dependabot-nuget 0.356.0 → 0.358.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/SdkProjectDiscovery.cs +71 -34
  3. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Discover/DiscoveryWorkerTests.cs +174 -1
  4. metadata +5 -5
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 56027ed62ebd863237630c55bc289bd083c5606979410af2925657c88dcbcf75
4
- data.tar.gz: bb8377eb0d13add9bc1c6b8240c1d832ac5b2d641b817f19feaa6762b81cb90b
3
+ metadata.gz: 1f734a157182687168706919b25626d787c053b98ce66d83d58752fd77215a6e
4
+ data.tar.gz: 651030c7a22e6743b54a594f93b41973d4ffd288d95145b07e744b87885e0375
5
5
  SHA512:
6
- metadata.gz: 85d78b0b4d3535e570193ea3e19b8ffec884377d46eb1400ad5d6ac2f69d69fd9e9ab883f2f185360f40506500212bcdc4cf9044a2317a4359bee2e4b7942662
7
- data.tar.gz: e51b2ff7c2cba64483a1f941c2707b4d2d8dfc7dee7221b1c13aa6cce4766e3b30816858711a7812a0a99e55d4e2a7abd7fb207af4ac2231030a3b4be388f255
6
+ metadata.gz: 05df81e52c4479ffaba35307989abab53fe28209d4cdd29277ab835a5f24224b6655a0d29f2d2f76a285a64af8b54bd6866cde673b38b7f125a3af1440ff94d2
7
+ data.tar.gz: 8652832c636b18da24146671415f1e4f582e8998329f8d2e16c523a97c3d1e59b64db2065548b13aae0fe73a383b8817dd97111959a121901d012e8c07312712
data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/SdkProjectDiscovery.cs CHANGED
@@ -5,15 +5,14 @@ using System.Xml.XPath;
5
5
 
6
6
  using Microsoft.Build.Logging.StructuredLogger;
7
7
 
8
- using NuGet;
9
8
  using NuGet.Frameworks;
10
- using NuGet.Versioning;
11
9
 
12
10
  using NuGetUpdater.Core.Utilities;
13
11
 
14
12
  using Semver;
15
13
 
16
14
  using LoggerProperty = Microsoft.Build.Logging.StructuredLogger.Property;
15
+ using ThreadingTask = System.Threading.Tasks.Task;
17
16
 
18
17
  namespace NuGetUpdater.Core.Discover;
19
18
 
@@ -21,7 +20,8 @@ internal static class SdkProjectDiscovery
21
20
  {
22
21
  private static readonly HashSet<string> TopLevelPackageItemNames = new HashSet<string>(StringComparer.OrdinalIgnoreCase)
23
22
  {
24
- "PackageReference"
23
+ "PackageReference",
24
+ "GlobalPackageReference",
25
25
  };
26
26
 
27
27
  private static readonly HashSet<string> PackageVersionItemNames = new HashSet<string>(StringComparer.Ordinal)
@@ -84,8 +84,8 @@ internal static class SdkProjectDiscovery
84
84
  Dictionary<string, Dictionary<string, Dictionary<string, string>>> packagesPerProject = new(PathComparer.Instance);
85
85
  // projectPath tfm packageName packageVersion
86
86
 
87
- Dictionary<string, Dictionary<string, HashSet<string>>> topLevelPackagesPerProject = new(PathComparer.Instance);
88
- // projectPath tfm, packageNames
87
+ Dictionary<string, Dictionary<string, HashSet<string>>> implicitlyIgnoredPackages = new(PathComparer.Instance);
88
+ // projectPath tfm packageNames
89
89
 
90
90
  Dictionary<string, Dictionary<string, Dictionary<string, string>>> explicitPackageVersionsPerProject = new(PathComparer.Instance);
91
91
  // projectPath, tfm, packageName, packageVersion
@@ -222,7 +222,7 @@ internal static class SdkProjectDiscovery
222
222
  }
223
223
  break;
224
224
  case NamedNode namedNode when namedNode is AddItem or RemoveItem:
225
- ProcessResolvedPackageReference(namedNode, packagesPerProject, topLevelPackagesPerProject, explicitPackageVersionsPerProject, packageReferenceElementCounts);
225
+ ProcessResolvedPackageReference(namedNode, packagesPerProject, implicitlyIgnoredPackages, explicitPackageVersionsPerProject, packageReferenceElementCounts);
226
226
 
