dependabot-nuget 0.289.0 → 0.291.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/helpers/lib/NuGetUpdater/Directory.Packages.props +1 -1
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Cli/Commands/AnalyzeCommand.cs +7 -3
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Cli/Commands/RunCommand.cs +1 -1
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Cli.Test/EntryPointTests.Analyze.cs +26 -1
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Cli.Test/EntryPointTests.Discover.cs +2 -1
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Cli.Test/EntryPointTests.Run.cs +0 -6
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Cli.Test/EntryPointTests.Update.cs +1 -1
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/AnalyzeWorker.cs +6 -1
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/CompatabilityChecker.cs +24 -9
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/DependencyFinder.cs +2 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/NuGetContext.cs +0 -13
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/RequirementConverter.cs +17 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/DiscoveryWorker.cs +44 -5
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/PackagesConfigDiscovery.cs +2 -2
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/ProjectDiscoveryResult.cs +2 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/SdkProjectDiscovery.cs +19 -11
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/ErrorType.cs +1 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/ExperimentsManager.cs +3 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/Advisory.cs +13 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/AllowedUpdate.cs +18 -1
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/CommitOptions.cs +8 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/Condition.cs +19 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/DependencyGroup.cs +8 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/GroupPullRequest.cs +9 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/Job.cs +13 -10
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/PullRequest.cs +11 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/RequirementsUpdateStrategy.cs +15 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/RunWorker.cs +24 -4
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/VersionConverter.cs +19 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/BindingRedirectManager.cs +2 -1
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/LockFileUpdater.cs +3 -2
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/PackageReferenceUpdater.cs +43 -18
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/PackagesConfigUpdater.cs +13 -12
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/UpdaterWorker.cs +1 -1
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/JsonHelper.cs +2 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/MSBuildHelper.cs +40 -14
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/NuGetHelper.cs +2 -2
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/ProcessExtensions.cs +45 -7
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/ProjectHelper.cs +2 -2
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Analyze/AnalyzeWorkerTestBase.cs +5 -2
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Discover/DiscoveryWorkerTests.DotNetToolsJson.cs +45 -1
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Discover/DiscoveryWorkerTests.GlobalJson.cs +35 -1
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Discover/DiscoveryWorkerTests.Project.cs +0 -4
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Discover/DiscoveryWorkerTests.cs +41 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Discover/ExpectedDiscoveryResults.cs +1 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Discover/SdkProjectDiscoveryTests.cs +1 -1
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/MockNuGetPackage.cs +2 -1
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/MiscellaneousTests.cs +85 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/RunWorkerTests.cs +7 -31
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/SerializationTests.cs +340 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/TemporaryDirectory.cs +18 -7
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Update/PackagesConfigUpdaterTests.cs +24 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Update/UpdateWorkerTestBase.cs +0 -12
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Update/UpdateWorkerTests.DotNetTools.cs +84 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Update/UpdateWorkerTests.GlobalJson.cs +66 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Update/UpdateWorkerTests.PackageReference.cs +55 -0
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Update/UpdateWorkerTests.PackagesConfig.cs +0 -6
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Utilities/MSBuildHelperTests.cs +785 -755
