dependabot-nuget 0.98.2 → 0.98.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9161f9efa272c8d0964735606648dc7c0a57c14bd35c9167ef2c43d75d8b7ae5
|
|
4
|
+
data.tar.gz: f0d76fd06332a119de0cb6345084abaa16c1050af23cd1fa1146a2d90960eccc
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 29fe6f68612b4995fa9cd4fc0cc7e1e4f2b20bc6f05869b96b9d8f711b1b23dfa9944f34568beb15cc8136e2ed8863815b3ae936138b3b2b71ef98b42ad8572f
|
|
7
|
+
data.tar.gz: dae7663ef6334291abe00f9cdec0bfc988df43e341ad910f248391ee34cb172f805855c3798684449cfdd440386e1120014f55225435c8aae1add4a7eac4c158
|
|
@@ -31,6 +31,7 @@ module Dependabot
|
|
|
31
31
|
|
|
32
32
|
fetched_files += packages_config_files
|
|
33
33
|
fetched_files << nuget_config if nuget_config
|
|
34
|
+
fetched_files << global_json if global_json
|
|
34
35
|
|
|
35
36
|
fetched_files = fetched_files.uniq
|
|
36
37
|
|
|
@@ -181,6 +182,10 @@ module Dependabot
|
|
|
181
182
|
end
|
|
182
183
|
end
|
|
183
184
|
|
|
185
|
+
def global_json
|
|
186
|
+
@global_json ||= fetch_file_if_present("global.json")
|
|
187
|
+
end
|
|
188
|
+
|
|
184
189
|
def imported_property_files
|
|
185
190
|
imported_property_files = []
|
|
186
191
|
|
|
@@ -14,6 +14,7 @@ module Dependabot
|
|
|
14
14
|
require "dependabot/file_parsers/base/dependency_set"
|
|
15
15
|
require_relative "file_parser/project_file_parser"
|
|
16
16
|
require_relative "file_parser/packages_config_parser"
|
|
17
|
+
require_relative "file_parser/global_json_parser"
|
|
17
18
|
|
|
18
19
|
PACKAGE_CONF_DEPENDENCY_SELECTOR = "packages > packages"
|
|
19
20
|
|
|
@@ -21,6 +22,7 @@ module Dependabot
|
|
|
21
22
|
dependency_set = DependencySet.new
|
|
22
23
|
dependency_set += project_file_dependencies
|
|
23
24
|
dependency_set += packages_config_dependencies
|
|
25
|
+
dependency_set += global_json_dependencies if global_json
|
|
24
26
|
dependency_set.dependencies
|
|
25
27
|
end
|
|
26
28
|
|
|
@@ -48,6 +50,12 @@ module Dependabot
|
|
|
48
50
|
dependency_set
|
|
49
51
|
end
|
|
50
52
|
|
|
53
|
+
def global_json_dependencies
|
|
54
|
+
return DependencySet.new unless global_json
|
|
55
|
+
|
|
56
|
+
GlobalJsonParser.new(global_json: global_json).dependency_set
|
|
57
|
+
end
|
|
58
|
+
|
|
51
59
|
def project_file_parser
|
|
52
60
|
@project_file_parser ||=
|
|
53
61
|
ProjectFileParser.new(dependency_files: dependency_files)
|
|
@@ -67,13 +75,17 @@ module Dependabot
|
|
|
67
75
|
dependency_files -
|
|
68
76
|
project_files -
|
|
69
77
|
packages_config_files -
|
|
70
|
-
[nuget_config]
|
|
78
|
+
[nuget_config, global_json]
|
|
71
79
|
end
|
|
72
80
|
|
|
73
81
|
def nuget_config
|
|
74
82
|
dependency_files.find { |f| f.name.casecmp("nuget.config").zero? }
|
|
75
83
|
end
|
|
76
84
|
|
|
85
|
+
def global_json
|
|
86
|
+
dependency_files.find { |f| f.name.casecmp("global.json").zero? }
|
|
87
|
+
end
|
|
88
|
+
|
|
77
89
|
def check_required_files
|
|
78
90
|
return if project_files.any? || packages_config_files.any?
|
|
79
91
|
|
|
@@ -0,0 +1,54 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require "json"
|
|
4
|
+
|
|
5
|
+
require "dependabot/dependency"
|
|
6
|
+
require "dependabot/nuget/file_parser"
|
|
7
|
+
|
|
8
|
+
# For details on global.json files see:
|
|
9
|
+
# https://docs.microsoft.com/en-us/dotnet/core/tools/global-json
|
|
10
|
+
module Dependabot
|
|
11
|
+
module Nuget
|
|
12
|
+
class FileParser
|
|
13
|
+
class GlobalJsonParser
|
|
14
|
+
require "dependabot/file_parsers/base/dependency_set"
|
|
15
|
+
|
|
16
|
+
def initialize(global_json:)
|
|
17
|
+
@global_json = global_json
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
def dependency_set
|
|
21
|
+
dependency_set = Dependabot::FileParsers::Base::DependencySet.new
|
|
22
|
+
|
|
23
|
+
project_sdks = JSON.parse(global_json.content).
|
|
24
|
+
fetch("msbuild-sdks", {})
|
|
25
|
+
|
|
26
|
+
unless project_sdks.is_a?(Hash)
|
|
27
|
+
raise Dependabot::DependencyFileNotParseable, global_json.path
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
project_sdks.each do |dependency_name, version|
|
|
31
|
+
dependency_set <<
|
|
32
|
+
Dependency.new(
|
|
33
|
+
name: dependency_name,
|
|
34
|
+
version: version,
|
|
35
|
+
package_manager: "nuget",
|
|
36
|
+
requirements: [{
|
|
37
|
+
requirement: version,
|
|
38
|
+
file: global_json.name,
|
|
39
|
+
groups: [],
|
|
40
|
+
source: nil
|
|
41
|
+
}]
|
|
42
|
+
)
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
dependency_set
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
private
|
|
49
|
+
|
|
50
|
+
attr_reader :global_json
|
|
51
|
+
end
|
|
52
|
+
end
|
|
53
|
+
end
|
|
54
|
+
end
|
|
@@ -13,7 +13,8 @@ module Dependabot
|
|
|
13
13
|
def self.updated_files_regex
|
|
14
14
|
[
|
|
15
15
|
%r{^[^/]*\.[a-z]{2}proj$},
|
|
16
|
-
/^packages\.config$/i
|
|
16
|
+
/^packages\.config$/i,
|
|
17
|
+
/^global\.json$/i
|
|
17
18
|
]
|
|
18
19
|
end
|
|
19
20
|
|
|
@@ -50,6 +51,10 @@ module Dependabot
|
|
|
50
51
|
end
|
|
51
52
|
end
|
|
52
53
|
|
|
54
|
+
def global_json
|
|
55
|
+
dependency_files.find { |f| f.name.casecmp("global.json").zero? }
|
|
56
|
+
end
|
|
57
|
+
|
|
53
58
|
def check_required_files
|
|
54
59
|
return if project_files.any? || packages_config_files.any?
|
|
55
60
|
|
|
@@ -113,7 +118,16 @@ module Dependabot
|
|
|
113
118
|
end
|
|
114
119
|
|
|
115
120
|
def original_declarations(dependency, requirement)
|
|
116
|
-
|
|
121
|
+
if requirement.fetch(:file).casecmp("global.json").zero?
|
|
122
|
+
[
|
|
123
|
+
global_json.content.match(
|
|
124
|
+
/"#{Regexp.escape(dependency.name)}"\s*:\s*
|
|
125
|
+
"#{Regexp.escape(dependency.previous_version)}"/x
|
|
126
|
+
).to_s
|
|
127
|
+
]
|
|
128
|
+
else
|
|
129
|
+
declaration_finder(dependency, requirement).declaration_strings
|
|
130
|
+
end
|
|
117
131
|
end
|
|
118
132
|
|
|
119
133
|
def declaration_finder(dependency, requirement)
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-nuget
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.98.
|
|
4
|
+
version: 0.98.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.98.
|
|
19
|
+
version: 0.98.3
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.98.
|
|
26
|
+
version: 0.98.3
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -148,6 +148,7 @@ files:
|
|
|
148
148
|
- lib/dependabot/nuget/file_fetcher/import_paths_finder.rb
|
|
149
149
|
- lib/dependabot/nuget/file_fetcher/sln_project_paths_finder.rb
|
|
150
150
|
- lib/dependabot/nuget/file_parser.rb
|
|
151
|
+
- lib/dependabot/nuget/file_parser/global_json_parser.rb
|
|
151
152
|
- lib/dependabot/nuget/file_parser/packages_config_parser.rb
|
|
152
153
|
- lib/dependabot/nuget/file_parser/project_file_parser.rb
|
|
153
154
|
- lib/dependabot/nuget/file_parser/property_value_finder.rb
|