dependabot-nuget 0.289.0 → 0.291.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/helpers/lib/NuGetUpdater/Directory.Packages.props +1 -1
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Cli/Commands/AnalyzeCommand.cs +7 -3
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Cli/Commands/RunCommand.cs +1 -1
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Cli.Test/EntryPointTests.Analyze.cs +26 -1
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Cli.Test/EntryPointTests.Discover.cs +2 -1
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Cli.Test/EntryPointTests.Run.cs +0 -6
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Cli.Test/EntryPointTests.Update.cs +1 -1
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/AnalyzeWorker.cs +6 -1
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/CompatabilityChecker.cs +24 -9
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/DependencyFinder.cs +2 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/NuGetContext.cs +0 -13
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/RequirementConverter.cs +17 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/DiscoveryWorker.cs +44 -5
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/PackagesConfigDiscovery.cs +2 -2
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/ProjectDiscoveryResult.cs +2 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/SdkProjectDiscovery.cs +19 -11
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/ErrorType.cs +1 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/ExperimentsManager.cs +3 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/Advisory.cs +13 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/AllowedUpdate.cs +18 -1
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/CommitOptions.cs +8 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/Condition.cs +19 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/DependencyGroup.cs +8 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/GroupPullRequest.cs +9 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/Job.cs +13 -10
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/PullRequest.cs +11 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/RequirementsUpdateStrategy.cs +15 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/RunWorker.cs +24 -4
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/VersionConverter.cs +19 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/BindingRedirectManager.cs +2 -1
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/LockFileUpdater.cs +3 -2
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/PackageReferenceUpdater.cs +43 -18
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/PackagesConfigUpdater.cs +13 -12
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/UpdaterWorker.cs +1 -1
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/JsonHelper.cs +2 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/MSBuildHelper.cs +40 -14
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/NuGetHelper.cs +2 -2
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/ProcessExtensions.cs +45 -7
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/ProjectHelper.cs +2 -2
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Analyze/AnalyzeWorkerTestBase.cs +5 -2
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Discover/DiscoveryWorkerTests.DotNetToolsJson.cs +45 -1
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Discover/DiscoveryWorkerTests.GlobalJson.cs +35 -1
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Discover/DiscoveryWorkerTests.Project.cs +0 -4
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Discover/DiscoveryWorkerTests.cs +41 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Discover/ExpectedDiscoveryResults.cs +1 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Discover/SdkProjectDiscoveryTests.cs +1 -1
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/MockNuGetPackage.cs +2 -1
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/MiscellaneousTests.cs +85 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/RunWorkerTests.cs +7 -31
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/SerializationTests.cs +340 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/TemporaryDirectory.cs +18 -7
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Update/PackagesConfigUpdaterTests.cs +24 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Update/UpdateWorkerTestBase.cs +0 -12
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Update/UpdateWorkerTests.DotNetTools.cs +84 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Update/UpdateWorkerTests.GlobalJson.cs +66 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Update/UpdateWorkerTests.PackageReference.cs +55 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Update/UpdateWorkerTests.PackagesConfig.cs +0 -6
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Utilities/MSBuildHelperTests.cs +785 -755