- data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Utilities/PathHelperTests.cs +2 -2
- data/lib/dependabot/nuget/analysis/analysis_json_reader.rb +1 -1
- data/lib/dependabot/nuget/analysis/dependency_analysis.rb +3 -3
- data/lib/dependabot/nuget/discovery/dependency_details.rb +10 -3
- data/lib/dependabot/nuget/discovery/dependency_file_discovery.rb +8 -12
- data/lib/dependabot/nuget/discovery/discovery_json_reader.rb +214 -29
- data/lib/dependabot/nuget/discovery/project_discovery.rb +41 -8
- data/lib/dependabot/nuget/discovery/workspace_discovery.rb +14 -19
- data/lib/dependabot/nuget/file_fetcher.rb +3 -3
- data/lib/dependabot/nuget/file_parser.rb +92 -3
- data/lib/dependabot/nuget/file_updater.rb +13 -13
- data/lib/dependabot/nuget/language.rb +82 -0
- data/lib/dependabot/nuget/native_helpers.rb +37 -5
- data/lib/dependabot/nuget/package_manager.rb +51 -0
- data/lib/dependabot/nuget/update_checker/requirements_updater.rb +23 -27
- data/lib/dependabot/nuget/update_checker.rb +116 -190
- metadata +20 -29
- data/lib/dependabot/nuget/discovery/directory_packages_props_discovery.rb +0 -43
- data/lib/dependabot/nuget/http_response_helpers.rb +0 -19
- data/lib/dependabot/nuget/native_discovery/native_dependency_details.rb +0 -102
- data/lib/dependabot/nuget/native_discovery/native_dependency_file_discovery.rb +0 -122
- data/lib/dependabot/nuget/native_discovery/native_discovery_json_reader.rb +0 -277
- data/lib/dependabot/nuget/native_discovery/native_evaluation_details.rb +0 -63
- data/lib/dependabot/nuget/native_discovery/native_project_discovery.rb +0 -104
- data/lib/dependabot/nuget/native_discovery/native_property_details.rb +0 -43
- data/lib/dependabot/nuget/native_discovery/native_workspace_discovery.rb +0 -61
- data/lib/dependabot/nuget/native_update_checker/native_requirements_updater.rb +0 -105
- data/lib/dependabot/nuget/native_update_checker/native_update_checker.rb +0 -214
- data/lib/dependabot/nuget/nuget_client.rb +0 -223
- data/lib/dependabot/nuget/update_checker/compatibility_checker.rb +0 -116
- data/lib/dependabot/nuget/update_checker/dependency_finder.rb +0 -297
- data/lib/dependabot/nuget/update_checker/nupkg_fetcher.rb +0 -221
- data/lib/dependabot/nuget/update_checker/nuspec_fetcher.rb +0 -110
- data/lib/dependabot/nuget/update_checker/property_updater.rb +0 -196
- data/lib/dependabot/nuget/update_checker/repository_finder.rb +0 -466
- data/lib/dependabot/nuget/update_checker/tfm_comparer.rb +0 -34
- data/lib/dependabot/nuget/update_checker/tfm_finder.rb +0 -30
- data/lib/dependabot/nuget/update_checker/version_finder.rb +0 -449
|
@@ -4,9 +4,11 @@
|
|
|
4
4
|
require "dependabot/dependency"
|
|
5
5
|
require "dependabot/file_parsers"
|
|
6
6
|
require "dependabot/file_parsers/base"
|
|
7
|
-
require "dependabot/nuget/
|
|
7
|
+
require "dependabot/nuget/discovery/discovery_json_reader"
|
|
8
8
|
require "dependabot/nuget/native_helpers"
|
|
9
9
|
require "sorbet-runtime"
|
|
10
|
+
require "dependabot/nuget/package_manager"
|
|
11
|
+
require "dependabot/nuget/language"
|
|
10
12
|
|
|
11
13
|
# For details on how dotnet handles version constraints, see:
|
|
12
14
|
# https://docs.microsoft.com/en-us/nuget/reference/package-versioning
|
|
@@ -22,14 +24,42 @@ module Dependabot
|
|
|
22
24
|
dependencies
|
|
23
25
|
end
|
|
24
26
|
|
|
27
|
+
sig { returns(Ecosystem) }
|
|
28
|
+
def ecosystem
|
|
29
|
+
@ecosystem ||= T.let(
|
|
30
|
+
Ecosystem.new(
|
|
31
|
+
name: ECOSYSTEM,
|
|
32
|
+
package_manager: package_manager,
|
|
33
|
+
language: language
|
|
34
|
+
),
|
|
35
|
+
T.nilable(Ecosystem)
|
|
36
|
+
)
|
|
37
|
+
end
|
|
38
|
+
|
|
25
39
|
private
|
|
26
40
|
|
|
41
|
+
sig { returns(T.nilable(T::Array[String])) }
|
|
42
|
+
def content_json
|
|
43
|
+
@content_json ||= T.let(begin
|
|
44
|
+
directory = source&.directory || "/"
|
|
45
|
+
discovery_json_reader = DiscoveryJsonReader.run_discovery_in_directory(
|
|
46
|
+
repo_contents_path: T.must(repo_contents_path),
|
|
47
|
+
directory: directory,
|
|
48
|
+
credentials: credentials
|
|
49
|
+
)
|
|
50
|
+
|
|
51
|
+
discovery_json_reader.workspace_discovery&.projects&.map do |framework|
|
|
52
|
+
T.let(framework.instance_variable_get(:@target_frameworks), T::Array[String]).compact.join(",")
|
|
53
|
+
end
|
|
54
|
+
end, T.nilable(T::Array[String]))
|
|
55
|
+
end
|
|
56
|
+
|
|
27
57
|
sig { returns(T::Array[Dependabot::Dependency]) }
|
|
28
58
|
def dependencies
|
|
29
59
|
@dependencies ||= T.let(begin
|
|
30
|
-
|
|
60
|
+
NativeHelpers.install_dotnet_sdks
|
|
31
61
|
directory = source&.directory || "/"
|
|
32
|
-
discovery_json_reader =
|
|
62
|
+
discovery_json_reader = DiscoveryJsonReader.run_discovery_in_directory(
|
|
33
63
|
repo_contents_path: T.must(repo_contents_path),
|
|
34
64
|
directory: directory,
|
|
35
65
|
credentials: credentials
|
|
@@ -54,6 +84,65 @@ module Dependabot
|
|
|
54
84
|
"No project file."
