dependabot-nuget 0.312.0 → 0.313.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: acb9d775c29330f4cae905aa23b7ad9c36f0ed161d8cc1c2fbfc7391fb52646b
-  data.tar.gz: 97b60783a35914969fe10efc5235a91d29a470faf40e4520cf331bf6bafe21f1
+  metadata.gz: ac365725d12dca90647d4d71f59d1038f9d678bc811f20ffcb2f48ec0fb5da7a
+  data.tar.gz: 7acd524ff51f1a2f2eba42db8711331410e740761deecb78e97365d6d5ada225
 SHA512:
-  metadata.gz: d1d117e611b42497834c3276f08e35e3a70a3b2d0f960ac3d666dde3c12eb32697f911e0af3409e76500977f4c1db835c4979a85879e86bbd00e0ec0df4cc34c
-  data.tar.gz: b3f8f76bc8be51fc23493c1660cb41e5f6b9c10721941bd98c72c49652c807bb320def722cdc3c08d822f2cd2ed0dbe993b75cd6d43d0f1593de6890a753af32
+  metadata.gz: 27bb68098a00a6e05e88e07c5adfe99c9a74fe9fe8cf43d367e77fee46e29046832f8cf7993ac02fe767709da11a570ef3900a0a8c0941bcde5f2bc19d0a6e07
+  data.tar.gz: 84654a79e5cfb88dbde80c8218ed8737d5211ba5f65cc974d3aca4ab5aac8feae869a5718cebb1ed9724e46891c11287854762d60d89f535a63716ea8fcca9ee

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/JobErrorBase.cs

@@ -47,24 +47,64 @@ public abstract record JobErrorBase : MessageBase
 
     public static JobErrorBase ErrorFromException(Exception ex, string jobId, string currentDirectory)
     {
-        return ex switch
+        switch (ex)
         {
-            BadRequirementException badRequirement => new BadRequirement(badRequirement.Message),
-            BadResponseException badResponse => new PrivateSourceBadResponse([badResponse.Uri]),
-            DependencyNotFoundException dependencyNotFound => new DependencyNotFound(string.Join(", ", dependencyNotFound.Dependencies)),
-            HttpRequestException httpRequest => httpRequest.StatusCode switch
-            {
-                HttpStatusCode.Unauthorized or
-                HttpStatusCode.Forbidden => new PrivateSourceAuthenticationFailure(NuGetContext.GetPackageSourceUrls(currentDirectory)),
-                HttpStatusCode.TooManyRequests => new PrivateSourceBadResponse(NuGetContext.GetPackageSourceUrls(currentDirectory)),
-                HttpStatusCode.ServiceUnavailable => new PrivateSourceBadResponse(NuGetContext.GetPackageSourceUrls(currentDirectory)),
-                _ => new UnknownError(ex, jobId),
-            },
-            InvalidProjectFileException invalidProjectFile => new DependencyFileNotParseable(invalidProjectFile.ProjectFile),
-            MissingFileException missingFile => new DependencyFileNotFound(missingFile.FilePath, missingFile.Message),
-            UnparseableFileException unparseableFile => new DependencyFileNotParseable(unparseableFile.FilePath, unparseableFile.Message),
-            UpdateNotPossibleException updateNotPossible => new UpdateNotPossible(updateNotPossible.Dependencies),
-            _ => new UnknownError(ex, jobId),
-        };
+            case BadRequirementException badRequirement:
+                return new BadRequirement(badRequirement.Message);
+            case BadResponseException badResponse:
+                return new PrivateSourceBadResponse([badResponse.Uri]);
+            case DependencyNotFoundException dependencyNotFound:
+                return new DependencyNotFound(string.Join(", ", dependencyNotFound.Dependencies));
+            case HttpRequestException httpRequest:
+                if (httpRequest.StatusCode is null)
+                {
+                    if (httpRequest.InnerException is HttpIOException ioException &&
+                        ioException.HttpRequestError == HttpRequestError.ResponseEnded)
+                    {
+                        // server hung up on us
+                        return new PrivateSourceBadResponse(NuGetContext.GetPackageSourceUrls(currentDirectory));
+                    }
+
+                    return new UnknownError(ex, jobId);
+                }
+
+                switch (httpRequest.StatusCode)
+                {
+                    case HttpStatusCode.Unauthorized:
+                    case HttpStatusCode.Forbidden:
+                        return new PrivateSourceAuthenticationFailure(NuGetContext.GetPackageSourceUrls(currentDirectory));
+                    case HttpStatusCode.TooManyRequests:
+                    case HttpStatusCode.ServiceUnavailable:
+                        return new PrivateSourceBadResponse(NuGetContext.GetPackageSourceUrls(currentDirectory));
+                    default:
+                        if ((int)httpRequest.StatusCode / 100 == 5)
+                        {
+                            return new PrivateSourceBadResponse(NuGetContext.GetPackageSourceUrls(currentDirectory));
+                        }
+
+                        return new UnknownError(ex, jobId);
+                }
+            case InvalidProjectFileException invalidProjectFile:
+                return new DependencyFileNotParseable(invalidProjectFile.ProjectFile);
+            case MissingFileException missingFile:
+                return new DependencyFileNotFound(missingFile.FilePath, missingFile.Message);
+            case UnparseableFileException unparseableFile:
+                return new DependencyFileNotParseable(unparseableFile.FilePath, unparseableFile.Message);
+            case UpdateNotPossibleException updateNotPossible:
+                return new UpdateNotPossible(updateNotPossible.Dependencies);
+            default:
+                // if a more specific inner exception was encountered, use that, otherwise...
+                if (ex.InnerException is not null)
+                {
+                    var innerError = ErrorFromException(ex.InnerException, jobId, currentDirectory);
+                    if (innerError is not UnknownError)
+                    {
+                        return innerError;
+                    }
+                }
+
+                // ...return the whole thing
+                return new UnknownError(ex, jobId);
+        }
     }
 }

