snyk-nuget-plugin 2.13.2 → 3.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (18) hide show
  1. package/dist/index.js +1 -1
  2. package/dist/index.js.map +1 -1
  3. package/dist/nuget-parser/index.d.ts +1 -1
  4. package/dist/nuget-parser/index.js +9 -126
  5. package/dist/nuget-parser/index.js.map +1 -1
  6. package/dist/nuget-parser/parsers/dotnet-core-v3-parser.js +15 -8
  7. package/dist/nuget-parser/parsers/dotnet-core-v3-parser.js.map +1 -1
  8. package/dist/nuget-parser/runtime-assembly-v2.d.ts +0 -2
  9. package/dist/nuget-parser/runtime-assembly-v2.js +0 -77
  10. package/dist/nuget-parser/runtime-assembly-v2.js.map +1 -1
  11. package/dist/nuget-parser/types.d.ts +1 -0
  12. package/package.json +1 -1
  13. package/dist/nuget-parser/parsers/dotnet-core-v2-parser.d.ts +0 -4
  14. package/dist/nuget-parser/parsers/dotnet-core-v2-parser.js +0 -161
  15. package/dist/nuget-parser/parsers/dotnet-core-v2-parser.js.map +0 -1
  16. package/dist/nuget-parser/runtime-assembly.d.ts +0 -2
  17. package/dist/nuget-parser/runtime-assembly.js +0 -81
  18. package/dist/nuget-parser/runtime-assembly.js.map +0 -1
package/dist/index.js CHANGED
@@ -67,7 +67,7 @@ async function inspect(root, targetFile, options) {
67
67
  This should be considered experimental and not relied upon for production use.
68
68
  Please report issues with this beta feature by submitting a support case, and attach the output of running this command
69
69
  with the debug (-d) flag at \x1b[4mhttp://support.snyk.io\x1b[0m.`);
70
- const results = await nugetParser.buildDepGraphFromFiles(root, targetFile, manifestType, options['assets-project-name'], options['useFixForImprovedDotnetFalsePositives'] || false, options['useImprovedDotnetWithoutPublish'] || false, options['project-name-prefix'], options['dotnet-target-framework']);
70
+ const results = await nugetParser.buildDepGraphFromFiles(root, targetFile, manifestType, options['assets-project-name'], options['project-name-prefix'], options['dotnet-target-framework']);
71
71
  // Construct a MultiProjectResult to send to either the CLI or the SCM scanner.
72
72
  const multiProjectResult = {
73
73
  plugin: {
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../lib/index.ts"],"names":[],"mappings":";;AAkCA,0BA6GC;AA/ID,8CAA8C;AAC9C,6BAA6B;AAC7B,iDAAiD;AACjD,gDAAoD;AAEpD,qCAIkB;AAGlB,SAAS,qBAAqB,CAAC,QAAgB;IAC7C,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,eAAe,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;YACpC,OAAO,oBAAY,CAAC,YAAY,CAAC;QACnC,CAAC;QACD,KAAK,sBAAsB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;YAC3C,OAAO,oBAAY,CAAC,WAAW,CAAC;QAClC,CAAC;QACD,KAAK,kBAAkB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;YACvC,OAAO,oBAAY,CAAC,eAAe,CAAC;QACtC,CAAC;QACD,KAAK,qBAAqB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;YAC1C,OAAO,oBAAY,CAAC,KAAK,CAAC;QAC5B,CAAC;QACD,OAAO,CAAC,CAAC,CAAC;YACR,MAAM,IAAI,0BAAiB,CACzB,wCAAwC,GAAG,QAAQ,CACpD,CAAC;QACJ,CAAC;IACH,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,OAAO,CAC3B,IAAI,EACJ,UAAU,EACV,OAAQ;IAER,OAAO,GAAG,OAAO,IAAI,EAAE,CAAC;IACxB,IAAI,YAA0B,CAAC;IAC/B,IAAI,CAAC;QACH,YAAY,GAAG,qBAAqB,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,IAAI,IAAI,CAAC,CAAC,CAAC;IAC1E,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC/B,CAAC;IAED,MAAM,iBAAiB,GAAG,CAAC,OAAO,EAAiC,EAAE;QACnE,MAAM,eAAe,GAAG,OAAO,CAAC,IAAI;YAClC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,eAAe;YAC9B,CAAC,CAAC,SAAS,CAAC;QACd,OAAO,OAAO,CAAC,IAAI,CAAC;QACpB,OAAO;YACL,OAAO,EAAE,OAAO;YAChB,MAAM,EAAE;gBACN,IAAI,EAAE,mBAAmB;gBACzB,UAAU;gBACV,aAAa,EAAE,eAAe;aAC/B;SACF,CAAC;IACJ,CAAC,CAAC;IAEF,IAAI,YAAY,KAAK,oBAAY,CAAC,KAAK,EAAE,CAAC;QACxC,OAAO,WAAW;aACf,qBAAqB,CACpB,IAAI,EACJ,UAAU,EACV,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,YAAY,CAAC,EACjD,OAAO,CAAC,aAAa,CAAC,IAAI,OAAO,CAAC,GAAG,EAAE,gDAAgD;QACvF,OAAO,CAAC,MAAM,CACf;aACA,IAAI,CAAC,iBAAiB,CAAC,CAAC;IAC7B,CAAC;IAED,IACE,OAAO,CAAC,yBAAyB,CAAC;QAClC,CAAC,OAAO,CAAC,2BAA2B,CAAC,EACrC,CAAC;QACD,OAAO,OAAO,CAAC,MAAM,CACnB,IAAI,wBAAe,CACjB,2IAA2I,CAC5I,CACF,CAAC;IACJ,CAAC;IAED,IAAI,OAAO,CAAC,2BAA2B,CAAC,EAAE,CAAC;QACzC,IAAI,YAAY,KAAK,oBAAY,CAAC,WAAW,EAAE,CAAC;YAC9C,OAAO,OAAO,CAAC,MAAM,CACnB,IAAI,gCAAuB,CACzB,kMAAkM,YAAY,GAAG,CAClN,CACF,CAAC;QACJ,CAAC;QAED,OAAO,CAAC,IAAI,CAAC;;;;kEAIiD,CAAC,CAAC;QAEhE,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,sBAAsB,CACtD,IAAI,EACJ,UAAU,EACV,YAAY,EACZ,OAAO,CAAC,qBAAqB,CAAC,EAC9B,OAAO,CAAC,uCAAuC,CAAC,IAAI,KAAK,EACzD,OAAO,CAAC,iCAAiC,CAAC,IAAI,KAAK,EACnD,OAAO,CAAC,qBAAqB,CAAC,EAC9B,OAAO,CAAC,yBAAyB,CAAC,CACnC,CAAC;QAEF,+EAA+E;QAC/E,MAAM,kBAAkB,GAAuB;YAC7C,MAAM,EAAE;gBACN,IAAI,EAAE,mBAAmB;gBACzB,UAAU;aACX;YACD,eAAe,EAAE,EAAE;SACpB,CAAC;QAEF,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,kBAAkB,CAAC,eAAe,CAAC,IAAI,CAAC;gBACtC,UAAU,EAAE,UAAU;gBACtB,QAAQ,EAAE,MAAM,CAAC,eAAe;gBAChC,IAAI,EAAE;oBACJ,aAAa,EAAE,MAAM,CAAC,eAAe;iBACtC;aACF,CAAC,CAAC;QACL,CAAC;QAED,OAAO,kBAAkB,CAAC;IAC5B,CAAC;IAED,OAAO,WAAW;SACf,qBAAqB,CACpB,IAAI,EACJ,UAAU,EACV,OAAO,CAAC,cAAc,EACtB,YAAY,EACZ,OAAO,CAAC,qBAAqB,CAAC,EAC9B,OAAO,CAAC,qBAAqB,CAAC,CAC/B;SACA,IAAI,CAAC,iBAAiB,CAAC,CAAC;AAC7B,CAAC"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../lib/index.ts"],"names":[],"mappings":";;AAkCA,0BA2GC;AA7ID,8CAA8C;AAC9C,6BAA6B;AAC7B,iDAAiD;AACjD,gDAAoD;AAEpD,qCAIkB;AAGlB,SAAS,qBAAqB,CAAC,QAAgB;IAC7C,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,eAAe,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;YACpC,OAAO,oBAAY,CAAC,YAAY,CAAC;QACnC,CAAC;QACD,KAAK,sBAAsB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;YAC3C,OAAO,oBAAY,CAAC,WAAW,CAAC;QAClC,CAAC;QACD,KAAK,kBAAkB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;YACvC,OAAO,oBAAY,CAAC,eAAe,CAAC;QACtC,CAAC;QACD,KAAK,qBAAqB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;YAC1C,OAAO,oBAAY,CAAC,KAAK,CAAC;QAC5B,CAAC;QACD,OAAO,CAAC,CAAC,CAAC;YACR,MAAM,IAAI,0BAAiB,CACzB,wCAAwC,GAAG,QAAQ,CACpD,CAAC;QACJ,CAAC;IACH,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,OAAO,CAC3B,IAAI,EACJ,UAAU,EACV,OAAQ;IAER,OAAO,GAAG,OAAO,IAAI,EAAE,CAAC;IACxB,IAAI,YAA0B,CAAC;IAC/B,IAAI,CAAC;QACH,YAAY,GAAG,qBAAqB,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,IAAI,IAAI,CAAC,CAAC,CAAC;IAC1E,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC/B,CAAC;IAED,MAAM,iBAAiB,GAAG,CAAC,OAAO,EAAiC,EAAE;QACnE,MAAM,eAAe,GAAG,OAAO,CAAC,IAAI;YAClC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,eAAe;YAC9B,CAAC,CAAC,SAAS,CAAC;QACd,OAAO,OAAO,CAAC,IAAI,CAAC;QACpB,OAAO;YACL,OAAO,EAAE,OAAO;YAChB,MAAM,EAAE;gBACN,IAAI,EAAE,mBAAmB;gBACzB,UAAU;gBACV,aAAa,EAAE,eAAe;aAC/B;SACF,CAAC;IACJ,CAAC,CAAC;IAEF,IAAI,YAAY,KAAK,oBAAY,CAAC,KAAK,EAAE,CAAC;QACxC,OAAO,WAAW;aACf,qBAAqB,CACpB,IAAI,EACJ,UAAU,EACV,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,YAAY,CAAC,EACjD,OAAO,CAAC,aAAa,CAAC,IAAI,OAAO,CAAC,GAAG,EAAE,gDAAgD;QACvF,OAAO,CAAC,MAAM,CACf;aACA,IAAI,CAAC,iBAAiB,CAAC,CAAC;IAC7B,CAAC;IAED,IACE,OAAO,CAAC,yBAAyB,CAAC;QAClC,CAAC,OAAO,CAAC,2BAA2B,CAAC,EACrC,CAAC;QACD,OAAO,OAAO,CAAC,MAAM,CACnB,IAAI,wBAAe,CACjB,2IAA2I,CAC5I,CACF,CAAC;IACJ,CAAC;IAED,IAAI,OAAO,CAAC,2BAA2B,CAAC,EAAE,CAAC;QACzC,IAAI,YAAY,KAAK,oBAAY,CAAC,WAAW,EAAE,CAAC;YAC9C,OAAO,OAAO,CAAC,MAAM,CACnB,IAAI,gCAAuB,CACzB,kMAAkM,YAAY,GAAG,CAClN,CACF,CAAC;QACJ,CAAC;QAED,OAAO,CAAC,IAAI,CAAC;;;;kEAIiD,CAAC,CAAC;QAEhE,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,sBAAsB,CACtD,IAAI,EACJ,UAAU,EACV,YAAY,EACZ,OAAO,CAAC,qBAAqB,CAAC,EAC9B,OAAO,CAAC,qBAAqB,CAAC,EAC9B,OAAO,CAAC,yBAAyB,CAAC,CACnC,CAAC;QAEF,+EAA+E;QAC/E,MAAM,kBAAkB,GAAuB;YAC7C,MAAM,EAAE;gBACN,IAAI,EAAE,mBAAmB;gBACzB,UAAU;aACX;YACD,eAAe,EAAE,EAAE;SACpB,CAAC;QAEF,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,kBAAkB,CAAC,eAAe,CAAC,IAAI,CAAC;gBACtC,UAAU,EAAE,UAAU;gBACtB,QAAQ,EAAE,MAAM,CAAC,eAAe;gBAChC,IAAI,EAAE;oBACJ,aAAa,EAAE,MAAM,CAAC,eAAe;iBACtC;aACF,CAAC,CAAC;QACL,CAAC;QAED,OAAO,kBAAkB,CAAC;IAC5B,CAAC;IAED,OAAO,WAAW;SACf,qBAAqB,CACpB,IAAI,EACJ,UAAU,EACV,OAAO,CAAC,cAAc,EACtB,YAAY,EACZ,OAAO,CAAC,qBAAqB,CAAC,EAC9B,OAAO,CAAC,qBAAqB,CAAC,CAC/B;SACA,IAAI,CAAC,iBAAiB,CAAC,CAAC;AAC7B,CAAC"}
package/dist/nuget-parser/index.d.ts CHANGED
@@ -1,3 +1,3 @@
1
1
  import { DotnetCoreV2Results, ManifestType } from './types';
2
- export declare function buildDepGraphFromFiles(root: string | undefined, targetFile: string | undefined, manifestType: ManifestType, useProjectNameFromAssetsFile: boolean, useFixForImprovedDotnetFalsePositives: boolean, useImprovedDotnetWithoutPublish: boolean, projectNamePrefix?: string, targetFramework?: string): Promise<DotnetCoreV2Results>;
2
+ export declare function buildDepGraphFromFiles(root: string | undefined, targetFile: string | undefined, manifestType: ManifestType, useProjectNameFromAssetsFile: boolean, projectNamePrefix?: string, targetFramework?: string): Promise<DotnetCoreV2Results>;
3
3
  export declare function buildDepTreeFromFiles(root: string | undefined, targetFile: string | undefined, packagesFolderPath: string | undefined, manifestType: ManifestType, useProjectNameFromAssetsFile: boolean, projectNamePrefix?: string): Promise<any>;
package/dist/nuget-parser/index.js CHANGED
@@ -9,7 +9,6 @@ const debugModule = require("debug");
9
9
  const depsParser = require("dotnet-deps-parser");
10
10
  const dotnetCoreV3Parser = require("./parsers/dotnet-core-v3-parser");
11
11
  const dotnetCoreParser = require("./parsers/dotnet-core-parser");
12
- const dotnetCoreV2Parser = require("./parsers/dotnet-core-v2-parser");
13
12
  const dotnetFrameworkParser = require("./parsers/dotnet-framework-parser");
14
13
  const projectJsonParser = require("./parsers/project-json-parser");
15
14
  const packagesConfigParser = require("./parsers/packages-config-parser");
@@ -17,8 +16,6 @@ const errors_1 = require("../errors");
17
16
  const types_1 = require("./types");
18
17
  const dotnet = require("./cli/dotnet");
19
18
  const nugetFrameworksParser = require("./csharp/nugetframeworks_parser");
20
- const runtimeAssemblyV2 = require("./runtime-assembly-v2");
21
- const runtimeAssembly = require("./runtime-assembly");
22
19
  const runtime_assembly_v2_1 = require("./runtime-assembly-v2");
23
20
  const debug = debugModule('snyk');
24
21
  const PROJECTSDK = 'Microsoft.NET.Sdk';
@@ -28,10 +25,6 @@ const PARSERS = {
28
25
  depParser: dotnetCoreParser,
29
26
  fileContentParser: JSON,
30
27
  },
31
- 'dotnet-core-v2': {
32
- depParser: dotnetCoreV2Parser,
33
- fileContentParser: JSON,
34
- },
35
28
  'dotnet-core-v3': {
36
29
  depParser: dotnetCoreV3Parser,
37
30
  fileContentParser: JSON,
@@ -105,101 +98,6 @@ async function resolveAssetsFilePath(root, targetFile) {
105
98
  }
106
99
  return assetsFile;
107
100
  }
108
- function tryToGetFileByName(dir, filename) {
109
- const depsFilePath = path.join(dir, filename);
110
- try {
111
- const depsFile = fs.readFileSync(depsFilePath);
112
- if (depsFile)
113
- return depsFile;
114
- }
115
- catch (_) {
116
- // Due to race conditions, fs docs suggests to not use .stat or .access to check if a file exists
117
- // but instead we should to try and read it.
118
- // https://nodejs.org/api/fs.html#fsstatpath-options-callback
119
- }
120
- return null;
121
- }
122
- // `dotnet` can publish the .deps file to a variety of places inside the publish folder, depending on what you're
123
- // including and targeting. Instead of trying different directories, just scan them all. In most cases, the file
124
- // will be in the root directory. (See https://github.com/Azure/azure-functions-vs-build-sdk/issues/518)
125
- function findDepsFileInPublishDir(dir, filename) {
126
- let renamedFile = null;
127
- // Try to get the file via full path.
128
- const namedFile = tryToGetFileByName(dir, filename);
129
- if (namedFile)
130
- return namedFile;
131
- for (const item of fs.readdirSync(dir)) {
132
- const itemPath = path.join(dir, item);
133
- // The file is usually <project>.deps.json, but in edge cases, `dotnet` names it for you.
134
- if (itemPath.endsWith('deps.json')) {
135
- renamedFile = fs.readFileSync(itemPath);
136
- }
137
- if (!fs.statSync(itemPath).isDirectory()) {
138
- continue;
139
- }
140
- // Otherwise, look in a nested dir for the same thing.
141
- const foundFile = findDepsFileInPublishDir(itemPath, filename);
142
- if (!foundFile) {
143
- continue;
144
- }
145
- return foundFile;
146
- }
147
- return renamedFile || null;
148
- }
149
- async function getResultsWithPublish(decidedTargetFrameworks, projectPath, safeRoot, projectNameFromManifestFile, nugetFrameworksParserLocation, useFixForImprovedDotnetFalsePositives, resolvedProjectName, projectAssets) {
150
- const parser = PARSERS['dotnet-core-v2'];
151
- // Loop through all TargetFrameworks supplied and generate a dependency graph for each.
152
- const results = [];
153
- for (const decidedTargetFramework of decidedTargetFrameworks) {
154
- // Run `dotnet publish` to create a self-contained publishable binary with included .dlls for assembly version inspection.
155
- const publishDir = await dotnet.publish(
156
- // Attempt to feed it the full path to the project file itself, as multiple could exist. If that fails, don't break the flow, just send the folder as previously
157
- projectPath || safeRoot, decidedTargetFramework);
158
- // Then inspect the dependency graph for the runtimepackage's assembly versions.
159
- const filename = `${projectNameFromManifestFile}.deps.json`;
160
- const depsFile = findDepsFileInPublishDir(publishDir, filename);
161
- if (!depsFile) {
162
- throw new errors_1.CliCommandError(`unable to locate ${filename} anywhere inside ${publishDir}, file is needed for runtime resolution to occur, aborting`);
163
- }
164
- const publishedProjectDeps = JSON.parse(depsFile.toString('utf-8'));
165
- // Parse the TargetFramework using Nuget.Frameworks itself, instead of trying to reinvent the wheel, thus ensuring
166
- // we have maximum context to use later when building the depGraph.
167
- const response = await dotnet.run(nugetFrameworksParserLocation, [
168
- decidedTargetFramework,
169
- ]);
170
- const targetFrameworkInfo = JSON.parse(response);
171
- if (targetFrameworkInfo.IsUnsupported) {
172
- throw new errors_1.InvalidManifestError(`dotnet was not able to parse the target framework ${decidedTargetFramework}, it was reported unsupported by the dotnet runtime`);
173
- }
174
- let assemblyVersions = {};
175
- if (!decidedTargetFramework.includes('netstandard')) {
176
- assemblyVersions =
177
- runtimeAssembly.generateRuntimeAssemblies(publishedProjectDeps);
178
- // Specifically targeting .NET Standard frameworks will not provide any specific runtime assembly information in
179
- // the published artifacts files, and can thus not be read more precisely than the .deps file will tell us up-front.
180
- // This probably makes sense when looking at https://dotnet.microsoft.com/en-us/platform/dotnet-standard#versions.
181
- // As such, we don't generate any runtime assemblies and generate the dependency graph without it.
182
- if (useFixForImprovedDotnetFalsePositives) {
183
- let projectFolder = '';
184
- // Get the project folder path
185
- if (projectPath) {
186
- projectFolder = path.dirname(projectPath);
187
- }
188
- // An important failure point here will be a reference to a version of the dotnet SDK that is
189
- // not installed in the environment. Ex: global.json specifies 6.0.100, but the only version install in the env is 8.0.100
190
- // https://learn.microsoft.com/en-us/dotnet/core/tools/dotnet#options-for-displaying-environment-information-and-available-commands
191
- await dotnet.execute(['--version'], projectFolder);
192
- assemblyVersions = await runtimeAssemblyV2.generateRuntimeAssemblies(projectFolder || safeRoot, assemblyVersions);
193
- }
194
- }
195
- const depGraph = parser.depParser.parse(resolvedProjectName, projectAssets, publishedProjectDeps, assemblyVersions, useFixForImprovedDotnetFalsePositives);
196
- results.push({
197
- dependencyGraph: depGraph,
198
- targetFramework: decidedTargetFramework,
199
- });
200
- }
201
- return results;
202
- }
203
101
  async function getResultsWithoutPublish(decidedTargetFrameworks, projectPath, safeRoot, nugetFrameworksParserLocation, resolvedProjectName, projectAssets) {
204
102
  const parser = PARSERS['dotnet-core-v3'];
205
103
  const projectFolder = projectPath ? path.dirname(projectPath) : safeRoot;
@@ -260,14 +158,14 @@ async function getResultsWithoutPublish(decidedTargetFrameworks, projectPath, sa
260
158
  }
261
159
  return results;
262
160
  }
263
- async function buildDepGraphFromFiles(root, targetFile, manifestType, useProjectNameFromAssetsFile, useFixForImprovedDotnetFalsePositives, useImprovedDotnetWithoutPublish, projectNamePrefix, targetFramework) {
161
+ async function buildDepGraphFromFiles(root, targetFile, manifestType, useProjectNameFromAssetsFile, projectNamePrefix, targetFramework) {
264
162
  const safeRoot = root || '.';
265
163
  const safeTargetFile = targetFile || '.';
266
164
  // Resolve the correct assets file path using MSBuild if needed
267
165
  const fileContentPath = await resolveAssetsFilePath(safeRoot, safeTargetFile);
268
166
  const fileContent = getFileContents(fileContentPath);
269
- const parser = PARSERS['dotnet-core-v2'];
270
- const projectAssets = await parser.fileContentParser.parse(fileContent);
167
+ const parser = PARSERS['dotnet-core-v3'];
168
+ const projectAssets = parser.fileContentParser.parse(fileContent);
271
169
  if (!projectAssets.project?.frameworks) {
272
170
  throw new errors_1.FileNotProcessableError(`unable to detect any target framework in manifest file ${safeTargetFile}, a valid one is needed to continue down this path.`);
273
171
  }
@@ -294,25 +192,13 @@ Will attempt to build dependency graph anyway, but the operation might fail.`);
294
192
  }
295
193
  }
296
194
  // If a specific targetFramework has been requested, only query that, otherwise try to do them all
195
+ // Passing a const value as the project sdk. Why? The targetFile it's project.assets.json, which gets generated
196
+ // only for the sdk style projects. The assets file won't get generated for projects which rely on packages.config.
197
+ // The reason behind deciding to call this method is because maybe in the future we want to not support some specific
198
+ // target frameworks.
297
199
  const decidedTargetFrameworks = targetFramework
298
200
  ? [targetFramework]
299
- : targetFrameworks.filter((framework) => {
300
- // Passing a const value as the project sdk. Why? The targetFile it's project.assets.json, which gets generated
301
- // only for the sdk style projects. The assets file won't get generated for projects which rely on packages.config.
302
- // The reason behind deciding to call this method is because maybe in the future we want to not support some specific
303
- // target frameworks.
304
- if (useImprovedDotnetWithoutPublish) {
305
- if (!depsParser.isSupportedByV3GraphGeneration(framework, PROJECTSDK)) {
306
- return false;
307
- }
308
- return true;
309
- }
310
- if (!depsParser.isSupportedByV2GraphGeneration(framework)) {
311
- console.warn(`\x1b[33m⚠ WARNING\x1b[0m: The runtime resolution flag is currently only supported for the following TargetFrameworks: .NET versions 6 and higher, all versions of .NET Core and all versions of .NET Standard. Detected a TargetFramework: \x1b[1m${framework}\x1b[0m, which will be skipped.`);
312
- return false;
313
- }
314
- return true;
315
- });
201
+ : targetFrameworks.filter((framework) => depsParser.isSupportedByV3GraphGeneration(framework, PROJECTSDK));
316
202
  if (decidedTargetFrameworks.length == 0) {
317
203
  throw new errors_1.InvalidManifestError(`Was not able to find any supported TargetFrameworks to scan, aborting`);
318
204
  }
@@ -326,10 +212,7 @@ Will attempt to build dependency graph anyway, but the operation might fail.`);
326
212
  if (!projectPath) {
327
213
  console.warn(`\x1b[33m⚠ WARNING\x1b[0m: Could not detect any projectPath in the project assets file, if your solution contains multiple projects in the same folder, this operation might fail.`);
328
214
  }
329
- if (useImprovedDotnetWithoutPublish) {
330
- return getResultsWithoutPublish(decidedTargetFrameworks, projectPath, safeRoot, nugetFrameworksParserLocation, resolvedProjectName, projectAssets);
331
- }
332
- return getResultsWithPublish(decidedTargetFrameworks, projectPath, safeRoot, projectNameFromManifestFile, nugetFrameworksParserLocation, useFixForImprovedDotnetFalsePositives, resolvedProjectName, projectAssets);
215
+ return getResultsWithoutPublish(decidedTargetFrameworks, projectPath, safeRoot, nugetFrameworksParserLocation, resolvedProjectName, projectAssets);
333
216
  }
334
217
  async function buildDepTreeFromFiles(root, targetFile, packagesFolderPath, manifestType, useProjectNameFromAssetsFile, projectNamePrefix) {
335
218
  const safeRoot = root || '.';
package/dist/nuget-parser/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../lib/nuget-parser/index.ts"],"names":[],"mappings":";;AAsYA,wDAoIC;AAED,sDA4GC;AAxnBD,yBAAyB;AACzB,6BAA6B;AAC7B,wDAAwD;AACxD,qCAAqC;AACrC,iDAAiD;AACjD,sEAAsE;AACtE,iEAAiE;AACjE,sEAAsE;AACtE,2EAA2E;AAC3E,mEAAmE;AACnE,yEAAyE;AACzE,sCAKmB;AACnB,mCASiB;AACjB,uCAAuC;AACvC,yEAAyE;AACzE,2DAA2D;AAC3D,sDAAsD;AACtD,+DAK+B;AAE/B,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;AAElC,MAAM,UAAU,GAAG,mBAAmB,CAAC;AACvC,MAAM,uBAAuB,GAAG,qBAAqB,CAAC;AAEtD,MAAM,OAAO,GAAG;IACd,aAAa,EAAE;QACb,SAAS,EAAE,gBAAgB;QAC3B,iBAAiB,EAAE,IAAI;KACxB;IACD,gBAAgB,EAAE;QAChB,SAAS,EAAE,kBAAkB;QAC7B,iBAAiB,EAAE,IAAI;KACxB;IACD,gBAAgB,EAAE;QAChB,SAAS,EAAE,kBAAkB;QAC7B,iBAAiB,EAAE,IAAI;KACxB;IACD,iBAAiB,EAAE;QACjB,SAAS,EAAE,qBAAqB;QAChC,iBAAiB,EAAE,oBAAoB;KACxC;IACD,cAAc,EAAE;QACd,SAAS,EAAE,qBAAqB;QAChC,iBAAiB,EAAE,iBAAiB;KACrC;CACF,CAAC;AAEF,SAAS,iBAAiB,CAAC,cAAc,EAAE,iBAAiB;IAC1D,IAAI,cAAc,EAAE,CAAC;QACnB,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,cAAc,CAAC,CAAC;IACrD,CAAC;IACD,OAAO,IAAI,CAAC,OAAO,CAAC,iBAAiB,EAAE,UAAU,CAAC,CAAC;AACrD,CAAC;AAED,SAAS,WAAW,CAClB,IAAa,EACb,iBAA0B,EAC1B,iBAA0B;IAE1B,MAAM,eAAe,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,iBAAiB,IAAI,EAAE,CAAC,CAAC;IACvE,IAAI,iBAAiB,EAAE,CAAC;QACtB,OAAO,iBAAiB,GAAG,eAAe,CAAC;IAC7C,CAAC;IACD,OAAO,eAAe,CAAC;AACzB,CAAC;AAED,SAAS,eAAe,CAAC,eAAuB;IAC9C,IAAI,CAAC;QACH,KAAK,CAAC,sBAAsB,eAAe,EAAE,CAAC,CAAC;QAC/C,OAAO,EAAE,CAAC,YAAY,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;IACnD,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,MAAM,IAAI,gCAAuB,CAAC,KAAK,CAAC,CAAC;IAC3C,CAAC;AACH,CAAC;AAED,KAAK,UAAU,qBAAqB,CAClC,IAAY,EACZ,UAAkB;IAElB,MAAM,kBAAkB,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;IAE1D,IAAI,EAAE,CAAC,UAAU,CAAC,kBAAkB,CAAC,EAAE,CAAC;QACtC,OAAO,kBAAkB,CAAC;IAC5B,CAAC;IAED,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC;IACvD,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;IAE/C,IAAI,WAAW,GAAkB,IAAI,CAAC;IACtC,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,EAAE,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;QACzC,MAAM,YAAY,GAAG,KAAK,CAAC,MAAM,CAC/B,CAAC,IAAI,EAAE,EAAE,CACP,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC;YACxB,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC;YACxB,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,CAC3B,CAAC;QAEF,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC5B,WAAW,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC;QAC1D,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,gCAAuB,CAC/B,sDAAsD,KAAK,EAAE,CAC9D,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,MAAM,IAAI,gCAAuB,CAC/B,uEAAuE,UAAU,EAAE,CACpF,CAAC;IACJ,CAAC;IAED,4DAA4D;IAC5D,MAAM,oBAAoB,GACxB,MAAM,MAAM,CAAC,6BAA6B,CAAC,WAAW,CAAC,CAAC;IAC1D,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC1B,MAAM,IAAI,wBAAe,CACvB,+DAA+D,WAAW,EAAE,CAC7E,CAAC;IACJ,CAAC;IAED,MAAM,YAAY,GAAG,IAAI,CAAC,UAAU,CAAC,oBAAoB,CAAC;QACxD,CAAC,CAAC,oBAAoB;QACtB,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,oBAAoB,CAAC,CAAC;IAEnD,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,uBAAuB,CAAC,CAAC;IAEvE,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC/B,MAAM,IAAI,gCAAuB,CAC/B,mDAAmD,UAAU,IAAI;YAC/D,oDAAoD,CACvD,CAAC;IACJ,CAAC;IAED,OAAO,UAAU,CAAC;AACpB,CAAC;AAED,SAAS,kBAAkB,CAAC,GAAW,EAAE,QAAgB;IACvD,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;IAC9C,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,EAAE,CAAC,YAAY,CAAC,YAAY,CAAC,CAAC;QAC/C,IAAI,QAAQ;YAAE,OAAO,QAAQ,CAAC;IAChC,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,iGAAiG;QACjG,4CAA4C;QAC5C,6DAA6D;IAC/D,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,iHAAiH;AACjH,gHAAgH;AAChH,wGAAwG;AACxG,SAAS,wBAAwB,CAAC,GAAW,EAAE,QAAQ;IACrD,IAAI,WAAW,GAAkB,IAAI,CAAC;IAEtC,qCAAqC;IACrC,MAAM,SAAS,GAAG,kBAAkB,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;IACpD,IAAI,SAAS;QAAE,OAAO,SAAS,CAAC;IAEhC,KAAK,MAAM,IAAI,IAAI,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,EAAE,CAAC;QACvC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAEtC,yFAAyF;QACzF,IAAI,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;YACnC,WAAW,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC;QAC1C,CAAC;QAED,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC;YACzC,SAAS;QACX,CAAC;QAED,sDAAsD;QACtD,MAAM,SAAS,GAAG,wBAAwB,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAC/D,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,SAAS;QACX,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,OAAO,WAAW,IAAI,IAAI,CAAC;AAC7B,CAAC;AAED,KAAK,UAAU,qBAAqB,CAClC,uBAAiC,EACjC,WAAmB,EACnB,QAAgB,EAChB,2BAAmC,EACnC,6BAAqC,EACrC,qCAA8C,EAC9C,mBAA2B,EAC3B,aAA4B;IAE5B,MAAM,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;IACzC,uFAAuF;IACvF,MAAM,OAAO,GAAwB,EAAE,CAAC;IACxC,KAAK,MAAM,sBAAsB,IAAI,uBAAuB,EAAE,CAAC;QAC7D,0HAA0H;QAC1H,MAAM,UAAU,GAAG,MAAM,MAAM,CAAC,OAAO;QACrC,gKAAgK;QAChK,WAAW,IAAI,QAAQ,EACvB,sBAAsB,CACvB,CAAC;QAEF,gFAAgF;QAChF,MAAM,QAAQ,GAAG,GAAG,2BAA2B,YAAY,CAAC;QAC5D,MAAM,QAAQ,GAAG,wBAAwB,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;QAEhE,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,wBAAe,CACvB,oBAAoB,QAAQ,oBAAoB,UAAU,4DAA4D,CACvH,CAAC;QACJ,CAAC;QAED,MAAM,oBAAoB,GAAyB,IAAI,CAAC,KAAK,CAC3D,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,CAC3B,CAAC;QAEF,kHAAkH;QAClH,mEAAmE;QACnE,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,GAAG,CAAC,6BAA6B,EAAE;YAC/D,sBAAsB;SACvB,CAAC,CAAC;QACH,MAAM,mBAAmB,GAAwB,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QACtE,IAAI,mBAAmB,CAAC,aAAa,EAAE,CAAC;YACtC,MAAM,IAAI,6BAAoB,CAC5B,qDAAqD,sBAAsB,qDAAqD,CACjI,CAAC;QACJ,CAAC;QAED,IAAI,gBAAgB,GAAqB,EAAE,CAAC;QAE5C,IAAI,CAAC,sBAAsB,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;YACpD,gBAAgB;gBACd,eAAe,CAAC,yBAAyB,CAAC,oBAAoB,CAAC,CAAC;YAElE,gHAAgH;YAChH,oHAAoH;YACpH,kHAAkH;YAClH,kGAAkG;YAClG,IAAI,qCAAqC,EAAE,CAAC;gBAC1C,IAAI,aAAa,GAAW,EAAE,CAAC;gBAC/B,8BAA8B;gBAC9B,IAAI,WAAW,EAAE,CAAC;oBAChB,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;gBAC5C,CAAC;gBACD,6FAA6F;gBAC7F,0HAA0H;gBAC1H,mIAAmI;gBACnI,MAAM,MAAM,CAAC,OAAO,CAAC,CAAC,WAAW,CAAC,EAAE,aAAa,CAAC,CAAC;gBAEnD,gBAAgB,GAAG,MAAM,iBAAiB,CAAC,yBAAyB,CAClE,aAAa,IAAI,QAAQ,EACzB,gBAAgB,CACjB,CAAC;YACJ,CAAC;QACH,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,CACrC,mBAAmB,EACnB,aAAa,EACb,oBAAoB,EACpB,gBAAgB,EAChB,qCAAqC,CACtC,CAAC;QAEF,OAAO,CAAC,IAAI,CAAC;YACX,eAAe,EAAE,QAAQ;YACzB,eAAe,EAAE,sBAAsB;SACxC,CAAC,CAAC;IACL,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,KAAK,UAAU,wBAAwB,CACrC,uBAAiC,EACjC,WAAmB,EACnB,QAAgB,EAChB,6BAAqC,EACrC,mBAA2B,EAC3B,aAA4B;IAE5B,MAAM,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;IAEzC,MAAM,aAAa,GAAG,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;IAEzE,iEAAiE;IACjE,MAAM,qBAAqB,GAAG,uBAAuB,CAAC,IAAI,CACxD,CAAC,SAAS,EAAE,EAAE,CACZ,CAAC,SAAS,CAAC,QAAQ,CAAC,aAAa,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,YAAY,CAAC,CAC1E,CAAC;IAEF,MAAM,mBAAmB,GAAqB,EAAE,CAAC;IAEjD,wGAAwG;IACxG,IAAI,qBAAqB,EAAE,CAAC;QAC1B,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,GAAG,MAAM,IAAA,oCAAc,EAAC,aAAa,CAAC,CAAC;QACpE,MAAM,aAAa,GAAG,MAAM,MAAM,CAAC,OAAO,CACxC,CAAC,iBAAiB,CAAC,EACnB,aAAa,CACd,CAAC;QACF,MAAM,cAAc,GAAG,IAAA,+CAAyB,EAAC,aAAa,EAAE,UAAU,CAAC,CAAC;QAE5E,IAAI,CAAC;YACH,MAAM,aAAa,GAAW,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,gCAAU,GAAG,cAAc,IAAI,4CAAsB,EAAE,CAAC;YACjH,MAAM,aAAa,GAAW,EAAE,CAAC,YAAY,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;YACtE,KAAK,MAAM,GAAG,IAAI,aAAa,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC5C,IAAI,GAAG,EAAE,CAAC;oBACR,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;oBACvC,2BAA2B;oBAC3B,mBAAmB,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;gBAC7C,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,gCAAuB,CAC/B,+CAA+C,GAAG,EAAE,CACrD,CAAC;QACJ,CAAC;IACH,CAAC;IAED,uFAAuF;IACvF,MAAM,OAAO,GAAwB,EAAE,CAAC;IACxC,KAAK,MAAM,sBAAsB,IAAI,uBAAuB,EAAE,CAAC;QAC7D,kHAAkH;QAClH,mEAAmE;QACnE,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,GAAG,CAAC,6BAA6B,EAAE;YAC/D,sBAAsB;SACvB,CAAC,CAAC;QACH,MAAM,mBAAmB,GAAwB,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QACtE,IAAI,mBAAmB,CAAC,aAAa,EAAE,CAAC;YACtC,MAAM,IAAI,6BAAoB,CAC5B,qDAAqD,sBAAsB,qDAAqD,CACjI,CAAC;QACJ,CAAC;QAED,MAAM,SAAS,GAAc;YAC3B,mBAAmB;YACnB,mFAAmF;YACnF,8FAA8F;YAC9F,yDAAyD;YACzD,eAAe,EACb,sBAAsB,CAAC,QAAQ,CAAC,aAAa,CAAC;gBAC9C,sBAAsB,CAAC,QAAQ,CAAC,YAAY,CAAC;gBAC3C,CAAC,CAAC,SAAS;gBACX,CAAC,CAAC,mBAAmB,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;SACpE,CAAC;QAEF,IAAI,eAAe,GAAG,sBAAsB,CAAC;QAC7C,IAAI,mBAAmB,CAAC,SAAS,KAAK,cAAc,EAAE,CAAC;YACrD,eAAe,GAAG,mBAAmB,CAAC,mBAAmB,CAAC;QAC5D,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,CACrC,mBAAmB,EACnB,eAAe,EACf,aAAa,EACb,SAAS,CACV,CAAC;QAEF,OAAO,CAAC,IAAI,CAAC;YACX,eAAe,EAAE,QAAQ;YACzB,eAAe,EAAE,sBAAsB;SACxC,CAAC,CAAC;IACL,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAEM,KAAK,UAAU,sBAAsB,CAC1C,IAAwB,EACxB,UAA8B,EAC9B,YAA0B,EAC1B,4BAAqC,EACrC,qCAA8C,EAC9C,+BAAwC,EACxC,iBAA0B,EAC1B,eAAwB;IAExB,MAAM,QAAQ,GAAG,IAAI,IAAI,GAAG,CAAC;IAC7B,MAAM,cAAc,GAAG,UAAU,IAAI,GAAG,CAAC;IAEzC,+DAA+D;IAC/D,MAAM,eAAe,GAAG,MAAM,qBAAqB,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;IAC9E,MAAM,WAAW,GAAG,eAAe,CAAC,eAAe,CAAC,CAAC;IAErD,MAAM,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;IACzC,MAAM,aAAa,GACjB,MAAM,MAAM,CAAC,iBAAiB,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;IAEpD,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,UAAU,EAAE,CAAC;QACvC,MAAM,IAAI,gCAAuB,CAC/B,0DAA0D,cAAc,qDAAqD,CAC9H,CAAC;IACJ,CAAC;IAED,0GAA0G;IAC1G,wGAAwG;IACxG,MAAM,gBAAgB,GAAG,MAAM,CAAC,OAAO,CAAC,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,GAAG,CAC3E,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC,aAAa,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,CACrE,CAAC;IAEF,IAAI,gBAAgB,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QACjC,MAAM,IAAI,gCAAuB,CAC/B,0CAA0C,cAAc,qDAAqD,CAC9G,CAAC;IACJ,CAAC;IAED,IAAI,eAAe,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,eAAe,CAAC,EAAE,CAAC;QACnE,OAAO,CAAC,IAAI,CAAC,6DAA6D,eAAe;gEAC7B,gBAAgB,CAAC,IAAI,CAC/E,GAAG,CACJ;6EACwE,CAAC,CAAC;IAC7E,CAAC;IAED,IAAI,mBAAmB,GAAG,WAAW,CAAC,IAAI,EAAE,QAAQ,EAAE,iBAAiB,CAAC,CAAC;IAEzE,MAAM,2BAA2B,GAC/B,aAAa,EAAE,OAAO,EAAE,OAAO,EAAE,WAAW,CAAC;IAC/C,IACE,YAAY,KAAK,oBAAY,CAAC,WAAW;QACzC,4BAA4B,EAC5B,CAAC;QACD,IAAI,2BAA2B,EAAE,CAAC;YAChC,mBAAmB,GAAG,2BAA2B,CAAC;QACpD,CAAC;aAAM,CAAC;YACN,KAAK,CACH,4FAA4F,mBAAmB,EAAE,CAClH,CAAC;QACJ,CAAC;IACH,CAAC;IAED,kGAAkG;IAClG,MAAM,uBAAuB,GAAG,eAAe;QAC7C,CAAC,CAAC,CAAC,eAAe,CAAC;QACnB,CAAC,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC,SAAS,EAAE,EAAE;YACpC,+GAA+G;YAC/G,mHAAmH;YACnH,qHAAqH;YACrH,qBAAqB;YACrB,IAAI,+BAA+B,EAAE,CAAC;gBACpC,IACE,CAAC,UAAU,CAAC,8BAA8B,CAAC,SAAS,EAAE,UAAU,CAAC,EACjE,CAAC;oBACD,OAAO,KAAK,CAAC;gBACf,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC;YAED,IAAI,CAAC,UAAU,CAAC,8BAA8B,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC1D,OAAO,CAAC,IAAI,CACV,qPAAqP,SAAS,iCAAiC,CAChS,CAAC;gBACF,OAAO,KAAK,CAAC;YACf,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC,CAAC,CAAC;IAEP,IAAI,uBAAuB,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QACxC,MAAM,IAAI,6BAAoB,CAC5B,uEAAuE,CACxE,CAAC;IACJ,CAAC;IAED,6DAA6D;IAC7D,MAAM,MAAM,CAAC,QAAQ,EAAE,CAAC;IAExB,0FAA0F;IAC1F,MAAM,6BAA6B,GAAG,qBAAqB,CAAC,QAAQ,EAAE,CAAC;IACvE,MAAM,MAAM,CAAC,OAAO,CAAC,6BAA6B,CAAC,CAAC;IAEpD,yGAAyG;IACzG,MAAM,WAAW,GAAG,aAAa,CAAC,OAAO,CAAC,OAAO,CAAC,WAAW,CAAC;IAC9D,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,CAAC,IAAI,CACV,mLAAmL,CACpL,CAAC;IACJ,CAAC;IAED,IAAI,+BAA+B,EAAE,CAAC;QACpC,OAAO,wBAAwB,CAC7B,uBAAuB,EACvB,WAAW,EACX,QAAQ,EACR,6BAA6B,EAC7B,mBAAmB,EACnB,aAAa,CACd,CAAC;IACJ,CAAC;IAED,OAAO,qBAAqB,CAC1B,uBAAuB,EACvB,WAAW,EACX,QAAQ,EACR,2BAA2B,EAC3B,6BAA6B,EAC7B,qCAAqC,EACrC,mBAAmB,EACnB,aAAa,CACd,CAAC;AACJ,CAAC;AAEM,KAAK,UAAU,qBAAqB,CACzC,IAAwB,EACxB,UAA8B,EAC9B,kBAAsC,EACtC,YAA0B,EAC1B,4BAAqC,EACrC,iBAA0B;IAE1B,MAAM,QAAQ,GAAG,IAAI,IAAI,GAAG,CAAC;IAC7B,MAAM,cAAc,GAAG,UAAU,IAAI,GAAG,CAAC;IACzC,MAAM,eAAe,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;IAC/D,MAAM,WAAW,GAAG,eAAe,CAAC,eAAe,CAAC,CAAC;IACrD,MAAM,iBAAiB,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,QAAQ,CAAC,CAAC;IAClE,MAAM,cAAc,GAAG,iBAAiB,CACtC,kBAAkB,EAClB,iBAAiB,CAClB,CAAC;IAEF,IAAI,YAAY,KAAK,oBAAY,CAAC,YAAY,EAAE,CAAC;QAC/C,IAAI,IAAS,CAAC;QACd,IAAI,CAAC;YACH,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QACjC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,gCAAuB,CAAC,iCAAiC,GAAG,EAAE,CAAC,CAAC;QAC5E,CAAC;QAED,MAAM,kBAAkB,GAAG;YACzB,cAAc;YACd,YAAY;YACZ,UAAU;YACV,UAAU;SACX,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,IAAI,IAAI,CAAC,CAAC;QAC/B,IAAI,CAAC,kBAAkB,EAAE,CAAC;YACxB,MAAM,IAAI,8BAAqB,CAC7B,oDAAoD,CACrD,CAAC;QACJ,CAAC;IACH,CAAC;IAED,MAAM,IAAI,GAAG;QACX,YAAY,EAAE,EAAE;QAChB,IAAI,EAAE,EAAE;QACR,IAAI,EAAE,WAAW,CAAC,IAAI,EAAE,iBAAiB,EAAE,iBAAiB,CAAC;QAC7D,oBAAoB,EAAE,aAAa;QACnC,OAAO,EAAE,OAAO;KACjB,CAAC;IAEF,IAAI,gBAAmC,CAAC;IACxC,IAAI,CAAC;QACH,IAAI,YAAY,KAAK,oBAAY,CAAC,WAAW,EAAE,CAAC;YAC9C,gBAAgB;gBACd,YAAY,CAAC,+BAA+B,CAAC,iBAAiB,CAAC,CAAC;QACpE,CAAC;aAAM,CAAC;YACN,sEAAsE;YACtE,MAAM,0BAA0B,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,KAAK,CAAC,CAAC;YACxE,gBAAgB,GAAG,YAAY,CAAC,+BAA+B,CAC7D,0BAA0B,CAC3B,CAAC;YAEF,+FAA+F;YAC/F,IAAI,gBAAgB,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;gBACjC,+CAA+C;gBAC/C,IAAI,YAAY,KAAK,oBAAY,CAAC,eAAe,EAAE,CAAC;oBAClD,MAAM,sBAAsB,GAC1B,MAAM,oBAAoB,CAAC,yBAAyB,CAAC,WAAW,CAAC,CAAC;oBACpE,IAAI,sBAAsB,EAAE,CAAC;wBAC3B,gBAAgB,GAAG,CAAC,sBAAsB,CAAC,CAAC;oBAC9C,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC/B,CAAC;IAED,mDAAmD;IACnD,4FAA4F;IAC5F,MAAM,eAAe,GACnB,gBAAgB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;IACzE,IAAI,CAAC,IAAI,GAAG;QACV,eAAe,EAAE,eAAe;KACjC,CAAC;IAEF,MAAM,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACrC,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,KAAK,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;IAEzE,IACE,YAAY,KAAK,oBAAY,CAAC,WAAW;QACzC,4BAA4B,EAC5B,CAAC;QACD,MAAM,WAAW,GAAG,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,WAAW,CAAC;QAE5D,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,CAAC,IAAI,GAAG,WAAW,CAAC;QAC1B,CAAC;aAAM,CAAC;YACN,KAAK,CACH,2FAA2F;gBACzF,IAAI,CAAC,IAAI,CACZ,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC,SAAS,CAAC,KAAK,CAC3B,IAAI,EACJ,QAAQ,EACR,eAAe,EACf,cAAc,CACf,CAAC;AACJ,CAAC"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../lib/nuget-parser/index.ts"],"names":[],"mappings":";;AAmPA,wDAsGC;AAED,sDA4GC;AAvcD,yBAAyB;AACzB,6BAA6B;AAC7B,wDAAwD;AACxD,qCAAqC;AACrC,iDAAiD;AACjD,sEAAsE;AACtE,iEAAiE;AACjE,2EAA2E;AAC3E,mEAAmE;AACnE,yEAAyE;AACzE,sCAKmB;AACnB,mCAQiB;AACjB,uCAAuC;AACvC,yEAAyE;AACzE,+DAK+B;AAE/B,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;AAElC,MAAM,UAAU,GAAG,mBAAmB,CAAC;AACvC,MAAM,uBAAuB,GAAG,qBAAqB,CAAC;AAEtD,MAAM,OAAO,GAAG;IACd,aAAa,EAAE;QACb,SAAS,EAAE,gBAAgB;QAC3B,iBAAiB,EAAE,IAAI;KACxB;IACD,gBAAgB,EAAE;QAChB,SAAS,EAAE,kBAAkB;QAC7B,iBAAiB,EAAE,IAAI;KACxB;IACD,iBAAiB,EAAE;QACjB,SAAS,EAAE,qBAAqB;QAChC,iBAAiB,EAAE,oBAAoB;KACxC;IACD,cAAc,EAAE;QACd,SAAS,EAAE,qBAAqB;QAChC,iBAAiB,EAAE,iBAAiB;KACrC;CACF,CAAC;AAEF,SAAS,iBAAiB,CAAC,cAAc,EAAE,iBAAiB;IAC1D,IAAI,cAAc,EAAE,CAAC;QACnB,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,cAAc,CAAC,CAAC;IACrD,CAAC;IACD,OAAO,IAAI,CAAC,OAAO,CAAC,iBAAiB,EAAE,UAAU,CAAC,CAAC;AACrD,CAAC;AAED,SAAS,WAAW,CAClB,IAAa,EACb,iBAA0B,EAC1B,iBAA0B;IAE1B,MAAM,eAAe,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,iBAAiB,IAAI,EAAE,CAAC,CAAC;IACvE,IAAI,iBAAiB,EAAE,CAAC;QACtB,OAAO,iBAAiB,GAAG,eAAe,CAAC;IAC7C,CAAC;IACD,OAAO,eAAe,CAAC;AACzB,CAAC;AAED,SAAS,eAAe,CAAC,eAAuB;IAC9C,IAAI,CAAC;QACH,KAAK,CAAC,sBAAsB,eAAe,EAAE,CAAC,CAAC;QAC/C,OAAO,EAAE,CAAC,YAAY,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;IACnD,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,MAAM,IAAI,gCAAuB,CAAC,KAAK,CAAC,CAAC;IAC3C,CAAC;AACH,CAAC;AAED,KAAK,UAAU,qBAAqB,CAClC,IAAY,EACZ,UAAkB;IAElB,MAAM,kBAAkB,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;IAE1D,IAAI,EAAE,CAAC,UAAU,CAAC,kBAAkB,CAAC,EAAE,CAAC;QACtC,OAAO,kBAAkB,CAAC;IAC5B,CAAC;IAED,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC;IACvD,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;IAE/C,IAAI,WAAW,GAAkB,IAAI,CAAC;IACtC,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,EAAE,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;QACzC,MAAM,YAAY,GAAG,KAAK,CAAC,MAAM,CAC/B,CAAC,IAAI,EAAE,EAAE,CACP,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC;YACxB,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC;YACxB,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,CAC3B,CAAC;QAEF,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC5B,WAAW,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC;QAC1D,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,gCAAuB,CAC/B,sDAAsD,KAAK,EAAE,CAC9D,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,MAAM,IAAI,gCAAuB,CAC/B,uEAAuE,UAAU,EAAE,CACpF,CAAC;IACJ,CAAC;IAED,4DAA4D;IAC5D,MAAM,oBAAoB,GACxB,MAAM,MAAM,CAAC,6BAA6B,CAAC,WAAW,CAAC,CAAC;IAC1D,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC1B,MAAM,IAAI,wBAAe,CACvB,+DAA+D,WAAW,EAAE,CAC7E,CAAC;IACJ,CAAC;IAED,MAAM,YAAY,GAAG,IAAI,CAAC,UAAU,CAAC,oBAAoB,CAAC;QACxD,CAAC,CAAC,oBAAoB;QACtB,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,oBAAoB,CAAC,CAAC;IAEnD,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,uBAAuB,CAAC,CAAC;IAEvE,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC/B,MAAM,IAAI,gCAAuB,CAC/B,mDAAmD,UAAU,IAAI;YAC/D,oDAAoD,CACvD,CAAC;IACJ,CAAC;IAED,OAAO,UAAU,CAAC;AACpB,CAAC;AAED,KAAK,UAAU,wBAAwB,CACrC,uBAAiC,EACjC,WAAmB,EACnB,QAAgB,EAChB,6BAAqC,EACrC,mBAA2B,EAC3B,aAA4B;IAE5B,MAAM,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;IAEzC,MAAM,aAAa,GAAG,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;IAEzE,iEAAiE;IACjE,MAAM,qBAAqB,GAAG,uBAAuB,CAAC,IAAI,CACxD,CAAC,SAAS,EAAE,EAAE,CACZ,CAAC,SAAS,CAAC,QAAQ,CAAC,aAAa,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,YAAY,CAAC,CAC1E,CAAC;IAEF,MAAM,mBAAmB,GAAqB,EAAE,CAAC;IAEjD,wGAAwG;IACxG,IAAI,qBAAqB,EAAE,CAAC;QAC1B,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,GAAG,MAAM,IAAA,oCAAc,EAAC,aAAa,CAAC,CAAC;QACpE,MAAM,aAAa,GAAG,MAAM,MAAM,CAAC,OAAO,CACxC,CAAC,iBAAiB,CAAC,EACnB,aAAa,CACd,CAAC;QACF,MAAM,cAAc,GAAG,IAAA,+CAAyB,EAAC,aAAa,EAAE,UAAU,CAAC,CAAC;QAE5E,IAAI,CAAC;YACH,MAAM,aAAa,GAAW,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,gCAAU,GAAG,cAAc,IAAI,4CAAsB,EAAE,CAAC;YACjH,MAAM,aAAa,GAAW,EAAE,CAAC,YAAY,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;YACtE,KAAK,MAAM,GAAG,IAAI,aAAa,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC5C,IAAI,GAAG,EAAE,CAAC;oBACR,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;oBACvC,2BAA2B;oBAC3B,mBAAmB,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;gBAC7C,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,gCAAuB,CAC/B,+CAA+C,GAAG,EAAE,CACrD,CAAC;QACJ,CAAC;IACH,CAAC;IAED,uFAAuF;IACvF,MAAM,OAAO,GAAwB,EAAE,CAAC;IACxC,KAAK,MAAM,sBAAsB,IAAI,uBAAuB,EAAE,CAAC;QAC7D,kHAAkH;QAClH,mEAAmE;QACnE,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,GAAG,CAAC,6BAA6B,EAAE;YAC/D,sBAAsB;SACvB,CAAC,CAAC;QACH,MAAM,mBAAmB,GAAwB,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QACtE,IAAI,mBAAmB,CAAC,aAAa,EAAE,CAAC;YACtC,MAAM,IAAI,6BAAoB,CAC5B,qDAAqD,sBAAsB,qDAAqD,CACjI,CAAC;QACJ,CAAC;QAED,MAAM,SAAS,GAAc;YAC3B,mBAAmB;YACnB,mFAAmF;YACnF,8FAA8F;YAC9F,yDAAyD;YACzD,eAAe,EACb,sBAAsB,CAAC,QAAQ,CAAC,aAAa,CAAC;gBAC9C,sBAAsB,CAAC,QAAQ,CAAC,YAAY,CAAC;gBAC3C,CAAC,CAAC,SAAS;gBACX,CAAC,CAAC,mBAAmB,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;SACpE,CAAC;QAEF,IAAI,eAAe,GAAG,sBAAsB,CAAC;QAC7C,IAAI,mBAAmB,CAAC,SAAS,KAAK,cAAc,EAAE,CAAC;YACrD,eAAe,GAAG,mBAAmB,CAAC,mBAAmB,CAAC;QAC5D,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,CACrC,mBAAmB,EACnB,eAAe,EACf,aAAa,EACb,SAAS,CACV,CAAC;QAEF,OAAO,CAAC,IAAI,CAAC;YACX,eAAe,EAAE,QAAQ;YACzB,eAAe,EAAE,sBAAsB;SACxC,CAAC,CAAC;IACL,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAEM,KAAK,UAAU,sBAAsB,CAC1C,IAAwB,EACxB,UAA8B,EAC9B,YAA0B,EAC1B,4BAAqC,EACrC,iBAA0B,EAC1B,eAAwB;IAExB,MAAM,QAAQ,GAAG,IAAI,IAAI,GAAG,CAAC;IAC7B,MAAM,cAAc,GAAG,UAAU,IAAI,GAAG,CAAC;IAEzC,+DAA+D;IAC/D,MAAM,eAAe,GAAG,MAAM,qBAAqB,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;IAC9E,MAAM,WAAW,GAAG,eAAe,CAAC,eAAe,CAAC,CAAC;IAErD,MAAM,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;IACzC,MAAM,aAAa,GACjB,MAAM,CAAC,iBAAiB,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;IAE9C,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,UAAU,EAAE,CAAC;QACvC,MAAM,IAAI,gCAAuB,CAC/B,0DAA0D,cAAc,qDAAqD,CAC9H,CAAC;IACJ,CAAC;IAED,0GAA0G;IAC1G,wGAAwG;IACxG,MAAM,gBAAgB,GAAG,MAAM,CAAC,OAAO,CAAC,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,GAAG,CAC3E,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC,aAAa,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,CACrE,CAAC;IAEF,IAAI,gBAAgB,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QACjC,MAAM,IAAI,gCAAuB,CAC/B,0CAA0C,cAAc,qDAAqD,CAC9G,CAAC;IACJ,CAAC;IAED,IAAI,eAAe,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,eAAe,CAAC,EAAE,CAAC;QACnE,OAAO,CAAC,IAAI,CAAC,6DAA6D,eAAe;gEAC7B,gBAAgB,CAAC,IAAI,CAC/E,GAAG,CACJ;6EACwE,CAAC,CAAC;IAC7E,CAAC;IAED,IAAI,mBAAmB,GAAG,WAAW,CAAC,IAAI,EAAE,QAAQ,EAAE,iBAAiB,CAAC,CAAC;IAEzE,MAAM,2BAA2B,GAC/B,aAAa,EAAE,OAAO,EAAE,OAAO,EAAE,WAAW,CAAC;IAC/C,IACE,YAAY,KAAK,oBAAY,CAAC,WAAW;QACzC,4BAA4B,EAC5B,CAAC;QACD,IAAI,2BAA2B,EAAE,CAAC;YAChC,mBAAmB,GAAG,2BAA2B,CAAC;QACpD,CAAC;aAAM,CAAC;YACN,KAAK,CACH,4FAA4F,mBAAmB,EAAE,CAClH,CAAC;QACJ,CAAC;IACH,CAAC;IAED,kGAAkG;IAClG,+GAA+G;IAC/G,mHAAmH;IACnH,qHAAqH;IACrH,qBAAqB;IACrB,MAAM,uBAAuB,GAAG,eAAe;QAC7C,CAAC,CAAC,CAAC,eAAe,CAAC;QACnB,CAAC,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC,SAAS,EAAE,EAAE,CACpC,UAAU,CAAC,8BAA8B,CAAC,SAAS,EAAE,UAAU,CAAC,CACjE,CAAC;IAEN,IAAI,uBAAuB,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QACxC,MAAM,IAAI,6BAAoB,CAC5B,uEAAuE,CACxE,CAAC;IACJ,CAAC;IAED,6DAA6D;IAC7D,MAAM,MAAM,CAAC,QAAQ,EAAE,CAAC;IAExB,0FAA0F;IAC1F,MAAM,6BAA6B,GAAG,qBAAqB,CAAC,QAAQ,EAAE,CAAC;IACvE,MAAM,MAAM,CAAC,OAAO,CAAC,6BAA6B,CAAC,CAAC;IAEpD,yGAAyG;IACzG,MAAM,WAAW,GAAG,aAAa,CAAC,OAAO,CAAC,OAAO,CAAC,WAAW,CAAC;IAC9D,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,CAAC,IAAI,CACV,mLAAmL,CACpL,CAAC;IACJ,CAAC;IAED,OAAO,wBAAwB,CAC7B,uBAAuB,EACvB,WAAW,EACX,QAAQ,EACR,6BAA6B,EAC7B,mBAAmB,EACnB,aAAa,CACd,CAAC;AACJ,CAAC;AAEM,KAAK,UAAU,qBAAqB,CACzC,IAAwB,EACxB,UAA8B,EAC9B,kBAAsC,EACtC,YAA0B,EAC1B,4BAAqC,EACrC,iBAA0B;IAE1B,MAAM,QAAQ,GAAG,IAAI,IAAI,GAAG,CAAC;IAC7B,MAAM,cAAc,GAAG,UAAU,IAAI,GAAG,CAAC;IACzC,MAAM,eAAe,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;IAC/D,MAAM,WAAW,GAAG,eAAe,CAAC,eAAe,CAAC,CAAC;IACrD,MAAM,iBAAiB,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,QAAQ,CAAC,CAAC;IAClE,MAAM,cAAc,GAAG,iBAAiB,CACtC,kBAAkB,EAClB,iBAAiB,CAClB,CAAC;IAEF,IAAI,YAAY,KAAK,oBAAY,CAAC,YAAY,EAAE,CAAC;QAC/C,IAAI,IAAS,CAAC;QACd,IAAI,CAAC;YACH,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QACjC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,gCAAuB,CAAC,iCAAiC,GAAG,EAAE,CAAC,CAAC;QAC5E,CAAC;QAED,MAAM,kBAAkB,GAAG;YACzB,cAAc;YACd,YAAY;YACZ,UAAU;YACV,UAAU;SACX,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,IAAI,IAAI,CAAC,CAAC;QAC/B,IAAI,CAAC,kBAAkB,EAAE,CAAC;YACxB,MAAM,IAAI,8BAAqB,CAC7B,oDAAoD,CACrD,CAAC;QACJ,CAAC;IACH,CAAC;IAED,MAAM,IAAI,GAAG;QACX,YAAY,EAAE,EAAE;QAChB,IAAI,EAAE,EAAE;QACR,IAAI,EAAE,WAAW,CAAC,IAAI,EAAE,iBAAiB,EAAE,iBAAiB,CAAC;QAC7D,oBAAoB,EAAE,aAAa;QACnC,OAAO,EAAE,OAAO;KACjB,CAAC;IAEF,IAAI,gBAAmC,CAAC;IACxC,IAAI,CAAC;QACH,IAAI,YAAY,KAAK,oBAAY,CAAC,WAAW,EAAE,CAAC;YAC9C,gBAAgB;gBACd,YAAY,CAAC,+BAA+B,CAAC,iBAAiB,CAAC,CAAC;QACpE,CAAC;aAAM,CAAC;YACN,sEAAsE;YACtE,MAAM,0BAA0B,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,KAAK,CAAC,CAAC;YACxE,gBAAgB,GAAG,YAAY,CAAC,+BAA+B,CAC7D,0BAA0B,CAC3B,CAAC;YAEF,+FAA+F;YAC/F,IAAI,gBAAgB,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;gBACjC,+CAA+C;gBAC/C,IAAI,YAAY,KAAK,oBAAY,CAAC,eAAe,EAAE,CAAC;oBAClD,MAAM,sBAAsB,GAC1B,MAAM,oBAAoB,CAAC,yBAAyB,CAAC,WAAW,CAAC,CAAC;oBACpE,IAAI,sBAAsB,EAAE,CAAC;wBAC3B,gBAAgB,GAAG,CAAC,sBAAsB,CAAC,CAAC;oBAC9C,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC/B,CAAC;IAED,mDAAmD;IACnD,4FAA4F;IAC5F,MAAM,eAAe,GACnB,gBAAgB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;IACzE,IAAI,CAAC,IAAI,GAAG;QACV,eAAe,EAAE,eAAe;KACjC,CAAC;IAEF,MAAM,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACrC,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,KAAK,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;IAEzE,IACE,YAAY,KAAK,oBAAY,CAAC,WAAW;QACzC,4BAA4B,EAC5B,CAAC;QACD,MAAM,WAAW,GAAG,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,WAAW,CAAC;QAE5D,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,CAAC,IAAI,GAAG,WAAW,CAAC;QAC1B,CAAC;aAAM,CAAC;YACN,KAAK,CACH,2FAA2F;gBACzF,IAAI,CAAC,IAAI,CACZ,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC,SAAS,CAAC,KAAK,CAC3B,IAAI,EACJ,QAAQ,EACR,eAAe,EACf,cAAc,CACf,CAAC;AACJ,CAAC"}
package/dist/nuget-parser/parsers/dotnet-core-v3-parser.js CHANGED
@@ -30,35 +30,37 @@ function recursivelyPopulateNodes(depGraphBuilder, resolvedPackages, parentID, d
30
30
  }
31
31
  // Find the actual resolved version and target for this package name
32
32
  // NuGet may resolve to a different version than what's declared in transitive dependencies
33
- const resolvedPackage = resolvedPackages[childName];
33
+ // and use the lowercased name as NuGet packages are case-insensitive
34
+ const lowercaseChildName = childName.toLowerCase();
35
+ const resolvedPackage = resolvedPackages[lowercaseChildName];
34
36
  if (!resolvedPackage) {
35
37
  debug(`Child package ${childName} not found in lock file packages for framework.`);
36
38
  continue;
37
39
  }
38
- const { resolvedVersion: actualResolvedVersion, target: childPkgEntry } = resolvedPackage;
40
+ const { name: actualPkgName, resolvedVersion: actualResolvedVersion, target: childPkgEntry, } = resolvedPackage;
39
41
  if (childResolvedVersion !== actualResolvedVersion) {
40
42
  debug(`Version mismatch for ${childName}: declared ${childResolvedVersion}, using resolved ${actualResolvedVersion}`);
41
43
  }
42
- const childID = `${childName}@${actualResolvedVersion}`;
44
+ const childID = `${actualPkgName}@${actualResolvedVersion}`;
43
45
  let finalVersion = actualResolvedVersion;
44
46
  // If we're looking at a runtime assembly version for self-contained dlls, overwrite the dependency version
45
47
  // we've found in the graph with those from the runtime assembly, as they take precedence.
46
48
  if (overrides.overrideVersion &&
47
49
  +actualResolvedVersion.split('.')[0] < 6 &&
48
- childName in overrides.overridesAssemblies &&
49
- +overrides.overridesAssemblies[childName].split('.')[0] < 6) {
50
+ actualPkgName in overrides.overridesAssemblies &&
51
+ +overrides.overridesAssemblies[actualPkgName].split('.')[0] < 6) {
50
52
  finalVersion = overrides.overrideVersion;
51
53
  }
52
54
  if (localVisited.has(childID)) {
53
55
  const prunedID = `${childID}:pruned`;
54
- depGraphBuilder.addPkgNode({ name: childName, version: finalVersion }, prunedID, {
56
+ depGraphBuilder.addPkgNode({ name: actualPkgName, version: finalVersion }, prunedID, {
55
57
  labels: { pruned: 'true' },
56
58
  });
57
59
  depGraphBuilder.connectDep(parentID, prunedID);
58
60
  debug(`Pruning duplicate dependency: ${parentID} -> ${childID}`);
59
61
  continue;
60
62
  }
61
- depGraphBuilder.addPkgNode({ name: childName, version: finalVersion }, childID);
63
+ depGraphBuilder.addPkgNode({ name: actualPkgName, version: finalVersion }, childID);
62
64
  depGraphBuilder.connectDep(parentID, childID);
63
65
  localVisited.add(childID);
64
66
  debug(`Adding dependency: ${parentID} -> ${childID}`);
@@ -92,7 +94,12 @@ function buildDepGraph(projectName, targetFramework, projectAssets, overrides) {
92
94
  const resolvedPackages = {};
93
95
  for (const [key, target] of Object.entries(allPackagesForFramework)) {
94
96
  const [name, version] = key.split('/');
95
- resolvedPackages[name] = { resolvedVersion: version, target };
97
+ // Use the lowercased name for lookups as NuGet packages are case-insensitive.
98
+ resolvedPackages[name.toLowerCase()] = {
99
+ name,
100
+ resolvedVersion: version,
101
+ target,
102
+ };
96
103
  }
97
104
  // Identify direct dependencies for the selected framework
98
105
  const directDependencies = {};
package/dist/nuget-parser/parsers/dotnet-core-v3-parser.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"dotnet-core-v3-parser.js","sourceRoot":"","sources":["../../../lib/nuget-parser/parsers/dotnet-core-v3-parser.ts"],"names":[],"mappings":";;;AA2OA,sBAaC;AAxPD,qCAAqC;AAErC,+CAAkD;AAClD,yCAAoD;AAGpD,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;AAElC,oDAAoD;AACvC,QAAA,0BAA0B,GAAG;IACxC,gHAAgH;IAChH,oHAAoH;IACpH,sHAAsH;IACtH,sHAAsH;IACtH,8EAA8E;IAC9E,SAAS;CACV,CAAC;AAEF,SAAS,wBAAwB,CAC/B,eAAgC,EAChC,gBAAqC,EACrC,QAAgB,EAChB,YAAoC,EACpC,SAAoB,EACpB,OAAqB;IAErB,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,OAAO;IACT,CAAC;IACD,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC;IACrC,KAAK,MAAM,CAAC,SAAS,EAAE,oBAAoB,CAAC,IAAI,MAAM,CAAC,OAAO,CAC5D,YAAY,CACb,EAAE,CAAC;QACF,MAAM,YAAY,GAAG,WAAW,IAAI,IAAI,GAAG,EAAU,CAAC;QACtD,gHAAgH;QAChH,+FAA+F;QAC/F,IACE,kCAA0B,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,SAAS,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,EACzE,CAAC;YACD,KAAK,CAAC,GAAG,SAAS,kDAAkD,CAAC,CAAC;YACtE,SAAS;QACX,CAAC;QAED,oEAAoE;QACpE,2FAA2F;QAC3F,MAAM,eAAe,GAAG,gBAAgB,CAAC,SAAS,CAAC,CAAC;QACpD,IAAI,CAAC,eAAe,EAAE,CAAC;YACrB,KAAK,CACH,iBAAiB,SAAS,iDAAiD,CAC5E,CAAC;YACF,SAAS;QACX,CAAC;QAED,MAAM,EAAE,eAAe,EAAE,qBAAqB,EAAE,MAAM,EAAE,aAAa,EAAE,GACrE,eAAe,CAAC;QAElB,IAAI,oBAAoB,KAAK,qBAAqB,EAAE,CAAC;YACnD,KAAK,CACH,wBAAwB,SAAS,cAAc,oBAAoB,oBAAoB,qBAAqB,EAAE,CAC/G,CAAC;QACJ,CAAC;QAED,MAAM,OAAO,GAAG,GAAG,SAAS,IAAI,qBAAqB,EAAE,CAAC;QAExD,IAAI,YAAY,GAAG,qBAAqB,CAAC;QAEzC,2GAA2G;QAC3G,0FAA0F;QAC1F,IACE,SAAS,CAAC,eAAe;YACzB,CAAC,qBAAqB,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;YACxC,SAAS,IAAI,SAAS,CAAC,mBAAmB;YAC1C,CAAC,SAAS,CAAC,mBAAmB,CAAC,SAAS,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAC3D,CAAC;YACD,YAAY,GAAG,SAAS,CAAC,eAAe,CAAC;QAC3C,CAAC;QAED,IAAI,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;YAC9B,MAAM,QAAQ,GAAG,GAAG,OAAO,SAAS,CAAC;YACrC,eAAe,CAAC,UAAU,CACxB,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,YAAY,EAAE,EAC1C,QAAQ,EACR;gBACE,MAAM,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE;aAC3B,CACF,CAAC;YACF,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;YAC/C,KAAK,CAAC,iCAAiC,QAAQ,OAAO,OAAO,EAAE,CAAC,CAAC;YACjE,SAAS;QACX,CAAC;QAED,eAAe,CAAC,UAAU,CACxB,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,YAAY,EAAE,EAC1C,OAAO,CACR,CAAC;QACF,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC9C,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAE1B,KAAK,CAAC,sBAAsB,QAAQ,OAAO,OAAO,EAAE,CAAC,CAAC;QAEtD,wBAAwB,CACtB,eAAe,EACf,gBAAgB,EAChB,OAAO,EACP,aAAa,CAAC,YAAY,EAC1B,SAAS,EACT,YAAY,CACb,CAAC;IACJ,CAAC;AACH,CAAC;AAED,SAAS,aAAa,CACpB,WAAmB,EACnB,eAAuB,EACvB,aAA4B,EAC5B,SAAoB;IAEpB,MAAM,eAAe,GAAG,IAAI,2BAAe,CACzC,EAAE,IAAI,EAAE,OAAO,EAAE,EACjB;QACE,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,aAAa,CAAC,OAAO,CAAC,OAAO;KACvC,CACF,CAAC;IAEF,IAAI,CAAC,eAAe,EAAE,CAAC;QACrB,gFAAgF;QAChF,MAAM,IAAI,6BAAoB,CAC5B,mDAAmD,CACpD,CAAC;IACJ,CAAC;IAED,MAAM,sBAAsB,GAAG,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;IAElE,+GAA+G;IAC/G,wEAAwE;IACxE,gDAAgD;IAChD,MAAM,cAAc,GAAG,sBAAsB,CAAC,MAAM,CAClD,CAAC,MAAM,EAAE,EAAE,CACT,MAAM,CAAC,UAAU,CAAC,eAAe,CAAC,IAAI,eAAe,CAAC,UAAU,CAAC,MAAM,CAAC,CAC3E,CAAC;IAEF,oHAAoH;IACpH,MAAM,qBAAqB,GACzB,cAAc,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,CAAC;IAE5E,IAAI,CAAC,qBAAqB,EAAE,CAAC;QAC3B,gFAAgF;QAChF,MAAM,IAAI,6BAAoB,CAC5B,kEAAkE,eAAe,aAAa,CAC/F,CAAC;IACJ,CAAC;IAED,IAAI,qBAAqB,KAAK,eAAe,EAAE,CAAC;QAC9C,KAAK,CACH,SAAS,qBAAqB,yBAAyB,eAAe,sBAAsB,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CACxH,CAAC;IACJ,CAAC;IAED,MAAM,uBAAuB,GAAG,aAAa,CAAC,OAAO,CAAC,qBAAqB,CAAC,CAAC;IAE7E,MAAM,gBAAgB,GAAwB,EAAE,CAAC;IACjD,KAAK,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,uBAAuB,CAAC,EAAE,CAAC;QACpE,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACvC,gBAAgB,CAAC,IAAI,CAAC,GAAG,EAAE,eAAe,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC;IAChE,CAAC;IAED,0DAA0D;IAC1D,MAAM,kBAAkB,GAA2B,EAAE,CAAC;IACtD,aAAa,CAAC,2BAA2B,CAAC,qBAAqB,CAAC,CAAC,OAAO,CACtE,CAAC,UAAkB,EAAE,EAAE;QACrB,MAAM,eAAe,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC9C,kBAAkB,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC;IAC9D,CAAC,CACF,CAAC;IAEF,KAAK,CACH,8CAA8C,qBAAqB,MAAM,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAC5G,CAAC;IAEF,IAAI,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjD,KAAK,CACH,iFAAiF,CAClF,CAAC;QACF,8DAA8D;QAC9D,OAAO,eAAe,CAAC,KAAK,EAAE,CAAC;IACjC,CAAC;IAED,sDAAsD;IACtD,wBAAwB,CACtB,eAAe,EACf,gBAAgB,EAChB,WAAW,EACX,kBAAkB,EAAE,sCAAsC;IAC1D,SAAS,CACV,CAAC;IAEF,OAAO,eAAe,CAAC,KAAK,EAAE,CAAC;AACjC,CAAC;AAED,SAAS,gBAAgB,CAAC,QAAuB;IAC/C,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;QACtB,MAAM,IAAI,6BAAoB,CAC5B,oDAAoD,CACrD,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC;QACjC,MAAM,IAAI,6BAAoB,CAC5B,iDAAiD,CAClD,CAAC;IACJ,CAAC;IAED,IACE,CAAC,QAAQ,CAAC,OAAO,CAAC,UAAU;QAC5B,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,MAAM,KAAK,CAAC,EACrD,CAAC;QACD,MAAM,IAAI,6BAAoB,CAC5B,gDAAgD,CACjD,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;QACtB,MAAM,IAAI,6BAAoB,CAC5B,8CAA8C,CAC/C,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,QAAQ,CAAC,OAAO,IAAI,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACpE,MAAM,IAAI,6BAAoB,CAC5B,6CAA6C,CAC9C,CAAC;IACJ,CAAC;AACH,CAAC;AAED,SAAgB,KAAK,CACnB,WAAmB,EACnB,eAAuB,EACvB,aAA4B,EAC5B,SAAoB;IAEpB,KAAK,CACH,uEAAuE,CACxE,CAAC;IAEF,gBAAgB,CAAC,aAAa,CAAC,CAAC;IAEhC,OAAO,aAAa,CAAC,WAAW,EAAE,eAAe,EAAE,aAAa,EAAE,SAAS,CAAC,CAAC;AAC/E,CAAC"}
1
+ {"version":3,"file":"dotnet-core-v3-parser.js","sourceRoot":"","sources":["../../../lib/nuget-parser/parsers/dotnet-core-v3-parser.ts"],"names":[],"mappings":";;;AAqPA,sBAaC;AAlQD,qCAAqC;AAErC,+CAAkD;AAClD,yCAAoD;AAGpD,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;AAElC,oDAAoD;AACvC,QAAA,0BAA0B,GAAG;IACxC,gHAAgH;IAChH,oHAAoH;IACpH,sHAAsH;IACtH,sHAAsH;IACtH,8EAA8E;IAC9E,SAAS;CACV,CAAC;AAEF,SAAS,wBAAwB,CAC/B,eAAgC,EAChC,gBAAqC,EACrC,QAAgB,EAChB,YAAoC,EACpC,SAAoB,EACpB,OAAqB;IAErB,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,OAAO;IACT,CAAC;IACD,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC;IACrC,KAAK,MAAM,CAAC,SAAS,EAAE,oBAAoB,CAAC,IAAI,MAAM,CAAC,OAAO,CAC5D,YAAY,CACb,EAAE,CAAC;QACF,MAAM,YAAY,GAAG,WAAW,IAAI,IAAI,GAAG,EAAU,CAAC;QACtD,gHAAgH;QAChH,+FAA+F;QAC/F,IACE,kCAA0B,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,SAAS,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,EACzE,CAAC;YACD,KAAK,CAAC,GAAG,SAAS,kDAAkD,CAAC,CAAC;YACtE,SAAS;QACX,CAAC;QAED,oEAAoE;QACpE,2FAA2F;QAC3F,qEAAqE;QACrE,MAAM,kBAAkB,GAAG,SAAS,CAAC,WAAW,EAAE,CAAC;QACnD,MAAM,eAAe,GAAG,gBAAgB,CAAC,kBAAkB,CAAC,CAAC;QAC7D,IAAI,CAAC,eAAe,EAAE,CAAC;YACrB,KAAK,CACH,iBAAiB,SAAS,iDAAiD,CAC5E,CAAC;YACF,SAAS;QACX,CAAC;QAED,MAAM,EACJ,IAAI,EAAE,aAAa,EACnB,eAAe,EAAE,qBAAqB,EACtC,MAAM,EAAE,aAAa,GACtB,GAAG,eAAe,CAAC;QAEpB,IAAI,oBAAoB,KAAK,qBAAqB,EAAE,CAAC;YACnD,KAAK,CACH,wBAAwB,SAAS,cAAc,oBAAoB,oBAAoB,qBAAqB,EAAE,CAC/G,CAAC;QACJ,CAAC;QAED,MAAM,OAAO,GAAG,GAAG,aAAa,IAAI,qBAAqB,EAAE,CAAC;QAE5D,IAAI,YAAY,GAAG,qBAAqB,CAAC;QAEzC,2GAA2G;QAC3G,0FAA0F;QAC1F,IACE,SAAS,CAAC,eAAe;YACzB,CAAC,qBAAqB,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;YACxC,aAAa,IAAI,SAAS,CAAC,mBAAmB;YAC9C,CAAC,SAAS,CAAC,mBAAmB,CAAC,aAAa,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAC/D,CAAC;YACD,YAAY,GAAG,SAAS,CAAC,eAAe,CAAC;QAC3C,CAAC;QAED,IAAI,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;YAC9B,MAAM,QAAQ,GAAG,GAAG,OAAO,SAAS,CAAC;YACrC,eAAe,CAAC,UAAU,CACxB,EAAE,IAAI,EAAE,aAAa,EAAE,OAAO,EAAE,YAAY,EAAE,EAC9C,QAAQ,EACR;gBACE,MAAM,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE;aAC3B,CACF,CAAC;YACF,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;YAC/C,KAAK,CAAC,iCAAiC,QAAQ,OAAO,OAAO,EAAE,CAAC,CAAC;YACjE,SAAS;QACX,CAAC;QAED,eAAe,CAAC,UAAU,CACxB,EAAE,IAAI,EAAE,aAAa,EAAE,OAAO,EAAE,YAAY,EAAE,EAC9C,OAAO,CACR,CAAC;QACF,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC9C,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAE1B,KAAK,CAAC,sBAAsB,QAAQ,OAAO,OAAO,EAAE,CAAC,CAAC;QAEtD,wBAAwB,CACtB,eAAe,EACf,gBAAgB,EAChB,OAAO,EACP,aAAa,CAAC,YAAY,EAC1B,SAAS,EACT,YAAY,CACb,CAAC;IACJ,CAAC;AACH,CAAC;AAED,SAAS,aAAa,CACpB,WAAmB,EACnB,eAAuB,EACvB,aAA4B,EAC5B,SAAoB;IAEpB,MAAM,eAAe,GAAG,IAAI,2BAAe,CACzC,EAAE,IAAI,EAAE,OAAO,EAAE,EACjB;QACE,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,aAAa,CAAC,OAAO,CAAC,OAAO;KACvC,CACF,CAAC;IAEF,IAAI,CAAC,eAAe,EAAE,CAAC;QACrB,gFAAgF;QAChF,MAAM,IAAI,6BAAoB,CAC5B,mDAAmD,CACpD,CAAC;IACJ,CAAC;IAED,MAAM,sBAAsB,GAAG,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;IAElE,+GAA+G;IAC/G,wEAAwE;IACxE,gDAAgD;IAChD,MAAM,cAAc,GAAG,sBAAsB,CAAC,MAAM,CAClD,CAAC,MAAM,EAAE,EAAE,CACT,MAAM,CAAC,UAAU,CAAC,eAAe,CAAC,IAAI,eAAe,CAAC,UAAU,CAAC,MAAM,CAAC,CAC3E,CAAC;IAEF,oHAAoH;IACpH,MAAM,qBAAqB,GACzB,cAAc,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,CAAC;IAE5E,IAAI,CAAC,qBAAqB,EAAE,CAAC;QAC3B,gFAAgF;QAChF,MAAM,IAAI,6BAAoB,CAC5B,kEAAkE,eAAe,aAAa,CAC/F,CAAC;IACJ,CAAC;IAED,IAAI,qBAAqB,KAAK,eAAe,EAAE,CAAC;QAC9C,KAAK,CACH,SAAS,qBAAqB,yBAAyB,eAAe,sBAAsB,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CACxH,CAAC;IACJ,CAAC;IAED,MAAM,uBAAuB,GAAG,aAAa,CAAC,OAAO,CAAC,qBAAqB,CAAC,CAAC;IAE7E,MAAM,gBAAgB,GAAwB,EAAE,CAAC;IACjD,KAAK,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,uBAAuB,CAAC,EAAE,CAAC;QACpE,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACvC,8EAA8E;QAC9E,gBAAgB,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,GAAG;YACrC,IAAI;YACJ,eAAe,EAAE,OAAO;YACxB,MAAM;SACP,CAAC;IACJ,CAAC;IAED,0DAA0D;IAC1D,MAAM,kBAAkB,GAA2B,EAAE,CAAC;IACtD,aAAa,CAAC,2BAA2B,CAAC,qBAAqB,CAAC,CAAC,OAAO,CACtE,CAAC,UAAkB,EAAE,EAAE;QACrB,MAAM,eAAe,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC9C,kBAAkB,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC;IAC9D,CAAC,CACF,CAAC;IAEF,KAAK,CACH,8CAA8C,qBAAqB,MAAM,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAC5G,CAAC;IAEF,IAAI,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjD,KAAK,CACH,iFAAiF,CAClF,CAAC;QACF,8DAA8D;QAC9D,OAAO,eAAe,CAAC,KAAK,EAAE,CAAC;IACjC,CAAC;IAED,sDAAsD;IACtD,wBAAwB,CACtB,eAAe,EACf,gBAAgB,EAChB,WAAW,EACX,kBAAkB,EAAE,sCAAsC;IAC1D,SAAS,CACV,CAAC;IAEF,OAAO,eAAe,CAAC,KAAK,EAAE,CAAC;AACjC,CAAC;AAED,SAAS,gBAAgB,CAAC,QAAuB;IAC/C,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;QACtB,MAAM,IAAI,6BAAoB,CAC5B,oDAAoD,CACrD,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC;QACjC,MAAM,IAAI,6BAAoB,CAC5B,iDAAiD,CAClD,CAAC;IACJ,CAAC;IAED,IACE,CAAC,QAAQ,CAAC,OAAO,CAAC,UAAU;QAC5B,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,MAAM,KAAK,CAAC,EACrD,CAAC;QACD,MAAM,IAAI,6BAAoB,CAC5B,gDAAgD,CACjD,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;QACtB,MAAM,IAAI,6BAAoB,CAC5B,8CAA8C,CAC/C,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,QAAQ,CAAC,OAAO,IAAI,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACpE,MAAM,IAAI,6BAAoB,CAC5B,6CAA6C,CAC9C,CAAC;IACJ,CAAC;AACH,CAAC;AAED,SAAgB,KAAK,CACnB,WAAmB,EACnB,eAAuB,EACvB,aAA4B,EAC5B,SAAoB;IAEpB,KAAK,CACH,uEAAuE,CACxE,CAAC;IAEF,gBAAgB,CAAC,aAAa,CAAC,CAAC;IAEhC,OAAO,aAAa,CAAC,WAAW,EAAE,eAAe,EAAE,aAAa,EAAE,SAAS,CAAC,CAAC;AAC/E,CAAC"}
package/dist/nuget-parser/runtime-assembly-v2.d.ts CHANGED
@@ -1,4 +1,3 @@
1
- import { AssemblyVersions } from './types';
2
1
  type SdkInfo = {
3
2
  sdkVersion: string;
4
3
  sdkPath: string;
@@ -7,5 +6,4 @@ export declare const PACKAGE_OVERRIDES_FILE = "data/PackageOverrides.txt";
7
6
  export declare const PACKS_PATH = "/packs/Microsoft.NETCore.App.Ref/";
8
7
  export declare function extractSdkInfo(projectPath: string): Promise<SdkInfo>;
9
8
  export declare function findLatestMatchingVersion(input: string, sdkVersion: string): string;
10
- export declare function generateRuntimeAssemblies(projectPath: string, assemblyVersions: AssemblyVersions): Promise<AssemblyVersions>;
11
9
  export {};
package/dist/nuget-parser/runtime-assembly-v2.js CHANGED
@@ -3,14 +3,8 @@ Object.defineProperty(exports, "__esModule", { value: true });
3
3
  exports.PACKS_PATH = exports.PACKAGE_OVERRIDES_FILE = void 0;
4
4
  exports.extractSdkInfo = extractSdkInfo;
5
5
  exports.findLatestMatchingVersion = findLatestMatchingVersion;
6
- exports.generateRuntimeAssemblies = generateRuntimeAssemblies;
7
6
  const errors_1 = require("../errors");
8
- const debugModule = require("debug");
9
7
  const dotnet = require("./cli/dotnet");
10
- const fs = require("fs");
11
- const path = require("path");
12
- const debug = debugModule('snyk');
13
- const DOTNET_DEPS_JSON = 'dotnet.deps.json';
14
8
  exports.PACKAGE_OVERRIDES_FILE = 'data/PackageOverrides.txt';
15
9
  exports.PACKS_PATH = '/packs/Microsoft.NETCore.App.Ref/';
16
10
  // Relying on dotnet to fetch the right version that the project will use.
@@ -40,75 +34,4 @@ function findLatestMatchingVersion(input, sdkVersion) {
40
34
  }
41
35
  return lastMatchVersion;
42
36
  }
43
- function getDllName(name) {
44
- return `${name}.dll`;
45
- }
46
- function shouldOverrideAssembly(version) {
47
- const overrideMajorVersion = +version.split('.')[0];
48
- return overrideMajorVersion > 5;
49
- }
50
- // The Nuget dependency resolution rule of lowest applicable version
51
- // (see https://learn.microsoft.com/en-us/nuget/concepts/dependency-resolution#lowest-applicable-version)
52
- // does not apply to runtime dependencies. If you resolve a dependency graph of some package, that depends on
53
- // System.Http.Net 4.0.0, you might still very well end up using System.Http.Net 7.0.0 if you are running your
54
- // executable on .net7.0.
55
- // The libraries and package overrides defined in the current sdk will give a good estimate of what runtime dependencies are going to be used,
56
- // so we inspect that for information.
57
- // See https://natemcmaster.com/blog/2017/12/21/netcore-primitives/ for a good overview.
58
- // And https://github.com/dotnet/sdk/blob/main/documentation/specs/runtime-configuration-file.md for the official
59
- // explanation of what the `deps.json` file is doing that we are traversing.
60
- async function generateRuntimeAssemblies(projectPath, assemblyVersions) {
61
- debug(`Extracting runtime assemblies`);
62
- const sdkAssemblies = {};
63
- const { sdkVersion, sdkPath } = await extractSdkInfo(projectPath);
64
- try {
65
- const sdkDataPath = `${sdkPath}/${sdkVersion}/${DOTNET_DEPS_JSON}`;
66
- const sdkData = fs.readFileSync(sdkDataPath, 'utf-8');
67
- const assemblies = JSON.parse(sdkData);
68
- for (const [assemblyName, value] of Object.entries(assemblies.libraries)) {
69
- // We're only insterested in packages that are part of the NuGet Gallery
70
- // https://github.com/dotnet/sdk/blob/main/documentation/specs/runtime-configuration-file.md#libraries-section-depsjson
71
- if (value.serviceable && value.sha512) {
72
- const [name, version] = assemblyName.split('/');
73
- sdkAssemblies[getDllName(name)] = version;
74
- }
75
- }
76
- }
77
- catch (err) {
78
- throw new errors_1.FileNotProcessableError(`Failed to process dotnet.deps.json, error: ${err}`);
79
- }
80
- const localRuntimes = await dotnet.execute(['--list-runtimes'], projectPath);
81
- const runtimeVersion = findLatestMatchingVersion(localRuntimes, sdkVersion);
82
- const overridesAssemblies = {};
83
- try {
84
- const overridesPath = `${path.dirname(sdkPath)}${exports.PACKS_PATH}${runtimeVersion}/${exports.PACKAGE_OVERRIDES_FILE}`;
85
- const overridesText = fs.readFileSync(overridesPath, 'utf-8');
86
- for (const pkg of overridesText.split('\n')) {
87
- if (pkg) {
88
- const [name, version] = pkg.split('|');
89
- // Trim any carriage return
90
- overridesAssemblies[getDllName(name)] = version.trim();
91
- }
92
- }
93
- }
94
- catch (err) {
95
- throw new errors_1.FileNotProcessableError(`Failed to read PackageOverrides.txt, error: ${err}`);
96
- }
97
- // Override the versions just for the OOB packages.
98
- for (const assemblyName in assemblyVersions) {
99
- // OOB packages are deeply inside the namespace. Avoid updating the version for the upper ones.
100
- const shouldUpdateVersion = (assemblyName.match(/\./g) || []).length > 2;
101
- if (assemblyName in sdkAssemblies &&
102
- (!(assemblyName in overridesAssemblies) ||
103
- shouldOverrideAssembly(overridesAssemblies[assemblyName])) &&
104
- shouldUpdateVersion) {
105
- assemblyVersions[assemblyName] = sdkAssemblies[assemblyName];
106
- }
107
- }
108
- if (Object.keys(assemblyVersions).length === 0) {
109
- throw new errors_1.FileNotProcessableError('Runtime assembly versions collection is empty');
110
- }
111
- debug(`Finished extracting runtime assemblies`);
112
- return assemblyVersions;
113
- }
114
37
  //# sourceMappingURL=runtime-assembly-v2.js.map
package/dist/nuget-parser/runtime-assembly-v2.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"runtime-assembly-v2.js","sourceRoot":"","sources":["../../lib/nuget-parser/runtime-assembly-v2.ts"],"names":[],"mappings":";;;AAqBA,wCAcC;AAED,8DAwBC;AAqBD,8DAsEC;AAvJD,sCAAqE;AACrE,qCAAqC;AACrC,uCAAuC;AACvC,yBAAyB;AACzB,6BAA6B;AAE7B,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;AAOlC,MAAM,gBAAgB,GAAG,kBAAkB,CAAC;AAC/B,QAAA,sBAAsB,GAAG,2BAA2B,CAAC;AACrD,QAAA,UAAU,GAAG,mCAAmC,CAAC;AAE9D,0EAA0E;AAC1E,sHAAsH;AACtH,2FAA2F;AACpF,KAAK,UAAU,cAAc,CAAC,WAAmB;IACtD,MAAM,UAAU,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,CAAC,QAAQ,CAAC,EAAE,WAAW,CAAC,CAAC;IACjE,MAAM,KAAK,GACT,kFAAkF,CAAC;IACrF,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAEtC,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,IAAI,wBAAe,CACvB;4BACsB,UAAU,EAAE,CACnC,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,UAAU,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;AACrD,CAAC;AAED,SAAgB,yBAAyB,CACvC,KAAa,EACb,UAAkB;IAElB,MAAM,eAAe,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACjD,MAAM,KAAK,GAAG,IAAI,MAAM,CACtB,6BAA6B,eAAe,sBAAsB,EAClE,GAAG,CACJ,CAAC;IACF,IAAI,gBAAgB,GAAkB,IAAI,CAAC;IAC3C,IAAI,KAA6B,CAAC;IAElC,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QAC5C,gBAAgB,GAAG,GAAG,eAAe,IAAI,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;IACtD,CAAC;IAED,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACtB,MAAM,IAAI,wBAAe,CACvB;qCAC+B,KAAK,EAAE,CACvC,CAAC;IACJ,CAAC;IAED,OAAO,gBAAgB,CAAC;AAC1B,CAAC;AAED,SAAS,UAAU,CAAC,IAAY;IAC9B,OAAO,GAAG,IAAI,MAAM,CAAC;AACvB,CAAC;AAED,SAAS,sBAAsB,CAAC,OAAe;IAC7C,MAAM,oBAAoB,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACpD,OAAO,oBAAoB,GAAG,CAAC,CAAC;AAClC,CAAC;AAED,oEAAoE;AACpE,yGAAyG;AACzG,6GAA6G;AAC7G,8GAA8G;AAC9G,yBAAyB;AACzB,8IAA8I;AAC9I,sCAAsC;AACtC,wFAAwF;AACxF,iHAAiH;AACjH,4EAA4E;AACrE,KAAK,UAAU,yBAAyB,CAC7C,WAAmB,EACnB,gBAAkC;IAElC,KAAK,CAAC,+BAA+B,CAAC,CAAC;IAEvC,MAAM,aAAa,GAAqB,EAAE,CAAC;IAE3C,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,GAAG,MAAM,cAAc,CAAC,WAAW,CAAC,CAAC;IAClE,IAAI,CAAC;QACH,MAAM,WAAW,GAAG,GAAG,OAAO,IAAI,UAAU,IAAI,gBAAgB,EAAE,CAAC;QACnE,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;QACtD,MAAM,UAAU,GAAyB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAE7D,KAAK,MAAM,CAAC,YAAY,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YACzE,wEAAwE;YACxE,uHAAuH;YACvH,IAAI,KAAK,CAAC,WAAW,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC;gBACtC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBAChD,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,GAAG,OAAO,CAAC;YAC5C,CAAC;QACH,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,IAAI,gCAAuB,CAC/B,8CAA8C,GAAG,EAAE,CACpD,CAAC;IACJ,CAAC;IAED,MAAM,aAAa,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,CAAC,iBAAiB,CAAC,EAAE,WAAW,CAAC,CAAC;IAC7E,MAAM,cAAc,GAAG,yBAAyB,CAAC,aAAa,EAAE,UAAU,CAAC,CAAC;IAC5E,MAAM,mBAAmB,GAAqB,EAAE,CAAC;IAEjD,IAAI,CAAC;QACH,MAAM,aAAa,GAAW,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,kBAAU,GAAG,cAAc,IAAI,8BAAsB,EAAE,CAAC;QACjH,MAAM,aAAa,GAAW,EAAE,CAAC,YAAY,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;QACtE,KAAK,MAAM,GAAG,IAAI,aAAa,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;YAC5C,IAAI,GAAG,EAAE,CAAC;gBACR,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBACvC,2BAA2B;gBAC3B,mBAAmB,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;YACzD,CAAC;QACH,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,IAAI,gCAAuB,CAC/B,+CAA+C,GAAG,EAAE,CACrD,CAAC;IACJ,CAAC;IAED,mDAAmD;IACnD,KAAK,MAAM,YAAY,IAAI,gBAAgB,EAAE,CAAC;QAC5C,+FAA+F;QAC/F,MAAM,mBAAmB,GAAG,CAAC,YAAY,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;QACzE,IACE,YAAY,IAAI,aAAa;YAC7B,CAAC,CAAC,CAAC,YAAY,IAAI,mBAAmB,CAAC;gBACrC,sBAAsB,CAAC,mBAAmB,CAAC,YAAY,CAAC,CAAC,CAAC;YAC5D,mBAAmB,EACnB,CAAC;YACD,gBAAgB,CAAC,YAAY,CAAC,GAAG,aAAa,CAAC,YAAY,CAAC,CAAC;QAC/D,CAAC;IACH,CAAC;IAED,IAAI,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC/C,MAAM,IAAI,gCAAuB,CAC/B,+CAA+C,CAChD,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,wCAAwC,CAAC,CAAC;IAChD,OAAO,gBAAgB,CAAC;AAC1B,CAAC"}
1
+ {"version":3,"file":"runtime-assembly-v2.js","sourceRoot":"","sources":["../../lib/nuget-parser/runtime-assembly-v2.ts"],"names":[],"mappings":";;;AAcA,wCAcC;AAED,8DAwBC;AAtDD,sCAA4C;AAC5C,uCAAuC;AAO1B,QAAA,sBAAsB,GAAG,2BAA2B,CAAC;AACrD,QAAA,UAAU,GAAG,mCAAmC,CAAC;AAE9D,0EAA0E;AAC1E,sHAAsH;AACtH,2FAA2F;AACpF,KAAK,UAAU,cAAc,CAAC,WAAmB;IACtD,MAAM,UAAU,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,CAAC,QAAQ,CAAC,EAAE,WAAW,CAAC,CAAC;IACjE,MAAM,KAAK,GACT,kFAAkF,CAAC;IACrF,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAEtC,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,IAAI,wBAAe,CACvB;4BACsB,UAAU,EAAE,CACnC,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,UAAU,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;AACrD,CAAC;AAED,SAAgB,yBAAyB,CACvC,KAAa,EACb,UAAkB;IAElB,MAAM,eAAe,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACjD,MAAM,KAAK,GAAG,IAAI,MAAM,CACtB,6BAA6B,eAAe,sBAAsB,EAClE,GAAG,CACJ,CAAC;IACF,IAAI,gBAAgB,GAAkB,IAAI,CAAC;IAC3C,IAAI,KAA6B,CAAC;IAElC,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QAC5C,gBAAgB,GAAG,GAAG,eAAe,IAAI,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;IACtD,CAAC;IAED,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACtB,MAAM,IAAI,wBAAe,CACvB;qCAC+B,KAAK,EAAE,CACvC,CAAC;IACJ,CAAC;IAED,OAAO,gBAAgB,CAAC;AAC1B,CAAC"}
package/dist/nuget-parser/types.d.ts CHANGED
@@ -90,6 +90,7 @@ export type Overrides = {
90
90
  overrideVersion: string | undefined;
91
91
  };
92
92
  export type ResolvedPackagesMap = Record<string, {
93
+ readonly name: string;
93
94
  readonly resolvedVersion: string;
94
95
  readonly target: Target;
95
96
  }>;
package/package.json CHANGED
@@ -59,5 +59,5 @@
59
59
  "ts-jest": "^29.1.2",
60
60
  "typescript": "^5.4.5"
61
61
  },
62
- "version": "2.13.2"
62
+ "version": "3.1.0"
63
63
  }
package/dist/nuget-parser/parsers/dotnet-core-v2-parser.d.ts DELETED
@@ -1,4 +0,0 @@
1
- import * as depGraphLib from '@snyk/dep-graph';
2
- import { AssemblyVersions, ProjectAssets, PublishedProjectDeps } from '../types';
3
- export declare const FILTERED_DEPENDENCY_PREFIX: string[];
4
- export declare function parse(projectName: string, projectAssets: ProjectAssets, publishedProjectDeps: PublishedProjectDeps, runtimeAssembly: AssemblyVersions, useFixForImprovedDotnetFalsePositives: boolean): depGraphLib.DepGraph;
package/dist/nuget-parser/parsers/dotnet-core-v2-parser.js DELETED
@@ -1,161 +0,0 @@
1
- "use strict";
2
- Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.FILTERED_DEPENDENCY_PREFIX = void 0;
4
- exports.parse = parse;
5
- const debugModule = require("debug");
6
- const dep_graph_1 = require("@snyk/dep-graph");
7
- const errors_1 = require("../../errors");
8
- const path_1 = require("path");
9
- const debug = debugModule('snyk');
10
- // Dependencies that starts with these are discarded
11
- exports.FILTERED_DEPENDENCY_PREFIX = [
12
- // `runtime` and `runtime.native` are a bit of a hot topic, see more https://github.com/dotnet/core/issues/7568.
13
- // For our case, we are already creating the correct dependencies and their respective runtime version numbers based
14
- // of our runtime resolution logic. So a dependency will already be `System.Net.Http@8.0.0` if running on .NET 8, thus
15
- // removing the need for a `runtime.native.System.Net.Http@8.0.0` as well. From our investigation these runtime native
16
- // dependencies are causing noise for the customers and are not of interested.
17
- 'runtime',
18
- ];
19
- function recursivelyPopulateNodes(depGraphBuilder, targetDeps, node, runtimeAssembly, useFixForImprovedDotnetFalsePositives, visited) {
20
- const parentId = node.type === 'root' ? 'root-node' : `${node.name}@${node.version}`;
21
- for (const depNode of Object.entries(node.dependencies || {})) {
22
- const localVisited = visited || new Set();
23
- const name = depNode[0];
24
- const version = depNode[1];
25
- // Ignore packages with specific prefixes, which for one reason or the other are no interesting and pollutes the
26
- // graph. Refer to comments on the individual elements in the ignore list for more information.
27
- if (exports.FILTERED_DEPENDENCY_PREFIX.some((prefix) => name.startsWith(prefix))) {
28
- debug(`${name} matched a prefix we ignore, not adding to graph`);
29
- continue;
30
- }
31
- const childNode = {
32
- ...targetDeps[`${name}/${version}`],
33
- name,
34
- version,
35
- };
36
- const childId = `${childNode.name}@${childNode.version}`;
37
- // If we're looking at a runtime assembly version for self-contained dlls, overwrite the dependency version
38
- // we've found in the graph with those from the runtime assembly, as they take precedence.
39
- let assemblyVersion = version;
40
- // The RuntimeAssembly type contains the name with a .dll suffix, as this is how .NET represents them in the
41
- // dependency file. This must be stripped in order to match the elements during depGraph construction.
42
- const dll = `${name}.dll`;
43
- if (dll in runtimeAssembly) {
44
- assemblyVersion = runtimeAssembly[dll];
45
- }
46
- if (localVisited.has(childId)) {
47
- const prunedId = `${childId}:pruned`;
48
- depGraphBuilder.addPkgNode({ name: childNode.name, version: assemblyVersion }, prunedId, {
49
- labels: { pruned: 'true' },
50
- });
51
- depGraphBuilder.connectDep(parentId, prunedId);
52
- continue;
53
- }
54
- depGraphBuilder.addPkgNode({ name: childNode.name, version: assemblyVersion }, childId);
55
- depGraphBuilder.connectDep(parentId, childId);
56
- localVisited.add(childId);
57
- recursivelyPopulateNodes(depGraphBuilder, targetDeps, childNode, runtimeAssembly, useFixForImprovedDotnetFalsePositives, localVisited);
58
- }
59
- }
60
- function getRestoredProjectName(publishedProjectDeps, runtimeTarget, projectName) {
61
- return Object.keys(publishedProjectDeps.targets[runtimeTarget]).find((f) => f.startsWith(projectName));
62
- }
63
- function extractLocalProjects(libs) {
64
- const localPackages = [];
65
- for (const [key, value] of Object.entries(libs)) {
66
- if (!key.includes('runtimepack')) {
67
- // Local projects (.csproj files) don't have values declared for these two properties.
68
- // https://github.com/dotnet/sdk/blob/main/documentation/specs/runtime-configuration-file.md#libraries-section-depsjson
69
- if (!value.serviceable && !value.sha512 && value.type === 'project') {
70
- localPackages.push(key);
71
- }
72
- }
73
- }
74
- return localPackages;
75
- }
76
- function getDllName(depName) {
77
- return `${depName}.dll`;
78
- }
79
- function buildGraph(projectName, projectAssets, publishedProjectDeps, runtimeAssembly, useFixForImprovedDotnetFalsePositives) {
80
- const depGraphBuilder = new dep_graph_1.DepGraphBuilder({ name: 'nuget' }, {
81
- name: projectName,
82
- version: projectAssets.project.version,
83
- });
84
- // We publish to one RID and one only, so we can safely assume that the true dependencies will exist in this key.
85
- // E.g. targets -> .NETCoreApp,Version=v8.0/osx-arm64
86
- const runtimeTarget = publishedProjectDeps.runtimeTarget.name;
87
- // Those dependencies are referenced in the 'targets' member in the same .deps file.
88
- if (Object.keys(publishedProjectDeps.targets).length <= 0) {
89
- throw new errors_1.InvalidManifestError('no target dependencies in found in published deps file (project.deps.json -> targets -> []), cannot continue without that');
90
- }
91
- if (!(runtimeTarget in publishedProjectDeps.targets)) {
92
- throw new errors_1.InvalidManifestError(`no ${runtimeTarget} found in targets object, cannot continue without it`);
93
- }
94
- // What `dotnet` wants to call this project is not always the same as what Snyk wants to call it, and the version
95
- // postfix is not the same as what's defined in `project.assets.json` due to NuGet version normalization, which is
96
- // not applied during publish, only during restore. So we have to rely on the fact that the name is enough.
97
- const csprojPath = projectAssets.project.restore.projectUniqueName;
98
- const csprojFileName = (0, path_1.basename)(csprojPath, (0, path_1.extname)(csprojPath));
99
- const restoreProjectName =
100
- // Attempt to find the target using the .csproj filename.
101
- // <PackageId> property overrides most of the naming when restoring, but when publishing, the actual filename is used as the target.
102
- getRestoredProjectName(publishedProjectDeps, runtimeTarget, csprojFileName) ||
103
- // Attempt to find the target using restored project name.
104
- getRestoredProjectName(publishedProjectDeps, runtimeTarget, projectAssets?.project?.restore?.projectName) ||
105
- // Last attempt to find the target using the Snyk project name.
106
- getRestoredProjectName(publishedProjectDeps, runtimeTarget, projectName);
107
- if (!restoreProjectName) {
108
- throw new errors_1.InvalidManifestError(`no project name containing ${projectAssets.project.restore.projectName} or ${projectName} found in ${runtimeTarget} object, cannot continue without it`);
109
- }
110
- // Find names and versions of all dependencies of the root package. These are already structured correctly in
111
- // the deps.json generated by `dotnet publish`.
112
- const topLevelDepPackages = publishedProjectDeps.targets[runtimeTarget][restoreProjectName]
113
- .dependencies;
114
- // Iterate over all the dependencies found in the target dependency list, and build the depGraph based off of that.
115
- const targetDependencies = Object.entries(publishedProjectDeps.targets[runtimeTarget]).reduce((acc, entry) => {
116
- const [nameWithVersion, pkg] = entry;
117
- return { ...acc, [nameWithVersion]: pkg };
118
- }, {});
119
- const rootNode = {
120
- type: 'root',
121
- dependencies: topLevelDepPackages,
122
- };
123
- if (!useFixForImprovedDotnetFalsePositives) {
124
- // runtimeAssembly doesn't have entries if the target framework is `netstandard`
125
- if (Object.keys(runtimeAssembly).length > 0) {
126
- const localPackagesNames = extractLocalProjects(publishedProjectDeps.libraries);
127
- const targets = publishedProjectDeps.targets[runtimeTarget];
128
- // Overwriting the runtime versions with the values used in local projects.
129
- for (const pgkName of localPackagesNames) {
130
- if (targets[pgkName]?.dependencies) {
131
- for (const [key, value] of Object.entries(targets[pgkName].dependencies)) {
132
- const dllName = getDllName(key);
133
- if (runtimeAssembly[dllName]) {
134
- runtimeAssembly[dllName] = value;
135
- }
136
- }
137
- }
138
- }
139
- // Overwriting the runtime versions with the values used in fetched packages.
140
- for (const [key, value] of Object.entries(targets)) {
141
- if (value && Object.keys(value).length === 0) {
142
- const [depName, depVersion] = key.split('/');
143
- const dllName = getDllName(depName);
144
- // NuGet’s dependency resolution mechanism will choose the higher available version.
145
- if (runtimeAssembly[dllName] &&
146
- depVersion > runtimeAssembly[dllName]) {
147
- runtimeAssembly[dllName] = depVersion;
148
- }
149
- }
150
- }
151
- }
152
- }
153
- recursivelyPopulateNodes(depGraphBuilder, targetDependencies, rootNode, runtimeAssembly, useFixForImprovedDotnetFalsePositives);
154
- return depGraphBuilder.build();
155
- }
156
- function parse(projectName, projectAssets, publishedProjectDeps, runtimeAssembly, useFixForImprovedDotnetFalsePositives) {
157
- debug('Trying to parse .net core manifest with v2 depGraph builder');
158
- const result = buildGraph(projectName, projectAssets, publishedProjectDeps, runtimeAssembly, useFixForImprovedDotnetFalsePositives);
159
- return result;
160
- }
161
- //# sourceMappingURL=dotnet-core-v2-parser.js.map
package/dist/nuget-parser/parsers/dotnet-core-v2-parser.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"dotnet-core-v2-parser.js","sourceRoot":"","sources":["../../../lib/nuget-parser/parsers/dotnet-core-v2-parser.ts"],"names":[],"mappings":";;;AA0QA,sBAiBC;AA3RD,qCAAqC;AAErC,+CAAkD;AAMlD,yCAAoD;AACpD,+BAAyC;AAEzC,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;AAYlC,oDAAoD;AACvC,QAAA,0BAA0B,GAAG;IACxC,gHAAgH;IAChH,oHAAoH;IACpH,sHAAsH;IACtH,sHAAsH;IACtH,8EAA8E;IAC9E,SAAS;CACV,CAAC;AAEF,SAAS,wBAAwB,CAC/B,eAAgC,EAChC,UAAyC,EACzC,IAAmB,EACnB,eAAiC,EACjC,qCAA8C,EAC9C,OAAqB;IAErB,MAAM,QAAQ,GACZ,IAAI,CAAC,IAAI,KAAK,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;IAEtE,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,IAAI,EAAE,CAAC,EAAE,CAAC;QAC9D,MAAM,YAAY,GAAG,OAAO,IAAI,IAAI,GAAG,EAAU,CAAC;QAClD,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QACxB,MAAM,OAAO,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QAE3B,gHAAgH;QAChH,+FAA+F;QAC/F,IAAI,kCAA0B,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC;YACzE,KAAK,CAAC,GAAG,IAAI,kDAAkD,CAAC,CAAC;YACjE,SAAS;QACX,CAAC;QAED,MAAM,SAAS,GAAG;YAChB,GAAG,UAAU,CAAC,GAAG,IAAI,IAAI,OAAO,EAAE,CAAC;YACnC,IAAI;YACJ,OAAO;SACR,CAAC;QAEF,MAAM,OAAO,GAAG,GAAG,SAAS,CAAC,IAAI,IAAI,SAAS,CAAC,OAAO,EAAE,CAAC;QAEzD,2GAA2G;QAC3G,0FAA0F;QAC1F,IAAI,eAAe,GAAG,OAAO,CAAC;QAE9B,4GAA4G;QAC5G,sGAAsG;QACtG,MAAM,GAAG,GAAG,GAAG,IAAI,MAAM,CAAC;QAC1B,IAAI,GAAG,IAAI,eAAe,EAAE,CAAC;YAC3B,eAAe,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;QACzC,CAAC;QAED,IAAI,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;YAC9B,MAAM,QAAQ,GAAG,GAAG,OAAO,SAAS,CAAC;YACrC,eAAe,CAAC,UAAU,CACxB,EAAE,IAAI,EAAE,SAAS,CAAC,IAAI,EAAE,OAAO,EAAE,eAAe,EAAE,EAClD,QAAQ,EACR;gBACE,MAAM,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE;aAC3B,CACF,CAAC;YACF,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;YAC/C,SAAS;QACX,CAAC;QAED,eAAe,CAAC,UAAU,CACxB,EAAE,IAAI,EAAE,SAAS,CAAC,IAAI,EAAE,OAAO,EAAE,eAAe,EAAE,EAClD,OAAO,CACR,CAAC;QACF,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC9C,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAE1B,wBAAwB,CACtB,eAAe,EACf,UAAU,EACV,SAAS,EACT,eAAe,EACf,qCAAqC,EACrC,YAAY,CACb,CAAC;IACJ,CAAC;AACH,CAAC;AAED,SAAS,sBAAsB,CAC7B,oBAA0C,EAC1C,aAAqB,EACrB,WAAmB;IAEnB,OAAO,MAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CACzE,CAAC,CAAC,UAAU,CAAC,WAAW,CAAC,CAC1B,CAAC;AACJ,CAAC;AAED,SAAS,oBAAoB,CAAC,IAAyB;IACrD,MAAM,aAAa,GAAa,EAAE,CAAC;IAEnC,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;QAChD,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;YACjC,sFAAsF;YACtF,uHAAuH;YACvH,IAAI,CAAC,KAAK,CAAC,WAAW,IAAI,CAAC,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;gBACpE,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YAC1B,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,aAAa,CAAC;AACvB,CAAC;AAED,SAAS,UAAU,CAAC,OAAe;IACjC,OAAO,GAAG,OAAO,MAAM,CAAC;AAC1B,CAAC;AAED,SAAS,UAAU,CACjB,WAAmB,EACnB,aAA4B,EAC5B,oBAA0C,EAC1C,eAAiC,EACjC,qCAA8C;IAE9C,MAAM,eAAe,GAAG,IAAI,2BAAe,CACzC,EAAE,IAAI,EAAE,OAAO,EAAE,EACjB;QACE,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,aAAa,CAAC,OAAO,CAAC,OAAO;KACvC,CACF,CAAC;IAEF,iHAAiH;IACjH,qDAAqD;IACrD,MAAM,aAAa,GAAG,oBAAoB,CAAC,aAAa,CAAC,IAAI,CAAC;IAE9D,oFAAoF;IACpF,IAAI,MAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QAC1D,MAAM,IAAI,6BAAoB,CAC5B,2HAA2H,CAC5H,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,CAAC,aAAa,IAAI,oBAAoB,CAAC,OAAO,CAAC,EAAE,CAAC;QACrD,MAAM,IAAI,6BAAoB,CAC5B,MAAM,aAAa,sDAAsD,CAC1E,CAAC;IACJ,CAAC;IAED,iHAAiH;IACjH,kHAAkH;IAClH,2GAA2G;IAC3G,MAAM,UAAU,GAAG,aAAa,CAAC,OAAO,CAAC,OAAO,CAAC,iBAAiB,CAAC;IACnE,MAAM,cAAc,GAAG,IAAA,eAAQ,EAAC,UAAU,EAAE,IAAA,cAAO,EAAC,UAAU,CAAC,CAAC,CAAC;IACjE,MAAM,kBAAkB;IACtB,yDAAyD;IACzD,oIAAoI;IACpI,sBAAsB,CACpB,oBAAoB,EACpB,aAAa,EACb,cAAc,CACf;QACD,0DAA0D;QAC1D,sBAAsB,CACpB,oBAAoB,EACpB,aAAa,EACb,aAAa,EAAE,OAAO,EAAE,OAAO,EAAE,WAAW,CAC7C;QACD,+DAA+D;QAC/D,sBAAsB,CAAC,oBAAoB,EAAE,aAAa,EAAE,WAAW,CAAC,CAAC;IAE3E,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACxB,MAAM,IAAI,6BAAoB,CAC5B,8BAA8B,aAAa,CAAC,OAAO,CAAC,OAAO,CAAC,WAAW,OAAO,WAAW,aAAa,aAAa,qCAAqC,CACzJ,CAAC;IACJ,CAAC;IAED,6GAA6G;IAC7G,+CAA+C;IAC/C,MAAM,mBAAmB,GACvB,oBAAoB,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,kBAAkB,CAAC;SAC5D,YAAY,CAAC;IAElB,mHAAmH;IACnH,MAAM,kBAAkB,GAAkC,MAAM,CAAC,OAAO,CACtE,oBAAoB,CAAC,OAAO,CAAC,aAAa,CAAC,CAC5C,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE;QACtB,MAAM,CAAC,eAAe,EAAE,GAAG,CAAC,GAAG,KAAK,CAAC;QACrC,OAAO,EAAE,GAAG,GAAG,EAAE,CAAC,eAAe,CAAC,EAAE,GAAG,EAAE,CAAC;IAC5C,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,MAAM,QAAQ,GAAG;QACf,IAAI,EAAE,MAAM;QACZ,YAAY,EAAE,mBAAmB;KACjB,CAAC;IAEnB,IAAI,CAAC,qCAAqC,EAAE,CAAC;QAC3C,gFAAgF;QAChF,IAAI,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC5C,MAAM,kBAAkB,GAAG,oBAAoB,CAC7C,oBAAoB,CAAC,SAAS,CAC/B,CAAC;YAEF,MAAM,OAAO,GAAG,oBAAoB,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;YAE5D,2EAA2E;YAC3E,KAAK,MAAM,OAAO,IAAI,kBAAkB,EAAE,CAAC;gBACzC,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,YAAY,EAAE,CAAC;oBACnC,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CACvC,OAAO,CAAC,OAAO,CAAC,CAAC,YAAY,CAC9B,EAAE,CAAC;wBACF,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;wBAChC,IAAI,eAAe,CAAC,OAAO,CAAC,EAAE,CAAC;4BAC7B,eAAe,CAAC,OAAO,CAAC,GAAG,KAAe,CAAC;wBAC7C,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;YAED,6EAA6E;YAC7E,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;gBACnD,IAAI,KAAK,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBAC7C,MAAM,CAAC,OAAO,EAAE,UAAU,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;oBAC7C,MAAM,OAAO,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC;oBACpC,oFAAoF;oBACpF,IACE,eAAe,CAAC,OAAO,CAAC;wBACxB,UAAU,GAAG,eAAe,CAAC,OAAO,CAAC,EACrC,CAAC;wBACD,eAAe,CAAC,OAAO,CAAC,GAAG,UAAoB,CAAC;oBAClD,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,wBAAwB,CACtB,eAAe,EACf,kBAAkB,EAClB,QAAQ,EACR,eAAe,EACf,qCAAqC,CACtC,CAAC;IAEF,OAAO,eAAe,CAAC,KAAK,EAAE,CAAC;AACjC,CAAC;AAED,SAAgB,KAAK,CACnB,WAAmB,EACnB,aAA4B,EAC5B,oBAA0C,EAC1C,eAAiC,EACjC,qCAA8C;IAE9C,KAAK,CAAC,6DAA6D,CAAC,CAAC;IAErE,MAAM,MAAM,GAAG,UAAU,CACvB,WAAW,EACX,aAAa,EACb,oBAAoB,EACpB,eAAe,EACf,qCAAqC,CACtC,CAAC;IACF,OAAO,MAAM,CAAC;AAChB,CAAC"}
package/dist/nuget-parser/runtime-assembly.d.ts DELETED
@@ -1,2 +0,0 @@
1
- import { AssemblyVersions, PublishedProjectDeps } from './types';
2
- export declare function generateRuntimeAssemblies(deps: PublishedProjectDeps): AssemblyVersions;
package/dist/nuget-parser/runtime-assembly.js DELETED
@@ -1,81 +0,0 @@
1
- "use strict";
2
- Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.generateRuntimeAssemblies = generateRuntimeAssemblies;
4
- const errors = require("../errors/");
5
- const lodash_1 = require("lodash");
6
- const debugModule = require("debug");
7
- const debug = debugModule('snyk');
8
- // The Nuget dependency resolution rule of lowest applicable version
9
- // (see https://learn.microsoft.com/en-us/nuget/concepts/dependency-resolution#lowest-applicable-version)
10
- // does not apply to runtime dependencies. If you resolve a dependency graph of some package, that depends on
11
- // System.Http.Net 4.0.0, you might still very well end up using System.Http.Net 7.0.0 if you are running your
12
- // executable on .net7.0.
13
- // The `dotnet publish` will give a good estimate of what runtime dependencies are going to be used, so we inspect
14
- // that for information.
15
- // See https://natemcmaster.com/blog/2017/12/21/netcore-primitives/ for a good overview.
16
- // And https://github.com/dotnet/sdk/blob/main/documentation/specs/runtime-configuration-file.md for the official
17
- // explanation of what the `deps.json` file is doing that we are traversing.
18
- function generateRuntimeAssemblies(deps) {
19
- const runtimeTargetName = deps.runtimeTarget.name;
20
- debug(`extracting runtime assemblies from ${runtimeTargetName}`);
21
- if (!deps.targets) {
22
- throw new errors.FileNotProcessableError('could not find any targets in deps file');
23
- }
24
- if (!(runtimeTargetName in deps.targets)) {
25
- throw new errors.FileNotProcessableError(`could not locate ${runtimeTargetName} in list of targets, cannot continue`);
26
- }
27
- // Run through all runtimepacks in target, indexed for example as
28
- // runtimepack.Microsoft.NETCore.App.Runtime.osx-arm64/7.0.14
29
- // runtimepack.Microsoft.AspNetCore.App.Runtime.osx-arm64/7.0.14
30
- // ... etc.
31
- // See all: https://github.com/dotnet/runtime/blob/bd83e17052d3c09022bad1d91dca860ca6b27ab9/src/libraries/Microsoft.NETCore.Platforms/src/runtime.json
32
- let runtimeAssemblyVersions = {};
33
- const runtimePacks = Object.keys(deps.targets[runtimeTargetName]).filter((t) => t.startsWith('runtimepack'));
34
- if (runtimePacks.length <= 0) {
35
- throw new errors.FileNotProcessableError(`could not find any runtimepack.* identifiers in ${runtimeTargetName}, cannot continue`);
36
- }
37
- runtimePacks.forEach((runtimePack) => {
38
- const dependencies = deps.targets[runtimeTargetName][runtimePack];
39
- // The runtimepack contains all the current RuntimeIdentifier (RID) assemblies which we are interested in.
40
- // Such as
41
- // "runtimepack.Microsoft.NETCore.App.Runtime.osx-arm64/6.0.16": {
42
- // "runtime": {
43
- // "Microsoft.CSharp.dll": { .. assembly version 6.0.0 }
44
- // }
45
- // }
46
- // We traverse all those and store them for the dependency graph build.
47
- if (!('runtime' in dependencies)) {
48
- throw new errors.FileNotProcessableError(`could not find any runtime list in the ${runtimePack} dependency`);
49
- }
50
- const runtimes = dependencies['runtime'];
51
- // Dig down into the specific runtimepack which contains all the assembly versions of
52
- // the bundled DLLs for the given runtime, as:
53
- // "runtimepack.Microsoft.NETCore.App.Runtime.osx-arm64/6.0.16": {
54
- // "runtime": {
55
- // "Microsoft.CSharp.dll": {
56
- // "assemblyVersion": "6.0.0.0",
57
- // "fileVersion": "6.0.1623.17311"
58
- // },
59
- // "Microsoft.VisualBasic.Core.dll": {
60
- // "assemblyVersion": "11.0.0.0",
61
- // "fileVersion": "11.100.1623.17311"
62
- // },
63
- // (...)
64
- // We currently only address assemblyVersions. FileVersion might become relevant, depending
65
- // on how vulnerabilities are reported in the future.
66
- runtimeAssemblyVersions = {
67
- ...runtimeAssemblyVersions,
68
- ...Object.entries(runtimes).reduce((acc, [dll, versions]) => {
69
- // Take the version number (N.N.N.N) and remove the last element, in order for vulndb to understand anything.
70
- acc[dll] = versions.assemblyVersion.split('.').slice(0, -1).join('.');
71
- return acc;
72
- }, {}),
73
- };
74
- });
75
- if ((0, lodash_1.isEmpty)(runtimeAssemblyVersions)) {
76
- throw new errors.FileNotProcessableError('collection of runtime assembly versions was empty, that should not happen');
77
- }
78
- debug(`finished extracting runtime assemblies from ${runtimeTargetName}`);
79
- return runtimeAssemblyVersions;
80
- }
81
- //# sourceMappingURL=runtime-assembly.js.map
package/dist/nuget-parser/runtime-assembly.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"runtime-assembly.js","sourceRoot":"","sources":["../../lib/nuget-parser/runtime-assembly.ts"],"names":[],"mappings":";;AAwBA,8DAuFC;AA9GD,qCAAqC;AACrC,mCAAiC;AACjC,qCAAqC;AAErC,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;AASlC,oEAAoE;AACpE,yGAAyG;AACzG,6GAA6G;AAC7G,8GAA8G;AAC9G,yBAAyB;AACzB,kHAAkH;AAClH,wBAAwB;AACxB,wFAAwF;AACxF,iHAAiH;AACjH,4EAA4E;AAC5E,SAAgB,yBAAyB,CACvC,IAA0B;IAE1B,MAAM,iBAAiB,GAAG,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC;IAElD,KAAK,CAAC,sCAAsC,iBAAiB,EAAE,CAAC,CAAC;IAEjE,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;QAClB,MAAM,IAAI,MAAM,CAAC,uBAAuB,CACtC,yCAAyC,CAC1C,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,CAAC,iBAAiB,IAAI,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QACzC,MAAM,IAAI,MAAM,CAAC,uBAAuB,CACtC,oBAAoB,iBAAiB,sCAAsC,CAC5E,CAAC;IACJ,CAAC;IAED,iEAAiE;IACjE,6DAA6D;IAC7D,gEAAgE;IAChE,WAAW;IACX,sJAAsJ;IACtJ,IAAI,uBAAuB,GAAqB,EAAE,CAAC;IAEnD,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC,CAAC,MAAM,CACtE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,aAAa,CAAC,CACnC,CAAC;IACF,IAAI,YAAY,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QAC7B,MAAM,IAAI,MAAM,CAAC,uBAAuB,CACtC,mDAAmD,iBAAiB,mBAAmB,CACxF,CAAC;IACJ,CAAC;IAED,YAAY,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,EAAE;QACnC,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC,WAAW,CAAC,CAAC;QAClE,0GAA0G;QAC1G,UAAU;QACV,oEAAoE;QACpE,uBAAuB;QACvB,kEAAkE;QAClE,aAAa;QACb,MAAM;QACN,uEAAuE;QACvE,IAAI,CAAC,CAAC,SAAS,IAAI,YAAY,CAAC,EAAE,CAAC;YACjC,MAAM,IAAI,MAAM,CAAC,uBAAuB,CACtC,0CAA0C,WAAW,aAAa,CACnE,CAAC;QACJ,CAAC;QAED,MAAM,QAAQ,GAAG,YAAY,CAAC,SAAS,CAAC,CAAC;QAEzC,qFAAqF;QACrF,8CAA8C;QAC9C,kEAAkE;QAClE,iBAAiB;QACjB,gCAAgC;QAChC,sCAAsC;QACtC,wCAAwC;QACxC,SAAS;QACT,0CAA0C;QAC1C,uCAAuC;QACvC,2CAA2C;QAC3C,SAAS;QACT,SAAS;QACT,2FAA2F;QAC3F,qDAAqD;QACrD,uBAAuB,GAAG;YACxB,GAAG,uBAAuB;YAC1B,GAAG,MAAM,CAAC,OAAO,CAAC,QAAoB,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,QAAQ,CAAC,EAAE,EAAE;gBACtE,6GAA6G;gBAC7G,GAAG,CAAC,GAAG,CAAC,GAAG,QAAQ,CAAC,eAAe,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBACtE,OAAO,GAAG,CAAC;YACb,CAAC,EAAE,EAAE,CAAC;SACP,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,IAAI,IAAA,gBAAO,EAAC,uBAAuB,CAAC,EAAE,CAAC;QACrC,MAAM,IAAI,MAAM,CAAC,uBAAuB,CACtC,2EAA2E,CAC5E,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,+CAA+C,iBAAiB,EAAE,CAAC,CAAC;IAE1E,OAAO,uBAAuB,CAAC;AACjC,CAAC"}