|
|
55
85
|
)
|
|
56
86
|
end
|
|
87
|
+
|
|
88
|
+
sig { returns(T.nilable(Ecosystem::VersionManager)) }
|
|
89
|
+
def language
|
|
90
|
+
# Historically new version of language is released with incremental update of
|
|
91
|
+
# .Net version, so we tie the language with framework version for metric collection
|
|
92
|
+
|
|
93
|
+
nomenclature = "#{language_type} #{framework_version&.join(',')}".strip.tr(" ", "-")
|
|
94
|
+
|
|
95
|
+
Dependabot.logger.info("Detected language and framework #{nomenclature}")
|
|
96
|
+
|
|
97
|
+
case language_type
|
|
98
|
+
|
|
99
|
+
when CSharpLanguage::TYPE
|
|
100
|
+
CSharpLanguage.new(nomenclature)
|
|
101
|
+
|
|
102
|
+
when VBLanguage::TYPE
|
|
103
|
+
VBLanguage.new(nomenclature)
|
|
104
|
+
|
|
105
|
+
when FSharpLanguage::TYPE
|
|
106
|
+
FSharpLanguage.new(nomenclature)
|
|
107
|
+
|
|
108
|
+
when DotNet::TYPE
|
|
109
|
+
DotNet.new(nomenclature)
|
|
110
|
+
|
|
111
|
+
end
|
|
112
|
+
end
|
|
113
|
+
|
|
114
|
+
sig { returns(T.nilable(T::Array[String])) }
|
|
115
|
+
def framework_version
|
|
116
|
+
content_json
|
|
117
|
+
rescue StandardError
|
|
118
|
+
nil
|
|
119
|
+
end
|
|
120
|
+
|
|
121
|
+
sig { returns(T.nilable(String)) }
|
|
122
|
+
def language_type
|
|
123
|
+
requirement_files = dependencies.flat_map do |dep|
|
|
124
|
+
dep.requirements.map { |r| T.let(r.fetch(:file), String) }
|
|
125
|
+
end.uniq
|
|
126
|
+
|
|
127
|
+
return "cs" if requirement_files.any? { |f| File.basename(f).match?(/\.csproj$/) }
|
|
128
|
+
return "vb" if requirement_files.any? { |f| File.basename(f).match?(/\.vbproj$/) }
|
|
129
|
+
return "fs" if requirement_files.any? { |f| File.basename(f).match?(/\.fsproj$/) }
|
|
130
|
+
|
|
131
|
+
# return a fallback to avoid falling to exception
|
|
132
|
+
"dotnet"
|
|
133
|
+
end
|
|
134
|
+
|
|
135
|
+
sig { returns(Ecosystem::VersionManager) }
|
|
136
|
+
def package_manager
|
|
137
|
+
NugetPackageManager.new(T.must(nuget_version))
|
|
138
|
+
end
|
|
139
|
+
|
|
140
|
+
sig { returns(T.nilable(String)) }
|
|
141
|
+
def nuget_version
|
|
142
|
+
SharedHelpers.run_shell_command("dotnet nuget --version").split("Command Line").last&.strip
|
|
143
|
+
rescue StandardError
|
|
144
|
+
nil
|
|
145
|
+
end
|
|
57
146
|
end
|
|
58
147
|
end
|
|
59
148
|
end
|
|
@@ -4,9 +4,9 @@
|
|
|
4
4
|
require "dependabot/dependency_file"
|
|
5
5
|
require "dependabot/file_updaters"
|
|
6
6
|
require "dependabot/file_updaters/base"
|
|
7
|
-
require "dependabot/nuget/
|
|
8
|
-
require "dependabot/nuget/
|
|
9
|
-
require "dependabot/nuget/
|
|
7
|
+
require "dependabot/nuget/discovery/dependency_details"
|
|
8
|
+
require "dependabot/nuget/discovery/discovery_json_reader"
|
|
9
|
+
require "dependabot/nuget/discovery/workspace_discovery"
|
|
10
10
|
require "dependabot/nuget/native_helpers"
|
|
11
11
|
require "dependabot/shared_helpers"
|
|
12
12
|
require "sorbet-runtime"
|
|
@@ -57,7 +57,7 @@ module Dependabot
|
|
|
57
57
|
try_update_projects(dependency) || try_update_json(dependency)
|
|
58
58
