From 9d454fd8848f598c8ef58238a7af35dfd1dd5e26 Mon Sep 17 00:00:00 2001 From: Jonghyo Lee Date: Mon, 6 May 2024 14:10:33 +0900 Subject: [PATCH 1/9] Ignore VSCode C# Dev Kit --- .gitignore | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitignore b/.gitignore index 6cfd98c4b89..eef403d34be 100644 --- a/.gitignore +++ b/.gitignore @@ -29,3 +29,5 @@ coverage/ # Ignore spoom coverage report spoom_data/ spoom_report.html +# Ignore VSCode C# Dev Kit +**/.mono/**/values.xml From db9ebd645815d07ddbb3a26aa0c8f1239b928d71 Mon Sep 17 00:00:00 2001 From: Jonghyo Lee Date: Mon, 6 May 2024 16:49:07 +0900 Subject: [PATCH 2/9] Add rb logic for nuget lock file --- nuget/lib/dependabot/nuget/file_fetcher.rb | 16 +++++++++++++ nuget/lib/dependabot/nuget/file_updater.rb | 27 +++++++++++++++++++++- 2 files changed, 42 insertions(+), 1 deletion(-) diff --git a/nuget/lib/dependabot/nuget/file_fetcher.rb b/nuget/lib/dependabot/nuget/file_fetcher.rb index 289a0514b0c..2afa0194718 100644 --- a/nuget/lib/dependabot/nuget/file_fetcher.rb +++ b/nuget/lib/dependabot/nuget/file_fetcher.rb @@ -61,6 +61,7 @@ def fetch_files fetched_files += packages_config_files fetched_files += nuget_config_files + fetched_files += packages_lock_files fetched_files << global_json if global_json fetched_files << dotnet_tools_json if dotnet_tools_json fetched_files << packages_props if packages_props @@ -246,6 +247,21 @@ def nuget_config_files @nuget_config_files end + sig { returns(T::Array[Dependabot::DependencyFile]) } + def packages_lock_files + return @packages_lock_files if @packages_lock_files + + candidate_paths = + [*project_files.map { |f| File.dirname(f.name) }, "."].uniq + + @packages_lock_files = + candidate_paths.filter_map do |dir| + file = repo_contents(dir: dir) + .find { |f| f.name.casecmp("packages.lock.json").zero? } + fetch_file_from_host(File.join(dir, file.name)) if file + end + end + sig do params( project_file: Dependabot::DependencyFile, diff --git a/nuget/lib/dependabot/nuget/file_updater.rb b/nuget/lib/dependabot/nuget/file_updater.rb index cd9bf545fc3..1087ee1aa18 100644 --- a/nuget/lib/dependabot/nuget/file_updater.rb +++ b/nuget/lib/dependabot/nuget/file_updater.rb @@ -25,7 +25,8 @@ def self.updated_files_regex /^dotnet-tools\.json$/i, /^Directory\.Build\.props$/i, /^Directory\.Build\.targets$/i, - /^Packages\.props$/i + /^Packages\.props$/i, + /^packages\.lock\.json$/i ] end @@ -35,6 +36,7 @@ def updated_dependency_files SharedHelpers.in_a_temporary_repo_directory(base_dir, repo_contents_path) do dependencies.each do |dependency| try_update_projects(dependency) || try_update_json(dependency) + try_update_packages_lock_json(dependency) end updated_files = dependency_files.filter_map do |f| updated_content = File.read(dependency_file_path(f)) @@ -101,6 +103,22 @@ def try_update_json(dependency) false end + sig { params(dependency: Dependabot::Dependency).returns(T::Boolean) } + def try_update_packages_lock_json(dependency) + if lock_files.any? + # run update for each lock file + lock_files.each do |lock_file| + lock_path = dependency_file_path(lock_file) + + call_nuget_updater_tool(dependency, lock_path) + end + + return true + end + + false + end + sig { params(dependency: Dependency, proj_path: String).void } def call_nuget_updater_tool(dependency, proj_path) NativeHelpers.run_nuget_updater_tool(repo_root: T.must(repo_contents_path), proj_path: proj_path, @@ -212,6 +230,13 @@ def packages_config_files end end + sig { returns(T::Array[Dependabot::DependencyFile]) } + def lock_files + dependency_files.select do |f| + T.must(T.must(f.name.split("/").last).casecmp("packages.lock.json")).zero? + end + end + sig { override.void } def check_required_files