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Utilities/PathHelperTests.cs +2 -2
- data/lib/dependabot/nuget/analysis/analysis_json_reader.rb +1 -1
- data/lib/dependabot/nuget/analysis/dependency_analysis.rb +3 -3
- data/lib/dependabot/nuget/discovery/dependency_details.rb +10 -3
- data/lib/dependabot/nuget/discovery/dependency_file_discovery.rb +8 -12
- data/lib/dependabot/nuget/discovery/discovery_json_reader.rb +214 -29
- data/lib/dependabot/nuget/discovery/project_discovery.rb +41 -8
- data/lib/dependabot/nuget/discovery/workspace_discovery.rb +14 -19
- data/lib/dependabot/nuget/file_fetcher.rb +3 -3
- data/lib/dependabot/nuget/file_parser.rb +92 -3
- data/lib/dependabot/nuget/file_updater.rb +13 -13
- data/lib/dependabot/nuget/language.rb +82 -0
- data/lib/dependabot/nuget/native_helpers.rb +37 -5
- data/lib/dependabot/nuget/package_manager.rb +51 -0
- data/lib/dependabot/nuget/update_checker/requirements_updater.rb +23 -27
- data/lib/dependabot/nuget/update_checker.rb +116 -190
- metadata +20 -29
- data/lib/dependabot/nuget/discovery/directory_packages_props_discovery.rb +0 -43
- data/lib/dependabot/nuget/http_response_helpers.rb +0 -19
- data/lib/dependabot/nuget/native_discovery/native_dependency_details.rb +0 -102
- data/lib/dependabot/nuget/native_discovery/native_dependency_file_discovery.rb +0 -122
- data/lib/dependabot/nuget/native_discovery/native_discovery_json_reader.rb +0 -277
- data/lib/dependabot/nuget/native_discovery/native_evaluation_details.rb +0 -63
- data/lib/dependabot/nuget/native_discovery/native_project_discovery.rb +0 -104
- data/lib/dependabot/nuget/native_discovery/native_property_details.rb +0 -43
- data/lib/dependabot/nuget/native_discovery/native_workspace_discovery.rb +0 -61
- data/lib/dependabot/nuget/native_update_checker/native_requirements_updater.rb +0 -105
- data/lib/dependabot/nuget/native_update_checker/native_update_checker.rb +0 -214
- data/lib/dependabot/nuget/nuget_client.rb +0 -223
- data/lib/dependabot/nuget/update_checker/compatibility_checker.rb +0 -116
- data/lib/dependabot/nuget/update_checker/dependency_finder.rb +0 -297
- data/lib/dependabot/nuget/update_checker/nupkg_fetcher.rb +0 -221
- data/lib/dependabot/nuget/update_checker/nuspec_fetcher.rb +0 -110
- data/lib/dependabot/nuget/update_checker/property_updater.rb +0 -196
- data/lib/dependabot/nuget/update_checker/repository_finder.rb +0 -466
- data/lib/dependabot/nuget/update_checker/tfm_comparer.rb +0 -34
- data/lib/dependabot/nuget/update_checker/tfm_finder.rb +0 -30
- data/lib/dependabot/nuget/update_checker/version_finder.rb +0 -449
|
@@ -4,9 +4,11 @@
|
|
|
4
4
|
require "dependabot/dependency"
|
|
5
5
|
require "dependabot/file_parsers"
|
|
6
6
|
require "dependabot/file_parsers/base"
|
|
7
|
-
require "dependabot/nuget/
|
|
7
|
+
require "dependabot/nuget/discovery/discovery_json_reader"
|
|
8
8
|
require "dependabot/nuget/native_helpers"
|
|
9
9
|
require "sorbet-runtime"
|
|
10
|
+
require "dependabot/nuget/package_manager"
|
|
11
|
+
require "dependabot/nuget/language"
|
|
10
12
|
|
|
11
13
|
# For details on how dotnet handles version constraints, see:
|
|
12
14
|
# https://docs.microsoft.com/en-us/nuget/reference/package-versioning
|
|
@@ -22,14 +24,42 @@ module Dependabot
|
|
|
22
24
|
dependencies
|
|
23
25
|
end
|
|
24
26
|
|
|
27
|
+
sig { returns(Ecosystem) }
|
|
28
|
+
def ecosystem
|
|
29
|
+
@ecosystem ||= T.let(
|
|
30
|
+
Ecosystem.new(
|
|
31
|
+
name: ECOSYSTEM,
|
|
32
|
+
package_manager: package_manager,
|
|
33
|
+
language: language
|
|
34
|
+
),
|
|
35
|
+
T.nilable(Ecosystem)
|
|
36
|
+
)
|
|
37
|
+
end
|
|
38
|
+
|
|
25
39
|
private
|
|
26
40
|
|
|
41
|
+
sig { returns(T.nilable(T::Array[String])) }
|
|
42
|
+
def content_json
|
|
43
|
+
@content_json ||= T.let(begin
|
|
44
|
+
directory = source&.directory || "/"
|
|
45
|
+
discovery_json_reader = DiscoveryJsonReader.run_discovery_in_directory(
|
|
46
|
+
repo_contents_path: T.must(repo_contents_path),
|
|
47
|
+
directory: directory,
|
|
48
|
+
credentials: credentials
|
|
49
|
+
)
|
|
50
|
+
|
|
51
|
+
discovery_json_reader.workspace_discovery&.projects&.map do |framework|
|
|
52
|
+
T.let(framework.instance_variable_get(:@target_frameworks), T::Array[String]).compact.join(",")
|
|
53
|
+
end
|
|
54
|
+
end, T.nilable(T::Array[String]))
|
|
55
|
+
end
|
|
56
|
+
|
|
27
57
|
sig { returns(T::Array[Dependabot::Dependency]) }
|
|
28
58
|
def dependencies
|
|
29
59
|
@dependencies ||= T.let(begin
|
|
30
|
-
|
|
60
|
+
NativeHelpers.install_dotnet_sdks
|
|
31
61
|
directory = source&.directory || "/"
|
|
32
|
-
discovery_json_reader =
|
|
62
|
+
discovery_json_reader = DiscoveryJsonReader.run_discovery_in_directory(
|
|
33
63
|
repo_contents_path: T.must(repo_contents_path),
|
|
34
64
|
directory: directory,
|
|
35
65
|
credentials: credentials
|
|
@@ -54,6 +84,65 @@ module Dependabot
|
|
|
54
84
|
"No project file."
|
|
55
85
|
)
|
|
56
86
|
end
|
|
87
|
+
|
|
88
|
+
sig { returns(T.nilable(Ecosystem::VersionManager)) }
|
|
89
|
+
def language
|
|
90
|
+
# Historically new version of language is released with incremental update of
|
|
91
|
+
# .Net version, so we tie the language with framework version for metric collection
|
|
92
|
+
|
|
93
|
+
nomenclature = "#{language_type} #{framework_version&.join(',')}".strip.tr(" ", "-")
|
|
94
|
+
|
|
95
|
+
Dependabot.logger.info("Detected language and framework #{nomenclature}")
|
|
96
|
+
|
|
97
|
+
case language_type
|
|
98
|
+
|
|
99
|
+
when CSharpLanguage::TYPE
|
|
100
|
+
CSharpLanguage.new(nomenclature)
|
|
101
|
+
|
|
102
|
+
when VBLanguage::TYPE
|
|
103
|
+
VBLanguage.new(nomenclature)
|
|
104
|
+
|
|
105
|
+
when FSharpLanguage::TYPE
|
|
106
|
+
FSharpLanguage.new(nomenclature)
|
|
107
|
+
|
|
108
|
+
when DotNet::TYPE
|
|
109
|
+
DotNet.new(nomenclature)
|
|
110
|
+
|
|
111
|
+
end
|
|
112
|
+
end
|
|
113
|
+
|
|
114
|
+
sig { returns(T.nilable(T::Array[String])) }
|
|
115
|
+
def framework_version
|
|
116
|
+
content_json
|
|
117
|
+
rescue StandardError
|
|
118
|
+
nil
|
|
119
|
+
end
|
|
120
|
+
|
|
121
|
+
sig { returns(T.nilable(String)) }
|
|
122
|
+
def language_type
|
|
123
|
+
requirement_files = dependencies.flat_map do |dep|
|
|
124
|
+
dep.requirements.map { |r| T.let(r.fetch(:file), String) }
|
|
125
|
+
end.uniq
|
|
126
|
+
|
|
127
|
+
return "cs" if requirement_files.any? { |f| File.basename(f).match?(/\.csproj$/) }
|
|
128
|
+
return "vb" if requirement_files.any? { |f| File.basename(f).match?(/\.vbproj$/) }
|
|
129
|
+
return "fs" if requirement_files.any? { |f| File.basename(f).match?(/\.fsproj$/) }
|
|
130
|
+
|
|
131
|
+
# return a fallback to avoid falling to exception
|
|
132
|
+
"dotnet"
|
|
133
|
+
end
|
|
134
|
+
|
|
135
|
+
sig { returns(Ecosystem::VersionManager) }
|
|
136
|
+
def package_manager
|
|
137
|
+
NugetPackageManager.new(T.must(nuget_version))
|
|
138
|
+
end
|
|
139
|
+
|
|
140
|
+
sig { returns(T.nilable(String)) }
|
|
141
|
+
def nuget_version
|
|
142
|
+
SharedHelpers.run_shell_command("dotnet nuget --version").split("Command Line").last&.strip
|
|
143
|
+
rescue StandardError
|
|
144
|
+
nil
|
|
145
|
+
end
|
|
57
146
|
end
|
|
58
147
|
end
|
|
59
148
|
end
|
|
@@ -4,9 +4,9 @@
|
|
|
4
4
|
require "dependabot/dependency_file"
|
|
5
5
|
require "dependabot/file_updaters"
|
|
6
6
|
require "dependabot/file_updaters/base"
|
|
7
|
-
require "dependabot/nuget/
|
|
8
|
-
require "dependabot/nuget/
|
|
9
|
-
require "dependabot/nuget/
|
|
7
|
+
require "dependabot/nuget/discovery/dependency_details"
|
|
8
|
+
require "dependabot/nuget/discovery/discovery_json_reader"
|
|
9
|
+
require "dependabot/nuget/discovery/workspace_discovery"
|
|
10
10
|
require "dependabot/nuget/native_helpers"
|
|
11
11
|
require "dependabot/shared_helpers"
|
|
12
12
|
require "sorbet-runtime"
|
|
@@ -57,7 +57,7 @@ module Dependabot
|
|
|
57
57
|
try_update_projects(dependency) || try_update_json(dependency)
|
|
58
58
