snyk-nuget-plugin - npm Package Compare versions

Comparing version 1.9.2 to 1.10.0

lib/index.js

@@ -63,4 +63,5 @@ 'use strict';
       options.packagesFolder,
-      manifestType).then(createPackageTree);
+      manifestType,
+      options['assets-project-name']).then(createPackageTree);
   },
 };

lib/nuget-parser/index.js

@@ -6,2 +6,3 @@ 'use strict';
 const getTargetFrameworkFromProjFile = require('./csproj-parser');
+const _ = require('lodash');
 
@@ -36,3 +37,3 @@ const dotnetCoreParser = require('./dotnet-core-parser');
 module.exports = {
-  buildDepTreeFromFiles: function (root, targetFile, packagesFolderPath, manifestType) {
+  buildDepTreeFromFiles: function (root, targetFile, packagesFolderPath, manifestType, useProjectNameFromAssetsFile) {
     const fileContentPath = path.resolve(root || '.', targetFile || '.');
@@ -48,2 +49,9 @@ let fileContent;
 
+    const tree = {
+      name: path.basename(root || projectRootFolder),
+      version: '0.0.0',
+      packageFormatVersion: 'nuget:0.0.0',
+      dependencies: {},
+    };
+
     let targetFramework;
@@ -61,18 +69,21 @@ try {
 
-    debug('Loaded ' + targetFile + ' with manifest type ' + manifestType);
-
-    const tree = {
-      name: path.basename(root || projectRootFolder),
-      version: '0.0.0',
-      packageFormatVersion: 'nuget:0.0.0',
-      dependencies: {},
-      meta: {
-        targetFramework: targetFramework ? targetFramework.original : undefined, //TODO implement for more than one TF
-      },
+    tree.meta = {
+      targetFramework: targetFramework ? targetFramework.original : undefined, //TODO implement for more than one TF
     };
 
     const parser = PARSERS[manifestType];
+    let manifest = parser.fileContentParser.parse(fileContent, tree);
+
+    if (manifestType === 'dotnet-core' && useProjectNameFromAssetsFile) {
+      let projectName = _.get(manifest, 'project.restore.projectName');
+      if (projectName) {
+        tree.name = projectName;
+      } else {
+        debug("project.assets.json file doesn't contain a value for 'projectName'. Using default value: " + tree.name);
+      }
+    }
+
     return parser.depParser.parse(
       tree,
-      parser.fileContentParser.parse(fileContent, tree),
+      manifest,
       targetFramework,
@@ -79,0 +90,0 @@ packagesFolder);

package.json

@@ -37,3 +37,3 @@ {
   },
-  "version": "1.9.2"
+  "version": "1.10.0"
 }

README.md

@@ -11,2 +11,2 @@ ![Snyk logo](https://snyk.io/style/asset/logo/snyk-print.svg)
 
-The plugin provides dependency metadata for NuGet projects that manifest dependencies in `project.json` or `packages.config` files.
+The plugin provides dependency metadata for NuGet projects that manifest dependencies in `project.json`, `packages.config` or `project.assets.json` files.

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

34805

increased by1.25%

Lines of code

729

increased by1.39%

No dependency changes