|
end
|
|
59
59
|
updated_files = dependency_files.filter_map do |f|
|
|
60
|
-
dependency_file_path =
|
|
60
|
+
dependency_file_path = DiscoveryJsonReader.dependency_file_path(
|
|
61
61
|
repo_contents_path: T.must(repo_contents_path),
|
|
62
62
|
dependency_file: f
|
|
63
63
|
)
|
|
@@ -97,7 +97,7 @@ module Dependabot
|
|
|
97
97
|
# run update for each project file
|
|
98
98
|
project_files.each do |project_file|
|
|
99
99
|
project_dependencies = project_dependencies(project_file)
|
|
100
|
-
dependency_file_path =
|
|
100
|
+
dependency_file_path = DiscoveryJsonReader.dependency_file_path(
|
|
101
101
|
repo_contents_path: T.must(repo_contents_path),
|
|
102
102
|
dependency_file: project_file
|
|
103
103
|
)
|
|
@@ -128,7 +128,7 @@ module Dependabot
|
|
|
128
128
|
|
|
129
129
|
# We just need to feed the updater a project file, grab the first
|
|
130
130
|
project_file = T.must(project_files.first)
|
|
131
|
-
dependency_file_path =
|
|
131
|
+
dependency_file_path = DiscoveryJsonReader.dependency_file_path(
|
|
132
132
|
repo_contents_path: T.must(repo_contents_path),
|
|
133
133
|
dependency_file: project_file
|
|
134
134
|
)
|
|
@@ -168,13 +168,13 @@ module Dependabot
|
|
|
168
168
|
@update_tooling_calls
|
|
169
169
|
end
|
|
170
170
|
|
|
171
|
-
sig { returns(T.nilable(
|
|
171
|
+
sig { returns(T.nilable(WorkspaceDiscovery)) }
|
|
172
172
|
def workspace
|
|
173
173
|
dependency_file_paths = dependency_files.map do |f|
|
|
174
|
-
|
|
175
|
-
|
|
174
|
+
DiscoveryJsonReader.dependency_file_path(repo_contents_path: T.must(repo_contents_path),
|
|
175
|
+
dependency_file: f)
|
|
176
176
|
end
|
|
177
|
-
|
|
177
|
+
DiscoveryJsonReader.load_discovery_for_dependency_file_paths(dependency_file_paths).workspace_discovery
|
|
178
178
|
end
|
|
179
179
|
|
|
180
180
|
sig { params(project_file: Dependabot::DependencyFile).returns(T::Array[String]) }
|
|
@@ -182,7 +182,7 @@ module Dependabot
|
|
|
182
182
|
workspace&.projects&.find { |p| p.file_path == project_file.name }&.referenced_project_paths || []
|
|
183
183
|
end
|
|
184
184
|
|
|
185
|
-
sig { params(project_file: Dependabot::DependencyFile).returns(T::Array[
|
|
185
|
+
sig { params(project_file: Dependabot::DependencyFile).returns(T::Array[DependencyDetails]) }
|
|
186
186
|
def project_dependencies(project_file)
|
|
187
187
|
workspace&.projects&.find do |p|
|
|
188
188
|
full_project_file_path = File.join(project_file.directory, project_file.name)
|
|
@@ -190,12 +190,12 @@ module Dependabot
|
|
|
190
190
|
end&.dependencies || []
|
|
191
191
|
end
|
|
192
192
|
|
|
193
|
-
sig { returns(T::Array[
|
|
193
|
+
sig { returns(T::Array[DependencyDetails]) }
|
|
194
194
|
def global_json_dependencies
|
|
195
195
|
workspace&.global_json&.dependencies || []
|
|
196
196
|
end
|
|
197
197
|
|
|
198
|
-
sig { returns(T::Array[
|
|
198
|
+
sig { returns(T::Array[DependencyDetails]) }
|
|
199
199
|
def dotnet_tools_json_dependencies
|
|
200
200
|
workspace&.dotnet_tools_json&.dependencies || []
|
|
201
201
|
end
