snyk-nuget-plugin
Advanced tools
Comparing version 1.17.0 to 1.18.0
"use strict"; | ||
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { | ||
return new (P || (P = Promise))(function (resolve, reject) { | ||
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } | ||
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } | ||
function step(result) { result.done ? resolve(result.value) : new P(function (resolve) { resolve(result.value); }).then(fulfilled, rejected); } | ||
step((generator = generator.apply(thisArg, _arguments || [])).next()); | ||
}); | ||
}; | ||
Object.defineProperty(exports, "__esModule", { value: true }); | ||
@@ -34,33 +26,31 @@ const path = require("path"); | ||
} | ||
function inspect(root, targetFile, options) { | ||
return __awaiter(this, void 0, void 0, function* () { | ||
options = options || {}; | ||
let manifestType; | ||
try { | ||
manifestType = determineManifestType(path.basename(targetFile || root)); | ||
} | ||
catch (error) { | ||
return Promise.reject(error); | ||
} | ||
const createPackageTree = (depTree) => { | ||
// TODO implement for paket and more than one framework | ||
const targetFramework = depTree.meta ? depTree.meta.targetFramework : undefined; | ||
delete depTree.meta; | ||
return { | ||
package: depTree, | ||
plugin: { | ||
name: 'snyk-nuget-plugin', | ||
targetFile, | ||
targetRuntime: targetFramework, | ||
}, | ||
}; | ||
async function inspect(root, targetFile, options) { | ||
options = options || {}; | ||
let manifestType; | ||
try { | ||
manifestType = determineManifestType(path.basename(targetFile || root)); | ||
} | ||
catch (error) { | ||
return Promise.reject(error); | ||
} | ||
const createPackageTree = (depTree) => { | ||
// TODO implement for paket and more than one framework | ||
const targetFramework = depTree.meta ? depTree.meta.targetFramework : undefined; | ||
delete depTree.meta; | ||
return { | ||
package: depTree, | ||
plugin: { | ||
name: 'snyk-nuget-plugin', | ||
targetFile, | ||
targetRuntime: targetFramework, | ||
}, | ||
}; | ||
if (manifestType === 'paket') { | ||
return paketParser.buildDepTreeFromFiles(root, targetFile, path.join(path.dirname(targetFile), 'paket.lock'), options['include-dev'] || options.dev, // TODO: remove include-dev when no longer used. | ||
options.strict).then(createPackageTree); | ||
} | ||
return nugetParser.buildDepTreeFromFiles(root, targetFile, options.packagesFolder, manifestType, options['assets-project-name']).then(createPackageTree); | ||
}); | ||
}; | ||
if (manifestType === 'paket') { | ||
return paketParser.buildDepTreeFromFiles(root, targetFile, path.join(path.dirname(targetFile), 'paket.lock'), options['include-dev'] || options.dev, // TODO: remove include-dev when no longer used. | ||
options.strict).then(createPackageTree); | ||
} | ||
return nugetParser.buildDepTreeFromFiles(root, targetFile, options.packagesFolder, manifestType, options['assets-project-name']).then(createPackageTree); | ||
} | ||
exports.inspect = inspect; | ||
//# sourceMappingURL=index.js.map |
"use strict"; | ||
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { | ||
return new (P || (P = Promise))(function (resolve, reject) { | ||
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } | ||
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } | ||
function step(result) { result.done ? resolve(result.value) : new P(function (resolve) { resolve(result.value); }).then(fulfilled, rejected); } | ||
