snyk-nuget-plugin
Advanced tools
snyk-nuget-plugin - npm Package Compare versions
Comparing version 1.23.2 to 1.23.3
@@ -53,3 +53,7 @@ "use strict"; | ||
| } | ||
| return await nuspecZipData.files[nuspecFile].async('text'); | ||
| const rawNuspecContent = await nuspecZipData.files[nuspecFile].async('text'); | ||
| const encoding = detectNuspecContentEncoding(rawNuspecContent); | ||
| const encodedNuspecContent = Buffer.from(rawNuspecContent).toString(encoding); | ||
| const normalisedNuspecContent = removePotentialUtf16Characters(encodedNuspecContent); | ||
| return normalisedNuspecContent; | ||
| } | ||
@@ -59,3 +63,3 @@ //this is exported for testing, but should not executed directly. Hence the '_' in the name. | ||
| var _a; | ||
| const parsedNuspec = await parseXML.parseStringPromise(nuspecContent.trim()); | ||
| const parsedNuspec = await parseXML.parseStringPromise(nuspecContent); | ||
| let ownDeps = []; | ||
@@ -175,2 +179,22 @@ //note: this will throw if assertion fails | ||
| } | ||
| var SupportedEncodings; | ||
| (function (SupportedEncodings) { | ||
| SupportedEncodings["UTF8"] = "utf-8"; | ||
| SupportedEncodings["UTF16LE"] = "utf-16le"; | ||
| })(SupportedEncodings || (SupportedEncodings = {})); | ||
| function detectNuspecContentEncoding(nuspecContent) { | ||
| // 65533 is a code for replacement character that is unique to UTF-16 | ||
| // https://www.unicodepedia.com/unicode/specials/fffd/replacement-character/ | ||
| if (nuspecContent.charCodeAt(0) === 65533) { | ||
| return SupportedEncodings.UTF16LE; | ||
| } | ||
| return SupportedEncodings.UTF8; | ||
| } | ||
| function removePotentialUtf16Characters(input) { | ||
| return input | ||
| .replace(/\uFFFD/g, '') | ||
| .replace(/\uBFEF/g, '') | ||
| .replace(/\uBDBF/g, '') | ||
| .replace(/\uEFBD/g, ''); | ||
| } | ||
| //# sourceMappingURL=nuspec-parser.js.map |
@@ -57,3 +57,3 @@ { | ||
| }, | ||
| "version": "1.23.2" | ||
| "version": "1.23.3" | ||
| } |
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by2.38%
74841
- Lines of code
- increased by2.44%
1009
No dependency changes