|
end
|
|
59
59
|
updated_files = dependency_files.filter_map do |f|
|
|
60
|
-
dependency_file_path =
|
|
60
|
+
dependency_file_path = DiscoveryJsonReader.dependency_file_path(
|
|
61
61
|
repo_contents_path: T.must(repo_contents_path),
|
|
62
62
|
dependency_file: f
|
|
63
63
|
)
|
|
@@ -97,7 +97,7 @@ module Dependabot
|
|
|
97
97
|
# run update for each project file
|
|
98
98
|
project_files.each do |project_file|
|
|
99
99
|
project_dependencies = project_dependencies(project_file)
|
|
100
|
-
dependency_file_path =
|
|
100
|
+
dependency_file_path = DiscoveryJsonReader.dependency_file_path(
|
|
101
101
|
repo_contents_path: T.must(repo_contents_path),
|
|
102
102
|
dependency_file: project_file
|
|
103
103
|
)
|
|
@@ -128,7 +128,7 @@ module Dependabot
|
|
|
128
128
|
|
|
129
129
|
# We just need to feed the updater a project file, grab the first
|
|
130
130
|
project_file = T.must(project_files.first)
|
|
131
|
-
dependency_file_path =
|
|
131
|
+
dependency_file_path = DiscoveryJsonReader.dependency_file_path(
|
|
132
132
|
repo_contents_path: T.must(repo_contents_path),
|
|
133
133
|
dependency_file: project_file
|
|
134
134
|
)
|
|
@@ -168,13 +168,13 @@ module Dependabot
|
|
|
168
168
|
@update_tooling_calls
|
|
169
169
|
end
|
|
170
170
|
|
|
171
|
-
sig { returns(T.nilable(
|
|
171
|
+
sig { returns(T.nilable(WorkspaceDiscovery)) }
|
|
172
172
|
def workspace
|
|
173
173
|
dependency_file_paths = dependency_files.map do |f|
|
|
174
|
-
|
|
175
|
-
|
|
174
|
+
DiscoveryJsonReader.dependency_file_path(repo_contents_path: T.must(repo_contents_path),
|
|
175
|
+
dependency_file: f)
|
|
176
176
|
end
|
|
177
|
-
|
|
177
|
+
DiscoveryJsonReader.load_discovery_for_dependency_file_paths(dependency_file_paths).workspace_discovery
|
|
178
178
|
end
|
|
179
179
|
|
|
180
180
|
sig { params(project_file: Dependabot::DependencyFile).returns(T::Array[String]) }
|
|
@@ -182,7 +182,7 @@ module Dependabot
|
|
|
182
182
|
workspace&.projects&.find { |p| p.file_path == project_file.name }&.referenced_project_paths || []
|
|
183
183
|
end
|
|
184
184
|
|
|
185
|
-
sig { params(project_file: Dependabot::DependencyFile).returns(T::Array[
|
|
185
|
+
sig { params(project_file: Dependabot::DependencyFile).returns(T::Array[DependencyDetails]) }
|
|
186
186
|
def project_dependencies(project_file)
|
|
187
187
|
workspace&.projects&.find do |p|
|
|
188
188
|
full_project_file_path = File.join(project_file.directory, project_file.name)
|
|
@@ -190,12 +190,12 @@ module Dependabot
|
|
|
190
190
|
end&.dependencies || []
|
|
191
191
|
end
|
|
192
192
|
|
|
193
|
-
sig { returns(T::Array[
|
|
193
|
+
sig { returns(T::Array[DependencyDetails]) }
|
|
194
194
|
def global_json_dependencies
|
|
195
195
|
workspace&.global_json&.dependencies || []
|
|
196
196
|
end
|
|
197
197
|
|
|
198
|
-
sig { returns(T::Array[
|
|
198
|
+
sig { returns(T::Array[DependencyDetails]) }
|
|
199
199
|
def dotnet_tools_json_dependencies
|
|
200
200
|
workspace&.dotnet_tools_json&.dependencies || []
|
|
201
201
|
end