step((generator = generator.apply(thisArg, _arguments || [])).next()); | ||
}); | ||
}; | ||
Object.defineProperty(exports, "__esModule", { value: true }); | ||
@@ -19,34 +11,32 @@ const errors_1 = require("../errors"); | ||
const debug = debugModule('snyk'); | ||
function getTargetFrameworksFromProjFile(rootDir) { | ||
return __awaiter(this, void 0, void 0, function* () { | ||
return new Promise((resolve, reject) => { | ||
debug('Looking for your .csproj file in ' + rootDir); | ||
const csprojPath = findFile(rootDir, /.*\.csproj$/); | ||
if (csprojPath) { | ||
debug('Checking .net framework version in .csproj file ' + csprojPath); | ||
const csprojContents = fs.readFileSync(csprojPath); | ||
let frameworks = []; | ||
parseXML.parseString(csprojContents, (err, parsedCsprojContents) => { | ||
if (err) { | ||
reject(new errors_1.FileNotProcessableError(err)); | ||
} | ||
const versionLoc = _.get(parsedCsprojContents, 'Project.PropertyGroup[0]'); | ||
const versions = _.compact(_.concat([], _.get(versionLoc, 'TargetFrameworkVersion[0]') || | ||
_.get(versionLoc, 'TargetFramework[0]') || | ||
_.get(versionLoc, 'TargetFrameworks[0]', '').split(';'))); | ||
if (versions.length < 1) { | ||
debug('Could not find TargetFrameworkVersion/TargetFramework' + | ||
'/TargetFrameworks defined in the Project.PropertyGroup field of ' + | ||
'your .csproj file'); | ||
} | ||
frameworks = _.compact(_.map(versions, framework_1.toReadableFramework)); | ||
if (versions.length > 1 && frameworks.length < 1) { | ||
debug('Could not find valid/supported .NET version in csproj file located at' + csprojPath); | ||
} | ||
resolve(frameworks[0]); | ||
}); | ||
} | ||
debug('.csproj file not found in ' + rootDir + '.'); | ||
resolve(); | ||
}); | ||
async function getTargetFrameworksFromProjFile(rootDir) { | ||
return new Promise((resolve, reject) => { | ||
debug('Looking for your .csproj file in ' + rootDir); | ||
const csprojPath = findFile(rootDir, /.*\.csproj$/); | ||
if (csprojPath) { | ||
debug('Checking .net framework version in .csproj file ' + csprojPath); | ||
const csprojContents = fs.readFileSync(csprojPath); | ||
let frameworks = []; | ||
parseXML.parseString(csprojContents, (err, parsedCsprojContents) => { | ||
if (err) { | ||
reject(new errors_1.FileNotProcessableError(err)); | ||
} | ||
const versionLoc = _.get(parsedCsprojContents, 'Project.PropertyGroup[0]'); | ||
const versions = _.compact(_.concat([], _.get(versionLoc, 'TargetFrameworkVersion[0]') || | ||
_.get(versionLoc, 'TargetFramework[0]') || | ||
_.get(versionLoc, 'TargetFrameworks[0]', '').split(';'))); | ||
if (versions.length < 1) { | ||
debug('Could not find TargetFrameworkVersion/TargetFramework' + | ||
'/TargetFrameworks defined in the Project.PropertyGroup field of ' + | ||
'your .csproj file'); | ||
} | ||
frameworks = _.compact(_.map(versions, framework_1.toReadableFramework)); | ||
if (versions.length > 1 && frameworks.length < 1) { | ||
debug('Could not find valid/supported .NET version in csproj file located at' + csprojPath); | ||
} | ||
resolve(frameworks[0]); | ||
}); | ||
} | ||
debug('.csproj file not found in ' + rootDir + '.'); | ||
resolve(); | ||
}); | ||
@@ -53,0 +43,0 @@ } |
"use strict"; | ||
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { | ||
return new (P || (P = Promise))(function (resolve, reject) { | ||
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } | ||
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } | ||
