Skip to content

Commit

Permalink
fix nuget ignored package version handling (#9824)
Browse files Browse the repository at this point in the history
  • Loading branch information
brettfo authored May 27, 2024
1 parent b8605c0 commit c6745da
Show file tree
Hide file tree
Showing 6 changed files with 21 additions and 7 deletions.
1 change: 1 addition & 0 deletions nuget/lib/dependabot/nuget/update_checker.rb
Original file line number Diff line number Diff line change
Expand Up @@ -125,6 +125,7 @@ def updated_dependencies_after_full_unlock
updated_dependencies += DependencyFinder.new(
dependency: updated_dependency,
dependency_files: dependency_files,
ignored_versions: ignored_versions,
credentials: credentials,
repo_contents_path: @repo_contents_path
).updated_peer_dependencies
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -37,13 +37,15 @@ def self.fetch_dependencies_cache
params(
dependency: Dependabot::Dependency,
dependency_files: T::Array[Dependabot::DependencyFile],
ignored_versions: T::Array[String],
credentials: T::Array[Dependabot::Credential],
repo_contents_path: T.nilable(String)
).void
end
def initialize(dependency:, dependency_files:, credentials:, repo_contents_path:)
def initialize(dependency:, dependency_files:, ignored_versions:, credentials:, repo_contents_path:)
@dependency = dependency
@dependency_files = dependency_files
@ignored_versions = ignored_versions
@credentials = credentials
@repo_contents_path = repo_contents_path
end
Expand Down Expand Up @@ -127,6 +129,9 @@ def updated_peer_dependencies
sig { returns(T::Array[Dependabot::DependencyFile]) }
attr_reader :dependency_files

sig { returns(T::Array[String]) }
attr_reader :ignored_versions

sig { returns(T::Array[Dependabot::Credential]) }
attr_reader :credentials

Expand Down Expand Up @@ -280,7 +285,7 @@ def version_finder(dep)
dependency: dep,
dependency_files: dependency_files,
credentials: credentials,
ignored_versions: [],
ignored_versions: ignored_versions,
raise_on_ignored: false,
security_advisories: [],
repo_contents_path: repo_contents_path
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -134,6 +134,7 @@ def process_updated_peer_dependencies(dependency, dependencies)
DependencyFinder.new(
dependency: dependency,
dependency_files: dependency_files,
ignored_versions: ignored_versions,
credentials: credentials,
repo_contents_path: repo_contents_path
).updated_peer_dependencies.each do |peer_dependency|
Expand Down
5 changes: 2 additions & 3 deletions nuget/lib/dependabot/nuget/update_checker/version_finder.rb
Original file line number Diff line number Diff line change
Expand Up @@ -187,12 +187,11 @@ def filter_prereleases(possible_versions)
end
def filter_ignored_versions(possible_versions)
filtered = possible_versions

ignored_versions.each do |req|
ignore_req = requirement_class.new(parse_requirement_string(req))
ignore_reqs = parse_requirement_string(req).map { |r| requirement_class.new(r) }
filtered =
filtered
.reject { |v| ignore_req.satisfied_by?(v.fetch(:version)) }
.reject { |v| ignore_reqs.any? { |r| r.satisfied_by?(v.fetch(:version)) } }
end

if @raise_on_ignored && filter_lower_versions(filtered).empty? &&
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@
described_class.new(
dependency: dependency,
dependency_files: dependency_files,
ignored_versions: [],
credentials: credentials,
repo_contents_path: "test/repo"
)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -236,7 +236,7 @@
end

context "when a version range is specified using Ruby syntax" do
let(:ignored_versions) { [">= 2.a, < 3.0.0"] }
let(:ignored_versions) { [">= 2.a"] }
let(:expected_version) { "1.1.2" }

its([:version]) { is_expected.to eq(version_class.new("1.1.2")) }
Expand Down Expand Up @@ -274,6 +274,13 @@
end
end

context "when the user is ignoring all versions but a very specific one" do
let(:ignored_versions) { ["< 1.1.1, > 1.1.1"] }
let(:expected_version) { "1.1.1" }

its([:version]) { is_expected.to eq(expected_version_instance) }
end

context "with a custom repo in a nuget.config file" do
let(:config_file) do
Dependabot::DependencyFile.new(
Expand Down Expand Up @@ -688,7 +695,7 @@ def create_nupkg(nuspec_name, nuspec_content)
its([:version]) { is_expected.to eq(version_class.new("2.0.0")) }

context "when the user is ignoring the lowest version" do
let(:ignored_versions) { [">= 2.a, <= 2.0.0"] }
let(:ignored_versions) { ["<= 2.0.0"] }
let(:expected_version) { "2.0.3" }

its([:version]) { is_expected.to eq(version_class.new("2.0.3")) }
Expand Down

0 comments on commit c6745da

Please sign in to comment.