snyk-nuget-plugin
Advanced tools
Comparing version 1.23.2 to 1.23.3
@@ -53,3 +53,7 @@ "use strict"; | ||
} | ||
return await nuspecZipData.files[nuspecFile].async('text'); | ||
const rawNuspecContent = await nuspecZipData.files[nuspecFile].async('text'); | ||
const encoding = detectNuspecContentEncoding(rawNuspecContent); | ||
const encodedNuspecContent = Buffer.from(rawNuspecContent).toString(encoding); | ||
const normalisedNuspecContent = removePotentialUtf16Characters(encodedNuspecContent); | ||
return normalisedNuspecContent; | ||
} | ||
@@ -59,3 +63,3 @@ //this is exported for testing, but should not executed directly. Hence the '_' in the name. | ||
var _a; | ||
const parsedNuspec = await parseXML.parseStringPromise(nuspecContent.trim()); | ||
const parsedNuspec = await parseXML.parseStringPromise(nuspecContent); | ||
let ownDeps = []; | ||
@@ -175,2 +179,22 @@ //note: this will throw if assertion fails | ||
} | ||
var SupportedEncodings; | ||
(function (SupportedEncodings) { | ||
SupportedEncodings["UTF8"] = "utf-8"; | ||
SupportedEncodings["UTF16LE"] = "utf-16le"; | ||
})(SupportedEncodings || (SupportedEncodings = {})); | ||
function detectNuspecContentEncoding(nuspecContent) { | ||
// 65533 is a code for replacement character that is unique to UTF-16 | ||
// https://www.unicodepedia.com/unicode/specials/fffd/replacement-character/ | ||
if (nuspecContent.charCodeAt(0) === 65533) { | ||
return SupportedEncodings.UTF16LE; | ||
} | ||
return SupportedEncodings.UTF8; | ||
} | ||
function removePotentialUtf16Characters(input) { | ||
return input | ||
.replace(/\uFFFD/g, '') | ||
.replace(/\uBFEF/g, '') | ||
.replace(/\uBDBF/g, '') | ||
.replace(/\uEFBD/g, ''); | ||
} | ||
//# sourceMappingURL=nuspec-parser.js.map |
@@ -57,3 +57,3 @@ { | ||
}, | ||
"version": "1.23.2" | ||
"version": "1.23.3" | ||
} |
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
74841
1009