227
227
  if (namedNode is AddItem addItem)
228
228
  {
@@ -409,12 +409,13 @@ internal static class SdkProjectDiscovery
409
409
  packagesPerProject,
410
410
  explicitPackageVersionsPerProject,
411
411
  packagesReplacedBySdkPerProject,
412
- topLevelPackagesPerProject,
412
+ implicitlyIgnoredPackages,
413
413
  resolvedProperties,
414
414
  packageDependencies,
415
415
  referencedProjects,
416
416
  importedFiles,
417
- additionalFiles
417
+ additionalFiles,
418
+ logger
418
419
  );
419
420
  return projectDiscoveryResults;
420
421
  }
@@ -425,18 +426,20 @@ internal static class SdkProjectDiscovery
425
426
  Dictionary<string, Dictionary<string, Dictionary<string, string>>> packagesPerProject,
426
427
  Dictionary<string, Dictionary<string, Dictionary<string, string>>> packageVersionsPerProject,
427
428
  Dictionary<string, Dictionary<string, Dictionary<string, string>>> packagesReplacedBySdkPerProject,
428
- Dictionary<string, Dictionary<string, HashSet<string>>> topLevelPackagesPerProject,
429
+ Dictionary<string, Dictionary<string, HashSet<string>>> implicitlyIgnoredPackagesPerProject,
429
430
  Dictionary<string, Dictionary<string, string>> resolvedProperties,
430
431
  Dictionary<string, Dictionary<string, HashSet<string>>> packageDependencies,
431
432
  Dictionary<string, HashSet<string>> referencedProjects,
432
433
  Dictionary<string, HashSet<string>> importedFiles,
433
- Dictionary<string, HashSet<string>> additionalFiles
434
+ Dictionary<string, HashSet<string>> additionalFiles,
435
+ ILogger logger
434
436
  )
435
437
  {
436
438
  var projectDiscoveryResults = new List<ProjectDiscoveryResult>();
437
439
  foreach (var projectPath in packagesPerProject.Keys.OrderBy(p => p))
438
440
  {
439
441
  // gather some project-level information
442
+ var implicitlyIgnoredPackagesByTfm = implicitlyIgnoredPackagesPerProject.GetValueOrDefault(projectPath, new(StringComparer.OrdinalIgnoreCase));
440
443
  var packagesByTfm = packagesPerProject[projectPath];
441
444
  if (packagesReplacedBySdkPerProject.TryGetValue(projectPath, out var packagesReplacedBySdk))
442
445
  {
@@ -470,10 +473,6 @@ internal static class SdkProjectDiscovery
470
473
  var localPropertyDefinitionElements = doc.Root!.XPathSelectElements("/Project/PropertyGroup/*");
471
474
  var projectPropertyNames = localPropertyDefinitionElements.Select(e => e.Name.LocalName).ToHashSet(StringComparer.OrdinalIgnoreCase);
472
475
  var projectRelativePath = Path.GetRelativePath(workspacePath, projectPath);
473
- var topLevelPackageNames = topLevelPackagesPerProject
474
- .GetOrAdd(projectPath, () => new(StringComparer.OrdinalIgnoreCase))
475
- .SelectMany(kvp => kvp.Value)
476
- .ToHashSet(StringComparer.OrdinalIgnoreCase);
477
476
 
478
477
  var propertiesForProject = resolvedProperties.GetOrAdd(projectPath, () => new(StringComparer.OrdinalIgnoreCase));
479
478
  var assetsJson = new Lazy<JsonElement?>(() =>
@@ -488,6 +487,33 @@ internal static class SdkProjectDiscovery
488
487
  return null;
489
488
  });
490
489
 
