snyk-nuget-plugin 1.37.0 → 1.38.0

package/dist/errors/big-tree-error.d.ts

@@ -0,0 +1,5 @@
+export declare class BigTreeError extends Error {
+    code: number;
+    name: string;
+    constructor(...args: any[]);
+}

package/dist/errors/cli-command-error.d.ts

@@ -0,0 +1,5 @@
+export declare class CliCommandError extends Error {
+    code: number;
+    name: string;
+    constructor(...args: any[]);
+}

package/dist/errors/file-not-found-error.d.ts

@@ -0,0 +1,5 @@
+export declare class FileNotFoundError extends Error {
+    code: number;
+    name: string;
+    constructor(...args: any[]);
+}

package/dist/errors/file-not-processable-error.d.ts

@@ -0,0 +1,5 @@
+export declare class FileNotProcessableError extends Error {
+    code: number;
+    name: string;
+    constructor(...args: any[]);
+}

package/dist/errors/index.d.ts

@@ -0,0 +1,6 @@
+export { BigTreeError } from './big-tree-error';
+export { CliCommandError } from './cli-command-error';
+export { FileNotFoundError } from './file-not-found-error';
+export { FileNotProcessableError } from './file-not-processable-error';
+export { InvalidManifestError } from './invalid-manifest-error';
+export { InvalidTargetFile } from './invalid-target-file';

package/dist/errors/invalid-folder-format-error.d.ts

@@ -0,0 +1,5 @@
+export declare class InvalidFolderFormatError extends Error {
+    code: number;
+    name: string;
+    constructor(...args: any[]);
+}

package/dist/errors/invalid-manifest-error.d.ts

@@ -0,0 +1,5 @@
+export declare class InvalidManifestError extends Error {
+    code: number;
+    name: string;
+    constructor(...args: any[]);
+}

package/dist/errors/invalid-target-file.d.ts

@@ -0,0 +1,5 @@
+export declare class InvalidTargetFile extends Error {
+    code: number;
+    name: string;
+    constructor(...args: any[]);
+}

package/dist/index.d.ts

@@ -0,0 +1,2 @@
+import { legacyPlugin as pluginApi } from '@snyk/cli-interface';
+export declare function inspect(root: any, targetFile: any, options?: any): Promise<pluginApi.InspectResult>;

package/dist/nuget-parser/cli/dotnet.d.ts

@@ -0,0 +1,4 @@
+export declare function validate(): Promise<void>;
+export declare function restore(projectPath: string): Promise<void>;
+export declare function run(projectPath: string, options: string[]): Promise<string>;
+export declare function publish(projectPath: string, targetFramework?: string): Promise<string>;

package/dist/nuget-parser/cli/subprocess.d.ts

@@ -0,0 +1,12 @@
+interface ProcessOptions {
+    cwd?: string;
+    env?: {
+        [name: string]: string;
+    };
+}
+export interface ExecResult {
+    stdout: string;
+    stderr: string;
+}
+export declare function execute(command: string, args: string[], options?: ProcessOptions): Promise<ExecResult>;
+export {};

package/dist/nuget-parser/csharp/generator.d.ts

@@ -0,0 +1,3 @@
+import * as types from '../types';
+export declare function generate(tempDirNameSpace: string, files: types.DotNetFile[]): string;
+export declare function tearDown(dirs: string[]): void;

package/dist/nuget-parser/csharp/generator.js

@@ -0,0 +1,66 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.tearDown = exports.generate = void 0;
+const path = require("path");
+const fs = require("fs");
+const os = require("os");
+const debugModule = require("debug");
+const NodeCache = require("node-cache");
+const crypto = require("crypto");
+const debug = debugModule('snyk');
+const cache = new NodeCache();
+// Use a simple, fast and not secure hashing algorithm just to ensure we don't return the same cached location for
+// different types of files. This is mostly to speed up performance of tests, but in theory will also affect customers
+// when scanning for multiple TargetFrameworks.
+function generateCacheKey(files) {
+    const hash = crypto.createHash('sha256');
+    files
+        .map((f) => f.contents)
+        .forEach((content) => {
+        hash.update(content);
+    });
+    return hash.digest('hex');
+}
+// Importing .NET code from Typescript is not trivial and a bit lose cannon programming. However, we also want to keep
+// this project dependent on as few packages as possible, so instead of opting into some "run .NET in Typescript" package,
+// we do the simplest, which is this. Makes C# debugging a bit harder, but it's a compromise.
+// Further, we also utilize this for our test fixtures. Running tests in parallel can cause race conditions for fixtures
+// at-rest, if two tests are `dotnet publish`'ing to the same fixture folder. So we supply a generator for populating
+// fixtures in temporary folders to keep the test stateless while ensuring parallelization.
+function generate(tempDirNameSpace, files) {
+    const key = generateCacheKey(files);
+    const cached = cache.get(key);
+    if (cached) {
+        return cached;
+    }
+    const tempDir = fs.mkdtempSync(path.join(os.tmpdir(), `snyk-nuget-plugin-test-${tempDirNameSpace}-`));
+    let tempFilePath;
+    files.forEach((file) => {
+        tempFilePath = path.join(tempDir, file.name);
+        fs.writeFileSync(tempFilePath, file.contents);
+    });
+    debug(`Generated temporary CS files (${files
+        .map((f) => f.name)
+        .join(',')}) in ${tempDir}`);
+    cache.set(key, tempDir);
+    return tempDir;
+}
+exports.generate = generate;
+function tearDown(dirs) {
+    debug(`Attempting to delete temporary CS files in ${dirs.join(',')}`);
+    for (const dir of dirs) {
+        if (!dir) {
+            // No tempDir to tear down. Assuming the test failed somewhere.
+            // Jest won't throw an error anyway if the operation fails.
+            return;
+        }
+        try {
+            fs.rmSync(dir, { recursive: true });
+        }
+        catch (error) {
+            // Ignore it, test was tearing down anyway, and it seems Windows boxes especially don't like this.
+        }
+    }
+}
+exports.tearDown = tearDown;
+//# sourceMappingURL=generator.js.map

package/dist/nuget-parser/csharp/generator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"generator.js","sourceRoot":"","sources":["../../../lib/nuget-parser/csharp/generator.ts"],"names":[],"mappings":";;;AAAA,6BAA6B;AAC7B,yBAAyB;AACzB,yBAAyB;AAEzB,qCAAqC;AACrC,wCAAwC;AACxC,iCAAiC;AAEjC,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;AAElC,MAAM,KAAK,GAAG,IAAI,SAAS,EAAE,CAAC;AAE9B,kHAAkH;AAClH,sHAAsH;AACtH,+CAA+C;AAC/C,SAAS,gBAAgB,CAAC,KAAyB;IACjD,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;IACzC,KAAK;SACF,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC;SACtB,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QACnB,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACvB,CAAC,CAAC,CAAC;IACL,OAAO,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AAC5B,CAAC;AAED,sHAAsH;AACtH,0HAA0H;AAC1H,6FAA6F;AAC7F,wHAAwH;AACxH,qHAAqH;AACrH,2FAA2F;AAC3F,SAAgB,QAAQ,CACtB,gBAAwB,EACxB,KAAyB;IAEzB,MAAM,GAAG,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;IACpC,MAAM,MAAM,GAAuB,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAClD,IAAI,MAAM,EAAE;QACV,OAAO,MAAM,CAAC;KACf;IAED,MAAM,OAAO,GAAG,EAAE,CAAC,WAAW,CAC5B,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,0BAA0B,gBAAgB,GAAG,CAAC,CACtE,CAAC;IAEF,IAAI,YAAoB,CAAC;IACzB,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE;QACrB,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;QAC7C,EAAE,CAAC,aAAa,CAAC,YAAY,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;IAChD,CAAC,CAAC,CAAC;IAEH,KAAK,CACH,iCAAiC,KAAK;SACnC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;SAClB,IAAI,CAAC,GAAG,CAAC,QAAQ,OAAO,EAAE,CAC9B,CAAC;IAEF,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;IACxB,OAAO,OAAO,CAAC;AACjB,CAAC;AA5BD,4BA4BC;AAED,SAAgB,QAAQ,CAAC,IAAc;IACrC,KAAK,CAAC,8CAA8C,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAEtE,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE;QACtB,IAAI,CAAC,GAAG,EAAE;YACR,+DAA+D;YAC/D,2DAA2D;YAC3D,OAAO;SACR;QAED,IAAI;YACF,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;SACrC;QAAC,OAAO,KAAc,EAAE;YACvB,kGAAkG;SACnG;KACF;AACH,CAAC;AAhBD,4BAgBC"}

package/dist/nuget-parser/csharp/nugetframeworks_parser.d.ts

@@ -0,0 +1 @@
+export declare function generate(): string;

package/dist/nuget-parser/csharp/nugetframeworks_parser.js

@@ -0,0 +1,85 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.generate = void 0;
+const generator = require("./generator");
+function generate() {
+    const files = [
+        {
+            name: 'Parse.csproj',
+            contents: `
+<Project Sdk='Microsoft.NET.Sdk'>
+  <PropertyGroup>
+    <OutputType>Exe</OutputType>
+    <TargetFramework>net7.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+    <RootNamespace>ShortNameToLongName</RootNamespace>
+    <GenerateRuntimeConfigurationFiles>true</GenerateRuntimeConfigurationFiles>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include='Newtonsoft.Json' Version='13.0.3' />
+    <PackageReference Include='NuGet.Frameworks' Version='6.7.0' />
+  </ItemGroup>
+</Project>
+`,
+        },
+        {
+            name: 'Program.cs',
+            contents: `
+using NuGet.Frameworks;
+using Newtonsoft.Json;
+
+namespace ShortNameToLongName;
+
+class Program
+{
+    static void Main(string[] args)
+    {
+        if (args.Length < 1)
+        {
+            Console.WriteLine("Usage: dotnet run <shortTargetFramework>");
+            return;
+        }
+
+        string shortName = args[0];
+
+        try
+        {
+            NuGetFramework framework = NuGetFramework.Parse(shortName);
+            string json = JsonConvert.SerializeObject(new
+            {
+                framework.Framework,
+                framework.Version,
+                framework.Platform,
+                framework.PlatformVersion,
+                framework.HasPlatform,
+                framework.HasProfile,
+                framework.Profile,
+                framework.DotNetFrameworkName,
+                framework.DotNetPlatformName,
+                framework.IsPCL,
+                framework.IsPackageBased,
+                framework.AllFrameworkVersions,
+                framework.IsUnsupported,
+                framework.IsAgnostic,
+                framework.IsAny,
+                framework.IsSpecificFramework,
+                ShortName = shortName
+            }, Formatting.None);
+            Console.Write(json);
+        }
+        catch (Exception ex)
+        {
+            Console.WriteLine($"Error: {ex.Message}");
+        }
+    }
+}
+`,
+        },
+    ];
+    const tempDir = generator.generate('csharp', files);
+    return tempDir;
+}
+exports.generate = generate;
+//# sourceMappingURL=nugetframeworks_parser.js.map

