Nuget API v2 paging URL encoded links

[tomcain]

Package ecosystem
nuget
Package manager version
API v2

I'm attempting to run dependabot-core (via the docker image and a script derived from dependabot-script) on our local corporate network to integrate with our internally hosted JFrog Artifactory server.

I'm using the Artifactory Nuget v2 API (because the Artifactory Nuget v3 API has a bug which is incompatible with dependabot-core])

When accessing the v2 API endpoint, the dependabot-core version-finder class attempts to page the version results, each page contains a "next" href link to get the next page of results.

However, this "next" href link is URL encoded, and when dependabot follows that link, the paging parameters are lost. The result is that only the first page of versions are retrieved.

An example URL returned by Artifactory is:

    https://my.artifactory.server/api/nuget/repo-nuget/FindPackagesById()?id=%27My.Dependency%27&%24skip=100

A simple fix would be to URL decode the "next" link, specifically, change this line to this:

    url_details[:versions_url] = CGI::unescape(link_href)