dependabot-nuget 0.98.2 → 0.98.3

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 2f641e81f93be78c9a188e85e7c8b69544d3deeb84b17de9d4b6e0a300a39d47
4
- data.tar.gz: 6cf6646e6fd7bd5a039ed25e5b895f97f1f762b961a6f36cac40bb9a8f1619f5
3
+ metadata.gz: 9161f9efa272c8d0964735606648dc7c0a57c14bd35c9167ef2c43d75d8b7ae5
4
+ data.tar.gz: f0d76fd06332a119de0cb6345084abaa16c1050af23cd1fa1146a2d90960eccc
5
5
  SHA512:
6
- metadata.gz: 5045df84a56c4701b811bd3085dee0a76e82532ec54fb8c293b9611106668b480b920ed13dcd0e781f925b2ee325478145fcd69a4a450901e9696bee3cf0e10b
7
- data.tar.gz: df087af42b01ca21652173c22452dd95dbe2c66cc06ff8d7b6558c5d54c7f1c560814ffde1816c1ee73b572cccae3a28b0c6d3a8e2fbf86e78e54c87cdb54ddc
6
+ metadata.gz: 29fe6f68612b4995fa9cd4fc0cc7e1e4f2b20bc6f05869b96b9d8f711b1b23dfa9944f34568beb15cc8136e2ed8863815b3ae936138b3b2b71ef98b42ad8572f
7
+ data.tar.gz: dae7663ef6334291abe00f9cdec0bfc988df43e341ad910f248391ee34cb172f805855c3798684449cfdd440386e1120014f55225435c8aae1add4a7eac4c158
@@ -31,6 +31,7 @@ module Dependabot
31
31
 
32
32
  fetched_files += packages_config_files
33
33
  fetched_files << nuget_config if nuget_config
34
+ fetched_files << global_json if global_json
34
35
 
35
36
  fetched_files = fetched_files.uniq
36
37
 
@@ -181,6 +182,10 @@ module Dependabot
181
182
  end
182
183
  end
183
184
 
185
+ def global_json
186
+ @global_json ||= fetch_file_if_present("global.json")
187
+ end
188
+
184
189
  def imported_property_files
185
190
  imported_property_files = []
186
191
 
@@ -14,6 +14,7 @@ module Dependabot
14
14
  require "dependabot/file_parsers/base/dependency_set"
15
15
  require_relative "file_parser/project_file_parser"
16
16
  require_relative "file_parser/packages_config_parser"
17
+ require_relative "file_parser/global_json_parser"
17
18
 
18
19
  PACKAGE_CONF_DEPENDENCY_SELECTOR = "packages > packages"
19
20
 
@@ -21,6 +22,7 @@ module Dependabot
21
22
  dependency_set = DependencySet.new
22
23
  dependency_set += project_file_dependencies
23
24
  dependency_set += packages_config_dependencies
25
+ dependency_set += global_json_dependencies if global_json
24
26
  dependency_set.dependencies
25
27
  end
26
28
 
@@ -48,6 +50,12 @@ module Dependabot
48
50
  dependency_set
49
51
  end
50
52
 
53
+ def global_json_dependencies
54
+ return DependencySet.new unless global_json
55
+
56
+ GlobalJsonParser.new(global_json: global_json).dependency_set
57
+ end
58
+
51
59
  def project_file_parser
52
60
  @project_file_parser ||=
53
61
  ProjectFileParser.new(dependency_files: dependency_files)
@@ -67,13 +75,17 @@ module Dependabot
67
75
  dependency_files -
68
76
  project_files -
69
77
  packages_config_files -
70
- [nuget_config]
78
+ [nuget_config, global_json]
71
79
  end
72
80
 
73
81
  def nuget_config
74
82
  dependency_files.find { |f| f.name.casecmp("nuget.config").zero? }
75
83
  end
76
84
 
85
+ def global_json
86
+ dependency_files.find { |f| f.name.casecmp("global.json").zero? }
87
+ end
88
+
77
89
  def check_required_files
78
90
  return if project_files.any? || packages_config_files.any?
79
91
 
@@ -0,0 +1,54 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "json"
4
+
5
+ require "dependabot/dependency"
6
+ require "dependabot/nuget/file_parser"
7
+
8
+ # For details on global.json files see:
9
+ # https://docs.microsoft.com/en-us/dotnet/core/tools/global-json
10
+ module Dependabot
11
+ module Nuget
12
+ class FileParser
13
+ class GlobalJsonParser
14
+ require "dependabot/file_parsers/base/dependency_set"
15
+
16
+ def initialize(global_json:)
17
+ @global_json = global_json
18
+ end
19
+
20
+ def dependency_set
21
+ dependency_set = Dependabot::FileParsers::Base::DependencySet.new
22
+
23
+ project_sdks = JSON.parse(global_json.content).
24
+ fetch("msbuild-sdks", {})
25
+
26
+ unless project_sdks.is_a?(Hash)
27
+ raise Dependabot::DependencyFileNotParseable, global_json.path
28
+ end
29
+
30
+ project_sdks.each do |dependency_name, version|
31
+ dependency_set <<
32
+ Dependency.new(
33
+ name: dependency_name,
34
+ version: version,
35
+ package_manager: "nuget",
36
+ requirements: [{
37
+ requirement: version,
38
+ file: global_json.name,
39
+ groups: [],
40
+ source: nil
41
+ }]
42
+ )
43
+ end
44
+
45
+ dependency_set
46
+ end
47
+
48
+ private
49
+
50
+ attr_reader :global_json
51
+ end
52
+ end
53
+ end
54
+ end
@@ -13,7 +13,8 @@ module Dependabot
13
13
  def self.updated_files_regex
14
14
  [
15
15
  %r{^[^/]*\.[a-z]{2}proj$},
16
- /^packages\.config$/i
16
+ /^packages\.config$/i,
17
+ /^global\.json$/i
17
18
  ]
18
19
  end
19
20
 
@@ -50,6 +51,10 @@ module Dependabot
50
51
  end
51
52
  end
52
53
 
54
+ def global_json
55
+ dependency_files.find { |f| f.name.casecmp("global.json").zero? }
56
+ end
57
+
53
58
  def check_required_files
54
59
  return if project_files.any? || packages_config_files.any?
55
60
 
@@ -113,7 +118,16 @@ module Dependabot
113
118
  end
114
119
 
115
120
  def original_declarations(dependency, requirement)
116
- declaration_finder(dependency, requirement).declaration_strings
121
+ if requirement.fetch(:file).casecmp("global.json").zero?
122
+ [
123
+ global_json.content.match(
124
+ /"#{Regexp.escape(dependency.name)}"\s*:\s*
125
+ "#{Regexp.escape(dependency.previous_version)}"/x
126
+ ).to_s
127
+ ]
128
+ else
129
+ declaration_finder(dependency, requirement).declaration_strings
130
+ end
117
131
  end
118
132
 
119
133
  def declaration_finder(dependency, requirement)
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-nuget
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.98.2
4
+ version: 0.98.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.98.2
19
+ version: 0.98.3
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.98.2
26
+ version: 0.98.3
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -148,6 +148,7 @@ files:
148
148
  - lib/dependabot/nuget/file_fetcher/import_paths_finder.rb
149
149
  - lib/dependabot/nuget/file_fetcher/sln_project_paths_finder.rb
150
150
  - lib/dependabot/nuget/file_parser.rb
151
+ - lib/dependabot/nuget/file_parser/global_json_parser.rb
151
152
  - lib/dependabot/nuget/file_parser/packages_config_parser.rb
152
153
  - lib/dependabot/nuget/file_parser/project_file_parser.rb
153
154
  - lib/dependabot/nuget/file_parser/property_value_finder.rb