dependabot-nuget 0.314.0 → 0.316.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (53) hide show
  1. checksums.yaml +4 -4
  2. data/helpers/lib/NuGetUpdater/NuGetUpdater.Cli.Test/EntryPointTests.Run.cs +1 -1
  3. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/WorkspaceDiscoveryResult.cs +6 -0
  4. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/ExperimentsManager.cs +3 -0
  5. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/ClosePullRequest.cs +15 -0
  6. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/CreatePullRequest.cs +47 -0
  7. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/DependencyGroup.cs +60 -0
  8. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/Job.cs +151 -23
  9. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/JobErrorBase.cs +4 -18
  10. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/PullRequestExistsForSecurityUpdate.cs +15 -0
  11. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/SecurityUpdateDependencyNotFound.cs +9 -0
  12. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/SecurityUpdateIgnored.cs +10 -0
  13. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/SecurityUpdateNotFound.cs +11 -0
  14. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/SecurityUpdateNotPossible.cs +13 -0
  15. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/UpdatePullRequest.cs +6 -0
  16. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ModifiedFilesTracker.cs +151 -0
  17. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/PullRequestTextGenerator.cs +78 -32
  18. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/RunWorker.cs +99 -111
  19. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/UpdateHandlers/CreateSecurityUpdatePullRequestHandler.cs +169 -0
  20. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/UpdateHandlers/GroupUpdateAllVersionsHandler.cs +271 -0
  21. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/UpdateHandlers/IUpdateHandler.cs +22 -0
  22. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/UpdateHandlers/RefreshGroupUpdatePullRequestHandler.cs +192 -0
  23. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/UpdateHandlers/RefreshSecurityUpdatePullRequestHandler.cs +187 -0
  24. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/UpdateHandlers/RefreshVersionUpdatePullRequestHandler.cs +175 -0
  25. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/UpdateOperationBase.cs +43 -2
  26. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/ILogger.cs +17 -0
  27. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/MSBuildHelper.cs +15 -9
  28. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/MarkdownListBuilder.cs +65 -0
  29. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/ApiModel/JobTests.cs +405 -0
  30. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/EndToEndTests.cs +92 -82
  31. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/HttpApiHandlerTests.cs +5 -0
  32. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/MessageReportTests.cs +67 -1
  33. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/MiscellaneousTests.cs +445 -0
  34. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/PullRequestMessageTests.cs +1 -0
  35. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/PullRequestTextTests.cs +260 -20
  36. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/RunWorkerTests.cs +30 -2