|
|
@@ -0,0 +1,82 @@
|
|
|
1
|
+
# typed: strong
|
|
2
|
+
# frozen_string_literal: true
|
|
3
|
+
|
|
4
|
+
require "sorbet-runtime"
|
|
5
|
+
require "dependabot/nuget/version"
|
|
6
|
+
require "dependabot/ecosystem"
|
|
7
|
+
|
|
8
|
+
module Dependabot
|
|
9
|
+
module Nuget
|
|
10
|
+
class Language < Dependabot::Ecosystem::VersionManager
|
|
11
|
+
extend T::Sig
|
|
12
|
+
|
|
13
|
+
sig { params(language: String, raw_version: String, requirement: T.nilable(Requirement)).void }
|
|
14
|
+
def initialize(language, raw_version, requirement = nil)
|
|
15
|
+
super(language, Version.new(raw_version), [], [], requirement)
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
class CSharpLanguage < Dependabot::Ecosystem::VersionManager
|
|
20
|
+
extend T::Sig
|
|
21
|
+
|
|
22
|
+
LANGUAGE = "CSharp"
|
|
23
|
+
TYPE = "cs"
|
|
24
|
+
|
|
25
|
+
SUPPORTED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
|
|
26
|
+
|
|
27
|
+
DEPRECATED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
|
|
28
|
+
|
|
29
|
+
sig { params(language: String, requirement: T.nilable(Requirement)).void }
|
|
30
|
+
def initialize(language, requirement = nil)
|
|
31
|
+
super(language, Version.new(nil), [], [], requirement)
|
|
32
|
+
end
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
class VBLanguage < Dependabot::Ecosystem::VersionManager
|
|
36
|
+
extend T::Sig
|
|
37
|
+
|
|
38
|
+
LANGUAGE = "VB"
|
|
39
|
+
TYPE = "vb"
|
|
40
|
+
|
|
41
|
+
SUPPORTED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
|
|
42
|
+
|
|
43
|
+
DEPRECATED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
|
|
44
|
+
|
|
45
|
+
sig { params(language: String, requirement: T.nilable(Requirement)).void }
|
|
46
|
+
def initialize(language, requirement = nil)
|
|
47
|
+
super(language, Version.new(nil), [], [], requirement)
|
|
48
|
+
end
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
class FSharpLanguage < Dependabot::Ecosystem::VersionManager
|
|
52
|
+
extend T::Sig
|
|
53
|
+
|
|
54
|
+
LANGUAGE = "FSharp"
|
|
55
|
+
TYPE = "fs"
|
|
56
|
+
|
|
57
|
+
SUPPORTED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
|
|
58
|
+
|
|
59
|
+
DEPRECATED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
|
|
60
|
+
|
|
61
|
+
sig { params(language: String, requirement: T.nilable(Requirement)).void }
|
|
62
|
+
def initialize(language, requirement = nil)
|
|
63
|
+
super(language, Version.new(nil), [], [], requirement)
|
|
64
|
+
end
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
class DotNet < Dependabot::Ecosystem::VersionManager
|
|
68
|
+
extend T::Sig
|
|
69
|
+
|
|
70
|
+
TYPE = "dotnet"
|
|
71
|
+
|
|
72
|
+
SUPPORTED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
|
|
73
|
+
|
|
74
|
+
DEPRECATED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
|
|
75
|
+
|
|
76
|
+
sig { params(language: String, requirement: T.nilable(Requirement)).void }
|
|
77
|
+
def initialize(language, requirement = nil)
|
|
78
|
+
super(language, Version.new(nil), [], [], requirement)
|
|
79
|
+
end
|
|
