dependabot-nuget 0.303.0 → 0.304.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/JobErrorBase.cs +1 -0
  3. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/PrivateSourceBadResponse.cs +10 -0
  4. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/MSBuildHelper.cs +14 -0
  5. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Discover/DiscoveryWorkerTests.cs +77 -0
  6. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/SerializationTests.cs +8 -0
  7. data/lib/dependabot/nuget/native_helpers.rb +2 -0
  8. metadata +6 -5
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: c0d78d1b91ae626712aaadfdc2f4d03f8f15247b88b869a7285e0b4ad75a36c6
4
- data.tar.gz: 6bb59e2674de36c8fae8ee8172db65e6c64447a9f951bd9717bc5915b1a491b3
3
+ metadata.gz: d547d192189427062cf34249cc425d0f2f9caf8819fd458ff9e2843ef55dcba1
4
+ data.tar.gz: 23a7375b74154eb6340e503b338b165f76c6b4d0f7d86cea2db51094a174d121
5
5
  SHA512:
6
- metadata.gz: 0d71151a04b9a0ad457713832a763169027b9e24dc95366ffad4fa0011c7820f458410b288d4b85b3382f28923369cf56a60aa0d1970e66c91096c49c857b8b9
7
- data.tar.gz: c041d7724ecfbf3dd2cd43064ff566eae5526ee5fe73f5b51df153b093f75b5fbc3a0600bbbe4b250bb1919de3e779f233f9a6100d20bfcc1f0b67cbbb82a503
6
+ metadata.gz: 3f18c6832a2d52a4a758a474c73d475695d0eccfbff98e3eb1c582e75078bbcc68f2ef49ceac6b759ff4c91fb56a70a46b6ca2873f03ddce279f724d13c5a9d7
7
+ data.tar.gz: 2b5d56a8a30569675d58ddf27b9947c4eba359559940d5f64c5486756c0fa6df1d69ede0f3e0212a5adb04dd854ac6aebcc5564f9d4b8b65b08edac265b84537
data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/JobErrorBase.cs CHANGED
@@ -30,6 +30,7 @@ public abstract record JobErrorBase : MessageBase
30
30
  {
31
31
  HttpStatusCode.Unauthorized or
32
32
  HttpStatusCode.Forbidden => new PrivateSourceAuthenticationFailure(NuGetContext.GetPackageSourceUrls(currentDirectory)),
33
+ HttpStatusCode.TooManyRequests => new PrivateSourceBadResponse(NuGetContext.GetPackageSourceUrls(currentDirectory)),
33
34
  _ => new UnknownError(ex, jobId),
34
35
  },
35
36
  InvalidProjectFileException invalidProjectFile => new DependencyFileNotParseable(invalidProjectFile.ProjectFile),
data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/PrivateSourceBadResponse.cs ADDED
@@ -0,0 +1,10 @@
1
+ namespace NuGetUpdater.Core.Run.ApiModel;
2
+
3
+ public record PrivateSourceBadResponse : JobErrorBase
4
+ {
5
+ public PrivateSourceBadResponse(string[] urls)
6
+ : base("private_source_bad_response")
7
+ {
8
+ Details["source"] = $"({string.Join("|", urls)})";
9
+ }
10
+ }
data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/MSBuildHelper.cs CHANGED
@@ -968,6 +968,7 @@ internal static partial class MSBuildHelper
968
968
  ThrowOnMissingFile(output);
969
969
  ThrowOnMissingPackages(output);
970
970
  ThrowOnUpdateNotPossible(output);
971
+ ThrowOnRateLimitExceeded(output);
971
972
  }
972
973
 
973
974
  private static void ThrowOnUnauthenticatedFeed(string stdout)
@@ -985,6 +986,19 @@ internal static partial class MSBuildHelper
985
986
  }
986
987
  }
987
988
 
989
+ private static void ThrowOnRateLimitExceeded(string stdout)
990
+ {
991
+ var rateLimitMessageSnippets = new string[]
992
+ {
993
+ "Response status code does not indicate success: 429",
994
+ "429 (Too Many Requests)",
995
+ };
996
+ if (rateLimitMessageSnippets.Any(stdout.Contains))
997
+ {
998
+ throw new HttpRequestException(message: stdout, inner: null, statusCode: System.Net.HttpStatusCode.TooManyRequests);
999
+ }
1000
+ }
1001
+
988
1002
  private static void ThrowOnMissingFile(string output)
989
1003
  {
990
1004
  var missingFile = GetMissingFile(output);
data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Discover/DiscoveryWorkerTests.cs CHANGED
@@ -1247,6 +1247,83 @@ public partial class DiscoveryWorkerTests : DiscoveryWorkerTestBase
1247
1247
  );
1248
1248
  }
1249
1249
 
