snyk-nuget-plugin 1.34.0 → 1.36.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +1 -4
- package/dist/index.js.map +1 -1
- package/dist/nuget-parser/index.js +10 -13
- package/dist/nuget-parser/index.js.map +1 -1
- package/dist/nuget-parser/parsers/dotnet-core-v2-parser.js +7 -15
- package/dist/nuget-parser/parsers/dotnet-core-v2-parser.js.map +1 -1
- package/dist/nuget-parser/types.js.map +1 -1
- package/package.json +2 -1
package/dist/index.js
CHANGED
|
@@ -66,12 +66,9 @@ async function inspect(root, targetFile, options) {
|
|
|
66
66
|
This should be considered experimental and not relied upon for production use.
|
|
67
67
|
Please report issues with this beta feature by submitting a support ticket, and attach the output of running this command
|
|
68
68
|
with the debug (-d) flag at \x1b[4mhttps://support.snyk.io/hc/en-us/requests/new\x1b[0m.`);
|
|
69
|
-
|
|
70
|
-
const useRuntimeDependencies = true;
|
|
71
|
-
const result = await nugetParser.buildDepGraphFromFiles(root, targetFile, manifestType, options['assets-project-name'], useRuntimeDependencies, options['project-name-prefix'], options['target-framework']);
|
|
69
|
+
const result = await nugetParser.buildDepGraphFromFiles(root, targetFile, manifestType, options['assets-project-name'], options['project-name-prefix'], options['target-framework']);
|
|
72
70
|
return {
|
|
73
71
|
dependencyGraph: result.dependencyGraph,
|
|
74
|
-
package: 'n/a',
|
|
75
72
|
plugin: {
|
|
76
73
|
name: 'snyk-nuget-plugin',
|
|
77
74
|
targetFile,
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../lib/index.ts"],"names":[],"mappings":";;;AAAA,8CAA8C;AAC9C,6BAA6B;AAC7B,iDAAiD;AACjD,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../lib/index.ts"],"names":[],"mappings":";;;AAAA,8CAA8C;AAC9C,6BAA6B;AAC7B,iDAAiD;AACjD,gDAAoD;AAEpD,qCAIkB;AAElB,SAAS,qBAAqB,CAAC,QAAgB;IAC7C,QAAQ,IAAI,EAAE;QACZ,KAAK,eAAe,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;YACnC,OAAO,oBAAY,CAAC,YAAY,CAAC;SAClC;QACD,KAAK,sBAAsB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;YAC1C,OAAO,oBAAY,CAAC,WAAW,CAAC;SACjC;QACD,KAAK,kBAAkB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;YACtC,OAAO,oBAAY,CAAC,eAAe,CAAC;SACrC;QACD,KAAK,qBAAqB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;YACzC,OAAO,oBAAY,CAAC,KAAK,CAAC;SAC3B;QACD,OAAO,CAAC,CAAC;YACP,MAAM,IAAI,0BAAiB,CACzB,wCAAwC,GAAG,QAAQ,CACpD,CAAC;SACH;KACF;AACH,CAAC;AAEM,KAAK,UAAU,OAAO,CAC3B,IAAI,EACJ,UAAU,EACV,OAAQ;IAER,OAAO,GAAG,OAAO,IAAI,EAAE,CAAC;IACxB,IAAI,YAA0B,CAAC;IAC/B,IAAI;QACF,YAAY,GAAG,qBAAqB,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,IAAI,IAAI,CAAC,CAAC,CAAC;KACzE;IAAC,OAAO,KAAc,EAAE;QACvB,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;KAC9B;IAED,MAAM,iBAAiB,GAAG,CAAC,OAAO,EAAiC,EAAE;QACnE,MAAM,eAAe,GAAG,OAAO,CAAC,IAAI;YAClC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,eAAe;YAC9B,CAAC,CAAC,SAAS,CAAC;QACd,OAAO,OAAO,CAAC,IAAI,CAAC;QACpB,OAAO;YACL,OAAO,EAAE,OAAO;YAChB,MAAM,EAAE;gBACN,IAAI,EAAE,mBAAmB;gBACzB,UAAU;gBACV,aAAa,EAAE,eAAe;aAC/B;SACF,CAAC;IACJ,CAAC,CAAC;IAEF,IAAI,YAAY,KAAK,oBAAY,CAAC,KAAK,EAAE;QACvC,OAAO,WAAW;aACf,qBAAqB,CACpB,IAAI,EACJ,UAAU,EACV,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,YAAY,CAAC,EACjD,OAAO,CAAC,aAAa,CAAC,IAAI,OAAO,CAAC,GAAG,EAAE,gDAAgD;QACvF,OAAO,CAAC,MAAM,CACf;aACA,IAAI,CAAC,iBAAiB,CAAC,CAAC;KAC5B;IAED,IAAI,OAAO,CAAC,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC,2BAA2B,CAAC,EAAE;QACxE,OAAO,OAAO,CAAC,MAAM,CACnB,IAAI,wBAAe,CACjB,2IAA2I,CAC5I,CACF,CAAC;KACH;IAED,IAAI,OAAO,CAAC,2BAA2B,CAAC,EAAE;QACxC,IAAI,YAAY,KAAK,oBAAY,CAAC,WAAW,EAAE;YAC7C,OAAO,OAAO,CAAC,MAAM,CACnB,IAAI,gCAAuB,CACzB,kMAAkM,YAAY,GAAG,CAClN,CACF,CAAC;SACH;QAED,OAAO,CAAC,GAAG,CAAC;;;;yFAIyE,CAAC,CAAC;QAEvF,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,sBAAsB,CACrD,IAAI,EACJ,UAAU,EACV,YAAY,EACZ,OAAO,CAAC,qBAAqB,CAAC,EAC9B,OAAO,CAAC,qBAAqB,CAAC,EAC9B,OAAO,CAAC,kBAAkB,CAAC,CAC5B,CAAC;QACF,OAAO;YACL,eAAe,EAAE,MAAM,CAAC,eAAe;YACvC,MAAM,EAAE;gBACN,IAAI,EAAE,mBAAmB;gBACzB,UAAU;gBACV,aAAa,EAAE,MAAM,CAAC,eAAe;aACtC;SACF,CAAC;KACH;IAED,OAAO,WAAW;SACf,qBAAqB,CACpB,IAAI,EACJ,UAAU,EACV,OAAO,CAAC,cAAc,EACtB,YAAY,EACZ,OAAO,CAAC,qBAAqB,CAAC,EAC9B,OAAO,CAAC,qBAAqB,CAAC,CAC/B;SACA,IAAI,CAAC,iBAAiB,CAAC,CAAC;AAC7B,CAAC;AA3FD,0BA2FC"}
|
|
@@ -55,7 +55,7 @@ function getFileContents(fileContentPath) {
|
|
|
55
55
|
throw new errors_1.FileNotProcessableError(error);
|
|
56
56
|
}
|
|
57
57
|
}
|
|
58
|
-
async function buildDepGraphFromFiles(root, targetFile, manifestType, useProjectNameFromAssetsFile,
|
|
58
|
+
async function buildDepGraphFromFiles(root, targetFile, manifestType, useProjectNameFromAssetsFile, projectNamePrefix, targetFramework) {
|
|
59
59
|
var _a, _b;
|
|
60
60
|
const safeRoot = root || '.';
|
|
61
61
|
const safeTargetFile = targetFile || '.';
|
|
@@ -97,19 +97,16 @@ Supply a targetFramework by using the \x1b[1m--target-framework\x1b[0m argument.
