Skip to content

Commit

Permalink
Merge pull request #5874 from dependabot/honeyankit/nuget-support-for…
Browse files Browse the repository at this point in the history 
…-disable-registry

Fixed disabledPackageSources for nuget.org
  • Loading branch information
@honeyankit
honeyankit authored Oct 18, 2022
2 parents df11f99 + e49c6ff commit eaf59fb
Show file tree
Hide file tree
Showing 10 changed files with 223 additions and 148 deletions.
34 changes: 17 additions & 17 deletions nuget/lib/dependabot/nuget/update_checker/repository_finder.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ module Nuget
class UpdateChecker
class RepositoryFinder
DEFAULT_REPOSITORY_URL = "https://api.nuget.org/v3/index.json"
DEFAULT_REPOSITORY_API_KEY = "nuget.org"

def initialize(dependency:, credentials:, config_files: [])
@dependency = dependency
Expand All @@ -30,7 +31,7 @@ def find_dependency_urls
@find_dependency_urls ||=
known_repositories.flat_map do |details|
if details.fetch(:url) == DEFAULT_REPOSITORY_URL
# Save a request for the default URL, since we already how
# Save a request for the default URL, since we already know how
# it addresses packages
next default_repository_details
end
Expand Down Expand Up @@ -151,27 +152,26 @@ def config_file_repositories
def repos_from_config_file(config_file)
doc = Nokogiri::XML(config_file.content)
doc.remove_namespaces!
sources =
doc.css("configuration > packageSources > add").map do |node|
{
key:
node.attribute("key")&.value&.strip ||
node.at_xpath("./key")&.content&.strip,
url:
node.attribute("value")&.value&.strip ||
node.at_xpath("./value")&.content&.strip
}
# analogous to having a root config with the default repository
base_sources = [{ url: DEFAULT_REPOSITORY_URL, key: "nuget.org" }]

sources = []
doc.css("configuration > packageSources").children.each do |node|
if node.name == "clear"
sources.clear
base_sources.clear
else
key = node.attribute("key")&.value&.strip || node.at_xpath("./key")&.content&.strip
url = node.attribute("value")&.value&.strip || node.at_xpath("./value")&.content&.strip
sources << { url: url, key: key }
end

end
sources += base_sources # TODO: quirky overwrite behavior
disabled_sources = disabled_sources(doc)
sources.reject! do |s|
disabled_sources.include?(s[:key])
end

unless doc.css("configuration > packageSources > clear").any?
sources << { url: DEFAULT_REPOSITORY_URL, key: nil }
end

sources.reject! do |s|
known_urls = credential_repositories.map { |cr| cr.fetch(:url) }
known_urls.include?(s.fetch(:url))
Expand Down Expand Up @@ -202,7 +202,7 @@ def default_repository_details

# rubocop:disable Metrics/PerceivedComplexity
def disabled_sources(doc)
doc.css("configuration > disabledPackageSources > add").map do |node|
doc.css("configuration > disabledPackageSources > add").filter_map do |node|
value = node.attribute("value")&.value ||
node.at_xpath("./value")&.content

Expand Down
99 changes: 99 additions & 0 deletions nuget/spec/dependabot/nuget/update_checker/repository_finder_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -228,6 +228,84 @@
)
end

context "include the default repository" do
let(:config_file_fixture_name) { "include_default_disable_ext_sources.config" }

it "with disable external source" do
expect(dependency_urls).to match_array(
[{
repository_url: "https://www.myget.org/F/exceptionless/api/v3/" \
"index.json",
versions_url: "https://www.myget.org/F/exceptionless/api/v3/" \
"flatcontainer/microsoft.extensions." \
"dependencymodel/index.json",
search_url: "https://www.myget.org/F/exceptionless/api/v3/" \
"query?q=microsoft.extensions.dependencymodel" \
"&prerelease=true&semVerLevel=2.0.0",
auth_header: { "Authorization" => "Basic bXk6cGFzc3cwcmQ=" },
repository_type: "v3"
}, {
repository_url: "https://api.nuget.org/v3/index.json",
versions_url: "https://api.nuget.org/v3-flatcontainer/" \
"microsoft.extensions.dependencymodel/index.json",
search_url: "https://azuresearch-usnc.nuget.org/query" \
"?q=microsoft.extensions.dependencymodel" \
"&prerelease=true&semVerLevel=2.0.0",
auth_header: {},
repository_type: "v3"
}]
)
end
end

context "that overides the default package sources" do
let(:config_file_fixture_name) { "override_def_source_with_same_key.config" }

