snyk-nuget-plugin 1.36.0 → 1.38.0

package/dist/errors/big-tree-error.d.ts

@@ -0,0 +1,5 @@
+export declare class BigTreeError extends Error {
+    code: number;
+    name: string;
+    constructor(...args: any[]);
+}

package/dist/errors/cli-command-error.d.ts

@@ -0,0 +1,5 @@
+export declare class CliCommandError extends Error {
+    code: number;
+    name: string;
+    constructor(...args: any[]);
+}

package/dist/errors/file-not-found-error.d.ts

@@ -0,0 +1,5 @@
+export declare class FileNotFoundError extends Error {
+    code: number;
+    name: string;
+    constructor(...args: any[]);
+}

package/dist/errors/file-not-processable-error.d.ts

@@ -0,0 +1,5 @@
+export declare class FileNotProcessableError extends Error {
+    code: number;
+    name: string;
+    constructor(...args: any[]);
+}

package/dist/errors/index.d.ts

@@ -0,0 +1,6 @@
+export { BigTreeError } from './big-tree-error';
+export { CliCommandError } from './cli-command-error';
+export { FileNotFoundError } from './file-not-found-error';
+export { FileNotProcessableError } from './file-not-processable-error';
+export { InvalidManifestError } from './invalid-manifest-error';
+export { InvalidTargetFile } from './invalid-target-file';

package/dist/errors/invalid-folder-format-error.d.ts

@@ -0,0 +1,5 @@
+export declare class InvalidFolderFormatError extends Error {
+    code: number;
+    name: string;
+    constructor(...args: any[]);
+}

package/dist/errors/invalid-manifest-error.d.ts

@@ -0,0 +1,5 @@
+export declare class InvalidManifestError extends Error {
+    code: number;
+    name: string;
+    constructor(...args: any[]);
+}

package/dist/errors/invalid-target-file.d.ts

@@ -0,0 +1,5 @@
+export declare class InvalidTargetFile extends Error {
+    code: number;
+    name: string;
+    constructor(...args: any[]);
+}

package/dist/index.d.ts

@@ -0,0 +1,2 @@
+import { legacyPlugin as pluginApi } from '@snyk/cli-interface';
+export declare function inspect(root: any, targetFile: any, options?: any): Promise<pluginApi.InspectResult>;

package/dist/nuget-parser/cli/dotnet.d.ts

@@ -0,0 +1,4 @@
+export declare function validate(): Promise<void>;
+export declare function restore(projectPath: string): Promise<void>;
+export declare function run(projectPath: string, options: string[]): Promise<string>;
+export declare function publish(projectPath: string, targetFramework?: string): Promise<string>;

package/dist/nuget-parser/cli/dotnet.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.publish = exports.restore = exports.validate = void 0;
+exports.publish = exports.run = exports.restore = exports.validate = void 0;
 const debugModule = require("debug");
 const errors_1 = require("../../errors");
 const path = require("path");
@@ -41,6 +41,13 @@ async function restore(projectPath) {
     return;
 }
 exports.restore = restore;
+async function run(projectPath, options) {
+    const command = 'dotnet';
+    const args = ['run', '--project', projectPath].concat(options);
+    const response = await handle('run', command, args);
+    return response.stdout;
+}
+exports.run = run;
 async function publish(projectPath, targetFramework) {
     var _a;
     const command = 'dotnet';

package/dist/nuget-parser/cli/dotnet.js.map

@@ -1 +1 @@
-{"version":3,"file":"dotnet.js","sourceRoot":"","sources":["../../../lib/nuget-parser/cli/dotnet.ts"],"names":[],"mappings":";;;AAAA,qCAAqC;AACrC,yCAA+C;AAC/C,6BAA6B;AAC7B,2CAA2C;AAE3C,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;AAElC,KAAK,UAAU,MAAM,CACnB,SAAiB,EACjB,OAAe,EACf,IAAc;IAEd,KAAK,CAAC,2BAA2B,SAAS,KAAK,OAAO,EAAE,CAAC,CAAC;IAE1D,IAAI;QACF,OAAO,MAAM,UAAU,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;KAChD;IAAC,OAAO,KAAc,EAAE;QACvB,IACE,CAAC,CACC,OAAO,KAAK,KAAK,QAAQ;YACzB,KAAK,KAAK,IAAI;YACd,QAAQ,IAAI,KAAK;YACjB,QAAQ,IAAI,KAAK,CAClB,EACD;YACA,MAAM,IAAI,wBAAe,CACvB,UAAU,SAAS,uBAAuB,KAAK,EAAE,CAClD,CAAC;SACH;QAED,MAAM,OAAO,GAAG,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC;QAC7C,MAAM,IAAI,wBAAe,CACvB,UAAU,SAAS,uBAAuB,OAAO,EAAE,CACpD,CAAC;KACH;AACH,CAAC;AAEM,KAAK,UAAU,QAAQ;IAC5B,MAAM,OAAO,GAAG,QAAQ,CAAC;IACzB,MAAM,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;IAE3B,IAAI;QACF,MAAM,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;KACxC;IAAC,OAAO,KAAc,EAAE;QACvB,KAAK,CAAC,qDAAqD,CAAC,CAAC;QAC7D,MAAM,KAAK,CAAC;KACb;AACH,CAAC;AAVD,4BAUC;AAEM,KAAK,UAAU,OAAO,CAAC,WAAmB;IAC/C,MAAM,OAAO,GAAG,QAAQ,CAAC;IACzB,MAAM,IAAI,GAAG,CAAC,SAAS,EAAE,YAAY,EAAE,WAAW,CAAC,CAAC;IACpD,MAAM,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;IACvC,OAAO;AACT,CAAC;AALD,0BAKC;AAEM,KAAK,UAAU,OAAO,CAC3B,WAAmB,EACnB,eAAwB;;IAExB,MAAM,OAAO,GAAG,QAAQ,CAAC;IACzB,MAAM,IAAI,GAAG,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC;IACrC,sGAAsG;IACtG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAElB,yHAAyH;IACzH,IAAI,eAAe,EAAE;QACnB,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QACzB,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;KAC5B;IAED,0EAA0E;IAC1E,oFAAoF;IACpF,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IAEvB,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;IAExD,wGAAwG;IACxG,0GAA0G;IAC1G,8GAA8G;IAC9G,eAAe;IACf,kHAAkH;IAClH,6GAA6G;IAC7G,6GAA6G;IAC7G,yCAAyC;IAEzC,sHAAsH;IACtH,iHAAiH;IACjH,gEAAgE;IAChE,MAAM,cAAc,GAAG,QAAQ,CAAC,MAAM;SACnC,KAAK,CAAC,SAAS,CAAC;QACjB,2HAA2H;QAC3H,mHAAmH;QACnH,wBAAwB;QACxB,2EAA2E;QAC3E,2GAA2G;QAC3G,qHAAqH;SACpH,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;IAElE,IAAI,CAAC,cAAc,EAAE;QACnB,MAAM,GAAG,GAAG,6DAA6D,QAAQ,CAAC,MAAM,EAAE,CAAC;QAC3F,KAAK,CAAC,GAAG,CAAC,CAAC;QACX,MAAM,IAAI,wBAAe,CAAC,iCAAiC,GAAG,EAAE,CAAC,CAAC;KACnE;IAED,kHAAkH;IAClH,MAAM,CAAC,EAAE,gBAAgB,CAAC,GAAG,MAAA,cAAc,CAAC,KAAK,CAAC,IAAI,CAAC,mCAAI,EAAE,CAAC;IAC9D,IAAI,CAAC,gBAAgB,EAAE;QACrB,MAAM,GAAG,GAAG,gEAAgE,cAAc,EAAE,CAAC;QAC7F,KAAK,CAAC,GAAG,CAAC,CAAC;QACX,MAAM,IAAI,wBAAe,CAAC,iCAAiC,GAAG,EAAE,CAAC,CAAC;KACnE;IAED,+GAA+G;IAC/G,uDAAuD;IACvD,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,gBAAgB,CAAC,IAAI,EAAE,CAAC,CAAC;IACtD,OAAO,OAAO,CAAC;AACjB,CAAC;AA7DD,0BA6DC"}
+{"version":3,"file":"dotnet.js","sourceRoot":"","sources":["../../../lib/nuget-parser/cli/dotnet.ts"],"names":[],"mappings":";;;AAAA,qCAAqC;AACrC,yCAA+C;AAC/C,6BAA6B;AAC7B,2CAA2C;AAE3C,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;AAElC,KAAK,UAAU,MAAM,CACnB,SAAiB,EACjB,OAAe,EACf,IAAc;IAEd,KAAK,CAAC,2BAA2B,SAAS,KAAK,OAAO,EAAE,CAAC,CAAC;IAE1D,IAAI;QACF,OAAO,MAAM,UAAU,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;KAChD;IAAC,OAAO,KAAc,EAAE;QACvB,IACE,CAAC,CACC,OAAO,KAAK,KAAK,QAAQ;YACzB,KAAK,KAAK,IAAI;YACd,QAAQ,IAAI,KAAK;YACjB,QAAQ,IAAI,KAAK,CAClB,EACD;YACA,MAAM,IAAI,wBAAe,CACvB,UAAU,SAAS,uBAAuB,KAAK,EAAE,CAClD,CAAC;SACH;QAED,MAAM,OAAO,GAAG,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC;QAC7C,MAAM,IAAI,wBAAe,CACvB,UAAU,SAAS,uBAAuB,OAAO,EAAE,CACpD,CAAC;KACH;AACH,CAAC;AAEM,KAAK,UAAU,QAAQ;IAC5B,MAAM,OAAO,GAAG,QAAQ,CAAC;IACzB,MAAM,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;IAE3B,IAAI;QACF,MAAM,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;KACxC;IAAC,OAAO,KAAc,EAAE;QACvB,KAAK,CAAC,qDAAqD,CAAC,CAAC;QAC7D,MAAM,KAAK,CAAC;KACb;AACH,CAAC;AAVD,4BAUC;AAEM,KAAK,UAAU,OAAO,CAAC,WAAmB;IAC/C,MAAM,OAAO,GAAG,QAAQ,CAAC;IACzB,MAAM,IAAI,GAAG,CAAC,SAAS,EAAE,YAAY,EAAE,WAAW,CAAC,CAAC;IACpD,MAAM,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;IACvC,OAAO;AACT,CAAC;AALD,0BAKC;AAEM,KAAK,UAAU,GAAG,CACvB,WAAmB,EACnB,OAAiB;IAEjB,MAAM,OAAO,GAAG,QAAQ,CAAC;IACzB,MAAM,IAAI,GAAG,CAAC,KAAK,EAAE,WAAW,EAAE,WAAW,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAC/D,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;IACpD,OAAO,QAAQ,CAAC,MAAM,CAAC;AACzB,CAAC;AARD,kBAQC;AAEM,KAAK,UAAU,OAAO,CAC3B,WAAmB,EACnB,eAAwB;;IAExB,MAAM,OAAO,GAAG,QAAQ,CAAC;IACzB,MAAM,IAAI,GAAG,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC;IACrC,sGAAsG;IACtG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAElB,yHAAyH;IACzH,IAAI,eAAe,EAAE;QACnB,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QACzB,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;KAC5B;IAED,0EAA0E;IAC1E,oFAAoF;IACpF,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IAEvB,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;IAExD,wGAAwG;IACxG,0GAA0G;IAC1G,8GAA8G;IAC9G,eAAe;IACf,kHAAkH;IAClH,6GAA6G;IAC7G,6GAA6G;IAC7G,yCAAyC;IAEzC,sHAAsH;IACtH,iHAAiH;IACjH,gEAAgE;IAChE,MAAM,cAAc,GAAG,QAAQ,CAAC,MAAM;SACnC,KAAK,CAAC,SAAS,CAAC;QACjB,2HAA2H;QAC3H,mHAAmH;QACnH,wBAAwB;QACxB,2EAA2E;QAC3E,2GAA2G;QAC3G,qHAAqH;SACpH,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;IAElE,IAAI,CAAC,cAAc,EAAE;QACnB,MAAM,GAAG,GAAG,6DAA6D,QAAQ,CAAC,MAAM,EAAE,CAAC;QAC3F,KAAK,CAAC,GAAG,CAAC,CAAC;QACX,MAAM,IAAI,wBAAe,CAAC,iCAAiC,GAAG,EAAE,CAAC,CAAC;KACnE;IAED,kHAAkH;IAClH,MAAM,CAAC,EAAE,gBAAgB,CAAC,GAAG,MAAA,cAAc,CAAC,KAAK,CAAC,IAAI,CAAC,mCAAI,EAAE,CAAC;IAC9D,IAAI,CAAC,gBAAgB,EAAE;QACrB,MAAM,GAAG,GAAG,gEAAgE,cAAc,EAAE,CAAC;QAC7F,KAAK,CAAC,GAAG,CAAC,CAAC;QACX,MAAM,IAAI,wBAAe,CAAC,iCAAiC,GAAG,EAAE,CAAC,CAAC;KACnE;IAED,+GAA+G;IAC/G,uDAAuD;IACvD,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,gBAAgB,CAAC,IAAI,EAAE,CAAC,CAAC;IACtD,OAAO,OAAO,CAAC;AACjB,CAAC;AA7DD,0BA6DC"}

package/dist/nuget-parser/cli/subprocess.d.ts

@@ -0,0 +1,12 @@
+interface ProcessOptions {
+    cwd?: string;
+    env?: {
+        [name: string]: string;
+    };
+}
+export interface ExecResult {
+    stdout: string;
+    stderr: string;
+}
+export declare function execute(command: string, args: string[], options?: ProcessOptions): Promise<ExecResult>;
+export {};

package/dist/nuget-parser/csharp/generator.d.ts

@@ -0,0 +1,3 @@
+import * as types from '../types';
+export declare function generate(tempDirNameSpace: string, files: types.DotNetFile[]): string;
+export declare function tearDown(dirs: string[]): void;

package/dist/nuget-parser/csharp/generator.js

@@ -0,0 +1,66 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.tearDown = exports.generate = void 0;
+const path = require("path");
+const fs = require("fs");
+const os = require("os");
+const debugModule = require("debug");
+const NodeCache = require("node-cache");
+const crypto = require("crypto");
+const debug = debugModule('snyk');
+const cache = new NodeCache();
+// Use a simple, fast and not secure hashing algorithm just to ensure we don't return the same cached location for
+// different types of files. This is mostly to speed up performance of tests, but in theory will also affect customers
+// when scanning for multiple TargetFrameworks.
+function generateCacheKey(files) {
+    const hash = crypto.createHash('sha256');
+    files
+        .map((f) => f.contents)
+        .forEach((content) => {
+        hash.update(content);
+    });
+    return hash.digest('hex');
+}
+// Importing .NET code from Typescript is not trivial and a bit lose cannon programming. However, we also want to keep
+// this project dependent on as few packages as possible, so instead of opting into some "run .NET in Typescript" package,
+// we do the simplest, which is this. Makes C# debugging a bit harder, but it's a compromise.
+// Further, we also utilize this for our test fixtures. Running tests in parallel can cause race conditions for fixtures
+// at-rest, if two tests are `dotnet publish`'ing to the same fixture folder. So we supply a generator for populating
+// fixtures in temporary folders to keep the test stateless while ensuring parallelization.
+function generate(tempDirNameSpace, files) {
+    const key = generateCacheKey(files);
+    const cached = cache.get(key);
+    if (cached) {
+        return cached;
+    }
+    const tempDir = fs.mkdtempSync(path.join(os.tmpdir(), `snyk-nuget-plugin-test-${tempDirNameSpace}-`));
+    let tempFilePath;
+    files.forEach((file) => {
+        tempFilePath = path.join(tempDir, file.name);
+        fs.writeFileSync(tempFilePath, file.contents);
+    });
+    debug(`Generated temporary CS files (${files
+        .map((f) => f.name)
+        .join(',')}) in ${tempDir}`);
+    cache.set(key, tempDir);
+    return tempDir;
+}
+exports.generate = generate;
+function tearDown(dirs) {
+    debug(`Attempting to delete temporary CS files in ${dirs.join(',')}`);
+    for (const dir of dirs) {
+        if (!dir) {
+            // No tempDir to tear down. Assuming the test failed somewhere.
+            // Jest won't throw an error anyway if the operation fails.
+            return;
+        }
+        try {
+            fs.rmSync(dir, { recursive: true });
+        }
+        catch (error) {
+            // Ignore it, test was tearing down anyway, and it seems Windows boxes especially don't like this.
+        }
+    }
+}
+exports.tearDown = tearDown;
+//# sourceMappingURL=generator.js.map

package/dist/nuget-parser/csharp/generator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"generator.js","sourceRoot":"","sources":["../../../lib/nuget-parser/csharp/generator.ts"],"names":[],"mappings":";;;AAAA,6BAA6B;AAC7B,yBAAyB;AACzB,yBAAyB;AAEzB,qCAAqC;AACrC,wCAAwC;AACxC,iCAAiC;AAEjC,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;AAElC,MAAM,KAAK,GAAG,IAAI,SAAS,EAAE,CAAC;AAE9B,kHAAkH;AAClH,sHAAsH;AACtH,+CAA+C;AAC/C,SAAS,gBAAgB,CAAC,KAAyB;IACjD,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;IACzC,KAAK;SACF,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC;SACtB,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QACnB,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACvB,CAAC,CAAC,CAAC;IACL,OAAO,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AAC5B,CAAC;AAED,sHAAsH;AACtH,0HAA0H;AAC1H,6FAA6F;AAC7F,wHAAwH;AACxH,qHAAqH;AACrH,2FAA2F;AAC3F,SAAgB,QAAQ,CACtB,gBAAwB,EACxB,KAAyB;IAEzB,MAAM,GAAG,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;IACpC,MAAM,MAAM,GAAuB,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAClD,IAAI,MAAM,EAAE;QACV,OAAO,MAAM,CAAC;KACf;IAED,MAAM,OAAO,GAAG,EAAE,CAAC,WAAW,CAC5B,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,0BAA0B,gBAAgB,GAAG,CAAC,CACtE,CAAC;IAEF,IAAI,YAAoB,CAAC;IACzB,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE;QACrB,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;QAC7C,EAAE,CAAC,aAAa,CAAC,YAAY,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;IAChD,CAAC,CAAC,CAAC;IAEH,KAAK,CACH,iCAAiC,KAAK;SACnC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;SAClB,IAAI,CAAC,GAAG,CAAC,QAAQ,OAAO,EAAE,CAC9B,CAAC;IAEF,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;IACxB,OAAO,OAAO,CAAC;AACjB,CAAC;AA5BD,4BA4BC;AAED,SAAgB,QAAQ,CAAC,IAAc;IACrC,KAAK,CAAC,8CAA8C,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAEtE,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE;QACtB,IAAI,CAAC,GAAG,EAAE;YACR,+DAA+D;YAC/D,2DAA2D;YAC3D,OAAO;SACR;QAED,IAAI;YACF,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;SACrC;QAAC,OAAO,KAAc,EAAE;YACvB,kGAAkG;SACnG;KACF;AACH,CAAC;AAhBD,4BAgBC"}

