snyk-nuget-plugin 2.3.3 → 2.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/nuget-parser/cli/dotnet.d.ts +1 -1
- package/dist/nuget-parser/cli/dotnet.js +16 -3
- package/dist/nuget-parser/cli/dotnet.js.map +1 -1
- package/dist/nuget-parser/index.js +5 -6
- package/dist/nuget-parser/index.js.map +1 -1
- package/dist/nuget-parser/parsers/packages-config-parser.js +8 -6
- package/dist/nuget-parser/parsers/packages-config-parser.js.map +1 -1
- package/package.json +1 -1
|
@@ -1,4 +1,4 @@
|
|
|
1
1
|
export declare function validate(): Promise<void>;
|
|
2
|
-
export declare function restore(projectPath: string): Promise<
|
|
2
|
+
export declare function restore(projectPath: string): Promise<string>;
|
|
3
3
|
export declare function run(projectPath: string, options: string[]): Promise<string>;
|
|
4
4
|
export declare function publish(projectPath: string, targetFramework?: string): Promise<string>;
|
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.publish = exports.run = exports.restore = exports.validate = void 0;
|
|
4
4
|
const debugModule = require("debug");
|
|
5
|
+
const errors = require("../../errors");
|
|
5
6
|
const errors_1 = require("../../errors");
|
|
6
7
|
const path = require("path");
|
|
7
8
|
const subprocess = require("./subprocess");
|
|
@@ -38,9 +39,21 @@ async function validate() {
|
|
|
38
39
|
exports.validate = validate;
|
|
39
40
|
async function restore(projectPath) {
|
|
40
41
|
const command = 'dotnet';
|
|
41
|
-
const args = ['restore', '--no-cache', projectPath];
|
|
42
|
-
await handle('restore', command, args);
|
|
43
|
-
|
|
42
|
+
const args = ['restore', '--no-cache', '--verbosity', 'normal', projectPath];
|
|
43
|
+
const result = await handle('restore', command, args);
|
|
44
|
+
// A customer can define a <BaseOutPutPath> that redirects where `dotnet` saves the assets file. This will
|
|
45
|
+
// get picked up by the dotnet tool and reported in the output logs.
|
|
46
|
+
const regex = /Path:\s+(\S+project.assets.json)/g;
|
|
47
|
+
const matches = result.stdout.matchAll(regex);
|
|
48
|
+
const manifestFiles = [];
|
|
49
|
+
for (const match of matches) {
|
|
50
|
+
manifestFiles.push(match[1]);
|
|
51
|
+
}
|
|
52
|
+
if (manifestFiles.length === 0) {
|
|
53
|
+
throw new errors.FileNotProcessableError('found no information in stdout about the whereabouts of the assets file');
|
|
54
|
+
}
|
|
55
|
+
// Return the last element in the log, as it might be mentioning local asset files in reverse order.
|
|
56
|
+
return manifestFiles[manifestFiles.length - 1];
|
|
44
57
|
}
|
|
45
58
|
exports.restore = restore;
|
|
46
59
|
async function run(projectPath, options) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"dotnet.js","sourceRoot":"","sources":["../../../lib/nuget-parser/cli/dotnet.ts"],"names":[],"mappings":";;;AAAA,qCAAqC;AACrC,yCAA+C;AAC/C,6BAA6B;AAC7B,2CAA2C;AAC3C,yBAAyB;AACzB,yBAAyB;AAEzB,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;AAElC,KAAK,UAAU,MAAM,CACnB,SAAiB,EACjB,OAAe,EACf,IAAc;IAEd,KAAK,CAAC,2BAA2B,SAAS,KAAK,OAAO,EAAE,CAAC,CAAC;IAE1D,IAAI,CAAC;QACH,OAAO,MAAM,UAAU,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IACjD,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,IACE,CAAC,CACC,OAAO,KAAK,KAAK,QAAQ;YACzB,KAAK,KAAK,IAAI;YACd,QAAQ,