before do
repo_url = "https://www.myget.org/F/exceptionless/api/v3/index.json"
stub_request(:get, repo_url).
to_return(
status: 200,
body: fixture("nuget_responses", "myget_base.json")
)
end

it "when the default api key of defaut registry is provided without clear" do
expect(dependency_urls).to match_array(
[{
repository_url: "https://www.myget.org/F/exceptionless/api/v3/" \
"index.json",
versions_url: "https://www.myget.org/F/exceptionless/api/v3/" \
"flatcontainer/microsoft.extensions." \
"dependencymodel/index.json",
search_url: "https://www.myget.org/F/exceptionless/api/v3/" \
"query?q=microsoft.extensions.dependencymodel" \
"&prerelease=true&semVerLevel=2.0.0",
auth_header: {},
repository_type: "v3"
}]
)
end

let(:config_file_fixture_name) { "override_def_source_with_same_key_default.config" }
it "when the default api key of defaut registry is provided with clear" do
expect(dependency_urls).to match_array(
[{
repository_url: "https://www.myget.org/F/exceptionless/api/v3/" \
"index.json",
versions_url: "https://www.myget.org/F/exceptionless/api/v3/" \
"flatcontainer/microsoft.extensions." \
"dependencymodel/index.json",
search_url: "https://www.myget.org/F/exceptionless/api/v3/" \
"query?q=microsoft.extensions.dependencymodel" \
"&prerelease=true&semVerLevel=2.0.0",
auth_header: {},
repository_type: "v3"
}]
)
end
end

context "that doesn't include the default repository" do
let(:config_file_fixture_name) { "excludes_default.config" }

Expand Down Expand Up @@ -298,6 +376,27 @@
)
end
end

context "that has disabled default package sources" do
let(:config_file_fixture_name) { "disabled_default_sources.config" }

it "only includes the enable package sources" do
expect(dependency_urls).to match_array(
[{
repository_url: "https://www.myget.org/F/exceptionless/api/v3/" \
"index.json",
versions_url: "https://www.myget.org/F/exceptionless/api/v3/" \
"flatcontainer/microsoft.extensions." \
"dependencymodel/index.json",
search_url: "https://www.myget.org/F/exceptionless/api/v3/" \
"query?q=microsoft.extensions.dependencymodel" \
"&prerelease=true&semVerLevel=2.0.0",
auth_header: { "Authorization" => "Basic bXk6cGFzc3cwcmQ=" },
repository_type: "v3"
}]
)
end
end
end

context "that has a numeric key" do
Expand Down
44 changes: 1 addition & 43 deletions nuget/spec/fixtures/configs/clears_default.config
View file
Original file line number Diff line number Diff line change
@@ -1,37 +1,5 @@
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<config>
<!--
Used to specify the default location to expand packages.
See: nuget.exe help install
See: nuget.exe help update
In this example, %PACKAGEHOME% is an environment variable. On Mac/Linux,
use $PACKAGE_HOME/External as the value.
-->
<add key="repositoryPath" value="%PACKAGEHOME%\External" />

<!--
Used to specify default source for the push command.
See: nuget.exe help push
-->

<add key="defaultPushSource" value="https://MyRepo/ES/api/v2/package" />

<!-- Proxy settings -->
<add key="http_proxy" value="host" />
<add key="http_proxy.user" value="username" />
<add key="http_proxy.password" value="encrypted_password" />
</config>

<packageRestore>
<!-- Allow NuGet to download missing packages -->
<add key="enabled" value="True" />

<!-- Automatically check for missing packages during build in Visual Studio -->
<add key="automatic" value="True" />
</packageRestore>

<!--
Used to specify the default Sources for list, install and update.
See: nuget.exe help list
Expand All @@ -49,19 +17,9 @@
<MyRepo_x0020_-_x0020_ES>
<add key="Username" value="my" />
<add key="ClearTextPassword" value="passw0rd" />
</Test_x0020_Source>
</MyRepo_x0020_-_x0020_ES>
</packageSourceCredentials>

<!-- Used to disable package sources -->
<disabledPackageSources />

<!--
Used to specify default API key associated with sources.
See: nuget.exe help setApiKey
See: nuget.exe help push
See: nuget.exe help mirror
-->
<apikeys>
<add key="https://MyRepo/ES/api/v2/package" value="encrypted_api_key" />
</apikeys>
</configuration>
27 changes: 27 additions & 0 deletions nuget/spec/fixtures/configs/disabled_default_sources.config
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<!--
Used to specify the default Sources for list, install and update.
See: nuget.exe help list
See: nuget.exe help install
See: nuget.exe help update
-->
<packageSources>
<add key="MyRepo - ES" value="https://www.myget.org/F/exceptionless/api/v3/index.json" />
<add key="nuget.org" value="https://api.nuget.org/v3/index.json" />
</packageSources>

<!-- Used to store credentials -->
<packageSourceCredentials>
<MyRepo_x0020_-_x0020_ES>
<add key="Username" value="my" />
<add key="ClearTextPassword" value="passw0rd" />
</MyRepo_x0020_-_x0020_ES>
</packageSourceCredentials>

<!-- Used to disable package sources -->
<disabledPackageSources>
<add key="MyRepo - ES" value="false" />
<add key="nuget.org" value="true" />
</disabledPackageSources>
</configuration>
46 changes: 2 additions & 44 deletions nuget/spec/fixtures/configs/disabled_sources.config
View file
Original file line number Diff line number Diff line change
@@ -1,37 +1,5 @@
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<config>
<!--
Used to specify the default location to expand packages.
See: nuget.exe help install
See: nuget.exe help update
In this example, %PACKAGEHOME% is an environment variable. On Mac/Linux,
use $PACKAGE_HOME/External as the value.
-->
<add key="repositoryPath" value="%PACKAGEHOME%\External" />

<!--
Used to specify default source for the push command.
See: nuget.exe help push
-->

<add key="defaultPushSource" value="https://MyRepo/ES/api/v2/package" />

<!-- Proxy settings -->
<add key="http_proxy" value="host" />
<add key="http_proxy.user" value="username" />
<add key="http_proxy.password" value="encrypted_password" />
</config>

<packageRestore>
<!-- Allow NuGet to download missing packages -->
<add key="enabled" value="True" />

<!-- Automatically check for missing packages during build in Visual Studio -->
<add key="automatic" value="True" />
</packageRestore>

<!--
Used to specify the default Sources for list, install and update.
See: nuget.exe help list
Expand All @@ -50,7 +18,7 @@
<MyRepo_x0020_-_x0020_ES>
<add key="Username" value="my" />
<add key="ClearTextPassword" value="passw0rd" />
</Test_x0020_Source>
</MyRepo_x0020_-_x0020_ES>
</packageSourceCredentials>

<!-- Used to disable package sources -->
Expand All @@ -59,14 +27,4 @@
<add key="missing source" value="true" />
<add key="MyRepo - ES" value="false" />
</disabledPackageSources>

<!--
Used to specify default API key associated with sources.
See: nuget.exe help setApiKey
See: nuget.exe help push
See: nuget.exe help mirror
-->
<apikeys>
<add key="https://MyRepo/ES/api/v2/package" value="encrypted_api_key" />
</apikeys>
</configuration>
</configuration>
44 changes: 1 addition & 43 deletions nuget/spec/fixtures/configs/excludes_default.config
View file
Original file line number Diff line number Diff line change
@@ -1,37 +1,5 @@
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<config>
<!--
Used to specify the default location to expand packages.
See: nuget.exe help install
See: nuget.exe help update
In this example, %PACKAGEHOME% is an environment variable. On Mac/Linux,
use $PACKAGE_HOME/External as the value.
-->
<add key="repositoryPath" value="%PACKAGEHOME%\External" />

<!--
Used to specify default source for the push command.
See: nuget.exe help push
-->

<add key="defaultPushSource" value="https://MyRepo/ES/api/v2/package" />

<!-- Proxy settings -->
<add key="http_proxy" value="host" />
<add key="http_proxy.user" value="username" />
<add key="http_proxy.password" value="encrypted_password" />
</config>

<packageRestore>
<!-- Allow NuGet to download missing packages -->
<add key="enabled" value="True" />

<!-- Automatically check for missing packages during build in Visual Studio -->
<add key="automatic" value="True" />
</packageRestore>

<!--
Used to specify the default Sources for list, install and update.
See: nuget.exe help list
Expand All @@ -48,19 +16,9 @@
<MyRepo_x0020_-_x0020_ES>
<add key="Username" value="my" />
<add key="ClearTextPassword" value="passw0rd" />
</Test_x0020_Source>
</MyRepo_x0020_-_x0020_ES>
</packageSourceCredentials>

<!-- Used to disable package sources -->
<disabledPackageSources />

<!--
Used to specify default API key associated with sources.
See: nuget.exe help setApiKey
See: nuget.exe help push
See: nuget.exe help mirror
-->
<apikeys>
<add key="https://MyRepo/ES/api/v2/package" value="encrypted_api_key" />
</apikeys>
</configuration>
Loading

0 comments on commit eaf59fb

Please sign in to comment.