  37. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/SerializationTests.cs +69 -10
  38. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/UpdateHandlers/CreateSecurityUpdatePullRequestHandlerTests.cs +766 -0
  39. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/UpdateHandlers/GroupUpdateAllVersionsHandlerTests.cs +636 -0
  40. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/UpdateHandlers/RefreshGroupUpdatePullRequestHandlerTests.cs +513 -0
  41. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/UpdateHandlers/RefreshSecurityUpdatePullRequestHandlerTests.cs +806 -0
  42. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/UpdateHandlers/RefreshVersionUpdatePullRequestHandlerTests.cs +589 -0
  43. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/UpdateHandlers/UpdateHandlerSelectionTests.cs +183 -0
  44. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/UpdateHandlers/UpdateHandlersTestsBase.cs +43 -0
  45. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/UpdatedDependencyListTests.cs +2 -2
  46. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Update/UpdateOperationBaseTests.cs +121 -7
  47. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Update/UpdateWorkerTests.Mixed.cs +6 -0
  48. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Update/UpdateWorkerTests.PackagesConfig.cs +2 -2
  49. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Utilities/MSBuildHelperTests.cs +51 -0
  50. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Utilities/MarkdownListBuilderTests.cs +42 -0
  51. data/lib/dependabot/nuget/cache_manager.rb +0 -1
  52. data/lib/dependabot/nuget/file_fetcher.rb +2 -2
  53. metadata +30 -8
data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/ApiModel/JobTests.cs ADDED
@@ -0,0 +1,405 @@
1
+ using System.Collections.Immutable;
2
+
3
+ using NuGet.Versioning;
4
+
5
+ using NuGetUpdater.Core.Analyze;
6
+ using NuGetUpdater.Core.Run.ApiModel;
7
+
8
+ using Xunit;
9
+
10
+ using DepType = NuGetUpdater.Core.Run.ApiModel.DependencyType;
11
+
12
+ namespace NuGetUpdater.Core.Test.Run.ApiModel;
13
+
14
+ public class JobTests
15
+ {
16
+ [Theory]
17
+ [MemberData(nameof(IsUpdatePermittedTestData))]
18
+ public void IsUpdatePermitted(Job job, Dependency dependency, bool expectedResult)
19
+ {
20
+ var actualResult = job.IsUpdatePermitted(dependency);
21
+ Assert.Equal(expectedResult, actualResult);
22
+ }
23
+
24
+ public static IEnumerable<object?[]> IsUpdatePermittedTestData()
25
+ {
26
+ // with default allowed updates on a transitive dependency
27
+ yield return
28
+ [
29
+ CreateJob(
30
+ allowedUpdates: [
31
+ new AllowedUpdate() { DependencyType = DepType.Direct, UpdateType = UpdateType.All }
32
+ ],
33
+ dependencies: [],
34
+ existingPrs: [],
35
+ securityAdvisories: [
36
+ new Advisory() { DependencyName = "Some.Package", AffectedVersions = [], PatchedVersions = [Requirement.Parse(">= 1.11.0")], UnaffectedVersions = [] }
37
+ ],
38
+ securityUpdatesOnly: false,
39
+ updatingAPullRequest: false),
40
+ new Dependency("Some.Package", "1.8.0", DependencyType.PackageReference, IsTransitive: true),
41
+ // expectedResult
42
+ false,
43
+ ];
44
+
45
+ // when dealing with a security update
46
+ yield return
47
+ [
48
+ CreateJob(
49
+ allowedUpdates: [
50
+ new AllowedUpdate() { DependencyType = DepType.Direct, UpdateType = UpdateType.All }
51
+ ],
52
+ dependencies: [],
53
