dependabot-nuget 0.315.0 → 0.316.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (51) hide show
  1. checksums.yaml +4 -4
  2. data/helpers/lib/NuGetUpdater/NuGetUpdater.Cli.Test/EntryPointTests.Run.cs +1 -1
  3. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/WorkspaceDiscoveryResult.cs +6 -0
  4. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/ExperimentsManager.cs +3 -0
  5. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/ClosePullRequest.cs +15 -0
  6. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/CreatePullRequest.cs +47 -0
  7. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/DependencyGroup.cs +60 -0
  8. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/Job.cs +151 -23
  9. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/JobErrorBase.cs +4 -18
  10. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/PullRequestExistsForSecurityUpdate.cs +15 -0
  11. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/SecurityUpdateDependencyNotFound.cs +9 -0
  12. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/SecurityUpdateIgnored.cs +10 -0
  13. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/SecurityUpdateNotFound.cs +11 -0
  14. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/SecurityUpdateNotPossible.cs +13 -0
  15. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/UpdatePullRequest.cs +6 -0
  16. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ModifiedFilesTracker.cs +151 -0
  17. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/PullRequestTextGenerator.cs +78 -32
  18. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/RunWorker.cs +99 -111
  19. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/UpdateHandlers/CreateSecurityUpdatePullRequestHandler.cs +169 -0
  20. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/UpdateHandlers/GroupUpdateAllVersionsHandler.cs +271 -0
  21. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/UpdateHandlers/IUpdateHandler.cs +22 -0
  22. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/UpdateHandlers/RefreshGroupUpdatePullRequestHandler.cs +192 -0
  23. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/UpdateHandlers/RefreshSecurityUpdatePullRequestHandler.cs +187 -0
  24. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/UpdateHandlers/RefreshVersionUpdatePullRequestHandler.cs +175 -0
  25. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/UpdateOperationBase.cs +43 -2
  26. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/ILogger.cs +17 -0
  27. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/MSBuildHelper.cs +15 -9
  28. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/MarkdownListBuilder.cs +65 -0
  29. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/ApiModel/JobTests.cs +405 -0
  30. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/EndToEndTests.cs +92 -82
  31. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/HttpApiHandlerTests.cs +5 -0
  32. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/MessageReportTests.cs +67 -1
  33. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/MiscellaneousTests.cs +445 -0
  34. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/PullRequestMessageTests.cs +1 -0
  35. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/PullRequestTextTests.cs +260 -20
  36. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/RunWorkerTests.cs +30 -2
  37. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/SerializationTests.cs +69 -10
  38. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/UpdateHandlers/CreateSecurityUpdatePullRequestHandlerTests.cs +766 -0