|
|
@@ -0,0 +1,82 @@
|
|
|
1
|
+
# typed: strong
|
|
2
|
+
# frozen_string_literal: true
|
|
3
|
+
|
|
4
|
+
require "sorbet-runtime"
|
|
5
|
+
require "dependabot/nuget/version"
|
|
6
|
+
require "dependabot/ecosystem"
|
|
7
|
+
|
|
8
|
+
module Dependabot
|
|
9
|
+
module Nuget
|
|
10
|
+
class Language < Dependabot::Ecosystem::VersionManager
|
|
11
|
+
extend T::Sig
|
|
12
|
+
|
|
13
|
+
sig { params(language: String, raw_version: String, requirement: T.nilable(Requirement)).void }
|
|
14
|
+
def initialize(language, raw_version, requirement = nil)
|
|
15
|
+
super(language, Version.new(raw_version), [], [], requirement)
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
class CSharpLanguage < Dependabot::Ecosystem::VersionManager
|
|
20
|
+
extend T::Sig
|
|
21
|
+
|
|
22
|
+
LANGUAGE = "CSharp"
|
|
23
|
+
TYPE = "cs"
|
|
24
|
+
|
|
25
|
+
SUPPORTED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
|
|
26
|
+
|
|
27
|
+
DEPRECATED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
|
|
28
|
+
|
|
29
|
+
sig { params(language: String, requirement: T.nilable(Requirement)).void }
|
|
30
|
+
def initialize(language, requirement = nil)
|
|
31
|
+
super(language, Version.new(nil), [], [], requirement)
|
|
32
|
+
end
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
class VBLanguage < Dependabot::Ecosystem::VersionManager
|
|
36
|
+
extend T::Sig
|
|
37
|
+
|
|
38
|
+
LANGUAGE = "VB"
|
|
39
|
+
TYPE = "vb"
|
|
40
|
+
|
|
41
|
+
SUPPORTED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
|
|
42
|
+
|
|
43
|
+
DEPRECATED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
|
|
44
|
+
|
|
45
|
+
sig { params(language: String, requirement: T.nilable(Requirement)).void }
|
|
46
|
+
def initialize(language, requirement = nil)
|
|
47
|
+
super(language, Version.new(nil), [], [], requirement)
|
|
48
|
+
end
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
class FSharpLanguage < Dependabot::Ecosystem::VersionManager
|
|
52
|
+
extend T::Sig
|
|
53
|
+
|
|
54
|
+
LANGUAGE = "FSharp"
|
|
55
|
+
TYPE = "fs"
|
|
56
|
+
|
|
57
|
+
SUPPORTED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
|
|
58
|
+
|
|
59
|
+
DEPRECATED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
|
|
60
|
+
|
|
61
|
+
sig { params(language: String, requirement: T.nilable(Requirement)).void }
|
|
62
|
+
def initialize(language, requirement = nil)
|
|
63
|
+
super(language, Version.new(nil), [], [], requirement)
|
|
64
|
+
end
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
class DotNet < Dependabot::Ecosystem::VersionManager
|
|
68
|
+
extend T::Sig
|
|
69
|
+
|
|
70
|
+
TYPE = "dotnet"
|
|
71
|
+
|
|
72
|
+
SUPPORTED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
|
|
73
|
+
|
|
74
|
+
DEPRECATED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
|
|
75
|
+
|
|
76
|
+
sig { params(language: String, requirement: T.nilable(Requirement)).void }
|
|
77
|
+
def initialize(language, requirement = nil)
|
|
78
|
+
super(language, Version.new(nil), [], [], requirement)
|
|
79
|
+
end