function step(result) { result.done ? resolve(result.value) : new P(function (resolve) { resolve(result.value); }).then(fulfilled, rejected); } | ||
step((generator = generator.apply(thisArg, _arguments || [])).next()); | ||
}); | ||
}; | ||
Object.defineProperty(exports, "__esModule", { value: true }); | ||
@@ -150,27 +142,25 @@ const errors_1 = require("../errors"); | ||
} | ||
function parse(tree, manifest) { | ||
return __awaiter(this, void 0, void 0, function* () { | ||
debug('Trying to parse dot-net-cli manifest'); | ||
validateManifest(manifest); | ||
if (manifest.project.version) { | ||
tree.version = manifest.project.version; | ||
} | ||
// If a targetFramework was not found in the proj file, we will extract it from the lock file | ||
if (!tree.meta.targetFramework) { | ||
tree.meta.targetFramework = getFrameworkToRun(manifest); | ||
} | ||
const selectedFrameworkObj = manifest.project.frameworks[tree.meta.targetFramework]; | ||
// We currently ignore the found targetFramework when looking for target dependencies | ||
const selectedTargetObj = getTargetObjToRun(manifest); | ||
initFreqDepsDict(); | ||
const directDependencies = selectedFrameworkObj.dependencies ? collectFlatList(selectedFrameworkObj.dependencies) : []; | ||
debug(`directDependencies: '${directDependencies}'`); | ||
tree.dependencies = buildBfsTree(selectedTargetObj, directDependencies); | ||
// to disconnect the object references inside the tree | ||
// JSON parse/stringify is used | ||
tree.dependencies = JSON.parse(JSON.stringify(tree.dependencies)); | ||
return tree; | ||
}); | ||
async function parse(tree, manifest) { | ||
debug('Trying to parse dot-net-cli manifest'); | ||
validateManifest(manifest); | ||
if (manifest.project.version) { | ||
tree.version = manifest.project.version; | ||
} | ||
// If a targetFramework was not found in the proj file, we will extract it from the lock file | ||
if (!tree.meta.targetFramework) { | ||
tree.meta.targetFramework = getFrameworkToRun(manifest); | ||
} | ||
const selectedFrameworkObj = manifest.project.frameworks[tree.meta.targetFramework]; | ||
// We currently ignore the found targetFramework when looking for target dependencies | ||
const selectedTargetObj = getTargetObjToRun(manifest); | ||
initFreqDepsDict(); | ||
const directDependencies = selectedFrameworkObj.dependencies ? collectFlatList(selectedFrameworkObj.dependencies) : []; | ||
debug(`directDependencies: '${directDependencies}'`); | ||
tree.dependencies = buildBfsTree(selectedTargetObj, directDependencies); | ||
// to disconnect the object references inside the tree | ||
// JSON parse/stringify is used | ||
tree.dependencies = JSON.parse(JSON.stringify(tree.dependencies)); | ||
return tree; | ||
} | ||
exports.parse = parse; | ||
//# sourceMappingURL=dotnet-core-parser.js.map |
"use strict"; | ||
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { | ||
return new (P || (P = Promise))(function (resolve, reject) { | ||
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } | ||
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } | ||
function step(result) { result.done ? resolve(result.value) : new P(function (resolve) { resolve(result.value); }).then(fulfilled, rejected); } | ||
step((generator = generator.apply(thisArg, _arguments || [])).next()); | ||
}); | ||
}; | ||
Object.defineProperty(exports, "__esModule", { value: true }); | ||
@@ -70,14 +62,12 @@ const fs = require("fs"); | ||
} | ||
function fetchNugetInformationFromPackages(flattenedPackageList, targetFramework) { | ||
