dependabot-nuget 0.386.0 → 0.387.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 45cedfbbb662d26d428348a93cf693a26bbff6d402feaf0f1a068a328e384d9e
4
- data.tar.gz: 69578367499f994702f926128e1297e8b3b38fcc43a3bb5236606a515be19de8
3
+ metadata.gz: 4b6442680ffbd904b76c8f2da10bf879900b426d17344f1306c5b68f989e1f99
4
+ data.tar.gz: b6131bc3dd8b9026d5cc304f9d7cec4da6643143995ff0a3e6b31db676c9dd3c
5
5
  SHA512:
6
- metadata.gz: 0f8197f31e75f02c01b6edfea9ec6d760062046b53971aa24816480e939db3fe14f5b64c045f1c90f51054007e8beefe9fcf5ba6f3efc46c2ec70b3715aca195
7
- data.tar.gz: d425d717e8d673a7b64a559c6e65a1ef9bacfee8c3de37719eac3406af8d869e0be7157a835b5b6078b71db0aa173518ec52ad86e35a95eddf942f803b449d1f
6
+ metadata.gz: 0f992808734c45a92cce97321d5dcfaefbdb8e0ebf41152e455e963718133d45a1ead0beda7f0a3b09417e0fa2db7bb6a711c21960b327f68417b244d7e80fa9
7
+ data.tar.gz: 5bc4da0439ee92ec1021f908b159471c7483e18b38625fc0c18cb5f63099b117db45a98a6468b6adde87206697cf65c6be5137c32dcf44579c2db25e6f18bfcc
@@ -856,4 +856,166 @@ public class CreateSecurityUpdatePullRequestHandlerTests : UpdateHandlersTestsBa
856
856
  ]
857
857
  );
858
858
  }
859
+
860
+ [Fact]
861
+ public async Task DuplicatePullRequestsAreNotCreatedForDifferentDirectories()
862
+ {
863
+ await TestAsync(
864
+ job: new Job()
865
+ {
866
+ Dependencies = ["Some.Dependency"],
867
+ SecurityAdvisories = [new() { DependencyName = "Some.Dependency", AffectedVersions = [Requirement.Parse("= 1.0.0")] }],
868
+ SecurityUpdatesOnly = true,
869
+ Source = CreateJobSource("/src/client", "/src/server"),
870
+ },
871
+ files: [
872
+ ("src/client/client.csproj", "contents irrelevant"),
873
+ ("src/server/server.csproj", "contents irrelevant"),
874
+ ("Directory.Packages.props", "initial contents"),
875
+ ],
876
+ discoveryWorker: TestDiscoveryWorker.FromResults(
877
+ ("/src/client", new WorkspaceDiscoveryResult()
878
+ {
879
+ Path = "/src/client",
880
+ Projects = [
881
+ new()
882
+ {
883
+ FilePath = "client.csproj",
884
+ Dependencies = [
885
+ new("Some.Dependency", "1.0.0", DependencyType.PackageReference, TargetFrameworks: ["net9.0"]),
886
+ ],
887
+ ImportedFiles = ["../../Directory.Packages.props"],
888
+ AdditionalFiles = [],
889
+ }
890
+ ],
891
+ }),
892
+ ("/src/server", new WorkspaceDiscoveryResult()
893
+ {
894
+ Path = "/src/server",
895
+ Projects = [
896
+ new()
897
+ {
898
+ FilePath = "server.csproj",
899
+ Dependencies = [
900
+ new("Some.Dependency", "1.0.0", DependencyType.PackageReference, TargetFrameworks: ["net9.0"]),
901
+ ],
902
+ ImportedFiles = ["../../Directory.Packages.props"],
903
+ AdditionalFiles = [],
904
+ }
905
+ ],
906
+ })
907
+ ),
908
+ analyzeWorker: new TestAnalyzeWorker(input =>
909
+ {
910
+ var repoRoot = input.Item1;
911
+ var discovery = input.Item2;
912
+ var dependencyInfo = input.Item3;
913
+ if (dependencyInfo.Name != "Some.Dependency")
914
+ {
915
+ throw new NotImplementedException($"Test didn't expect to update dependency {dependencyInfo.Name}");
916
+ }
917
+
918
+ return Task.FromResult(new AnalysisResult()
919
+ {
920
+ CanUpdate = true,
921
+ UpdatedVersion = "2.0.0",
922
+ UpdatedDependencies = [],
923
+ });
924
+ }),
925
+ updaterWorker: new TestUpdaterWorker(async input =>
926
+ {
927
+ var repoRoot = input.Item1;
928
+ var workspacePath = input.Item2;
929
+ var dependencyName = input.Item3;
930
+ var previousVersion = input.Item4;
931
+ var newVersion = input.Item5;
932
+ var isTopLevel = input.Item6;
933
+
934
+ await File.WriteAllTextAsync(Path.Join(repoRoot, "Directory.Packages.props"), "updated contents");