return if project_files.any? || packages_config_files.any? From c4843a68fc5a59fbb2be603adccf5b1f514a62ee Mon Sep 17 00:00:00 2001 From: Jonghyo Lee Date: Mon, 6 May 2024 17:15:04 +0900 Subject: [PATCH 3/9] Add cs logic to handle nuget lock files --- .../Updater/UpdaterWorker.cs | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/nuget/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/UpdaterWorker.cs b/nuget/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/UpdaterWorker.cs index 9175942d005..e60bbc8f78e 100644 --- a/nuget/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/UpdaterWorker.cs +++ b/nuget/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/UpdaterWorker.cs @@ -1,3 +1,5 @@ +using System.Diagnostics; + namespace NuGetUpdater.Core; public class UpdaterWorker @@ -39,6 +41,9 @@ public async Task RunAsync(string repoRootPath, string workspacePath, string dep case ".vbproj": await RunForProjectAsync(repoRootPath, workspacePath, dependencyName, previousDependencyVersion, newDependencyVersion, isTransitive); break; + case ".json": + await RunForPackagesLockAsync(repoRootPath, workspacePath); + break; default: _logger.Log($"File extension [{extension}] is not supported."); break; @@ -117,6 +122,20 @@ private async Task RunForProjectAsync( } } + private async Task RunForPackagesLockAsync( + string repoRootPath, + string lockPath) + { + _logger.Log($"Running for lock file [{Path.GetRelativePath(repoRootPath, lockPath)}]"); + if (!File.Exists(lockPath)) + { + _logger.Log($"File [{lockPath}] does not exist."); + return; + } + + await Process.Start("dotnet", $"restore --force-evaluate {Path.GetDirectoryName(lockPath)}").WaitForExitAsync(); + } + private async Task RunUpdaterAsync( string repoRootPath, string projectPath, From 8fea953db0a7aa7209877adf7f2e17976a9d4df1 Mon Sep 17 00:00:00 2001 From: Jonghyo Lee Date: Mon, 6 May 2024 17:38:00 +0900 Subject: [PATCH 4/9] Some fixes in nuget file_updater.rb --- nuget/lib/dependabot/nuget/file_updater.rb | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/nuget/lib/dependabot/nuget/file_updater.rb b/nuget/lib/dependabot/nuget/file_updater.rb index 1087ee1aa18..105e4f3632f 100644 --- a/nuget/lib/dependabot/nuget/file_updater.rb +++ b/nuget/lib/dependabot/nuget/file_updater.rb @@ -35,8 +35,11 @@ def updated_dependency_files base_dir = T.must(dependency_files.first).directory SharedHelpers.in_a_temporary_repo_directory(base_dir, repo_contents_path) do dependencies.each do |dependency| - try_update_projects(dependency) || try_update_json(dependency) - try_update_packages_lock_json(dependency) + if try_update_projects(dependency) + try_update_packages_lock_json(dependency) + else + try_update_json(dependency) + end end updated_files = dependency_files.filter_map do |f| updated_content = File.read(dependency_file_path(f)) @@ -105,6 +108,8 @@ def try_update_json(dependency) sig { params(dependency: Dependabot::Dependency).returns(T::Boolean) } def try_update_packages_lock_json(dependency) + update_ran = T.let(false, T::Boolean) + if lock_files.any? # run update for each lock file lock_files.each do |lock_file| @@ -112,11 +117,9 @@ def try_update_packages_lock_json(dependency) call_nuget_updater_tool(dependency, lock_path) end - - return true + update_ran = true end - - false + update_ran end sig { params(dependency: Dependency, proj_path: String).void } From 7a430eb15317ca6ab41efa7957fee4a95b35d659 Mon Sep 17 00:00:00 2001 From: Jonghyo Lee Date: Mon, 6 May 2024 17:54:19 +0900 Subject: [PATCH 5/9] Fix file_fetcher --- nuget/lib/dependabot/nuget/file_fetcher.