194,8 @@ internal static class CompatibilityChecker
                 context.Logger,
                 cancellationToken);
-            var tempPackagePath = GetTempPackagePath(package, context);
-            var isDownloaded = await downloader.CopyNupkgFileToAsync(tempPackagePath, cancellationToken);
+            var packagePath = GetPackagePath(package, context);
+            var isDownloaded = await downloader.CopyNupkgFileToAsync(packagePath, cancellationToken);
             if (!isDownloaded)
             {
                 continue;
@@ -207,6 +207,21 @@ internal static class CompatibilityChecker
         return null;
     }
-    internal static string GetTempPackagePath(PackageIdentity package, NuGetContext context)
-        => Path.Combine(context.TempPackageDirectory, package.Id + "." + package.Version + ".nupkg");
+    internal static string GetPackagePath(PackageIdentity package, NuGetContext context)
+    {
+        // https://learn.microsoft.com/en-us/nuget/consume-packages/managing-the-global-packages-and-cache-folders
+        var nugetPackagesPath = Environment.GetEnvironmentVariable("NUGET_PACKAGES");
+        if (nugetPackagesPath is null)
+        {
+            // n.b., this path should never be hit during a unit test
+            nugetPackagesPath = Path.Join(Environment.GetFolderPath(Environment.SpecialFolder.UserProfile), ".nuget", "packages");
+        }
+        var normalizedName = package.Id.ToLowerInvariant();
+        var normalizedVersion = package.Version.ToNormalizedString().ToLowerInvariant();
+        var packageDirectory = Path.Join(nugetPackagesPath, normalizedName, normalizedVersion);
+        Directory.CreateDirectory(packageDirectory);
+        var packagePath = Path.Join(packageDirectory, $"{normalizedName}.{normalizedVersion}.nupkg");
+        return packagePath;
+    }
 }

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/NuGetContext.cs CHANGED Viewed

@@ -20,7 +20,6 @@ internal record NuGetContext : IDisposable
     public IMachineWideSettings MachineWideSettings { get; }
     public ImmutableArray<PackageSource> PackageSources { get; }
     public NuGet.Common.ILogger Logger { get; }
-    public string TempPackageDirectory { get; }
     public NuGetContext(string? currentDirectory = null, NuGet.Common.ILogger? logger = null)
     {
@@ -37,23 +36,11 @@ internal record NuGetContext : IDisposable
             .Where(p => p.IsEnabled)
             .ToImmutableArray();
         Logger = logger ?? NullLogger.Instance;
-        TempPackageDirectory = Path.Combine(Path.GetTempPath(), $"dependabot-packages_{Guid.NewGuid():d}");
-        Directory.CreateDirectory(TempPackageDirectory);
     }
     public void Dispose()
     {
         SourceCacheContext.Dispose();
-        if (Directory.Exists(TempPackageDirectory))
-        {
-            try
-            {
-                Directory.Delete(TempPackageDirectory, recursive: true);
-            }
-            catch
-            {
-            }
-        }
     }
     private readonly Dictionary<PackageIdentity, string?> _packageInfoUrlCache = new();

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/RequirementConverter.cs ADDED Viewed

@@ -0,0 +1,17 @@
+using System.Text.Json;
+using System.Text.Json.Serialization;
+namespace NuGetUpdater.Core.Analyze;
+public class RequirementConverter : JsonConverter<Requirement>
+{
+    public override Requirement? Read(ref Utf8JsonReader reader, Type typeToConvert, JsonSerializerOptions options)
+    {
+        return Requirement.Parse(reader.GetString()!);
+    }
+    public override void Write(Utf8JsonWriter writer, Requirement value, JsonSerializerOptions options)
+    {
+        writer.WriteStringValue(value.ToString());
+    }
+}

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/Advisory.cs ADDED Viewed

@@ -0,0 +1,13 @@
+using System.Collections.Immutable;
+using NuGetUpdater.Core.Analyze;
+namespace NuGetUpdater.Core.Run.ApiModel;
+public record Advisory
+{
+    public required string DependencyName { get; init; }
+    public ImmutableArray<Requirement>? AffectedVersions { get; init; } = null;
+    public ImmutableArray<Requirement>? PatchedVersions { get; init; } = null;
+    public ImmutableArray<Requirement>? UnaffectedVersions { get; init; } = null;
+}

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/AllowedUpdate.cs CHANGED Viewed

@@ -2,5 +2,22 @@ namespace NuGetUpdater.Core.Run.ApiModel;
 public sealed record AllowedUpdate
 {
-    public string UpdateType { get; init; } = "all";
+    public DependencyType DependencyType { get; init; } = DependencyType.All;
+    public string? DependencyName { get; init; } = null;
+    public UpdateType UpdateType { get; init; } = UpdateType.All;
+}
+public enum DependencyType
+{
+    All,
+    Direct,
+    Indirect,
+    Development,
+    Production,
+}
+public enum UpdateType
+{
+    All,
+    Security,
 }

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/CommitOptions.cs ADDED Viewed

@@ -0,0 +1,8 @@
+namespace NuGetUpdater.Core.Run.ApiModel;
+public record CommitOptions
+{
+    public string? Prefix { get; init; } = null;
+    public string? PrefixDevelopment { get; init; } = null;
+    public string? IncludeScope { get; init; } = null;
+}

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/Condition.cs ADDED Viewed

@@ -0,0 +1,19 @@
+using System.Text.Json.Serialization;
+using NuGetUpdater.Core.Analyze;
+namespace NuGetUpdater.Core.Run.ApiModel;
+public sealed record Condition
+{
+    [JsonPropertyName("dependency-name")]
+    public required string DependencyName { get; init; }
+    [JsonPropertyName("source")]
+    public string? Source { get; init; } = null;
+    [JsonPropertyName("update-types")]
+    public string[] UpdateTypes { get; init; } = [];
+    [JsonPropertyName("updated-at")]
+    public DateTime? UpdatedAt { get; init; } = null;
+    [JsonPropertyName("version-requirement")]
+    public Requirement? VersionRequirement { get; init; } = null;
+}

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/DependencyGroup.cs ADDED Viewed

@@ -0,0 +1,8 @@
+namespace NuGetUpdater.Core.Run.ApiModel;
+public record DependencyGroup
+{
+    public required string Name { get; init; }
+    public string? AppliesTo { get; init; }
+    public Dictionary<string, object> Rules { get; init; } = new();
+}

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/GroupPullRequest.cs ADDED Viewed

@@ -0,0 +1,9 @@
+using System.Collections.Immutable;
+namespace NuGetUpdater.Core.Run.ApiModel;
+public record GroupPullRequest
+{
+    public required string DependencyGroupName { get; init; }
+    public required ImmutableArray<PullRequest> Dependencies { get; init; }
+}

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/Job.cs CHANGED Viewed

@@ -1,25 +1,28 @@
+using System.Collections.Immutable;
 using System.Text.Json;
 using System.Text.Json.Serialization;
+using NuGet.Credentials;
 namespace NuGetUpdater.Core.Run.ApiModel;
 public sealed record Job
 {
     public string PackageManager { get; init; } = "nuget";
-    public AllowedUpdate[]? AllowedUpdates { get; init; } = null;
+    public ImmutableArray<AllowedUpdate> AllowedUpdates { get; init; } = [new AllowedUpdate()];
     [JsonConverter(typeof(NullAsBoolConverter))]
     public bool Debug { get; init; } = false;
-    public object[]? DependencyGroups { get; init; } = null;
-    public object[]? Dependencies { get; init; } = null;
+    public ImmutableArray<DependencyGroup> DependencyGroups { get; init; } = [];
+    public ImmutableArray<string>? Dependencies { get; init; } = null;
     public string? DependencyGroupToRefresh { get; init; } = null;
-    public object[]? ExistingPullRequests { get; init; } = null;
-    public object[]? ExistingGroupPullRequests { get; init; } = null;
+    public ImmutableArray<ImmutableArray<PullRequest>> ExistingPullRequests { get; init; } = [];
+    public ImmutableArray<GroupPullRequest> ExistingGroupPullRequests { get; init; } = [];
     public Dictionary<string, object>? Experiments { get; init; } = null;
-    public object[]? IgnoreConditions { get; init; } = null;
+    public Condition[] IgnoreConditions { get; init; } = [];
     public bool LockfileOnly { get; init; } = false;
-    public string? RequirementsUpdateStrategy { get; init; } = null;
-    public object[]? SecurityAdvisories { get; init; } = null;
+    public RequirementsUpdateStrategy? RequirementsUpdateStrategy { get; init; } = null;
+    public ImmutableArray<Advisory> SecurityAdvisories { get; init; } = [];
     public bool SecurityUpdatesOnly { get; init; } = false;
     public required JobSource Source { get; init; }
     public bool UpdateSubdependencies { get; init; } = false;
@@ -27,8 +30,8 @@ public sealed record Job
     public bool VendorDependencies { get; init; } = false;
     public bool RejectExternalCode { get; init; } = false;
     public bool RepoPrivate { get; init; } = false;
-    public object? CommitMessageOptions { get; init; } = null;
-    public object[]? CredentialsMetadata { get; init; } = null;
+    public CommitOptions? CommitMessageOptions { get; init; } = null;
+    public ImmutableArray<Dictionary<string, string>>? CredentialsMetadata { get; init; } = null;
     public int MaxUpdaterRunTime { get; init; } = 0;
     public IEnumerable<string> GetAllDirectories()