  39. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/UpdateHandlers/GroupUpdateAllVersionsHandlerTests.cs +636 -0
  40. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/UpdateHandlers/RefreshGroupUpdatePullRequestHandlerTests.cs +513 -0
  41. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/UpdateHandlers/RefreshSecurityUpdatePullRequestHandlerTests.cs +806 -0
  42. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/UpdateHandlers/RefreshVersionUpdatePullRequestHandlerTests.cs +589 -0
  43. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/UpdateHandlers/UpdateHandlerSelectionTests.cs +183 -0
  44. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/UpdateHandlers/UpdateHandlersTestsBase.cs +43 -0
  45. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/UpdatedDependencyListTests.cs +2 -2
  46. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Update/UpdateOperationBaseTests.cs +121 -7
  47. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Update/UpdateWorkerTests.Mixed.cs +6 -0
  48. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Update/UpdateWorkerTests.PackagesConfig.cs +2 -2
  49. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Utilities/MSBuildHelperTests.cs +51 -0
  50. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Utilities/MarkdownListBuilderTests.cs +42 -0
  51. metadata +26 -4
@@ -82,6 +82,7 @@ public class MessageReportTests
82
82
  CommitMessage = "unused",
83
83
  PrTitle = "unused",
84
84
  PrBody = "unused",
85
+ DependencyGroup = null, // unused
85
86
  },
86
87
  // expected
87
88
  """
@@ -171,6 +172,53 @@ public class MessageReportTests
171
172
  """
172
173
  ];
173
174
 
175
+ yield return
176
+ [
177
+ // message
178
+ new PullRequestExistsForSecurityUpdate([new("Some.Dependency", "1.2.3", DependencyType.PackageReference)]),
179
+ // expected
180
+ """
181
+ Error type: pull_request_exists_for_security_update
182
+ - updated-dependencies:
183
+ - - dependency-name: Some.Dependency
184
+ - dependency-version: 1.2.3
185
+ - dependency-removed: false
186
+ """
187
+ ];
188
+
189
+ yield return
190
+ [
191
+ // message
192
+ new SecurityUpdateDependencyNotFound(),
193
+ // expected
194
+ """
195
+ Error type: security_update_dependency_not_found
196
+ """
197
+ ];
198
+
199
+ yield return
200
+ [
201
+ // message
202
+ new SecurityUpdateIgnored("Some.Dependency"),
203
+ // expected
204
+ """
205
+ Error type: all_versions_ignored
206
+ - dependency-name: Some.Dependency
207
+ """
208
+ ];
209
+
210
+ yield return
211
+ [
212
+ // message
213
+ new SecurityUpdateNotFound("Some.Dependency", "1.2.3"),
214
+ // expected
215
+ """
216
+ Error type: security_update_not_found
217
+ - dependency-name: Some.Dependency
218
+ - dependency-version: 1.2.3
219
+ """
220
+ ];
221
+
174
222
  yield return
175
223
  [
176
224
  // message
@@ -182,6 +230,22 @@ public class MessageReportTests
182
230
  """
183
231
  ];
184
232
 
233
+ yield return
234
+ [
235
+ // message
236
+ new SecurityUpdateNotPossible("Some.Dependency", "1.2.3", "4.5.6", ["dep1", "dep2"]),
237
+ // expected
238
+ """
239
+ Error type: security_update_not_possible
240
+ - dependency-name: Some.Dependency
241
+ - latest-resolvable-version: 1.2.3
242
+ - lowest-non-vulnerable-version: 4.5.6
243
+ - conflicting-dependencies:
244
+ - dep1
245
+ - dep2
246
+ """
247
+ ];
248
+
185
249
  yield return
186
250
  [
187
251
  // message
@@ -203,7 +267,9 @@ public class MessageReportTests
203
267
  // expected
204
268
  """
205
269
  Error type: update_not_possible
206
- - dependencies: Dependency1, Dependency2
270
+ - dependencies:
271
+ - Dependency1
272
+ - Dependency2