IAAI,KAAK;YACjB,QAAQ,IAAI,KAAK,CAClB,EACD,CAAC;YACD,MAAM,IAAI,wBAAe,CACvB,UAAU,SAAS,uBAAuB,KAAK,EAAE,CAClD,CAAC;QACJ,CAAC;QAED,MAAM,OAAO,GAAG,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC;QAC7C,MAAM,IAAI,wBAAe,CACvB,UAAU,SAAS,uBAAuB,OAAO,EAAE,CACpD,CAAC;IACJ,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,QAAQ;IAC5B,MAAM,OAAO,GAAG,QAAQ,CAAC;IACzB,MAAM,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;IAE3B,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;IACzC,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,KAAK,CAAC,qDAAqD,CAAC,CAAC;QAC7D,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC;AAVD,4BAUC;AAEM,KAAK,UAAU,OAAO,CAAC,WAAmB;IAC/C,MAAM,OAAO,GAAG,QAAQ,CAAC;IACzB,MAAM,IAAI,GAAG,CAAC,SAAS,EAAE,YAAY,EAAE,WAAW,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"dotnet.js","sourceRoot":"","sources":["../../../lib/nuget-parser/cli/dotnet.ts"],"names":[],"mappings":";;;AAAA,qCAAqC;AACrC,uCAAuC;AACvC,yCAA+C;AAC/C,6BAA6B;AAC7B,2CAA2C;AAC3C,yBAAyB;AACzB,yBAAyB;AAEzB,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;AAElC,KAAK,UAAU,MAAM,CACnB,SAAiB,EACjB,OAAe,EACf,IAAc;IAEd,KAAK,CAAC,2BAA2B,SAAS,KAAK,OAAO,EAAE,CAAC,CAAC;IAE1D,IAAI,CAAC;QACH,OAAO,MAAM,UAAU,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IACjD,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,IACE,CAAC,CACC,OAAO,KAAK,KAAK,QAAQ;YACzB,KAAK,KAAK,IAAI;YACd,QAAQ,IAAI,KAAK;YACjB,QAAQ,IAAI,KAAK,CAClB,EACD,CAAC;YACD,MAAM,IAAI,wBAAe,CACvB,UAAU,SAAS,uBAAuB,KAAK,EAAE,CAClD,CAAC;QACJ,CAAC;QAED,MAAM,OAAO,GAAG,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC;QAC7C,MAAM,IAAI,wBAAe,CACvB,UAAU,SAAS,uBAAuB,OAAO,EAAE,CACpD,CAAC;IACJ,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,QAAQ;IAC5B,MAAM,OAAO,GAAG,QAAQ,CAAC;IACzB,MAAM,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;IAE3B,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;IACzC,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,KAAK,CAAC,qDAAqD,CAAC,CAAC;QAC7D,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC;AAVD,4BAUC;AAEM,KAAK,UAAU,OAAO,CAAC,WAAmB;IAC/C,MAAM,OAAO,GAAG,QAAQ,CAAC;IACzB,MAAM,IAAI,GAAG,CAAC,SAAS,EAAE,YAAY,EAAE,aAAa,EAAE,QAAQ,EAAE,WAAW,CAAC,CAAC;IAC7E,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;IAEtD,0GAA0G;IAC1G,oEAAoE;IACpE,MAAM,KAAK,GAAG,mCAAmC,CAAC;IAClD,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAE9C,MAAM,aAAa,GAAa,EAAE,CAAC;IACnC,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/B,CAAC;IAED,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC/B,MAAM,IAAI,MAAM,CAAC,uBAAuB,CACtC,yEAAyE,CAC1E,CAAC;IACJ,CAAC;IAED,oGAAoG;IACpG,OAAO,aAAa,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;AACjD,CAAC;AAvBD,0BAuBC;AAEM,KAAK,UAAU,GAAG,CACvB,WAAmB,EACnB,OAAiB;IAEjB,MAAM,OAAO,GAAG,QAAQ,CAAC;IACzB,MAAM,IAAI,GAAG,CAAC,KAAK,EAAE,WAAW,EAAE,WAAW,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAC/D,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;IACpD,OAAO,QAAQ,CAAC,MAAM,CAAC;AACzB,CAAC;AARD,kBAQC;AAEM,KAAK,UAAU,OAAO,CAC3B,WAAmB,EACnB,eAAwB;IAExB,MAAM,OAAO,GAAG,QAAQ,CAAC;IACzB,MAAM,IAAI,GAAG,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC;IACrC,sGAAsG;IACtG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAElB,0DAA0D;IAC1D,qFAAqF;IACrF,oGAAoG;IACpG,IAAI,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;IAEnC,yHAAyH;IACzH,IAAI,eAAe,EAAE,CAAC;QACpB,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QACzB,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;IAC7B,CAAC;IAED,0GAA0G;IAC1G,MAAM,OAAO,GAAG,EAAE,CAAC,WAAW,CAC5B,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,mCAAmC,CAAC,CAC5D,CAAC;IACF,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACtB,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAEnB,0EAA0E;IAC1E,oFAAoF;IACpF,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IAEvB,MAAM,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;IAEvC,OAAO,OAAO,CAAC;AACjB,CAAC;AAlCD,0BAkCC"}
|
|
@@ -63,7 +63,6 @@ async function buildDepGraphFromFiles(root, targetFile, manifestType, useProject
|
|
|
63
63
|
const safeTargetFile = targetFile || '.';
|
|
64
64
|
const fileContentPath = path.resolve(safeRoot, safeTargetFile);
|
|
65
65
|
const fileContent = getFileContents(fileContentPath);
|
|
66
|
-
const projectRootFolder = path.resolve(fileContentPath, '../../');
|
|
67
66
|
const parser = PARSERS['dotnet-core-v2'];
|
|
68
67
|
const projectAssets = await parser.fileContentParser.parse(fileContent);
|
|
69
68
|
if (!((_a = projectAssets.project) === null || _a === void 0 ? void 0 : _a.frameworks)) {
|
|
@@ -73,14 +72,14 @@ async function buildDepGraphFromFiles(root, targetFile, manifestType, useProject
|
|
|
73
72
|
// otherwise the raw key name, as it's not guaranteed that all framework objects contains a targetAlias.
|
|
74
73
|
const targetFrameworks = Object.entries(projectAssets.project.frameworks).map(([key, value]) => ('targetAlias' in value ? value.targetAlias : key));
|
|
75
74
|
if (targetFrameworks.length <= 0) {
|
|
76
|
-
throw new errors_1.FileNotProcessableError(`unable to detect a target framework in ${
|
|
75
|
+
throw new errors_1.FileNotProcessableError(`unable to detect a target framework in ${safeTargetFile}, a valid one is needed to continue down this path.`);
|
|
77
76
|
}
|
|
78
77
|
if (targetFramework && !targetFrameworks.includes(targetFramework)) {
|
|
79
78
|
console.log(`\x1b[33m⚠ WARNING\x1b[0m: Supplied targetframework \x1b[1m${targetFramework}\x1b[0m was not detected in the supplied
|
|
80
79
|
manifest file. Available targetFrameworks detected was \x1b[1m${targetFrameworks.join(',')}\x1b[0m.
|
|
81
80
|
Will attempt to build dependency graph anyway, but the operation might fail.`);
|
|
82
81
|
}
|
|
83
|
-
let resolvedProjectName = getRootName(root,
|
|
82
|
+
let resolvedProjectName = getRootName(root, safeRoot, projectNamePrefix);
|
|
84
83
|
const projectNameFromManifestFile = (_c = (_b = projectAssets === null || projectAssets === void 0 ? void 0 : projectAssets.project) === null || _b === void 0 ? void 0 : _b.restore) === null || _c === void 0 ? void 0 : _c.projectName;
|
|
85
84
|
if (manifestType === types_1.ManifestType.DOTNET_CORE &&
|
|
86
85
|
useProjectNameFromAssetsFile) {
|
|
@@ -104,12 +103,12 @@ Will attempt to build dependency graph anyway, but the operation might fail.`);
|
|
|
104
103
|
if (decidedTargetFrameworks.length == 0) {
|
|
105
104
|
throw new errors_1.InvalidManifestError(`Was not able to find any supported TargetFrameworks to scan, aborting`);
|
|
106
105
|
}
|
|
106
|
+
// Ensure `dotnet` is installed on the system or fail trying.
|
|
107
|
+
await dotnet.validate();
|
|
107
108
|
const results = [];
|
|
108
109
|
for (const decidedTargetFramework of decidedTargetFrameworks) {
|
|
109
|
-
// Ensure `dotnet` is installed on the system or fail trying.
|
|
110
|
-
await dotnet.validate();
|
|
111
110
|
// Run `dotnet publish` to create a self-contained publishable binary with included .dlls for assembly version inspection.
|
|
112
|
-
const publishDir = await dotnet.publish(
|
|
111
|
+
const publishDir = await dotnet.publish(safeRoot, decidedTargetFramework);
|
|
113
112
|
// Then inspect the dependency graph for the runtimepackage's assembly versions.
|
|
114
113
|
const depsFilePath = path.resolve(publishDir, `${projectNameFromManifestFile}.deps.json`);
|
|
115
114
|
const depsFile = fs.readFileSync(depsFilePath);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../lib/nuget-parser/index.ts"],"names":[],"mappings":";;;AAAA,yBAAyB;AACzB,6BAA6B;AAC7B,wDAAwD;AACxD,qCAAqC;AACrC,iDAAiD;AACjD,iEAAiE;AACjE,sEAAsE;AACtE,2EAA2E;AAC3E,mEAAmE;AACnE,yEAAyE;AACzE,sCAA0E;AAC1E,mCAOiB;AACjB,uCAAuC;AACvC,yEAAyE;AACzE,sDAAsD;AAEtD,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;AAElC,MAAM,OAAO,GAAG;IACd,aAAa,EAAE;QACb,SAAS,EAAE,gBAAgB;QAC3B,iBAAiB,EAAE,IAAI;KACxB;IACD,gBAAgB,EAAE;QAChB,SAAS,EAAE,kBAAkB;QAC7B,iBAAiB,EAAE,IAAI;KACxB;IACD,iBAAiB,EAAE;QACjB,SAAS,EAAE,qBAAqB;QAChC,iBAAiB,EAAE,oBAAoB;KACxC;IACD,cAAc,EAAE;QACd,SAAS,EAAE,qBAAqB;QAChC,iBAAiB,EAAE,iBAAiB;KACrC;CACF,CAAC;AAEF,SAAS,iBAAiB,CAAC,cAAc,EAAE,iBAAiB;IAC1D,IAAI,cAAc,EAAE,CAAC;QACnB,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,cAAc,CAAC,CAAC;IACrD,CAAC;IACD,OAAO,IAAI,CAAC,OAAO,CAAC,iBAAiB,EAAE,UAAU,CAAC,CAAC;AACrD,CAAC;AAED,SAAS,WAAW,CAClB,IAAa,EACb,iBAA0B,EAC1B,iBAA0B;IAE1B,MAAM,eAAe,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,iBAAiB,IAAI,EAAE,CAAC,CAAC;IACvE,IAAI,iBAAiB,EAAE,CAAC;QACtB,OAAO,iBAAiB,GAAG,eAAe,CAAC;IAC7C,CAAC;IACD,OAAO,eAAe,CAAC;AACzB,CAAC;AAED,SAAS,eAAe,CAAC,eAAuB;IAC9C,IAAI,CAAC;QACH,KAAK,CAAC,sBAAsB,eAAe,EAAE,CAAC,CAAC;QAC/C,OAAO,EAAE,CAAC,YAAY,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;IACnD,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,MAAM,IAAI,gCAAuB,CAAC,KAAK,CAAC,CAAC;IAC3C,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,sBAAsB,CAC1C,IAAwB,EACxB,UAA8B,EAC9B,YAA0B,EAC1B,4BAAqC,EACrC,iBAA0B,EAC1B,eAAwB;;IAExB,MAAM,QAAQ,GAAG,IAAI,IAAI,GAAG,CAAC;IAC7B,MAAM,cAAc,GAAG,UAAU,IAAI,GAAG,CAAC;IACzC,MAAM,eAAe,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;IAC/D,MAAM,WAAW,GAAG,eAAe,CAAC,eAAe,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