+ existingPrs: [],
54
+ securityAdvisories: [
55
+ new Advisory() { DependencyName = "Some.Package", AffectedVersions = [], PatchedVersions = [Requirement.Parse(">= 1.11.0")], UnaffectedVersions = [] }
56
+ ],
57
+ securityUpdatesOnly: true,
58
+ updatingAPullRequest: false),
59
+ new Dependency("Some.Package", "1.8.0", DependencyType.PackageReference, IsTransitive: true),
60
+ // expectedResult
61
+ true,
62
+ ];
63
+
64
+ // with a top-level dependency
65
+ yield return
66
+ [
67
+ CreateJob(
68
+ allowedUpdates: [
69
+ new AllowedUpdate() { DependencyType = DepType.Direct, UpdateType = UpdateType.All },
70
+ new AllowedUpdate() { DependencyType = DepType.Indirect, UpdateType = UpdateType.Security }
71
+ ],
72
+ dependencies: [],
73
+ existingPrs: [],
74
+ securityAdvisories: [],
75
+ securityUpdatesOnly: false,
76
+ updatingAPullRequest: false),
77
+ new Dependency("Some.Package", "1.8.0", DependencyType.PackageReference, IsTransitive: false),
78
+ // expectedResult
79
+ true,
80
+ ];
81
+
82
+ // with a sub-dependency
83
+ yield return
84
+ [
85
+ CreateJob(
86
+ allowedUpdates: [
87
+ new AllowedUpdate() { DependencyType = DepType.Direct, UpdateType = UpdateType.All },
88
+ new AllowedUpdate() { DependencyType = DepType.Indirect, UpdateType = UpdateType.Security }
89
+ ],
90
+ dependencies: [],
91
+ existingPrs: [],
92
+ securityAdvisories: [],
93
+ securityUpdatesOnly: false,
94
+ updatingAPullRequest: false),
95
+ new Dependency("Some.Package", "1.8.0", DependencyType.PackageReference, IsTransitive: true),
96
+ // expectedResult
97
+ false,
98
+ ];
99
+
100
+ // when insecure
101
+ yield return
102
+ [
103
+ CreateJob(
104
+ allowedUpdates: [
105
+ new AllowedUpdate() { DependencyType = DepType.Direct, UpdateType = UpdateType.All },
106
+ new AllowedUpdate() { DependencyType = DepType.Indirect, UpdateType = UpdateType.Security }
107
+ ],
108
+ dependencies: [],
109
+ existingPrs: [],
110
+ securityAdvisories: [
111
+ new Advisory() { DependencyName = "Some.Package", AffectedVersions = [], PatchedVersions = [Requirement.Parse(">= 1.11.0")], UnaffectedVersions = [] }
112
+ ],
113
+ securityUpdatesOnly: false,
114
+ updatingAPullRequest: false),
115
+ new Dependency("Some.Package", "1.8.0", DependencyType.PackageReference, IsTransitive: true),
116
+ // expectedResult
117
+ true,
118
+ ];
119
+
120
+ // when only security fixes are allowed
121
+ yield return
122
+ [
123
+ CreateJob(
124
+ allowedUpdates: [
125
+ new AllowedUpdate() { DependencyType = DepType.Direct, UpdateType = UpdateType.All },
126
+ new AllowedUpdate() { DependencyType = DepType.Indirect, UpdateType = UpdateType.Security }
127
+ ],
128
+ dependencies: [],
129
+ existingPrs: [],
130
+ securityAdvisories: [],
131
+ securityUpdatesOnly: true,
132
+ updatingAPullRequest: false),
133
+ new Dependency("Some.Package", "1.8.0", DependencyType.PackageReference, IsTransitive: false),
134
+ // expectedResult
135
+ false,
136
+ ];
137
+
138
+ // when dealing with a security fix
139
+ yield return
140
+ [
141
+ CreateJob(
142
+ allowedUpdates: [
143
+ new AllowedUpdate() { DependencyType = DepType.Direct, UpdateType = UpdateType.All },
144
+ new AllowedUpdate() { DependencyType = DepType.Indirect, UpdateType = UpdateType.Security }
145
+ ],
146
+ dependencies: [],
147
+ existingPrs: [],
148
+ securityAdvisories: [
149
+ new Advisory() { DependencyName = "Some.Package", AffectedVersions = [], PatchedVersions = [Requirement.Parse(">= 1.11.0")], UnaffectedVersions = [] }
150
+ ],
151
+ securityUpdatesOnly: true,
152
+ updatingAPullRequest: false),
153
+ new Dependency("Some.Package", "1.8.0", DependencyType.PackageReference, IsTransitive: false),
154
+ // expectedResult
155
+ true,
156
+ ];
157
+
158
+ // when dealing with a security fix that doesn't apply
159
+ yield return
160
+ [
161
+ CreateJob(
162
+ allowedUpdates: [
163
+ new AllowedUpdate() { DependencyType = DepType.Direct, UpdateType = UpdateType.All },
164
+ new AllowedUpdate() { DependencyType = DepType.Indirect, UpdateType = UpdateType.Security }
165
+ ],
166
+ dependencies: [],
167
+ existingPrs: [],
168
+ securityAdvisories: [
169
+ new Advisory() { DependencyName = "Some.Package", AffectedVersions = [Requirement.Parse("> 1.8.0")], PatchedVersions = [], UnaffectedVersions = [] }
170
+ ],
171
+ securityUpdatesOnly: true,
172
+ updatingAPullRequest: false),
173
+ new Dependency("Some.Package", "1.8.0", DependencyType.PackageReference, IsTransitive: false),
174
+ // expectedResult
175
+ false,
176
+ ];
177
+
178
+ // when dealing with a security fix that doesn't apply to some versions
179
+ yield return
180
+ [
181
+ CreateJob(
182
+ allowedUpdates: [
183
+ new AllowedUpdate() { DependencyType = DepType.Direct, UpdateType = UpdateType.All },
184
+ new AllowedUpdate() { DependencyType = DepType.Indirect, UpdateType = UpdateType.Security }
185
+ ],
186
+ dependencies: [],
187
+ existingPrs: [],
188
+ securityAdvisories: [
189
+ new Advisory() { DependencyName = "Some.Package", AffectedVersions = [Requirement.Parse("< 1.8.0"), Requirement.Parse("> 1.8.0")], PatchedVersions = [], UnaffectedVersions = [] }
190
+ ],
191
+ securityUpdatesOnly: true,
192
+ updatingAPullRequest: false),
193
+ new Dependency("Some.Package", "1.8.1", DependencyType.PackageReference, IsTransitive: false),
194
+ // expectedResult
195
+ true,
196
+ ];
197
+
198
+ // when a dependency allow list that includes the dependency
199
+ yield return
200
+ [
201
+ CreateJob(
202
+ allowedUpdates: [
203
+ new AllowedUpdate() { DependencyName = "Some.Package" }
204
+ ],
205
+ dependencies: [],
206
+ existingPrs: [],
207
+ securityAdvisories: [],
208
+ securityUpdatesOnly: false,
209
+ updatingAPullRequest: false),
210
+ new Dependency("Some.Package", "1.8.0", DependencyType.PackageReference, IsTransitive: false),
211
+ // expectedResult
212
+ true,
213
+ ];
214
+
215
+ // with a dependency allow list that uses a wildcard
216
+ yield return
217
+ [
218
+ CreateJob(
219
+ allowedUpdates: [
220
+ new AllowedUpdate() { DependencyName = "Some.*" }
221
+ ],
222
+ dependencies: [],
223
+ existingPrs: [],
224
+ securityAdvisories: [],
225
+ securityUpdatesOnly: false,
226
+ updatingAPullRequest: false),
227
+ new Dependency("Some.Package", "1.8.0", DependencyType.PackageReference, IsTransitive: false),
228
+ // expectedResult
229
+ true,
230
+ ];
231
+
232
+ // when dependency allow list that excludes the dependency
233
+ yield return
234
+ [
235
+ CreateJob(
236
+ allowedUpdates: [
237
+ new AllowedUpdate() { DependencyName = "Unrelated.Package" }
238
+ ],
239
+ dependencies: [],
240
+ existingPrs: [],
241
+ securityAdvisories: [],
242
+ securityUpdatesOnly: false,
243
+ updatingAPullRequest: false),
244
+ new Dependency("Some.Package", "1.8.0", DependencyType.PackageReference, IsTransitive: false),
245
+ // expectedResult
246
+ false,
247
+ ];
248
+
249
+ // when matching with an incomplete dependency name
250
+ yield return
251
+ [
252
+ CreateJob(
253
+ allowedUpdates: [
254
+ new AllowedUpdate() { DependencyName = "Some" }
255
+ ],
256
+ dependencies: [],
257
+ existingPrs: [],
258
+ securityAdvisories: [],
259
+ securityUpdatesOnly: false,
260
+ updatingAPullRequest: false),
261
+ new Dependency("Some.Package", "1.8.0", DependencyType.PackageReference, IsTransitive: false),
262
+ // expectedResult
263
+ false,
264
+ ];
265
+
266
+ // with a dependency allow list that uses a wildcard
267
+ yield return
268
+ [
269
+ CreateJob(
270
+ allowedUpdates: [
271
+ new AllowedUpdate() { DependencyName = "Unrelated.*" }
272
+ ],
273
+ dependencies: [],
274
+ existingPrs: [],
275
+ securityAdvisories: [],
276
+ securityUpdatesOnly: false,
277
+ updatingAPullRequest: false),
278
+ new Dependency("Some.Package", "1.8.0", DependencyType.PackageReference, IsTransitive: false),
279
+ // expectedResult
280
+ false,
281
+ ];
282
+
283
+ // when security fixes are also allowed
284
+ yield return
285
+ [
286
+ CreateJob(
287
+ allowedUpdates: [
288
+ new AllowedUpdate() { DependencyName = "Unrelated.Package" },
289
+ new AllowedUpdate() { UpdateType = UpdateType.Security }
290
+ ],
291
+ dependencies: [],
292
+ existingPrs: [],
293
+ securityAdvisories: [],
294
+ securityUpdatesOnly: false,
295
+ updatingAPullRequest: false),
296
+ new Dependency("Some.Package", "1.8.0", DependencyType.PackageReference, IsTransitive: false),
297
+ // expectedResult
298
+ false,
299
+ ];
300
+
301
+ // when dealing with a security fix
302
+ yield return
303
+ [
304
+ CreateJob(
305
+ allowedUpdates: [
306
+ new AllowedUpdate() { DependencyName = "Unrelated.Package"}, new AllowedUpdate(){ UpdateType = UpdateType.Security }
307
+ ],
308
+ dependencies: [],
309
+ existingPrs: [],
310
+ securityAdvisories: [
311
+ new Advisory() { DependencyName = "Some.Package", AffectedVersions = [], PatchedVersions = [Requirement.Parse(">= 1.11.0")], UnaffectedVersions = [] }
312
+ ],
313
+ securityUpdatesOnly: false,
314
+ updatingAPullRequest: false),
315
+ new Dependency("Some.Package", "1.8.0", DependencyType.PackageReference, IsTransitive: false),
316
+ // expectedResult
317
+ true,
318
+ ];
319
+
320
+ // security job, not vulnerable => security update not needed
321
+ yield return
322
+ [
323
+ CreateJob(
324
+ allowedUpdates: [
325
+ new AllowedUpdate() { UpdateType = UpdateType.Security }
326
+ ],
327
+ dependencies: [],
328
+ existingPrs: [],
329
+ securityAdvisories: [
330
+ new Advisory() { DependencyName = "Some.Package", AffectedVersions = [Requirement.Parse("1.0.0")], PatchedVersions = [Requirement.Parse("1.1.0")] }
331
+ ],
332
+ securityUpdatesOnly: true,
333
+ updatingAPullRequest: false),
334
+ new Dependency("Some.Package", "1.1.0", DependencyType.PackageReference),
335
+ // expectedResult
336
+ false,
337
+ ];
338
+
339
+ // security job, not updating existing => pr already exists
340
+ yield return
341
+ [
342
+ CreateJob(
343
+ allowedUpdates: [
344
+ new AllowedUpdate() { UpdateType = UpdateType.Security }
345
+ ],
346
+ dependencies: [],
347
+ existingPrs: [
348
+ new PullRequest() { Dependencies = [new PullRequestDependency() { DependencyName = "Some.Package", DependencyVersion = NuGetVersion.Parse("1.2.0") }] }
349
+ ],
350
+ securityAdvisories: [
351
+ new Advisory() { DependencyName = "Some.Package", AffectedVersions = [Requirement.Parse("1.1.0")] }
352
+ ],
353
+ securityUpdatesOnly: true,
354
+ updatingAPullRequest: false),
355
+ new Dependency("Some.Package", "1.1.0", DependencyType.PackageReference),
356
+ // expectedResult
357
+ false,
358
+ ];
359
+
360
+ // security job, updating existing => do update
361
+ yield return
362
+ [
363
+ CreateJob(
364
+ allowedUpdates: [
365
+ new AllowedUpdate() { UpdateType = UpdateType.All, DependencyType = DepType.Direct }
366
+ ],
367
+ dependencies: ["Some.Package"],
368
+ existingPrs: [
369
+ new PullRequest() { Dependencies = [new PullRequestDependency() { DependencyName = "Some.Package", DependencyVersion = NuGetVersion.Parse("1.1.0") }] }
370
+ ],
371
+ securityAdvisories: [
372
+ new Advisory() { DependencyName = "Some.Package", AffectedVersions = [Requirement.Parse(">= 1.0.0, < 1.1.0")] }
373
+ ],
374
+ securityUpdatesOnly: true,
375
+ updatingAPullRequest: true),
376
+ new Dependency("Some.Package", "1.0.0", DependencyType.PackageReference),
377
+ // expectedResult
378
+ true,
379
+ ];
380
+ }
381
+
382
+ private static Job CreateJob(
383
+ ImmutableArray<AllowedUpdate> allowedUpdates,
384
+ ImmutableArray<string> dependencies,
385
+ ImmutableArray<PullRequest> existingPrs,
386
+ ImmutableArray<Advisory> securityAdvisories,
387
+ bool securityUpdatesOnly,
388
+ bool updatingAPullRequest)
389
+ {
390
+ return new Job()
391
+ {
392
+ AllowedUpdates = allowedUpdates,
393
+ Dependencies = dependencies,
394
+ ExistingPullRequests = existingPrs,
395
+ SecurityAdvisories = securityAdvisories,
396
+ SecurityUpdatesOnly = securityUpdatesOnly,
397
+ Source = new()
398
+ {
399
+ Provider = "nuget",
400
+ Repo = "test/repo",
401
+ },
402
+ UpdatingAPullRequest = updatingAPullRequest,
403
+ };
404
+ }
405
+ }
data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/EndToEndTests.cs CHANGED
@@ -9,8 +9,10 @@ namespace NuGetUpdater.Core.Test.Run;
9
9
 
10
10
  public class EndToEndTests
11
11
  {
12
- [Fact]
13
- public async Task UpdatePackageWithDifferentVersionsInDifferentDirectories()
12
+ [Theory]
13
+ [InlineData(true)]
14
+ [InlineData(false)]
15
+ public async Task UpdatePackageWithDifferentVersionsInDifferentDirectories(bool useLegacyUpdateHandler)
14
16
  {
15
17
  // this test passes `null` for discovery, analyze, and update workers to fully test the desired behavior
16
18
 
@@ -18,8 +20,88 @@ public class EndToEndTests
18
20
  // library1.csproj - top level dependency, already up to date
19
21
  // library2.csproj - top level dependency, needs direct update
20
22
  // library3.csproj - transitive dependency, needs pin
23
+ var base64DependencyFiles = useLegacyUpdateHandler
24
+ ? new[]
25
+ {
26
+ new DependencyFile()
27
+ {
28
+ Directory = "/",
29
+ Name = "Directory.Build.props",
30
+ Content = Convert.ToBase64String(Encoding.UTF8.GetBytes("<Project />")),
31
+ ContentEncoding = "base64",
32
+ },
33
+ new DependencyFile()
34
+ {
35
+ Directory = "/",
36
+ Name = "Directory.Build.targets",
37
+ Content = Convert.ToBase64String(Encoding.UTF8.GetBytes("<Project />")),
38
+ ContentEncoding = "base64",
39
+ },
40
+ new DependencyFile()
41
+ {
42
+ Directory = "/",
43
+ Name = "Directory.Packages.props",
44
+ Content = Convert.ToBase64String(Encoding.UTF8.GetBytes("""
45
+ <Project>
46
+ <PropertyGroup>
