dependabot-nuget 0.112.32 → 0.112.33
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/nuget/file_fetcher.rb +5 -0
- data/lib/dependabot/nuget/file_parser/project_file_parser.rb +9 -1
- data/lib/dependabot/nuget/file_parser/property_value_finder.rb +14 -0
- data/lib/dependabot/nuget/file_updater/project_file_declaration_finder.rb +13 -4
- data/lib/dependabot/nuget/file_updater.rb +2 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f037ef6001028c6e9f69bec4d3dd7cff65bb26ae13c6ae115ce16f9d0b187413
|
|
4
|
+
data.tar.gz: 7b813eb5a6782df9673c65161848b7bff28d54bc87e644679f11b9e47647ae35
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3be5c7b988aa8d7dd38529c1cc0a5ccdae93c7e33552d7e3be9e83bc735939c95cd17052a71fe087281020053d050c3068b69cce6ababf70ae2b41a3fe2d431e
|
|
7
|
+
data.tar.gz: 1486b00f3f48b7a5ee1a9e3e1fcce48a1dfc9ca0e23124a5204467df04b0e58557c933d1d91a17a768e69381709b7d260d500c1443acd32a92709db9cfcf488c
|
|
@@ -32,6 +32,7 @@ module Dependabot
|
|
|
32
32
|
fetched_files += packages_config_files
|
|
33
33
|
fetched_files += nuget_config_files
|
|
34
34
|
fetched_files << global_json if global_json
|
|
35
|
+
fetched_files << packages_props if packages_props
|
|
35
36
|
|
|
36
37
|
fetched_files = fetched_files.uniq
|
|
37
38
|
|
|
@@ -216,6 +217,10 @@ module Dependabot
|
|
|
216
217
|
@global_json ||= fetch_file_if_present("global.json")
|
|
217
218
|
end
|
|
218
219
|
|
|
220
|
+
def packages_props
|
|
221
|
+
@packages_props ||= fetch_file_if_present("Packages.props")
|
|
222
|
+
end
|
|
223
|
+
|
|
219
224
|
def imported_property_files
|
|
220
225
|
imported_property_files = []
|
|
221
226
|
|
|
@@ -15,10 +15,12 @@ module Dependabot
|
|
|
15
15
|
require_relative "property_value_finder"
|
|
16
16
|
|
|
17
17
|
DEPENDENCY_SELECTOR = "ItemGroup > PackageReference, "\
|
|
18
|
+
"ItemGroup > GlobalPackageReference, "\
|
|
18
19
|
"ItemGroup > Dependency, "\
|
|
19
20
|
"ItemGroup > DevelopmentDependency"
|
|
20
21
|
|
|
21
22
|
PROPERTY_REGEX = /\$\((?<property>.*?)\)/.freeze
|
|
23
|
+
ITEM_REGEX = /\@\((?<property>.*?)\)/.freeze
|
|
22
24
|
|
|
23
25
|
def initialize(dependency_files:)
|
|
24
26
|
@dependency_files = dependency_files
|
|
@@ -79,9 +81,15 @@ module Dependabot
|
|
|
79
81
|
def dependency_name(dependency_node, project_file)
|
|
80
82
|
raw_name =
|
|
81
83
|
dependency_node.attribute("Include")&.value&.strip ||
|
|
82
|
-
dependency_node.at_xpath("./Include")&.content&.strip
|
|
84
|
+
dependency_node.at_xpath("./Include")&.content&.strip ||
|
|
85
|
+
dependency_node.attribute("Update")&.value&.strip ||
|
|
86
|
+
dependency_node.at_xpath("./Update")&.content&.strip
|
|
83
87
|
return unless raw_name
|
|
84
88
|
|
|
89
|
+
# If the item contains @(ItemGroup) then ignore as it
|
|
90
|
+
# updates a set of ItemGroup elements
|
|
91
|
+
return if raw_name.match?(ITEM_REGEX)
|
|
92
|
+
|
|
85
93
|
evaluated_value(raw_name, project_file)
|
|
86
94
|
end
|
|
87
95
|
|
|
@@ -37,6 +37,9 @@ module Dependabot
|
|
|
37
37
|
callsite_file: callsite_file
|
|
38
38
|
)
|
|
39
39
|
|
|
40
|
+
node_details ||=
|
|
41
|
+
find_property_in_packages_props(property: property_name)
|
|
42
|
+
|
|
40
43
|
return unless node_details
|
|
41
44
|
return node_details unless node_details[:value] =~ PROPERTY_REGEX
|
|
42
45
|
|
|
@@ -109,6 +112,13 @@ module Dependabot
|
|
|
109
112
|
deep_find_prop_node(property: property, file: file)
|
|
110
113
|
end
|
|
111
114
|
|
|
115
|
+
def find_property_in_packages_props(property:)
|
|
116
|
+
file = packages_props_file
|
|
117
|
+
return unless file
|
|
118
|
+
|
|
119
|
+
deep_find_prop_node(property: property, file: file)
|
|
120
|
+
end
|
|
121
|
+
|
|
112
122
|
def build_targets_file_for_project(project_file)
|
|
113
123
|
dir = File.dirname(project_file.name)
|
|
114
124
|
|
|
@@ -142,6 +152,10 @@ module Dependabot
|
|
|
142
152
|
dependency_files.find { |f| f.name == path }
|
|
143
153
|
end
|
|
144
154
|
|
|
155
|
+
def packages_props_file
|
|
156
|
+
dependency_files.find { |f| f.name.casecmp("Packages.props").zero? }
|
|
157
|
+
end
|
|
158
|
+
|
|
145
159
|
def property_xpath(property_name)
|
|
146
160
|
"/Project/PropertyGroup/#{property_name}"
|
|
147
161
|
end
|
|
@@ -11,6 +11,8 @@ module Dependabot
|
|
|
11
11
|
%r{
|
|
12
12
|
<PackageReference [^>]*?/>|
|
|
13
13
|
<PackageReference [^>]*?[^/]>.*?</PackageReference>|
|
|
14
|
+
<GlobalPackageReference [^>]*?/>|
|
|
15
|
+
<GlobalPackageReference [^>]*?[^/]>.*?</GlobalPackageReference>|
|
|
14
16
|
<Dependency [^>]*?/>|
|
|
15
17
|
<Dependency [^>]*?[^/]>.*?</Dependency>|
|
|
16
18
|
<DevelopmentDependency [^>]*?/>|
|
|
@@ -39,16 +41,23 @@ module Dependabot
|
|
|
39
41
|
|
|
40
42
|
private
|
|
41
43
|
|
|
44
|
+
def get_element_from_node(node)
|
|
45
|
+
node.at_xpath("/PackageReference") ||
|
|
46
|
+
node.at_xpath("/GlobalPackageReference") ||
|
|
47
|
+
node.at_xpath("/Dependency") ||
|
|
48
|
+
node.at_xpath("/DevelopmentDependency")
|
|
49
|
+
end
|
|
50
|
+
|
|
42
51
|
def fetch_declaration_strings
|
|
43
52
|
deep_find_declarations(declaring_file.content).select do |nd|
|
|
44
53
|
node = Nokogiri::XML(nd)
|
|
45
54
|
node.remove_namespaces!
|
|
46
|
-
node = node
|
|
47
|
-
node.at_xpath("/Dependency") ||
|
|
48
|
-
node.at_xpath("/DevelopmentDependency")
|
|
55
|
+
node = get_element_from_node(node)
|
|
49
56
|
|
|
50
57
|
node_name = node.attribute("Include")&.value&.strip ||
|
|
51
|
-
node.at_xpath("./Include")&.content&.strip
|
|
58
|
+
node.at_xpath("./Include")&.content&.strip ||
|
|
59
|
+
node.attribute("Update")&.value&.strip ||
|
|
60
|
+
node.at_xpath("./Update")&.content&.strip
|
|
52
61
|
next false unless node_name&.downcase == dependency_name&.downcase
|
|
53
62
|
|
|
54
63
|
node_requirement = get_node_version_value(node)
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-nuget
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.112.
|
|
4
|
+
version: 0.112.33
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-09-
|
|
11
|
+
date: 2019-09-07 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.112.
|
|
19
|
+
version: 0.112.33
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.112.
|
|
26
|
+
version: 0.112.33
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|