package/dist/nuget-parser/csharp/nugetframeworks_parser.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"nugetframeworks_parser.js","sourceRoot":"","sources":["../../../lib/nuget-parser/csharp/nugetframeworks_parser.ts"],"names":[],"mappings":";;;AACA,yCAAyC;AAEzC,SAAgB,QAAQ;IACtB,MAAM,KAAK,GAAuB;QAChC;YACE,IAAI,EAAE,cAAc;YACpB,QAAQ,EAAE;;;;;;;;;;;;;;;;CAgBf;SACI;QACD;YACE,IAAI,EAAE,YAAY;YAClB,QAAQ,EAAE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAiDf;SACI;KACF,CAAC;IAEF,MAAM,OAAO,GAAG,SAAS,CAAC,QAAQ,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;IACpD,OAAO,OAAO,CAAC;AACjB,CAAC;AA/ED,4BA+EC"}

package/dist/nuget-parser/framework.d.ts

@@ -0,0 +1,2 @@
+import { TargetFramework } from './types';
+export declare function toReadableFramework(targetFramework: string): TargetFramework | undefined;

package/dist/nuget-parser/index.d.ts

@@ -0,0 +1,7 @@
+import { ManifestType } from './types';
+import * as depGraphLib from '@snyk/dep-graph';
+export declare function buildDepGraphFromFiles(root: string | undefined, targetFile: string | undefined, manifestType: ManifestType, useProjectNameFromAssetsFile: boolean, projectNamePrefix?: string, targetFramework?: string): Promise<{
+    dependencyGraph: depGraphLib.DepGraph;
+    targetFramework: string | undefined;
+}>;
+export declare function buildDepTreeFromFiles(root: string | undefined, targetFile: string | undefined, packagesFolderPath: string | undefined, manifestType: ManifestType, useProjectNameFromAssetsFile: boolean, projectNamePrefix?: string): Promise<any>;

package/dist/nuget-parser/index.js

@@ -13,6 +13,7 @@ const packagesConfigParser = require("./parsers/packages-config-parser");
 const errors_1 = require("../errors");
 const types_1 = require("./types");
 const dotnet = require("./cli/dotnet");
+const nugetFrameworksParser = require("./csharp/nugetframeworks_parser");
 const runtimeAssembly = require("./runtime-assembly");
 const debug = debugModule('snyk');
 const PARSERS = {
@@ -109,7 +110,9 @@ Supply a targetFramework by using the \x1b[1m--target-framework\x1b[0m argument.
     const assemblyVersions = runtimeAssembly.generateRuntimeAssemblies(depsFile);
     // Parse the TargetFramework using Nuget.Frameworks itself, instead of trying to reinvent the wheel, thus ensuring
     // we have maximum context to use later when building the depGraph.
-    const response = await dotnet.run(path.resolve(__dirname, '../../lib/cs/NugetFrameworks/Parse/Parse.csproj'), [decidedTargetFramework]);
+    const location = nugetFrameworksParser.generate();
+    await dotnet.restore(location);
+    const response = await dotnet.run(location, [decidedTargetFramework]);
     const targetFrameworkInfo = JSON.parse(response);
     if (targetFrameworkInfo.IsUnsupported) {
         throw new errors_1.InvalidManifestError(`dotnet was not able to parse the target framework ${decidedTargetFramework}, it was reported unsupported by the dotnet runtime`);

