dependabot-nuget 0.380.0 → 0.381.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/GlobalJsonDiscovery.cs +17 -2
  3. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/SdkProjectDiscovery.cs +8 -1
  4. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/MSBuildHelper.cs +9 -0
  5. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Discover/DiscoveryWorkerTests.GlobalJson.cs +31 -0
  6. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Discover/DiscoveryWorkerTests.PackagesConfig.cs +80 -0
  7. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Utilities/MSBuildHelperTests.cs +8 -0
  8. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 7d1e2d0fc0dbdb9ca5edd820796d80e93ff3508a43ec0a21e25be1ca9a296dcd
4
- data.tar.gz: 77f9feddc3e1f6a42a72770aef37989b081b19c4d721b4131b0c575a1cc27ae6
3
+ metadata.gz: e7b5e7ecbcdfec1745579022fa1120f674bc82f492d1ea4eca4c2dea429558a2
4
+ data.tar.gz: a41a8ebdd8d8301739d30b922971bd3492be935aec49c6fe09a2f1d97deb6b98
5
5
  SHA512:
6
- metadata.gz: 2ac9681cf7e3f0e093c8bda609e7706b37bc5d8c2299c8dd8f0be92d16c9c1e8960b9fa1b82f293e4b0ba0a25c40709614fa5cff5c3e1d354aa2b079f611e88a
7
- data.tar.gz: bbcf9c27baa289052da2eb6fcfeab8cd2610cfc855eb466a3f3857476a23726969cca288157462174a9bdc616444a061db54813ecbefe5c0d8343dbfcdbcea3e
6
+ metadata.gz: f669096630ab540383c4e8e4d5de53cc10c85700bfef3171f57fbb30dfade61a17e14fbbb0e9d845d7a83410ce0452d22c4bd32ccaf2eec4c05c14253591d983
7
+ data.tar.gz: 899acdbff1b55fda3bd97c2b1591c282dcd659b872ce46ef8901b69430bb74e1188c2fb4211e1b6dc402918fe5e497048eaa17442fa553f753a678f5fec5f593
data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/GlobalJsonDiscovery.cs CHANGED
@@ -1,5 +1,7 @@
1
1
  using System.Collections.Immutable;
2
2
 
3
+ using NuGet.Versioning;
4
+
3
5
  namespace NuGetUpdater.Core.Discover;
4
6
 
5
7
  internal static class GlobalJsonDiscovery
@@ -16,15 +18,28 @@ internal static class GlobalJsonDiscovery
16
18
 
17
19
  logger.Info($" Discovered [{globalJsonFile.RelativePath}] file.");
18
20
 
19
- var dependencies = BuildFile.GetDependencies(globalJsonFile)
21
+ var allDependencies = BuildFile.GetDependencies(globalJsonFile)
20
22
  .OrderBy(d => d.Name)
21
23
  .ToImmutableArray();
22
24
 
25
+ var dependencies = ImmutableArray.CreateBuilder<Dependency>();
26
+ foreach (var dependency in allDependencies)
27
+ {
28
+ if (NuGetVersion.TryParse(dependency.Version, out _))
29
+ {
30
+ dependencies.Add(dependency);
31
+ }
32
+ else
33
+ {
34
+ logger.Warn($" Dependency '{dependency.Name}' has an unparseable version: '{dependency.Version}' and will be ignored.");
35
+ }
36
+ }
37
+
23
38
  return new()
24
39
  {
25
40
  FilePath = globalJsonFile.RelativePath,
26
41
  IsSuccess = !globalJsonFile.FailedToParse,
27
- Dependencies = dependencies,
42
+ Dependencies = dependencies.ToImmutable(),
28
43
  };
29
44
  }
30
45
  }
data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/SdkProjectDiscovery.cs CHANGED
@@ -207,6 +207,7 @@ internal static class SdkProjectDiscovery
207
207
  }
208
208
 
209
209
  MSBuildHelper.ThrowOnError(stdOut);
210
+ MSBuildHelper.ThrowOnError(stdErr);
210
211
  if (exitCode != 0)
211
212
  {
212
213
  // log error, but still try to resolve what we can
@@ -831,7 +832,13 @@ internal static class SdkProjectDiscovery
831
832
  var tempProjectPath = await MSBuildHelper.CreateTempProjectAsync(tempDirectory, repoRootPath, projectPath, targetFrameworks, topLevelDependencies, logger);
832
833
  var tempProjectDirectory = Path.GetDirectoryName(tempProjectPath)!;
833
834
  var rediscoveredDependencies = await DiscoverAsync(tempProjectDirectory, tempProjectDirectory, tempProjectPath, experimentsManager, logger);
834
- var rediscoveredDependenciesForThisProject = rediscoveredDependencies.Single(); // we started with a single temp project, this will be the only result
835
+ var tempProjectFileName = Path.GetFileName(tempProjectPath);
836
+ var rediscoveredDependenciesForThisProject = rediscoveredDependencies.FirstOrDefault(r => PathComparer.Instance.Equals(r.FilePath, tempProjectFileName));
837
+ if (rediscoveredDependenciesForThisProject is null)
838
+ {
839
+ logger.Warn($"Unable to rediscover packages for legacy project {projectPath}; using original package set.");
840
+ return packagesPerProject;
841
+ }
835
842
 
836
843
  // re-build packagesPerProject
837
844
  var rebuiltPackagesPerProject = packagesPerProject.ToDictionary(PathComparer.Instance); // shallow copy
data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/MSBuildHelper.cs CHANGED
@@ -670,6 +670,7 @@ internal static partial class MSBuildHelper
670
670
  ThrowOnUnparseableFile(output);
671
671
  ThrowOnMultipleProjectsForPackagesConfig(output);
672
672
  ThrowOnCircularDependency(output);
673
+ ThrowOnInvalidIcuPackage(output);
673
674
  }
674
675
 
675
676
  private static void ThrowOnUnauthenticatedFeed(string stdout)
@@ -821,6 +822,14 @@ internal static partial class MSBuildHelper
821
822
  }
822
823
  }
823
824
 