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/PullRequest.cs ADDED Viewed

@@ -0,0 +1,11 @@
+using NuGet.Versioning;
+namespace NuGetUpdater.Core.Run.ApiModel;
+public record PullRequest
+{
+    public required string DependencyName { get; init; }
+    public required NuGetVersion DependencyVersion { get; init; }
+    public bool DependencyRemoved { get; init; } = false;
+    public string? Directory { get; init; } = null;
+}

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/RequirementsUpdateStrategy.cs ADDED Viewed

@@ -0,0 +1,15 @@
+using System.Text.Json.Serialization;
+namespace NuGetUpdater.Core.Run.ApiModel;
+public enum RequirementsUpdateStrategy
+{
+    [JsonStringEnumMemberName("bump_versions")]
+    BumpVersions,
+    [JsonStringEnumMemberName("bump_versions_if_necessary")]
+    BumpVersionsIfNecessary,
+    [JsonStringEnumMemberName("lockfile_only")]
+    LockfileOnly,
+    [JsonStringEnumMemberName("widen_ranges")]
+    WidenRanges,
+}

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/RunWorker.cs CHANGED Viewed

@@ -1,3 +1,4 @@
+using System.Collections.Immutable;
 using System.Net;
 using System.Text;
 using System.Text.Json;
@@ -21,7 +22,7 @@ public class RunWorker
     {
         PropertyNamingPolicy = JsonNamingPolicy.KebabCaseLower,
         WriteIndented = true,
-        Converters = { new JsonStringEnumConverter() },
+        Converters = { new JsonStringEnumConverter(), new RequirementConverter(), new VersionConverter() },
     };
     public RunWorker(IApiHandler apiHandler, IDiscoveryWorker discoverWorker, IAnalyzeWorker analyzeWorker, IUpdaterWorker updateWorker, ILogger logger)
@@ -123,9 +124,8 @@ public class RunWorker
         // TODO: pull out relevant dependencies, then check each for updates and track the changes
         // TODO: for each top-level dependency, _or_ specific dependency (if security, use transitive)
         var originalDependencyFileContents = new Dictionary<string, string>();
-        var allowedUpdates = job.AllowedUpdates ?? [];
         var actualUpdatedDependencies = new List<ReportedDependency>();
-        if (allowedUpdates.Any(a => a.UpdateType == "all"))
+        if (job.AllowedUpdates.Any(a => a.UpdateType == UpdateType.All))
         {
             await _apiHandler.IncrementMetric(new()
             {
@@ -173,12 +173,13 @@ public class RunWorker
                         continue;
                     }
+                    var ignoredVersions = GetIgnoredRequirementsForDependency(job, dependency.Name);
                     var dependencyInfo = new DependencyInfo()
                     {
                         Name = dependency.Name,
                         Version = dependency.Version!,
                         IsVulnerable = false,
-                        IgnoredVersions = [],
+                        IgnoredVersions = ignoredVersions,
                         Vulnerabilities = [],
                     };
                     var analysisResult = await _analyzeWorker.RunAsync(repoContentsPath.FullName, discoveryResult, dependencyInfo);
@@ -303,6 +304,25 @@ public class RunWorker
         return result;
     }
+    internal static ImmutableArray<Requirement> GetIgnoredRequirementsForDependency(Job job, string dependencyName)
+    {
+        var ignoreConditions = job.IgnoreConditions
+            .Where(c => c.DependencyName.Equals(dependencyName, StringComparison.OrdinalIgnoreCase))
+            .ToArray();
+        if (ignoreConditions.Length == 1 && ignoreConditions[0].VersionRequirement is null)
+        {
+            // if only one match with no version requirement, ignore all versions
+            return [Requirement.Parse("> 0.0.0")];
+        }
+        var ignoredVersions = ignoreConditions
+            .Select(c => c.VersionRequirement)
+            .Where(r => r is not null)
+            .Cast<Requirement>()
+            .ToImmutableArray();
+        return ignoredVersions;
+    }
     internal static UpdatedDependencyList GetUpdatedDependencyListFromDiscovery(WorkspaceDiscoveryResult discoveryResult, string pathToContents)
     {
         string GetFullRepoPath(string path)

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/VersionConverter.cs ADDED Viewed

@@ -0,0 +1,19 @@
+using System.Text.Json;
+using System.Text.Json.Serialization;
+using NuGet.Versioning;
+namespace NuGetUpdater.Core.Analyze;
+public class VersionConverter : JsonConverter<NuGetVersion>
+{
+    public override NuGetVersion? Read(ref Utf8JsonReader reader, Type typeToConvert, JsonSerializerOptions options)
+    {
+        return NuGetVersion.Parse(reader.GetString()!);
+    }
+    public override void Write(Utf8JsonWriter writer, NuGetVersion value, JsonSerializerOptions options)
+    {
+        writer.WriteStringValue(value.ToString());
+    }
+}

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/BindingRedirectManager.cs CHANGED Viewed

@@ -60,7 +60,8 @@ internal static class BindingRedirectManager
         // finally we pull out the assembly `HintPath` values for _all_ references relative to the project file in a unix-style value
         //    e.g., ../packages/Some.Other.Package/4.5.6/lib/net45/Some.Other.Package.dll
         // all of that is passed to `AddBindingRedirects()` so we can ensure binding redirects for the relevant assemblies
-        var packagesDirectory = PackagesConfigUpdater.GetPathToPackagesDirectory(projectBuildFile, updatedPackageName, updatedPackageVersion, packagesConfigPath: null)!;
+        var packagesConfigPath = ProjectHelper.GetPackagesConfigPathFromProject(projectBuildFile.Path, ProjectHelper.PathFormat.Full);
+        var packagesDirectory = PackagesConfigUpdater.GetPathToPackagesDirectory(projectBuildFile, updatedPackageName, updatedPackageVersion, packagesConfigPath)!;
         var assemblyPathPrefix = Path.Combine(packagesDirectory, $"{updatedPackageName}.{updatedPackageVersion}").NormalizePathToUnix().EnsureSuffix("/");
         var assemblyPaths = references.Select(static x => x.HintPath).Select(x => Path.GetRelativePath(Path.GetDirectoryName(projectBuildFile.Path)!, x).NormalizePathToUnix()).ToList();
         var bindingsAndAssemblyPaths = bindings.Zip(assemblyPaths);

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/PackagesConfigUpdater.cs CHANGED Viewed