80
|
+
end
|
|
81
|
+
end
|
|
82
|
+
end
|
|
@@ -81,6 +81,8 @@ module Dependabot
|
|
|
81
81
|
fingerprint = [
|
|
82
82
|
exe_path,
|
|
83
83
|
"discover",
|
|
84
|
+
"--job-path",
|
|
85
|
+
"<job-path>",
|
|
84
86
|
"--repo-root",
|
|
85
87
|
"<repo-root>",
|
|
86
88
|
"--workspace",
|
|
@@ -116,15 +118,17 @@ module Dependabot
|
|
|
116
118
|
end
|
|
117
119
|
|
|
118
120
|
sig do
|
|
119
|
-
params(repo_root: String, discovery_file_path: String, dependency_file_path: String,
|
|
121
|
+
params(job_path: String, repo_root: String, discovery_file_path: String, dependency_file_path: String,
|
|
120
122
|
analysis_folder_path: String).returns([String, String])
|
|
121
123
|
end
|
|
122
|
-
def self.get_nuget_analyze_tool_command(repo_root:, discovery_file_path:, dependency_file_path:,
|
|
124
|
+
def self.get_nuget_analyze_tool_command(job_path:, repo_root:, discovery_file_path:, dependency_file_path:,
|
|
123
125
|
analysis_folder_path:)
|
|
124
126
|
exe_path = File.join(native_helpers_root, "NuGetUpdater", "NuGetUpdater.Cli")
|
|
125
127
|
command_parts = [
|
|
126
128
|
exe_path,
|
|
127
129
|
"analyze",
|
|
130
|
+
"--job-path",
|
|
131
|
+
job_path,
|
|
128
132
|
"--repo-root",
|
|
129
133
|
repo_root,
|
|
130
134
|
"--discovery-file-path",
|
|
@@ -140,6 +144,8 @@ module Dependabot
|
|
|
140
144
|
fingerprint = [
|
|
141
145
|
exe_path,
|
|
142
146
|
"analyze",
|
|
147
|
+
"--job-path",
|
|
148
|
+
"<job-path>",
|
|
143
149
|
"--discovery-file-path",
|
|
144
150
|
"<discovery-file-path>",
|
|
145
151
|
"--dependency-file-path",
|
|
@@ -153,13 +159,14 @@ module Dependabot
|
|
|
153
159
|
|
|
154
160
|
sig do
|
|
155
161
|
params(
|
|
156
|
-
repo_root: String, discovery_file_path: String, dependency_file_path: String,
|
|
162
|
+
job_path: String, repo_root: String, discovery_file_path: String, dependency_file_path: String,
|
|
157
163
|
analysis_folder_path: String, credentials: T::Array[Dependabot::Credential]
|
|
158
164
|
).void
|
|
159
165
|
end
|
|
160
|
-
def self.run_nuget_analyze_tool(repo_root:, discovery_file_path:, dependency_file_path:,
|
|
166
|
+
def self.run_nuget_analyze_tool(job_path:, repo_root:, discovery_file_path:, dependency_file_path:,
|
|
161
167
|
analysis_folder_path:, credentials:)
|
|
162
|
-
(command, fingerprint) = get_nuget_analyze_tool_command(
|
|
168
|
+
(command, fingerprint) = get_nuget_analyze_tool_command(job_path: job_path,
|
|
169
|
+
repo_root: repo_root,
|
|
163
170
|
discovery_file_path: discovery_file_path,
|
|
164
171
|
dependency_file_path: dependency_file_path,
|
|
165
172
|
analysis_folder_path: analysis_folder_path)
|
|
@@ -205,6 +212,8 @@ module Dependabot
|
|
|
205
212
|
fingerprint = [
|
|
206
213
|
exe_path,
|
|
207
214
|
"update",
|
|
215
|
+
"--job-path",
|
|
216
|
+
"<job-path>",
|
|
208
217
|
"--repo-root",
|
|
209
218
|
"<repo-root>",
|
|
210
219
|
"--solution-or-project",
|
|
@@ -260,6 +269,27 @@ module Dependabot
|
|
|
260
269
|
end
|
|
261
270
|
end
|
|
262
271
|
|
|
272
|
+
sig { void }
|
|
273
|
+