|
|
80
|
+
end
|
|
81
|
+
end
|
|
82
|
+
end
|
|
@@ -81,6 +81,8 @@ module Dependabot
|
|
|
81
81
|
fingerprint = [
|
|
82
82
|
exe_path,
|
|
83
83
|
"discover",
|
|
84
|
+
"--job-path",
|
|
85
|
+
"<job-path>",
|
|
84
86
|
"--repo-root",
|
|
85
87
|
"<repo-root>",
|
|
86
88
|
"--workspace",
|
|
@@ -116,15 +118,17 @@ module Dependabot
|
|
|
116
118
|
end
|
|
117
119
|
|
|
118
120
|
sig do
|
|
119
|
-
params(repo_root: String, discovery_file_path: String, dependency_file_path: String,
|
|
121
|
+
params(job_path: String, repo_root: String, discovery_file_path: String, dependency_file_path: String,
|
|
120
122
|
analysis_folder_path: String).returns([String, String])
|
|
121
123
|
end
|
|
122
|
-
def self.get_nuget_analyze_tool_command(repo_root:, discovery_file_path:, dependency_file_path:,
|
|
124
|
+
def self.get_nuget_analyze_tool_command(job_path:, repo_root:, discovery_file_path:, dependency_file_path:,
|
|
123
125
|
analysis_folder_path:)
|
|
124
126
|
exe_path = File.join(native_helpers_root, "NuGetUpdater", "NuGetUpdater.Cli")
|
|
125
127
|
command_parts = [
|
|
126
128
|
exe_path,
|
|
127
129
|
"analyze",
|
|
130
|
+
"--job-path",
|
|
131
|
+
job_path,
|
|
128
132
|
"--repo-root",
|
|
129
133
|
repo_root,
|
|
130
134
|
"--discovery-file-path",
|
|
@@ -140,6 +144,8 @@ module Dependabot
|
|
|
140
144
|
fingerprint = [
|
|
141
145
|
exe_path,
|
|
142
146
|
"analyze",
|
|
147
|
+
"--job-path",
|
|
148
|
+
"<job-path>",
|
|
143
149
|
"--discovery-file-path",
|
|
144
150
|
"<discovery-file-path>",
|
|
145
151
|
"--dependency-file-path",
|
|
@@ -153,13 +159,14 @@ module Dependabot
|
|
|
153
159
|
|
|
154
160
|
sig do
|
|
155
161
|
params(
|
|
156
|
-
repo_root: String, discovery_file_path: String, dependency_file_path: String,
|
|
162
|
+
job_path: String, repo_root: String, discovery_file_path: String, dependency_file_path: String,
|
|
157
163
|
analysis_folder_path: String, credentials: T::Array[Dependabot::Credential]
|
|
158
164
|
).void
|
|
159
165
|
end
|
|
160
|
-
def self.run_nuget_analyze_tool(repo_root:, discovery_file_path:, dependency_file_path:,
|
|
166
|
+
def self.run_nuget_analyze_tool(job_path:, repo_root:, discovery_file_path:, dependency_file_path:,
|
|
161
167
|
analysis_folder_path:, credentials:)
|
|
162
|
-
(command, fingerprint) = get_nuget_analyze_tool_command(
|
|
168
|
+
(command, fingerprint) = get_nuget_analyze_tool_command(job_path: job_path,
|
|
169
|
+
repo_root: repo_root,
|
|
163
170
|
discovery_file_path: discovery_file_path,
|
|
164
171
|
dependency_file_path: dependency_file_path,
|
|
165
172
|
analysis_folder_path: analysis_folder_path)
|
|
@@ -205,6 +212,8 @@ module Dependabot
|
|
|
205
212
|
fingerprint = [
|
|
206
213
|
exe_path,
|
|
207
214
|
"update",
|
|
215
|
+
"--job-path",
|
|
216
|
+
"<job-path>",
|
|
208
217
|
"--repo-root",
|
|
209
218
|
"<repo-root>",
|
|
210
219
|
"--solution-or-project",
|
|
@@ -260,6 +269,27 @@ module Dependabot
|
|
|
260
269
|
end
|
|
261
270
|
end
|
|
262
271
|
|
|
272
|
+
sig { void }
|
|
273
|
+