1250
+ [Fact]
1251
+ public async Task ReportsPrivateSourceBadResponseFailure()
1252
+ {
1253
+ static (int, string) TestHttpHandler(string uriString)
1254
+ {
1255
+ var uri = new Uri(uriString, UriKind.Absolute);
1256
+ var baseUrl = $"{uri.Scheme}://{uri.Host}:{uri.Port}";
1257
+ return uri.PathAndQuery switch
1258
+ {
1259
+ // initial request is good
1260
+ "/index.json" => (200, $$"""
1261
+ {
1262
+ "version": "3.0.0",
1263
+ "resources": [
1264
+ {
1265
+ "@id": "{{baseUrl}}/download",
1266
+ "@type": "PackageBaseAddress/3.0.0"
1267
+ },
1268
+ {
1269
+ "@id": "{{baseUrl}}/query",
1270
+ "@type": "SearchQueryService"
1271
+ },
1272
+ {
1273
+ "@id": "{{baseUrl}}/registrations",
1274
+ "@type": "RegistrationsBaseUrl"
1275
+ }
1276
+ ]
1277
+ }
1278
+ """),
1279
+ // all other requests are unauthorized
1280
+ _ => (429, "{}"),
1281
+ };
1282
+ }
1283
+ // override various nuget locations
1284
+ using var tempDir = new TemporaryDirectory();
1285
+ using var _ = new TemporaryEnvironment(
1286
+ [
1287
+ ("NUGET_PACKAGES", Path.Combine(tempDir.DirectoryPath, "NUGET_PACKAGES")),
1288
+ ("NUGET_HTTP_CACHE_PATH", Path.Combine(tempDir.DirectoryPath, "NUGET_HTTP_CACHE_PATH")),
1289
+ ("NUGET_SCRATCH", Path.Combine(tempDir.DirectoryPath, "NUGET_SCRATCH")),
1290
+ ("NUGET_PLUGINS_CACHE_PATH", Path.Combine(tempDir.DirectoryPath, "NUGET_PLUGINS_CACHE_PATH")),
1291
+ ]);
1292
+ using var http = TestHttpServer.CreateTestStringServer(TestHttpHandler);
1293
+ var experimentsManager = new ExperimentsManager() { UseDirectDiscovery = true };
1294
+ await TestDiscoveryAsync(
1295
+ experimentsManager: experimentsManager,
1296
+ workspacePath: "",
1297
+ files:
1298
+ [
1299
+ ("project.csproj", """
1300
+ <Project Sdk="Microsoft.NET.Sdk">
1301
+ <PropertyGroup>
1302
+ <TargetFramework>net8.0</TargetFramework>
1303
+ </PropertyGroup>
1304
+ <ItemGroup>
1305
+ <PackageReference Include="Some.Package" Version="1.2.3" />
1306
+ </ItemGroup>
1307
+ </Project>
1308
+ """),
1309
+ ("NuGet.Config", $"""
1310
+ <configuration>
1311
+ <packageSources>
1312
+ <clear />
1313
+ <add key="private_feed" value="{http.BaseUrl.TrimEnd('/')}/index.json" allowInsecureConnections="true" />
1314
+ </packageSources>
1315
+ </configuration>
1316
+ """),
1317
+ ],
1318
+ expectedResult: new()
1319
+ {
1320
+ Error = new PrivateSourceBadResponse([$"{http.BaseUrl.TrimEnd('/')}/index.json"]),
1321
+ Path = "",
1322
+ Projects = [],
1323
+ }
1324
+ );
1325
+ }
1326
+
1250
1327
  [LinuxOnlyFact]
1251
1328
  public async Task DiscoverySucceedsWhenNoWindowsAppRefPackageCanBeFound()
1252
1329
  {
data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/SerializationTests.cs CHANGED
@@ -649,6 +649,14 @@ public class SerializationTests
649
649
  """
650
650
  ];
651
651
 
652
+ yield return
653
+ [
654
+ new PrivateSourceBadResponse(["url1", "url2"]),
655
+ """
656
+ {"data":{"error-type":"private_source_bad_response","error-details":{"source":"(url1|url2)"}}}
657
+ """
658
+ ];
659
+
652
660
  yield return
653
661
  [
654
662
  new PullRequestExistsForLatestVersion("dep", "ver"),
data/lib/dependabot/nuget/native_helpers.rb CHANGED
@@ -348,6 +348,8 @@ module Dependabot
348
348
  raise BadRequirementError, T.let(error_details.fetch("message"), String)
349
349
  when "private_source_authentication_failure"
350
350
  raise PrivateSourceAuthenticationFailure, T.let(error_details.fetch("source"), String)
351
+ when "private_source_bad_response"
352
+ raise PrivateSourceBadResponse, T.let(error_details.fetch("source"), String)
351
353
  when "update_not_possible"
352
354
  raise UpdateNotPossible, T.let(error_details.fetch("dependencies"), T::Array[String])
353
355
  when "unknown_error"
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-nuget
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.303.0
4
+ version: 0.304.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2025-03-27 00:00:00.000000000 Z
11
+ date: 2025-04-03 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.303.0
19
+ version: 0.304.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.303.0
26
+ version: 0.304.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: rubyzip
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -465,6 +465,7 @@ files:
465
465
  - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/MarkAsProcessed.cs
466
466
  - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/MessageBase.cs
467
467
  - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/PrivateSourceAuthenticationFailure.cs
468
+ - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/PrivateSourceBadResponse.cs
468
469
  - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/PullRequest.cs
469
470
  - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/PullRequestDependency.cs
470
471
  - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/PullRequestExistsForLatestVersion.cs
@@ -549,7 +550,7 @@ licenses:
549
550
  - MIT
550
551
  metadata:
551
552
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
552
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.303.0
553
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.304.0
553
554
  post_install_message:
554
555
  rdoc_options: []
555
556
  require_paths: