RubyGems - dependabot-nuget - Versions diffs - 0.289.0 → 0.290.0 - Mend

dependabot-nuget 0.289.0 → 0.290.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (77) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 36551f131fff2d82f525e8eb3bd17f26da2d435f4c44484f2b91e0253f041e8f
-  data.tar.gz: c97b1b5899bfac76abd674bf58f8853b7790b5e90d74089f2f663dd12f82fd89
+  metadata.gz: b3ca35ae6f3d02ce8507984f89e7c929eb75cec515b39af94db530d6600f0caa
+  data.tar.gz: cbd548418a3e25163af5d8543109b520b6c9bd9e2bf5a5869421f8fe838128d1
 SHA512:
-  metadata.gz: '09e24d02174892b6d10f70bd7e26a200ff0f5d352ba3a69d826598a891d52990c3fd1e839088e4d797df0af6edb53fdb9f3ef9205352c2641cc818b3d603fb97'
-  data.tar.gz: 3d9b2b81fee8ff8791796f9d7453f82cdd72a79d2ba3a103303475378fd387d9fb6caedb57688b322dffdb019172ca03910ae6256f79c392d99a233f110e585e
+  metadata.gz: 9395fb4eea720fbcba3b0cef278344b41a9ace7315ce62f5cb193bb05af2aa23553130dab3112cb900d39ad12cadd321e64291d72e4e21e4bbee2f2b7610626a
+  data.tar.gz: d74843dc18cab2fd6a58a31f1df2a4172cb308a3a2e452db7056727666e9f153b611046c25bd78f7c0679abe8be4eb57462886d87c8010ba21ac0a2ee316120e

data/helpers/lib/NuGetUpdater/Directory.Packages.props CHANGED Viewed

@@ -16,7 +16,7 @@
     <PackageVersion Include="Microsoft.Build.Framework" Version="$(MSBuildPackageVersion)" />
     <PackageVersion Include="Microsoft.Build.Tasks.Core" Version="$(MSBuildPackageVersion)" />
     <PackageVersion Include="Microsoft.Build.Utilities.Core" Version="$(MSBuildPackageVersion)" />
-    <PackageVersion Include="Microsoft.CodeAnalysis.CSharp" Version="4.11.0" />
+    <PackageVersion Include="Microsoft.CodeAnalysis.CSharp" Version="4.12.0" />
     <PackageVersion Include="Microsoft.CSharp" Version="4.7.0" />
     <PackageVersion Include="Microsoft.Extensions.FileProviders.Abstractions" Version="9.0.0" />
     <PackageVersion Include="Microsoft.Extensions.FileSystemGlobbing" Version="9.0.0" />

data/helpers/lib/NuGetUpdater/NuGetUpdater.Cli/Commands/AnalyzeCommand.cs CHANGED Viewed

@@ -7,6 +7,7 @@ namespace NuGetUpdater.Cli.Commands;
 internal static class AnalyzeCommand
 {
+    internal static readonly Option<FileInfo> JobPathOption = new("--job-path") { IsRequired = true };
     internal static readonly Option<DirectoryInfo> RepoRootOption = new("--repo-root") { IsRequired = true };
     internal static readonly Option<FileInfo> DependencyFilePathOption = new("--dependency-file-path") { IsRequired = true };
     internal static readonly Option<FileInfo> DiscoveryFilePathOption = new("--discovery-file-path") { IsRequired = true };
@@ -16,6 +17,7 @@ internal static class AnalyzeCommand
     {
         Command command = new("analyze", "Determines how to update a dependency based on the workspace discovery information.")
         {
+            JobPathOption,
             RepoRootOption,
             DependencyFilePathOption,
             DiscoveryFilePathOption,
@@ -24,11 +26,13 @@ internal static class AnalyzeCommand
         command.TreatUnmatchedTokensAsErrors = true;
-        command.SetHandler(async (repoRoot, discoveryPath, dependencyPath, analysisDirectory) =>
+        command.SetHandler(async (jobPath, repoRoot, discoveryPath, dependencyPath, analysisDirectory) =>
         {
-            var worker = new AnalyzeWorker(new ConsoleLogger());
+            var logger = new ConsoleLogger();
+            var experimentsManager = await ExperimentsManager.FromJobFileAsync(jobPath.FullName, logger);
+            var worker = new AnalyzeWorker(experimentsManager, logger);
             await worker.RunAsync(repoRoot.FullName, discoveryPath.FullName, dependencyPath.FullName, analysisDirectory.FullName);
-        }, RepoRootOption, DiscoveryFilePathOption, DependencyFilePathOption, AnalysisFolderOption);
+        }, JobPathOption, RepoRootOption, DiscoveryFilePathOption, DependencyFilePathOption, AnalysisFolderOption);
         return command;
     }

data/helpers/lib/NuGetUpdater/NuGetUpdater.Cli/Commands/RunCommand.cs CHANGED Viewed

@@ -36,7 +36,7 @@ internal static class RunCommand
             var logger = new ConsoleLogger();
             var experimentsManager = await ExperimentsManager.FromJobFileAsync(jobPath.FullName, logger);
             var discoverWorker = new DiscoveryWorker(experimentsManager, logger);
-            var analyzeWorker = new AnalyzeWorker(logger);
+            var analyzeWorker = new AnalyzeWorker(experimentsManager, logger);
             var updateWorker = new UpdaterWorker(experimentsManager, logger);
             var worker = new RunWorker(apiHandler, discoverWorker, analyzeWorker, updateWorker, logger);
             await worker.RunAsync(jobPath, repoContentsPath, baseCommitSha, outputPath);

data/helpers/lib/NuGetUpdater/NuGetUpdater.Cli.Test/EntryPointTests.Analyze.cs CHANGED Viewed

@@ -26,6 +26,8 @@ public partial class EntryPointTests
             await RunAsync(path =>
                 [
                     "analyze",
+                    "--job-path",
+                    Path.Combine(path, "job.json"),
                     "--repo-root",
                     path,
                     "--discovery-file-path",
@@ -144,6 +146,8 @@ public partial class EntryPointTests
             await RunAsync(path =>
                 [
                     "analyze",
+                    "--job-path",
+                    Path.Combine(path, "job.json"),
                     "--repo-root",
                     path,
                     "--discovery-file-path",
@@ -231,6 +235,8 @@ public partial class EntryPointTests
             await RunAsync(path =>
                 [
                     "analyze",
+                    "--job-path",
+                    Path.Combine(path, "job.json"),
                     "--repo-root",
                     path,
                     "--discovery-file-path",
@@ -308,8 +314,16 @@ public partial class EntryPointTests
             );
         }
-        private static async Task RunAsync(Func<string, string[]> getArgs, string dependencyName, TestFile[] initialFiles, ExpectedAnalysisResult expectedResult, MockNuGetPackage[]? packages = null)
+        private static async Task RunAsync(
+            Func<string, string[]> getArgs,
+            string dependencyName,
+            TestFile[] initialFiles,
+            ExpectedAnalysisResult expectedResult,
+            MockNuGetPackage[]? packages = null,
+            ExperimentsManager? experimentsManager = null
+        )
         {
+            experimentsManager ??= new ExperimentsManager();
             var actualResult = await RunAnalyzerAsync(dependencyName, initialFiles, async path =>
             {
                 var sb = new StringBuilder();
@@ -322,8 +336,19 @@ public partial class EntryPointTests
                 try
                 {
+                    await UpdateWorkerTestBase.MockJobFileInDirectory(path, experimentsManager);
                     await UpdateWorkerTestBase.MockNuGetPackagesInDirectory(packages, path);
                     var args = getArgs(path);
+                    // manually pull out the experiments manager for the validate step below
+                    for (int i = 0; i < args.Length - 1; i++)
+                    {
+                        if (args[i] == "--job-path")
+                        {
+                            experimentsManager = await ExperimentsManager.FromJobFileAsync(args[i + 1], new TestLogger());
+                        }
+                    }
                     var result = await Program.Main(args);
                     if (result != 0)
                     {

data/helpers/lib/NuGetUpdater/NuGetUpdater.Cli.Test/EntryPointTests.Discover.cs CHANGED Viewed

@@ -393,7 +393,8 @@ public partial class EntryPointTests
             TestFile[] initialFiles,
             ExpectedWorkspaceDiscoveryResult expectedResult,
             MockNuGetPackage[]? packages = null,
-            ExperimentsManager? experimentsManager = null)
+            ExperimentsManager? experimentsManager = null
+        )
         {
             experimentsManager ??= new ExperimentsManager();
             var actualResult = await RunDiscoveryAsync(initialFiles, async path =>

data/helpers/lib/NuGetUpdater/NuGetUpdater.Cli.Test/EntryPointTests.Run.cs CHANGED Viewed

@@ -41,12 +41,6 @@ public partial class EntryPointTests
                 ],
                 job: new Job()
                 {
-                    AllowedUpdates = [
-                        new()
-                        {
-                            UpdateType = "all"
-                        }
-                    ],
                     Source = new()
                     {
                         Provider = "github",

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/AnalyzeWorker.cs CHANGED Viewed

@@ -16,6 +16,7 @@ public partial class AnalyzeWorker : IAnalyzeWorker
 {
     public const string AnalysisDirectoryName = "./.dependabot/analysis";
+    private readonly ExperimentsManager _experimentsManager;
     private readonly ILogger _logger;
     internal static readonly JsonSerializerOptions SerializerOptions = new()
@@ -24,8 +25,9 @@ public partial class AnalyzeWorker : IAnalyzeWorker
         Converters = { new JsonStringEnumConverter(), new RequirementArrayConverter() },
     };
-    public AnalyzeWorker(ILogger logger)
+    public AnalyzeWorker(ExperimentsManager experimentsManager, ILogger logger)
     {
+        _experimentsManager = experimentsManager;
         _logger = logger;
     }

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/CompatabilityChecker.cs CHANGED Viewed

@@ -80,9 +80,9 @@ internal static class CompatibilityChecker
         NuGetContext nugetContext,
         CancellationToken cancellationToken)
     {
-        var tempPackagePath = GetTempPackagePath(package, nugetContext);
-        var readers = File.Exists(tempPackagePath)
-            ? ReadPackage(tempPackagePath)
+        var packagePath = GetPackagePath(package, nugetContext);
+        var readers = File.Exists(packagePath)
+            ? ReadPackage(packagePath)
             : await DownloadPackageAsync(package, nugetContext, cancellationToken);
         return readers;
     }
@@ -134,10 +134,10 @@ internal static class CompatibilityChecker
         return (isDevDependency, tfms.ToImmutableArray());
     }
-    internal static PackageReaders ReadPackage(string tempPackagePath)
+    internal static PackageReaders ReadPackage(string packagePath)
     {
         var stream = new FileStream(
-              tempPackagePath,
+              packagePath,
               FileMode.Open,
               FileAccess.Read,
               FileShare.Read,
@@ -194,8 +194,8 @@ internal static class CompatibilityChecker
                 context.Logger,
                 cancellationToken);
-            var tempPackagePath = GetTempPackagePath(package, context);
-            var isDownloaded = await downloader.CopyNupkgFileToAsync(tempPackagePath, cancellationToken);
+            var packagePath = GetPackagePath(package, context);
+            var isDownloaded = await downloader.CopyNupkgFileToAsync(packagePath, cancellationToken);
             if (!isDownloaded)
             {
                 continue;
@@ -207,6 +207,21 @@ internal static class CompatibilityChecker
         return null;
     }
-    internal static string GetTempPackagePath(PackageIdentity package, NuGetContext context)
-        => Path.Combine(context.TempPackageDirectory, package.Id + "." + package.Version + ".nupkg");
+    internal static string GetPackagePath(PackageIdentity package, NuGetContext context)
+    {
+        // https://learn.microsoft.com/en-us/nuget/consume-packages/managing-the-global-packages-and-cache-folders
+        var nugetPackagesPath = Environment.GetEnvironmentVariable("NUGET_PACKAGES");
+        if (nugetPackagesPath is null)
+        {
+            // n.b., this path should never be hit during a unit test
+            nugetPackagesPath = Path.Join(Environment.GetFolderPath(Environment.SpecialFolder.UserProfile), ".nuget", "packages");
+        }
+        var normalizedName = package.Id.ToLowerInvariant();
+        var normalizedVersion = package.Version.ToNormalizedString().ToLowerInvariant();
+        var packageDirectory = Path.Join(nugetPackagesPath, normalizedName, normalizedVersion);
+        Directory.CreateDirectory(packageDirectory);
+        var packagePath = Path.Join(packageDirectory, $"{normalizedName}.{normalizedVersion}.nupkg");
+        return packagePath;
+    }
 }

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/NuGetContext.cs CHANGED Viewed

@@ -20,7 +20,6 @@ internal record NuGetContext : IDisposable
     public IMachineWideSettings MachineWideSettings { get; }
     public ImmutableArray<PackageSource> PackageSources { get; }
     public NuGet.Common.ILogger Logger { get; }
-    public string TempPackageDirectory { get; }
     public NuGetContext(string? currentDirectory = null, NuGet.Common.ILogger? logger = null)
     {
@@ -37,23 +36,11 @@ internal record NuGetContext : IDisposable
             .Where(p => p.IsEnabled)
             .ToImmutableArray();
         Logger = logger ?? NullLogger.Instance;
-        TempPackageDirectory = Path.Combine(Path.GetTempPath(), $"dependabot-packages_{Guid.NewGuid():d}");
-        Directory.CreateDirectory(TempPackageDirectory);
     }
     public void Dispose()
     {
         SourceCacheContext.Dispose();
-        if (Directory.Exists(TempPackageDirectory))
-        {
-            try
-            {
-                Directory.Delete(TempPackageDirectory, recursive: true);
-            }
-            catch
-            {
-            }
-        }
     }
     private readonly Dictionary<PackageIdentity, string?> _packageInfoUrlCache = new();

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/RequirementConverter.cs ADDED Viewed

@@ -0,0 +1,17 @@
+using System.Text.Json;
+using System.Text.Json.Serialization;
+namespace NuGetUpdater.Core.Analyze;
+public class RequirementConverter : JsonConverter<Requirement>
+{
+    public override Requirement? Read(ref Utf8JsonReader reader, Type typeToConvert, JsonSerializerOptions options)
+    {
+        return Requirement.Parse(reader.GetString()!);
+    }
+    public override void Write(Utf8JsonWriter writer, Requirement value, JsonSerializerOptions options)
+    {
+        writer.WriteStringValue(value.ToString());
+    }
+}

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/Advisory.cs ADDED Viewed

@@ -0,0 +1,13 @@
+using System.Collections.Immutable;
+using NuGetUpdater.Core.Analyze;
+namespace NuGetUpdater.Core.Run.ApiModel;
+public record Advisory
+{
+    public required string DependencyName { get; init; }
+    public ImmutableArray<Requirement>? AffectedVersions { get; init; } = null;
+    public ImmutableArray<Requirement>? PatchedVersions { get; init; } = null;
+    public ImmutableArray<Requirement>? UnaffectedVersions { get; init; } = null;
+}

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/AllowedUpdate.cs CHANGED Viewed

@@ -2,5 +2,22 @@ namespace NuGetUpdater.Core.Run.ApiModel;
 public sealed record AllowedUpdate
 {
-    public string UpdateType { get; init; } = "all";
+    public DependencyType DependencyType { get; init; } = DependencyType.All;
+    public string? DependencyName { get; init; } = null;
+    public UpdateType UpdateType { get; init; } = UpdateType.All;
+}
+public enum DependencyType
+{
+    All,
+    Direct,
+    Indirect,
+    Development,
+    Production,
+}
+public enum UpdateType
+{
+    All,
+    Security,
 }

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/CommitOptions.cs ADDED Viewed

@@ -0,0 +1,8 @@
+namespace NuGetUpdater.Core.Run.ApiModel;
+public record CommitOptions
+{
+    public string? Prefix { get; init; } = null;
+    public string? PrefixDevelopment { get; init; } = null;
+    public string? IncludeScope { get; init; } = null;
+}

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/Condition.cs ADDED Viewed

@@ -0,0 +1,19 @@
+using System.Text.Json.Serialization;
+using NuGetUpdater.Core.Analyze;
+namespace NuGetUpdater.Core.Run.ApiModel;
+public sealed record Condition
+{
+    [JsonPropertyName("dependency-name")]
+    public required string DependencyName { get; init; }
+    [JsonPropertyName("source")]
+    public string? Source { get; init; } = null;
+    [JsonPropertyName("update-types")]
+    public string[] UpdateTypes { get; init; } = [];
+    [JsonPropertyName("updated-at")]
+    public DateTime? UpdatedAt { get; init; } = null;
+    [JsonPropertyName("version-requirement")]
+    public Requirement? VersionRequirement { get; init; } = null;
+}

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/DependencyGroup.cs ADDED Viewed

@@ -0,0 +1,8 @@
+namespace NuGetUpdater.Core.Run.ApiModel;
+public record DependencyGroup
+{
+    public required string Name { get; init; }
+    public string? AppliesTo { get; init; }
+    public Dictionary<string, object> Rules { get; init; } = new();
+}

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/GroupPullRequest.cs ADDED Viewed

@@ -0,0 +1,9 @@
+using System.Collections.Immutable;
+namespace NuGetUpdater.Core.Run.ApiModel;
+public record GroupPullRequest
+{
+    public required string DependencyGroupName { get; init; }
+    public required ImmutableArray<PullRequest> Dependencies { get; init; }
+}

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/Job.cs CHANGED Viewed

@@ -1,25 +1,28 @@
+using System.Collections.Immutable;
 using System.Text.Json;
 using System.Text.Json.Serialization;
+using NuGet.Credentials;
 namespace NuGetUpdater.Core.Run.ApiModel;
 public sealed record Job
 {
     public string PackageManager { get; init; } = "nuget";
-    public AllowedUpdate[]? AllowedUpdates { get; init; } = null;
+    public ImmutableArray<AllowedUpdate> AllowedUpdates { get; init; } = [new AllowedUpdate()];
     [JsonConverter(typeof(NullAsBoolConverter))]
     public bool Debug { get; init; } = false;
-    public object[]? DependencyGroups { get; init; } = null;
-    public object[]? Dependencies { get; init; } = null;
+    public ImmutableArray<DependencyGroup> DependencyGroups { get; init; } = [];
+    public ImmutableArray<string>? Dependencies { get; init; } = null;
     public string? DependencyGroupToRefresh { get; init; } = null;
-    public object[]? ExistingPullRequests { get; init; } = null;
-    public object[]? ExistingGroupPullRequests { get; init; } = null;
+    public ImmutableArray<ImmutableArray<PullRequest>> ExistingPullRequests { get; init; } = [];
+    public ImmutableArray<GroupPullRequest> ExistingGroupPullRequests { get; init; } = [];
     public Dictionary<string, object>? Experiments { get; init; } = null;
-    public object[]? IgnoreConditions { get; init; } = null;
+    public Condition[] IgnoreConditions { get; init; } = [];
     public bool LockfileOnly { get; init; } = false;
-    public string? RequirementsUpdateStrategy { get; init; } = null;
-    public object[]? SecurityAdvisories { get; init; } = null;
+    public RequirementsUpdateStrategy? RequirementsUpdateStrategy { get; init; } = null;
+    public ImmutableArray<Advisory> SecurityAdvisories { get; init; } = [];
     public bool SecurityUpdatesOnly { get; init; } = false;
     public required JobSource Source { get; init; }
     public bool UpdateSubdependencies { get; init; } = false;
@@ -27,8 +30,8 @@ public sealed record Job
     public bool VendorDependencies { get; init; } = false;
     public bool RejectExternalCode { get; init; } = false;
     public bool RepoPrivate { get; init; } = false;
-    public object? CommitMessageOptions { get; init; } = null;
-    public object[]? CredentialsMetadata { get; init; } = null;
+    public CommitOptions? CommitMessageOptions { get; init; } = null;
+    public ImmutableArray<Dictionary<string, string>>? CredentialsMetadata { get; init; } = null;
     public int MaxUpdaterRunTime { get; init; } = 0;
     public IEnumerable<string> GetAllDirectories()

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/PullRequest.cs ADDED Viewed

@@ -0,0 +1,11 @@
+using NuGet.Versioning;
+namespace NuGetUpdater.Core.Run.ApiModel;
+public record PullRequest
+{
+    public required string DependencyName { get; init; }
+    public required NuGetVersion DependencyVersion { get; init; }
+    public bool DependencyRemoved { get; init; } = false;
+    public string? Directory { get; init; } = null;
+}

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/RequirementsUpdateStrategy.cs ADDED Viewed

@@ -0,0 +1,15 @@
+using System.Text.Json.Serialization;
+namespace NuGetUpdater.Core.Run.ApiModel;
+public enum RequirementsUpdateStrategy
+{
+    [JsonStringEnumMemberName("bump_versions")]
+    BumpVersions,
+    [JsonStringEnumMemberName("bump_versions_if_necessary")]
+    BumpVersionsIfNecessary,
+    [JsonStringEnumMemberName("lockfile_only")]
+    LockfileOnly,
+    [JsonStringEnumMemberName("widen_ranges")]
+    WidenRanges,
+}

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/RunWorker.cs CHANGED Viewed

@@ -1,3 +1,4 @@
+using System.Collections.Immutable;
 using System.Net;
 using System.Text;
 using System.Text.Json;
@@ -21,7 +22,7 @@ public class RunWorker
     {
         PropertyNamingPolicy = JsonNamingPolicy.KebabCaseLower,
         WriteIndented = true,
-        Converters = { new JsonStringEnumConverter() },
+        Converters = { new JsonStringEnumConverter(), new RequirementConverter(), new VersionConverter() },
     };
     public RunWorker(IApiHandler apiHandler, IDiscoveryWorker discoverWorker, IAnalyzeWorker analyzeWorker, IUpdaterWorker updateWorker, ILogger logger)
@@ -123,9 +124,8 @@ public class RunWorker
         // TODO: pull out relevant dependencies, then check each for updates and track the changes
         // TODO: for each top-level dependency, _or_ specific dependency (if security, use transitive)
         var originalDependencyFileContents = new Dictionary<string, string>();
-        var allowedUpdates = job.AllowedUpdates ?? [];
         var actualUpdatedDependencies = new List<ReportedDependency>();
-        if (allowedUpdates.Any(a => a.UpdateType == "all"))
+        if (job.AllowedUpdates.Any(a => a.UpdateType == UpdateType.All))
         {
             await _apiHandler.IncrementMetric(new()
             {
@@ -173,12 +173,13 @@ public class RunWorker
                         continue;
                     }
+                    var ignoredVersions = GetIgnoredRequirementsForDependency(job, dependency.Name);
                     var dependencyInfo = new DependencyInfo()
                     {
                         Name = dependency.Name,
                         Version = dependency.Version!,
                         IsVulnerable = false,
-                        IgnoredVersions = [],
+                        IgnoredVersions = ignoredVersions,
                         Vulnerabilities = [],
                     };
                     var analysisResult = await _analyzeWorker.RunAsync(repoContentsPath.FullName, discoveryResult, dependencyInfo);
@@ -303,6 +304,25 @@ public class RunWorker
         return result;
     }
+    internal static ImmutableArray<Requirement> GetIgnoredRequirementsForDependency(Job job, string dependencyName)
+    {
+        var ignoreConditions = job.IgnoreConditions
+            .Where(c => c.DependencyName.Equals(dependencyName, StringComparison.OrdinalIgnoreCase))
+            .ToArray();
+        if (ignoreConditions.Length == 1 && ignoreConditions[0].VersionRequirement is null)
+        {
+            // if only one match with no version requirement, ignore all versions
+            return [Requirement.Parse("> 0.0.0")];
+        }
+        var ignoredVersions = ignoreConditions
+            .Select(c => c.VersionRequirement)
+            .Where(r => r is not null)
+            .Cast<Requirement>()
+            .ToImmutableArray();
+        return ignoredVersions;
+    }
     internal static UpdatedDependencyList GetUpdatedDependencyListFromDiscovery(WorkspaceDiscoveryResult discoveryResult, string pathToContents)
     {
         string GetFullRepoPath(string path)

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/VersionConverter.cs ADDED Viewed

@@ -0,0 +1,19 @@
+using System.Text.Json;
+using System.Text.Json.Serialization;
+using NuGet.Versioning;
+namespace NuGetUpdater.Core.Analyze;
+public class VersionConverter : JsonConverter<NuGetVersion>
+{
+    public override NuGetVersion? Read(ref Utf8JsonReader reader, Type typeToConvert, JsonSerializerOptions options)
+    {
+        return NuGetVersion.Parse(reader.GetString()!);
+    }
+    public override void Write(Utf8JsonWriter writer, NuGetVersion value, JsonSerializerOptions options)
+    {
+        writer.WriteStringValue(value.ToString());
+    }
+}

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/BindingRedirectManager.cs CHANGED Viewed

@@ -60,7 +60,8 @@ internal static class BindingRedirectManager
         // finally we pull out the assembly `HintPath` values for _all_ references relative to the project file in a unix-style value
         //    e.g., ../packages/Some.Other.Package/4.5.6/lib/net45/Some.Other.Package.dll
         // all of that is passed to `AddBindingRedirects()` so we can ensure binding redirects for the relevant assemblies
-        var packagesDirectory = PackagesConfigUpdater.GetPathToPackagesDirectory(projectBuildFile, updatedPackageName, updatedPackageVersion, packagesConfigPath: null)!;
+        var packagesConfigPath = ProjectHelper.GetPackagesConfigPathFromProject(projectBuildFile.Path, ProjectHelper.PathFormat.Full);
+        var packagesDirectory = PackagesConfigUpdater.GetPathToPackagesDirectory(projectBuildFile, updatedPackageName, updatedPackageVersion, packagesConfigPath)!;
         var assemblyPathPrefix = Path.Combine(packagesDirectory, $"{updatedPackageName}.{updatedPackageVersion}").NormalizePathToUnix().EnsureSuffix("/");
         var assemblyPaths = references.Select(static x => x.HintPath).Select(x => Path.GetRelativePath(Path.GetDirectoryName(projectBuildFile.Path)!, x).NormalizePathToUnix()).ToList();
         var bindingsAndAssemblyPaths = bindings.Zip(assemblyPaths);

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/PackagesConfigUpdater.cs CHANGED Viewed

@@ -23,7 +23,7 @@ namespace NuGetUpdater.Core;
 /// See: https://learn.microsoft.com/en-us/nuget/reference/packages-config
 ///      https://learn.microsoft.com/en-us/nuget/resources/check-project-format
 /// <remarks>
-internal static class PackagesConfigUpdater
+internal static partial class PackagesConfigUpdater
 {
     public static async Task UpdateDependencyAsync(
         string repoRootPath,
@@ -215,7 +215,7 @@ internal static class PackagesConfigUpdater
         var hintPathSubString = $"{dependencyName}.{dependencyVersion}";
         string? partialPathMatch = null;
-        var specificHintPathNodes = projectBuildFile.Contents.Descendants().Where(e => e.IsHintPathNodeForDependency(dependencyName)).ToArray();
+        var specificHintPathNodes = projectBuildFile.Contents.Descendants().Where(e => e.IsHintPathNodeForDependency(dependencyName, dependencyVersion)).ToArray();
         foreach (var hintPathNode in specificHintPathNodes)
         {
             var hintPath = hintPathNode.GetContentValue();
@@ -266,8 +266,7 @@ internal static class PackagesConfigUpdater
                     foreach (var hintPathNode in genericHintPathNodes)
                     {
                         var hintPath = hintPathNode.GetContentValue();
-                        var match = Regex.Match(hintPath, @"^(?<PackagesPath>.*)[/\\](?<PackageNameAndVersion>[^/\\]+)[/\\]lib[/\\](?<Tfm>[^/\\]+)[/\\](?<AssemblyName>[^/\\]+)$");
-                        // e.g.,                              ..\..\packages     \    Some.Package.1.2.3              \    lib\     net45          \   Some.Package.dll
+                        var match = PackageAssemblyHintPathPattern().Match(hintPath);
                         if (match.Success)
                         {
                             partialPathMatch = match.Groups["PackagesPath"].Value;
@@ -297,17 +296,15 @@ internal static class PackagesConfigUpdater
         return false;
     }
-    private static bool IsHintPathNodeForDependency(this IXmlElementSyntax element, string dependencyName)
+    private static bool IsHintPathNodeForDependency(this IXmlElementSyntax element, string dependencyName, string dependencyVersion)
     {
         if (element.IsHintPathNode())
         {
-            // the include attribute will look like one of the following:
-            //   <Reference Include="Some.Dependency, Version=1.0.0.0, Culture=neutral, PublicKeyToken=abcd">
-            // or
-            //   <Reference Include="Some.Dependency">
-            string includeAttributeValue = element.Parent.GetAttributeValue("Include", StringComparison.OrdinalIgnoreCase);
-            if (includeAttributeValue.Equals(dependencyName, StringComparison.OrdinalIgnoreCase) ||
-                includeAttributeValue.StartsWith($"{dependencyName},", StringComparison.OrdinalIgnoreCase))
+            // the hint path will look similar to this:
+            //   ..\packages\Some.Package.1.2.3\lib\net45\Some.Package.dll
+            var assemblyPath = element.GetContentValue();
+            var match = PackageAssemblyHintPathPattern().Match(assemblyPath);
+            if (match.Success)
             {
                 return true;
             }
@@ -326,4 +323,8 @@ internal static class PackagesConfigUpdater
         return subpath;
     }
+    [GeneratedRegex(@"^(?<PackagesPath>.*)[/\\](?<PackageNameAndVersion>[^/\\]+)[/\\]lib[/\\](?<Tfm>[^/\\]+)[/\\](?<AssemblyName>[^/\\]+)$", RegexOptions.IgnoreCase)]
+    // e.g.,            ..\..\packages      \   Some.Package.1.2.3                \  lib  \   net45           \   Some.Package.dll
+    private static partial Regex PackageAssemblyHintPathPattern();
 }

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/JsonHelper.cs CHANGED Viewed

@@ -11,6 +11,7 @@ namespace NuGetUpdater.Core.Utilities
         public static JsonDocumentOptions DocumentOptions { get; } = new JsonDocumentOptions
         {
             CommentHandling = JsonCommentHandling.Skip,
+            AllowTrailingCommas = true,
         };
         public static JsonNode? ParseNode(string content)
@@ -24,6 +25,7 @@ namespace NuGetUpdater.Core.Utilities
             var readerOptions = new JsonReaderOptions
             {
                 CommentHandling = JsonCommentHandling.Allow,
+                AllowTrailingCommas = true,
             };
             var bytes = Encoding.UTF8.GetBytes(json);
             var reader = new Utf8JsonReader(bytes, readerOptions);

data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/ProjectHelper.cs CHANGED Viewed

@@ -74,7 +74,7 @@ internal static class ProjectHelper
     private static string? GetItemPathWithFileName(this ProjectRootElement projectRootElement, string itemFileName)
     {
         var projectDirectory = Path.GetDirectoryName(projectRootElement.FullPath)!;
-        var packagesConfigPath = projectRootElement.Items
+        var itemPath = projectRootElement.Items
             .Where(i => i.ElementName.Equals("None", StringComparison.OrdinalIgnoreCase) ||
                         i.ElementName.Equals("Content", StringComparison.OrdinalIgnoreCase))
             .Where(i => Path.GetFileName(i.Include).Equals(itemFileName, StringComparison.OrdinalIgnoreCase))
@@ -82,7 +82,7 @@ internal static class ProjectHelper
             .Where(File.Exists)
             .FirstOrDefault()
             ?.NormalizePathToUnix();
-        return packagesConfigPath;
+        return itemPath;
     }
     private static string? GetPathWithRegardsToProjectFile(string fullProjectPath, string fileName)