snyk-nuget-plugin 2.10.1 → 2.10.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -12,6 +12,60 @@ const subprocess = require("./subprocess");
|
|
|
12
12
|
const fs = require("fs");
|
|
13
13
|
const os = require("os");
|
|
14
14
|
const debug = debugModule('snyk');
|
|
15
|
+
function sanitizePath(filePath) {
|
|
16
|
+
if (!filePath || typeof filePath !== 'string') {
|
|
17
|
+
return filePath;
|
|
18
|
+
}
|
|
19
|
+
// Handle quoted paths (remove quotes, sanitize, then re-add quotes)
|
|
20
|
+
let isQuoted = false;
|
|
21
|
+
let cleanPath = filePath;
|
|
22
|
+
if ((filePath.startsWith('"') && filePath.endsWith('"')) ||
|
|
23
|
+
(filePath.startsWith("'") && filePath.endsWith("'"))) {
|
|
24
|
+
isQuoted = true;
|
|
25
|
+
cleanPath = filePath.slice(1, -1);
|
|
26
|
+
}
|
|
27
|
+
// Normalize path separators for cross-platform compatibility
|
|
28
|
+
cleanPath = cleanPath.replace(/\\/g, '/');
|
|
29
|
+
// Replace temp directory paths with <TEMP> (check this BEFORE home directory)
|
|
30
|
+
const tempDir = os.tmpdir().replace(/\\/g, '/');
|
|
31
|
+
if (cleanPath.startsWith(tempDir)) {
|
|
32
|
+
cleanPath = cleanPath.replace(tempDir, '<TEMP>');
|
|
33
|
+
}
|
|
34
|
+
// Replace home directory paths with <HOME>
|
|
35
|
+
const homeDir = os.homedir().replace(/\\/g, '/');
|
|
36
|
+
if (cleanPath.startsWith(homeDir)) {
|
|
37
|
+
cleanPath = cleanPath.replace(homeDir, '<HOME>');
|
|
38
|
+
}
|
|
39
|
+
// Replace absolute paths with relative paths when possible
|
|
40
|
+
try {
|
|
41
|
+
const cwd = process.cwd().replace(/\\/g, '/');
|
|
42
|
+
if (cleanPath.startsWith(cwd)) {
|
|
43
|
+
cleanPath = path.relative(cwd, cleanPath.replace(/\//g, path.sep)) || '.';
|
|
44
|
+
cleanPath = cleanPath.replace(/\\/g, '/'); // Normalize again after path.relative
|
|
45
|
+
}
|
|
46
|
+
}
|
|
47
|
+
catch {
|
|
48
|
+
// Ignore errors, continue with original path
|
|
49
|
+
}
|
|
50
|
+
// Restore quotes if they were present
|
|
51
|
+
return isQuoted ? `"${cleanPath}"` : cleanPath;
|
|
52
|
+
}
|
|
53
|
+
function sanitizeForLogging(value) {
|
|
54
|
+
if (typeof value === 'string') {
|
|
55
|
+
return sanitizePath(value);
|
|
56
|
+
}
|
|
57
|
+
else if (Array.isArray(value)) {
|
|
58
|
+
return value.map(sanitizeForLogging);
|
|
59
|
+
}
|
|
60
|
+
else if (typeof value === 'object' && value !== null) {
|
|
61
|
+
const sanitized = {};
|
|
62
|
+
for (const [key, val] of Object.entries(value)) {
|
|
63
|
+
sanitized[key] = sanitizeForLogging(val);
|
|
64
|
+
}
|
|
65
|
+
return sanitized;
|
|
66
|
+
}
|
|
67
|
+
return value;
|
|
68
|
+
}
|
|
15
69
|
async function handle(operation, command, args, projectPath) {
|
|
16
70
|
debug(`running dotnet command: ${operation}: ${command}`);
|
|
17
71
|
const options = projectPath ? { cwd: projectPath } : {};
|
|
@@ -23,10 +77,10 @@ async function handle(operation, command, args, projectPath) {
|
|
|
23
77
|
error !== null &&
|
|
24
78
|
'stdout' in error &&
|
|
25
79
|
'stderr' in error)) {
|
|
26
|
-
throw new errors_1.CliCommandError(`dotnet ${operation} failed with error: ${error}`);
|
|
80
|
+
throw new errors_1.CliCommandError(`dotnet ${operation} failed with error: ${error}. Command: ${command}, Args: ${JSON.stringify(sanitizeForLogging(args))}, Options: ${JSON.stringify(sanitizeForLogging(options))}`);
|
|
27
81
|
}
|
|
28
82
|
const message = error.stderr || error.stdout;
|
|
29
|
-
throw new errors_1.CliCommandError(`dotnet ${operation} failed with error: ${message}`);
|
|
83
|
+
throw new errors_1.CliCommandError(`dotnet ${operation} failed with error: ${message}. Command: ${command}, Args: ${JSON.stringify(sanitizeForLogging(args))}, Options: ${JSON.stringify(sanitizeForLogging(options))}`);
|
|
30
84
|
}
|
|
31
85
|
}
|
|
32
86
|
async function validate() {
|
|
@@ -61,7 +115,7 @@ async function restore(projectPath, workingDirectory) {
|
|
|
61
115
|
'--verbosity',
|
|
62
116
|
'normal',
|
|
63
117
|
`"${projectPath}"`,
|
|
64
|
-
'--p=TreatWarningsAsErrors=false;WarningsAsErrors=',
|
|
118
|
+
'--p=MSBuildEnableWorkloadResolver=true;TreatWarningsAsErrors=false;WarningsAsErrors=',
|
|
65
119
|
];
|
|
66
120
|
await handle('restore', command, args, workingDirectory);
|
|
67
121
|
return;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"dotnet.js","sourceRoot":"","sources":["../../../lib/nuget-parser/cli/dotnet.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"dotnet.js","sourceRoot":"","sources":["../../../lib/nuget-parser/cli/dotnet.ts"],"names":[],"mappings":";;AAwGA,4BAWC;AAED,0BAaC;AAED,0BAgBC;AAED,kBAWC;AAED,0BAqDC;AAxND,qCAAqC;AACrC,yCAA+C;AAC/C,6BAA6B;AAC7B,2CAA2C;AAC3C,yBAAyB;AACzB,yBAAyB;AAEzB,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;AAElC,SAAS,YAAY,CAAC,QAAgB;IACpC,IAAI,CAAC,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAC9C,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,oEAAoE;IACpE,IAAI,QAAQ,GAAG,KAAK,CAAC;IACrB,IAAI,SAAS,GAAG,QAAQ,CAAC;IAEzB,IACE,CAAC,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;QACpD,CAAC,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,EACpD,CAAC;QACD,QAAQ,GAAG,IAAI,CAAC;QAChB,SAAS,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IACpC,CAAC;IAED,6DAA6D;IAC7D,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;IAE1C,8EAA8E;IAC9E,MAAM,OAAO,GAAG,EAAE,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;IAChD,IAAI,SAAS,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QAClC,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;IACnD,CAAC;IAED,2CAA2C;IAC3C,MAAM,OAAO,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;IACjD,IAAI,SAAS,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QAClC,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;IACnD,CAAC;IAED,2DAA2D;IAC3D,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QAC9C,IAAI,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAC9B,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC;YAC1E,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC,sCAAsC;QACnF,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,6CAA6C;IAC/C,CAAC;IAED,sCAAsC;IACtC,OAAO,QAAQ,CAAC,CAAC,CAAC,IAAI,SAAS,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;AACjD,CAAC;AAED,SAAS,kBAAkB,CAAC,KAAU;IACpC,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,OAAO,YAAY,CAAC,KAAK,CAAC,CAAC;IAC7B,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QAChC,OAAO,KAAK,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;IACvC,CAAC;SAAM,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;QACvD,MAAM,SAAS,GAAQ,EAAE,CAAC;QAC1B,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YAC/C,SAAS,CAAC,GAAG,CAAC,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAC;QAC3C,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,KAAK,UAAU,MAAM,CACnB,SAAiB,EACjB,OAAe,EACf,IAAc,EACd,WAAoB;IAEpB,KAAK,CAAC,2BAA2B,SAAS,KAAK,OAAO,EAAE,CAAC,CAAC;IAE1D,MAAM,OAAO,GAAG,WAAW,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IAExD,IAAI,CAAC;QACH,OAAO,MAAM,UAAU,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;IAC1D,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,IACE,CAAC,CACC,OAAO,KAAK,KAAK,QAAQ;YACzB,KAAK,KAAK,IAAI;YACd,QAAQ,IAAI,KAAK;YACjB,QAAQ,IAAI,KAAK,CAClB,EACD,CAAC;YACD,MAAM,IAAI,wBAAe,CACvB,UAAU,SAAS,uBAAuB,KAAK,cAAc,OAAO,WAAW,IAAI,CAAC,SAAS,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC,cAAc,IAAI,CAAC,SAAS,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAC,EAAE,CACnL,CAAC;QACJ,CAAC;QAED,MAAM,OAAO,GAAG,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC;QAC7C,MAAM,IAAI,wBAAe,CACvB,UAAU,SAAS,uBAAuB,OAAO,cAAc,OAAO,WAAW,IAAI,CAAC,SAAS,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC,cAAc,IAAI,CAAC,SAAS,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAC,EAAE,CACrL,CAAC;IACJ,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,QAAQ;IAC5B,MAAM,OAAO,GAAG,QAAQ,CAAC;IACzB,MAAM,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;IAE3B,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;QACtD,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;IAC9B,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,KAAK,CAAC,qDAAqD,CAAC,CAAC;QAC7D,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,OAAO,CAC3B,IAAc,EACd,WAAmB;IAEnB,MAAM,OAAO,GAAG,QAAQ,CAAC;IAEzB,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC;QACnE,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;IAC9B,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,KAAK,CAAC,qDAAqD,CAAC,CAAC;QAC7D,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,OAAO,CAC3B,WAAmB,EACnB,gBAAyB;IAEzB,MAAM,OAAO,GAAG,QAAQ,CAAC;IACzB,MAAM,IAAI,GAAG;QACX,SAAS;QACT,kFAAkF;QAClF,kFAAkF;QAClF,aAAa;QACb,QAAQ;QACR,IAAI,WAAW,GAAG;QAClB,sFAAsF;KACvF,CAAC;IACF,MAAM,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,IAAI,EAAE,gBAAgB,CAAC,CAAC;IACzD,OAAO;AACT,CAAC;AAEM,KAAK,UAAU,GAAG,CACvB,WAAmB,EACnB,OAAiB;IAEjB,MAAM,OAAO,GAAG,QAAQ,CAAC;IACzB,MAAM,IAAI,GAAG,CAAC,KAAK,EAAE,WAAW,EAAE,WAAW,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAC/D,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;IACpD,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC;IAC/B,OAAO,MAAM,CAAC,KAAK,CACjB,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CACjE,CAAC;AACJ,CAAC;AAEM,KAAK,UAAU,OAAO,CAC3B,WAAmB,EACnB,eAAwB;IAExB,MAAM,OAAO,GAAG,QAAQ,CAAC;IACzB,MAAM,IAAI,GAAG,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC;IACrC,sGAAsG;IACtG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAElB,0DAA0D;IAC1D,qFAAqF;IACrF,oGAAoG;IACpG,IAAI,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;IAEnC,yHAAyH;IACzH,IAAI,eAAe,EAAE,CAAC;QACpB,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QACzB,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;IAC7B,CAAC;IAED,0GAA0G;IAC1G,MAAM,OAAO,GAAG,EAAE,CAAC,WAAW,CAC5B,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,mCAAmC,CAAC,CAC5D,CAAC;IAEF,iDAAiD;IACjD,mIAAmI;IACnI,iDAAiD;IAEjD,uHAAuH;IACvH,2EAA2E;IAC3E,iFAAiF;IAEjF,+GAA+G;IAC/G,yCAAyC;IACzC,4FAA4F;IAE5F,yIAAyI;IACzI,iIAAiI;IAEjI,iHAAiH;IACjH,2HAA2H;IAC3H,IAAI,CAAC,IAAI,CACP,kBAAkB,OAAO,kJAAkJ,CAC5K,CAAC;IAEF,0EAA0E;IAC1E,oFAAoF;IACpF,IAAI,CAAC,IAAI,CAAC,IAAI,WAAW,GAAG,CAAC,CAAC;IAE9B,MAAM,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;IAEvC,OAAO,OAAO,CAAC;AACjB,CAAC"}
|
package/package.json
CHANGED