@@ -23,7 +23,7 @@ namespace NuGetUpdater.Core;
 /// See: https://learn.microsoft.com/en-us/nuget/reference/packages-config
 ///      https://learn.microsoft.com/en-us/nuget/resources/check-project-format
 /// <remarks>
-internal static class PackagesConfigUpdater
+internal static partial class PackagesConfigUpdater
 {
     public static async Task UpdateDependencyAsync(
         string repoRootPath,
@@ -215,7 +215,7 @@ internal static class PackagesConfigUpdater
         var hintPathSubString = $"{dependencyName}.{dependencyVersion}";
         string? partialPathMatch = null;
-        var specificHintPathNodes = projectBuildFile.Contents.Descendants().Where(e => e.IsHintPathNodeForDependency(dependencyName)).ToArray();
+        var specificHintPathNodes = projectBuildFile.Contents.Descendants().Where(e => e.IsHintPathNodeForDependency(dependencyName, dependencyVersion)).ToArray();
         foreach (var hintPathNode in specificHintPathNodes)
         {
             var hintPath = hintPathNode.GetContentValue();
@@ -266,8 +266,7 @@ internal static class PackagesConfigUpdater
                     foreach (var hintPathNode in genericHintPathNodes)
                     {
                         var hintPath = hintPathNode.GetContentValue();
-                        var match = Regex.Match(hintPath, @"^(?<PackagesPath>.*)[/\\](?<PackageNameAndVersion>[^/\\]+)[/\\]lib[/\\](?<Tfm>[^/\\]+)[/\\](?<AssemblyName>[^/\\]+)$");
-                        // e.g.,                              ..\..\packages     \    Some.Package.1.2.3              \    lib\     net45          \   Some.Package.dll
+                        var match = PackageAssemblyHintPathPattern().Match(hintPath);
                         if (match.Success)
                         {
                             partialPathMatch = match.Groups["PackagesPath"].Value;
@@ -297,17 +296,15 @@ internal static class PackagesConfigUpdater
         return false;
     }
-    private static bool IsHintPathNodeForDependency(this IXmlElementSyntax element, string dependencyName)
+    private static bool IsHintPathNodeForDependency(this IXmlElementSyntax element, string dependencyName, string dependencyVersion)
     {
         if (element.IsHintPathNode())
         {
-            // the include attribute will look like one of the following:
-            //   <Reference Include="Some.Dependency, Version=1.0.0.0, Culture=neutral, PublicKeyToken=abcd">
-            // or
-            //   <Reference Include="Some.Dependency">
-            string includeAttributeValue = element.Parent.GetAttributeValue("Include", StringComparison.OrdinalIgnoreCase);
-            if (includeAttributeValue.Equals(dependencyName, StringComparison.OrdinalIgnoreCase) ||
-                includeAttributeValue.StartsWith($"{dependencyName},", StringComparison.OrdinalIgnoreCase))
+            // the hint path will look similar to this:
+            //   ..\packages\Some.Package.1.2.3\lib\net45\Some.Package.dll
+            var assemblyPath = element.GetContentValue();
+            var match = PackageAssemblyHintPathPattern().Match(assemblyPath);
+            if (match.Success)
             {
                 return true;
             }
@@ -326,4 +323,8 @@ internal static class PackagesConfigUpdater
         return subpath;
     }
+    [GeneratedRegex(@"^(?<PackagesPath>.*)[/\\](?<PackageNameAndVersion>[^/\\]+)[/\\]lib[/\\](?<Tfm>[^/\\]+)[/\\](?<AssemblyName>[^/\\]+)$", RegexOptions.IgnoreCase)]
+    // e.g.,            ..\..\packages      \   Some.Package.1.2.3                \  lib  \   net45           \   Some.Package.dll
+    private static partial Regex PackageAssemblyHintPathPattern();
 }

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/JsonHelper.cs CHANGED Viewed

@@ -11,6 +11,7 @@ namespace NuGetUpdater.Core.Utilities
         public static JsonDocumentOptions DocumentOptions { get; } = new JsonDocumentOptions
         {
             CommentHandling = JsonCommentHandling.Skip,
+            AllowTrailingCommas = true,
         };
         public static JsonNode? ParseNode(string content)
@@ -24,6 +25,7 @@ namespace NuGetUpdater.Core.Utilities
             var readerOptions = new JsonReaderOptions
             {
                 CommentHandling = JsonCommentHandling.Allow,
+                AllowTrailingCommas = true,
             };
             var bytes = Encoding.UTF8.GetBytes(json);
             var reader = new Utf8JsonReader(bytes, readerOptions);

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/ProjectHelper.cs CHANGED Viewed

@@ -74,7 +74,7 @@ internal static class ProjectHelper
     private static string? GetItemPathWithFileName(this ProjectRootElement projectRootElement, string itemFileName)
     {
         var projectDirectory = Path.GetDirectoryName(projectRootElement.FullPath)!;
-        var packagesConfigPath = projectRootElement.Items
+        var itemPath = projectRootElement.Items
             .Where(i => i.ElementName.Equals("None", StringComparison.OrdinalIgnoreCase) ||
                         i.ElementName.Equals("Content", StringComparison.OrdinalIgnoreCase))
             .Where(i => Path.GetFileName(i.Include).Equals(itemFileName, StringComparison.OrdinalIgnoreCase))
@@ -82,7 +82,7 @@ internal static class ProjectHelper
             .Where(File.Exists)
             .FirstOrDefault()
             ?.NormalizePathToUnix();
-        return packagesConfigPath;
+        return itemPath;
     }
     private static string? GetPathWithRegardsToProjectFile(string fullProjectPath, string fileName)