RubyGems - dependabot-nuget - Versions diffs - 0.289.0 → 0.291.0 - Mend

dependabot-nuget 0.289.0 → 0.291.0

Files changed (97) hide show

data/lib/dependabot/nuget/update_checker.rb CHANGED Viewed

@@ -1,7 +1,8 @@
-# typed: strict
+# typed: strong
 # frozen_string_literal: true
-require "dependabot/nuget/file_parser"
+require "dependabot/nuget/analysis/analysis_json_reader"
+require "dependabot/nuget/discovery/discovery_json_reader"
 require "dependabot/update_checkers"
 require "dependabot/update_checkers/base"
 require "sorbet-runtime"
@@ -11,38 +12,22 @@ module Dependabot
     class UpdateChecker < Dependabot::UpdateCheckers::Base
       extend T::Sig
-      require_relative "update_checker/version_finder"
-      require_relative "update_checker/property_updater"
       require_relative "update_checker/requirements_updater"
-      require_relative "update_checker/dependency_finder"
-      require_relative "native_update_checker/native_update_checker"
-      PROPERTY_REGEX = /\$\((?<property>.*?)\)/
-      sig { returns(T::Boolean) }
-      def self.native_analysis_enabled?
-        Dependabot::Experiments.enabled?(:nuget_native_analysis)
-      end
       sig { override.returns(T.nilable(String)) }
       def latest_version
-        return native_update_checker.latest_version if UpdateChecker.native_analysis_enabled?
         # No need to find latest version for transitive dependencies unless they have a vulnerability.
         return dependency.version if !dependency.top_level? && !vulnerable?
         # if no update sources have the requisite package, then we can only assume that the current version is correct
         @latest_version = T.let(
-          latest_version_details&.fetch(:version)&.to_s || dependency.version,
+          update_analysis.dependency_analysis.updated_version,
           T.nilable(String)
         )
       end
       sig { override.returns(T.nilable(T.any(String, Gem::Version))) }
       def latest_resolvable_version
-        return native_update_checker.latest_resolvable_version if UpdateChecker.native_analysis_enabled?
         # We always want a full unlock since any package update could update peer dependencies as well.
         # To force a full unlock instead of an own unlock, we return nil.
         nil
@@ -50,232 +35,173 @@ module Dependabot
       sig { override.returns(Dependabot::Nuget::Version) }
       def lowest_security_fix_version
-        return native_update_checker.lowest_security_fix_version if UpdateChecker.native_analysis_enabled?
-        lowest_security_fix_version_details&.fetch(:version)
+        update_analysis.dependency_analysis.numeric_updated_version
       end
       sig { override.returns(T.nilable(Dependabot::Nuget::Version)) }
       def lowest_resolvable_security_fix_version
         return nil if version_comes_from_multi_dependency_property?
-        lowest_security_fix_version
+        update_analysis.dependency_analysis.numeric_updated_version
       end
       sig { override.returns(NilClass) }
       def latest_resolvable_version_with_no_unlock
-        return native_update_checker.latest_resolvable_version_with_no_unlock if UpdateChecker.native_analysis_enabled?
         # Irrelevant, since Nuget has a single dependency file
         nil
       end
       sig { override.returns(T::Array[T::Hash[Symbol, T.untyped]]) }
       def updated_requirements
-        return native_update_checker.updated_requirements if UpdateChecker.native_analysis_enabled?
+        dep_details = updated_dependency_details.find { |d| d.name.casecmp?(dependency.name) }
         RequirementsUpdater.new(
           requirements: dependency.requirements,
-          latest_version: preferred_resolvable_version_details&.fetch(:version, nil)&.to_s,
-          source_details: preferred_resolvable_version_details&.slice(:nuspec_url, :repo_url, :source_url)
+          dependency_details: dep_details
         ).updated_requirements
       end
       sig { returns(T::Boolean) }
       def up_to_date?
-        return native_update_checker.up_to_date? if UpdateChecker.native_analysis_enabled?
-        # No need to update transitive dependencies unless they have a vulnerability.
-        return true if !dependency.top_level? && !vulnerable?
-        # If any requirements have an uninterpolated property in them then
-        # that property couldn't be found, and we assume that the dependency
-        # is up-to-date
-        return true unless requirements_unlocked_or_can_be?
-        super
+        !update_analysis.dependency_analysis.can_update
       end
       sig { returns(T::Boolean) }
       def requirements_unlocked_or_can_be?