def self.install_dotnet_sdks
|
|
274
|
+
return unless Dependabot::Experiments.enabled?(:nuget_install_dotnet_sdks)
|
|
275
|
+
|
|
276
|
+
# environment variables are required and the following will generate an actionable error message if they're not
|
|
277
|
+
_dependabot_job_path = ENV.fetch("DEPENDABOT_JOB_PATH")
|
|
278
|
+
_dependabot_repo_contents_path = ENV.fetch("DEPENDABOT_REPO_CONTENTS_PATH")
|
|
279
|
+
_dotnet_install_script_path = ENV.fetch("DOTNET_INSTALL_SCRIPT_PATH")
|
|
280
|
+
_dotnet_install_dir = ENV.fetch("DOTNET_INSTALL_DIR")
|
|
281
|
+
|
|
282
|
+
# this environment variable is directly used
|
|
283
|
+
dependabot_home = ENV.fetch("DEPENDABOT_HOME")
|
|
284
|
+
|
|
285
|
+
command = [
|
|
286
|
+
"pwsh",
|
|
287
|
+
"#{dependabot_home}/dependabot-updater/bin/install-sdks.ps1"
|
|
288
|
+
].join(" ")
|
|
289
|
+
output = SharedHelpers.run_shell_command(command)
|
|
290
|
+
puts output
|
|
291
|
+
end
|
|
292
|
+
|
|
263
293
|
sig { params(json: T::Hash[String, T.untyped]).void }
|
|
264
294
|
def self.ensure_no_errors(json)
|
|
265
295
|
error_type = T.let(json.fetch("ErrorType", nil), T.nilable(String))
|
|
@@ -267,6 +297,8 @@ module Dependabot
|
|
|
267
297
|
case error_type
|
|
268
298
|
when "None", nil
|
|
269
299
|
# no issue
|
|
300
|
+
when "DependencyFileNotParseable"
|
|
301
|
+
raise DependencyFileNotParseable, T.must(T.let(error_details, T.nilable(String)))
|
|
270
302
|
when "AuthenticationFailure"
|
|
271
303
|
raise PrivateSourceAuthenticationFailure, T.let(error_details, T.nilable(String))
|
|
272
304
|
when "MissingFile"
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
# typed: strong
|
|
2
|
+
# frozen_string_literal: true
|
|
3
|
+
|
|
4
|
+
require "sorbet-runtime"
|
|
5
|
+
require "dependabot/nuget/version"
|
|
6
|
+
require "dependabot/ecosystem"
|
|
7
|
+
require "dependabot/nuget/requirement"
|
|
8
|
+
|
|
9
|
+
module Dependabot
|
|
10
|
+
module Nuget
|
|
11
|
+
ECOSYSTEM = "dotnet"
|
|
12
|
+
|
|
13
|
+
SUPPORTED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
|
|
14
|
+
|
|
15
|
+
DEPRECATED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
|
|
16
|
+
|
|
17
|
+
class NugetPackageManager < Dependabot::Ecosystem::VersionManager
|
|
18
|
+
extend T::Sig
|
|
19
|
+
|
|
20
|
+
NAME = "nuget"
|
|
21
|
+
|
|
22
|
+
SUPPORTED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
|
|
23
|
+
|
|
24
|
+
DEPRECATED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
|
|
25
|
+
|
|
26
|
+
sig do
|
|
27
|
+
params(
|
|
28
|
+
raw_version: T.nilable(String)
|
|
29
|
+
).void
|
|
30
|
+
end
|
|
31
|
+
def initialize(raw_version)
|
|
32
|
+
super(
|
|
33
|
+
NAME,
|
|
34
|
+
Version.new(raw_version),
|
|
35
|
+
SUPPORTED_VERSIONS,
|
|
36
|
+
DEPRECATED_VERSIONS
|
|
37
|
+
)
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
sig { override.returns(T::Boolean) }
|
|
41
|
+
def deprecated?
|
|
42
|
+
false
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
sig { override.returns(T::Boolean) }
|
|
46
|
+
def unsupported?