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/IApiHandler.cs

@@ -35,6 +35,30 @@ public static class IApiHandlerExtensions
     public static Task UpdatePullRequest(this IApiHandler handler, UpdatePullRequest updatePullRequest) => handler.PostAsJson("update_pull_request", updatePullRequest);
     public static Task MarkAsProcessed(this IApiHandler handler, MarkAsProcessed markAsProcessed) => handler.PatchAsJson("mark_as_processed", markAsProcessed);
 
-    private static Task PostAsJson(this IApiHandler handler, string endpoint, object body) => handler.SendAsync(endpoint, body, "POST");
-    private static Task PatchAsJson(this IApiHandler handler, string endpoint, object body) => handler.SendAsync(endpoint, body, "PATCH");
+    private static Task PostAsJson(this IApiHandler handler, string endpoint, object body) => handler.WithRetries(() => handler.SendAsync(endpoint, body, "POST"));
+    private static Task PatchAsJson(this IApiHandler handler, string endpoint, object body) => handler.WithRetries(() => handler.SendAsync(endpoint, body, "PATCH"));
+
+    private const int MaxRetries = 3;
+    private const int MinRetryDelay = 3;
+    private const int MaxRetryDelay = 10;
+
+    private static async Task WithRetries(this IApiHandler handler, Func<Task> action)
+    {
+        var retryCount = 0;
+        while (true)
+        {
+            try
+            {
+                await action();
+                return;
+            }
+            catch (HttpRequestException ex)
+            when (retryCount < MaxRetries &&
+                (ex.StatusCode is null || ((int)ex.StatusCode) / 100 == 5))
+            {
+                retryCount++;
+                await Task.Delay(TimeSpan.FromSeconds(Random.Shared.Next(MinRetryDelay, MaxRetryDelay)));
+            }
+        }
+    }
 }

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/MSBuildHelper.cs

@@ -969,6 +969,7 @@ internal static partial class MSBuildHelper
         ThrowOnUpdateNotPossible(output);
         ThrowOnRateLimitExceeded(output);
         ThrowOnServiceUnavailable(output);
+        ThrowOnUnparseableFile(output);
     }
 
     private static void ThrowOnUnauthenticatedFeed(string stdout)
@@ -1067,6 +1068,19 @@ internal static partial class MSBuildHelper
         }
     }
 
