RubyGems - dependabot-nuget - Versions diffs - 0.289.0 → 0.291.0 - Mend

dependabot-nuget 0.289.0 → 0.291.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (97) hide show

data/lib/dependabot/nuget/update_checker.rb CHANGED Viewed

@@ -1,7 +1,8 @@
-# typed: strict
+# typed: strong
 # frozen_string_literal: true
-require "dependabot/nuget/file_parser"
+require "dependabot/nuget/analysis/analysis_json_reader"
+require "dependabot/nuget/discovery/discovery_json_reader"
 require "dependabot/update_checkers"
 require "dependabot/update_checkers/base"
 require "sorbet-runtime"
@@ -11,38 +12,22 @@ module Dependabot
     class UpdateChecker < Dependabot::UpdateCheckers::Base
       extend T::Sig
-      require_relative "update_checker/version_finder"
-      require_relative "update_checker/property_updater"
       require_relative "update_checker/requirements_updater"
-      require_relative "update_checker/dependency_finder"
-      require_relative "native_update_checker/native_update_checker"
-      PROPERTY_REGEX = /\$\((?<property>.*?)\)/
-      sig { returns(T::Boolean) }
-      def self.native_analysis_enabled?
-        Dependabot::Experiments.enabled?(:nuget_native_analysis)
-      end
       sig { override.returns(T.nilable(String)) }
       def latest_version
-        return native_update_checker.latest_version if UpdateChecker.native_analysis_enabled?
         # No need to find latest version for transitive dependencies unless they have a vulnerability.
         return dependency.version if !dependency.top_level? && !vulnerable?
         # if no update sources have the requisite package, then we can only assume that the current version is correct
         @latest_version = T.let(
-          latest_version_details&.fetch(:version)&.to_s || dependency.version,
+          update_analysis.dependency_analysis.updated_version,
           T.nilable(String)
         )
       end
       sig { override.returns(T.nilable(T.any(String, Gem::Version))) }
       def latest_resolvable_version
-        return native_update_checker.latest_resolvable_version if UpdateChecker.native_analysis_enabled?
         # We always want a full unlock since any package update could update peer dependencies as well.
         # To force a full unlock instead of an own unlock, we return nil.
         nil
@@ -50,232 +35,173 @@ module Dependabot
       sig { override.returns(Dependabot::Nuget::Version) }
       def lowest_security_fix_version
-        return native_update_checker.lowest_security_fix_version if UpdateChecker.native_analysis_enabled?
-        lowest_security_fix_version_details&.fetch(:version)
+        update_analysis.dependency_analysis.numeric_updated_version
       end
       sig { override.returns(T.nilable(Dependabot::Nuget::Version)) }
       def lowest_resolvable_security_fix_version
         return nil if version_comes_from_multi_dependency_property?
-        lowest_security_fix_version
+        update_analysis.dependency_analysis.numeric_updated_version
       end
       sig { override.returns(NilClass) }
       def latest_resolvable_version_with_no_unlock
-        return native_update_checker.latest_resolvable_version_with_no_unlock if UpdateChecker.native_analysis_enabled?
         # Irrelevant, since Nuget has a single dependency file
         nil
       end
       sig { override.returns(T::Array[T::Hash[Symbol, T.untyped]]) }
       def updated_requirements
-        return native_update_checker.updated_requirements if UpdateChecker.native_analysis_enabled?
+        dep_details = updated_dependency_details.find { |d| d.name.casecmp?(dependency.name) }
         RequirementsUpdater.new(
           requirements: dependency.requirements,
-          latest_version: preferred_resolvable_version_details&.fetch(:version, nil)&.to_s,
-          source_details: preferred_resolvable_version_details&.slice(:nuspec_url, :repo_url, :source_url)
+          dependency_details: dep_details
         ).updated_requirements
       end
       sig { returns(T::Boolean) }
       def up_to_date?
-        return native_update_checker.up_to_date? if UpdateChecker.native_analysis_enabled?
-        # No need to update transitive dependencies unless they have a vulnerability.
-        return true if !dependency.top_level? && !vulnerable?
-        # If any requirements have an uninterpolated property in them then
-        # that property couldn't be found, and we assume that the dependency
-        # is up-to-date
-        return true unless requirements_unlocked_or_can_be?
-        super
+        !update_analysis.dependency_analysis.can_update
       end
       sig { returns(T::Boolean) }
       def requirements_unlocked_or_can_be?