../lib/nuget-parser/index.ts"],"names":[],"mappings":";;;AAAA,yBAAyB;AACzB,6BAA6B;AAC7B,wDAAwD;AACxD,qCAAqC;AACrC,iDAAiD;AACjD,iEAAiE;AACjE,sEAAsE;AACtE,2EAA2E;AAC3E,mEAAmE;AACnE,yEAAyE;AACzE,sCAA0E;AAC1E,mCAOiB;AACjB,uCAAuC;AACvC,yEAAyE;AACzE,sDAAsD;AAEtD,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;AAElC,MAAM,OAAO,GAAG;IACd,aAAa,EAAE;QACb,SAAS,EAAE,gBAAgB;QAC3B,iBAAiB,EAAE,IAAI;KACxB;IACD,gBAAgB,EAAE;QAChB,SAAS,EAAE,kBAAkB;QAC7B,iBAAiB,EAAE,IAAI;KACxB;IACD,iBAAiB,EAAE;QACjB,SAAS,EAAE,qBAAqB;QAChC,iBAAiB,EAAE,oBAAoB;KACxC;IACD,cAAc,EAAE;QACd,SAAS,EAAE,qBAAqB;QAChC,iBAAiB,EAAE,iBAAiB;KACrC;CACF,CAAC;AAEF,SAAS,iBAAiB,CAAC,cAAc,EAAE,iBAAiB;IAC1D,IAAI,cAAc,EAAE,CAAC;QACnB,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,cAAc,CAAC,CAAC;IACrD,CAAC;IACD,OAAO,IAAI,CAAC,OAAO,CAAC,iBAAiB,EAAE,UAAU,CAAC,CAAC;AACrD,CAAC;AAED,SAAS,WAAW,CAClB,IAAa,EACb,iBAA0B,EAC1B,iBAA0B;IAE1B,MAAM,eAAe,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,iBAAiB,IAAI,EAAE,CAAC,CAAC;IACvE,IAAI,iBAAiB,EAAE,CAAC;QACtB,OAAO,iBAAiB,GAAG,eAAe,CAAC;IAC7C,CAAC;IACD,OAAO,eAAe,CAAC;AACzB,CAAC;AAED,SAAS,eAAe,CAAC,eAAuB;IAC9C,IAAI,CAAC;QACH,KAAK,CAAC,sBAAsB,eAAe,EAAE,CAAC,CAAC;QAC/C,OAAO,EAAE,CAAC,YAAY,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;IACnD,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,MAAM,IAAI,gCAAuB,CAAC,KAAK,CAAC,CAAC;IAC3C,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,sBAAsB,CAC1C,IAAwB,EACxB,UAA8B,EAC9B,YAA0B,EAC1B,4BAAqC,EACrC,iBAA0B,EAC1B,eAAwB;;IAExB,MAAM,QAAQ,GAAG,IAAI,IAAI,GAAG,CAAC;IAC7B,MAAM,cAAc,GAAG,UAAU,IAAI,GAAG,CAAC;IACzC,MAAM,eAAe,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;IAC/D,MAAM,WAAW,GAAG,eAAe,CAAC,eAAe,CAAC,CAAC;IAErD,MAAM,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;IACzC,MAAM,aAAa,GACjB,MAAM,MAAM,CAAC,iBAAiB,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;IAEpD,IAAI,CAAC,CAAA,MAAA,aAAa,CAAC,OAAO,0CAAE,UAAU,CAAA,EAAE,CAAC;QACvC,MAAM,IAAI,gCAAuB,CAC/B,0DAA0D,cAAc,qDAAqD,CAC9H,CAAC;IACJ,CAAC;IAED,0GAA0G;IAC1G,wGAAwG;IACxG,MAAM,gBAAgB,GAAG,MAAM,CAAC,OAAO,CAAC,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,GAAG,CAC3E,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC,aAAa,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,CACrE,CAAC;IAEF,IAAI,gBAAgB,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QACjC,MAAM,IAAI,gCAAuB,CAC/B,0CAA0C,cAAc,qDAAqD,CAC9G,CAAC;IACJ,CAAC;IAED,IAAI,eAAe,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,eAAe,CAAC,EAAE,CAAC;QACnE,OAAO,CAAC,GAAG,CAAC,6DAA6D,eAAe;gEAC5B,gBAAgB,CAAC,IAAI,CAC/E,GAAG,CACJ;6EACwE,CAAC,CAAC;IAC7E,CAAC;IAED,IAAI,mBAAmB,GAAG,WAAW,CAAC,IAAI,EAAE,QAAQ,EAAE,iBAAiB,CAAC,CAAC;IAEzE,MAAM,2BAA2B,GAC/B,MAAA,MAAA,aAAa,aAAb,aAAa,uBAAb,aAAa,CAAE,OAAO,0CAAE,OAAO,0CAAE,WAAW,CAAC;IAC/C,IACE,YAAY,KAAK,oBAAY,CAAC,WAAW;QACzC,4BAA4B,EAC5B,CAAC;QACD,IAAI,2BAA2B,EAAE,CAAC;YAChC,mBAAmB,GAAG,2BAA2B,CAAC;QACpD,CAAC;aAAM,CAAC;YACN,KAAK,CACH,4FAA4F,mBAAmB,EAAE,CAClH,CAAC;QACJ,CAAC;IACH,CAAC;IACD,kGAAkG;IAClG,MAAM,uBAAuB,GAAG,eAAe;QAC7C,CAAC,CAAC,CAAC,eAAe,CAAC;QACnB,CAAC,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC,SAAS,EAAE,EAAE;YACpC,IAAI,CAAC,UAAU,CAAC,8BAA8B,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC1D,OAAO,CAAC,GAAG,CACT,qPAAqP,SAAS,iCAAiC,CAChS,CAAC;gBACF,OAAO,KAAK,CAAC;YACf,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC,CAAC,CAAC;IAEP,IAAI,uBAAuB,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QACxC,MAAM,IAAI,6BAAoB,CAC5B,uEAAuE,CACxE,CAAC;IACJ,CAAC;IACD,6DAA6D;IAC7D,MAAM,MAAM,CAAC,QAAQ,EAAE,CAAC;IAExB,MAAM,OAAO,GAAwB,EAAE,CAAC;IACxC,KAAK,MAAM,sBAAsB,IAAI,uBAAuB,EAAE,CAAC;QAC7D,0HAA0H;QAC1H,MAAM,UAAU,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,QAAQ,EAAE,sBAAsB,CAAC,CAAC;QAE1E,gFAAgF;QAChF,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAC/B,UAAU,EACV,GAAG,2BAA2B,YAAY,CAC3C,CAAC;QAEF,MAAM,QAAQ,GAAG,EAAE,CAAC,YAAY,CAAC,YAAY,CAAC,CAAC;QAC/C,MAAM,oBAAoB,GAAyB,IAAI,CAAC,KAAK,CAC3D,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,CAC3B,CAAC;QAEF,MAAM,gBAAgB,GACpB,eAAe,CAAC,yBAAyB,CAAC,oBAAoB,CAAC,CAAC;QAElE,kHAAkH;QAClH,mEAAmE;QACnE,MAAM,QAAQ,GAAG,qBAAqB,CAAC,QAAQ,EAAE,CAAC;QAClD,MAAM,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC/B,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,sBAAsB,CAAC,CAAC,CAAC;QACtE,MAAM,mBAAmB,GAAwB,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QACtE,IAAI,mBAAmB,CAAC,aAAa,EAAE,CAAC;YACtC,MAAM,IAAI,6BAAoB,CAC5B,qDAAqD,sBAAsB,qDAAqD,CACjI,CAAC;QACJ,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,CACrC,mBAAmB,EACnB,aAAa,EACb,oBAAoB,EACpB,gBAAgB,CACjB,CAAC;QACF,OAAO,CAAC,IAAI,CAAC;YACX,eAAe,EAAE,QAAQ;YACzB,eAAe,EAAE,sBAAsB;SACxC,CAAC,CAAC;IACL,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AA5HD,wDA4HC;AAEM,KAAK,UAAU,qBAAqB,CACzC,IAAwB,EACxB,UAA8B,EAC9B,kBAAsC,EACtC,YAA0B,EAC1B,4BAAqC,EACrC,iBAA0B;;IAE1B,MAAM,QAAQ,GAAG,IAAI,IAAI,GAAG,CAAC;IAC7B,MAAM,cAAc,GAAG,UAAU,IAAI,GAAG,CAAC;IACzC,MAAM,eAAe,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;IAC/D,MAAM,WAAW,GAAG,eAAe,CAAC,eAAe,CAAC,CAAC;IACrD,MAAM,iBAAiB,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,QAAQ,CAAC,CAAC;IAClE,MAAM,cAAc,GAAG,iBAAiB,CACtC,kBAAkB,EAClB,iBAAiB,CAClB,CAAC;IAEF,MAAM,IAAI,GAAG;QACX,YAAY,EAAE,EAAE;QAChB,IAAI,EAAE,EAAE;QACR,IAAI,EAAE,WAAW,CAAC,IAAI,EAAE,iBAAiB,EAAE,iBAAiB,CAAC;QAC7D,oBAAoB,EAAE,aAAa;QACnC,OAAO,EAAE,OAAO;KACjB,CAAC;IAEF,IAAI,gBAAmC,CAAC;IACxC,IAAI,CAAC;QACH,IAAI,YAAY,KAAK,oBAAY,CAAC,WAAW,EAAE,CAAC;YAC9C,gBAAgB;gBACd,YAAY,CAAC,+BAA+B,CAAC,iBAAiB,CAAC,CAAC;QACpE,CAAC;aAAM,CAAC;YACN,sEAAsE;YACtE,MAAM,0BAA0B,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,KAAK,CAAC,CAAC;YACxE,gBAAgB,GAAG,YAAY,CAAC,+BAA+B,CAC7D,0BAA0B,CAC3B,CAAC;YAEF,+FAA+F;YAC/F,IAAI,gBAAgB,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;gBACjC,+CAA+C;gBAC/C,IAAI,YAAY,KAAK,oBAAY,CAAC,eAAe,EAAE,CAAC;oBAClD,MAAM,sBAAsB,GAC1B,MAAM,oBAAoB,CAAC,yBAAyB,CAAC,WAAW,CAAC,CAAC;oBACpE,IAAI,sBAAsB,EAAE,CAAC;wBAC3B,gBAAgB,GAAG,CAAC,sBAAsB,CAAC,CAAC;oBAC9C,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC/B,CAAC;IAED,mDAAmD;IACnD,4FAA4F;IAC5F,MAAM,eAAe,GACnB,gBAAgB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;IACzE,IAAI,CAAC,IAAI,GAAG;QACV,eAAe,EAAE,eAAe;KACjC,CAAC;IAEF,MAAM,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACrC,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,KAAK,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;IAEzE,IACE,YAAY,KAAK,oBAAY,CAAC,WAAW;QACzC,4BAA4B,EAC5B,CAAC;QACD,MAAM,WAAW,GAAG,MAAA,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,OAAO,0CAAE,OAAO,0CAAE,WAAW,CAAC;QAE5D,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,CAAC,IAAI,GAAG,WAAW,CAAC;QAC1B,CAAC;aAAM,CAAC;YACN,KAAK,CACH,2FAA2F;gBACzF,IAAI,CAAC,IAAI,CACZ,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC,SAAS,CAAC,KAAK,CAC3B,IAAI,EACJ,QAAQ,EACR,eAAe,EACf,cAAc,CACf,CAAC;AACJ,CAAC;AAvFD,sDAuFC"}
|
|
@@ -5,6 +5,7 @@ const parseXML = require("xml2js");
|
|
|
5
5
|
const debugModule = require("debug");
|
|
6
6
|
const depsParser = require("dotnet-deps-parser");
|
|
7
7
|
const framework_1 = require("../framework");
|
|
8
|
+
const errors_1 = require("../../errors");
|
|
8
9
|
const debug = debugModule('snyk');
|
|
9
10
|
function fromPackagesConfigEntry(manifest) {
|
|
10
11
|
debug('Extracting by packages.config entry:' +
|
|
@@ -26,13 +27,14 @@ function parse(fileContent) {
|
|
|
26
27
|
if (err) {
|
|
27
28
|
throw err;
|
|
28
29
|
}
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
packages.forEach(function scanPackagesConfigNode(node) {
|
|
32
|
-
const installedDependency = fromPackagesConfigEntry(node);
|
|
33
|
-
installedPackages.push(installedDependency);
|
|
34
|
-
});
|
|
30
|
+
if (!('packages' in result)) {
|
|
31
|
+
throw new errors_1.InvalidManifestError(`Could not find a <packages> tag in your packages.config file. Please read this guide \x1b[4mhttps://learn.microsoft.com/en-us/nuget/reference/packages-config#schema\x1b[0m.`);
|
|
35
32
|
}
|
|
33
|
+
const packages = result.packages.package || [];
|
|
34
|
+
packages.forEach(function scanPackagesConfigNode(node) {
|
|
35
|
+
const installedDependency = fromPackagesConfigEntry(node);
|
|
36
|
+
installedPackages.push(installedDependency);
|
|
37
|
+
});
|
|
36
38
|
});
|
|
37
39
|
return installedPackages;
|
|
38
40
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"packages-config-parser.js","sourceRoot":"","sources":["../../../lib/nuget-parser/parsers/packages-config-parser.ts"],"names":[],"mappings":";;;AAAA,mCAAmC;AACnC,qCAAqC;AAErC,iDAAiD;AACjD,4CAAmD;
|
|
1
|
+
{"version":3,"file":"packages-config-parser.js","sourceRoot":"","sources":["../../../lib/nuget-parser/parsers/packages-config-parser.ts"],"names":[],"mappings":";;;AAAA,mCAAmC;AACnC,qCAAqC;AAErC,iDAAiD;AACjD,4CAAmD;AACnD,yCAAoD;AAEpD,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;AAElC,SAAgB,uBAAuB,CAAC,QAAQ;IAC9C,KAAK,CACH,sCAAsC;QACpC,UAAU;QACV,QAAQ,CAAC,CAAC,CAAC,EAAE;QACb,aAAa;QACb,QAAQ,CAAC,CAAC,CAAC,OAAO,CACrB,CAAC;IACF,OAAO;QACL,YAAY,EAAE,EAAE;QAChB,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAC,EAAE;QACnB,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC,OAAO;KAC5B,CAAC;AACJ,CAAC;AAbD,0DAaC;AAED,SAAgB,KAAK,CAAC,WAAW;IAC/B,MAAM,iBAAiB,GAAiB,EAAE,CAAC;IAC3C,KAAK,CAAC,0CAA0C,CAAC,CAAC;IAClD,QAAQ,CAAC,WAAW,CAAC,WAAW,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,EAAE;QAChD,IAAI,GAAG,EAAE,CAAC;YACR,MAAM,GAAG,CAAC;QACZ,CAAC;QACD,IAAI,CAAC,CAAC,UAAU,IAAI,MAAM,CAAC,EAAE,CAAC;YAC5B,MAAM,IAAI,6BAAoB,CAC5B,8KAA8K,CAC/K,CAAC;QACJ,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,OAAO,IAAI,EAAE,CAAC;QAC/C,QAAQ,CAAC,OAAO,CAAC,SAAS,sBAAsB,CAAC,IAAI;YACnD,MAAM,mBAAmB,GAAG,uBAAuB,CAAC,IAAI,CAAC,CAAC;YAC1D,iBAAiB,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QAC9C,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IACH,OAAO,iBAAiB,CAAC;AAC3B,CAAC;AApBD,sBAoBC;AAEM,KAAK,UAAU,yBAAyB,CAC7C,WAAmB;IAEnB,MAAM,mBAAmB,GACvB,MAAM,UAAU,CAAC,wCAAwC,CAAC,WAAW,CAAC,CAAC;IAEzE,IAAI,mBAAmB,IAAI,mBAAmB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1D,MAAM,gBAAgB,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,EAAE,CACjE,IAAI,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAC1B,CAAC;QACF,OAAO,IAAA,+BAAmB,EAAC,gBAAgB,CAAC,CAAC;IAC/C,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAdD,8DAcC"}
|
package/package.json
CHANGED