package/dist/nuget-parser/csharp/nugetframeworks_parser.d.ts

@@ -0,0 +1 @@
+export declare function generate(): string;

package/dist/nuget-parser/csharp/nugetframeworks_parser.js

@@ -0,0 +1,85 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.generate = void 0;
+const generator = require("./generator");
+function generate() {
+    const files = [
+        {
+            name: 'Parse.csproj',
+            contents: `
+<Project Sdk='Microsoft.NET.Sdk'>
+  <PropertyGroup>
+    <OutputType>Exe</OutputType>
+    <TargetFramework>net7.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+    <RootNamespace>ShortNameToLongName</RootNamespace>
+    <GenerateRuntimeConfigurationFiles>true</GenerateRuntimeConfigurationFiles>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include='Newtonsoft.Json' Version='13.0.3' />
+    <PackageReference Include='NuGet.Frameworks' Version='6.7.0' />
+  </ItemGroup>
+</Project>
+`,
+        },
+        {
+            name: 'Program.cs',
+            contents: `
+using NuGet.Frameworks;
+using Newtonsoft.Json;
+
+namespace ShortNameToLongName;
+
+class Program
+{
+    static void Main(string[] args)
+    {
+        if (args.Length < 1)
+        {
+            Console.WriteLine("Usage: dotnet run <shortTargetFramework>");
+            return;
+        }
+
+        string shortName = args[0];
+
+        try
+        {
+            NuGetFramework framework = NuGetFramework.Parse(shortName);
+            string json = JsonConvert.SerializeObject(new
+            {
+                framework.Framework,
+                framework.Version,
+                framework.Platform,
+                framework.PlatformVersion,
+                framework.HasPlatform,
+                framework.HasProfile,
+                framework.Profile,
+                framework.DotNetFrameworkName,
+                framework.DotNetPlatformName,
+                framework.IsPCL,
+                framework.IsPackageBased,
+                framework.AllFrameworkVersions,
+                framework.IsUnsupported,
+                framework.IsAgnostic,
+                framework.IsAny,
+                framework.IsSpecificFramework,
+                ShortName = shortName
+            }, Formatting.None);
+            Console.Write(json);
+        }
+        catch (Exception ex)
+        {
+            Console.WriteLine($"Error: {ex.Message}");
+        }
+    }
+}
+`,
+        },
+    ];
+    const tempDir = generator.generate('csharp', files);
+    return tempDir;
+}
+exports.generate = generate;
+//# sourceMappingURL=nugetframeworks_parser.js.map

package/dist/nuget-parser/csharp/nugetframeworks_parser.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"nugetframeworks_parser.js","sourceRoot":"","sources":["../../../lib/nuget-parser/csharp/nugetframeworks_parser.ts"],"names":[],"mappings":";;;AACA,yCAAyC;AAEzC,SAAgB,QAAQ;IACtB,MAAM,KAAK,GAAuB;QAChC;YACE,IAAI,EAAE,cAAc;YACpB,QAAQ,EAAE;;;;;;;;;;;;;;;;CAgBf;SACI;QACD;YACE,IAAI,EAAE,YAAY;YAClB,QAAQ,EAAE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAiDf;SACI;KACF,CAAC;IAEF,MAAM,OAAO,GAAG,SAAS,CAAC,QAAQ,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;IACpD,OAAO,OAAO,CAAC;AACjB,CAAC;AA/ED,4BA+EC"}

package/dist/nuget-parser/framework.d.ts

@@ -0,0 +1,2 @@
+import { TargetFramework } from './types';
+export declare function toReadableFramework(targetFramework: string): TargetFramework | undefined;

package/dist/nuget-parser/index.d.ts

@@ -0,0 +1,7 @@
+import { ManifestType } from './types';
+import * as depGraphLib from '@snyk/dep-graph';
+export declare function buildDepGraphFromFiles(root: string | undefined, targetFile: string | undefined, manifestType: ManifestType, useProjectNameFromAssetsFile: boolean, projectNamePrefix?: string, targetFramework?: string): Promise<{
+    dependencyGraph: depGraphLib.DepGraph;
+    targetFramework: string | undefined;
+}>;
+export declare function buildDepTreeFromFiles(root: string | undefined, targetFile: string | undefined, packagesFolderPath: string | undefined, manifestType: ManifestType, useProjectNameFromAssetsFile: boolean, projectNamePrefix?: string): Promise<any>;

package/dist/nuget-parser/index.js

@@ -13,6 +13,7 @@ const packagesConfigParser = require("./parsers/packages-config-parser");
 const errors_1 = require("../errors");
 const types_1 = require("./types");
 const dotnet = require("./cli/dotnet");
+const nugetFrameworksParser = require("./csharp/nugetframeworks_parser");
 const runtimeAssembly = require("./runtime-assembly");
 const debug = debugModule('snyk');
 const PARSERS = {
@@ -56,16 +57,18 @@ function getFileContents(fileContentPath) {
     }
 }
 async function buildDepGraphFromFiles(root, targetFile, manifestType, useProjectNameFromAssetsFile, projectNamePrefix, targetFramework) {
-    var _a, _b;
+    var _a, _b, _c;
     const safeRoot = root || '.';
     const safeTargetFile = targetFile || '.';
     const fileContentPath = path.resolve(safeRoot, safeTargetFile);
     const fileContent = getFileContents(fileContentPath);
     const projectRootFolder = path.resolve(fileContentPath, '../../');
-    const targetFrameworks = csProjParser
-        .getTargetFrameworksFromProjFile(projectRootFolder)
-        // The rest of the type is not needed in this context
-        .map((tf) => tf.original);
+    const parser = PARSERS['dotnet-core-v2'];
+    const manifest = await parser.fileContentParser.parse(fileContent);
+    if (!((_a = manifest.project) === null || _a === void 0 ? void 0 : _a.frameworks)) {
+        throw new errors_1.FileNotProcessableError(`unable to detect any target framework in manifest file ${safeTargetFile}, a valid one is needed to continue down this path.`);
+    }
+    const targetFrameworks = Object.keys(manifest.project.frameworks);
     if (targetFrameworks.length <= 0) {
         throw new errors_1.FileNotProcessableError(`unable to detect a target framework in ${projectRootFolder}, a valid one is needed to continue down this path.`);
     }
@@ -74,10 +77,8 @@ async function buildDepGraphFromFiles(root, targetFile, manifestType, useProject
 manifest file. Available targetFrameworks detected was \x1b[1m${targetFrameworks.join(',')}\x1b[0m. 
 Will attempt to build dependency graph anyway, but the operation might fail.`);
     }
-    const parser = PARSERS['dotnet-core-v2'];
-    const manifest = await parser.fileContentParser.parse(fileContent);
     let resolvedProjectName = getRootName(root, projectRootFolder, projectNamePrefix);
-    const projectNameFromManifestFile = (_b = (_a = manifest === null || manifest === void 0 ? void 0 : manifest.project) === null || _a === void 0 ? void 0 : _a.restore) === null || _b === void 0 ? void 0 : _b.projectName;
+    const projectNameFromManifestFile = (_c = (_b = manifest === null || manifest === void 0 ? void 0 : manifest.project) === null || _b === void 0 ? void 0 : _b.restore) === null || _c === void 0 ? void 0 : _c.projectName;
     if (manifestType === types_1.ManifestType.DOTNET_CORE &&
         useProjectNameFromAssetsFile) {
         if (projectNameFromManifestFile) {
@@ -107,7 +108,16 @@ Supply a targetFramework by using the \x1b[1m--target-framework\x1b[0m argument.
     // Then inspect the dependency graph for the runtimepackage's assembly versions.
     const depsFile = path.resolve(publishDir, `${projectNameFromManifestFile}.deps.json`);
     const assemblyVersions = runtimeAssembly.generateRuntimeAssemblies(depsFile);
-    const depGraph = parser.depParser.parse(resolvedProjectName, manifest, assemblyVersions);
+    // Parse the TargetFramework using Nuget.Frameworks itself, instead of trying to reinvent the wheel, thus ensuring
+    // we have maximum context to use later when building the depGraph.
+    const location = nugetFrameworksParser.generate();
+    await dotnet.restore(location);
+    const response = await dotnet.run(location, [decidedTargetFramework]);
+    const targetFrameworkInfo = JSON.parse(response);
+    if (targetFrameworkInfo.IsUnsupported) {
+        throw new errors_1.InvalidManifestError(`dotnet was not able to parse the target framework ${decidedTargetFramework}, it was reported unsupported by the dotnet runtime`);
+    }
+    const depGraph = parser.depParser.parse(resolvedProjectName, manifest, assemblyVersions, targetFrameworkInfo);
     return {
         dependencyGraph: depGraph,
         targetFramework: decidedTargetFramework,