package/dist/nuget-parser/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../lib/nuget-parser/index.ts"],"names":[],"mappings":";;;AAAA,yBAAyB;AACzB,6BAA6B;AAC7B,wDAAwD;AACxD,qCAAqC;AACrC,iEAAiE;AACjE,sEAAsE;AACtE,2EAA2E;AAC3E,mEAAmE;AACnE,yEAAyE;AACzE,sCAA0E;AAC1E,mCAKiB;AAEjB,uCAAuC;AACvC,sDAAsD;AAEtD,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;AAElC,MAAM,OAAO,GAAG;IACd,aAAa,EAAE;QACb,SAAS,EAAE,gBAAgB;QAC3B,iBAAiB,EAAE,IAAI;KACxB;IACD,gBAAgB,EAAE;QAChB,SAAS,EAAE,kBAAkB;QAC7B,iBAAiB,EAAE,IAAI;KACxB;IACD,iBAAiB,EAAE;QACjB,SAAS,EAAE,qBAAqB;QAChC,iBAAiB,EAAE,oBAAoB;KACxC;IACD,cAAc,EAAE;QACd,SAAS,EAAE,qBAAqB;QAChC,iBAAiB,EAAE,iBAAiB;KACrC;CACF,CAAC;AAEF,SAAS,iBAAiB,CAAC,cAAc,EAAE,iBAAiB;IAC1D,IAAI,cAAc,EAAE;QAClB,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,cAAc,CAAC,CAAC;KACpD;IACD,OAAO,IAAI,CAAC,OAAO,CAAC,iBAAiB,EAAE,UAAU,CAAC,CAAC;AACrD,CAAC;AAED,SAAS,WAAW,CAClB,IAAa,EACb,iBAA0B,EAC1B,iBAA0B;IAE1B,MAAM,eAAe,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,iBAAiB,IAAI,EAAE,CAAC,CAAC;IACvE,IAAI,iBAAiB,EAAE;QACrB,OAAO,iBAAiB,GAAG,eAAe,CAAC;KAC5C;IACD,OAAO,eAAe,CAAC;AACzB,CAAC;AAED,SAAS,eAAe,CAAC,eAAuB;IAC9C,IAAI;QACF,KAAK,CAAC,sBAAsB,eAAe,EAAE,CAAC,CAAC;QAC/C,OAAO,EAAE,CAAC,YAAY,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;KAClD;IAAC,OAAO,KAAc,EAAE;QACvB,MAAM,IAAI,gCAAuB,CAAC,KAAK,CAAC,CAAC;KAC1C;AACH,CAAC;AAEM,KAAK,UAAU,sBAAsB,CAC1C,IAAwB,EACxB,UAA8B,EAC9B,YAA0B,EAC1B,4BAAqC,EACrC,iBAA0B,EAC1B,eAAwB;;IAKxB,MAAM,QAAQ,GAAG,IAAI,IAAI,GAAG,CAAC;IAC7B,MAAM,cAAc,GAAG,UAAU,IAAI,GAAG,CAAC;IACzC,MAAM,eAAe,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;IAC/D,MAAM,WAAW,GAAG,eAAe,CAAC,eAAe,CAAC,CAAC;IACrD,MAAM,iBAAiB,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,QAAQ,CAAC,CAAC;IAElE,MAAM,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;IACzC,MAAM,QAAQ,GACZ,MAAM,MAAM,CAAC,iBAAiB,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;IAEpD,IAAI,CAAC,CAAA,MAAA,QAAQ,CAAC,OAAO,0CAAE,UAAU,CAAA,EAAE;QACjC,MAAM,IAAI,gCAAuB,CAC/B,0DAA0D,cAAc,qDAAqD,CAC9H,CAAC;KACH;IAED,MAAM,gBAAgB,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAClE,IAAI,gBAAgB,CAAC,MAAM,IAAI,CAAC,EAAE;QAChC,MAAM,IAAI,gCAAuB,CAC/B,0CAA0C,iBAAiB,qDAAqD,CACjH,CAAC;KACH;IAED,IAAI,eAAe,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,eAAe,CAAC,EAAE;QAClE,OAAO,CAAC,GAAG,CAAC,6DAA6D,eAAe;gEAC5B,gBAAgB,CAAC,IAAI,CAC/E,GAAG,CACJ;6EACwE,CAAC,CAAC;KAC5E;IAED,IAAI,mBAAmB,GAAG,WAAW,CACnC,IAAI,EACJ,iBAAiB,EACjB,iBAAiB,CAClB,CAAC;IAEF,MAAM,2BAA2B,GAAG,MAAA,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,OAAO,0CAAE,OAAO,0CAAE,WAAW,CAAC;IAC5E,IACE,YAAY,KAAK,oBAAY,CAAC,WAAW;QACzC,4BAA4B,EAC5B;QACA,IAAI,2BAA2B,EAAE;YAC/B,mBAAmB,GAAG,2BAA2B,CAAC;SACnD;aAAM;YACL,KAAK,CACH,4FAA4F,mBAAmB,EAAE,CAClH,CAAC;SACH;KACF;IAED,qDAAqD;IACrD,IAAI,sBAA8B,CAAC;IACnC,IAAI,CAAC,eAAe,EAAE;QACpB,OAAO,CAAC,GAAG,CAAC,kGAAkG,gBAAgB,CAAC,CAAC,CAAC;iFACpD,CAAC,CAAC;QAC/E,sBAAsB,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC;KAC9C;SAAM;QACL,sBAAsB,GAAG,eAAe,CAAC;KAC1C;IAED,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC,sBAAsB,CAAC,EAAE;QACxD,MAAM,IAAI,gCAAuB,CAC/B,+LAA+L,sBAAsB,GAAG,CACzN,CAAC;KACH;IAED,6DAA6D;IAC7D,MAAM,MAAM,CAAC,QAAQ,EAAE,CAAC;IAExB,0HAA0H;IAC1H,MAAM,UAAU,GAAG,MAAM,MAAM,CAAC,OAAO,CACrC,iBAAiB,EACjB,sBAAsB,CACvB,CAAC;IACF,gFAAgF;IAChF,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAC3B,UAAU,EACV,GAAG,2BAA2B,YAAY,CAC3C,CAAC;IACF,MAAM,gBAAgB,GAAG,eAAe,CAAC,yBAAyB,CAAC,QAAQ,CAAC,CAAC;IAE7E,kHAAkH;IAClH,mEAAmE;IACnE,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,GAAG,CAC/B,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,iDAAiD,CAAC,EAC1E,CAAC,sBAAsB,CAAC,CACzB,CAAC;IACF,MAAM,mBAAmB,GAAwB,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;IACtE,IAAI,mBAAmB,CAAC,aAAa,EAAE;QACrC,MAAM,IAAI,6BAAoB,CAC5B,qDAAqD,sBAAsB,qDAAqD,CACjI,CAAC;KACH;IAED,MAAM,QAAQ,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,CACrC,mBAAmB,EACnB,QAAQ,EACR,gBAAgB,EAChB,mBAAmB,CACpB,CAAC;IACF,OAAO;QACL,eAAe,EAAE,QAAQ;QACzB,eAAe,EAAE,sBAAsB;KACxC,CAAC;AACJ,CAAC;AApHD,wDAoHC;AAEM,KAAK,UAAU,qBAAqB,CACzC,IAAwB,EACxB,UAA8B,EAC9B,kBAAsC,EACtC,YAA0B,EAC1B,4BAAqC,EACrC,iBAA0B;;IAE1B,MAAM,QAAQ,GAAG,IAAI,IAAI,GAAG,CAAC;IAC7B,MAAM,cAAc,GAAG,UAAU,IAAI,GAAG,CAAC;IACzC,MAAM,eAAe,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;IAC/D,MAAM,WAAW,GAAG,eAAe,CAAC,eAAe,CAAC,CAAC;IACrD,MAAM,iBAAiB,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,QAAQ,CAAC,CAAC;IAClE,MAAM,cAAc,GAAG,iBAAiB,CACtC,kBAAkB,EAClB,iBAAiB,CAClB,CAAC;IAEF,MAAM,IAAI,GAAG;QACX,YAAY,EAAE,EAAE;QAChB,IAAI,EAAE,EAAE;QACR,IAAI,EAAE,WAAW,CAAC,IAAI,EAAE,iBAAiB,EAAE,iBAAiB,CAAC;QAC7D,oBAAoB,EAAE,aAAa;QACnC,OAAO,EAAE,OAAO;KACjB,CAAC;IAEF,IAAI,gBAAmC,CAAC;IACxC,IAAI;QACF,IAAI,YAAY,KAAK,oBAAY,CAAC,WAAW,EAAE;YAC7C,gBAAgB;gBACd,YAAY,CAAC,+BAA+B,CAAC,iBAAiB,CAAC,CAAC;SACnE;aAAM;YACL,sEAAsE;YACtE,MAAM,0BAA0B,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,KAAK,CAAC,CAAC;YACxE,gBAAgB,GAAG,YAAY,CAAC,+BAA+B,CAC7D,0BAA0B,CAC3B,CAAC;YAEF,+FAA+F;YAC/F,IAAI,gBAAgB,CAAC,MAAM,IAAI,CAAC,EAAE;gBAChC,+CAA+C;gBAC/C,IAAI,YAAY,KAAK,oBAAY,CAAC,eAAe,EAAE;oBACjD,MAAM,sBAAsB,GAC1B,MAAM,oBAAoB,CAAC,yBAAyB,CAAC,WAAW,CAAC,CAAC;oBACpE,IAAI,sBAAsB,EAAE;wBAC1B,gBAAgB,GAAG,CAAC,sBAAsB,CAAC,CAAC;qBAC7C;iBACF;aACF;SACF;KACF;IAAC,OAAO,KAAc,EAAE;QACvB,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;KAC9B;IAED,2DAA2D;IAC3D,MAAM,eAAe,GACnB,gBAAgB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;IACzE,IAAI,CAAC,IAAI,GAAG;QACV,eAAe,EAAE,eAAe;KACjC,CAAC;IAEF,MAAM,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACrC,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,KAAK,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;IAEzE,IACE,YAAY,KAAK,oBAAY,CAAC,WAAW;QACzC,4BAA4B,EAC5B;QACA,MAAM,WAAW,GAAG,MAAA,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,OAAO,0CAAE,OAAO,0CAAE,WAAW,CAAC;QAE5D,IAAI,WAAW,EAAE;YACf,IAAI,CAAC,IAAI,GAAG,WAAW,CAAC;SACzB;aAAM;YACL,KAAK,CACH,2FAA2F;gBACzF,IAAI,CAAC,IAAI,CACZ,CAAC;SACH;KACF;IAED,OAAO,MAAM,CAAC,SAAS,CAAC,KAAK,CAC3B,IAAI,EACJ,QAAQ,EACR,eAAe,EACf,cAAc,CACf,CAAC;AACJ,CAAC;AAtFD,sDAsFC