47
+ <ManagePackageVersionsCentrally>false</ManagePackageVersionsCentrally>
48
+ </PropertyGroup>
49
+ </Project>
50
+ """)),
51
+ ContentEncoding = "base64",
52
+ },
53
+ new DependencyFile()
54
+ {
55
+ Directory = "/library1",
56
+ Name = "library1.csproj",
57
+ Content = Convert.ToBase64String(Encoding.UTF8.GetBytes("""
58
+ <Project Sdk="Microsoft.NET.Sdk">
59
+ <PropertyGroup>
60
+ <TargetFramework>net8.0</TargetFramework>
61
+ </PropertyGroup>
62
+ <ItemGroup>
63
+ <PackageReference Include="Some.Package" Version="2.0.0" />
64
+ </ItemGroup>
65
+ </Project>
66
+ """)),
67
+ ContentEncoding = "base64",
68
+ },
69
+ new DependencyFile()
70
+ {
71
+ Directory = "/library2",
72
+ Name = "library2.csproj",
73
+ Content = Convert.ToBase64String(Encoding.UTF8.GetBytes("""
74
+ <Project Sdk="Microsoft.NET.Sdk">
75
+ <PropertyGroup>
76
+ <TargetFramework>net8.0</TargetFramework>
77
+ </PropertyGroup>
78
+ <ItemGroup>
79
+ <PackageReference Include="Some.Package" Version="1.0.0" />
80
+ </ItemGroup>
81
+ </Project>
82
+ """)),
83
+ ContentEncoding = "base64",
84
+ },
85
+ new DependencyFile()
86
+ {
87
+ Directory = "/library3",
88
+ Name = "library3.csproj",
89
+ Content = Convert.ToBase64String(Encoding.UTF8.GetBytes("""
90
+ <Project Sdk="Microsoft.NET.Sdk">
91
+ <PropertyGroup>
92
+ <TargetFramework>net8.0</TargetFramework>
93
+ </PropertyGroup>
94
+ <ItemGroup>
95
+ <PackageReference Include="Package.With.Transitive.Dependency" Version="0.1.0" />
96
+ </ItemGroup>
97
+ </Project>
98
+ """)),
99
+ ContentEncoding = "base64",
100
+ }
101
+ }
102
+ : [];
21
103
  await RunWorkerTests.RunAsync(
22
- experimentsManager: new ExperimentsManager() { UseDirectDiscovery = true },
104
+ experimentsManager: new ExperimentsManager() { UseDirectDiscovery = true, UseLegacyUpdateHandler = useLegacyUpdateHandler },
23
105
  packages: [
24
106
  MockNuGetPackage.CreateSimplePackage("Some.Package", "1.0.0", "net8.0"),
25
107
  MockNuGetPackage.CreateSimplePackage("Some.Package", "2.0.0", "net8.0"),
@@ -28,6 +110,9 @@ public class EndToEndTests
28
110
  job: new Job()
29
111
  {
30
112
  AllowedUpdates = [new() { UpdateType = UpdateType.Security }],
113
+ Dependencies = [
114
+ "Some.Package"
115
+ ],
31
116
  SecurityAdvisories =
32
117
  [
33
118
  new()
@@ -36,6 +121,7 @@ public class EndToEndTests
36
121
  AffectedVersions = [Requirement.Parse("= 1.0.0")]
37
122
  }
38
123
  ],
124
+ SecurityUpdatesOnly = true,
39
125
  Source = new()
40
126
  {
41
127
  Provider = "github",
@@ -98,84 +184,7 @@ public class EndToEndTests
98
184
  updaterWorker: null,
99
185
  expectedResult: new RunResult()
100
186
  {
101
- Base64DependencyFiles =
102
- [
103
- new DependencyFile()
104
- {
105
- Directory = "/",
106
- Name = "Directory.Build.props",
107
- Content = Convert.ToBase64String(Encoding.UTF8.GetBytes("<Project />")),
108
- ContentEncoding = "base64",
109
- },
110
- new DependencyFile()
111
- {
112
- Directory = "/",
113
- Name = "Directory.Build.targets",
114
- Content = Convert.ToBase64String(Encoding.UTF8.GetBytes("<Project />")),
115
- ContentEncoding = "base64",
116
- },
117
- new DependencyFile()
118
- {
119
- Directory = "/",
120
- Name = "Directory.Packages.props",
121
- Content = Convert.ToBase64String(Encoding.UTF8.GetBytes("""
122
- <Project>
123
- <PropertyGroup>
124
- <ManagePackageVersionsCentrally>false</ManagePackageVersionsCentrally>