def self.install_dotnet_sdks
|
|
274
|
+
return unless Dependabot::Experiments.enabled?(:nuget_install_dotnet_sdks)
|
|
275
|
+
|
|
276
|
+
# environment variables are required and the following will generate an actionable error message if they're not
|
|
277
|
+
_dependabot_job_path = ENV.fetch("DEPENDABOT_JOB_PATH")
|
|
278
|
+
_dependabot_repo_contents_path = ENV.fetch("DEPENDABOT_REPO_CONTENTS_PATH")
|
|
279
|
+
_dotnet_install_script_path = ENV.fetch("DOTNET_INSTALL_SCRIPT_PATH")
|
|
280
|
+
_dotnet_install_dir = ENV.fetch("DOTNET_INSTALL_DIR")
|
|
281
|
+
|
|
282
|
+
# this environment variable is directly used
|
|
283
|
+
dependabot_home = ENV.fetch("DEPENDABOT_HOME")
|
|
284
|
+
|
|
285
|
+
command = [
|
|
286
|
+
"pwsh",
|
|
287
|
+
"#{dependabot_home}/dependabot-updater/bin/install-sdks.ps1"
|
|
288
|
+
].join(" ")
|
|
289
|
+
output = SharedHelpers.run_shell_command(command)
|
|
290
|
+
puts output
|
|
291
|
+
end
|
|
292
|
+
|
|
263
293
|
sig { params(json: T::Hash[String, T.untyped]).void }
|
|
264
294
|
def self.ensure_no_errors(json)
|
|
265
295
|
error_type = T.let(json.fetch("ErrorType", nil), T.nilable(String))
|
|
@@ -267,6 +297,8 @@ module Dependabot
|
|
|
267
297
|
case error_type
|
|
268
298
|
when "None", nil
|
|
269
299
|
# no issue
|
|
300
|
+
when "DependencyFileNotParseable"
|
|
301
|
+
raise DependencyFileNotParseable, T.must(T.let(error_details, T.nilable(String)))
|
|
270
302
|
when "AuthenticationFailure"
|
|
271
303
|
raise PrivateSourceAuthenticationFailure, T.let(error_details, T.nilable(String))
|
|
272
304
|
when "MissingFile"
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
# typed: strong
|
|
2
|
+
# frozen_string_literal: true
|
|
3
|
+
|
|
4
|
+
require "sorbet-runtime"
|
|
5
|
+
require "dependabot/nuget/version"
|
|
6
|
+
require "dependabot/ecosystem"
|
|
7
|
+
require "dependabot/nuget/requirement"
|
|
8
|
+
|
|
9
|
+
module Dependabot
|
|
10
|
+
module Nuget
|
|
11
|
+
ECOSYSTEM = "dotnet"
|
|
12
|
+
|
|
13
|
+
SUPPORTED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
|
|
14
|
+
|
|
15
|
+
DEPRECATED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
|
|
16
|
+
|
|
17
|
+
class NugetPackageManager < Dependabot::Ecosystem::VersionManager
|
|
18
|
+
extend T::Sig
|
|
19
|
+
|
|
20
|
+
NAME = "nuget"
|
|
21
|
+
|
|
22
|
+
SUPPORTED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
|
|
23
|
+
|
|
24
|
+
DEPRECATED_VERSIONS = T.let([].freeze, T::Array[Dependabot::Version])
|
|
25
|
+
|
|
26
|
+
sig do
|
|
27
|
+
params(
|
|
28
|
+
raw_version: T.nilable(String)
|
|
29
|
+
).void
|
|
30
|
+
end
|
|
31
|
+
def initialize(raw_version)
|
|
32
|
+
super(
|
|
33
|
+
NAME,
|
|
34
|
+
Version.new(raw_version),
|
|
35
|
+
SUPPORTED_VERSIONS,
|
|
36
|
+
DEPRECATED_VERSIONS
|
|
37
|
+
)
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
sig { override.returns(T::Boolean) }
|
|
41
|
+
def deprecated?
|
|
42
|
+
false
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
sig { override.returns(T::Boolean) }
|
|
46
|
+
def unsupported?