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../lib/nuget-parser/index.ts"],"names":[],"mappings":";;;AAAA,yBAAyB;AACzB,6BAA6B;AAC7B,wDAAwD;AACxD,qCAAqC;AACrC,iEAAiE;AACjE,sEAAsE;AACtE,2EAA2E;AAC3E,mEAAmE;AACnE,yEAAyE;AACzE,sCAA0E;AAC1E,mCAKiB;AAEjB,uCAAuC;AACvC,yEAAyE;AACzE,sDAAsD;AAEtD,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;AAElC,MAAM,OAAO,GAAG;IACd,aAAa,EAAE;QACb,SAAS,EAAE,gBAAgB;QAC3B,iBAAiB,EAAE,IAAI;KACxB;IACD,gBAAgB,EAAE;QAChB,SAAS,EAAE,kBAAkB;QAC7B,iBAAiB,EAAE,IAAI;KACxB;IACD,iBAAiB,EAAE;QACjB,SAAS,EAAE,qBAAqB;QAChC,iBAAiB,EAAE,oBAAoB;KACxC;IACD,cAAc,EAAE;QACd,SAAS,EAAE,qBAAqB;QAChC,iBAAiB,EAAE,iBAAiB;KACrC;CACF,CAAC;AAEF,SAAS,iBAAiB,CAAC,cAAc,EAAE,iBAAiB;IAC1D,IAAI,cAAc,EAAE;QAClB,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,cAAc,CAAC,CAAC;KACpD;IACD,OAAO,IAAI,CAAC,OAAO,CAAC,iBAAiB,EAAE,UAAU,CAAC,CAAC;AACrD,CAAC;AAED,SAAS,WAAW,CAClB,IAAa,EACb,iBAA0B,EAC1B,iBAA0B;IAE1B,MAAM,eAAe,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,iBAAiB,IAAI,EAAE,CAAC,CAAC;IACvE,IAAI,iBAAiB,EAAE;QACrB,OAAO,iBAAiB,GAAG,eAAe,CAAC;KAC5C;IACD,OAAO,eAAe,CAAC;AACzB,CAAC;AAED,SAAS,eAAe,CAAC,eAAuB;IAC9C,IAAI;QACF,KAAK,CAAC,sBAAsB,eAAe,EAAE,CAAC,CAAC;QAC/C,OAAO,EAAE,CAAC,YAAY,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;KAClD;IAAC,OAAO,KAAc,EAAE;QACvB,MAAM,IAAI,gCAAuB,CAAC,KAAK,CAAC,CAAC;KAC1C;AACH,CAAC;AAEM,KAAK,UAAU,sBAAsB,CAC1C,IAAwB,EACxB,UAA8B,EAC9B,YAA0B,EAC1B,4BAAqC,EACrC,iBAA0B,EAC1B,eAAwB;;IAKxB,MAAM,QAAQ,GAAG,IAAI,IAAI,GAAG,CAAC;IAC7B,MAAM,cAAc,GAAG,UAAU,IAAI,GAAG,CAAC;IACzC,MAAM,eAAe,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;IAC/D,MAAM,WAAW,GAAG,eAAe,CAAC,eAAe,CAAC,CAAC;IACrD,MAAM,iBAAiB,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,QAAQ,CAAC,CAAC;IAElE,MAAM,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;IACzC,MAAM,QAAQ,GACZ,MAAM,MAAM,CAAC,iBAAiB,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;IAEpD,IAAI,CAAC,CAAA,MAAA,QAAQ,CAAC,OAAO,0CAAE,UAAU,CAAA,EAAE;QACjC,MAAM,IAAI,gCAAuB,CAC/B,0DAA0D,cAAc,qDAAqD,CAC9H,CAAC;KACH;IAED,MAAM,gBAAgB,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAClE,IAAI,gBAAgB,CAAC,MAAM,IAAI,CAAC,EAAE;QAChC,MAAM,IAAI,gCAAuB,CAC/B,0CAA0C,iBAAiB,qDAAqD,CACjH,CAAC;KACH;IAED,IAAI,eAAe,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,eAAe,CAAC,EAAE;QAClE,OAAO,CAAC,GAAG,CAAC,6DAA6D,eAAe;gEAC5B,gBAAgB,CAAC,IAAI,CAC/E,GAAG,CACJ;6EACwE,CAAC,CAAC;KAC5E;IAED,IAAI,mBAAmB,GAAG,WAAW,CACnC,IAAI,EACJ,iBAAiB,EACjB,iBAAiB,CAClB,CAAC;IAEF,MAAM,2BAA2B,GAAG,MAAA,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,OAAO,0CAAE,OAAO,0CAAE,WAAW,CAAC;IAC5E,IACE,YAAY,KAAK,oBAAY,CAAC,WAAW;QACzC,4BAA4B,EAC5B;QACA,IAAI,2BAA2B,EAAE;YAC/B,mBAAmB,GAAG,2BAA2B,CAAC;SACnD;aAAM;YACL,KAAK,CACH,4FAA4F,mBAAmB,EAAE,CAClH,CAAC;SACH;KACF;IAED,qDAAqD;IACrD,IAAI,sBAA8B,CAAC;IACnC,IAAI,CAAC,eAAe,EAAE;QACpB,OAAO,CAAC,GAAG,CAAC,kGAAkG,gBAAgB,CAAC,CAAC,CAAC;iFACpD,CAAC,CAAC;QAC/E,sBAAsB,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC;KAC9C;SAAM;QACL,sBAAsB,GAAG,eAAe,CAAC;KAC1C;IAED,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC,sBAAsB,CAAC,EAAE;QACxD,MAAM,IAAI,gCAAuB,CAC/B,+LAA+L,sBAAsB,GAAG,CACzN,CAAC;KACH;IAED,6DAA6D;IAC7D,MAAM,MAAM,CAAC,QAAQ,EAAE,CAAC;IAExB,0HAA0H;IAC1H,MAAM,UAAU,GAAG,MAAM,MAAM,CAAC,OAAO,CACrC,iBAAiB,EACjB,sBAAsB,CACvB,CAAC;IACF,gFAAgF;IAChF,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAC3B,UAAU,EACV,GAAG,2BAA2B,YAAY,CAC3C,CAAC;IACF,MAAM,gBAAgB,GAAG,eAAe,CAAC,yBAAyB,CAAC,QAAQ,CAAC,CAAC;IAE7E,kHAAkH;IAClH,mEAAmE;IACnE,MAAM,QAAQ,GAAG,qBAAqB,CAAC,QAAQ,EAAE,CAAC;IAClD,MAAM,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC/B,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,sBAAsB,CAAC,CAAC,CAAC;IACtE,MAAM,mBAAmB,GAAwB,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;IACtE,IAAI,mBAAmB,CAAC,aAAa,EAAE;QACrC,MAAM,IAAI,6BAAoB,CAC5B,qDAAqD,sBAAsB,qDAAqD,CACjI,CAAC;KACH;IAED,MAAM,QAAQ,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,CACrC,mBAAmB,EACnB,QAAQ,EACR,gBAAgB,EAChB,mBAAmB,CACpB,CAAC;IACF,OAAO;QACL,eAAe,EAAE,QAAQ;QACzB,eAAe,EAAE,sBAAsB;KACxC,CAAC;AACJ,CAAC;AAnHD,wDAmHC;AAEM,KAAK,UAAU,qBAAqB,CACzC,IAAwB,EACxB,UAA8B,EAC9B,kBAAsC,EACtC,YAA0B,EAC1B,4BAAqC,EACrC,iBAA0B;;IAE1B,MAAM,QAAQ,GAAG,IAAI,IAAI,GAAG,CAAC;IAC7B,MAAM,cAAc,GAAG,UAAU,IAAI,GAAG,CAAC;IACzC,MAAM,eAAe,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;IAC/D,MAAM,WAAW,GAAG,eAAe,CAAC,eAAe,CAAC,CAAC;IACrD,MAAM,iBAAiB,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,QAAQ,CAAC,CAAC;IAClE,MAAM,cAAc,GAAG,iBAAiB,CACtC,kBAAkB,EAClB,iBAAiB,CAClB,CAAC;IAEF,MAAM,IAAI,GAAG;QACX,YAAY,EAAE,EAAE;QAChB,IAAI,EAAE,EAAE;QACR,IAAI,EAAE,WAAW,CAAC,IAAI,EAAE,iBAAiB,EAAE,iBAAiB,CAAC;QAC7D,oBAAoB,EAAE,aAAa;QACnC,OAAO,EAAE,OAAO;KACjB,CAAC;IAEF,IAAI,gBAAmC,CAAC;IACxC,IAAI;QACF,IAAI,YAAY,KAAK,oBAAY,CAAC,WAAW,EAAE;YAC7C,gBAAgB;gBACd,YAAY,CAAC,+BAA+B,CAAC,iBAAiB,CAAC,CAAC;SACnE;aAAM;YACL,sEAAsE;YACtE,MAAM,0BAA0B,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,KAAK,CAAC,CAAC;YACxE,gBAAgB,GAAG,YAAY,CAAC,+BAA+B,CAC7D,0BAA0B,CAC3B,CAAC;YAEF,+FAA+F;YAC/F,IAAI,gBAAgB,CAAC,MAAM,IAAI,CAAC,EAAE;gBAChC,+CAA+C;gBAC/C,IAAI,YAAY,KAAK,oBAAY,CAAC,eAAe,EAAE;oBACjD,MAAM,sBAAsB,GAC1B,MAAM,oBAAoB,CAAC,yBAAyB,CAAC,WAAW,CAAC,CAAC;oBACpE,IAAI,sBAAsB,EAAE;wBAC1B,gBAAgB,GAAG,CAAC,sBAAsB,CAAC,CAAC;qBAC7C;iBACF;aACF;SACF;KACF;IAAC,OAAO,KAAc,EAAE;QACvB,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;KAC9B;IAED,2DAA2D;IAC3D,MAAM,eAAe,GACnB,gBAAgB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;IACzE,IAAI,CAAC,IAAI,GAAG;QACV,eAAe,EAAE,eAAe;KACjC,CAAC;IAEF,MAAM,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACrC,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,KAAK,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;IAEzE,IACE,YAAY,KAAK,oBAAY,CAAC,WAAW;QACzC,4BAA4B,EAC5B;QACA,MAAM,WAAW,GAAG,MAAA,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,OAAO,0CAAE,OAAO,0CAAE,WAAW,CAAC;QAE5D,IAAI,WAAW,EAAE;YACf,IAAI,CAAC,IAAI,GAAG,WAAW,CAAC;SACzB;aAAM;YACL,KAAK,CACH,2FAA2F;gBACzF,IAAI,CAAC,IAAI,CACZ,CAAC;SACH;KACF;IAED,OAAO,MAAM,CAAC,SAAS,CAAC,KAAK,CAC3B,IAAI,EACJ,QAAQ,EACR,eAAe,EACf,cAAc,CACf,CAAC;AACJ,CAAC;AAtFD,sDAsFC"}

package/dist/nuget-parser/parsers/csproj-parser.d.ts

@@ -0,0 +1,2 @@
+import { TargetFramework } from '../types';
+export declare function getTargetFrameworksFromProjFile(rootDir: string): TargetFramework[];

package/dist/nuget-parser/parsers/dotnet-core-parser.d.ts

@@ -0,0 +1 @@
+export declare function parse(tree: any, manifest: any): any;

package/dist/nuget-parser/parsers/dotnet-core-v2-parser.d.ts

@@ -0,0 +1,3 @@
+import * as depGraphLib from '@snyk/dep-graph';
+import { AssemblyVersions, ProjectAssets, TargetFrameworkInfo } from '../types';
+export declare function parse(projectName: string, projectAssets: ProjectAssets, runtimeAssembly: AssemblyVersions, targetFrameworkInfo: TargetFrameworkInfo): depGraphLib.DepGraph;

package/dist/nuget-parser/parsers/dotnet-framework-parser.d.ts

@@ -0,0 +1,8 @@
+import { Dependency } from '../types';
+export declare function cloneShallow(dep: Dependency): Dependency;
+export declare function fromFolderName(folderName: any): {
+    dependencies: {};
+    name: any;
+    version: string;
+};
+export declare function parse(tree: any, manifest: any, targetFramework: any, packagesFolder: any): Promise<any>;

package/dist/nuget-parser/parsers/nuspec-parser.d.ts

@@ -0,0 +1,3 @@
+import { DependencyInfo, DependencyTree, TargetFramework } from '../types';
+export declare function parse(nuspecContent: string, targetFramework: TargetFramework, depName: string): Promise<DependencyTree>;
+export declare function parseNuspec(dep: DependencyInfo, targetFramework: TargetFramework): Promise<DependencyTree | null>;

package/dist/nuget-parser/parsers/packages-config-parser.d.ts

@@ -0,0 +1,8 @@
+import { Dependency, TargetFramework } from '../types';
+export declare function fromPackagesConfigEntry(manifest: any): {
+    dependencies: {};
+    name: any;
+    version: any;
+};
+export declare function parse(fileContent: any): Dependency[];
+export declare function getMinimumTargetFramework(fileContent: string): Promise<TargetFramework | undefined>;

package/dist/nuget-parser/parsers/project-json-parser.d.ts

@@ -0,0 +1,2 @@
+import { Dependency } from '../types';
+export declare function parse(fileContent: any, tree: any): Dependency[];

package/dist/nuget-parser/runtime-assembly.d.ts

@@ -0,0 +1,3 @@
+import { AssemblyVersions } from './types';
+export declare function isSupported(targetFramework: string): boolean;
+export declare function generateRuntimeAssemblies(filePath: string): AssemblyVersions;

package/dist/nuget-parser/types.d.ts

@@ -0,0 +1,65 @@
+export interface TargetFramework {
+    framework: string;
+    original: string;
+    version: string;
+}
+export interface TargetFrameworkInfo {
+    Framework: string;
+    Version: string;
+    Platform: string;
+    PlatformVersion: string;
+    HasPlatform: boolean;
+    HasProfile: boolean;
+    Profile: string;
+    DotNetFrameworkName: string;
+    DotNetPlatformName: string;
+    IsPCL: boolean;
+    IsPackageBased: boolean;
+    AllFrameworkVersions: boolean;
+    IsUnsupported: boolean;
+    IsAgnostic: boolean;
+    IsAny: boolean;
+    IsSpecificFramework: boolean;
+    ShortName: string;
+}
+export interface Dependency {
+    name: string;
+    version: string;
+    dependencies?: any;
+}
+export interface DependencyInfo {
+    name: string;
+    path: string;
+    version: string;
+}
+export interface DependencyTree {
+    name: string;
+    children: Dependency[];
+}
+export declare enum ManifestType {
+    PROJECT_JSON = "project.json",
+    DOTNET_CORE = "dotnet-core",
+    PACKAGES_CONFIG = "packages.config",
+    PAKET = "paket"
+}
+interface Project {
+    version: string;
+    restore: Record<string, any>;
+    frameworks: Record<string, any>;
+    runtimeIdentifierGraphPath: string;
+}
+export interface ProjectAssets {
+    version: number;
+    targets: Record<string, any>;
+    libraries: Record<string, any>;
+    projectFileDependencyGroups: Record<string, any>;
+    packageFolders: Record<string, any>;
+    project: Project;
+}
+export type AssemblyVersions = Record<string, string>;
+export type RuntimeAssemblyVersions = Record<string, AssemblyVersions>;
+export interface DotNetFile {
+    name: string;
+    contents: string;
+}
+export {};

package/package.json

@@ -7,7 +7,7 @@
     "test": "npm run test:unit",
     "test:unit": "jest --coverage --runInBand",
     "lint": "npm run lint:prettier && npm run lint:eslint",
-    "lint:eslint": "eslint . --ext .ts",
+    "lint:eslint": "eslint -c .eslintrc '{lib,test}/**/*.ts'",
     "lint:prettier": "prettier --check '{lib,test}/**/*.{ts,csproj,json}' --log-level 'warn'",
     "lint:fix": "prettier --write '{lib,test}/**/*.{ts,csproj,json}' && eslint -c .eslintrc --fix '{lib,test}/**/*.ts'",
     "build": "tsc",
@@ -42,6 +42,7 @@
     "dotnet-deps-parser": "5.3.0",
     "jszip": "3.10.1",
     "lodash": "^4.17.21",
+    "node-cache": "^5.1.2",
     "snyk-paket-parser": "1.6.0",
     "tslib": "^2.6.1",
     "xml2js": "^0.6.2"
@@ -57,5 +58,5 @@
     "ts-jest": "^29.1.1",
     "typescript": "^5.1.6"
   },
-  "version": "1.37.0"
+  "version": "1.38.0"
 }