dependabot-nuget 0.300.0 → 0.301.0

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/TestApiHandler.cs

@@ -33,6 +33,12 @@ internal class TestApiHandler : IApiHandler
         return Task.CompletedTask;
     }
 
+    public Task ClosePullRequest(ClosePullRequest closePullRequest)
+    {
+        _receivedMessages.Add((closePullRequest.GetType(), closePullRequest));
+        return Task.CompletedTask;
+    }
+
     public Task UpdatePullRequest(UpdatePullRequest updatePullRequest)
     {
         _receivedMessages.Add((updatePullRequest.GetType(), updatePullRequest));

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/{UpdateAllowedTests.cs → UpdatePermittedAndMessageTests.cs}

@@ -1,5 +1,7 @@
 using System.Collections.Immutable;
 
+using NuGet.Versioning;
+
 using NuGetUpdater.Core.Analyze;
 using NuGetUpdater.Core.Run;
 using NuGetUpdater.Core.Run.ApiModel;
@@ -10,17 +12,30 @@ using DepType = NuGetUpdater.Core.Run.ApiModel.DependencyType;
 
 namespace NuGetUpdater.Core.Test.Run;
 
-public class UpdateAllowedTests
+public class UpdatePermittedAndMessageTests
 {
     [Theory]
-    [MemberData(nameof(IsUpdateAllowedTestData))]
-    public void IsUpdateAllowed(Job job, Dependency dependency, bool expectedResult)
+    [MemberData(nameof(UpdatePermittedAndMessageTestData))]
+    public void UpdatePermittedAndMessage(Job job, Dependency dependency, bool expectedResult, MessageBase? expectedMessage)
     {
-        var actualResult = RunWorker.IsUpdateAllowed(job, dependency);
+        var (actualResult, actualMessage) = RunWorker.UpdatePermittedAndMessage(job, dependency);
         Assert.Equal(expectedResult, actualResult);
+
+        if (expectedMessage is null)
+        {
+            Assert.Null(actualMessage);
+        }
+        else
+        {
+            Assert.True(actualMessage is not null, $"Expected message of type {expectedMessage.GetType().Name} but got null");
+            Assert.Equal(expectedMessage.GetType(), actualMessage.GetType());
+            var actualMessageJson = HttpApiHandler.Serialize(actualMessage);
+            var expectedMessageJson = HttpApiHandler.Serialize(expectedMessage);
+            Assert.Equal(expectedMessageJson, actualMessageJson);
+        }
     }
 
-    public static IEnumerable<object[]> IsUpdateAllowedTestData()
+    public static IEnumerable<object?[]> UpdatePermittedAndMessageTestData()
     {
         // with default allowed updates on a transitive dependency
         yield return
@@ -29,6 +44,7 @@ public class UpdateAllowedTests
                 allowedUpdates: [
                     new AllowedUpdate() { DependencyType = DepType.Direct, UpdateType = UpdateType.All }
                 ],
+                existingPrs: [],
                 securityAdvisories: [
                     new Advisory() { DependencyName = "Some.Package", AffectedVersions = [], PatchedVersions = [Requirement.Parse(">= 1.11.0")], UnaffectedVersions = [] }
                 ],
@@ -36,6 +52,8 @@ public class UpdateAllowedTests
             new Dependency("Some.Package", "1.8.0", DependencyType.PackageReference, IsTransitive: true),
             // expectedResult
             false,
+            // expectedMessage
+            null,
         ];
 
         // when dealing with a security update
@@ -45,6 +63,7 @@ public class UpdateAllowedTests
                 allowedUpdates: [
                     new AllowedUpdate() { DependencyType = DepType.Direct, UpdateType = UpdateType.All }
                 ],
+                existingPrs: [],
                 securityAdvisories: [
                     new Advisory() { DependencyName = "Some.Package", AffectedVersions = [], PatchedVersions = [Requirement.Parse(">= 1.11.0")], UnaffectedVersions = [] }
                 ],
@@ -52,6 +71,8 @@ public class UpdateAllowedTests
             new Dependency("Some.Package", "1.8.0", DependencyType.PackageReference, IsTransitive: true),
             // expectedResult
             true,
+            // expectedMessage
+            null,
         ];
 
