Support nuget dependencies in the API
What does this MR do?
The NuGet Repository has two endpoints that the CLI nuget
will contact to get metadata about nuget packages. Among the data returned, there is a dependencyGroups
entry in the catalogEntry
entry that describes all the dependencies of the given package. Here is the official documentation on the dependencyGroups
: https://docs.microsoft.com/en-us/nuget/api/registration-base-url-resource#package-dependency-group
Currently, dependencyGroups
is hard coded to []
(see https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/app/presenters/packages/nuget/presenter_helpers.rb#L45). Under some circumstances, this will not work with Visual Studio (see #211926 (comment 311940423))
NuGet dependencies support during the upload request has been added in !30618 (merged).
This MR is the second part: exposing those dependencies in the API presenters.
This change updates an "internal" API and doesn't need a documentation update. By "internal", I mean the API is primarily targeting the CLI tool nuget
and is not meant to be used by users directly.
See #211926 (closed)
Screenshots
I tested this MR with the following dependency graph: App -> DepA -> DepB -> Moq
Visual Studio screen for DepB
Visual Studio screen for DepA
Dependencies when App = Net Core Console Application
Dependencies when App = Net Console Application
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry - [-] Documentation (if required)
-
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. - [-] Tested in all supported browsers
- [-] Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
- [-] Label as security and @ mention
@gitlab-com/gl-security/appsec
- [-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
- [-] Security reports checked/validated by a reviewer from the AppSec team