New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for Directory.Packages.props file as entrypoint #7086
Conversation
Please add tests for this change Also, is there any issue where this was discussed? This is usually recommended before any pull request is created |
The issue is discussed in the issue: #5635 I will look into adding tests! |
Refactoring it sounds reasonable to me Thank you for pointing it out |
I now added some tests. I used this repo to create the fixtures The repo has drifted from what the PR originally described and looks more like this:
The intended dependabot.yml would look like this:
The reason for the drift is entirely selfish, it is more like our private repository. Still, the repo in the PR should also work. For testing I added
I wanted to do some refactoring but quickly felt out of my depth so I fell back onto doing the least work possible. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👋 Thanks for putting this up!
I'm not a NuGet expert, but the code change itself looks pretty straightforward to me, so pretty sure we'll be 👍 to ship it.
Two things:
- I have a slight preference to land Support NuGet lockfiles #6031 first if possible, as that appears to have a lot more user impact. I don't think it'll create merge conflicts since IIUC the lockfile is unrelated but just in case I'm wrong let's see. That said, if that PR author isn't responsive, then we can ship this first.
- I see tests for
file_fetcher
but notfile_parser
orfile_updater
... can you add one for each of those? Don't need anything fancy, just a simple proof that it catches aDirectory.Packages.props
file so that if someone ever refactors those regexes there's no chance of regression.
@jeffwidman |
@TobiasLaving just to clarify, did you see 2️⃣ in my comment above? Can you add those two simple tests? |
@jeffwidman Sorry about that, I intended to make the change straight away but life got in the way Yes, I saw it and just pushed it :) |
ba8139d
to
b90e654
Compare
We have a ton of repos affected by this bug. Curious roughly when we would expect to be able to leverage this fix? I'm trying to avoid having to check in slngen'd .sln files to 100s of repos as a workaround. |
@TobiasLaving What is the status on this? |
@DkSkydancer This PR is ready in my opinion |
@jeffwidman can we move forward with this please? |
@TobiasLaving @jeffwidman ping. we are still waiting for this! |
Seems @jeffwidman is out (?) |
Hey folks, Dependabot maintainer here - we've had a bit of a deploy freeze and have fallen behind on reviews. Sorry about that! I took a look at the changes and I agree that this PR is in a good state. We should be able to take a look at merging it some time this week. In the meantime, would you be able to bring it up-to-date with the base branch @TobiasLaving? The CI tests should be able to run now |
@TobiasLaving Can you the update as requested above pl? |
@DkSkydancer @Nishnha |
@Nishnha the PR should be ready now |
@Nishnha @jeffwidman Can we get a maintainer review please? |
@TobiasLaving it looks like this branch is out of date again I'm afraid :( |
@@ -70,7 +70,7 @@ def project_file_parser | |||
end | |||
|
|||
def project_files | |||
dependency_files.select { |df| df.name.match?(/\.[a-z]{2}proj$/) } | |||
dependency_files.select { |df| df.name.match?(/\.[a-z]{2}proj$|[Dd]irectory.[Pp]ackages.props/) } |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could we split this regex into two different captures and try to match against both?
Something like
dependency_files.select { |df| df.name.match?(/\.[a-z]{2}proj$|[Dd]irectory.[Pp]ackages.props/) } | |
projfile = /\.[a-z]{2}proj$/ | |
packageprops = /[Dd]irectory.[Pp]ackages.props/ | |
dependency_files.select { |df| | |
df.name.match?(projfile) || | |
df.name.match?(packageprops) | |
} |
and do the same in the file updater?
) | ||
end | ||
|
||
it "fetches the files the packages props file" do |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
typo
it "fetches the files the packages props file" do | |
it "fetches the packages props file" do |
@@ -0,0 +1,19 @@ | |||
{ | |||
"name": "Directory.Packages.props", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For anyone else reviewing, this response is for the file https://github.com/TobiasLaving/nuget-directory-packages-props-example/blob/main/Directory.Packages.props
Thank you for this contribution! I left a comment on the regex capture that I would like to see addressed before approving. We can bring this PR up-to-date before we merge it, so it's fine that it has become out-of-date with the base branch. @jeffwidman should we fork https://github.com/TobiasLaving/nuget-directory-packages-props-example into the dependabot org since it's referenced in the specs? |
Good points, I have made the changes locally sadly the dev container seems to be broken for nuget atm so I cannot run it locally: #7438 Will push once I can validate locally |
Fixed your comments, thanks for finding and fixing the docker issue! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The linter is complaining about one issue but once that's fixed the rest LGTM!
@Nishnha There, the linter is now happy 👍 Struggeled a little bit with running the lint script in the dev container, sorry about the delay |
@Nishnha |
We have a deploy-then-merge process so it's not as straightforward as pressing the merge button. That said, this PR has been merged now 😄 Thank you for the contribution! |
After looking into dependabot/dependabot-core#7086 this maybe possible Signed-off-by: Henrique Graca <999396+hjgraca@users.noreply.github.com>
Add support for Directory.Packages.props file as entrypoint
This PR will enable dependabot to use a Directory.Packages.props file as entry point, allowing the setup below:
Repo:
dependabot.yml:
Note: I have never written ruby before and I'm a bit out of my depth
This is working locally towards our repo, but I'm guessing there is a bunch of things I am missing.
I'm happy to get any feedback