return __awaiter(this, void 0, void 0, function* () { | ||
const nugetPackageInformation = []; | ||
// begin collecting information from .nuget files on installed packages | ||
debug('Trying to analyze .nuspec files'); | ||
for (const name of Object.keys(flattenedPackageList)) { | ||
const dep = flattenedPackageList[name]; | ||
debug('...' + name); | ||
nugetPackageInformation.push(yield nuspec_parser_1.parseNuspec(dep, targetFramework)); | ||
} | ||
return nugetPackageInformation; | ||
}); | ||
async function fetchNugetInformationFromPackages(flattenedPackageList, targetFramework) { | ||
const nugetPackageInformation = []; | ||
// begin collecting information from .nuget files on installed packages | ||
debug('Trying to analyze .nuspec files'); | ||
for (const name of Object.keys(flattenedPackageList)) { | ||
const dep = flattenedPackageList[name]; | ||
debug('...' + name); | ||
nugetPackageInformation.push(await nuspec_parser_1.parseNuspec(dep, targetFramework)); | ||
} | ||
return nugetPackageInformation; | ||
} | ||
@@ -116,31 +106,29 @@ function processNugetInformation(nuspecResolutionChain) { | ||
} | ||
function parse(tree, manifest, targetFramework, packagesFolder) { | ||
return __awaiter(this, void 0, void 0, function* () { | ||
if (!targetFramework) { | ||
throw new Error('No valid Dotnet target framework found'); | ||
async function parse(tree, manifest, targetFramework, packagesFolder) { | ||
if (!targetFramework) { | ||
throw new Error('No valid Dotnet target framework found'); | ||
} | ||
const flattenedPackageList = scanInstalled(manifest, packagesFolder); | ||
const nugetPackageInformation = await fetchNugetInformationFromPackages(flattenedPackageList, targetFramework); | ||
const nuspecResolutions = processNugetInformation(nugetPackageInformation); | ||
// .nuget parsing is complete, returned as array of promise resolutions | ||
// now the flat list should be rebuilt as a tree | ||
debug('Building dependency tree'); | ||
const nugetKeys = Object.keys(nuspecResolutions); | ||
Object.keys(flattenedPackageList).forEach((packageName) => { | ||
tree.dependencies[packageName] = | ||
dependency_1.cloneShallow(flattenedPackageList[packageName]); | ||
}); | ||
if (nugetKeys.length > 0) { | ||
// local folders scanned, build list from .nuspec | ||
for (const key of nugetKeys) { | ||
const resolution = nuspecResolutions[key]; | ||
const node = dependency_1.cloneShallow(flattenedPackageList[resolution.name]); | ||
buildTree(node, resolution.children, flattenedPackageList, nuspecResolutions); | ||
tree.dependencies[node.name] = node; | ||
} | ||
const flattenedPackageList = scanInstalled(manifest, packagesFolder); | ||
const nugetPackageInformation = yield fetchNugetInformationFromPackages(flattenedPackageList, targetFramework); | ||
const nuspecResolutions = processNugetInformation(nugetPackageInformation); | ||
// .nuget parsing is complete, returned as array of promise resolutions | ||
// now the flat list should be rebuilt as a tree | ||
debug('Building dependency tree'); | ||
const nugetKeys = Object.keys(nuspecResolutions); | ||
Object.keys(flattenedPackageList).forEach((packageName) => { | ||
tree.dependencies[packageName] = | ||
dependency_1.cloneShallow(flattenedPackageList[packageName]); | ||
}); | ||
if (nugetKeys.length > 0) { | ||
// local folders scanned, build list from .nuspec | ||
for (const key of nugetKeys) { | ||
const resolution = nuspecResolutions[key]; | ||
const node = dependency_1.cloneShallow(flattenedPackageList[resolution.name]); | ||
buildTree(node, resolution.children, flattenedPackageList, nuspecResolutions); | ||
tree.dependencies[node.name] = node; | ||
} | ||
} | ||
return tree; | ||
}); | ||
} | ||
return tree; | ||
} | ||
exports.parse = parse; | ||
//# sourceMappingURL=dotnet-framework-parser.js.map |
"use strict"; | ||
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { | ||
return new (P || (P = Promise))(function (resolve, reject) { | ||
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } | ||
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } | ||
function step(result) { result.done ? resolve(result.value) : new P(function (resolve) { resolve(result.value); }).then(fulfilled, rejected); } | ||
step((generator = generator.apply(thisArg, _arguments || [])).next()); | ||
}); | ||
}; | ||
Object.defineProperty(exports, "__esModule", { value: true }); | ||
@@ -44,74 +36,70 @@ const fs = require("fs"); | ||
} | ||
function buildDepTreeFromFiles(root, targetFile, packagesFolderPath, manifestType, useProjectNameFromAssetsFile) { | ||
return __awaiter(this, void 0, void 0, function* () { | ||
const safeRoot = root || '.'; | ||
const safeTargetFile = targetFile || '.'; | ||
const fileContentPath = path.resolve(safeRoot, safeTargetFile); | ||
let fileContent; | ||
try { | ||
debug(`Parsing content of ${fileContentPath}`); | ||
fileContent = fs.readFileSync(fileContentPath, 'utf-8'); | ||
async function buildDepTreeFromFiles(root, targetFile, packagesFolderPath, manifestType, useProjectNameFromAssetsFile) { | ||
const safeRoot = root || '.'; | ||
const safeTargetFile = targetFile || '.'; | ||
const fileContentPath = path.resolve(safeRoot, safeTargetFile); | ||
let fileContent; | ||
try { | ||
debug(`Parsing content of ${fileContentPath}`); | ||
fileContent = fs.readFileSync(fileContentPath, 'utf-8'); | ||
} | ||
catch (error) { | ||
throw new errors_1.FileNotProcessableError(error); | ||
} | ||
const projectRootFolder = path.resolve(fileContentPath, '../../'); | ||
const packagesFolder = getPackagesFolder(packagesFolderPath, projectRootFolder); | ||
const tree = { | ||
dependencies: {}, | ||
meta: {}, | ||
name: path.basename(root || projectRootFolder), | ||
packageFormatVersion: 'nuget:0.0.0', | ||
version: '0.0.0', | ||
}; | ||
let targetFramework; | ||
try { | ||
if (manifestType === 'dotnet-core') { | ||
targetFramework = await csproj_parser_1.getTargetFrameworksFromProjFile(projectRootFolder); | ||
} | ||
catch (error) { | ||
throw new errors_1.FileNotProcessableError(error); | ||
} | ||
const projectRootFolder = path.resolve(fileContentPath, '../../'); | ||
const packagesFolder = getPackagesFolder(packagesFolderPath, projectRootFolder); | ||
const tree = { | ||
dependencies: {}, | ||
meta: {}, | ||
name: path.basename(root || projectRootFolder), | ||
packageFormatVersion: 'nuget:0.0.0', | ||
version: '0.0.0', | ||
}; | ||
let targetFramework; | ||
try { | ||
if (manifestType === 'dotnet-core') { | ||
targetFramework = yield csproj_parser_1.getTargetFrameworksFromProjFile(projectRootFolder); | ||
} | ||
else { | ||
// .csproj is in the same directory as packages.config or project.json | ||
const fileContentParentDirectory = path.resolve(fileContentPath, '../'); | ||
targetFramework = yield csproj_parser_1.getTargetFrameworksFromProjFile(fileContentParentDirectory); | ||
// finally, for the .NETFramework project, try to assume the framework using dotnet-deps-parser | ||