207
273
  """
208
274
  ];
209
275
 
@@ -7,6 +7,7 @@ using NuGetUpdater.Core.Analyze;
7
7
  using NuGetUpdater.Core.Discover;
8
8
  using NuGetUpdater.Core.Run;
9
9
  using NuGetUpdater.Core.Run.ApiModel;
10
+ using NuGetUpdater.Core.Test.Utilities;
10
11
 
11
12
  using Xunit;
12
13
 
@@ -14,6 +15,450 @@ namespace NuGetUpdater.Core.Test.Run;
14
15
 
15
16
  public class MiscellaneousTests
16
17
  {
18
+ [Theory]
19
+ [MemberData(nameof(IsDependencyIgnoredTestData))]
20
+ public void IsDependencyIgnored(Condition[] ignoreConditions, string dependencyName, string dependencyVersion, bool expectedIgnored)
21
+ {
22
+ // arrange
23
+ var job = new Job()
24
+ {
25
+ Source = new()
26
+ {
27
+ Provider = "github",
28
+ Repo = "some/repo"
29
+ },
30
+ IgnoreConditions = ignoreConditions,
31
+ };
32
+
33
+ // act
34
+ var actualIsIgnored = job.IsDependencyIgnored(dependencyName, dependencyVersion);
35
+
36
+ // assert
37
+ Assert.Equal(expectedIgnored, actualIsIgnored);
38
+ }
39
+
40
+ public static IEnumerable<object[]> IsDependencyIgnoredTestData()
41
+ {
42
+ yield return
43
+ [
44
+ // ignoreConditions
45
+ new[]
46
+ {
47
+ new Condition()
48
+ {
49
+ DependencyName = "Different.Dependency",
50
+ }
51
+ },
52
+ // dependencyName
53
+ "Some.Dependency",
54
+ // dependencyVersion
55
+ "1.2.3",
56
+ // expectedIgnored
57
+ false,
58
+ ];
59
+
60
+ yield return
61
+ [
62
+ // ignoreConditions
63
+ new[]
64
+ {
65
+ new Condition()
66
+ {
67
+ DependencyName = "Some.Dependency",
68
+ VersionRequirement = Requirement.Parse("> 2.0.0"),
69
+ }
70
+ },
71
+ // dependencyName
72
+ "Some.Dependency",
73
+ // dependencyVersion
74
+ "1.2.3",
75
+ // expectedIgnored
76
+ false,
77
+ ];
78
+
79
+ yield return
80
+ [
81
+ // ignoreConditions
82
+ new[]
83
+ {
84
+ new Condition()
85
+ {
86
+ DependencyName = "Some.Dependency",
87
+ VersionRequirement = Requirement.Parse("> 1.0.0"),
88
+ }
89
+ },
90
+ // dependencyName
91
+ "Some.Dependency",
92
+ // dependencyVersion
93
+ "1.2.3",
94
+ // expectedIgnored
95
+ true,
96
+ ];
97
+
98
+ yield return
99
+ [
100
+ // ignoreConditions
101
+ new[]
102
+ {
103
+ new Condition()
104
+ {
105
+ DependencyName = "Some.*",
106
+ }
107
+ },
108
+ // dependencyName
109
+ "Some.Dependency",
110
+ // dependencyVersion
111
+ "1.2.3",
112
+ // expectedIgnored
113
+ true,
114
+ ];
115
+ }
116
+
117
+ [Theory]
118
+ [MemberData(nameof(DependencyGroup_IsMatchTestData))]
119
+ public void DependencyGroup_IsMatch(string[]? patterns, string[]? excludePatterns, string dependencyName, bool expectedMatch)
120
+ {
121
+ var rules = new Dictionary<string, object>();
122
+ if (patterns is not null)
123
+ {
124
+ rules["patterns"] = patterns;
125
+ }
126
+
127
+ if (excludePatterns is not null)
128
+ {
129
+ rules["exclude-patterns"] = excludePatterns;
130
+ }
131
+
132
+ var group = new DependencyGroup()
133
+ {
134
+ Name = "TestGroup",
135
+ Rules = rules,
136
+ };
137
+ var matcher = group.GetGroupMatcher();
138
+ var isMatch = matcher.IsMatch(dependencyName);
139
+ Assert.Equal(expectedMatch, isMatch);
140
+ }
141
+
142
+ public static IEnumerable<object?[]> DependencyGroup_IsMatchTestData()
143
+ {
144
+ yield return
145
+ [
146
+ null, // patterns
147
+ null, // excludePatterns
148
+ "Some.Package", // dependencyName
149
+ true, // expectMatch
150
+ ];
151
+
152
+ yield return
153
+ [
154
+ new[] { "*" }, // patterns
155
+ null, // excludePatterns
156
+ "Some.Package", // dependencyName
157
+ true, // expectMatch
158
+ ];
159
+
160
+ yield return
161
+ [
162
+ new[] { "some.*" }, // patterns
163
+ null, // excludePatterns
164
+ "Some.Package", // dependencyName