825
+ private static void ThrowOnInvalidIcuPackage(string output)
826
+ {
827
+ if (output.Contains("Couldn't find a valid ICU package installed on the system."))
828
+ {
829
+ throw new Exception("Couldn't find a valid ICU package installed on the system. Likely EOL SDK.");
830
+ }
831
+ }
832
+
824
833
  internal static bool TryGetGlobalJsonPath(string repoRootPath, string workspacePath, [NotNullWhen(returnValue: true)] out string? globalJsonPath)
825
834
  {
826
835
  globalJsonPath = PathHelper.GetFileInDirectoryOrParent(workspacePath, repoRootPath, "global.json", caseSensitive: false);
data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Discover/DiscoveryWorkerTests.GlobalJson.cs CHANGED
@@ -103,5 +103,36 @@ public partial class DiscoveryWorkerTests
103
103
  }
104
104
  );
105
105
  }
106
+
107
+ [Fact]
108
+ public async Task FiltersDependenciesWithUnparseableVersions()
109
+ {
110
+ await TestDiscoveryAsync(
111
+ packages: [],
112
+ workspacePath: "",
113
+ files: [
114
+ ("global.json", """
115
+ {
116
+ "sdk": {
117
+ "version": "2.2.104"
118
+ },
119
+ "msbuild-sdks": {
120
+ "Microsoft.Build.Traversal": "not-a-version"
121
+ }
122
+ }
123
+ """),
124
+ ],
125
+ expectedResult: new()
126
+ {
127
+ Path = "",
128
+ GlobalJson = new()
129
+ {
130
+ FilePath = "global.json",
131
+ ExpectedDependencyCount = 0,
132
+ },
133
+ ExpectedProjectCount = 0,
134
+ }
135
+ );
136
+ }
106
137
  }
107
138
  }
data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Discover/DiscoveryWorkerTests.PackagesConfig.cs CHANGED
@@ -271,5 +271,85 @@ public partial class DiscoveryWorkerTests
271
271
  }
272
272
  );
273
273
  }
274
+ [Fact]
275
+ public async Task LegacyProjectWithIncompatibleCPMPackagesDoesNotCrash()
276
+ {
277
+ // A legacy packages.config project in a repo with CPM enabled.
278
+ // The CPM Directory.Packages.props defines a package that only supports net8.0,
279
+ // which is incompatible with the project's net48 TFM. This previously caused
280
+ // RebuildPackagesPerProject to crash with "Sequence contains no elements" when
281
+ // the temp project restore failed and DiscoverAsync returned empty results.
282
+ await TestDiscoveryAsync(
283
+ packages:
284
+ [
285
+ MockNuGetPackage.CreateSimplePackage("PackageReferencedThroughLegacyMechanism", "1.0.0", "net48"),
286
+ MockNuGetPackage.CreateSimplePackage("PackageOnlyCompatibleWithNet8", "2.0.0", "net8.0"),
287
+ ],
288
+ workspacePath: "src",
289
+ files: [
290
+ ("Directory.Build.props", """
291
+ <Project>
292
+ <ItemGroup>
293
+ <PackageReference Include="PackageOnlyCompatibleWithNet8" />
294
+ </ItemGroup>
295
+ </Project>
296
+ """),
297
+ ("Directory.Build.targets", "<Project />"),
298
+ ("Directory.Packages.props", """
299
+ <Project>
300
+ <PropertyGroup>
301
+ <ManagePackageVersionsCentrally>true</ManagePackageVersionsCentrally>
302
+ </PropertyGroup>
303
+ <ItemGroup>
304
+ <PackageVersion Include="PackageOnlyCompatibleWithNet8" Version="2.0.0" />
305
+ </ItemGroup>
306
+ </Project>
307
+ """),
308
+ ("src/myproj.csproj", """
309
+ <Project ToolsVersion="15.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
310
+ <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
311
+ <PropertyGroup>
312
+ <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
313
+ </PropertyGroup>
314
+ <ItemGroup>
315
+ <None Include="packages.config" />
316
+ </ItemGroup>
317
+ <ItemGroup>
318
+ <Reference Include="PackageReferencedThroughLegacyMechanism">
319
+ <HintPath>packages\PackageReferencedThroughLegacyMechanism.1.0.0\lib\net48\PackageReferencedThroughLegacyMechanism.dll</HintPath>
320
+ <Private>True</Private>
321
+ </Reference>
322
+ </ItemGroup>
323
+ <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
324
+ </Project>
325
+ """),
326
+ ("src/packages.config", """
327
+ <?xml version="1.0" encoding="utf-8"?>
328
+ <packages>
329
+ <package id="PackageReferencedThroughLegacyMechanism" version="1.0.0" targetFramework="net48" />
330
+ </packages>
331
+ """),
332
+ ],
333
+ expectedResult: new()
334
+ {
335
+ Path = "src",
336
+ Projects = [
337
+ new()
338
+ {
339
+ FilePath = "myproj.csproj",
340
+ TargetFrameworks = ["net48"],
341
+ Dependencies = [
342
+ new("PackageReferencedThroughLegacyMechanism", "1.0.0", DependencyType.PackagesConfig, TargetFrameworks: ["net48"]),
343
+ ],
344
+ ReferencedProjectPaths = [],
345
+ ImportedFiles = [],
346
+ AdditionalFiles = [
347
+ "packages.config"
348
+ ],
349
+ }
350
+ ],
351
+ }
352
+ );
353
+ }
274
354
  }
275
355
  }
data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Utilities/MSBuildHelperTests.cs CHANGED
@@ -654,5 +654,13 @@ public class MSBuildHelperTests : TestBase
654
654
  // expectedError
655
655
  new UnknownError(new Exception("Circular dependency detected"), "TEST-JOB-ID"),
656
656
  ];
657
+
658
+ yield return
659
+ [
660
+ // output
661
+ "Couldn't find a valid ICU package installed on the system. Set the configuration flag System.Globalization.Invariant to true if you want to run with no globalization support.",
662
+ // expectedError
663
+ new UnknownError(new Exception("Couldn't find a valid ICU package installed on the system. Likely EOL SDK."), "TEST-JOB-ID"),
664
+ ];
657
665
  }
658
666
  }
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-nuget
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.380.0
4
+ version: 0.381.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
@@ -15,14 +15,14 @@ dependencies:
15
15
  requirements:
16
16
  - - '='
17
17
  - !ruby/object:Gem::Version
18
- version: 0.380.0
18
+ version: 0.381.0
19
19
  type: :runtime
20
20
  prerelease: false
21
21
  version_requirements: !ruby/object:Gem::Requirement
22
22
  requirements:
23
23
  - - '='
24
24
  - !ruby/object:Gem::Version
25
- version: 0.380.0
25
+ version: 0.381.0
26
26
  - !ruby/object:Gem::Dependency
27
27
  name: debug
28
28
  requirement: !ruby/object:Gem::Requirement
@@ -579,7 +579,7 @@ licenses:
579
579
  - MIT
580
580
  metadata:
581
581
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
582
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.380.0
582
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.381.0
583
583
  rdoc_options: []
584
584
  require_paths:
585
585
  - lib