|
|
47
|
+
false
|
|
48
|
+
end
|
|
49
|
+
end
|
|
50
|
+
end
|
|
51
|
+
end
|
|
@@ -9,6 +9,7 @@
|
|
|
9
9
|
require "sorbet-runtime"
|
|
10
10
|
|
|
11
11
|
require "dependabot/update_checkers/base"
|
|
12
|
+
require "dependabot/nuget/discovery/dependency_details"
|
|
12
13
|
require "dependabot/nuget/version"
|
|
13
14
|
|
|
14
15
|
module Dependabot
|
|
@@ -20,22 +21,18 @@ module Dependabot
|
|
|
20
21
|
sig do
|
|
21
22
|
params(
|
|
22
23
|
requirements: T::Array[T::Hash[Symbol, T.untyped]],
|
|
23
|
-
|
|
24
|
-
source_details: T.nilable(T::Hash[Symbol, T.untyped])
|
|
24
|
+
dependency_details: T.nilable(Dependabot::Nuget::DependencyDetails)
|
|
25
25
|
)
|
|
26
26
|
.void
|
|
27
27
|
end
|
|
28
|
-
def initialize(requirements:,
|
|
28
|
+
def initialize(requirements:, dependency_details:)
|
|
29
29
|
@requirements = requirements
|
|
30
|
-
@
|
|
31
|
-
return unless latest_version
|
|
32
|
-
|
|
33
|
-
@latest_version = T.let(version_class.new(latest_version), Dependabot::Nuget::Version)
|
|
30
|
+
@dependency_details = dependency_details
|
|
34
31
|
end
|
|
35
32
|
|
|
36
33
|
sig { returns(T::Array[T::Hash[Symbol, T.untyped]]) }
|
|
37
34
|
def updated_requirements
|
|
38
|
-
return requirements unless
|
|
35
|
+
return requirements unless clean_version
|
|
39
36
|
|
|
40
37
|
# NOTE: Order is important here. The FileUpdater needs the updated
|
|
41
38
|
# requirement at index `i` to correspond to the previous requirement
|
|
@@ -53,13 +50,21 @@ module Dependabot
|
|
|
53
50
|
# version
|
|
54
51
|
req[:requirement].sub(
|
|
55
52
|
/#{Nuget::Version::VERSION_PATTERN}/o,
|
|
56
|
-
|
|
53
|
+
clean_version.to_s
|
|
57
54
|
)
|
|
58
55
|
end
|
|
59
56
|
|
|
60
57
|
next req if new_req == req.fetch(:requirement)
|
|
61
58
|
|
|
62
|
-
req
|
|
59
|
+
new_source = req[:source]&.dup
|
|
60
|
+
unless @dependency_details.nil?
|
|
61
|
+
new_source = {
|
|
62
|
+
type: "nuget_repo",
|
|
63
|
+
source_url: @dependency_details.info_url
|
|
64
|
+
}
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
req.merge({ requirement: new_req, source: new_source })
|
|
63
68
|
end
|
|
64
69
|
end
|
|
65
70
|
|
|
@@ -68,17 +73,18 @@ module Dependabot
|
|
|
68
73
|
sig { returns(T::Array[T::Hash[Symbol, T.untyped]]) }
|
|
69
74
|
attr_reader :requirements
|
|
70
75
|
|
|
71
|
-
sig { returns(T.nilable(Dependabot::Nuget::Version)) }
|
|
72
|
-
attr_reader :latest_version
|
|
73
|
-
|
|
74
|
-
sig { returns(T.nilable(T::Hash[Symbol, T.untyped])) }
|
|
75
|
-
attr_reader :source_details
|
|
76
|
-
|
|
77
76
|
sig { returns(T.class_of(Dependabot::Nuget::Version)) }
|
|
78
77
|
def version_class
|
|
79
78
|
Dependabot::Nuget::Version
|
|
80
79
|
end
|
|
81
80
|
|
|
81
|
+
sig { returns(T.nilable(Dependabot::Nuget::Version)) }
|
|
82
|
+
def clean_version
|
|
83
|
+
return unless @dependency_details&.version
|
|
84
|
+
|
|
85
|
+
version_class.new(@dependency_details.version)
|
|
86
|
+
end
|
|
87
|
+
|
|
82
88
|
sig { params(req_string: String).returns(String) }
|
|
83
89
|
def update_wildcard_requirement(req_string)
|
|
84
90
|
return req_string if req_string == "*-*"
|
|
@@ -88,21 +94,11 @@ module Dependabot
|
|
|
88
94
|
precision = T.must(req_string.split("*").first).split(/\.|\-/).count
|
|
89
95
|
wildcard_section = req_string.partition(/(?=[.\-]\*)/).last
|
|
90
96
|
|
|
91
|
-
version_parts = T.must(
|
|
97
|
+
version_parts = T.must(clean_version).segments.first(precision)
|
|
92
98
|
version = version_parts.join(".")
|
|
93
99
|
|
|
94
100
|
version + wildcard_section
|
|
95
101
|
end
|
|
96
|
-
|
|
97
|
-
sig { returns(T::Hash[Symbol, T.untyped]) }
|
|
98
|
-
def updated_source
|
|
99
|
-
{
|
|
100
|
-
type: "nuget_repo",
|
|
101
|
-
url: source_details&.fetch(:repo_url),
|
|
102
|
-
nuspec_url: source_details&.fetch(:nuspec_url),
|
|
103
|
-
source_url: source_details&.fetch(:source_url)
|
|
104
|
-
}
|
|
105
|
-
end
|
|
106
102
|
end
|
|
107
103
|
end
|
|
108
104
|
end
|