Merge remote-tracking branch 'origin/dev' into dev

Author: alexeyzimarev

.github/dependabot.yml

@@ -0,0 +1,15 @@
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    # default location of `.github/workflows`
+    directory: "/"
+    schedule:
+      interval: "weekly"
+
+  - package-ecosystem: "nuget"
+    # location of package manifests
+    directory: "/"
+    schedule:
+      interval: "daily"
+
+# Built with ❤ by [Pipeline Foundation](https://pipeline.foundation)

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,44 @@
+name: CodeQL Analysis
+
+on:
+  push:
+  pull_request:
+  workflow_dispatch:
+  schedule:
+    - cron: '0 8 * * *'
+
+jobs:
+  analyze:
+    name: codeql-analysis
+    runs-on: windows-latest
+    steps:
+      # Due to the insufficient memory allocated by default, CodeQL sometimes requires more to be manually allocated
+      - name: Configure Pagefile
+        id: config_pagefile
+        uses: al-cheb/configure-pagefile-action@v1.2
+        with:
+            minimum-size: 8GB
+            maximum-size: 32GB
+            disk-root: "D:"
+
+      - name: Checkout repository
+        id: checkout_repo
+        uses: actions/checkout@v2
+
+      - name: Initialize CodeQL
+        id: init_codeql
+        uses: github/codeql-action/init@v1
+        with:
+          queries: security-and-quality
+
+      - name: Build project
+        id: build_project
+        shell: pwsh
+        run: |
+          dotnet build ./src/RestSharp/RestSharp.csproj -c Release
+
+      - name: Perform CodeQL Analysis
+        id: analyze_codeql
+        uses: github/codeql-action/analyze@v1
+
+# Built with ❤ by [Pipeline Foundation](https://pipeline.foundation)

.github/workflows/pull-request.yml

@@ -8,7 +8,7 @@ jobs:
 
     steps:
       - uses: actions/checkout@v1
-      - uses: actions/setup-dotnet@v1
+      - uses: actions/setup-dotnet@v1.8.0
         with:
           dotnet-version: '3.1.201'
 

docs/CI-CD_DOCUMENTATION/CI-CD_DOCUMENTATION.md

@@ -0,0 +1,67 @@
+# RestSharp CI/CD documentation
+
+## 1. Set up Dependabot
+
+Dependabot is a GitHub native security tool that goes through the dependencies in the project and creates alerts, and PRs with updates when a new and/or non-vulnerable version is found.
+
+- for PRs with version updates, this pipeline comes pre-configured for all current dependency sources in the project, so at "Insights" tab -> "Dependency graph" -> "Dependabot", you should be able to see all tracked sources of dependencies, when they have been checked last and view a full log of the last check
+
+![Dependabot_tab](/docs/CI-CD_DOCUMENTATION/Dependabot_tab.png)
+
+![Dependabot_log_page](/docs/CI-CD_DOCUMENTATION/Dependabot_log_page.png)
+
+### Set up security alerts and updates
+##### - GitHub, through Dependabot, also natively offers a security check for vulnerable dependencies
+
+1. Go to the project's GitHub repository and click on the **Settings** tab
+
+2. Go to **Security & analysis** section
+
+3. Click "Enable" for both "Dependabot alerts" and "Dependabot security updates"
+
+- By enabling "Dependabot alerts", you would be notified for any vulnerable dependencies in the project. At "Security" tab -> "Dependabot alerts", you can manage all alerts. By clicking on an alert, you would be able to see a detailed explanation of the vulnerability and a viable solution.
+
+![Dependabot_alerts_page](/docs/CI-CD_DOCUMENTATION/Dependabot_alerts_page.png)
+
+![Dependabot_alert_page](/docs/CI-CD_DOCUMENTATION/Dependabot_alert_page.png)
+
+- By enabling "Dependabot security updates", you authorize Dependabot to create PRs specifically for **security updates**
+
+![Dependabot_PRs](/docs/CI-CD_DOCUMENTATION/Dependabot_PRs.png)
+
+### Set up Dependency graph
+##### - The "Dependency graph" option should be enabled by default for all public repos, but in case it isn't:
+
+1. Go to the project's GitHub repository and click on the **Settings** tab
+
+2. Go to **Security & analysis** section
+
+3. Click "Enable" for the "Dependency graph" option
+
+- this option enables the "Insights" tab -> "Dependency graph" section -> "Dependencies" tab, in which all the dependencies for the project are listed, under the different manifests they are included in
+
+![Dependabot_dependency_graph](/docs/CI-CD_DOCUMENTATION/Dependabot_dependency_graph.png)
+
+NOTE: **screenshots are only exemplary**
+
+<br>
+
+## 2. CodeQL
+
+CodeQL is GitHub's own industry-leading semantic code analysis engine. CodeQL requires no setup, because it comes fully pre-configured by us. 
+
+To activate it and see its results, only a push commit or a merge of a PR to the default branch of your repository, is required. 
+
+We've also configured CodeQL to run on schedule, so every day at 8:00AM UTC, it automatically tests the code.
+
+- you can see the results here at **Security** tab -> **Code scanning alerts** -> **CodeQL**:
+
+![CodeQL_results](/docs/CI-CD_DOCUMENTATION/CodeQL_results.png)
+
+- on the page of each result, you can see an explanation of what the problem is and also one or more solutions:
+
+![CodeQL_alert_page](/docs/CI-CD_DOCUMENTATION/CodeQL_alert_page.png)
+
+#
+
+Built with ❤ by [Pipeline Foundation](https://pipeline.foundation)

docs/CI-CD_DOCUMENTATION/CodeQL_alert_page.png

@@ -62,7 +62,7 @@ RestSharp supports sending XML or JSON body as part of the request. To add a bod
 
 There is no need to set the `Content-Type` or add the `DataFormat` parameter to the request when using those methods, RestSharp will do it for you.
 
-RestSharp will also handle both XML and JSON responses and perform all necessary deserialization tasks, depending on th server response type. Therefore, you only need to add the `Accept` header if you want to deserialize the response manually.
+RestSharp will also handle both XML and JSON responses and perform all necessary deserialization tasks, depending on the server response type. Therefore, you only need to add the `Accept` header if you want to deserialize the response manually.
 
 For example, only you'd only need these lines to make a request with JSON body:
 

docs/CI-CD_DOCUMENTATION/CodeQL_results.png

@@ -98,7 +98,7 @@ It will send a `GET` request to `https://search.me/search?foo=bar")`.
 You can also specify the query string parameter type explicitly:
 
 ```csharp
-request.AddParameter("foo", "bar", RequestType.QueryString);
+request.AddParameter("foo", "bar", ParameterType.QueryString);
 ```
 
 In some cases you might need to prevent RestSharp from encoding the query string parameter. To do so, use the `QueryStringWithoutEncode` parameter type.

docs/CI-CD_DOCUMENTATION/Dependabot_PRs.png

@@ -25,7 +25,7 @@ namespace RestSharp.Extensions
     public static class StringExtensions
     {
         static readonly Regex DateRegex    = new Regex(@"\\?/Date\((-?\d+)(-|\+)?([0-9]{4})?\)\\?/");
-        static readonly Regex NewDateRegex = new Regex(@"newDate\((-?\d+)*\)");
+        static readonly Regex NewDateRegex = new Regex(@"newDate\((-?\d+)\)");
 
         static readonly Regex IsUpperCaseRegex = new Regex(@"^[A-Z]+$");
 

docs/CI-CD_DOCUMENTATION/Dependabot_alert_page.png

@@ -116,6 +116,28 @@ public void Can_Deserialize_DateTimeOffset()
             );
         }
 
+        [Test]
+        public void Can_Deserialize_NewDateTime()
+        {
+            var payload = GetPayLoad<NewDateTimeTestStructure>("newdatetimes.json");
+
+            Assert.AreEqual(
+                new DateTime(2011, 6, 30, 8, 15, 46, 929, DateTimeKind.Utc),
+                payload.DateTime
+            );
+        }
+
+        [Test]
+        public void Can_Deserialize_Negative_NewDateTime()
+        {
+            var payload = GetPayLoad<NewDateTimeTestStructure>("newdatetimes.json");
+
+            Assert.AreEqual(
+                new DateTime(1969, 12, 31, 23, 59, 59, 999, DateTimeKind.Utc),
+                payload.DateTimeNegative
+            );
+        }
+
         [Test]
         public void Can_Deserialize_Decimal_With_Four_Zeros_After_Floating_Point()
         {

docs/CI-CD_DOCUMENTATION/Dependabot_alerts_page.png

@@ -84,6 +84,9 @@
     <None Update="SampleData\NestedListSample.xml">
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
     </None>
+    <None Update="SampleData\newdatetimes.json">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </None>
     <None Update="SampleData\objectproperty.json">
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
     </None>

docs/CI-CD_DOCUMENTATION/Dependabot_dependency_graph.png

@@ -222,6 +222,13 @@ public class Iso8601DateTimeTestStructure
         public DateTime DateTimeWithOffset { get; set; }
     }
 
+    public class NewDateTimeTestStructure
+    {
+        public DateTime DateTime { get; set; }
+
+        public DateTime DateTimeNegative { get; set; }
+    }
+
     public class TimeSpanTestStructure
     {
         public TimeSpan Tick { get; set; }

docs/CI-CD_DOCUMENTATION/Dependabot_log_page.png

@@ -0,0 +1,4 @@
+{
+    "DateTime": "new Date(1309421746929)",
+    "DateTimeNegative": "new Date(-1)"
+}