Add support for Directory.Packages.props file as entrypoint #7086
Conversation
|
Please add tests for this change Also, is there any issue where this was discussed? This is usually recommended before any pull request is created |
|
The issue is discussed in the issue: #5635 I will look into adding tests! |
Refactoring it sounds reasonable to me Thank you for pointing it out |
|
I now added some tests. I used this repo to create the fixtures The repo has drifted from what the PR originally described and looks more like this: The intended dependabot.yml would look like this: The reason for the drift is entirely selfish, it is more like our private repository. Still, the repo in the PR should also work. For testing I added
I wanted to do some refactoring but quickly felt out of my depth so I fell back onto doing the least work possible. |
There was a problem hiding this comment.
👋 Thanks for putting this up!
I'm not a NuGet expert, but the code change itself looks pretty straightforward to me, so pretty sure we'll be 👍 to ship it.
Two things:
- I have a slight preference to land Support NuGet lockfiles #6031 first if possible, as that appears to have a lot more user impact. I don't think it'll create merge conflicts since IIUC the lockfile is unrelated but just in case I'm wrong let's see. That said, if that PR author isn't responsive, then we can ship this first.
- I see tests for
file_fetcherbut notfile_parserorfile_updater... can you add one for each of those? Don't need anything fancy, just a simple proof that it catches aDirectory.Packages.propsfile so that if someone ever refactors those regexes there's no chance of regression.
|
@jeffwidman |
|
@TobiasLaving just to clarify, did you see 2️⃣ in my comment above? Can you add those two simple tests? |
|
@jeffwidman Sorry about that, I intended to make the change straight away but life got in the way Yes, I saw it and just pushed it :) |
TobiasLaving
force-pushed
the
main
branch
3 times, most recently
from
ba8139d
to
b90e654
Compare
|
We have a ton of repos affected by this bug. Curious roughly when we would expect to be able to leverage this fix? I'm trying to avoid having to check in slngen'd .sln files to 100s of repos as a workaround. |
|
@TobiasLaving What is the status on this? |
|
@DkSkydancer This PR is ready in my opinion |
|
@jeffwidman can we move forward with this please? |
|
@TobiasLaving @jeffwidman ping. we are still waiting for this! |
|
Seems @jeffwidman is out (?) |
|
Hey folks, Dependabot maintainer here - we've had a bit of a deploy freeze and have fallen behind on reviews. Sorry about that! I took a look at the changes and I agree that this PR is in a good state. We should be able to take a look at merging it some time this week. In the meantime, would you be able to bring it up-to-date with the base branch @TobiasLaving? The CI tests should be able to run now |
|
@TobiasLaving Can you the update as requested above pl? |
|
@DkSkydancer @Nishnha |
|
@Nishnha the PR should be ready now |
|
@Nishnha @jeffwidman Can we get a maintainer review please? |
|
@TobiasLaving it looks like this branch is out of date again I'm afraid :( |
| @@ -70,7 +70,7 @@ def project_file_parser | |||
| end | |||
|
|
|||
| def project_files | |||
| dependency_files.select { |df| df.name.match?(/\.[a-z]{2}proj$/) } | |||
| dependency_files.select { |df| df.name.match?(/\.[a-z]{2}proj$|[Dd]irectory.[Pp]ackages.props/) } | |||
There was a problem hiding this comment.
Could we split this regex into two different captures and try to match against both?
Something like
| dependency_files.select { |df| df.name.match?(/\.[a-z]{2}proj$|[Dd]irectory.[Pp]ackages.props/) } | |
| projfile = /\.[a-z]{2}proj$/ | |
| packageprops = /[Dd]irectory.[Pp]ackages.props/ | |
| dependency_files.select { |df| | |
| df.name.match?(projfile) || | |
| df.name.match?(packageprops) | |
| } |
and do the same in the file updater?
| ) | ||
| end | ||
|
|
||
| it "fetches the files the packages props file" do |
There was a problem hiding this comment.
typo
| it "fetches the files the packages props file" do | |
| it "fetches the packages props file" do |
| @@ -0,0 +1,19 @@ | |||
| { | |||
| "name": "Directory.Packages.props", | |||
There was a problem hiding this comment.
For anyone else reviewing, this response is for the file https://github.com/TobiasLaving/nuget-directory-packages-props-example/blob/main/Directory.Packages.props
|
Thank you for this contribution! I left a comment on the regex capture that I would like to see addressed before approving. We can bring this PR up-to-date before we merge it, so it's fine that it has become out-of-date with the base branch. @jeffwidman should we fork https://github.com/TobiasLaving/nuget-directory-packages-props-example into the dependabot org since it's referenced in the specs? |
|
Good points, I have made the changes locally sadly the dev container seems to be broken for nuget atm so I cannot run it locally: #7438 Will push once I can validate locally |
|
Fixed your comments, thanks for finding and fixing the docker issue! |
|
@Nishnha There, the linter is now happy 👍 Struggeled a little bit with running the lint script in the dev container, sorry about the delay |
|
@Nishnha |
|
We have a deploy-then-merge process so it's not as straightforward as pressing the merge button. That said, this PR has been merged now 😄 Thank you for the contribution! |
After looking into dependabot/dependabot-core#7086 this maybe possible Signed-off-by: Henrique Graca <999396+hjgraca@users.noreply.github.com>
Add support for Directory.Packages.props file as entrypoint
This PR will enable dependabot to use a Directory.Packages.props file as entry point, allowing the setup below:
Repo:
dependabot.yml:
Note: I have never written ruby before and I'm a bit out of my depth
This is working locally towards our repo, but I'm guessing there is a bunch of things I am missing.
I'm happy to get any feedback