490
+ // track imported files
491
+ var imported = importedFiles.GetOrAdd(projectPath, () => new(PathComparer.Instance))
492
+ .Select(p => Path.GetRelativePath(projectFullDirectory, p))
493
+ .Select(p => p.NormalizePathToUnix())
494
+ .OrderBy(p => p)
495
+ .ToImmutableArray();
496
+
497
+ // track packages imported directly by the project and its imports
498
+ var directlyReferencedPackagesPerFile = new Dictionary<string, HashSet<string>>(StringComparer.OrdinalIgnoreCase);
499
+ async ThreadingTask EnsurePackagesForFileAsync(string fullFilePath)
500
+ {
501
+ if (!directlyReferencedPackagesPerFile.ContainsKey(fullFilePath))
502
+ {
503
+ var packages = await DirectlyReferencedPackagesFromFilePath(fullFilePath, logger);
504
+ directlyReferencedPackagesPerFile[fullFilePath] = packages;
505
+ }
506
+ }
507
+ await EnsurePackagesForFileAsync(projectPath);
508
+ foreach (var importedPath in imported)
509
+ {
510
+ var fullImportedPath = Path.Combine(projectFullDirectory, importedPath);
511
+ await EnsurePackagesForFileAsync(fullImportedPath);
512
+ }
513
+ var directlyReferencedPackages = directlyReferencedPackagesPerFile.Values
514
+ .SelectMany(p => p)
515
+ .ToHashSet(StringComparer.OrdinalIgnoreCase);
516
+
491
517
  // create dependencies
492
518
  var tfms = packagesByTfm.Keys.OrderBy(tfm => tfm).ToImmutableArray();
493
519
  var groupedDependencies = new Dictionary<string, Dependency>(StringComparer.OrdinalIgnoreCase);
@@ -495,6 +521,7 @@ internal static class SdkProjectDiscovery
495
521
  {
496
522
  var parsedTfm = NuGetFramework.Parse(tfm);
497
523
  var packages = packagesByTfm[tfm];
524
+ var implicitlyIgnoredPackages = implicitlyIgnoredPackagesByTfm.GetValueOrDefault(tfm, new(StringComparer.OrdinalIgnoreCase));
498
525
 
499
526
  // augment with any packages that might not have reported assemblies
500
527
  var assetsPackageVersions = new Lazy<Dictionary<string, string>>(() =>
@@ -547,7 +574,7 @@ internal static class SdkProjectDiscovery
547
574
  {
548
575
  var packageName = package.Key;
549
576
  var packageVersion = package.Value;
550
- var isTopLevel = topLevelPackageNames.Contains(packageName);
577
+ var isTopLevel = directlyReferencedPackages.Contains(packageName) && !implicitlyIgnoredPackages.Contains(packageName);
551
578
  var dependencyType = isTopLevel ? DependencyType.PackageReference : DependencyType.Unknown;
552
579
  var combinedTfms = new HashSet<string>([tfm], StringComparer.OrdinalIgnoreCase);
553
580
  if (groupedDependencies.TryGetValue(packageName, out var existingDependency) &&
@@ -580,11 +607,6 @@ internal static class SdkProjectDiscovery
580
607
  .Select(p => Path.GetRelativePath(projectFullDirectory, p).NormalizePathToUnix())
581
608
  .OrderBy(p => p)
582
609
  .ToImmutableArray();
583
- var imported = importedFiles.GetOrAdd(projectPath, () => new(PathComparer.Instance))
584
- .Select(p => Path.GetRelativePath(projectFullDirectory, p))
585
- .Select(p => p.NormalizePathToUnix())
586
- .OrderBy(p => p)
587
- .ToImmutableArray();
588
610
  var additionalFromLocation = ProjectHelper.GetAdditionalFilesFromProjectLocation(projectPath, ProjectHelper.PathFormat.Full);
589
611
  var additional = additionalFiles.GetOrAdd(projectPath, () => new(PathComparer.Instance))
590
612
  .Concat(additionalFromLocation)
@@ -616,6 +638,31 @@ internal static class SdkProjectDiscovery
616
638
  return projectDiscoveryResults.ToImmutableArray();
617
639
  }
618
640
 