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/nuget/lib/dependabot/nuget/file_fetcher.rb b/nuget/lib/dependabot/nuget/file_fetcher.rb index 2afa0194718..b1f163d84d9 100644 --- a/nuget/lib/dependabot/nuget/file_fetcher.rb +++ b/nuget/lib/dependabot/nuget/file_fetcher.rb @@ -50,6 +50,7 @@ def initialize(source:, credentials:, repo_contents_path: nil, options: {}) @fetched_files = T.let({}, T::Hash[String, T::Array[Dependabot::DependencyFile]]) @nuget_config_files = T.let(nil, T.nilable(T::Array[Dependabot::DependencyFile])) @packages_config_files = T.let(nil, T.nilable(T::Array[Dependabot::DependencyFile])) + @packages_lock_files = T.let(nil, T.nilable(T::Array[Dependabot::DependencyFile])) end sig { override.returns(T::Array[DependencyFile]) } From 68c007d77a70e93bddb32b0af7d9a1a767c3e52e Mon Sep 17 00:00:00 2001 From: Jonghyo Lee Date: Thu, 6 Jun 2024 14:18:04 +0900 Subject: [PATCH 6/9] fixed fetch_files --- nuget/lib/dependabot/nuget/file_fetcher.rb | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/nuget/lib/dependabot/nuget/file_fetcher.rb b/nuget/lib/dependabot/nuget/file_fetcher.rb index b1f163d84d9..5c80fe2d16e 100644 --- a/nuget/lib/dependabot/nuget/file_fetcher.rb +++ b/nuget/lib/dependabot/nuget/file_fetcher.rb @@ -55,17 +55,17 @@ def initialize(source:, credentials:, repo_contents_path: nil, options: {}) sig { override.returns(T::Array[DependencyFile]) } def fetch_files - fetched_files = [] - fetched_files += project_files - fetched_files += directory_build_files - fetched_files += imported_property_files - - fetched_files += packages_config_files - fetched_files += nuget_config_files - fetched_files += packages_lock_files - fetched_files << global_json if global_json - fetched_files << dotnet_tools_json if dotnet_tools_json - fetched_files << packages_props if packages_props + fetched_files = [ + *project_files, + *directory_build_files, + *imported_property_files, + *packages_config_files, + *nuget_config_files, + *packages_lock_files, + global_json, + dotnet_tools_json, + packages_props + ].compact # dedup files based on their absolute path fetched_files = fetched_files.uniq do |fetched_file| From c0296b200719d7ff1e5b0d71348d41cf7a206cad Mon Sep 17 00:00:00 2001 From: Jonghyo Lee Date: Sun, 9 Jun 2024 16:36:00 +0900 Subject: [PATCH 7/9] Update lock files as part of project updates instead of directly updating them --- .../Updater/LockFileUpdater.cs | 27 ++++++++++++++++ .../Updater/UpdaterWorker.cs | 25 ++++----------- nuget/lib/dependabot/nuget/file_updater.rb | 32 ++----------------- 3 files changed, 35 insertions(+), 49 deletions(-) create mode 100644 nuget/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/LockFileUpdater.cs diff --git a/nuget/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/LockFileUpdater.cs b/nuget/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/LockFileUpdater.cs new file mode 100644 index 00000000000..22cf0095de1 --- /dev/null +++ b/nuget/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/LockFileUpdater.cs @@ -0,0 +1,27 @@ +namespace NuGetUpdater.Core; + +internal static class LockFileUpdater +{ + public static async Task UpdateLockFileAsync( + string repoRootPath, + string projectPath, + Logger logger) + { + var lockPath = Path.Combine(Path.GetDirectoryName(projectPath), "packages.lock.json"); + logger.Log($" Running for lock file"); + if (!File.Exists(lockPath)) + { + logger.Log($" File [{Path.GetRelativePath(repoRootPath, lockPath)}] does not exist."); + return; + } + + var (exitCode, stdout, stderr) = await ProcessEx.RunAsync("dotnet", $"restore --force-evaluate {projectPath}"); + if (exitCode != 0) + { + logger.Log($" Lock file update failed.