snyk-nuget-plugin 2.7.14 → 2.7.15
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
import * as depGraphLib from '@snyk/dep-graph';
|
|
2
2
|
import { AssemblyVersions, ProjectAssets, PublishedProjectDeps } from '../types';
|
|
3
3
|
export declare const FILTERED_DEPENDENCY_PREFIX: string[];
|
|
4
|
-
export declare function extractLocalProjects(libs: Record<string, any>): string[];
|
|
5
4
|
export declare function parse(projectName: string, projectAssets: ProjectAssets, publishedProjectDeps: PublishedProjectDeps, runtimeAssembly: AssemblyVersions): depGraphLib.DepGraph;
|
|
@@ -1,7 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.FILTERED_DEPENDENCY_PREFIX = void 0;
|
|
4
|
-
exports.extractLocalProjects = extractLocalProjects;
|
|
5
4
|
exports.parse = parse;
|
|
6
5
|
const debugModule = require("debug");
|
|
7
6
|
const dep_graph_1 = require("@snyk/dep-graph");
|
|
@@ -73,6 +72,9 @@ function extractLocalProjects(libs) {
|
|
|
73
72
|
}
|
|
74
73
|
return localPackages;
|
|
75
74
|
}
|
|
75
|
+
function getDllName(depName) {
|
|
76
|
+
return `${depName}.dll`;
|
|
77
|
+
}
|
|
76
78
|
function buildGraph(projectName, projectAssets, publishedProjectDeps, runtimeAssembly) {
|
|
77
79
|
const depGraphBuilder = new dep_graph_1.DepGraphBuilder({ name: 'nuget' }, {
|
|
78
80
|
name: projectName,
|
|
@@ -114,18 +116,29 @@ function buildGraph(projectName, projectAssets, publishedProjectDeps, runtimeAss
|
|
|
114
116
|
// runtimeAssembly doesn't have entries if the target framework is `netstandard`
|
|
115
117
|
if (Object.keys(runtimeAssembly).length > 0) {
|
|
116
118
|
const localPackagesNames = extractLocalProjects(publishedProjectDeps.libraries);
|
|
117
|
-
// Overwriting the runtime versions with the versions declared in the manifest files.
|
|
118
119
|
const targets = publishedProjectDeps.targets[runtimeTarget];
|
|
120
|
+
// Overwriting the runtime versions with the values used in local projects.
|
|
119
121
|
for (const pgkName of localPackagesNames) {
|
|
120
122
|
if (targets[pgkName]?.dependencies) {
|
|
121
123
|
for (const [key, value] of Object.entries(targets[pgkName].dependencies)) {
|
|
122
|
-
const dllName =
|
|
124
|
+
const dllName = getDllName(key);
|
|
123
125
|
if (runtimeAssembly[dllName]) {
|
|
124
126
|
runtimeAssembly[dllName] = value;
|
|
125
127
|
}
|
|
126
128
|
}
|
|
127
129
|
}
|
|
128
130
|
}
|
|
131
|
+
// Overwriting the runtime versions with the values used in fetched packages.
|
|
132
|
+
for (const [key, value] of Object.entries(targets)) {
|
|
133
|
+
if (value && Object.keys(value).length === 0) {
|
|
134
|
+
const [depName, depVersion] = key.split('/');
|
|
135
|
+
const dllName = getDllName(depName);
|
|
136
|
+
// NuGet’s dependency resolution mechanism will choose the higher available version.
|
|
137
|
+
if (runtimeAssembly[dllName] && depVersion > runtimeAssembly[dllName]) {
|
|
138
|
+
runtimeAssembly[dllName] = depVersion;
|
|
139
|
+
}
|
|
140
|
+
}
|
|
141
|
+
}
|
|
129
142
|
}
|
|
130
143
|
recursivelyPopulateNodes(depGraphBuilder, targetDependencies, rootNode, runtimeAssembly);
|
|
131
144
|
return depGraphBuilder.build();
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"dotnet-core-v2-parser.js","sourceRoot":"","sources":["../../../lib/nuget-parser/parsers/dotnet-core-v2-parser.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"dotnet-core-v2-parser.js","sourceRoot":"","sources":["../../../lib/nuget-parser/parsers/dotnet-core-v2-parser.ts"],"names":[],"mappings":";;;AAsPA,sBAeC;AArQD,qCAAqC;AAErC,+CAAkD;AAMlD,yCAAoD;AAEpD,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;AAYlC,oDAAoD;AACvC,QAAA,0BAA0B,GAAG;IACxC,gHAAgH;IAChH,oHAAoH;IACpH,sHAAsH;IACtH,sHAAsH;IACtH,8EAA8E;IAC9E,SAAS;CACV,CAAC;AAEF,SAAS,wBAAwB,CAC/B,eAAgC,EAChC,UAAyC,EACzC,IAAmB,EACnB,eAAiC,EACjC,OAAqB;IAErB,MAAM,QAAQ,GACZ,IAAI,CAAC,IAAI,KAAK,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;IAEtE,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,IAAI,EAAE,CAAC,EAAE,CAAC;QAC9D,MAAM,YAAY,GAAG,OAAO,IAAI,IAAI,GAAG,EAAU,CAAC;QAClD,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QACxB,MAAM,OAAO,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QAE3B,gHAAgH;QAChH,+FAA+F;QAC/F,IAAI,kCAA0B,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC;YACzE,KAAK,CAAC,GAAG,IAAI,kDAAkD,CAAC,CAAC;YACjE,SAAS;QACX,CAAC;QAED,MAAM,SAAS,GAAG;YAChB,GAAG,UAAU,CAAC,GAAG,IAAI,IAAI,OAAO,EAAE,CAAC;YACnC,IAAI;YACJ,OAAO;SACR,CAAC;QAEF,MAAM,OAAO,GAAG,GAAG,SAAS,CAAC,IAAI,IAAI,SAAS,CAAC,OAAO,EAAE,CAAC;QAEzD,2GAA2G;QAC3G,0FAA0F;QAC1F,IAAI,eAAe,GAAG,OAAO,CAAC;QAC9B,4GAA4G;QAC5G,sGAAsG;QACtG,MAAM,GAAG,GAAG,GAAG,IAAI,MAAM,CAAC;QAC1B,IAAI,GAAG,IAAI,eAAe,EAAE,CAAC;YAC3B,eAAe,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;QACzC,CAAC;QAED,IAAI,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;YAC9B,MAAM,QAAQ,GAAG,GAAG,OAAO,SAAS,CAAC;YACrC,eAAe,CAAC,UAAU,CACxB,EAAE,IAAI,EAAE,SAAS,CAAC,IAAI,EAAE,OAAO,EAAE,eAAe,EAAE,EAClD,QAAQ,EACR;gBACE,MAAM,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE;aAC3B,CACF,CAAC;YACF,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;YAC/C,SAAS;QACX,CAAC;QAED,eAAe,CAAC,UAAU,CACxB,EAAE,IAAI,EAAE,SAAS,CAAC,IAAI,EAAE,OAAO,EAAE,eAAe,EAAE,EAClD,OAAO,CACR,CAAC;QACF,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC9C,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAE1B,wBAAwB,CACtB,eAAe,EACf,UAAU,EACV,SAAS,EACT,eAAe,EACf,YAAY,CACb,CAAC;IACJ,CAAC;AACH,CAAC;AAED,SAAS,sBAAsB,CAC7B,oBAA0C,EAC1C,aAAqB,EACrB,WAAmB;IAEnB,OAAO,MAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CACzE,CAAC,CAAC,UAAU,CAAC,WAAW,CAAC,CAC1B,CAAC;AACJ,CAAC;AAED,SAAS,oBAAoB,CAAC,IAAyB;IACrD,MAAM,aAAa,GAAa,EAAE,CAAC;IAEnC,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;QAChD,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;YACjC,sFAAsF;YACtF,uHAAuH;YACvH,IAAI,CAAC,KAAK,CAAC,WAAW,IAAI,CAAC,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;gBACpE,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YAC1B,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,aAAa,CAAC;AACvB,CAAC;AAED,SAAS,UAAU,CAAC,OAAe;IACjC,OAAO,GAAG,OAAO,MAAM,CAAC;AAC1B,CAAC;AAED,SAAS,UAAU,CACjB,WAAmB,EACnB,aAA4B,EAC5B,oBAA0C,EAC1C,eAAiC;IAEjC,MAAM,eAAe,GAAG,IAAI,2BAAe,CACzC,EAAE,IAAI,EAAE,OAAO,EAAE,EACjB;QACE,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,aAAa,CAAC,OAAO,CAAC,OAAO;KACvC,CACF,CAAC;IAEF,iHAAiH;IACjH,qDAAqD;IACrD,MAAM,aAAa,GAAG,oBAAoB,CAAC,aAAa,CAAC,IAAI,CAAC;IAE9D,oFAAoF;IACpF,IAAI,MAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QAC1D,MAAM,IAAI,6BAAoB,CAC5B,2HAA2H,CAC5H,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,CAAC,aAAa,IAAI,oBAAoB,CAAC,OAAO,CAAC,EAAE,CAAC;QACrD,MAAM,IAAI,6BAAoB,CAC5B,MAAM,aAAa,sDAAsD,CAC1E,CAAC;IACJ,CAAC;IAED,iHAAiH;IACjH,kHAAkH;IAClH,2GAA2G;IAC3G,MAAM,kBAAkB,GACtB,sBAAsB,CACpB,oBAAoB,EACpB,aAAa,EACb,aAAa,CAAC,OAAO,CAAC,OAAO,CAAC,WAAW,CAC1C;QACD,8DAA8D;QAC9D,oIAAoI;QACpI,sBAAsB,CAAC,oBAAoB,EAAE,aAAa,EAAE,WAAW,CAAC,CAAC;IAE3E,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACxB,MAAM,IAAI,6BAAoB,CAC5B,8BAA8B,aAAa,CAAC,OAAO,CAAC,OAAO,CAAC,WAAW,OAAO,WAAW,aAAa,aAAa,qCAAqC,CACzJ,CAAC;IACJ,CAAC;IAED,6GAA6G;IAC7G,+CAA+C;IAC/C,MAAM,mBAAmB,GACvB,oBAAoB,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,kBAAkB,CAAC;SAC5D,YAAY,CAAC;IAElB,mHAAmH;IACnH,MAAM,kBAAkB,GAAkC,MAAM,CAAC,OAAO,CACtE,oBAAoB,CAAC,OAAO,CAAC,aAAa,CAAC,CAC5C,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE;QACtB,MAAM,CAAC,eAAe,EAAE,GAAG,CAAC,GAAG,KAAK,CAAC;QACrC,OAAO,EAAE,GAAG,GAAG,EAAE,CAAC,eAAe,CAAC,EAAE,GAAG,EAAE,CAAC;IAC5C,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,MAAM,QAAQ,GAAG;QACf,IAAI,EAAE,MAAM;QACZ,YAAY,EAAE,mBAAmB;KACjB,CAAC;IAEnB,gFAAgF;IAChF,IAAI,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5C,MAAM,kBAAkB,GAAG,oBAAoB,CAC7C,oBAAoB,CAAC,SAAS,CAC/B,CAAC;QAEF,MAAM,OAAO,GAAG,oBAAoB,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;QAE5D,2EAA2E;QAC3E,KAAK,MAAM,OAAO,IAAI,kBAAkB,EAAE,CAAC;YACzC,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,YAAY,EAAE,CAAC;gBACnC,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CACvC,OAAO,CAAC,OAAO,CAAC,CAAC,YAAY,CAC9B,EAAE,CAAC;oBACF,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;oBAChC,IAAI,eAAe,CAAC,OAAO,CAAC,EAAE,CAAC;wBAC7B,eAAe,CAAC,OAAO,CAAC,GAAG,KAAe,CAAC;oBAC7C,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,6EAA6E;QAC7E,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;YACnD,IAAI,KAAK,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC7C,MAAM,CAAC,OAAO,EAAE,UAAU,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBAC7C,MAAM,OAAO,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC;gBACpC,oFAAoF;gBACpF,IAAI,eAAe,CAAC,OAAO,CAAC,IAAI,UAAU,GAAG,eAAe,CAAC,OAAO,CAAC,EAAE,CAAC;oBACtE,eAAe,CAAC,OAAO,CAAC,GAAG,UAAoB,CAAC;gBAClD,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,wBAAwB,CACtB,eAAe,EACf,kBAAkB,EAClB,QAAQ,EACR,eAAe,CAChB,CAAC;IAEF,OAAO,eAAe,CAAC,KAAK,EAAE,CAAC;AACjC,CAAC;AAED,SAAgB,KAAK,CACnB,WAAmB,EACnB,aAA4B,EAC5B,oBAA0C,EAC1C,eAAiC;IAEjC,KAAK,CAAC,6DAA6D,CAAC,CAAC;IAErE,MAAM,MAAM,GAAG,UAAU,CACvB,WAAW,EACX,aAAa,EACb,oBAAoB,EACpB,eAAe,CAChB,CAAC;IACF,OAAO,MAAM,CAAC;AAChB,CAAC"}
|
package/package.json
CHANGED