|
|
47
|
+
false
|
|
48
|
+
end
|
|
49
|
+
end
|
|
50
|
+
end
|
|
51
|
+
end
|
|
@@ -9,6 +9,7 @@
|
|
|
9
9
|
require "sorbet-runtime"
|
|
10
10
|
|
|
11
11
|
require "dependabot/update_checkers/base"
|
|
12
|
+
require "dependabot/nuget/discovery/dependency_details"
|
|
12
13
|
require "dependabot/nuget/version"
|
|
13
14
|
|
|
14
15
|
module Dependabot
|
|
@@ -20,22 +21,18 @@ module Dependabot
|
|
|
20
21
|
sig do
|
|
21
22
|
params(
|
|
22
23
|
requirements: T::Array[T::Hash[Symbol, T.untyped]],
|
|
23
|
-
|
|
24
|
-
source_details: T.nilable(T::Hash[Symbol, T.untyped])
|
|
24
|
+
dependency_details: T.nilable(Dependabot::Nuget::DependencyDetails)
|
|
25
25
|
)
|
|
26
26
|
.void
|
|
27
27
|
end
|
|
28
|
-
def initialize(requirements:,
|
|
28
|
+
def initialize(requirements:, dependency_details:)
|
|
29
29
|
@requirements = requirements
|
|
30
|
-
@
|
|
31
|
-
return unless latest_version
|
|
32
|
-
|
|
33
|
-
@latest_version = T.let(version_class.new(latest_version), Dependabot::Nuget::Version)
|
|
30
|
+
@dependency_details = dependency_details
|
|
34
31
|
end
|
|
35
32
|
|
|
36
33
|
sig { returns(T::Array[T::Hash[Symbol, T.untyped]]) }
|
|
37
34
|
def updated_requirements
|
|
38
|
-
return requirements unless
|
|
35
|
+
return requirements unless clean_version
|
|
39
36
|
|
|
40
37
|
# NOTE: Order is important here. The FileUpdater needs the updated
|
|
41
38
|
# requirement at index `i` to correspond to the previous requirement
|
|
@@ -53,13 +50,21 @@ module Dependabot
|
|
|
53
50
|
# version
|
|
54
51
|
req[:requirement].sub(
|
|
55
52
|
/#{Nuget::Version::VERSION_PATTERN}/o,
|
|
56
|
-
|
|
53
|
+
clean_version.to_s
|
|
57
54
|
)
|
|
58
55
|
end
|
|
59
56
|
|
|
60
57
|
next req if new_req == req.fetch(:requirement)
|
|
61
58
|
|
|
62
|
-
req
|
|
59
|
+
new_source = req[:source]&.dup
|
|
60
|
+
unless @dependency_details.nil?
|
|
61
|
+
new_source = {
|
|
62
|
+
type: "nuget_repo",
|
|
63
|
+
source_url: @dependency_details.info_url
|
|
64
|
+
}
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
req.merge({ requirement: new_req, source: new_source })
|
|
63
68
|
end
|
|
64
69
|
end
|
|
65
70
|
|
|
@@ -68,17 +73,18 @@ module Dependabot
|
|
|
68
73
|
sig { returns(T::Array[T::Hash[Symbol, T.untyped]]) }
|
|
69
74
|
attr_reader :requirements
|
|
70
75
|
|
|
71
|
-
sig { returns(T.nilable(Dependabot::Nuget::Version)) }
|
|
72
|
-
attr_reader :latest_version
|
|
73
|
-
|
|
74
|
-
sig { returns(T.nilable(T::Hash[Symbol, T.untyped])) }
|
|
75
|
-
attr_reader :source_details
|
|
76
|
-
|
|
77
76
|
sig { returns(T.class_of(Dependabot::Nuget::Version)) }
|
|
78
77
|
def version_class
|
|
79
78
|
Dependabot::Nuget::Version
|
|
80
79
|
end
|
|
81
80
|
|
|
81
|
+
sig { returns(T.nilable(Dependabot::Nuget::Version)) }
|
|
82
|
+
def clean_version
|
|
83
|
+
return unless @dependency_details&.version
|
|
84
|
+
|
|
85
|
+
version_class.new(@dependency_details.version)
|
|
86
|
+
end
|
|
87
|
+
|
|
82
88
|
sig { params(req_string: String).returns(String) }
|
|
83
89
|
def update_wildcard_requirement(req_string)
|
|
84
90
|
return req_string if req_string == "*-*"
|
|
@@ -88,21 +94,11 @@ module Dependabot
|
|
|
88
94
|
precision = T.must(req_string.split("*").first).split(/\.|\-/).count
|
|
89
95
|
wildcard_section = req_string.partition(/(?=[.\-]\*)/).last
|
|
90
96
|
|
|
91
|
-
version_parts = T.must(
|
|
97
|
+
version_parts = T.must(clean_version).segments.first(precision)
|
|
92
98
|
version = version_parts.join(".")
|
|
93
99
|
|
|
94
100
|
version + wildcard_section
|
|
95
101
|
end
|
|
96
|
-
|
|
97
|
-
sig { returns(T::Hash[Symbol, T.untyped]) }
|
|
98
|
-
def updated_source
|
|
99
|
-
{
|
|
100
|
-
type: "nuget_repo",
|
|
101
|
-
url: source_details&.fetch(:repo_url),
|
|
102
|
-
nuspec_url: source_details&.fetch(:nuspec_url),
|
|
103
|
-
source_url: source_details&.fetch(:source_url)
|
|
104
|
-
}
|
|
105
|
-
end
|
|
106
102
|
end
|
|
107
103
|
end
|
|
108
104
|
end
|