935
+
936
+ return new UpdateOperationResult()
937
+ {
938
+ UpdateOperations = [new DirectUpdate() { DependencyName = "Some.Dependency", NewVersion = NuGetVersion.Parse("2.0.0"), UpdatedFiles = ["/Directory.Packages.props"] }],
939
+ };
940
+ }),
941
+ expectedUpdateHandler: CreateSecurityUpdatePullRequestHandler.Instance,
942
+ expectedApiMessages: [
943
+ new UpdatedDependencyList()
944
+ {
945
+ Dependencies = [
946
+ new()
947
+ {
948
+ Name = "Some.Dependency",
949
+ Version = "1.0.0",
950
+ Requirements = [
951
+ new() { Requirement = "1.0.0", File = "/src/client/client.csproj", Groups = ["dependencies"] },
952
+ ],
953
+ },
954
+ ],
955
+ DependencyFiles = ["/Directory.Packages.props", "/src/client/client.csproj"],
956
+ },
957
+ new IncrementMetric()
958
+ {
959
+ Metric = "updater.started",
960
+ Tags = new()
961
+ {
962
+ ["operation"] = "create_security_pr",
963
+ }
964
+ },
965
+ new CreatePullRequest()
966
+ {
967
+ Dependencies = [
968
+ new()
969
+ {
970
+ Name = "Some.Dependency",
971
+ Version = "2.0.0",
972
+ Requirements = [
973
+ new() { Requirement = "2.0.0", File = "/src/client/client.csproj", Groups = ["dependencies"], Source = new() { SourceUrl = null } },
974
+ ],
975
+ PreviousVersion = "1.0.0",
976
+ PreviousRequirements = [
977
+ new() { Requirement = "1.0.0", File = "/src/client/client.csproj", Groups = ["dependencies"] },
978
+ ],
979
+ }
980
+ ],
981
+ UpdatedDependencyFiles = [
982
+ new()
983
+ {
984
+ Directory = "/",
985
+ Name = "Directory.Packages.props",
986
+ Content = "updated contents",
987
+ }
988
+ ],
989
+ BaseCommitSha = "TEST-COMMIT-SHA",
990
+ CommitMessage = EndToEndTests.TestPullRequestCommitMessage,
991
+ PrTitle = EndToEndTests.TestPullRequestTitle,
992
+ PrBody = EndToEndTests.TestPullRequestBody,
993
+ DependencyGroup = null,
994
+ },
995
+ new UpdatedDependencyList()
996
+ {
997
+ Dependencies = [
998
+ new()
999
+ {
1000
+ Name = "Some.Dependency",
1001
+ Version = "1.0.0",
1002
+ Requirements = [
1003
+ new() { Requirement = "1.0.0", File = "/src/server/server.csproj", Groups = ["dependencies"] },
1004
+ ],
1005
+ },
1006
+ ],
1007
+ DependencyFiles = ["/Directory.Packages.props", "/src/server/server.csproj"],
1008
+ },
1009
+ new IncrementMetric()
1010
+ {
1011
+ Metric = "updater.started",
1012
+ Tags = new()
1013
+ {
1014
+ ["operation"] = "create_security_pr",
1015
+ }
1016
+ },
1017
+ new MarkAsProcessed("TEST-COMMIT-SHA"),
1018
+ ]
1019
+ );
1020
+ }
859
1021
  }
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-nuget
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.386.0
4
+ version: 0.387.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
@@ -15,14 +15,14 @@ dependencies:
15
15
  requirements:
16
16
  - - '='
17
17
  - !ruby/object:Gem::Version
18
- version: 0.386.0
18
+ version: 0.387.0
19
19
  type: :runtime
20
20
  prerelease: false
21
21
  version_requirements: !ruby/object:Gem::Requirement
22
22
  requirements:
23
23
  - - '='
24
24
  - !ruby/object:Gem::Version
25
- version: 0.386.0
25
+ version: 0.387.0
26
26
  - !ruby/object:Gem::Dependency
27
27
  name: debug
28
28
  requirement: !ruby/object:Gem::Requirement
@@ -581,7 +581,7 @@ licenses:
581
581
  - MIT
582
582
  metadata:
583
583
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
584
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.386.0
584
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.387.0
585
585
  rdoc_options: []
586
586
  require_paths:
587
587
  - lib