+    private static void ThrowOnUnparseableFile(string output)
+    {
+        var patterns = new[]
+        {
+            new Regex(@"\nAn error occurred while reading file '(?<FilePath>[^']+)': (?<Message>[^\n]*)\n"),
+        };
+        var match = patterns.Select(p => p.Match(output)).Where(m => m.Success).FirstOrDefault();
+        if (match is not null)
+        {
+            throw new UnparseableFileException(match.Groups["Message"].Value, match.Groups["FilePath"].Value);
+        }
+    }
+
     internal static bool TryGetGlobalJsonPath(string repoRootPath, string workspacePath, [NotNullWhen(returnValue: true)] out string? globalJsonPath)
     {
         globalJsonPath = PathHelper.GetFileInDirectoryOrParent(workspacePath, repoRootPath, "global.json", caseSensitive: false);

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/HttpApiHandlerTests.cs

@@ -39,7 +39,7 @@ public class HttpApiHandlerTests
         using var http = TestHttpServer.CreateTestServer((method, url) =>
         {
             // no error content returned
-            return (500, null);
+            return (400, null);
         });
         var handler = new HttpApiHandler(http.BaseUrl, "TEST-ID");
 
@@ -51,10 +51,51 @@ public class HttpApiHandlerTests
         }));
 
         // assert
-        var expectedMessage = $"500 (InternalServerError)";
+        var expectedMessage = $"400 (BadRequest)";
         Assert.Equal(expectedMessage, exception.Message);
     }
 
+    [Fact]
+    public async Task ApiCallsAreAutomaticallyRetriedWhenTheServerThrowsAnError()
+    {
+        // arrange
+        var requestCount = 0;
+        using var http = TestHttpServer.CreateTestServer((method, url) =>
+        {
+            if (requestCount < 2)
+            {
+                requestCount++;
+                return (500, Array.Empty<byte>());
+            }
+
+            return (200, Array.Empty<byte>());
+        });
+        var handler = new HttpApiHandler(http.BaseUrl, "TEST-ID");
+
+        // act
+        await handler.IncrementMetric(new()
+        {
+            Metric = "test",
+        });
+    }
+
+    [Fact]
+    public async Task ApiCallsAreNotRetriedOnABadRequest()
+    {
+        // arrange
+        var requestCount = 0;
+        using var http = TestHttpServer.CreateTestServer((method, url) =>
+        {
+            requestCount++;
+            return (400, Array.Empty<byte>());
+        });
+        var handler = new HttpApiHandler(http.BaseUrl, "TEST-ID");
+
+        // act
+        await Assert.ThrowsAsync<HttpRequestException>(() => handler.IncrementMetric(new() { Metric = "test" }));
+        Assert.True(requestCount == 1, $"Expected only 1 request, but received {requestCount}.");
+    }
+
     [Theory]
     [MemberData(nameof(ErrorsAreSentToTheCorrectEndpointTestData))]
     public async Task ErrorsAreSentToTheCorrectEndpoint(JobErrorBase error, params string[] expectedEndpoints)