|
|
|
97
97
|
else {
|
|
98
98
|
decidedTargetFramework = targetFramework;
|
|
99
99
|
}
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
if (!runtimeAssembly.isSupported(decidedTargetFramework)) {
|
|
103
|
-
throw new errors_1.FileNotProcessableError(`runtime resolution flag is currently only supported for: .NET versions 5 and higher, all versions of .NET Core and all versions of .NET Standard projects. Supplied versions was parsed as: ${decidedTargetFramework}.`);
|
|
104
|
-
}
|
|
105
|
-
// Ensure `dotnet` is installed on the system or fail trying.
|
|
106
|
-
await dotnet.validate();
|
|
107
|
-
// Run `dotnet publish` to create a self-contained publishable binary with included .dlls for assembly version inspection.
|
|
108
|
-
const publishDir = await dotnet.publish(projectRootFolder, decidedTargetFramework);
|
|
109
|
-
// Then inspect the dependency graph for the runtimepackage's assembly versions.
|
|
110
|
-
const depsFile = path.resolve(publishDir, `${projectNameFromManifestFile}.deps.json`);
|
|
111
|
-
assemblyVersions = runtimeAssembly.generateRuntimeAssemblies(depsFile);
|
|
100
|
+
if (!runtimeAssembly.isSupported(decidedTargetFramework)) {
|
|
101
|
+
throw new errors_1.FileNotProcessableError(`runtime resolution flag is currently only supported for: .NET versions 5 and higher, all versions of .NET Core and all versions of .NET Standard projects. Supplied versions was parsed as: ${decidedTargetFramework}.`);
|
|
112
102
|
}
|
|
103
|
+
// Ensure `dotnet` is installed on the system or fail trying.
|
|
104
|
+
await dotnet.validate();
|
|
105
|
+
// Run `dotnet publish` to create a self-contained publishable binary with included .dlls for assembly version inspection.
|
|
106
|
+
const publishDir = await dotnet.publish(projectRootFolder, decidedTargetFramework);
|
|
107
|
+
// Then inspect the dependency graph for the runtimepackage's assembly versions.
|
|
108
|
+
const depsFile = path.resolve(publishDir, `${projectNameFromManifestFile}.deps.json`);
|
|
109
|
+
const assemblyVersions = runtimeAssembly.generateRuntimeAssemblies(depsFile);
|
|
113
110
|
const depGraph = parser.depParser.parse(resolvedProjectName, manifest, assemblyVersions);
|
|
114
111
|
return {
|
|
115
112
|
dependencyGraph: depGraph,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../lib/nuget-parser/index.ts"],"names":[],"mappings":";;;AAAA,yBAAyB;AACzB,6BAA6B;AAC7B,wDAAwD;AACxD,qCAAqC;AACrC,iEAAiE;AACjE,sEAAsE;AACtE,2EAA2E;AAC3E,mEAAmE;AACnE,yEAAyE;AACzE,sCAAoD;AACpD,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../lib/nuget-parser/index.ts"],"names":[],"mappings":";;;AAAA,yBAAyB;AACzB,6BAA6B;AAC7B,wDAAwD;AACxD,qCAAqC;AACrC,iEAAiE;AACjE,sEAAsE;AACtE,2EAA2E;AAC3E,mEAAmE;AACnE,yEAAyE;AACzE,sCAAoD;AACpD,mCAAwD;AAExD,uCAAuC;AACvC,sDAAsD;AAEtD,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;AAElC,MAAM,OAAO,GAAG;IACd,aAAa,EAAE;QACb,SAAS,EAAE,gBAAgB;QAC3B,iBAAiB,EAAE,IAAI;KACxB;IACD,gBAAgB,EAAE;QAChB,SAAS,EAAE,kBAAkB;QAC7B,iBAAiB,EAAE,IAAI;KACxB;IACD,iBAAiB,EAAE;QACjB,SAAS,EAAE,qBAAqB;QAChC,iBAAiB,EAAE,oBAAoB;KACxC;IACD,cAAc,EAAE;QACd,SAAS,EAAE,qBAAqB;QAChC,iBAAiB,EAAE,iBAAiB;KACrC;CACF,CAAC;AAEF,SAAS,iBAAiB,CAAC,cAAc,EAAE,iBAAiB;IAC1D,IAAI,cAAc,EAAE;QAClB,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,cAAc,CAAC,CAAC;KACpD;IACD,OAAO,IAAI,CAAC,OAAO,CAAC,iBAAiB,EAAE,UAAU,CAAC,CAAC;AACrD,CAAC;AAED,SAAS,WAAW,CAClB,IAAa,EACb,iBAA0B,EAC1B,iBAA0B;IAE1B,MAAM,eAAe,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,iBAAiB,IAAI,EAAE,CAAC,CAAC;IACvE,IAAI,iBAAiB,EAAE;QACrB,OAAO,iBAAiB,GAAG,eAAe,CAAC;KAC5C;IACD,OAAO,eAAe,CAAC;AACzB,CAAC;AAED,SAAS,eAAe,CAAC,eAAuB;IAC9C,IAAI;QACF,KAAK,CAAC,sBAAsB,eAAe,EAAE,CAAC,CAAC;QAC/C,OAAO,EAAE,CAAC,YAAY,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;KAClD;IAAC,OAAO,KAAc,EAAE;QACvB,MAAM,IAAI,gCAAuB,CAAC,KAAK,CAAC,CAAC;KAC1C;AACH,CAAC;AAEM,KAAK,UAAU,sBAAsB,CAC1C,IAAwB,EACxB,UAA8B,EAC9B,YAA0B,EAC1B,4BAAqC,EACrC,iBAA0B,EAC1B,eAAwB;;IAKxB,MAAM,QAAQ,GAAG,IAAI,IAAI,GAAG,CAAC;IAC7B,MAAM,cAAc,GAAG,UAAU,IAAI,GAAG,CAAC;IACzC,MAAM,eAAe,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;IAC/D,MAAM,WAAW,GAAG,eAAe,CAAC,eAAe,CAAC,CAAC;IACrD,MAAM,iBAAiB,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,QAAQ,CAAC,CAAC;IAClE,MAAM,gBAAgB,GAAG,YAAY;SAClC,+BAA+B,CAAC,iBAAiB,CAAC;QACnD,qDAAqD;SACpD,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC;IAE5B,IAAI,gBAAgB,CAAC,MAAM,IAAI,CAAC,EAAE;QAChC,MAAM,IAAI,gCAAuB,CAC/B,0CAA0C,iBAAiB,qDAAqD,CACjH,CAAC;KACH;IAED,IAAI,eAAe,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,eAAe,CAAC,EAAE;QAClE,OAAO,CAAC,GAAG,CAAC,6DAA6D,eAAe;gEAC5B,gBAAgB,CAAC,IAAI,CAC/E,GAAG,CACJ;6EACwE,CAAC,CAAC;KAC5E;IAED,MAAM,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;IACzC,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;IAEnE,IAAI,mBAAmB,GAAG,WAAW,CACnC,IAAI,EACJ,iBAAiB,EACjB,iBAAiB,CAClB,CAAC;IAEF,MAAM,2BAA2B,GAAG,MAAA,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,OAAO,0CAAE,OAAO,0CAAE,WAAW,CAAC;IAC5E,IACE,YAAY,KAAK,oBAAY,CAAC,WAAW;QACzC,4BAA4B,EAC5B;QACA,IAAI,2BAA2B,EAAE;YAC/B,mBAAmB,GAAG,2BAA2B,CAAC;SACnD;aAAM;YACL,KAAK,CACH,4FAA4F,mBAAmB,EAAE,CAClH,CAAC;SACH;KACF;IAED,qDAAqD;IACrD,IAAI,sBAA8B,CAAC;IACnC,IAAI,CAAC,eAAe,EAAE;QACpB,OAAO,CAAC,GAAG,CAAC,kGAAkG,gBAAgB,CAAC,CAAC,CAAC;iFACpD,CAAC,CAAC;QAC/E,sBAAsB,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC;KAC9C;SAAM;QACL,sBAAsB,GAAG,eAAe,CAAC;KAC1C;IAED,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC,sBAAsB,CAAC,EAAE;QACxD,MAAM,IAAI,gCAAuB,CAC/B,+LAA+L,sBAAsB,GAAG,CACzN,CAAC;KACH;IAED,6DAA6D;IAC7D,MAAM,MAAM,CAAC,QAAQ,EAAE,CAAC;IAExB,0HAA0H;IAC1H,MAAM,UAAU,GAAG,MAAM,MAAM,CAAC,OAAO,CACrC,iBAAiB,EACjB,sBAAsB,CACvB,CAAC;IACF,gFAAgF;IAChF,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAC3B,UAAU,EACV,GAAG,2BAA2B,YAAY,CAC3C,CAAC;IACF,MAAM,gBAAgB,GAAG,eAAe,CAAC,yBAAyB,CAAC,QAAQ,CAAC,CAAC;IAE7E,MAAM,QAAQ,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,CACrC,mBAAmB,EACnB,QAAQ,EACR,gBAAgB,CACjB,CAAC;IACF,OAAO;QACL,eAAe,EAAE,QAAQ;QACzB,eAAe,EAAE,sBAAsB;KACxC,CAAC;AACJ,CAAC;AAlGD,wDAkGC;AAEM,KAAK,UAAU,qBAAqB,CACzC,IAAwB,EACxB,UAA8B,EAC9B,kBAAsC,EACtC,YAA0B,EAC1B,4BAAqC,EACrC,iBAA0B;;IAE1B,MAAM,QAAQ,GAAG,IAAI,IAAI,GAAG,CAAC;IAC7B,MAAM,cAAc,GAAG,UAAU,IAAI,GAAG,CAAC;IACzC,MAAM,eAAe,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;IAC/D,MAAM,WAAW,GAAG,eAAe,CAAC,eAAe,CAAC,CAAC;IACrD,MAAM,iBAAiB,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,QAAQ,CAAC,CAAC;IAClE,MAAM,cAAc,GAAG,iBAAiB,CACtC,kBAAkB,EAClB,iBAAiB,CAClB,CAAC;IAEF,MAAM,IAAI,GAAG;QACX,YAAY,EAAE,EAAE;QAChB,IAAI,EAAE,EAAE;QACR,IAAI,EAAE,WAAW,CAAC,IAAI,EAAE,iBAAiB,EAAE,iBAAiB,CAAC;QAC7D,oBAAoB,EAAE,aAAa;QACnC,OAAO,EAAE,OAAO;KACjB,CAAC;IAEF,IAAI,gBAAmC,CAAC;IACxC,IAAI;QACF,IAAI,YAAY,KAAK,oBAAY,CAAC,WAAW,EAAE;YAC7C,gBAAgB;gBACd,YAAY,CAAC,+BAA+B,CAAC,iBAAiB,CAAC,CAAC;SACnE;aAAM;YACL,sEAAsE;YACtE,MAAM,0BAA0B,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,KAAK,CAAC,CAAC;YACxE,gBAAgB,GAAG,YAAY,CAAC,+BAA+B,CAC7D,0BAA0B,CAC3B,CAAC;YAEF,+FAA+F;YAC/F,IAAI,gBAAgB,CAAC,MAAM,IAAI,CAAC,EAAE;gBAChC,+CAA+C;gBAC/C,IAAI,YAAY,KAAK,oBAAY,CAAC,eAAe,EAAE;oBACjD,MAAM,sBAAsB,GAC1B,MAAM,oBAAoB,CAAC,yBAAyB,CAAC,WAAW,CAAC,CAAC;oBACpE,IAAI,sBAAsB,EAAE;wBAC1B,gBAAgB,GAAG,CAAC,sBAAsB,CAAC,CAAC;qBAC7C;iBACF;aACF;SACF;KACF;IAAC,OAAO,KAAc,EAAE;QACvB,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;KAC9B;IAED,2DAA2D;IAC3D,MAAM,eAAe,GACnB,gBAAgB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;IACzE,IAAI,CAAC,IAAI,GAAG;QACV,eAAe,EAAE,eAAe;KACjC,CAAC;IAEF,MAAM,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACrC,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,KAAK,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;IAEzE,IACE,YAAY,KAAK,oBAAY,CAAC,WAAW;QACzC,4BAA4B,EAC5B;QACA,MAAM,WAAW,GAAG,MAAA,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,OAAO,0CAAE,OAAO,0CAAE,WAAW,CAAC;QAE5D,IAAI,WAAW,EAAE;YACf,IAAI,CAAC,IAAI,GAAG,WAAW,CAAC;SACzB;aAAM;YACL,KAAK,CACH,2FAA2F;gBACzF,IAAI,CAAC,IAAI,CACZ,CAAC;SACH;KACF;IAED,OAAO,MAAM,CAAC,SAAS,CAAC,KAAK,CAC3B,IAAI,EACJ,QAAQ,EACR,eAAe,EACf,cAAc,CACf,CAAC;AACJ,CAAC;AAtFD,sDAsFC"}
|
|
@@ -19,16 +19,14 @@ function recursivelyPopulateNodes(depGraphBuilder, targetDeps, node, runtimeAsse
|
|
|
19
19
|
version,
|
|
20
20
|
};
|
|
21
21
|
const childId = `${childNode.name}@${childNode.version}`;
|
|
22
|
-
// If we'
|
|
22
|
+
// If we're looking at a runtime assembly version for self-contained dlls, overwrite the dependency version
|
|
23
23
|
// we've found in the graph with those from the runtime assembly, as they take precedence.
|
|
24
24
|
let assemblyVersion = version;
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
assemblyVersion = runtimeAssembly[dll];
|
|
31
|
-
}
|
|
25
|
+
// The RuntimeAssembly type contains the name with a .dll suffix, as this is how .NET represents them in the
|
|
26
|
+
// dependency file. This must be stripped in order to match the elements during depGraph construction.
|
|
27
|
+
const dll = `${name}.dll`;
|
|
28
|
+
if (dll in runtimeAssembly) {
|
|
29
|
+
assemblyVersion = runtimeAssembly[dll];
|
|
32
30
|
}
|
|
33
31
|
if (localVisited.has(childId)) {
|
|
34
32
|
const prunedId = `${childId}:pruned`;
|
|
@@ -88,13 +86,7 @@ function buildGraph(projectName, projectAssets, runtimeAssembly) {
|
|
|
88
86
|
}
|
|
89
87
|
function parse(projectName, projectAssets, runtimeAssembly) {
|
|
90
88
|
debug('Trying to parse .net core manifest with v2 depGraph builder');
|
|
91
|
-
|
|
92
|
-
if (!runtimeAssembly) {
|
|
93
|
-
result = buildGraph(projectName, projectAssets);
|
|
94
|
-
}
|
|
95
|
-
else {
|
|
96
|
-
result = buildGraph(projectName, projectAssets, runtimeAssembly);
|
|
97
|
-
}
|
|
89
|
+
const result = buildGraph(projectName, projectAssets, runtimeAssembly);
|
|
98
90
|
return result;
|
|
99
91
|
}
|
|
100
92
|
exports.parse = parse;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"dotnet-core-v2-parser.js","sourceRoot":"","sources":["../../../lib/nuget-parser/parsers/dotnet-core-v2-parser.ts"],"names":[],"mappings":";;;AAAA,qCAAqC;AAErC,+CAAkD;AAElD,yCAAuD;AAEvD,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;AAiBlC,oDAAoD;AACpD,MAAM,0BAA0B,GAAG,CAAC,SAAS,CAAC,CAAC;AAE/C,SAAS,wBAAwB,CAC/B,eAAgC,EAChC,UAAyC,EACzC,IAAmB,EACnB,
|
|
1
|
+
{"version":3,"file":"dotnet-core-v2-parser.js","sourceRoot":"","sources":["../../../lib/nuget-parser/parsers/dotnet-core-v2-parser.ts"],"names":[],"mappings":";;;AAAA,qCAAqC;AAErC,+CAAkD;AAElD,yCAAuD;AAEvD,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;AAiBlC,oDAAoD;AACpD,MAAM,0BAA0B,GAAG,CAAC,SAAS,CAAC,CAAC;AAE/C,SAAS,wBAAwB,CAC/B,eAAgC,EAChC,UAAyC,EACzC,IAAmB,EACnB,eAAiC,EACjC,OAAqB;IAErB,MAAM,QAAQ,GACZ,IAAI,CAAC,IAAI,KAAK,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;IAEtE,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,IAAI,EAAE,CAAC,EAAE;QAC7D,MAAM,YAAY,GAAG,OAAO,IAAI,IAAI,GAAG,EAAU,CAAC;QAClD,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QACxB,MAAM,OAAO,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QAE3B,MAAM,SAAS,GAAG;YAChB,GAAG,UAAU,CAAC,GAAG,IAAI,IAAI,OAAO,EAAE,CAAC;YACnC,IAAI;YACJ,OAAO;SACR,CAAC;QAEF,MAAM,OAAO,GAAG,GAAG,SAAS,CAAC,IAAI,IAAI,SAAS,CAAC,OAAO,EAAE,CAAC;QAEzD,4GAA4G;QAC5G,0FAA0F;QAC1F,IAAI,eAAe,GAAG,OAAO,CAAC;QAC9B,4GAA4G;QAC5G,sGAAsG;QACtG,MAAM,GAAG,GAAG,GAAG,IAAI,MAAM,CAAC;QAC1B,IAAI,GAAG,IAAI,eAAe,EAAE;YAC1B,eAAe,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;SACxC;QAED,IAAI,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE;YAC7B,MAAM,QAAQ,GAAG,GAAG,OAAO,SAAS,CAAC;YACrC,eAAe,CAAC,UAAU,CACxB,EAAE,IAAI,EAAE,SAAS,CAAC,IAAI,EAAE,OAAO,EAAE,eAAe,EAAE,EAClD,QAAQ,EACR;gBACE,MAAM,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE;aAC3B,CACF,CAAC;YACF,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;YAC/C,SAAS;SACV;QAED,eAAe,CAAC,UAAU,CACxB,EAAE,IAAI,EAAE,SAAS,CAAC,IAAI,EAAE,OAAO,EAAE,eAAe,EAAE,EAClD,OAAO,CACR,CAAC;QACF,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC9C,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAE1B,wBAAwB,CACtB,eAAe,EACf,UAAU,EACV,SAAS,EACT,eAAe,EACf,YAAY,CACb,CAAC;KACH;AACH,CAAC;AAED,SAAS,UAAU,CACjB,WAAmB,EACnB,aAA4B,EAC5B,eAAiC;IAEjC,MAAM,eAAe,GAAG,IAAI,2BAAe,CACzC,EAAE,IAAI,EAAE,OAAO,EAAE,EACjB;QACE,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,aAAa,CAAC,OAAO,CAAC,OAAO;KACvC,CACF,CAAC;IAEF,IAAI,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,MAAM,IAAI,CAAC,EAAE;QAC7D,MAAM,IAAI,gCAAuB,CAC/B,2CAA2C,CAC5C,CAAC;KACH;IAED,MAAM,eAAe,GAAG,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,6BAA6B;IACvG,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAC9B,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC,YAAY,CAC/D,CAAC;IAEF,gHAAgH;IAChH,wHAAwH;IACxH,IAAI,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,MAAM,IAAI,CAAC,EAAE;QAClD,MAAM,IAAI,gCAAuB,CAC/B,gDAAgD,CACjD,CAAC;KACH;IAED,oHAAoH;IACpH,6BAA6B;IAC7B,MAAM,2BAA2B,GAAG,MAAM,CAAC,MAAM,CAC/C,aAAa,CAAC,OAAO,CACtB,CAAC,CAAC,CAAkC,CAAC;IAEtC,mHAAmH;IACnH,MAAM,UAAU,GAAkC,MAAM,CAAC,OAAO,CAC9D,2BAA2B,CAC5B,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE;QACtB,MAAM,CAAC,eAAe,EAAE,GAAG,CAAC,GAAG,KAAK,CAAC;QAErC,uHAAuH;QACvH,IACE,0BAA0B,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CACzC,eAAe,CAAC,UAAU,CAAC,MAAM,CAAC,CACnC,EACD;YACA,OAAO,GAAG,CAAC;SACZ;QAED,OAAO,EAAE,GAAG,GAAG,EAAE,CAAC,eAAe,CAAC,EAAE,GAAG,EAAE,CAAC;IAC5C,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,MAAM,mBAAmB,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,eAAe,EAAE,EAAE;QACvE,MAAM,eAAe,GAAG,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CACjE,SAAS,CAAC,UAAU,CAAC,eAAe,CAAC,CACtC,CAAC;QACF,IAAI,CAAC,eAAe,EAAE;YACpB,MAAM,IAAI,KAAK,CACb,2EAA2E,CAC5E,CAAC;SACH;QAED,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,eAAe,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAEnD,OAAO,EAAE,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,CAAC;IACrC,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,MAAM,QAAQ,GAAG;QACf,IAAI,EAAE,MAAM;QACZ,YAAY,EAAE,mBAAmB;KACjB,CAAC;IAEnB,wBAAwB,CACtB,eAAe,EACf,UAAU,EACV,QAAQ,EACR,eAAe,CAChB,CAAC;IAEF,OAAO,eAAe,CAAC,KAAK,EAAE,CAAC;AACjC,CAAC;AAED,SAAgB,KAAK,CACnB,WAAmB,EACnB,aAA4B,EAC5B,eAAiC;IAEjC,KAAK,CAAC,6DAA6D,CAAC,CAAC;IAErE,MAAM,MAAM,GAAG,UAAU,CAAC,WAAW,EAAE,aAAa,EAAE,eAAe,CAAC,CAAC;IACvE,OAAO,MAAM,CAAC;AAChB,CAAC;AATD,sBASC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../lib/nuget-parser/types.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../lib/nuget-parser/types.ts"],"names":[],"mappings":";;;AAuBA,IAAY,YAKX;AALD,WAAY,YAAY;IACtB,6CAA6B,CAAA;IAC7B,2CAA2B,CAAA;IAC3B,mDAAmC,CAAA;IACnC,+BAAe,CAAA;AACjB,CAAC,EALW,YAAY,4BAAZ,YAAY,QAKvB"}
|
package/package.json
CHANGED
|
@@ -36,6 +36,7 @@
|
|
|
36
36
|
},
|
|
37
37
|
"homepage": "https://github.com/snyk/snyk-nuget-plugin#readme",
|
|
38
38
|
"dependencies": {
|
|
39
|
+
"@snyk/cli-interface": "^2.13.0",
|
|
39
40
|
"@snyk/dep-graph": "^2.7.1",
|
|
40
41
|
"debug": "^4.3.4",
|
|
41
42
|
"dotnet-deps-parser": "5.3.0",
|
|
@@ -56,5 +57,5 @@
|
|
|
56
57
|
"ts-jest": "^29.1.1",
|
|
57
58
|
"typescript": "^5.1.6"
|
|
58
59
|
},
|
|
59
|
-
"version": "1.
|
|
60
|
+
"version": "1.36.0"
|
|
60
61
|
}
|