125
- </PropertyGroup>
126
- </Project>
127
- """)),
128
- ContentEncoding = "base64",
129
- },
130
- new DependencyFile()
131
- {
132
- Directory = "/library1",
133
- Name = "library1.csproj",
134
- Content = Convert.ToBase64String(Encoding.UTF8.GetBytes("""
135
- <Project Sdk="Microsoft.NET.Sdk">
136
- <PropertyGroup>
137
- <TargetFramework>net8.0</TargetFramework>
138
- </PropertyGroup>
139
- <ItemGroup>
140
- <PackageReference Include="Some.Package" Version="2.0.0" />
141
- </ItemGroup>
142
- </Project>
143
- """)),
144
- ContentEncoding = "base64",
145
- },
146
- new DependencyFile()
147
- {
148
- Directory = "/library2",
149
- Name = "library2.csproj",
150
- Content = Convert.ToBase64String(Encoding.UTF8.GetBytes("""
151
- <Project Sdk="Microsoft.NET.Sdk">
152
- <PropertyGroup>
153
- <TargetFramework>net8.0</TargetFramework>
154
- </PropertyGroup>
155
- <ItemGroup>
156
- <PackageReference Include="Some.Package" Version="1.0.0" />
157
- </ItemGroup>
158
- </Project>
159
- """)),
160
- ContentEncoding = "base64",
161
- },
162
- new DependencyFile()
163
- {
164
- Directory = "/library3",
165
- Name = "library3.csproj",
166
- Content = Convert.ToBase64String(Encoding.UTF8.GetBytes("""
167
- <Project Sdk="Microsoft.NET.Sdk">
168
- <PropertyGroup>
169
- <TargetFramework>net8.0</TargetFramework>
170
- </PropertyGroup>
171
- <ItemGroup>
172
- <PackageReference Include="Package.With.Transitive.Dependency" Version="0.1.0" />
173
- </ItemGroup>
174
- </Project>
175
- """)),
176
- ContentEncoding = "base64",
177
- }
178
- ],
187
+ Base64DependencyFiles = base64DependencyFiles,
179
188
  BaseCommitSha = "TEST-COMMIT-SHA",
180
189
  },
181
190
  expectedApiMessages: [
@@ -346,7 +355,8 @@ public class EndToEndTests
346
355
  BaseCommitSha = "TEST-COMMIT-SHA",
347
356
  CommitMessage = RunWorkerTests.TestPullRequestCommitMessage,
348
357
  PrTitle = RunWorkerTests.TestPullRequestTitle,
349
- PrBody = RunWorkerTests.TestPullRequestBody
358
+ PrBody = RunWorkerTests.TestPullRequestBody,
359
+ DependencyGroup = null,
350
360
  },
351
361
  new MarkAsProcessed("TEST-COMMIT-SHA")
352
362
  ]
data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/HttpApiHandlerTests.cs CHANGED
@@ -150,7 +150,12 @@ public class HttpApiHandlerTests
150
150
  yield return [new PrivateSourceAuthenticationFailure(["unused"]), "record_update_job_error"];
151
151
  yield return [new PrivateSourceBadResponse(["unused"]), "record_update_job_error"];
152
152
  yield return [new PullRequestExistsForLatestVersion("unused", "unused"), "record_update_job_error"];
153
+ yield return [new PullRequestExistsForSecurityUpdate([]), "record_update_job_error"];
154
+ yield return [new SecurityUpdateDependencyNotFound(), "record_update_job_error"];
155
+ yield return [new SecurityUpdateIgnored("unused"), "record_update_job_error"];
156
+ yield return [new SecurityUpdateNotFound("unused", "unused"), "record_update_job_error"];
153
157
  yield return [new SecurityUpdateNotNeeded("unused"), "record_update_job_error"];
158
+ yield return [new SecurityUpdateNotPossible("unused", "unused", "unused", []), "record_update_job_error"];
154
159
  yield return [new UnknownError(new Exception("unused"), "unused"), "record_update_job_error", "record_update_job_unknown_error", "increment_metric"];
155
160
  yield return [new UpdateNotPossible(["unused"]), "record_update_job_error"];
156
161
  }