\nSTDOUT:\n{stdout}\nSTDERR:\n{stderr}"); + return; + } + + logger.Log($" Saved [{Path.GetRelativePath(repoRootPath, lockPath)}]."); + } +} diff --git a/nuget/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/UpdaterWorker.cs b/nuget/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/UpdaterWorker.cs index e60bbc8f78e..eaea7b849f5 100644 --- a/nuget/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/UpdaterWorker.cs +++ b/nuget/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/UpdaterWorker.cs @@ -1,5 +1,3 @@ -using System.Diagnostics; - namespace NuGetUpdater.Core; public class UpdaterWorker @@ -41,9 +39,6 @@ public async Task RunAsync(string repoRootPath, string workspacePath, string dep case ".vbproj": await RunForProjectAsync(repoRootPath, workspacePath, dependencyName, previousDependencyVersion, newDependencyVersion, isTransitive); break; - case ".json": - await RunForPackagesLockAsync(repoRootPath, workspacePath); - break; default: _logger.Log($"File extension [{extension}] is not supported."); break; @@ -122,20 +117,6 @@ private async Task RunForProjectAsync( } } - private async Task RunForPackagesLockAsync( - string repoRootPath, - string lockPath) - { - _logger.Log($"Running for lock file [{Path.GetRelativePath(repoRootPath, lockPath)}]"); - if (!File.Exists(lockPath)) - { - _logger.Log($"File [{lockPath}] does not exist."); - return; - } - - await Process.Start("dotnet", $"restore --force-evaluate {Path.GetDirectoryName(lockPath)}").WaitForExitAsync(); - } - private async Task RunUpdaterAsync( string repoRootPath, string projectPath, @@ -160,5 +141,11 @@ private async Task RunUpdaterAsync( // Some repos use a mix of packages.config and PackageReference await SdkPackageUpdater.UpdateDependencyAsync(repoRootPath, projectPath, dependencyName, previousDependencyVersion, newDependencyVersion, isTransitive, _logger); + + // Update lock file if exists + if (File.Exists(Path.Combine(Path.GetDirectoryName(projectPath), "packages.lock.json"))) + { + await LockFileUpdater.UpdateLockFileAsync(repoRootPath, projectPath, _logger); + } } } diff --git a/nuget/lib/dependabot/nuget/file_updater.rb b/nuget/lib/dependabot/nuget/file_updater.rb index bffede25a6a..b9a40f0e844 100644 --- a/nuget/lib/dependabot/nuget/file_updater.rb +++ b/nuget/lib/dependabot/nuget/file_updater.rb @@ -25,8 +25,7 @@ def self.updated_files_regex /^dotnet-tools\.json$/i, /^Directory\.Build\.props$/i, /^Directory\.Build\.targets$/i, - /^Packages\.props$/i, - /^packages\.lock\.json$/i + /^Packages\.props$/i ] end @@ -35,11 +34,7 @@ def updated_dependency_files base_dir = T.must(dependency_files.first).directory SharedHelpers.in_a_temporary_repo_directory(base_dir, repo_contents_path) do dependencies.each do |dependency| - if try_update_projects(dependency) - try_update_packages_lock_json(dependency) - else - try_update_json(dependency) - end + try_update_projects(dependency) || try_update_json(dependency) end updated_files = dependency_files.filter_map do |f| updated_content = File.read(dependency_file_path(f)) @@ -106,22 +101,6 @@ def try_update_json(dependency) false end - sig { params(dependency: Dependabot::Dependency).returns(T::Boolean) } - def try_update_packages_lock_json(dependency) - update_ran = T.let(false, T::Boolean) - - if lock_files.any? - # run update for each lock file - lock_files.each do |lock_file| - lock_path = dependency_file_path(lock_file) - - call_nuget_updater_tool(dependency, lock_path) - end - update_ran = true - end - update_ran - end - sig { params(dependency: Dependency, proj_path: String).void } def call_nuget_updater_tool(dependency, proj_path) NativeHelpers.run_nuget_updater_tool(repo_root: T.must(repo_contents_path), proj_path: proj_path, @@ -233,13 +212,6 @@ def packages_config_files end end - sig { returns(T::Array[Dependabot::DependencyFile]) } - def lock_files - dependency_files.select do |f| - T.must(T.must(f.name.split("/").last).casecmp("packages.lock.json")).zero? - end - end - sig { override.void } def check_required_files return if project_files.any? || packages_config_files.any? From 7ec9b57e409b8aa165110d393aa76981ac3d1fa8 Mon Sep 17 00:00:00 2001 From: Jonghyo Lee Date: Sat, 21 Sep 2024 13:07:32 +0900 Subject: [PATCH 8/9] MSBuildHelper.SidelineGlobalJsonAsync --- .../Updater/LockFileUpdater.cs | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/nuget/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/LockFileUpdater.cs b/nuget/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/LockFileUpdater.cs index 22cf0095de1..7001a6368da 100644 --- a/nuget/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/LockFileUpdater.cs +++ b/nuget/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/LockFileUpdater.cs @@ -7,21 +7,22 @@ public static async Task UpdateLockFileAsync( string projectPath, Logger logger) { - var lockPath = Path.Combine(Path.GetDirectoryName(projectPath), "packages.lock.json"); - logger.Log($" Running for lock file"); + var projectDirectory = Path.GetDirectoryName(projectPath); + var lockPath = Path.Combine(projectDirectory, "packages.lock.json"); + logger.Log($" Updating lock file"); if (!File.Exists(lockPath)) { logger.Log($" File [{Path.GetRelativePath(repoRootPath, lockPath)}] does not exist."); return; } - var (exitCode, stdout, stderr) = await ProcessEx.RunAsync("dotnet", $"restore --force-evaluate {projectPath}"); - if (exitCode != 0) + await MSBuildHelper.SidelineGlobalJsonAsync(projectDirectory, repoRootPath, async () => { - logger.Log($" Lock file update failed.\nSTDOUT:\n{stdout}\nSTDERR:\n{stderr}"); - return; - } - - logger.Log($" Saved [{Path.GetRelativePath(repoRootPath, lockPath)}]."); + var (exitCode, stdout, stderr) = await ProcessEx.RunAsync("dotnet", $"restore --force-evaluate {projectPath}", workingDirectory: projectDirectory); + if (exitCode != 0) + { + logger.Log($" Lock file update failed.\nSTDOUT:\n{stdout}\nSTDERR:\n{stderr}"); + } + }, retainMSBuildSdks: true); } } From d8327431b912e9a05c21c482acd667935e933d5c Mon Sep 17 00:00:00 2001 From: Bluehill / Jonghyo Lee Date: Sat, 21 Sep 2024 13:38:05 +0900 Subject: [PATCH 9/9] Update LockFileUpdater.cs --- .../NuGetUpdater.Core/Updater/LockFileUpdater.cs | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/nuget/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/LockFileUpdater.cs b/nuget/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/LockFileUpdater.cs index 7001a6368da..0661665712d 100644 --- a/nuget/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/LockFileUpdater.cs +++ b/nuget/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/LockFileUpdater.cs @@ -9,10 +9,10 @@ public static async Task UpdateLockFileAsync( { var projectDirectory = Path.GetDirectoryName(projectPath); var lockPath = Path.Combine(projectDirectory, "packages.lock.json"); - logger.Log($" Updating lock file"); + logger.Log($" Updating lock file"); if (!File.Exists(lockPath)) { - logger.Log($" File [{Path.GetRelativePath(repoRootPath, lockPath)}] does not exist."); + logger.Log($" File [{Path.GetRelativePath(repoRootPath, lockPath)}] does not exist."); return; } @@ -21,7 +21,7 @@ await MSBuildHelper.SidelineGlobalJsonAsync(projectDirectory, repoRootPath, asyn var (exitCode, stdout, stderr) = await ProcessEx.RunAsync("dotnet", $"restore --force-evaluate {projectPath}", workingDirectory: projectDirectory); if (exitCode != 0) { - logger.Log($" Lock file update failed.\nSTDOUT:\n{stdout}\nSTDERR:\n{stderr}"); + logger.Log($" Lock file update failed.\nSTDOUT:\n{stdout}\nSTDERR:\n{stderr}"); } }, retainMSBuildSdks: true); }