641
+ private static async Task<HashSet<string>> DirectlyReferencedPackagesFromFilePath(string fullFilePath, ILogger logger)
642
+ {
643
+ try
644
+ {
645
+ var content = await File.ReadAllTextAsync(fullFilePath);
646
+ var doc = XDocument.Parse(content);
647
+ var packages = doc.Descendants()
648
+ .Where(e => TopLevelPackageItemNames.Contains(e.Name.LocalName))
649
+ .SelectMany(e =>
650
+ {
651
+ var includesText = e.Attribute("Include")?.Value ?? string.Empty;
652
+ var updateText = e.Attribute("Update")?.Value ?? string.Empty;
653
+ return includesText.Split([';'], StringSplitOptions.RemoveEmptyEntries | StringSplitOptions.TrimEntries)
654
+ .Concat(updateText.Split([';'], StringSplitOptions.RemoveEmptyEntries | StringSplitOptions.TrimEntries));
655
+ })
656
+ .ToHashSet(StringComparer.OrdinalIgnoreCase);
657
+ return packages;
658
+ }
659
+ catch
660
+ {
661
+ logger.Warn($"Unable to determine directly referenced packages from file {fullFilePath}");
662
+ return [];
663
+ }
664
+ }
665
+
619
666
  private static async Task<Dictionary<string, Dictionary<string, Dictionary<string, string>>>> RebuildPackagesPerProject(
620
667
  string repoRootPath,
621
668
  string projectPath,
@@ -673,7 +720,7 @@ internal static class SdkProjectDiscovery
673
720
  private static void ProcessResolvedPackageReference(
674
721
  NamedNode node,
675
722
  Dictionary<string, Dictionary<string, Dictionary<string, string>>> packagesPerProject, // projectPath -> tfm -> (packageName, packageVersion)
676
- Dictionary<string, Dictionary<string, HashSet<string>>> topLevelPackagesPerProject, // projectPath -> tfm -> packageName
723
+ Dictionary<string, Dictionary<string, HashSet<string>>> implicitlyIgnoredPackagesPerProject, // projectPath -> tfm -> packageNames
677
724
  Dictionary<string, Dictionary<string, Dictionary<string, string>>> packageVersionsPerProject, // projectPath -> tfm -> (packageName, packageVersion)
678
725
  Dictionary<string, int> packageReferenceElementCounts // projectPath -> count of `<PackageReference>` elements
679
726
  )
@@ -694,21 +741,9 @@ internal static class SdkProjectDiscovery
694
741
  continue;
695
742
  }
696
743
 
697
- // count instances of `<PackageReference>`
698
- //var packageReferenceElements = packageReferenceElementCounts.GetOrAdd(projectEvaluation.ProjectFile, () => 0);
699
- //packageReferenceElementCounts[projectEvaluation.ProjectFile] = packageReferenceElements + 1;
700
-
701
744
  var tfm = GetTargetFrameworkFromProjectEvaluation(projectEvaluation);
702
745
  if (tfm is not null)
703
746
  {
704
- var topLevelPackages = topLevelPackagesPerProject.GetOrAdd(projectEvaluation.ProjectFile, () => new(StringComparer.OrdinalIgnoreCase));
705
- var topLevelPackagesPerTfm = topLevelPackages.GetOrAdd(tfm, () => new(StringComparer.OrdinalIgnoreCase));
706
-
707
- if (doRemoveOperation)
708
- {
709
- topLevelPackagesPerTfm.Remove(packageName);
710
- }
711
-
712
747
  if (doAddOperation)
713
748
  {
714
749
  var isImplicitlyDefined = GetChildMetadataBooleanValue(child, "IsImplicitlyDefined");
@@ -716,10 +751,12 @@ internal static class SdkProjectDiscovery
716
751
  {
717
752
  // packages with `IsImplicitlyDefined="true"` aren't to be treated as top-level packages and shouldn't be candidates for regular update operations
718
753
  // they should still appear in the discovery list, though, so security jobs can update them as necessary
754
+ var implicitlyIgnoredPerTfm = implicitlyIgnoredPackagesPerProject.GetOrAdd(projectEvaluation.ProjectFile, () => new(StringComparer.OrdinalIgnoreCase));
755
+ var implicitlyIgnoredPackages = implicitlyIgnoredPerTfm.GetOrAdd(tfm, () => new(StringComparer.OrdinalIgnoreCase));
756
+ implicitlyIgnoredPackages.Add(packageName);
719
757
  continue;
720
758
  }
721
759
 
722
- topLevelPackagesPerTfm.Add(packageName);
723
760
  var packageVersion = GetChildMetadataValue(child, "Version");
724
761
  if (packageVersion is not null)
725
762
  {
data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Discover/DiscoveryWorkerTests.cs CHANGED
@@ -27,7 +27,7 @@ public partial class DiscoveryWorkerTests : DiscoveryWorkerTestBase
27
27
  {
28
28
  // this package ships with the SDK and is automatically added for F# projects but should be manually added here to make the test consistent
29
29
  // only direct package discovery finds this, though
30
- expectedDependencies.Add(new Dependency("FSharp.Core", MockNuGetPackage.FSharpCorePackageVersion.Value, DependencyType.PackageReference, TargetFrameworks: ["net8.0"], IsDirect: true));
30
+ expectedDependencies.Add(new Dependency("FSharp.Core", MockNuGetPackage.FSharpCorePackageVersion.Value, DependencyType.Unknown, TargetFrameworks: ["net8.0"], IsDirect: false, IsTransitive: true));
31
31
  }
32
32
 
33
33
  await TestDiscoveryAsync(
@@ -618,6 +618,179 @@ public partial class DiscoveryWorkerTests : DiscoveryWorkerTestBase
618
618
  );
619
619
  }
620
620
 
621
+ [Fact]
622
+ public async Task SdkPackagesAreReportedAppropriately()
623
+ {
624
+ // msbuild sdk has <PackageReference> element that should be reported as a transitive dependency
625
+ await TestDiscoveryAsync(
626
+ packages: [
627
+ MockNuGetPackage.CreateSimplePackage("Transitive.Package", "2.0.0", "net9.0"),
628
+ MockNuGetPackage.CreateMSBuildSdkPackage("TestSdk", "1.0.0",
629
+ sdkPropsContent: """
630
+ <Project>
631
+ <Import Project="Sdk.props" Sdk="Microsoft.NET.Sdk" />
632
+ </Project>
633
+ """,
634
+ sdkTargetsContent: """
635
+ <Project>
636
+ <ItemGroup>
637
+ <PackageReference Include="Transitive.Package" Version="2.0.0" />
638
+ </ItemGroup>
639
+ <Import Project="Sdk.targets" Sdk="Microsoft.NET.Sdk" />
640
+ </Project>
641
+ """
642
+ )
643
+ ],
644
+ workspacePath: "src",
645
+ files: [
646
+ ("src/project.csproj", """
647
+ <Project Sdk="TestSdk">
648
+ <PropertyGroup>
649
+ <TargetFramework>net9.0</TargetFramework>
650
+ </PropertyGroup>
651
+ </Project>
652
+ """),
653
+ ("Directory.Build.props", "<Project />"),
654
+ ("Directory.Build.targets", "<Project />"),
655
+ ("Directory.Packages.props", """
656
+ <Project>
657
+ <PropertyGroup>
658
+ <ManagePackageVersionsCentrally>false</ManagePackageVersionsCentrally>
659
+ </PropertyGroup>
660
+ </Project>
661
+ """),
662
+ ("global.json", """
663
+ {
664
+ "msbuild-sdks": {
665
+ "TestSdk": "1.0.0"
666
+ }
667
+ }
668
+ """),
669
+ ],
670
+ expectedResult: new()
671
+ {
672
+ Path = "src",
673
+ Projects = [
674
+ new()
675
+ {
676
+ FilePath = "project.csproj",
677
+ TargetFrameworks = ["net9.0"],
678
+ Dependencies = [
679
+ new("Transitive.Package", "2.0.0", DependencyType.Unknown, TargetFrameworks: ["net9.0"], IsDirect: false, IsTransitive: true),
680
+ ],
681
+ Properties = [
682
+ new("TargetFramework", "net9.0", "src/project.csproj")
683
+ ],
684
+ ReferencedProjectPaths = [],
685
+ ImportedFiles = [
686
+ "../Directory.Build.props",
687
+ "../Directory.Build.targets",
688
+ "../Directory.Packages.props",
689
+ ],
690
+ AdditionalFiles = [],
691
+ }
692
+ ],
693
+ GlobalJson = new()
694
+ {
695
+ FilePath = "../global.json",
696
+ Dependencies = [
697
+ new("TestSdk", "1.0.0", DependencyType.MSBuildSdk),
698
+ ]
699
+ },
700
+ }
701
+ );
702
+ }
703
+
704
+ [Fact]
705
+ public async Task SdkPackagesThatAreUpdatedAreReportedAsTopLevel()
706
+ {
707
+ // msbuild sdk has <PackageReference> element that should be reported as a transitive dependency
708
+ // HOWEVER a later statement in the files updates the package version, so it's now considered top level
709
+ await TestDiscoveryAsync(
710
+ packages: [
711
+ MockNuGetPackage.CreateSimplePackage("Transitive.Package", "2.0.0", "net9.0"),
712
+ MockNuGetPackage.CreateMSBuildSdkPackage("TestSdk", "1.0.0",
713
+ sdkPropsContent: """
714
+ <Project>
715
+ <Import Project="Sdk.props" Sdk="Microsoft.NET.Sdk" />
716
+ </Project>
717
+ """,
718
+ sdkTargetsContent: """
719
+ <Project>
720
+ <ItemGroup>
721
+ <PackageReference Include="Transitive.Package" Version="1.0.0" />
722
+ </ItemGroup>
723
+ <Import Project="Sdk.targets" Sdk="Microsoft.NET.Sdk" />
724
+ </Project>
725
+ """
726
+ )
727
+ ],
728
+ workspacePath: "src",
729
+ files: [
730
+ ("src/project.csproj", """
731
+ <Project Sdk="TestSdk">
732
+ <PropertyGroup>
733
+ <TargetFramework>net9.0</TargetFramework>
734
+ </PropertyGroup>
735
+ </Project>
736
+ """),
737
+ ("Directory.Build.props", "<Project />"),
738
+ ("Directory.Build.targets", """
739
+ <Project>
740
+ <ItemGroup>
741
+ <PackageReference Update="Transitive.Package" Version="2.0.0" />
742
+ </ItemGroup>
743
+ </Project>
744
+ """),
745
+ ("Directory.Packages.props", """
746
+ <Project>
747
+ <PropertyGroup>
748
+ <ManagePackageVersionsCentrally>false</ManagePackageVersionsCentrally>
749
+ </PropertyGroup>
750
+ </Project>
751
+ """),
752
+ ("global.json", """
753
+ {
754
+ "msbuild-sdks": {
755
+ "TestSdk": "1.0.0"
756
+ }
757
+ }
758
+ """),
759
+ ],
760
+ expectedResult: new()
761
+ {
762
+ Path = "src",
763
+ Projects = [
764
+ new()
765
+ {
766
+ FilePath = "project.csproj",
767
+ TargetFrameworks = ["net9.0"],
768
+ Dependencies = [
769
+ new("Transitive.Package", "2.0.0", DependencyType.PackageReference, TargetFrameworks: ["net9.0"], IsDirect: true),
770
+ ],
771
+ Properties = [
772
+ new("TargetFramework", "net9.0", "src/project.csproj")
773
+ ],
774
+ ReferencedProjectPaths = [],
775
+ ImportedFiles = [
776
+ "../Directory.Build.props",
777
+ "../Directory.Build.targets",
778
+ "../Directory.Packages.props",
779
+ ],
780
+ AdditionalFiles = [],
781
+ }
782
+ ],
783
+ GlobalJson = new()
784
+ {
785
+ FilePath = "../global.json",
786
+ Dependencies = [
787
+ new("TestSdk", "1.0.0", DependencyType.MSBuildSdk),
788
+ ]
789
+ },
790
+ }
791
+ );
792
+ }
793
+
621
794
  [Fact]
622
795
  public async Task TestRepo_Sln()
623
796
  {
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-nuget
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.356.0
4
+ version: 0.358.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
@@ -15,14 +15,14 @@ dependencies:
15
15
  requirements:
16
16
  - - '='
17
17
  - !ruby/object:Gem::Version
18
- version: 0.356.0
18
+ version: 0.358.0
19
19
  type: :runtime
20
20
  prerelease: false
21
21
  version_requirements: !ruby/object:Gem::Requirement
22
22
  requirements:
23
23
  - - '='
24
24
  - !ruby/object:Gem::Version
25
- version: 0.356.0
25
+ version: 0.358.0
26
26
  - !ruby/object:Gem::Dependency
27
27
  name: debug
28
28
  requirement: !ruby/object:Gem::Requirement
@@ -553,7 +553,7 @@ licenses:
553
553
  - MIT
554
554
  metadata:
555
555
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
556
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.356.0
556
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.358.0
557
557
  rdoc_options: []
558
558
  require_paths:
559
559
  - lib
@@ -568,7 +568,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
568
568
  - !ruby/object:Gem::Version
569
569
  version: 3.3.0
570
570
  requirements: []
571
- rubygems_version: 3.6.9
571
+ rubygems_version: 3.7.2
572
572
  specification_version: 4
573
573
  summary: Provides Dependabot support for .NET (NuGet)
574
574
  test_files: []