         // with a top-level dependency
@@ -62,11 +83,14 @@ public class UpdateAllowedTests
                     new AllowedUpdate() { DependencyType = DepType.Direct, UpdateType = UpdateType.All },
                     new AllowedUpdate() { DependencyType = DepType.Indirect, UpdateType = UpdateType.Security }
                 ],
+                existingPrs: [],
                 securityAdvisories: [],
                 securityUpdatesOnly: false),
             new Dependency("Some.Package", "1.8.0", DependencyType.PackageReference, IsTransitive: false),
             // expectedResult
             true,
+            // expectedMessage
+            null,
         ];
 
         // with a sub-dependency
@@ -77,11 +101,14 @@ public class UpdateAllowedTests
                     new AllowedUpdate() { DependencyType = DepType.Direct, UpdateType = UpdateType.All },
                     new AllowedUpdate() { DependencyType = DepType.Indirect, UpdateType = UpdateType.Security }
                 ],
+                existingPrs: [],
                 securityAdvisories: [],
                 securityUpdatesOnly: false),
             new Dependency("Some.Package", "1.8.0", DependencyType.PackageReference, IsTransitive: true),
             // expectedResult
             false,
+            // expectedMessage
+            null,
         ];
 
         // when insecure
@@ -92,6 +119,7 @@ public class UpdateAllowedTests
                     new AllowedUpdate() { DependencyType = DepType.Direct, UpdateType = UpdateType.All },
                     new AllowedUpdate() { DependencyType = DepType.Indirect, UpdateType = UpdateType.Security }
                 ],
+                existingPrs: [],
                 securityAdvisories: [
                     new Advisory() { DependencyName = "Some.Package", AffectedVersions = [], PatchedVersions = [Requirement.Parse(">= 1.11.0")], UnaffectedVersions = [] }
                 ],
@@ -99,6 +127,8 @@ public class UpdateAllowedTests
             new Dependency("Some.Package", "1.8.0", DependencyType.PackageReference, IsTransitive: true),
             // expectedResult
             true,
+            // expectedMessage
+            null,
         ];
 
         // when only security fixes are allowed
@@ -109,11 +139,14 @@ public class UpdateAllowedTests
                     new AllowedUpdate() { DependencyType = DepType.Direct, UpdateType = UpdateType.All },
                     new AllowedUpdate() { DependencyType = DepType.Indirect, UpdateType = UpdateType.Security }
                 ],
+                existingPrs: [],
                 securityAdvisories: [],
                 securityUpdatesOnly: true),
             new Dependency("Some.Package", "1.8.0", DependencyType.PackageReference, IsTransitive: false),
             // expectedResult
             false,
+            // expectedMessage
+            null,
         ];
 
         // when dealing with a security fix
@@ -124,6 +157,7 @@ public class UpdateAllowedTests
                     new AllowedUpdate() { DependencyType = DepType.Direct, UpdateType = UpdateType.All },
                     new AllowedUpdate() { DependencyType = DepType.Indirect, UpdateType = UpdateType.Security }
                 ],
+                existingPrs: [],
                 securityAdvisories: [
                     new Advisory() { DependencyName = "Some.Package", AffectedVersions = [], PatchedVersions = [Requirement.Parse(">= 1.11.0")], UnaffectedVersions = [] }
                 ],
@@ -131,6 +165,8 @@ public class UpdateAllowedTests
             new Dependency("Some.Package", "1.8.0", DependencyType.PackageReference, IsTransitive: false),
             // expectedResult
             true,
+            // expectedMessage
+            null,
         ];
 
         // when dealing with a security fix that doesn't apply
@@ -141,6 +177,7 @@ public class UpdateAllowedTests
                     new AllowedUpdate() { DependencyType = DepType.Direct, UpdateType = UpdateType.All },
                     new AllowedUpdate() { DependencyType = DepType.Indirect, UpdateType = UpdateType.Security }
                 ],
+                existingPrs: [],
                 securityAdvisories: [
                     new Advisory() { DependencyName = "Some.Package", AffectedVersions = [Requirement.Parse("> 1.8.0")], PatchedVersions = [], UnaffectedVersions = [] }
                 ],
@@ -148,6 +185,8 @@ public class UpdateAllowedTests
             new Dependency("Some.Package", "1.8.0", DependencyType.PackageReference, IsTransitive: false),
             // expectedResult
             false,
+            // expectedMessage
+            new SecurityUpdateNotNeeded("Some.Package"),
         ];
 