package/dist/nuget-parser/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../lib/nuget-parser/index.ts"],"names":[],"mappings":";;;AAAA,yBAAyB;AACzB,6BAA6B;AAC7B,wDAAwD;AACxD,qCAAqC;AACrC,iEAAiE;AACjE,sEAAsE;AACtE,2EAA2E;AAC3E,mEAAmE;AACnE,yEAAyE;AACzE,sCAAoD;AACpD,mCAAwD;AAExD,uCAAuC;AACvC,sDAAsD;AAEtD,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;AAElC,MAAM,OAAO,GAAG;IACd,aAAa,EAAE;QACb,SAAS,EAAE,gBAAgB;QAC3B,iBAAiB,EAAE,IAAI;KACxB;IACD,gBAAgB,EAAE;QAChB,SAAS,EAAE,kBAAkB;QAC7B,iBAAiB,EAAE,IAAI;KACxB;IACD,iBAAiB,EAAE;QACjB,SAAS,EAAE,qBAAqB;QAChC,iBAAiB,EAAE,oBAAoB;KACxC;IACD,cAAc,EAAE;QACd,SAAS,EAAE,qBAAqB;QAChC,iBAAiB,EAAE,iBAAiB;KACrC;CACF,CAAC;AAEF,SAAS,iBAAiB,CAAC,cAAc,EAAE,iBAAiB;IAC1D,IAAI,cAAc,EAAE;QAClB,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,cAAc,CAAC,CAAC;KACpD;IACD,OAAO,IAAI,CAAC,OAAO,CAAC,iBAAiB,EAAE,UAAU,CAAC,CAAC;AACrD,CAAC;AAED,SAAS,WAAW,CAClB,IAAa,EACb,iBAA0B,EAC1B,iBAA0B;IAE1B,MAAM,eAAe,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,iBAAiB,IAAI,EAAE,CAAC,CAAC;IACvE,IAAI,iBAAiB,EAAE;QACrB,OAAO,iBAAiB,GAAG,eAAe,CAAC;KAC5C;IACD,OAAO,eAAe,CAAC;AACzB,CAAC;AAED,SAAS,eAAe,CAAC,eAAuB;IAC9C,IAAI;QACF,KAAK,CAAC,sBAAsB,eAAe,EAAE,CAAC,CAAC;QAC/C,OAAO,EAAE,CAAC,YAAY,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;KAClD;IAAC,OAAO,KAAc,EAAE;QACvB,MAAM,IAAI,gCAAuB,CAAC,KAAK,CAAC,CAAC;KAC1C;AACH,CAAC;AAEM,KAAK,UAAU,sBAAsB,CAC1C,IAAwB,EACxB,UAA8B,EAC9B,YAA0B,EAC1B,4BAAqC,EACrC,iBAA0B,EAC1B,eAAwB;;IAKxB,MAAM,QAAQ,GAAG,IAAI,IAAI,GAAG,CAAC;IAC7B,MAAM,cAAc,GAAG,UAAU,IAAI,GAAG,CAAC;IACzC,MAAM,eAAe,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;IAC/D,MAAM,WAAW,GAAG,eAAe,CAAC,eAAe,CAAC,CAAC;IACrD,MAAM,iBAAiB,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,QAAQ,CAAC,CAAC;IAClE,MAAM,gBAAgB,GAAG,YAAY;SAClC,+BAA+B,CAAC,iBAAiB,CAAC;QACnD,qDAAqD;SACpD,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC;IAE5B,IAAI,gBAAgB,CAAC,MAAM,IAAI,CAAC,EAAE;QAChC,MAAM,IAAI,gCAAuB,CAC/B,0CAA0C,iBAAiB,qDAAqD,CACjH,CAAC;KACH;IAED,IAAI,eAAe,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,eAAe,CAAC,EAAE;QAClE,OAAO,CAAC,GAAG,CAAC,6DAA6D,eAAe;gEAC5B,gBAAgB,CAAC,IAAI,CAC/E,GAAG,CACJ;6EACwE,CAAC,CAAC;KAC5E;IAED,MAAM,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;IACzC,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;IAEnE,IAAI,mBAAmB,GAAG,WAAW,CACnC,IAAI,EACJ,iBAAiB,EACjB,iBAAiB,CAClB,CAAC;IAEF,MAAM,2BAA2B,GAAG,MAAA,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,OAAO,0CAAE,OAAO,0CAAE,WAAW,CAAC;IAC5E,IACE,YAAY,KAAK,oBAAY,CAAC,WAAW;QACzC,4BAA4B,EAC5B;QACA,IAAI,2BAA2B,EAAE;YAC/B,mBAAmB,GAAG,2BAA2B,CAAC;SACnD;aAAM;YACL,KAAK,CACH,4FAA4F,mBAAmB,EAAE,CAClH,CAAC;SACH;KACF;IAED,qDAAqD;IACrD,IAAI,sBAA8B,CAAC;IACnC,IAAI,CAAC,eAAe,EAAE;QACpB,OAAO,CAAC,GAAG,CAAC,kGAAkG,gBAAgB,CAAC,CAAC,CAAC;iFACpD,CAAC,CAAC;QAC/E,sBAAsB,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC;KAC9C;SAAM;QACL,sBAAsB,GAAG,eAAe,CAAC;KAC1C;IAED,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC,sBAAsB,CAAC,EAAE;QACxD,MAAM,IAAI,gCAAuB,CAC/B,+LAA+L,sBAAsB,GAAG,CACzN,CAAC;KACH;IAED,6DAA6D;IAC7D,MAAM,MAAM,CAAC,QAAQ,EAAE,CAAC;IAExB,0HAA0H;IAC1H,MAAM,UAAU,GAAG,MAAM,MAAM,CAAC,OAAO,CACrC,iBAAiB,EACjB,sBAAsB,CACvB,CAAC;IACF,gFAAgF;IAChF,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAC3B,UAAU,EACV,GAAG,2BAA2B,YAAY,CAC3C,CAAC;IACF,MAAM,gBAAgB,GAAG,eAAe,CAAC,yBAAyB,CAAC,QAAQ,CAAC,CAAC;IAE7E,MAAM,QAAQ,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,CACrC,mBAAmB,EACnB,QAAQ,EACR,gBAAgB,CACjB,CAAC;IACF,OAAO;QACL,eAAe,EAAE,QAAQ;QACzB,eAAe,EAAE,sBAAsB;KACxC,CAAC;AACJ,CAAC;AAlGD,wDAkGC;AAEM,KAAK,UAAU,qBAAqB,CACzC,IAAwB,EACxB,UAA8B,EAC9B,kBAAsC,EACtC,YAA0B,EAC1B,4BAAqC,EACrC,iBAA0B;;IAE1B,MAAM,QAAQ,GAAG,IAAI,IAAI,GAAG,CAAC;IAC7B,MAAM,cAAc,GAAG,UAAU,IAAI,GAAG,CAAC;IACzC,MAAM,eAAe,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;IAC/D,MAAM,WAAW,GAAG,eAAe,CAAC,eAAe,CAAC,CAAC;IACrD,MAAM,iBAAiB,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,QAAQ,CAAC,CAAC;IAClE,MAAM,cAAc,GAAG,iBAAiB,CACtC,kBAAkB,EAClB,iBAAiB,CAClB,CAAC;IAEF,MAAM,IAAI,GAAG;QACX,YAAY,EAAE,EAAE;QAChB,IAAI,EAAE,EAAE;QACR,IAAI,EAAE,WAAW,CAAC,IAAI,EAAE,iBAAiB,EAAE,iBAAiB,CAAC;QAC7D,oBAAoB,EAAE,aAAa;QACnC,OAAO,EAAE,OAAO;KACjB,CAAC;IAEF,IAAI,gBAAmC,CAAC;IACxC,IAAI;QACF,IAAI,YAAY,KAAK,oBAAY,CAAC,WAAW,EAAE;YAC7C,gBAAgB;gBACd,YAAY,CAAC,+BAA+B,CAAC,iBAAiB,CAAC,CAAC;SACnE;aAAM;YACL,sEAAsE;YACtE,MAAM,0BAA0B,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,KAAK,CAAC,CAAC;YACxE,gBAAgB,GAAG,YAAY,CAAC,+BAA+B,CAC7D,0BAA0B,CAC3B,CAAC;YAEF,+FAA+F;YAC/F,IAAI,gBAAgB,CAAC,MAAM,IAAI,CAAC,EAAE;gBAChC,+CAA+C;gBAC/C,IAAI,YAAY,KAAK,oBAAY,CAAC,eAAe,EAAE;oBACjD,MAAM,sBAAsB,GAC1B,MAAM,oBAAoB,CAAC,yBAAyB,CAAC,WAAW,CAAC,CAAC;oBACpE,IAAI,sBAAsB,EAAE;wBAC1B,gBAAgB,GAAG,CAAC,sBAAsB,CAAC,CAAC;qBAC7C;iBACF;aACF;SACF;KACF;IAAC,OAAO,KAAc,EAAE;QACvB,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;KAC9B;IAED,2DAA2D;IAC3D,MAAM,eAAe,GACnB,gBAAgB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;IACzE,IAAI,CAAC,IAAI,GAAG;QACV,eAAe,EAAE,eAAe;KACjC,CAAC;IAEF,MAAM,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACrC,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,KAAK,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;IAEzE,IACE,YAAY,KAAK,oBAAY,CAAC,WAAW;QACzC,4BAA4B,EAC5B;QACA,MAAM,WAAW,GAAG,MAAA,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,OAAO,0CAAE,OAAO,0CAAE,WAAW,CAAC;QAE5D,IAAI,WAAW,EAAE;YACf,IAAI,CAAC,IAAI,GAAG,WAAW,CAAC;SACzB;aAAM;YACL,KAAK,CACH,2FAA2F;gBACzF,IAAI,CAAC,IAAI,CACZ,CAAC;SACH;KACF;IAED,OAAO,MAAM,CAAC,SAAS,CAAC,KAAK,CAC3B,IAAI,EACJ,QAAQ,EACR,eAAe,EACf,cAAc,CACf,CAAC;AACJ,CAAC;AAtFD,sDAsFC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../lib/nuget-parser/index.ts"],"names":[],"mappings":";;;AAAA,yBAAyB;AACzB,6BAA6B;AAC7B,wDAAwD;AACxD,qCAAqC;AACrC,iEAAiE;AACjE,sEAAsE;AACtE,2EAA2E;AAC3E,mEAAmE;AACnE,yEAAyE;AACzE,sCAA0E;AAC1E,mCAKiB;AAEjB,uCAAuC;AACvC,yEAAyE;AACzE,sDAAsD;AAEtD,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;AAElC,MAAM,OAAO,GAAG;IACd,aAAa,EAAE;QACb,SAAS,EAAE,gBAAgB;QAC3B,iBAAiB,EAAE,IAAI;KACxB;IACD,gBAAgB,EAAE;QAChB,SAAS,EAAE,kBAAkB;QAC7B,iBAAiB,EAAE,IAAI;KACxB;IACD,iBAAiB,EAAE;QACjB,SAAS,EAAE,qBAAqB;QAChC,iBAAiB,EAAE,oBAAoB;KACxC;IACD,cAAc,EAAE;QACd,SAAS,EAAE,qBAAqB;QAChC,iBAAiB,EAAE,iBAAiB;KACrC;CACF,CAAC;AAEF,SAAS,iBAAiB,CAAC,cAAc,EAAE,iBAAiB;IAC1D,IAAI,cAAc,EAAE;QAClB,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,cAAc,CAAC,CAAC;KACpD;IACD,OAAO,IAAI,CAAC,OAAO,CAAC,iBAAiB,EAAE,UAAU,CAAC,CAAC;AACrD,CAAC;AAED,SAAS,WAAW,CAClB,IAAa,EACb,iBAA0B,EAC1B,iBAA0B;IAE1B,MAAM,eAAe,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,iBAAiB,IAAI,EAAE,CAAC,CAAC;IACvE,IAAI,iBAAiB,EAAE;QACrB,OAAO,iBAAiB,GAAG,eAAe,CAAC;KAC5C;IACD,OAAO,eAAe,CAAC;AACzB,CAAC;AAED,SAAS,eAAe,CAAC,eAAuB;IAC9C,IAAI;QACF,KAAK,CAAC,sBAAsB,eAAe,EAAE,CAAC,CAAC;QAC/C,OAAO,EAAE,CAAC,YAAY,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;KAClD;IAAC,OAAO,KAAc,EAAE;QACvB,MAAM,IAAI,gCAAuB,CAAC,KAAK,CAAC,CAAC;KAC1C;AACH,CAAC;AAEM,KAAK,UAAU,sBAAsB,CAC1C,IAAwB,EACxB,UAA8B,EAC9B,YAA0B,EAC1B,4BAAqC,EACrC,iBAA0B,EAC1B,eAAwB;;IAKxB,MAAM,QAAQ,GAAG,IAAI,IAAI,GAAG,CAAC;IAC7B,MAAM,cAAc,GAAG,UAAU,IAAI,GAAG,CAAC;IACzC,MAAM,eAAe,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;IAC/D,MAAM,WAAW,GAAG,eAAe,CAAC,eAAe,CAAC,CAAC;IACrD,MAAM,iBAAiB,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,QAAQ,CAAC,CAAC;IAElE,MAAM,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;IACzC,MAAM,QAAQ,GACZ,MAAM,MAAM,CAAC,iBAAiB,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;IAEpD,IAAI,CAAC,CAAA,MAAA,QAAQ,CAAC,OAAO,0CAAE,UAAU,CAAA,EAAE;QACjC,MAAM,IAAI,gCAAuB,CAC/B,0DAA0D,cAAc,qDAAqD,CAC9H,CAAC;KACH;IAED,MAAM,gBAAgB,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAClE,IAAI,gBAAgB,CAAC,MAAM,IAAI,CAAC,EAAE;QAChC,MAAM,IAAI,gCAAuB,CAC/B,0CAA0C,iBAAiB,qDAAqD,CACjH,CAAC;KACH;IAED,IAAI,eAAe,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,eAAe,CAAC,EAAE;QAClE,OAAO,CAAC,GAAG,CAAC,6DAA6D,eAAe;gEAC5B,gBAAgB,CAAC,IAAI,CAC/E,GAAG,CACJ;6EACwE,CAAC,CAAC;KAC5E;IAED,IAAI,mBAAmB,GAAG,WAAW,CACnC,IAAI,EACJ,iBAAiB,EACjB,iBAAiB,CAClB,CAAC;IAEF,MAAM,2BAA2B,GAAG,MAAA,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,OAAO,0CAAE,OAAO,0CAAE,WAAW,CAAC;IAC5E,IACE,YAAY,KAAK,oBAAY,CAAC,WAAW;QACzC,4BAA4B,EAC5B;QACA,IAAI,2BAA2B,EAAE;YAC/B,mBAAmB,GAAG,2BAA2B,CAAC;SACnD;aAAM;YACL,KAAK,CACH,4FAA4F,mBAAmB,EAAE,CAClH,CAAC;SACH;KACF;IAED,qDAAqD;IACrD,IAAI,sBAA8B,CAAC;IACnC,IAAI,CAAC,eAAe,EAAE;QACpB,OAAO,CAAC,GAAG,CAAC,kGAAkG,gBAAgB,CAAC,CAAC,CAAC;iFACpD,CAAC,CAAC;QAC/E,sBAAsB,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC;KAC9C;SAAM;QACL,sBAAsB,GAAG,eAAe,CAAC;KAC1C;IAED,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC,sBAAsB,CAAC,EAAE;QACxD,MAAM,IAAI,gCAAuB,CAC/B,+LAA+L,sBAAsB,GAAG,CACzN,CAAC;KACH;IAED,6DAA6D;IAC7D,MAAM,MAAM,CAAC,QAAQ,EAAE,CAAC;IAExB,0HAA0H;IAC1H,MAAM,UAAU,GAAG,MAAM,MAAM,CAAC,OAAO,CACrC,iBAAiB,EACjB,sBAAsB,CACvB,CAAC;IACF,gFAAgF;IAChF,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAC3B,UAAU,EACV,GAAG,2BAA2B,YAAY,CAC3C,CAAC;IACF,MAAM,gBAAgB,GAAG,eAAe,CAAC,yBAAyB,CAAC,QAAQ,CAAC,CAAC;IAE7E,kHAAkH;IAClH,mEAAmE;IACnE,MAAM,QAAQ,GAAG,qBAAqB,CAAC,QAAQ,EAAE,CAAC;IAClD,MAAM,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC/B,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,sBAAsB,CAAC,CAAC,CAAC;IACtE,MAAM,mBAAmB,GAAwB,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;IACtE,IAAI,mBAAmB,CAAC,aAAa,EAAE;QACrC,MAAM,IAAI,6BAAoB,CAC5B,qDAAqD,sBAAsB,qDAAqD,CACjI,CAAC;KACH;IAED,MAAM,QAAQ,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,CACrC,mBAAmB,EACnB,QAAQ,EACR,gBAAgB,EAChB,mBAAmB,CACpB,CAAC;IACF,OAAO;QACL,eAAe,EAAE,QAAQ;QACzB,eAAe,EAAE,sBAAsB;KACxC,CAAC;AACJ,CAAC;AAnHD,wDAmHC;AAEM,KAAK,UAAU,qBAAqB,CACzC,IAAwB,EACxB,UAA8B,EAC9B,kBAAsC,EACtC,YAA0B,EAC1B,4BAAqC,EACrC,iBAA0B;;IAE1B,MAAM,QAAQ,GAAG,IAAI,IAAI,GAAG,CAAC;IAC7B,MAAM,cAAc,GAAG,UAAU,IAAI,GAAG,CAAC;IACzC,MAAM,eAAe,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;IAC/D,MAAM,WAAW,GAAG,eAAe,CAAC,eAAe,CAAC,CAAC;IACrD,MAAM,iBAAiB,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,QAAQ,CAAC,CAAC;IAClE,MAAM,cAAc,GAAG,iBAAiB,CACtC,kBAAkB,EAClB,iBAAiB,CAClB,CAAC;IAEF,MAAM,IAAI,GAAG;QACX,YAAY,EAAE,EAAE;QAChB,IAAI,EAAE,EAAE;QACR,IAAI,EAAE,WAAW,CAAC,IAAI,EAAE,iBAAiB,EAAE,iBAAiB,CAAC;QAC7D,oBAAoB,EAAE,aAAa;QACnC,OAAO,EAAE,OAAO;KACjB,CAAC;IAEF,IAAI,gBAAmC,CAAC;IACxC,IAAI;QACF,IAAI,YAAY,KAAK,oBAAY,CAAC,WAAW,EAAE;YAC7C,gBAAgB;gBACd,YAAY,CAAC,+BAA+B,CAAC,iBAAiB,CAAC,CAAC;SACnE;aAAM;YACL,sEAAsE;YACtE,MAAM,0BAA0B,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,KAAK,CAAC,CAAC;YACxE,gBAAgB,GAAG,YAAY,CAAC,+BAA+B,CAC7D,0BAA0B,CAC3B,CAAC;YAEF,+FAA+F;YAC/F,IAAI,gBAAgB,CAAC,MAAM,IAAI,CAAC,EAAE;gBAChC,+CAA+C;gBAC/C,IAAI,YAAY,KAAK,oBAAY,CAAC,eAAe,EAAE;oBACjD,MAAM,sBAAsB,GAC1B,MAAM,oBAAoB,CAAC,yBAAyB,CAAC,WAAW,CAAC,CAAC;oBACpE,IAAI,sBAAsB,EAAE;wBAC1B,gBAAgB,GAAG,CAAC,sBAAsB,CAAC,CAAC;qBAC7C;iBACF;aACF;SACF;KACF;IAAC,OAAO,KAAc,EAAE;QACvB,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;KAC9B;IAED,2DAA2D;IAC3D,MAAM,eAAe,GACnB,gBAAgB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;IACzE,IAAI,CAAC,IAAI,GAAG;QACV,eAAe,EAAE,eAAe;KACjC,CAAC;IAEF,MAAM,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACrC,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,KAAK,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;IAEzE,IACE,YAAY,KAAK,oBAAY,CAAC,WAAW;QACzC,4BAA4B,EAC5B;QACA,MAAM,WAAW,GAAG,MAAA,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,OAAO,0CAAE,OAAO,0CAAE,WAAW,CAAC;QAE5D,IAAI,WAAW,EAAE;YACf,IAAI,CAAC,IAAI,GAAG,WAAW,CAAC;SACzB;aAAM;YACL,KAAK,CACH,2FAA2F;gBACzF,IAAI,CAAC,IAAI,CACZ,CAAC;SACH;KACF;IAED,OAAO,MAAM,CAAC,SAAS,CAAC,KAAK,CAC3B,IAAI,EACJ,QAAQ,EACR,eAAe,EACf,cAAc,CACf,CAAC;AACJ,CAAC;AAtFD,sDAsFC"}

package/dist/nuget-parser/parsers/csproj-parser.d.ts

@@ -0,0 +1,2 @@
+import { TargetFramework } from '../types';
+export declare function getTargetFrameworksFromProjFile(rootDir: string): TargetFramework[];

package/dist/nuget-parser/parsers/dotnet-core-parser.d.ts

@@ -0,0 +1 @@
+export declare function parse(tree: any, manifest: any): any;

package/dist/nuget-parser/parsers/dotnet-core-v2-parser.d.ts

@@ -0,0 +1,3 @@
+import * as depGraphLib from '@snyk/dep-graph';
+import { AssemblyVersions, ProjectAssets, TargetFrameworkInfo } from '../types';
+export declare function parse(projectName: string, projectAssets: ProjectAssets, runtimeAssembly: AssemblyVersions, targetFrameworkInfo: TargetFrameworkInfo): depGraphLib.DepGraph;

package/dist/nuget-parser/parsers/dotnet-core-v2-parser.js

@@ -7,6 +7,31 @@ const errors_1 = require("../../errors");
 const debug = debugModule('snyk');
 // Dependencies that starts with these are discarded
 const FILTERED_DEPENDENCY_PREFIX = ['runtime'];
+// The list of top level dependencies and transitive dependencies differ based on the target runtime we've defined.
+// In the generated dependency file created by the `dotnet` CLI, this is organized by the target framework moniker (TFM).
+// Unfortunately, Microsoft has changed the way it denominates their targets throughout the different versions,
+// see: https://learn.microsoft.com/en-us/nuget/reference/target-frameworks#supported-frameworks.
+// So the logic has to be unnecessarily complex, as we cannot just access the key in the target dictionary
+// for versions different from the newest ones of .NET 5+.
+// Even better, it changes between how it defines them inside project.frameworks and the root targets object interchangeably.
+function findTargetFrameworkMonikerInManifest(targetFrameworkInfo, frameworks) {
+    const shortName = targetFrameworkInfo.ShortName;
+    const longName = targetFrameworkInfo.DotNetFrameworkName;
+    const parsedFrameworks = Object.keys(frameworks);
+    debug(`parsed the following frameworks in the manifest file: ${parsedFrameworks.join(',')}`);
+    // Try and find the "longName" (or DotNetFrameworkName) in the list of targets.
+    // The format is usually something like ".NETCoreApp,Version=v6.0". That seems to happen for older .NET target frameworks.
+    if (longName in frameworks) {
+        debug(`detected ${longName} in assets file, returning that`);
+        return longName;
+    }
+    // If that doesn't work, for newer versions of .NET core, they index the frameworks object by the 'shortname'.
+    if (shortName in frameworks) {
+        debug(`detected ${shortName} in assets file, returning that`);
+        return shortName;
+    }
+    throw new errors_1.FileNotProcessableError(`unable to find the determined target framework (${targetFrameworkInfo.ShortName}) in any of the available target frameworks: ${parsedFrameworks}`);
+}
 function recursivelyPopulateNodes(depGraphBuilder, targetDeps, node, runtimeAssembly, visited) {
     const parentId = node.type === 'root' ? 'root-node' : `${node.name}@${node.version}`;
     for (const depNode of Object.entries(node.dependencies || {})) {
@@ -42,24 +67,28 @@ function recursivelyPopulateNodes(depGraphBuilder, targetDeps, node, runtimeAsse
         recursivelyPopulateNodes(depGraphBuilder, targetDeps, childNode, runtimeAssembly, localVisited);
     }
 }
-function buildGraph(projectName, projectAssets, runtimeAssembly) {
+function buildGraph(projectName, projectAssets, runtimeAssembly, targetFrameworkInfo) {
     const depGraphBuilder = new dep_graph_1.DepGraphBuilder({ name: 'nuget' }, {
         name: projectName,
         version: projectAssets.project.version,
     });
     if (Object.keys(projectAssets.project.frameworks).length <= 0) {
-        throw new errors_1.FileNotProcessableError('no target frameworks found in assets file');
+        throw new errors_1.InvalidManifestError('no target frameworks found in assets file (project.assets.json -> project -> frameworks -> []), cannot continue without that');
     }
-    const targetFramework = Object.keys(projectAssets.project.frameworks)[0]; // FIXME: Multiple frameworks
-    const topLevelDeps = Object.keys(projectAssets.project.frameworks[targetFramework].dependencies);
+    // Access all top-level dependencies from the right target point in the project.assets.json, or fail trying.
+    const directDepsMoniker = findTargetFrameworkMonikerInManifest(targetFrameworkInfo, projectAssets.project.frameworks);
+    // Those dependencies are referenced in the 'targets' member in the same assets file.
+    const topLevelDeps = Object.keys(projectAssets.project.frameworks[directDepsMoniker].dependencies);
     // The list of targets gets decorated differently depending on version of the TargetFramework, (.NET 5+ versions
     // just have their key as the target (net6.0), but .NET Standard append a version, such as .NETStandard,Version=VN.N.N).
     if (Object.keys(projectAssets.targets).length <= 0) {
-        throw new errors_1.FileNotProcessableError('no target dependencies in found in assets file');
+        throw new errors_1.InvalidManifestError('no target dependencies in found in assets file (project.assets.json -> targets -> []), cannot continue without that');
     }
-    // FIXME: As mentioned all over the place, we just access the first target framework we come across. There should be
-    //  at least one, regardless.
-    const targetFrameworkDependencies = Object.values(projectAssets.targets)[0];
+    // Further, they decorate them differently depending on where in the assets file it is.
+    // E.g., a direct dependency target moniker can be project -> frameworks -> 'netstandard2.0', while the
+    // transitive dependency line can be targets -> .NETStandard,Version=v2.1.
+    const transitiveDepsMoniker = findTargetFrameworkMonikerInManifest(targetFrameworkInfo, projectAssets.targets);
+    const targetFrameworkDependencies = projectAssets.targets[transitiveDepsMoniker];
     // Iterate over all the dependencies found in the target dependency list, and build the depGraph based off of that.
     const targetDeps = Object.entries(targetFrameworkDependencies).reduce((acc, entry) => {
         const [nameWithVersion, pkg] = entry;
@@ -72,7 +101,7 @@ function buildGraph(projectName, projectAssets, runtimeAssembly) {
     const topLevelDepPackages = topLevelDeps.reduce((acc, topLevelDepName) => {
         const nameWithVersion = Object.keys(targetDeps).find((targetDep) => targetDep.startsWith(topLevelDepName));
         if (!nameWithVersion) {
-            throw new Error("cant find a name and a version in assets file, something's very malformed");
+            throw new errors_1.InvalidManifestError(`cant find a name and a version in assets file, something's very malformed`);
         }
         const [name, version] = nameWithVersion.split('/');
         return { ...acc, [name]: version };
@@ -84,9 +113,9 @@ function buildGraph(projectName, projectAssets, runtimeAssembly) {
     recursivelyPopulateNodes(depGraphBuilder, targetDeps, rootNode, runtimeAssembly);
     return depGraphBuilder.build();
 }
-function parse(projectName, projectAssets, runtimeAssembly) {
+function parse(projectName, projectAssets, runtimeAssembly, targetFrameworkInfo) {
     debug('Trying to parse .net core manifest with v2 depGraph builder');
-    const result = buildGraph(projectName, projectAssets, runtimeAssembly);
+    const result = buildGraph(projectName, projectAssets, runtimeAssembly, targetFrameworkInfo);
     return result;
 }
 exports.parse = parse;

package/dist/nuget-parser/parsers/dotnet-core-v2-parser.js.map

@@ -1 +1 @@
-{"version":3,"file":"dotnet-core-v2-parser.js","sourceRoot":"","sources":["../../../lib/nuget-parser/parsers/dotnet-core-v2-parser.ts"],"names":[],"mappings":";;;AAAA,qCAAqC;AAErC,+CAAkD;AAElD,yCAAuD;AAEvD,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;AAiBlC,oDAAoD;AACpD,MAAM,0BAA0B,GAAG,CAAC,SAAS,CAAC,CAAC;AAE/C,SAAS,wBAAwB,CAC/B,eAAgC,EAChC,UAAyC,EACzC,IAAmB,EACnB,eAAiC,EACjC,OAAqB;IAErB,MAAM,QAAQ,GACZ,IAAI,CAAC,IAAI,KAAK,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;IAEtE,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,IAAI,EAAE,CAAC,EAAE;QAC7D,MAAM,YAAY,GAAG,OAAO,IAAI,IAAI,GAAG,EAAU,CAAC;QAClD,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QACxB,MAAM,OAAO,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QAE3B,MAAM,SAAS,GAAG;YAChB,GAAG,UAAU,CAAC,GAAG,IAAI,IAAI,OAAO,EAAE,CAAC;YACnC,IAAI;YACJ,OAAO;SACR,CAAC;QAEF,MAAM,OAAO,GAAG,GAAG,SAAS,CAAC,IAAI,IAAI,SAAS,CAAC,OAAO,EAAE,CAAC;QAEzD,4GAA4G;QAC5G,0FAA0F;QAC1F,IAAI,eAAe,GAAG,OAAO,CAAC;QAC9B,4GAA4G;QAC5G,sGAAsG;QACtG,MAAM,GAAG,GAAG,GAAG,IAAI,MAAM,CAAC;QAC1B,IAAI,GAAG,IAAI,eAAe,EAAE;YAC1B,eAAe,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;SACxC;QAED,IAAI,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE;YAC7B,MAAM,QAAQ,GAAG,GAAG,OAAO,SAAS,CAAC;YACrC,eAAe,CAAC,UAAU,CACxB,EAAE,IAAI,EAAE,SAAS,CAAC,IAAI,EAAE,OAAO,EAAE,eAAe,EAAE,EAClD,QAAQ,EACR;gBACE,MAAM,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE;aAC3B,CACF,CAAC;YACF,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;YAC/C,SAAS;SACV;QAED,eAAe,CAAC,UAAU,CACxB,EAAE,IAAI,EAAE,SAAS,CAAC,IAAI,EAAE,OAAO,EAAE,eAAe,EAAE,EAClD,OAAO,CACR,CAAC;QACF,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC9C,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAE1B,wBAAwB,CACtB,eAAe,EACf,UAAU,EACV,SAAS,EACT,eAAe,EACf,YAAY,CACb,CAAC;KACH;AACH,CAAC;AAED,SAAS,UAAU,CACjB,WAAmB,EACnB,aAA4B,EAC5B,eAAiC;IAEjC,MAAM,eAAe,GAAG,IAAI,2BAAe,CACzC,EAAE,IAAI,EAAE,OAAO,EAAE,EACjB;QACE,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,aAAa,CAAC,OAAO,CAAC,OAAO;KACvC,CACF,CAAC;IAEF,IAAI,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,MAAM,IAAI,CAAC,EAAE;QAC7D,MAAM,IAAI,gCAAuB,CAC/B,2CAA2C,CAC5C,CAAC;KACH;IAED,MAAM,eAAe,GAAG,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,6BAA6B;IACvG,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAC9B,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC,YAAY,CAC/D,CAAC;IAEF,gHAAgH;IAChH,wHAAwH;IACxH,IAAI,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,MAAM,IAAI,CAAC,EAAE;QAClD,MAAM,IAAI,gCAAuB,CAC/B,gDAAgD,CACjD,CAAC;KACH;IAED,oHAAoH;IACpH,6BAA6B;IAC7B,MAAM,2BAA2B,GAAG,MAAM,CAAC,MAAM,CAC/C,aAAa,CAAC,OAAO,CACtB,CAAC,CAAC,CAAkC,CAAC;IAEtC,mHAAmH;IACnH,MAAM,UAAU,GAAkC,MAAM,CAAC,OAAO,CAC9D,2BAA2B,CAC5B,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE;QACtB,MAAM,CAAC,eAAe,EAAE,GAAG,CAAC,GAAG,KAAK,CAAC;QAErC,uHAAuH;QACvH,IACE,0BAA0B,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CACzC,eAAe,CAAC,UAAU,CAAC,MAAM,CAAC,CACnC,EACD;YACA,OAAO,GAAG,CAAC;SACZ;QAED,OAAO,EAAE,GAAG,GAAG,EAAE,CAAC,eAAe,CAAC,EAAE,GAAG,EAAE,CAAC;IAC5C,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,MAAM,mBAAmB,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,eAAe,EAAE,EAAE;QACvE,MAAM,eAAe,GAAG,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CACjE,SAAS,CAAC,UAAU,CAAC,eAAe,CAAC,CACtC,CAAC;QACF,IAAI,CAAC,eAAe,EAAE;YACpB,MAAM,IAAI,KAAK,CACb,2EAA2E,CAC5E,CAAC;SACH;QAED,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,eAAe,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAEnD,OAAO,EAAE,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,CAAC;IACrC,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,MAAM,QAAQ,GAAG;QACf,IAAI,EAAE,MAAM;QACZ,YAAY,EAAE,mBAAmB;KACjB,CAAC;IAEnB,wBAAwB,CACtB,eAAe,EACf,UAAU,EACV,QAAQ,EACR,eAAe,CAChB,CAAC;IAEF,OAAO,eAAe,CAAC,KAAK,EAAE,CAAC;AACjC,CAAC;AAED,SAAgB,KAAK,CACnB,WAAmB,EACnB,aAA4B,EAC5B,eAAiC;IAEjC,KAAK,CAAC,6DAA6D,CAAC,CAAC;IAErE,MAAM,MAAM,GAAG,UAAU,CAAC,WAAW,EAAE,aAAa,EAAE,eAAe,CAAC,CAAC;IACvE,OAAO,MAAM,CAAC;AAChB,CAAC;AATD,sBASC"}
+{"version":3,"file":"dotnet-core-v2-parser.js","sourceRoot":"","sources":["../../../lib/nuget-parser/parsers/dotnet-core-v2-parser.ts"],"names":[],"mappings":";;;AAAA,qCAAqC;AAErC,+CAAkD;AAElD,yCAA6E;AAE7E,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;AAYlC,oDAAoD;AACpD,MAAM,0BAA0B,GAAG,CAAC,SAAS,CAAC,CAAC;AAE/C,mHAAmH;AACnH,yHAAyH;AACzH,+GAA+G;AAC/G,iGAAiG;AACjG,0GAA0G;AAC1G,0DAA0D;AAC1D,6HAA6H;AAC7H,SAAS,oCAAoC,CAC3C,mBAAwC,EACxC,UAA+B;IAE/B,MAAM,SAAS,GAAG,mBAAmB,CAAC,SAAS,CAAC;IAChD,MAAM,QAAQ,GAAG,mBAAmB,CAAC,mBAAmB,CAAC;IACzD,MAAM,gBAAgB,GAAG,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACjD,KAAK,CACH,yDAAyD,gBAAgB,CAAC,IAAI,CAC5E,GAAG,CACJ,EAAE,CACJ,CAAC;IAEF,+EAA+E;IAC/E,0HAA0H;IAC1H,IAAI,QAAQ,IAAI,UAAU,EAAE;QAC1B,KAAK,CAAC,YAAY,QAAQ,iCAAiC,CAAC,CAAC;QAC7D,OAAO,QAAQ,CAAC;KACjB;IAED,8GAA8G;IAC9G,IAAI,SAAS,IAAI,UAAU,EAAE;QAC3B,KAAK,CAAC,YAAY,SAAS,iCAAiC,CAAC,CAAC;QAC9D,OAAO,SAAS,CAAC;KAClB;IAED,MAAM,IAAI,gCAAuB,CAC/B,mDAAmD,mBAAmB,CAAC,SAAS,gDAAgD,gBAAgB,EAAE,CACnJ,CAAC;AACJ,CAAC;AAED,SAAS,wBAAwB,CAC/B,eAAgC,EAChC,UAAyC,EACzC,IAAmB,EACnB,eAAiC,EACjC,OAAqB;IAErB,MAAM,QAAQ,GACZ,IAAI,CAAC,IAAI,KAAK,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;IAEtE,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,IAAI,EAAE,CAAC,EAAE;QAC7D,MAAM,YAAY,GAAG,OAAO,IAAI,IAAI,GAAG,EAAU,CAAC;QAClD,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QACxB,MAAM,OAAO,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QAE3B,MAAM,SAAS,GAAG;YAChB,GAAG,UAAU,CAAC,GAAG,IAAI,IAAI,OAAO,EAAE,CAAC;YACnC,IAAI;YACJ,OAAO;SACR,CAAC;QAEF,MAAM,OAAO,GAAG,GAAG,SAAS,CAAC,IAAI,IAAI,SAAS,CAAC,OAAO,EAAE,CAAC;QAEzD,4GAA4G;QAC5G,0FAA0F;QAC1F,IAAI,eAAe,GAAG,OAAO,CAAC;QAC9B,4GAA4G;QAC5G,sGAAsG;QACtG,MAAM,GAAG,GAAG,GAAG,IAAI,MAAM,CAAC;QAC1B,IAAI,GAAG,IAAI,eAAe,EAAE;YAC1B,eAAe,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;SACxC;QAED,IAAI,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE;YAC7B,MAAM,QAAQ,GAAG,GAAG,OAAO,SAAS,CAAC;YACrC,eAAe,CAAC,UAAU,CACxB,EAAE,IAAI,EAAE,SAAS,CAAC,IAAI,EAAE,OAAO,EAAE,eAAe,EAAE,EAClD,QAAQ,EACR;gBACE,MAAM,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE;aAC3B,CACF,CAAC;YACF,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;YAC/C,SAAS;SACV;QAED,eAAe,CAAC,UAAU,CACxB,EAAE,IAAI,EAAE,SAAS,CAAC,IAAI,EAAE,OAAO,EAAE,eAAe,EAAE,EAClD,OAAO,CACR,CAAC;QACF,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC9C,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAE1B,wBAAwB,CACtB,eAAe,EACf,UAAU,EACV,SAAS,EACT,eAAe,EACf,YAAY,CACb,CAAC;KACH;AACH,CAAC;AAED,SAAS,UAAU,CACjB,WAAmB,EACnB,aAA4B,EAC5B,eAAiC,EACjC,mBAAwC;IAExC,MAAM,eAAe,GAAG,IAAI,2BAAe,CACzC,EAAE,IAAI,EAAE,OAAO,EAAE,EACjB;QACE,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,aAAa,CAAC,OAAO,CAAC,OAAO;KACvC,CACF,CAAC;IAEF,IAAI,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,MAAM,IAAI,CAAC,EAAE;QAC7D,MAAM,IAAI,6BAAoB,CAC5B,8HAA8H,CAC/H,CAAC;KACH;IAED,4GAA4G;IAC5G,MAAM,iBAAiB,GAAG,oCAAoC,CAC5D,mBAAmB,EACnB,aAAa,CAAC,OAAO,CAAC,UAAU,CACjC,CAAC;IAEF,qFAAqF;IACrF,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAC9B,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,iBAAiB,CAAC,CAAC,YAAY,CACjE,CAAC;IAEF,gHAAgH;IAChH,wHAAwH;IACxH,IAAI,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,MAAM,IAAI,CAAC,EAAE;QAClD,MAAM,IAAI,6BAAoB,CAC5B,qHAAqH,CACtH,CAAC;KACH;IAED,uFAAuF;IACvF,uGAAuG;IACvG,0EAA0E;IAC1E,MAAM,qBAAqB,GAAG,oCAAoC,CAChE,mBAAmB,EACnB,aAAa,CAAC,OAAO,CACtB,CAAC;IACF,MAAM,2BAA2B,GAC/B,aAAa,CAAC,OAAO,CAAC,qBAAqB,CAAC,CAAC;IAE/C,mHAAmH;IACnH,MAAM,UAAU,GAAkC,MAAM,CAAC,OAAO,CAC9D,2BAA2B,CAC5B,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE;QACtB,MAAM,CAAC,eAAe,EAAE,GAAG,CAAC,GAAG,KAAK,CAAC;QAErC,uHAAuH;QACvH,IACE,0BAA0B,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CACzC,eAAe,CAAC,UAAU,CAAC,MAAM,CAAC,CACnC,EACD;YACA,OAAO,GAAG,CAAC;SACZ;QAED,OAAO,EAAE,GAAG,GAAG,EAAE,CAAC,eAAe,CAAC,EAAE,GAAG,EAAE,CAAC;IAC5C,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,MAAM,mBAAmB,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,eAAe,EAAE,EAAE;QACvE,MAAM,eAAe,GAAG,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CACjE,SAAS,CAAC,UAAU,CAAC,eAAe,CAAC,CACtC,CAAC;QACF,IAAI,CAAC,eAAe,EAAE;YACpB,MAAM,IAAI,6BAAoB,CAC5B,2EAA2E,CAC5E,CAAC;SACH;QAED,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,eAAe,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAEnD,OAAO,EAAE,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,CAAC;IACrC,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,MAAM,QAAQ,GAAG;QACf,IAAI,EAAE,MAAM;QACZ,YAAY,EAAE,mBAAmB;KACjB,CAAC;IAEnB,wBAAwB,CACtB,eAAe,EACf,UAAU,EACV,QAAQ,EACR,eAAe,CAChB,CAAC;IAEF,OAAO,eAAe,CAAC,KAAK,EAAE,CAAC;AACjC,CAAC;AAED,SAAgB,KAAK,CACnB,WAAmB,EACnB,aAA4B,EAC5B,eAAiC,EACjC,mBAAwC;IAExC,KAAK,CAAC,6DAA6D,CAAC,CAAC;IAErE,MAAM,MAAM,GAAG,UAAU,CACvB,WAAW,EACX,aAAa,EACb,eAAe,EACf,mBAAmB,CACpB,CAAC;IACF,OAAO,MAAM,CAAC;AAChB,CAAC;AAfD,sBAeC"}

