Skip to content

Commit

Permalink
Support NuGet lockfiles (Updated) (#9678)
Browse files Browse the repository at this point in the history
* Ignore VSCode C# Dev Kit

* Add rb logic for nuget lock file

* Add cs logic to handle nuget lock files

* Some fixes in nuget file_updater.rb

* Fix file_fetcher

* fixed fetch_files

* Update lock files as part of project updates instead of directly updating them

* MSBuildHelper.SidelineGlobalJsonAsync

* Update LockFileUpdater.cs

---------

Co-authored-by: AbdulFattaah Popoola <abdulapopoola@github.com>
  • Loading branch information
na1307 and abdulapopoola authored Sep 25, 2024
1 parent de37efa commit 08f2675
Show file tree
Hide file tree
Showing 4 changed files with 53 additions and 0 deletions.
2 changes: 2 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -30,3 +30,5 @@ coverage/
spoom_data/
spoom_report.html
.vs/
# Ignore VSCode C# Dev Kit
**/.mono/**/values.xml
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
namespace NuGetUpdater.Core;

internal static class LockFileUpdater
{
public static async Task UpdateLockFileAsync(
string repoRootPath,
string projectPath,
Logger logger)
{
var projectDirectory = Path.GetDirectoryName(projectPath);
var lockPath = Path.Combine(projectDirectory, "packages.lock.json");
logger.Log($" Updating lock file");
if (!File.Exists(lockPath))
{
logger.Log($" File [{Path.GetRelativePath(repoRootPath, lockPath)}] does not exist.");
return;
}

await MSBuildHelper.SidelineGlobalJsonAsync(projectDirectory, repoRootPath, async () =>
{
var (exitCode, stdout, stderr) = await ProcessEx.RunAsync("dotnet", $"restore --force-evaluate {projectPath}", workingDirectory: projectDirectory);
if (exitCode != 0)
{
logger.Log($" Lock file update failed.\nSTDOUT:\n{stdout}\nSTDERR:\n{stderr}");
}
}, retainMSBuildSdks: true);
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -189,5 +189,11 @@ private async Task RunUpdaterAsync(

// Some repos use a mix of packages.config and PackageReference
await SdkPackageUpdater.UpdateDependencyAsync(repoRootPath, projectPath, dependencyName, previousDependencyVersion, newDependencyVersion, isTransitive, _logger);

// Update lock file if exists
if (File.Exists(Path.Combine(Path.GetDirectoryName(projectPath), "packages.lock.json")))
{
await LockFileUpdater.UpdateLockFileAsync(repoRootPath, projectPath, _logger);
}
}
}
17 changes: 17 additions & 0 deletions nuget/lib/dependabot/nuget/file_fetcher.rb
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,7 @@ def initialize(source:, credentials:, repo_contents_path: nil, options: {})
@nuget_config_files = T.let(nil, T.nilable(T::Array[Dependabot::DependencyFile]))
@packages_config_files = T.let(nil, T.nilable(T::Array[Dependabot::DependencyFile]))
@assembly_binding_redirect_config_files = T.let(nil, T.nilable(T::Array[Dependabot::DependencyFile]))
@packages_lock_files = T.let(nil, T.nilable(T::Array[Dependabot::DependencyFile]))
end

sig { override.returns(T::Array[DependencyFile]) }
Expand All @@ -63,6 +64,7 @@ def fetch_files
*packages_config_files,
*assembly_binding_redirect_config_files,
*nuget_config_files,
*packages_lock_files,
global_json,
dotnet_tools_json,
packages_props
Expand Down Expand Up @@ -266,6 +268,21 @@ def nuget_config_files
@nuget_config_files
end

sig { returns(T::Array[Dependabot::DependencyFile]) }
def packages_lock_files
return @packages_lock_files if @packages_lock_files

candidate_paths =
[*project_files.map { |f| File.dirname(f.name) }, "."].uniq

@packages_lock_files =
candidate_paths.filter_map do |dir|
file = repo_contents(dir: dir)
.find { |f| f.name.casecmp("packages.lock.json").zero? }
fetch_file_from_host(File.join(dir, file.name)) if file
end
end

sig do
params(
project_file: Dependabot::DependencyFile,
Expand Down

0 comments on commit 08f2675

Please sign in to comment.