         // when dealing with a security fix that doesn't apply to some versions
@@ -158,6 +197,7 @@ public class UpdateAllowedTests
                     new AllowedUpdate() { DependencyType = DepType.Direct, UpdateType = UpdateType.All },
                     new AllowedUpdate() { DependencyType = DepType.Indirect, UpdateType = UpdateType.Security }
                 ],
+                existingPrs: [],
                 securityAdvisories: [
                     new Advisory() { DependencyName = "Some.Package", AffectedVersions = [Requirement.Parse("< 1.8.0"), Requirement.Parse("> 1.8.0")], PatchedVersions = [], UnaffectedVersions = [] }
                 ],
@@ -165,6 +205,8 @@ public class UpdateAllowedTests
             new Dependency("Some.Package", "1.8.1", DependencyType.PackageReference, IsTransitive: false),
             // expectedResult
             true,
+            // expectedMessage
+            null,
         ];
 
         // when a dependency allow list that includes the dependency
@@ -174,11 +216,14 @@ public class UpdateAllowedTests
                 allowedUpdates: [
                     new AllowedUpdate() { DependencyName = "Some.Package" }
                 ],
+                existingPrs: [],
                 securityAdvisories: [],
                 securityUpdatesOnly: false),
             new Dependency("Some.Package", "1.8.0", DependencyType.PackageReference, IsTransitive: false),
             // expectedResult
             true,
+            // expectedMessage
+            null,
         ];
 
         // with a dependency allow list that uses a wildcard
@@ -188,11 +233,14 @@ public class UpdateAllowedTests
                 allowedUpdates: [
                     new AllowedUpdate() { DependencyName = "Some.*" }
                 ],
+                existingPrs: [],
                 securityAdvisories: [],
                 securityUpdatesOnly: false),
             new Dependency("Some.Package", "1.8.0", DependencyType.PackageReference, IsTransitive: false),
             // expectedResult
             true,
+            // expectedMessage
+            null,
         ];
 
         // when dependency allow list that excludes the dependency
@@ -202,11 +250,14 @@ public class UpdateAllowedTests
                 allowedUpdates: [
                     new AllowedUpdate() { DependencyName = "Unrelated.Package" }
                 ],
+                existingPrs: [],
                 securityAdvisories: [],
                 securityUpdatesOnly: false),
             new Dependency("Some.Package", "1.8.0", DependencyType.PackageReference, IsTransitive: false),
             // expectedResult
             false,
+            // expectedMessage
+            null,
         ];
 
         // when matching with an incomplete dependency name
@@ -216,11 +267,14 @@ public class UpdateAllowedTests
                 allowedUpdates: [
                     new AllowedUpdate() { DependencyName = "Some" }
                 ],
+                existingPrs: [],
                 securityAdvisories: [],
                 securityUpdatesOnly: false),
             new Dependency("Some.Package", "1.8.0", DependencyType.PackageReference, IsTransitive: false),
             // expectedResult
             false,
+            // expectedMessage
+            null,
         ];
 
         // with a dependency allow list that uses a wildcard
@@ -230,11 +284,14 @@ public class UpdateAllowedTests
                 allowedUpdates: [
                     new AllowedUpdate() { DependencyName = "Unrelated.*" }
                 ],
+                existingPrs: [],
                 securityAdvisories: [],
                 securityUpdatesOnly: false),
             new Dependency("Some.Package", "1.8.0", DependencyType.PackageReference, IsTransitive: false),
             // expectedResult
             false,
+            // expectedMessage
+            null,
         ];
 
         // when security fixes are also allowed
@@ -245,11 +302,14 @@ public class UpdateAllowedTests
                     new AllowedUpdate() { DependencyName = "Unrelated.Package" },
                     new AllowedUpdate() { UpdateType = UpdateType.Security }
                 ],
+                existingPrs: [],
                 securityAdvisories: [],
                 securityUpdatesOnly: false),
             new Dependency("Some.Package", "1.8.0", DependencyType.PackageReference, IsTransitive: false),
             // expectedResult
             false,
+            // expectedMessage
+            null,
         ];
 
         // when dealing with a security fix
@@ -259,6 +319,7 @@ public class UpdateAllowedTests
                 allowedUpdates: [
                     new AllowedUpdate() { DependencyName = "Unrelated.Package"}, new AllowedUpdate(){ UpdateType = UpdateType.Security }
                 ],
+                existingPrs: [],
                 securityAdvisories: [
                     new Advisory() { DependencyName = "Some.Package", AffectedVersions = [], PatchedVersions = [Requirement.Parse(">= 1.11.0")], UnaffectedVersions = [] }
                 ],
@@ -266,14 +327,57 @@ public class UpdateAllowedTests
             new Dependency("Some.Package", "1.8.0", DependencyType.PackageReference, IsTransitive: false),
             // expectedResult
             true,
+            // expectedMessage
+            null,
+        ];
+
+        // security job, not vulnerable => security update not needed
+        yield return
+        [
+            CreateJob(
+                allowedUpdates: [
+                    new AllowedUpdate() { UpdateType = UpdateType.Security }
+                ],
+                existingPrs: [],
+                securityAdvisories: [
+                    new Advisory() { DependencyName = "Some.Package", AffectedVersions = [Requirement.Parse("1.0.0")], PatchedVersions = [Requirement.Parse("1.1.0")] }
+                ],
+                securityUpdatesOnly: true),
+            new Dependency("Some.Package", "1.1.0", DependencyType.PackageReference),
+            // expectedResult
+            false,
+            // expectedMessage
+            new SecurityUpdateNotNeeded("Some.Package")
+        ];
+
+        // security job, not updating existing => pr already exists
+        yield return
+        [
+            CreateJob(
+                allowedUpdates: [
+                    new AllowedUpdate() { UpdateType = UpdateType.Security }
+                ],
+                existingPrs: [
+                    new PullRequest() { Dependencies = [new PullRequestDependency() { DependencyName = "Some.Package", DependencyVersion = NuGetVersion.Parse("1.2.0") }] }
+                ],
+                securityAdvisories: [
+                    new Advisory() { DependencyName = "Some.Package", AffectedVersions = [Requirement.Parse("1.1.0")] }
+                ],
+                securityUpdatesOnly: true),
+            new Dependency("Some.Package", "1.1.0", DependencyType.PackageReference),
+            // expectedResult
+            false,
+            // expectedMessage
+            new PullRequestExistsForLatestVersion("Some.Package", "1.2.0")
         ];
     }
 
-    private static Job CreateJob(AllowedUpdate[] allowedUpdates, Advisory[] securityAdvisories, bool securityUpdatesOnly)
+    private static Job CreateJob(AllowedUpdate[] allowedUpdates, PullRequest[] existingPrs, Advisory[] securityAdvisories, bool securityUpdatesOnly)
     {
         return new Job()
         {
             AllowedUpdates = allowedUpdates.ToImmutableArray(),
+            ExistingPullRequests = existingPrs.ToImmutableArray(),
             SecurityAdvisories = securityAdvisories.ToImmutableArray(),
             SecurityUpdatesOnly = securityUpdatesOnly,
             Source = new()

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/TestHttpServer.cs

@@ -2,6 +2,10 @@ using System.Net;
 using System.Net.Sockets;
 using System.Text;
 
+using NuGet.Versioning;
+using NuGet;
+using NuGetUpdater.Core.Utilities;
+
 namespace NuGetUpdater.Core.Test
 {
     public class TestHttpServer : IDisposable
@@ -32,6 +36,8 @@ namespace NuGetUpdater.Core.Test
             _listener.Stop();
         }
 
+        public string GetPackageFeedIndex() => BaseUrl.TrimEnd('/') + "/index.json";
+
         private async Task HandleResponses()
         {
             while (_runServer)
@@ -69,6 +75,105 @@ namespace NuGetUpdater.Core.Test
             return CreateTestServer(bytesRequestHandler);
         }
 