package/dist/nuget-parser/parsers/dotnet-framework-parser.d.ts

@@ -0,0 +1,8 @@
+import { Dependency } from '../types';
+export declare function cloneShallow(dep: Dependency): Dependency;
+export declare function fromFolderName(folderName: any): {
+    dependencies: {};
+    name: any;
+    version: string;
+};
+export declare function parse(tree: any, manifest: any, targetFramework: any, packagesFolder: any): Promise<any>;

package/dist/nuget-parser/parsers/nuspec-parser.d.ts

@@ -0,0 +1,3 @@
+import { DependencyInfo, DependencyTree, TargetFramework } from '../types';
+export declare function parse(nuspecContent: string, targetFramework: TargetFramework, depName: string): Promise<DependencyTree>;
+export declare function parseNuspec(dep: DependencyInfo, targetFramework: TargetFramework): Promise<DependencyTree | null>;

package/dist/nuget-parser/parsers/packages-config-parser.d.ts

@@ -0,0 +1,8 @@
+import { Dependency, TargetFramework } from '../types';
+export declare function fromPackagesConfigEntry(manifest: any): {
+    dependencies: {};
+    name: any;
+    version: any;
+};
+export declare function parse(fileContent: any): Dependency[];
+export declare function getMinimumTargetFramework(fileContent: string): Promise<TargetFramework | undefined>;

package/dist/nuget-parser/parsers/project-json-parser.d.ts

@@ -0,0 +1,2 @@
+import { Dependency } from '../types';
+export declare function parse(fileContent: any, tree: any): Dependency[];

package/dist/nuget-parser/runtime-assembly.d.ts

@@ -0,0 +1,3 @@
+import { AssemblyVersions } from './types';
+export declare function isSupported(targetFramework: string): boolean;
+export declare function generateRuntimeAssemblies(filePath: string): AssemblyVersions;

package/dist/nuget-parser/types.d.ts

@@ -0,0 +1,65 @@
+export interface TargetFramework {
+    framework: string;
+    original: string;
+    version: string;
+}
+export interface TargetFrameworkInfo {
+    Framework: string;
+    Version: string;
+    Platform: string;
+    PlatformVersion: string;
+    HasPlatform: boolean;
+    HasProfile: boolean;
+    Profile: string;
+    DotNetFrameworkName: string;
+    DotNetPlatformName: string;
+    IsPCL: boolean;
+    IsPackageBased: boolean;
+    AllFrameworkVersions: boolean;
+    IsUnsupported: boolean;
+    IsAgnostic: boolean;
+    IsAny: boolean;
+    IsSpecificFramework: boolean;
+    ShortName: string;
+}
+export interface Dependency {
+    name: string;
+    version: string;
+    dependencies?: any;
+}
+export interface DependencyInfo {
+    name: string;
+    path: string;
+    version: string;
+}
+export interface DependencyTree {
+    name: string;
+    children: Dependency[];
+}
+export declare enum ManifestType {
+    PROJECT_JSON = "project.json",
+    DOTNET_CORE = "dotnet-core",
+    PACKAGES_CONFIG = "packages.config",
+    PAKET = "paket"
+}
+interface Project {
+    version: string;
+    restore: Record<string, any>;
+    frameworks: Record<string, any>;
+    runtimeIdentifierGraphPath: string;
+}
+export interface ProjectAssets {
+    version: number;
+    targets: Record<string, any>;
+    libraries: Record<string, any>;
+    projectFileDependencyGroups: Record<string, any>;
+    packageFolders: Record<string, any>;
+    project: Project;
+}
+export type AssemblyVersions = Record<string, string>;
+export type RuntimeAssemblyVersions = Record<string, AssemblyVersions>;
+export interface DotNetFile {
+    name: string;
+    contents: string;
+}
+export {};

package/dist/nuget-parser/types.js.map

@@ -1 +1 @@
-{"version":3,"file":"types.js","sourceRoot":"","sources":["../../lib/nuget-parser/types.ts"],"names":[],"mappings":";;;AAuBA,IAAY,YAKX;AALD,WAAY,YAAY;IACtB,6CAA6B,CAAA;IAC7B,2CAA2B,CAAA;IAC3B,mDAAmC,CAAA;IACnC,+BAAe,CAAA;AACjB,CAAC,EALW,YAAY,4BAAZ,YAAY,QAKvB"}
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../lib/nuget-parser/types.ts"],"names":[],"mappings":";;;AA+CA,IAAY,YAKX;AALD,WAAY,YAAY;IACtB,6CAA6B,CAAA;IAC7B,2CAA2B,CAAA;IAC3B,mDAAmC,CAAA;IACnC,+BAAe,CAAA;AACjB,CAAC,EALW,YAAY,4BAAZ,YAAY,QAKvB"}

package/package.json

@@ -7,7 +7,7 @@
     "test": "npm run test:unit",
     "test:unit": "jest --coverage --runInBand",
     "lint": "npm run lint:prettier && npm run lint:eslint",
-    "lint:eslint": "eslint . --ext .ts",
+    "lint:eslint": "eslint -c .eslintrc '{lib,test}/**/*.ts'",
     "lint:prettier": "prettier --check '{lib,test}/**/*.{ts,csproj,json}' --log-level 'warn'",
     "lint:fix": "prettier --write '{lib,test}/**/*.{ts,csproj,json}' && eslint -c .eslintrc --fix '{lib,test}/**/*.ts'",
     "build": "tsc",
@@ -42,6 +42,7 @@
     "dotnet-deps-parser": "5.3.0",
     "jszip": "3.10.1",
     "lodash": "^4.17.21",
+    "node-cache": "^5.1.2",
     "snyk-paket-parser": "1.6.0",
     "tslib": "^2.6.1",
     "xml2js": "^0.6.2"
@@ -57,5 +58,5 @@
     "ts-jest": "^29.1.1",
     "typescript": "^5.1.6"
   },
-  "version": "1.36.0"
+  "version": "1.38.0"
 }