-        # If any requirements have an uninterpolated property in them then
-        # that property couldn't be found, and the requirement therefore
-        # cannot be unlocked (since we can't update that property)
-        dependency.requirements.none? do |req|
-          req.fetch(:requirement)&.match?(PROPERTY_REGEX)
-        end
+        update_analysis.dependency_analysis.can_update
       end
       private
-      sig { returns(Dependabot::Nuget::NativeUpdateChecker) }
-      def native_update_checker
-        @native_update_checker ||=
-          T.let(
-            Dependabot::Nuget::NativeUpdateChecker.new(
-              dependency: dependency,
-              dependency_files: dependency_files,
-              credentials: credentials,
-              repo_contents_path: repo_contents_path,
-              ignored_versions: ignored_versions,
-              raise_on_ignored: raise_on_ignored,
-              security_advisories: security_advisories,
-              requirements_update_strategy: requirements_update_strategy,
-              dependency_group: dependency_group,
-              options: options
-            ),
-            T.nilable(Dependabot::Nuget::NativeUpdateChecker)
-          )
+      sig { returns(String) }
+      def job_file_path
+        ENV.fetch("DEPENDABOT_JOB_PATH")
       end
-      sig { returns(T.nilable(T::Hash[Symbol, T.untyped])) }
-      def preferred_resolvable_version_details
-        # If this dependency is vulnerable, prefer trying to update to the
-        # lowest_resolvable_security_fix_version. Otherwise update all the way
-        # to the latest_resolvable_version.
-        return lowest_security_fix_version_details if vulnerable?
-        latest_version_details
+      sig { returns(AnalysisJsonReader) }
+      def update_analysis
+        @update_analysis ||= T.let(request_analysis, T.nilable(AnalysisJsonReader))
       end
-      sig { override.returns(T::Boolean) }
-      def latest_version_resolvable_with_full_unlock?
-        if UpdateChecker.native_analysis_enabled?
-          return native_update_checker.public_latest_version_resolvable_with_full_unlock?
-        end
-        # We always want a full unlock since any package update could update peer dependencies as well.
-        return true unless version_comes_from_multi_dependency_property?
-        property_updater.update_possible?
+      sig { returns(String) }
+      def dependency_file_path
+        d = File.join(Dir.tmpdir, "dependency")
+        FileUtils.mkdir_p(d)
+        File.join(d, "#{dependency.name}.json")
       end
-      sig { override.returns(T::Array[Dependabot::Dependency]) }
-      def updated_dependencies_after_full_unlock
-        if UpdateChecker.native_analysis_enabled?
-          return native_update_checker.public_updated_dependencies_after_full_unlock
+      sig { returns(T::Array[String]) }
+      def dependency_file_paths
+        dependency_files.map do |file|
+          DiscoveryJsonReader.dependency_file_path(
+            repo_contents_path: T.must(repo_contents_path),
+            dependency_file: file
+          )
         end
+      end
-        return property_updater.updated_dependencies if version_comes_from_multi_dependency_property?
-        puts "Finding updated dependencies for #{dependency.name}."
-        updated_dependency = Dependency.new(
-          name: dependency.name,
-          version: latest_version,
-          requirements: updated_requirements,
-          previous_version: dependency.version,
-          previous_requirements: dependency.requirements,
-          package_manager: dependency.package_manager
+      sig { returns(AnalysisJsonReader) }
+      def request_analysis
+        discovery_file_path = DiscoveryJsonReader.get_discovery_json_path_for_dependency_file_paths(
+          dependency_file_paths
         )
-        updated_dependencies = [updated_dependency]
-        updated_dependencies += DependencyFinder.new(
-          dependency: updated_dependency,
-          dependency_files: dependency_files,
-          ignored_versions: ignored_versions,
-          credentials: credentials,
-          repo_contents_path: @repo_contents_path
-        ).updated_peer_dependencies
-        updated_dependencies
-      end
+        analysis_folder_path = AnalysisJsonReader.temp_directory
+        write_dependency_info
+        NativeHelpers.run_nuget_analyze_tool(job_path: job_file_path,
+                                             repo_root: T.must(repo_contents_path),
+                                             discovery_file_path: discovery_file_path,
+                                             dependency_file_path: dependency_file_path,
+                                             analysis_folder_path: analysis_folder_path,
+                                             credentials: credentials)
+        analysis_json = AnalysisJsonReader.analysis_json(dependency_name: dependency.name)
+        AnalysisJsonReader.new(analysis_json: T.must(analysis_json))
+      end
+      sig { void }
+      def write_dependency_info
+        dependency_info = {
+          Name: dependency.name,
+          Version: dependency.version.to_s,
+          IsVulnerable: vulnerable?,
+          IgnoredVersions: ignored_versions,
+          Vulnerabilities: security_advisories.map do |vulnerability|
+            {
+              DependencyName: vulnerability.dependency_name,
+              PackageManager: vulnerability.package_manager,
+              VulnerableVersions: vulnerability.vulnerable_versions.map(&:to_s),
+              SafeVersions: vulnerability.safe_versions.map(&:to_s)
+            }
+          end
+        }.to_json
+        dependency_directory = File.dirname(dependency_file_path)
-      sig { returns(T.nilable(T::Hash[Symbol, T.untyped])) }
-      def preferred_version_details
-        return lowest_security_fix_version_details if vulnerable?
+        begin
+          Dir.mkdir(dependency_directory)
+        rescue StandardError
+          nil?
+        end
-        latest_version_details
+        Dependabot.logger.info("Writing dependency info: #{dependency_info}")
+        File.write(dependency_file_path, dependency_info)
       end
-      sig { returns(T.nilable(T::Hash[Symbol, T.untyped])) }
-      def latest_version_details
-        @latest_version_details ||=
-          T.let(
-            version_finder.latest_version_details,
-            T.nilable(T::Hash[Symbol, T.untyped])
-          )
+      sig { returns(Dependabot::FileParsers::Base::DependencySet) }
+      def discovered_dependencies
+        DiscoveryJsonReader.load_discovery_for_dependency_file_paths(dependency_file_paths).dependency_set
       end
-      sig { returns(T.nilable(T::Hash[Symbol, T.untyped])) }
-      def lowest_security_fix_version_details
-        @lowest_security_fix_version_details ||=
-          T.let(
-            version_finder.lowest_security_fix_version_details,
-            T.nilable(T::Hash[Symbol, T.untyped])
-          )
+      sig { override.returns(T::Boolean) }
+      def latest_version_resolvable_with_full_unlock?
+        # We always want a full unlock since any package update could update peer dependencies as well.
+        true
       end
-      sig { returns(Dependabot::Nuget::UpdateChecker::VersionFinder) }
-      def version_finder
-        @version_finder ||=
-          T.let(
-            VersionFinder.new(
-              dependency: dependency,
-              dependency_files: dependency_files,
-              credentials: credentials,
-              ignored_versions: ignored_versions,
-              raise_on_ignored: @raise_on_ignored,
-              security_advisories: security_advisories,
-              repo_contents_path: @repo_contents_path
-            ),
-            T.nilable(Dependabot::Nuget::UpdateChecker::VersionFinder)
-          )
-      end
+      sig { override.returns(T::Array[Dependabot::Dependency]) }
+      def updated_dependencies_after_full_unlock
+        dependencies = discovered_dependencies.dependencies
+        updated_dependency_details.filter_map do |dependency_details|
+          dep = dependencies.find { |d| d.name.casecmp(dependency_details.name)&.zero? }
+          next unless dep
+          metadata = {}
+          # For peer dependencies, instruct updater to not directly update this dependency
+          metadata = { information_only: true } unless dependency.name.casecmp(dependency_details.name)&.zero?
+          # rebuild the new requirements with the updated dependency details
+          updated_reqs = dep.requirements.map do |r|
+            r = r.clone
+            r[:requirement] = dependency_details.version
+            r[:source] = {
+              type: "nuget_repo",
+              source_url: dependency_details.info_url
+            }
+            r
+          end
-      sig { returns(Dependabot::Nuget::UpdateChecker::PropertyUpdater) }
-      def property_updater
-        @property_updater ||=
-          T.let(
-            PropertyUpdater.new(
-              dependency: dependency,
-              dependency_files: dependency_files,
-              target_version_details: latest_version_details,
-              credentials: credentials,
-              ignored_versions: ignored_versions,
-              raise_on_ignored: @raise_on_ignored,
-              repo_contents_path: @repo_contents_path
-            ),
-            T.nilable(Dependabot::Nuget::UpdateChecker::PropertyUpdater)
+          Dependency.new(
+            name: dep.name,
+            version: dependency_details.version,
+            requirements: updated_reqs,
+            previous_version: dep.version,
+            previous_requirements: dep.requirements,
+            package_manager: dep.package_manager,
+            metadata: metadata
           )
-      end
-      sig { returns(T::Boolean) }
-      def version_comes_from_multi_dependency_property?
-        declarations_using_a_property.any? do |requirement|
-          property_name = requirement.fetch(:metadata).fetch(:property_name)
-          all_property_based_dependencies.any? do |dep|
-            next false if dep.name == dependency.name
-            dep.requirements.any? do |req|
-              req.dig(:metadata, :property_name) == property_name
-            end
-          end
         end
       end
-      sig { returns(T::Array[T::Hash[Symbol, T.untyped]]) }
-      def declarations_using_a_property
-        @declarations_using_a_property ||=
-          T.let(
-            dependency.requirements
-                      .select { |req| req.dig(:metadata, :property_name) },
-            T.nilable(T::Array[T::Hash[Symbol, T.untyped]])
-          )
+      sig { returns(T::Array[Dependabot::Nuget::DependencyDetails]) }
+      def updated_dependency_details
+        @updated_dependency_details ||= T.let(update_analysis.dependency_analysis.updated_dependencies,
+                                              T.nilable(T::Array[Dependabot::Nuget::DependencyDetails]))
       end
-      sig { returns(T::Array[Dependabot::Dependency]) }
-      def all_property_based_dependencies
-        @all_property_based_dependencies ||=
-          T.let(
-            Nuget::FileParser.new(
-              dependency_files: dependency_files,
-              repo_contents_path: repo_contents_path,
-              source: nil
-            ).parse.select do |dep|
-              dep.requirements.any? { |req| req.dig(:metadata, :property_name) }
-            end,
-            T.nilable(T::Array[Dependabot::Dependency])
-          )
+      sig { returns(T::Boolean) }
+      def version_comes_from_multi_dependency_property?
+        update_analysis.dependency_analysis.version_comes_from_multi_dependency_property
       end
     end
   end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-nuget
 version: !ruby/object:Gem::Version
-  version: 0.289.0
+  version: 0.291.0
 platform: ruby
 authors:
 - Dependabot
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-12-05 00:00:00.000000000 Z
+date: 2024-12-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.289.0
+        version: 0.291.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.289.0
+        version: 0.291.0
 - !ruby/object:Gem::Dependency
   name: rubyzip
   requirement: !ruby/object:Gem::Requirement
@@ -331,6 +331,7 @@ files:
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/FrameworkChecker/SupportedFrameworkFacts.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/MockNuGetPackage.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/NuGetUpdater.Core.Test.csproj
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/MiscellaneousTests.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/RunWorkerTests.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/SerializationTests.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/TestApiHandler.cs
@@ -370,6 +371,7 @@ files:
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/NuGetContext.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/Requirement.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/RequirementArrayConverter.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/RequirementConverter.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/SecurityVulnerability.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/SecurityVulnerabilityExtensions.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/VersionFinder.cs
@@ -413,10 +415,15 @@ files:
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/NativeResult.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/NuGetUpdater.Core.csproj
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Property.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/Advisory.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/AllowedUpdate.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/CommitOptions.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/Condition.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/CreatePullRequest.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/DependencyFile.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/DependencyFileNotFound.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/DependencyGroup.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/GroupPullRequest.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/IncrementMetric.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/Job.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/JobErrorBase.cs
@@ -425,9 +432,11 @@ files:
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/JobSource.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/MarkAsProcessed.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/PrivateSourceAuthenticationFailure.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/PullRequest.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/ReportedDependency.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/ReportedRequirement.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/RequirementSource.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/RequirementsUpdateStrategy.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/UnknownError.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/UpdateNotPossible.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/UpdatedDependencyList.cs
@@ -435,6 +444,7 @@ files:
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/IApiHandler.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/RunResult.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/RunWorker.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/VersionConverter.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/TargetFrameworkReporter.targets
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/UpdateNotPossibleException.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/BindingRedirectManager.cs
@@ -473,7 +483,6 @@ files:
 - lib/dependabot/nuget/cache_manager.rb
 - lib/dependabot/nuget/discovery/dependency_details.rb
 - lib/dependabot/nuget/discovery/dependency_file_discovery.rb
-- lib/dependabot/nuget/discovery/directory_packages_props_discovery.rb
 - lib/dependabot/nuget/discovery/discovery_json_reader.rb
 - lib/dependabot/nuget/discovery/evaluation_details.rb
 - lib/dependabot/nuget/discovery/project_discovery.rb
@@ -482,40 +491,22 @@ files:
 - lib/dependabot/nuget/file_fetcher.rb
 - lib/dependabot/nuget/file_parser.rb
 - lib/dependabot/nuget/file_updater.rb
-- lib/dependabot/nuget/http_response_helpers.rb
+- lib/dependabot/nuget/language.rb
 - lib/dependabot/nuget/metadata_finder.rb
-- lib/dependabot/nuget/native_discovery/native_dependency_details.rb
-- lib/dependabot/nuget/native_discovery/native_dependency_file_discovery.rb
-- lib/dependabot/nuget/native_discovery/native_discovery_json_reader.rb
-- lib/dependabot/nuget/native_discovery/native_evaluation_details.rb
-- lib/dependabot/nuget/native_discovery/native_project_discovery.rb
-- lib/dependabot/nuget/native_discovery/native_property_details.rb
-- lib/dependabot/nuget/native_discovery/native_workspace_discovery.rb
 - lib/dependabot/nuget/native_helpers.rb
-- lib/dependabot/nuget/native_update_checker/native_requirements_updater.rb
-- lib/dependabot/nuget/native_update_checker/native_update_checker.rb
-- lib/dependabot/nuget/nuget_client.rb
 - lib/dependabot/nuget/nuget_config_credential_helpers.rb
+- lib/dependabot/nuget/package_manager.rb
 - lib/dependabot/nuget/requirement.rb
 - lib/dependabot/nuget/update_checker.rb
-- lib/dependabot/nuget/update_checker/compatibility_checker.rb
-- lib/dependabot/nuget/update_checker/dependency_finder.rb
-- lib/dependabot/nuget/update_checker/nupkg_fetcher.rb
-- lib/dependabot/nuget/update_checker/nuspec_fetcher.rb
-- lib/dependabot/nuget/update_checker/property_updater.rb
-- lib/dependabot/nuget/update_checker/repository_finder.rb
 - lib/dependabot/nuget/update_checker/requirements_updater.rb
-- lib/dependabot/nuget/update_checker/tfm_comparer.rb
-- lib/dependabot/nuget/update_checker/tfm_finder.rb
-- lib/dependabot/nuget/update_checker/version_finder.rb
 - lib/dependabot/nuget/version.rb
 homepage: https://github.com/dependabot/dependabot-core
 licenses:
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.289.0
-post_install_message:
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.291.0
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -531,7 +522,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: 3.1.0
 requirements: []
 rubygems_version: 3.5.9
-signing_key:
+signing_key:
 specification_version: 4
 summary: Provides Dependabot support for .NET (NuGet)
 test_files: []

data/lib/dependabot/nuget/discovery/directory_packages_props_discovery.rb DELETED Viewed

@@ -1,43 +0,0 @@
-# typed: strong
-# frozen_string_literal: true
-require "dependabot/nuget/discovery/dependency_details"
-require "sorbet-runtime"
-module Dependabot
-  module Nuget
-    class DirectoryPackagesPropsDiscovery < DependencyFileDiscovery
-      extend T::Sig
-      sig do
-        params(json: T.nilable(T::Hash[String, T.untyped])).returns(T.nilable(DirectoryPackagesPropsDiscovery))
-      end
-      def self.from_json(json)
-        return nil if json.nil?
-        file_path = T.let(json.fetch("FilePath"), String)
-        is_transitive_pinning_enabled = T.let(json.fetch("IsTransitivePinningEnabled"), T::Boolean)
-        dependencies = T.let(json.fetch("Dependencies"), T::Array[T::Hash[String, T.untyped]]).map do |dep|
-          DependencyDetails.from_json(dep)
-        end
-        DirectoryPackagesPropsDiscovery.new(file_path: file_path,
-                                            is_transitive_pinning_enabled: is_transitive_pinning_enabled,
-                                            dependencies: dependencies)
-      end
-      sig do
-        params(file_path: String,
-               is_transitive_pinning_enabled: T::Boolean,
-               dependencies: T::Array[DependencyDetails]).void
-      end
-      def initialize(file_path:, is_transitive_pinning_enabled:, dependencies:)
-        super(file_path: file_path, dependencies: dependencies)
-        @is_transitive_pinning_enabled = is_transitive_pinning_enabled
-      end
-      sig { returns(T::Boolean) }
-      attr_reader :is_transitive_pinning_enabled
-    end
-  end
-end

data/lib/dependabot/nuget/http_response_helpers.rb DELETED Viewed

@@ -1,19 +0,0 @@
-# typed: strict
-# frozen_string_literal: true
-require "sorbet-runtime"
-module Dependabot
-  module Nuget
-    module HttpResponseHelpers
-      extend T::Sig
-      sig { params(string: String).returns(String) }
-      def self.remove_wrapping_zero_width_chars(string)
-        string.force_encoding("UTF-8").encode
-              .gsub(/\A[\u200B-\u200D\uFEFF]/, "")
-              .gsub(/[\u200B-\u200D\uFEFF]\Z/, "")
-      end
-    end
-  end
-end