+        public static TestHttpServer CreateTestNuGetFeed(params MockNuGetPackage[] packages)
+        {
+            var packageVersions = new Dictionary<string, HashSet<NuGetVersion>>(StringComparer.OrdinalIgnoreCase);
+            foreach (var package in packages)
+            {
+                var versions = packageVersions.GetOrAdd(package.Id, () => new HashSet<NuGetVersion>());
+                var version = NuGetVersion.Parse(package.Version);
+                versions.Add(version);
+            }
+
+            var responses = new Dictionary<string, byte[]>();
+            foreach (var kvp in packageVersions)
+            {
+                var packageId = kvp.Key;
+                var versions = kvp.Value.OrderBy(v => v).ToArray();
+
+                // registration
+                var registrationUrl = $"/registrations/{packageId.ToLowerInvariant()}/index.json";
+                var registrationContent = $$"""
+                {
+                  "count": {{versions.Length}},
+                  "items": [
+                    {
+                      "lower": "{{versions.First()}}",
+                      "upper": "{{versions.Last()}}",
+                      "items": [
+                        {{string.Join(",\n", versions.Select(v => $$"""
+                                                               {
+                                                                 "catalogEntry": {
+                                                                   "version": "{{v}}"
+                                                                 }
+                                                               }
+                                                               """))}}
+                      ]
+                    }
+                  ]
+                }
+                """;
+                responses[registrationUrl] = Encoding.UTF8.GetBytes(registrationContent);
+
+                // download
+                var downloadUrl = $"/download/{packageId.ToLowerInvariant()}/index.json";
+                var downloadContent = $$"""
+                {
+                  "versions": [{{string.Join(", ", versions.Select(v => $"\"{v}\""))}}]
+                }
+                """;
+                responses[downloadUrl] = Encoding.UTF8.GetBytes(downloadContent);
+
+                // nupkg
+                foreach (var package in packages.Where(p => p.Id.Equals(packageId, StringComparison.OrdinalIgnoreCase)))
+                {
+                    var id = packageId.ToLowerInvariant();
+                    var v = package.Version.ToLowerInvariant();
+                    var nupkgUrl = $"/download/{id}/{v}/{id}.{v}.nupkg";
+                    var nupkgContent = package.GetZipStream().ReadAllBytes();
+                    responses[nupkgUrl] = nupkgContent;
+                }
+            }
+
+            (int, byte[]) HttpHandler(string uriString)
+            {
+                var uri = new Uri(uriString, UriKind.Absolute);
+                var baseUrl = $"{uri.Scheme}://{uri.Host}:{uri.Port}";
+                if (uri.PathAndQuery == "/index.json")
+                {
+                    return (200, Encoding.UTF8.GetBytes($$"""
+                {
+                    "version": "3.0.0",
+                    "resources": [
+                        {
+                            "@id": "{{baseUrl}}/download",
+                            "@type": "PackageBaseAddress/3.0.0"
+                        },
+                        {
+                            "@id": "{{baseUrl}}/query",
+                            "@type": "SearchQueryService"
+                        },
+                        {
+                            "@id": "{{baseUrl}}/registrations",
+                            "@type": "RegistrationsBaseUrl"
+                        }
+                    ]
+                }
+                """));
+                }
+
+                if (responses.TryGetValue(uri.PathAndQuery, out var response))
+                {
+                    return (200, response);
+                }
+
+                return (404, Encoding.UTF8.GetBytes("{}"));
+            }
+
+            var server = TestHttpServer.CreateTestServer(HttpHandler);
+            return server;
+        }
+
         private static int FindFreePort()
         {
             var tcpListener = new TcpListener(IPAddress.Loopback, 0);

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Update/UpdateWorkerTests.PackageReference.cs

@@ -3632,5 +3632,80 @@ public partial class UpdateWorkerTests
                     """
             );
         }
+
+        [Fact]
+        public async Task CentralPackageManagementStillWorksWithMultipleFeedsListedInConfig()
+        {
+            using var http1 = TestHttpServer.CreateTestNuGetFeed(
+                MockNuGetPackage.CreateSimplePackage("Package1", "1.0.0", "net9.0"),
+                MockNuGetPackage.CreateSimplePackage("Package1", "1.0.1", "net9.0"));
+            using var http2 = TestHttpServer.CreateTestNuGetFeed(MockNuGetPackage.CreateSimplePackage("Package2", "2.0.0", "net9.0"));
+            await TestUpdate("Package1", "1.0.0", "1.0.1",
+                useSolution: false,
+                experimentsManager: new ExperimentsManager() { UseDirectDiscovery = true },
+                packages: [],
+                projectContents: """
+                    <Project Sdk="Microsoft.NET.Sdk">
+                      <PropertyGroup>
+                        <TargetFramework>net9.0</TargetFramework>
+                        <TreatWarningsAsErrors>true</TreatWarningsAsErrors>
+                        <MSBuildTreatWarningsAsErrors>true</MSBuildTreatWarningsAsErrors>
+                      </PropertyGroup>
+                      <ItemGroup>
+                        <PackageReference Include="Package1" />
+                        <PackageReference Include="Package2" />
+                      </ItemGroup>
+                    </Project>
+                    """,
+                additionalFiles: [
+                    ("Directory.Packages.props", """
+                        <Project>
+                          <PropertyGroup>
+                            <ManagePackageVersionsCentrally>true</ManagePackageVersionsCentrally>
+                          </PropertyGroup>
+                          <ItemGroup>
+                            <PackageVersion Include="Package1" Version="1.0.0" />
+                            <PackageVersion Include="Package2" Version="2.0.0" />
+                          </ItemGroup>
+                        </Project>
+                        """),
+                    ("NuGet.Config", $"""
+                        <configuration>
+                          <packageSources>
+                            <!-- explicitly _not_ calling "clear" because we also want the upstream sources in addition to these two remote sources -->
+                            <add key="source_1" value="{http1.GetPackageFeedIndex()}" allowInsecureConnections="true" />
+                            <add key="source_2" value="{http2.GetPackageFeedIndex()}" allowInsecureConnections="true" />
+                          </packageSources>
+                        </configuration>
+                        """)
+                ],
+                expectedProjectContents: """
+                    <Project Sdk="Microsoft.NET.Sdk">
+                      <PropertyGroup>
+                        <TargetFramework>net9.0</TargetFramework>
+                        <TreatWarningsAsErrors>true</TreatWarningsAsErrors>
+                        <MSBuildTreatWarningsAsErrors>true</MSBuildTreatWarningsAsErrors>
+                      </PropertyGroup>
+                      <ItemGroup>
+                        <PackageReference Include="Package1" />
+                        <PackageReference Include="Package2" />
+                      </ItemGroup>
+                    </Project>
+                    """,
+                additionalFilesExpected: [
+                    ("Directory.Packages.props", """
+                        <Project>
+                          <PropertyGroup>
+                            <ManagePackageVersionsCentrally>true</ManagePackageVersionsCentrally>
+                          </PropertyGroup>
+                          <ItemGroup>
+                            <PackageVersion Include="Package1" Version="1.0.1" />
+                            <PackageVersion Include="Package2" Version="2.0.0" />
+                          </ItemGroup>
+                        </Project>
+                        """)
+                ]
+            );
+        }
     }
 }

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-nuget
 version: !ruby/object:Gem::Version
-  version: 0.300.0
+  version: 0.301.0
 platform: ruby
 authors:
 - Dependabot
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-03-06 00:00:00.000000000 Z
+date: 2025-03-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.300.0
+        version: 0.301.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.300.0
+        version: 0.301.0
 - !ruby/object:Gem::Dependency
   name: rubyzip
   requirement: !ruby/object:Gem::Requirement
@@ -348,10 +348,12 @@ files:
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/MockNuGetPackage.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/NuGetUpdater.Core.Test.csproj
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/MiscellaneousTests.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/PullRequestMessageTests.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/PullRequestTextTests.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/RunWorkerTests.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/SerializationTests.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/TestApiHandler.cs
-- helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/UpdateAllowedTests.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/UpdatePermittedAndMessageTests.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/UpdatedDependencyListTests.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/TemporaryDirectory.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/TemporaryEnvironment.cs
@@ -457,8 +459,10 @@ files:
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/JobRepoNotFound.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/JobSource.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/MarkAsProcessed.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/MessageBase.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/PrivateSourceAuthenticationFailure.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/PullRequest.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/PullRequestDependency.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/PullRequestExistsForLatestVersion.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/ReportedDependency.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/ReportedRequirement.cs
@@ -469,8 +473,11 @@ files:
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/UpdateNotPossible.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/UpdatePullRequest.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/UpdatedDependencyList.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/CommitOptions_IncludeScopeConverter.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/HttpApiHandler.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/IApiHandler.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/PullRequestConverter.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/PullRequestTextGenerator.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/RunResult.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/RunWorker.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/VersionConverter.cs
@@ -537,7 +544,7 @@ licenses:
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.300.0
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.301.0
 post_install_message:
 rdoc_options: []
 require_paths: