Giters

dependabot / dependabot-core

🤖 Dependabot's core logic for creating update PRs.

Home Page:https://docs.github.com/en/code-security/dependabot

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Fileparser crash when parsing microsoft.netcore.platforms/1.1.1/microsoft.netcore.platforms.nuspec

VHamar opened this issue · comments

commented

Is there an existing issue for this?

  • I have searched the existing issues

Package ecosystem

nuget

Package manager version

No response

Language version

No response

Manifest location and content before the Dependabot update

No response

dependabot.yml content

  • package-ecosystem: "nuget"
    directory: "/"
    schedule:
    interval: "daily"
    target-branch: "main"
    open-pull-requests-limit: 5
    commit-message:
    prefix: "deps:"
    batch: true

Updated dependency

No response

What you expected to see, versus what you actually saw

🌍 <-- 200 https://api.nuget.org/v3-flatcontainer/microsoft.netcore.platforms/1.1.1/microsoft.netcore.platforms.nuspec
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/_types.rb:222:in must': Passed nilinto T.must (TypeError) from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-nuget-0.253.0/lib/dependabot/nuget/file_parser.rb:26:inparse'
from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/call_validation_2_7.rb:919:in bind_call' from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/call_validation_2_7.rb:919:in block in create_validator_method_medium0'
from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-nuget-0.253.0/lib/dependabot/nuget/update_checker/dependency_finder.rb:161:in top_level_dependencies' from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/call_validation.rb:270:in bind_call'
from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/call_validation.rb:270:in validate_call' from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/_methods.rb:277:in block in _on_method_added'
from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-nuget-0.253.0/lib/dependabot/nuget/update_checker/dependency_finder.rb:98:in block in updated_peer_dependencies' from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-nuget-0.253.0/lib/dependabot/nuget/update_checker/dependency_finder.rb:92:in each'
from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-nuget-0.253.0/lib/dependabot/nuget/update_checker/dependency_finder.rb:92:in filter_map' from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-nuget-0.253.0/lib/dependabot/nuget/update_checker/dependency_finder.rb:92:in updated_peer_dependencies'
from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/call_validation.rb:270:in bind_call' from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/call_validation.rb:270:in validate_call'
from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/_methods.rb:277:in block in _on_method_added' from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-nuget-0.253.0/lib/dependabot/nuget/update_checker.rb:130:in updated_dependencies_after_full_unlock'
from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/call_validation.rb:270:in bind_call' from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/call_validation.rb:270:in validate_call'
from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/_methods.rb:277:in block in _on_method_added' from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-common-0.253.0/lib/dependabot/update_checkers/base.rb:110:in updated_dependencies'
from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/call_validation.rb:270:in bind_call' from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/call_validation.rb:270:in validate_call'
from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/_methods.rb:277:in block in _on_method_added' from bin/update_script.rb:622:in block in

'
from bin/update_script.rb:545:in each' from bin/update_script.rb:545:in '

Native package manager behavior

No response

Images of the diff or a link to the PR, issue, or logs

No response

Smallest manifest that reproduces the issue

No response

commented

Looks to me like the parser requires a dependencies section in the nuspec, but looking at the nuspec definition, dependencies are optional (0..1)