165
+ true, // expectMatch
166
+ ];
167
+
168
+ yield return
169
+ [
170
+ null, // patterns
171
+ new[] { "some.*" }, // excludePatterns
172
+ "Some.Package", // dependencyName
173
+ false, // expectMatch
174
+ ];
175
+
176
+ yield return
177
+ [
178
+ new[] { "*" }, // patterns
179
+ new[] { "some.*" }, // excludePatterns
180
+ "Some.Package", // dependencyName
181
+ false, // expectMatch
182
+ ];
183
+
184
+ yield return
185
+ [
186
+ new[] { "*" }, // patterns
187
+ new[] { "other.*" }, // excludePatterns
188
+ "Some.Package", // dependencyName
189
+ true, // expectMatch
190
+ ];
191
+ }
192
+
193
+ [Theory]
194
+ [MemberData(nameof(GetMatchingPullRequestTestData))]
195
+ public void GetMatchingPullRequest(Job job, IEnumerable<Dependency> dependencies, bool considerVersions, string? expectedGroupPrName, string[]? expectedPrDependencyNames)
196
+ {
197
+ var existingPr = job.GetExistingPullRequestForDependencies(dependencies, considerVersions);
198
+
199
+ if (expectedPrDependencyNames is null)
200
+ {
201
+ Assert.Null(existingPr);
202
+ return;
203
+ }
204
+ else
205
+ {
206
+ Assert.NotNull(existingPr);
207
+ }
208
+
209
+ Assert.Equal(expectedGroupPrName, existingPr.Item1);
210
+
211
+ var actualPrDependencyNames = existingPr.Item2
212
+ .Select(d => d.DependencyName)
213
+ .OrderBy(name => name, StringComparer.OrdinalIgnoreCase)
214
+ .ToArray();
215
+ AssertEx.Equal(expectedPrDependencyNames, actualPrDependencyNames);
216
+ }
217
+
218
+ public static IEnumerable<object?[]> GetMatchingPullRequestTestData()
219
+ {
220
+ var source = new JobSource()
221
+ {
222
+ Provider = "github",
223
+ Repo = "test/repo",
224
+ };
225
+
226
+ // match found, version match
227
+ yield return
228
+ [
229
+ // job
230
+ new Job()
231
+ {
232
+ Source = source,
233
+ ExistingPullRequests = [
234
+ new()
235
+ {
236
+ Dependencies = [
237
+ new()
238
+ {
239
+ DependencyName = "Dependency.A",
240
+ DependencyVersion = NuGetVersion.Parse("1.0.0"),
241
+ },
242
+ new()
243
+ {
244
+ DependencyName = "Dependency.B",
245
+ DependencyVersion = NuGetVersion.Parse("2.0.0"),
246
+ }
247
+ ]
248
+ }
249
+ ]
250
+ },
251
+ // dependencies
252
+ new[]
253
+ {
254
+ new Dependency("Dependency.A", "1.0.0", DependencyType.Unknown),
255
+ new Dependency("Dependency.B", "2.0.0", DependencyType.Unknown),
256
+ },
257
+ // considerVersions
258
+ true,
259
+ // expectedGroupPrName
260
+ null,
261
+ // expectedPrDependencyNames
262
+ new[] { "Dependency.A", "Dependency.B" },
263
+ ];
264
+
265
+ // match found, version agnostic
266
+ yield return
267
+ [
268
+ // job
269
+ new Job()
270
+ {
271
+ Source = source,
272
+ ExistingPullRequests = [
273
+ new()
274
+ {
275
+ Dependencies = [
276
+ new()
277
+ {
278
+ DependencyName = "Dependency.A",
279
+ DependencyVersion = NuGetVersion.Parse("1.0.0"),
280
+ },
281
+ new()
282
+ {
283
+ DependencyName = "Dependency.B",
284
+ DependencyVersion = NuGetVersion.Parse("2.0.0"),
285
+ }
286
+ ]
287
+ }
288
+ ]
289
+ },
290
+ // dependencies
291
+ new[]
292
+ {
293
+ new Dependency("Dependency.A", "3.0.0", DependencyType.Unknown),
294
+ new Dependency("Dependency.B", "4.0.0", DependencyType.Unknown),
295
+ },
296
+ // considerVersions
297
+ false,
298
+ // expectedGroupPrName
299
+ null,
300
+ // expectedPrDependencyNames
301
+ new[] { "Dependency.A", "Dependency.B" },
302
+ ];
303
+
304
+ // match not found, version didn't match
305
+ yield return
306
+ [
307
+ // job
308
+ new Job()
309
+ {
310
+ Source = source,
311
+ ExistingPullRequests = [
312
+ new()
313
+ {
314
+ Dependencies = [
315
+ new()
316
+ {
317
+ DependencyName = "Dependency.A",