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/JobErrorBaseTests.cs

@@ -0,0 +1,86 @@
+using System.Net;
+using System.Text.Json;
+
+using NuGet.Protocol.Core.Types;
+
+using NuGetUpdater.Core.Run;
+using NuGetUpdater.Core.Run.ApiModel;
+
+using Xunit;
+
+namespace NuGetUpdater.Core.Test.Run;
+
+public class JobErrorBaseTests : TestBase
+{
+    [Theory]
+    [MemberData(nameof(GenerateErrorFromExceptionTestData))]
+    public async Task GenerateErrorFromException(Exception exception, JobErrorBase expectedError)
+    {
+        // arrange
+        // some error types require a NuGet.Config file to be present
+        using var tempDir = await TemporaryDirectory.CreateWithContentsAsync(
+            ("NuGet.Config", """
+                <configuration>
+                  <packageSources>
+                    <clear />
+                    <add key="some_package_feed" value="http://nuget.example.com/v3/index.json" allowInsecureConnections="true" />
+                  </packageSources>
+                </configuration>
+                """)
+        );
+
+        // act
+        var actualError = JobErrorBase.ErrorFromException(exception, "TEST-JOB-ID", tempDir.DirectoryPath);
+
+        // assert
+        var actualErrorJson = JsonSerializer.Serialize(actualError, RunWorker.SerializerOptions);
+        var expectedErrorJson = JsonSerializer.Serialize(expectedError, RunWorker.SerializerOptions);
+        Assert.Equal(expectedErrorJson, actualErrorJson);
+    }
+
+    public static IEnumerable<object[]> GenerateErrorFromExceptionTestData()
+    {
+        // internal error from package feed
+        yield return
+        [
+            new HttpRequestException("nope", null, HttpStatusCode.InternalServerError),
+            new PrivateSourceBadResponse(["http://nuget.example.com/v3/index.json"]),
+        ];
+
+        // inner exception turns into private_source_bad_response; 500
+        yield return
+        [
+            new FatalProtocolException("nope", new HttpRequestException("nope", null, HttpStatusCode.InternalServerError)),
+            new PrivateSourceBadResponse(["http://nuget.example.com/v3/index.json"]),
+        ];
+
+        // inner exception turns into private_source_bad_response; ResponseEnded
+        yield return
+        [
+            new FatalProtocolException("nope", new HttpRequestException("nope", new HttpIOException(HttpRequestError.ResponseEnded))),
+            new PrivateSourceBadResponse(["http://nuget.example.com/v3/index.json"]),
+        ];
+
+        // top-level exception turns into private_source_authentication_failure
+        yield return
+        [
+            new HttpRequestException("nope", null, HttpStatusCode.Unauthorized),
+            new PrivateSourceAuthenticationFailure(["http://nuget.example.com/v3/index.json"]),
+        ];
+
+        // inner exception turns into private_source_authentication_failure
+        yield return
+        [
+            // the NuGet libraries commonly do this
+            new FatalProtocolException("nope", new HttpRequestException("nope", null, HttpStatusCode.Unauthorized)),
+            new PrivateSourceAuthenticationFailure(["http://nuget.example.com/v3/index.json"]),
+        ];
+
+        // unknown errors all the way down; report the initial top-level error
+        yield return
+        [
+            new Exception("outer", new Exception("inner")),
+            new UnknownError(new Exception("outer", new Exception("inner")), "TEST-JOB-ID"),
+        ];
+    }
+}

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Utilities/MSBuildHelperTests.cs

@@ -1860,6 +1860,14 @@ public class MSBuildHelperTests : TestBase
             // expectedError
             new DependencyNotFound("Some.Package"),
         ];
+
+        yield return
+        [
+            // output
+            "This part is not reported.\nAn error occurred while reading file '/path/to/packages.config': Some error message.\nThis part is not reported.",
+            // expectedError
+            new DependencyFileNotParseable("/path/to/packages.config", "Some error message."),
+        ];
     }
 
     public static IEnumerable<object[]> GetTopLevelPackageDependencyInfosTestData()

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-nuget
 version: !ruby/object:Gem::Version
-  version: 0.312.0
+  version: 0.313.0
 platform: ruby
 authors:
 - Dependabot
 bindir: bin
 cert_chain: []
-date: 2025-05-09 00:00:00.000000000 Z
+date: 2025-05-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -15,14 +15,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.312.0
+        version: 0.313.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.312.0
+        version: 0.313.0
 - !ruby/object:Gem::Dependency
   name: rubyzip
   requirement: !ruby/object:Gem::Requirement
@@ -348,6 +348,7 @@ files:
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/NuGetUpdater.Core.Test.csproj
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/EndToEndTests.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/HttpApiHandlerTests.cs
+- helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/JobErrorBaseTests.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/MessageReportTests.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/MiscellaneousTests.cs
 - helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/PullRequestMessageTests.cs
@@ -557,7 +558,7 @@ licenses:
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.312.0
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.313.0
 rdoc_options: []
 require_paths:
 - lib