-        # If any requirements have an uninterpolated property in them then
-        # that property couldn't be found, and the requirement therefore
-        # cannot be unlocked (since we can't update that property)
-        dependency.requirements.none? do |req|
-          req.fetch(:requirement)&.match?(PROPERTY_REGEX)
-        end
+        update_analysis.dependency_analysis.can_update
       end
       private
-      sig { returns(Dependabot::Nuget::NativeUpdateChecker) }
-      def native_update_checker
-        @native_update_checker ||=
-          T.let(
-            Dependabot::Nuget::NativeUpdateChecker.new(
-              dependency: dependency,
-              dependency_files: dependency_files,
-              credentials: credentials,
-              repo_contents_path: repo_contents_path,
-              ignored_versions: ignored_versions,
-              raise_on_ignored: raise_on_ignored,
-              security_advisories: security_advisories,
-              requirements_update_strategy: requirements_update_strategy,
-              dependency_group: dependency_group,
-              options: options
-            ),
-            T.nilable(Dependabot::Nuget::NativeUpdateChecker)
-          )
+      sig { returns(String) }
+      def job_file_path
+        ENV.fetch("DEPENDABOT_JOB_PATH")
       end
-      sig { returns(T.nilable(T::Hash[Symbol, T.untyped])) }
-      def preferred_resolvable_version_details
-        # If this dependency is vulnerable, prefer trying to update to the
-        # lowest_resolvable_security_fix_version. Otherwise update all the way
-        # to the latest_resolvable_version.
-        return lowest_security_fix_version_details if vulnerable?
-        latest_version_details
+      sig { returns(AnalysisJsonReader) }
+      def update_analysis
+        @update_analysis ||= T.let(request_analysis, T.nilable(AnalysisJsonReader))
       end
-      sig { override.returns(T::Boolean) }
-      def latest_version_resolvable_with_full_unlock?
-        if UpdateChecker.native_analysis_enabled?
-          return native_update_checker.public_latest_version_resolvable_with_full_unlock?
-        end
-        # We always want a full unlock since any package update could update peer dependencies as well.
-        return true unless version_comes_from_multi_dependency_property?
-        property_updater.update_possible?
+      sig { returns(String) }
+      def dependency_file_path
+        d = File.join(Dir.tmpdir, "dependency")
+        FileUtils.mkdir_p(d)
+        File.join(d, "#{dependency.name}.json")
       end
-      sig { override.returns(T::Array[Dependabot::Dependency]) }
-      def updated_dependencies_after_full_unlock
-        if UpdateChecker.native_analysis_enabled?
-          return native_update_checker.public_updated_dependencies_after_full_unlock
+      sig { returns(T::Array[String]) }
+      def dependency_file_paths
+        dependency_files.map do |file|
+          DiscoveryJsonReader.dependency_file_path(
+            repo_contents_path: T.must(repo_contents_path),
+            dependency_file: file
+          )
         end
+      end
-        return property_updater.updated_dependencies if version_comes_from_multi_dependency_property?
-        puts "Finding updated dependencies for #{dependency.name}."
-        updated_dependency = Dependency.new(
-          name: dependency.name,
-          version: latest_version,
-          requirements: updated_requirements,
-          previous_version: dependency.version,
-          previous_requirements: dependency.requirements,
-          package_manager: dependency.package_manager
+      sig { returns(AnalysisJsonReader) }
+      def request_analysis
+        discovery_file_path = DiscoveryJsonReader.get_discovery_json_path_for_dependency_file_paths(
+          dependency_file_paths
         )
-        updated_dependencies = [updated_dependency]
-        updated_dependencies += DependencyFinder.new(
-          dependency: updated_dependency,
-          dependency_files: dependency_files,
-          ignored_versions: ignored_versions,
-          credentials: credentials,
-          repo_contents_path: @repo_contents_path
-        ).updated_peer_dependencies
-        updated_dependencies
-      end
+        analysis_folder_path = AnalysisJsonReader.temp_directory
+        write_dependency_info
+        NativeHelpers.run_nuget_analyze_tool(job_path: job_file_path,
+                                             repo_root: T.must(repo_contents_path),
+                                             discovery_file_path: discovery_file_path,
+                                             dependency_file_path: dependency_file_path,
+                                             analysis_folder_path: analysis_folder_path,
+                                             credentials: credentials)
+        analysis_json = AnalysisJsonReader.analysis_json(dependency_name: dependency.name)
+        AnalysisJsonReader.new(analysis_json: T.must(analysis_json))
+      end
+      sig { void }
+      def write_dependency_info
+        dependency_info = {
+          Name: dependency.name,
+          Version: dependency.version.to_s,
+          IsVulnerable: vulnerable?,
+          IgnoredVersions: ignored_versions,
+          Vulnerabilities: security_advisories.map do |vulnerability|
+            {
+              DependencyName: vulnerability.dependency_name,
+              PackageManager: vulnerability.package_manager,
+              VulnerableVersions: vulnerability.vulnerable_versions.map(&:to_s),
+              SafeVersions: vulnerability.safe_versions.map(&:to_s)
+            }
+          end
+        }.to_json
+        dependency_directory = File.dirname(dependency_file_path)
-      sig { returns(T.nilable(T::Hash[Symbol, T.untyped])) }
-      def preferred_version_details
-        return lowest_security_fix_version_details if vulnerable?
+        begin
+          Dir.mkdir(dependency_directory)
+        rescue StandardError
+          nil?
+        end
-        latest_version_details
+        Dependabot.logger.info("Writing dependency info: #{dependency_info}")
+        File.write(dependency_file_path, dependency_info)
       end
-      sig { returns(T.nilable(T::Hash[Symbol, T.untyped])) }
-      def latest_version_details
-        @latest_version_details ||=
-          T.let(
-            version_finder.latest_version_details,
-            T.nilable(T::Hash[Symbol, T.untyped])
-          )
+      sig { returns(Dependabot::FileParsers::Base::DependencySet) }
+      def discovered_dependencies
+        DiscoveryJsonReader.load_discovery_for_dependency_file_paths(dependency_file_paths).dependency_set
       end
-      sig { returns(T.nilable(T::Hash[Symbol, T.untyped])) }
-      def lowest_security_fix_version_details
-        @lowest_security_fix_version_details ||=
-          T.let(
-            version_finder.lowest_security_fix_version_details,
-            T.nilable(T::Hash[Symbol, T.untyped])
-          )
+      sig { override.returns(T::Boolean) }
+      def latest_version_resolvable_with_full_unlock?
+        # We always want a full unlock since any package update could update peer dependencies as well.
+        true
       end
-      sig { returns(Dependabot::Nuget::UpdateChecker::VersionFinder) }
-      def version_finder
-        @version_finder ||=
-          T.let(
-            VersionFinder.new(
-              dependency: dependency,
-              dependency_files: dependency_files,
-              credentials: credentials,
-              ignored_versions: ignored_versions,
-              raise_on_ignored: @raise_on_ignored,
-              security_advisories: security_advisories,
-              repo_contents_path: @repo_contents_path
-            ),
-            T.nilable(Dependabot::Nuget::UpdateChecker::VersionFinder)
-          )
-      end
+      sig { override.returns(T::Array[Dependabot::Dependency]) }
+      def updated_dependencies_after_full_unlock
+        dependencies = discovered_dependencies.dependencies
+        updated_dependency_details.filter_map do |dependency_details|
+          dep = dependencies.find { |d| d.name.casecmp(dependency_details.name)&.zero? }
+          next unless dep
+          metadata = {}
+          # For peer dependencies, instruct updater to not directly update this dependency
+          metadata = { information_only: true } unless dependency.name.casecmp(dependency_details.name)&.zero?
+          # rebuild the new requirements with the updated dependency details
+          updated_reqs = dep.requirements.map do |r|
+            r = r.clone
+            r[:requirement] = dependency_details.version
+            r[:source] = {
+              type: "nuget_repo",
+              source_url: dependency_details.info_url
+            }
+            r
+          end
-      sig { returns(Dependabot::Nuget::UpdateChecker::PropertyUpdater) }
-      def property_updater
-        @property_updater ||=
-          T.let(
-            PropertyUpdater.new(
-              dependency: dependency,
-              dependency_files: dependency_files,
-              target_version_details: latest_version_details,
-              credentials: credentials,
-              ignored_versions: ignored_versions,
-              raise_on_ignored: @raise_on_ignored,
-              repo_contents_path: @repo_contents_path
-            ),
-            T.nilable(Dependabot::Nuget::UpdateChecker::PropertyUpdater)
+          Dependency.new(
+            name: dep.name,
+            version: dependency_details.version,
+            requirements: updated_reqs,
+            previous_version: dep.version,
+            previous_requirements: dep.requirements,
+            package_manager: dep.package_manager,
+            metadata: metadata
           )
-      end
-      sig { returns(T::Boolean) }
-      def version_comes_from_multi_dependency_property?
-        declarations_using_a_property.any? do |requirement|
-          property_name = requirement.fetch(:metadata).fetch(:property_name)
-          all_property_based_dependencies.any? do |dep|
-            next false if dep.name == dependency.name
-            dep.requirements.any? do |req|
-              req.dig(:metadata, :property_name) == property_name
-            end
-          end
         end
       end
-      sig { returns(T::Array[T::Hash[Symbol, T.untyped]]) }
-      def declarations_using_a_property
-        @declarations_using_a_property ||=
-          T.let(
-            dependency.requirements
-                      .select { |req| req.dig(:metadata, :property_name) },
-            T.nilable(T::Array[T::Hash[Symbol, T.untyped]])
-          )
+      sig { returns(T::Array[Dependabot::Nuget::DependencyDetails]) }
+      def updated_dependency_details
+        @updated_dependency_details ||= T.let(update_analysis.dependency_analysis.updated_dependencies,
+                                              T.nilable(T::Array[Dependabot::Nuget::DependencyDetails]))
       end
-      sig { returns(T::Array[Dependabot::Dependency]) }
-      def all_property_based_dependencies
-        @all_property_based_dependencies ||=
-          T.let(
-            Nuget::FileParser.new(
-              dependency_files: dependency_files,
-              repo_contents_path: repo_contents_path,
-              source: nil
-            ).parse.select do |dep|
-              dep.requirements.any? { |req| req.dig(:metadata, :property_name) }
-            end,
-            T.nilable(T::Array[Dependabot::Dependency])
-          )
+      sig { returns(T::Boolean) }
+      def version_comes_from_multi_dependency_property?
+        update_analysis.dependency_analysis.version_comes_from_multi_dependency_property
       end
     end
   end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-nuget
 version: !ruby/object:Gem::Version
-  version: 0.289.0
+  version: 0.291.0
 platform: ruby
 authors:
 - Dependabot
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-12-05 00:00:00.000000000 Z
+date: 2024-12-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.289.0
+        version: 0.291.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.289.0
+        version: 0.291.0
 - !ruby/object:Gem::Dependency
   name: rubyzip
   requirement: !ruby/object:Gem::Requirement
@@ -331,6 +331,7 @@ files:
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/FrameworkChecker/SupportedFrameworkFacts.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/MockNuGetPackage.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/NuGetUpdater.Core.Test.csproj
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/MiscellaneousTests.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/RunWorkerTests.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/SerializationTests.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/TestApiHandler.cs
@@ -370,6 +371,7 @@ files:
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/NuGetContext.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/Requirement.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/RequirementArrayConverter.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/RequirementConverter.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/SecurityVulnerability.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/SecurityVulnerabilityExtensions.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/VersionFinder.cs
@@ -413,10 +415,15 @@ files:
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/NativeResult.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/NuGetUpdater.Core.csproj
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Property.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/Advisory.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/AllowedUpdate.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/CommitOptions.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/Condition.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/CreatePullRequest.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/DependencyFile.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/DependencyFileNotFound.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/DependencyGroup.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/GroupPullRequest.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/IncrementMetric.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/Job.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/JobErrorBase.cs
@@ -425,9 +432,11 @@ files:
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/JobSource.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/MarkAsProcessed.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/PrivateSourceAuthenticationFailure.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/PullRequest.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/ReportedDependency.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/ReportedRequirement.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/RequirementSource.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/RequirementsUpdateStrategy.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/UnknownError.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/UpdateNotPossible.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/UpdatedDependencyList.cs
@@ -435,6 +444,7 @@ files:
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/IApiHandler.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/RunResult.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/RunWorker.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/VersionConverter.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/TargetFrameworkReporter.targets
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/UpdateNotPossibleException.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/BindingRedirectManager.cs
@@ -473,7 +483,6 @@ files:
 - lib/dependabot/nuget/cache_manager.rb
 - lib/dependabot/nuget/discovery/dependency_details.rb
 - lib/dependabot/nuget/discovery/dependency_file_discovery.rb
-- lib/dependabot/nuget/discovery/directory_packages_props_discovery.rb
 - lib/dependabot/nuget/discovery/discovery_json_reader.rb
 - lib/dependabot/nuget/discovery/evaluation_details.rb
 - lib/dependabot/nuget/discovery/project_discovery.rb
@@ -482,40 +491,22 @@ files:
 - lib/dependabot/nuget/file_fetcher.rb
 - lib/dependabot/nuget/file_parser.rb
 - lib/dependabot/nuget/file_updater.rb
-- lib/dependabot/nuget/http_response_helpers.rb
+- lib/dependabot/nuget/language.rb
 - lib/dependabot/nuget/metadata_finder.rb
-- lib/dependabot/nuget/native_discovery/native_dependency_details.rb
-- lib/dependabot/nuget/native_discovery/native_dependency_file_discovery.rb
-- lib/dependabot/nuget/native_discovery/native_discovery_json_reader.rb
-- lib/dependabot/nuget/native_discovery/native_evaluation_details.rb
-- lib/dependabot/nuget/native_discovery/native_project_discovery.rb
-- lib/dependabot/nuget/native_discovery/native_property_details.rb
-- lib/dependabot/nuget/native_discovery/native_workspace_discovery.rb
 - lib/dependabot/nuget/native_helpers.rb
-- lib/dependabot/nuget/native_update_checker/native_requirements_updater.rb
-- lib/dependabot/nuget/native_update_checker/native_update_checker.rb
-- lib/dependabot/nuget/nuget_client.rb
 - lib/dependabot/nuget/nuget_config_credential_helpers.rb
+- lib/dependabot/nuget/package_manager.rb
 - lib/dependabot/nuget/requirement.rb
 - lib/dependabot/nuget/update_checker.rb
-- lib/dependabot/nuget/update_checker/compatibility_checker.rb
-- lib/dependabot/nuget/update_checker/dependency_finder.rb
-- lib/dependabot/nuget/update_checker/nupkg_fetcher.rb
-- lib/dependabot/nuget/update_checker/nuspec_fetcher.rb
-- lib/dependabot/nuget/update_checker/property_updater.rb
-- lib/dependabot/nuget/update_checker/repository_finder.rb
 - lib/dependabot/nuget/update_checker/requirements_updater.rb
-- lib/dependabot/nuget/update_checker/tfm_comparer.rb
-- lib/dependabot/nuget/update_checker/tfm_finder.rb
-- lib/dependabot/nuget/update_checker/version_finder.rb
 - lib/dependabot/nuget/version.rb
 homepage: https://github.com/dependabot/dependabot-core
 licenses:
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.289.0
-post_install_message:
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.291.0
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -531,7 +522,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: 3.1.0
 requirements: []
 rubygems_version: 3.5.9
-signing_key:
+signing_key:
 specification_version: 4
 summary: Provides Dependabot support for .NET (NuGet)
 test_files: []

data/lib/dependabot/nuget/discovery/directory_packages_props_discovery.rb DELETED Viewed

@@ -1,43 +0,0 @@
-# typed: strong
-# frozen_string_literal: true
-require "dependabot/nuget/discovery/dependency_details"
-require "sorbet-runtime"
-module Dependabot
-  module Nuget
-    class DirectoryPackagesPropsDiscovery < DependencyFileDiscovery
-      extend T::Sig
-      sig do
-        params(json: T.nilable(T::Hash[String, T.untyped])).returns(T.nilable(DirectoryPackagesPropsDiscovery))
-      end
-      def self.from_json(json)
-        return nil if json.nil?
-        file_path = T.let(json.fetch("FilePath"), String)
-        is_transitive_pinning_enabled = T.let(json.fetch("IsTransitivePinningEnabled"), T::Boolean)
-        dependencies = T.let(json.fetch("Dependencies"), T::Array[T::Hash[String, T.untyped]]).map do |dep|
-          DependencyDetails.from_json(dep)
-        end
-        DirectoryPackagesPropsDiscovery.new(file_path: file_path,
-                                            is_transitive_pinning_enabled: is_transitive_pinning_enabled,
-                                            dependencies: dependencies)
-      end
-      sig do
-        params(file_path: String,
-               is_transitive_pinning_enabled: T::Boolean,
-               dependencies: T::Array[DependencyDetails]).void
-      end
-      def initialize(file_path:, is_transitive_pinning_enabled:, dependencies:)
-        super(file_path: file_path, dependencies: dependencies)
-        @is_transitive_pinning_enabled = is_transitive_pinning_enabled
-      end
-      sig { returns(T::Boolean) }
-      attr_reader :is_transitive_pinning_enabled
-    end
-  end
-end

data/lib/dependabot/nuget/http_response_helpers.rb DELETED Viewed

@@ -1,19 +0,0 @@
-# typed: strict
-# frozen_string_literal: true
-require "sorbet-runtime"
-module Dependabot
-  module Nuget
-    module HttpResponseHelpers
-      extend T::Sig
-      sig { params(string: String).returns(String) }
-      def self.remove_wrapping_zero_width_chars(string)
-        string.force_encoding("UTF-8").encode
-              .gsub(/\A[\u200B-\u200D\uFEFF]/, "")
-              .gsub(/[\u200B-\u200D\uFEFF]\Z/, "")
-      end
-    end
-  end
-end