318
+ DependencyVersion = NuGetVersion.Parse("1.0.0"),
319
+ },
320
+ new()
321
+ {
322
+ DependencyName = "Dependency.B",
323
+ DependencyVersion = NuGetVersion.Parse("2.0.0"),
324
+ }
325
+ ]
326
+ }
327
+ ]
328
+ },
329
+ // dependencies
330
+ new[]
331
+ {
332
+ new Dependency("Dependency.A", "1.0.0", DependencyType.Unknown),
333
+ new Dependency("Dependency.B", "3.0.0", DependencyType.Unknown),
334
+ },
335
+ // considerVersions
336
+ true,
337
+ // expectedGroupPrName
338
+ null,
339
+ // expectedPrDependencyNames
340
+ null,
341
+ ];
342
+
343
+ // no match found, missing a dependency
344
+ yield return
345
+ [
346
+ // job
347
+ new Job()
348
+ {
349
+ Source = source,
350
+ ExistingPullRequests = [
351
+ new()
352
+ {
353
+ Dependencies = [
354
+ new()
355
+ {
356
+ DependencyName = "Dependency.A",
357
+ DependencyVersion = NuGetVersion.Parse("1.0.0"),
358
+ },
359
+ new()
360
+ {
361
+ DependencyName = "Dependency.B",
362
+ DependencyVersion = NuGetVersion.Parse("2.0.0"),
363
+ }
364
+ ]
365
+ }
366
+ ]
367
+ },
368
+ // dependencies
369
+ new[]
370
+ {
371
+ new Dependency("Dependency.A", "1.0.0", DependencyType.Unknown),
372
+ },
373
+ // considerVersions
374
+ true,
375
+ // expectedGroupPrName
376
+ null,
377
+ // expectedPrDependencyNames
378
+ null,
379
+ ];
380
+
381
+ // no match found, extra dependency
382
+ yield return
383
+ [
384
+ // job
385
+ new Job()
386
+ {
387
+ Source = source,
388
+ ExistingPullRequests = [
389
+ new()
390
+ {
391
+ Dependencies = [
392
+ new()
393
+ {
394
+ DependencyName = "Dependency.A",
395
+ DependencyVersion = NuGetVersion.Parse("1.0.0"),
396
+ },
397
+ new()
398
+ {
399
+ DependencyName = "Dependency.B",
400
+ DependencyVersion = NuGetVersion.Parse("2.0.0"),
401
+ }
402
+ ]
403
+ }
404
+ ]
405
+ },
406
+ // dependencies
407
+ new[]
408
+ {
409
+ new Dependency("Dependency.A", "1.0.0", DependencyType.Unknown),
410
+ new Dependency("Dependency.B", "2.0.0", DependencyType.Unknown),
411
+ new Dependency("Dependency.C", "3.0.0", DependencyType.Unknown),
412
+ },
413
+ // considerVersions
414
+ false,
415
+ // expectedGroupPrName
416
+ null,
417
+ // expectedPrDependencyNames
418
+ null,
419
+ ];
420
+
421
+ // match found with group
422
+ yield return
423
+ [
424
+ // job
425
+ new Job()
426
+ {
427
+ Source = source,
428
+ ExistingGroupPullRequests = [
429
+ new()
430
+ {
431
+ DependencyGroupName = "test-group",
432
+ Dependencies = [
433
+ new()
434
+ {
435
+ DependencyName = "Dependency.A",
436
+ DependencyVersion = NuGetVersion.Parse("1.0.0"),
437
+ },
438
+ new()
439
+ {
440
+ DependencyName = "Dependency.B",
441
+ DependencyVersion = NuGetVersion.Parse("2.0.0"),
442
+ }
443
+ ]
444
+ }
445
+ ]
446
+ },
447
+ // dependencies
448
+ new[]
449
+ {
450
+ new Dependency("Dependency.A", "1.0.0", DependencyType.Unknown),
451
+ new Dependency("Dependency.B", "2.0.0", DependencyType.Unknown),
452
+ },
453
+ // considerVersions
454
+ true,
455
+ // expectedGroupPrName
456
+ "test-group",
457
+ // expectedPrDependencyNames
458
+ new[] { "Dependency.A", "Dependency.B" },
459
+ ];
460
+ }
461
+
17
462
  [Theory]
18
463
  [MemberData(nameof(RequirementsFromIgnoredVersionsData))]
19
464
  public void RequirementsFromIgnoredVersions(string dependencyName, Condition[] ignoreConditions, Requirement[] expectedRequirements)
@@ -82,6 +82,7 @@ public class PullRequestMessageTests
82
82
  CommitMessage = RunWorkerTests.TestPullRequestCommitMessage,
83
83
  PrTitle = RunWorkerTests.TestPullRequestTitle,
84
84
  PrBody = RunWorkerTests.TestPullRequestBody,
85
+ DependencyGroup = null,
85
86
  }
86
87
  ];
87
88