if (!targetFramework) { | ||
// currently only process packages.config files | ||
if (manifestType === 'packages.config') { | ||
targetFramework = yield getMinimumTargetFrameworkFromPackagesConfig(fileContent); | ||
} | ||
else { | ||
// .csproj is in the same directory as packages.config or project.json | ||
const fileContentParentDirectory = path.resolve(fileContentPath, '../'); | ||
targetFramework = await csproj_parser_1.getTargetFrameworksFromProjFile(fileContentParentDirectory); | ||
// finally, for the .NETFramework project, try to assume the framework using dotnet-deps-parser | ||
if (!targetFramework) { | ||
// currently only process packages.config files | ||
if (manifestType === 'packages.config') { | ||
targetFramework = await getMinimumTargetFrameworkFromPackagesConfig(fileContent); | ||
} | ||
} | ||
} | ||
catch (error) { | ||
return Promise.reject(error); | ||
} | ||
catch (error) { | ||
return Promise.reject(error); | ||
} | ||
tree.meta = { | ||
targetFramework: targetFramework ? targetFramework.original : undefined, | ||
}; | ||
const parser = PARSERS[manifestType]; | ||
const manifest = await parser.fileContentParser.parse(fileContent, tree); | ||
if (manifestType === 'dotnet-core' && useProjectNameFromAssetsFile) { | ||
const projectName = _.get(manifest, 'project.restore.projectName'); | ||
if (projectName) { | ||
tree.name = projectName; | ||
} | ||
tree.meta = { | ||
targetFramework: targetFramework ? targetFramework.original : undefined, | ||
}; | ||
const parser = PARSERS[manifestType]; | ||
const manifest = yield parser.fileContentParser.parse(fileContent, tree); | ||
if (manifestType === 'dotnet-core' && useProjectNameFromAssetsFile) { | ||
const projectName = _.get(manifest, 'project.restore.projectName'); | ||
if (projectName) { | ||
tree.name = projectName; | ||
} | ||
else { | ||
debug("project.assets.json file doesn't contain a value for 'projectName'. Using default value: " + tree.name); | ||
} | ||
else { | ||
debug("project.assets.json file doesn't contain a value for 'projectName'. Using default value: " + tree.name); | ||
} | ||
return parser.depParser.parse(tree, manifest, targetFramework, packagesFolder); | ||
}); | ||
} | ||
return parser.depParser.parse(tree, manifest, targetFramework, packagesFolder); | ||
} | ||
exports.buildDepTreeFromFiles = buildDepTreeFromFiles; | ||
function getMinimumTargetFrameworkFromPackagesConfig(fileContent) { | ||
return __awaiter(this, void 0, void 0, function* () { | ||
const extractedFrameworks = yield depsParser.extractTargetFrameworksFromProjectConfig(fileContent); | ||
if (extractedFrameworks && extractedFrameworks.length > 0) { | ||
const minimumFramework = extractedFrameworks.reduce((prev, curr) => prev < curr ? prev : curr); | ||
return framework_1.toReadableFramework(minimumFramework); | ||
} | ||
return undefined; | ||
}); | ||
async function getMinimumTargetFrameworkFromPackagesConfig(fileContent) { | ||
const extractedFrameworks = await depsParser.extractTargetFrameworksFromProjectConfig(fileContent); | ||
if (extractedFrameworks && extractedFrameworks.length > 0) { | ||
const minimumFramework = extractedFrameworks.reduce((prev, curr) => prev < curr ? prev : curr); | ||
return framework_1.toReadableFramework(minimumFramework); | ||
} | ||
return undefined; | ||
} | ||
exports.getMinimumTargetFrameworkFromPackagesConfig = getMinimumTargetFrameworkFromPackagesConfig; | ||
//# sourceMappingURL=index.js.map |
"use strict"; | ||
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { | ||
return new (P || (P = Promise))(function (resolve, reject) { | ||
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } | ||
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } | ||
function step(result) { result.done ? resolve(result.value) : new P(function (resolve) { resolve(result.value); }).then(fulfilled, rejected); } | ||
step((generator = generator.apply(thisArg, _arguments || [])).next()); | ||
}); | ||
}; | ||
Object.defineProperty(exports, "__esModule", { value: true }); | ||
@@ -19,57 +11,55 @@ const JSZip = require("jszip"); | ||
const targetFrameworkRegex = /([.a-zA-Z]+)([.0-9]+)/; | ||
function parseNuspec(dep, targetFramework) { | ||
return __awaiter(this, void 0, void 0, function* () { | ||
return Promise.resolve() | ||
.then(() => { | ||
const nupkgPath = path.resolve(dep.path, dep.name + '.' + dep.version + '.nupkg'); | ||
const nupkgData = fs.readFileSync(nupkgPath); | ||
return JSZip.loadAsync(nupkgData); | ||
}) | ||
.then((nuspecZipData) => { | ||
const nuspecFiles = Object.keys(nuspecZipData.files).filter((file) => { | ||
return (path.extname(file) === '.nuspec'); | ||
}); | ||
return nuspecZipData.files[nuspecFiles[0]].async('string'); | ||
}) | ||
.then((nuspecContent) => { | ||
return new Promise((resolve, reject) => { | ||
parseXML.parseString(nuspecContent, (err, result) => { | ||
if (err) { | ||
return reject(err); | ||
} | ||
let ownDeps = []; | ||
// We are only going to check the first targetFramework we encounter | ||
// in the future we may want to support multiple, but only once | ||
// we have dependency version conflict resolution implemented | ||
_(result.package.metadata).forEach((metadata) => { | ||
_(metadata.dependencies).forEach((rawDependency) => { | ||
// Find and add target framework version specific dependencies | ||
const depsForTargetFramework = extractDepsForTargetFramework(rawDependency, targetFramework); | ||
if (depsForTargetFramework && depsForTargetFramework.group) { | ||
ownDeps = _.concat(ownDeps, extractDepsFromRaw(depsForTargetFramework.group.dependency)); | ||
} | ||
// Find all groups with no targetFramework attribute | ||
// add their deps | ||
const depsFromPlainGroups = extractDepsForPlainGroups(rawDependency); | ||
if (depsFromPlainGroups) { | ||
depsFromPlainGroups.forEach((depGroup) => { | ||
ownDeps = _.concat(ownDeps, extractDepsFromRaw(depGroup.dependency)); | ||
}); | ||
} | ||
// Add the default dependencies | ||
ownDeps = _.concat(ownDeps, extractDepsFromRaw(rawDependency.dependency)); | ||
}); | ||
async function parseNuspec(dep, targetFramework) { | ||
return Promise.resolve() | ||
.then(() => { | ||
const nupkgPath = path.resolve(dep.path, dep.name + '.' + dep.version + '.nupkg'); | ||
const nupkgData = fs.readFileSync(nupkgPath); | ||
return JSZip.loadAsync(nupkgData); | ||
}) | ||
.then((nuspecZipData) => { | ||
const nuspecFiles = Object.keys(nuspecZipData.files).filter((file) => { | ||
return (path.extname(file) === '.nuspec'); | ||
}); | ||
return nuspecZipData.files[nuspecFiles[0]].async('string'); | ||
}) | ||
.then((nuspecContent) => { | ||
return new Promise((resolve, reject) => { | ||
parseXML.parseString(nuspecContent, (err, result) => { | ||
if (err) { | ||
return reject(err); | ||
} | ||
let ownDeps = []; | ||
// We are only going to check the first targetFramework we encounter | ||
// in the future we may want to support multiple, but only once | ||
// we have dependency version conflict resolution implemented | ||
_(result.package.metadata).forEach((metadata) => { | ||
_(metadata.dependencies).forEach((rawDependency) => { | ||
// Find and add target framework version specific dependencies | ||
const depsForTargetFramework = extractDepsForTargetFramework(rawDependency, targetFramework); | ||
if (depsForTargetFramework && depsForTargetFramework.group) { | ||
ownDeps = _.concat(ownDeps, extractDepsFromRaw(depsForTargetFramework.group.dependency)); | ||
} | ||
// Find all groups with no targetFramework attribute | ||
// add their deps | ||
const depsFromPlainGroups = extractDepsForPlainGroups(rawDependency); | ||
if (depsFromPlainGroups) { | ||
depsFromPlainGroups.forEach((depGroup) => { | ||
ownDeps = _.concat(ownDeps, extractDepsFromRaw(depGroup.dependency)); | ||
}); | ||
} | ||
// Add the default dependencies | ||
ownDeps = _.concat(ownDeps, extractDepsFromRaw(rawDependency.dependency)); | ||
}); | ||
return resolve({ | ||
children: ownDeps, | ||
name: dep.name, | ||
}); | ||
}); | ||
return resolve({ | ||
children: ownDeps, | ||
name: dep.name, | ||
}); | ||
}); | ||
}) | ||
.catch((err) => { | ||
// parsing problems are coerced into an empty nuspec | ||
debug('Error parsing dependency', JSON.stringify(dep), err); | ||
return null; | ||
}); | ||
}) | ||
.catch((err) => { | ||
// parsing problems are coerced into an empty nuspec | ||
debug('Error parsing dependency', JSON.stringify(dep), err); | ||
return null; | ||
}); | ||
@@ -76,0 +66,0 @@ } |
@@ -7,3 +7,3 @@ { | ||
"test": "npm run eslint && npm run unit-test", | ||
"unit-test": "tap -Rspec ./test/*.test.[tj]s --timeout=300", | ||
"unit-test": "tap --no-coverage test/*.test.ts --timeout=300", | ||
"eslint": "eslint -c .eslintrc.js lib/**/*", | ||
@@ -26,3 +26,3 @@ "build": "tsc", | ||
"engines": { | ||
"node": ">=6" | ||
"node": ">=8" | ||
}, | ||
@@ -39,19 +39,18 @@ "files": [ | ||
"@snyk/lodash": "4.17.15-patch", | ||
"debug": "^3.1.0", | ||
"debug": "^4.1.1", | ||
"dotnet-deps-parser": "4.10.0", | ||
"jszip": "3.1.5", | ||
"jszip": "3.3.0", | ||
"snyk-paket-parser": "1.6.0", | ||
"tslib": "^1.9.3", | ||
"tslib": "^1.11.2", | ||
"xml2js": "^0.4.17" | ||
}, | ||
"devDependencies": { | ||
"@typescript-eslint/eslint-plugin": "^1.12.0", | ||
"@typescript-eslint/parser": "^1.12.0", | ||
"@types/node": "^6.14.4", | ||
"@types/uuid": "^3.4.4", | ||
"tap": "^12.6.1", | ||
"eslint": "^5.16.0", | ||
"typescript": "3.0.1" | ||
"@typescript-eslint/eslint-plugin": "^2.31.0", | ||
"@typescript-eslint/parser": "^2.31.0", | ||
"@types/node": "^8.10.60", | ||
"tap": "^14.10.7", | ||
"eslint": "^6.8.0", | ||
"typescript": "^3.8.3" | ||
}, | ||
"version": "1.17.0" | ||
"version": "1.18.0" | ||
} |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
6
64410
851
+ Addeddebug@4.3.7(transitive)
+ Addedjszip@3.3.0(transitive)
+ Addedlie@3.3.0(transitive)
+ Addedprocess-nextick-args@2.0.1(transitive)
+ Addedreadable-stream@2.3.8(transitive)
+ Addedsafe-buffer@5.1.2(transitive)
+ Addedset-immediate-shim@1.0.1(transitive)
+ Addedstring_decoder@1.1.1(transitive)
- Removedcore-js@2.3.0(transitive)
- Removeddebug@3.2.7(transitive)
- Removedes6-promise@3.0.2(transitive)
- Removedjszip@3.1.5(transitive)
- Removedlie@3.1.1(transitive)
- Removedprocess-nextick-args@1.0.7(transitive)
- Removedreadable-stream@2.0.6(transitive)
- Removedstring_decoder@0.10.31(transitive)
Updateddebug@^4.1.1
Updatedjszip@3.3.0
Updatedtslib@^1.11.2