dependabot-nuget 0.110.4 → 0.110.5

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/nuget/file_fetcher.rb +30 -13
  3. data/lib/dependabot/nuget/file_parser/property_value_finder.rb +34 -4
  4. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 34101e4a1b038bc9076ac5b0013a08d323e9167f99bb5e794351e251e7187c81
4
- data.tar.gz: 2fa3fe874c0fdb3b59949eca24b3773f42e98b6bb07dbbf1e96c687ba611bbee
3
+ metadata.gz: a29ae7954bc5e4dbc4e0a6cf5c9727aa8f30fe0e332a616187a0b9fbd0e492fa
4
+ data.tar.gz: 70bd8354e54a5af3ed18de12adc6e61c102f03af36d4fc2ff81a7960092761cf
5
5
  SHA512:
6
- metadata.gz: 6cb7e26391de24dad227550d26e1407ed88fcc1ce0aa0fea6dd0701e17a4a264f8a5043b5db2b9ddf2551f6ec7ac2fac8ece4695761a8ee0077704c6ea76e020
7
- data.tar.gz: 7455add4bbc54319a354cc40ee4e7dc2bc6cce6e822984a92fee52a0bf787d93a533bde9b2909f9338071808f9762827ab4a6eca9e5f3826c3cbdbad51330c93
6
+ metadata.gz: af56b31dfa326316f4187952f03149de3c246fb66e10f70b66d37083db6a1e37fce114902d2d341eef488b87e9b0d6ac5b36ebbb527bfc85a2bac712b8c4995b
7
+ data.tar.gz: 1617e1671cfd6f71b21ac3d190b7d13a95ee820badadc1228111f10de3ec70f5de27b4c677201e5fc205d3c51926f21c4453e5c82a5aa7fe779a6d3296dff4da
data/lib/dependabot/nuget/file_fetcher.rb CHANGED
@@ -26,7 +26,7 @@ module Dependabot
26
26
  def fetch_files
27
27
  fetched_files = []
28
28
  fetched_files += project_files
29
- fetched_files += directory_build_props_files
29
+ fetched_files += directory_build_files
30
30
  fetched_files += imported_property_files
31
31
 
32
32
  fetched_files += packages_config_files
@@ -94,32 +94,47 @@ module Dependabot
94
94
  sln_files.map(&:name)
95
95
  end
96
96
 
97
- def directory_build_props_files
98
- return @directory_build_props_files if @directory_build_checked
97
+ def directory_build_files
98
+ return @directory_build_files if @directory_build_files_checked
99
99
 
100
- @directory_build_checked = true
100
+ @directory_build_files_checked = true
101
101
  attempted_paths = []
102
- @directory_build_props_files = []
102
+ @directory_build_files = []
103
103
 
104
104
  # Don't need to insert "." here, because Directory.Build.props files
105
105
  # can only be used by project files (not packages.config ones)
106
106
  project_files.map { |f| File.dirname(f.name) }.uniq.map do |dir|
107
- possible_paths = dir.split("/").map.with_index do |_, i|
107
+ possible_paths = dir.split("/").flat_map.with_index do |_, i|
108
108
  base = dir.split("/").first(i + 1).join("/")
109
- Pathname.new(base + "/Directory.Build.props").cleanpath.to_path
110
- end.reverse + ["Directory.Build.props"]
109
+ possible_build_file_paths(base)
110
+ end.reverse
111
+
112
+ possible_paths += [
113
+ "Directory.Build.props",
114
+ "Directory.build.props",
115
+ "Directory.Build.targets",
116
+ "Directory.build.targets"
117
+ ]
111
118
 
112
119
  possible_paths.each do |path|
113
120
  break if attempted_paths.include?(path)
114
121
 
115
122
  attempted_paths << path
116
- @directory_build_props_files << fetch_file_from_host(path)
117
- rescue Dependabot::DependencyFileNotFound
118
- next
123
+ file = fetch_file_if_present(path)
124
+ @directory_build_files << file if file
119
125
  end
120
126
  end
121
127
 
122
- @directory_build_props_files
128
+ @directory_build_files
129
+ end
130
+
131
+ def possible_build_file_paths(base)
132
+ [
133
+ Pathname.new(base + "/Directory.Build.props").cleanpath.to_path,
134
+ Pathname.new(base + "/Directory.build.props").cleanpath.to_path,
135
+ Pathname.new(base + "/Directory.Build.targets").cleanpath.to_path,
136
+ Pathname.new(base + "/Directory.build.targets").cleanpath.to_path
137
+ ]
123
138
  end
124
139
 
125
140
  def sln_project_files
@@ -192,7 +207,9 @@ module Dependabot
192
207
  def imported_property_files
193
208
  imported_property_files = []
194
209
 
195
- [*project_files, *directory_build_props_files].each do |proj_file|
210
+ files = [*project_files, *directory_build_files]
211
+
212
+ files.each do |proj_file|
196
213
  previously_fetched_files = project_files + imported_property_files
197
214
  imported_property_files +=
198
215
  fetch_imported_property_files(
data/lib/dependabot/nuget/file_parser/property_value_finder.rb CHANGED
@@ -25,6 +25,12 @@ module Dependabot
25
25
  file: callsite_file
26
26
  )
27
27
 
28
+ node_details ||=
29
+ find_property_in_directory_build_targets(
30
+ property: property_name,
31
+ callsite_file: callsite_file
32
+ )
33
+
28
34
  node_details ||=
29
35
  find_property_in_directory_build_props(
30
36
  property: property_name,
@@ -89,14 +95,37 @@ module Dependabot
89
95
  deep_find_prop_node(property: property, file: file)
90
96
  end
91
97
 
98
+ def find_property_in_directory_build_targets(property:, callsite_file:)
99
+ file = build_targets_file_for_project(callsite_file)
100
+ return unless file
101
+
102
+ deep_find_prop_node(property: property, file: file)
103
+ end
104
+
92
105
  def find_property_in_directory_build_props(property:, callsite_file:)
93
- file = buildfile_for_project(callsite_file)
106
+ file = build_props_file_for_project(callsite_file)
94
107
  return unless file
95
108
 
96
109
  deep_find_prop_node(property: property, file: file)
97
110
  end
98
111
 
99
- def buildfile_for_project(project_file)
112
+ def build_targets_file_for_project(project_file)
113
+ dir = File.dirname(project_file.name)
114
+
115
+ # Nuget walks up the directory structure looking for a
116
+ # Directory.Build.targets file
117
+ possible_paths = dir.split("/").map.with_index do |_, i|
118
+ base = dir.split("/").first(i + 1).join("/")
119
+ Pathname.new(base + "/Directory.Build.targets").cleanpath.to_path
120
+ end.reverse + ["Directory.Build.targets"]
121
+
122
+ path = possible_paths.uniq.
123
+ find { |p| dependency_files.find { |f| f.name == p } }
124
+
125
+ dependency_files.find { |f| f.name == path }
126
+ end
127
+
128
+ def build_props_file_for_project(project_file)
100
129
  dir = File.dirname(project_file.name)
101
130
 
102
131
  # Nuget walks up the directory structure looking for a
@@ -106,8 +135,9 @@ module Dependabot
106
135
  Pathname.new(base + "/Directory.Build.props").cleanpath.to_path
107
136
  end.reverse + ["Directory.Build.props"]
108
137
 
109
- path = possible_paths.uniq.
110
- find { |p| dependency_files.find { |f| f.name == p } }
138
+ path =
139
+ possible_paths.uniq.
140
+ find { |p| dependency_files.find { |f| f.name.casecmp(p).zero? } }
111
141
 
112
142
  dependency_files.find { |f| f.name == path }
113
143
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-nuget
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.110.4
4
+ version: 0.110.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.110.4
19
+ version: 0.110.5
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.110.4
26
+ version: 0.110.5
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement