snyk-nuget-plugin
Advanced tools
snyk-nuget-plugin - npm Package Compare versions
Comparing version 1.25.5 to 1.26.0
@@ -37,3 +37,2 @@ "use strict"; | ||
| const createPackageTree = (depTree) => { | ||
| // TODO implement for paket and more than one framework | ||
| const targetFramework = depTree.meta | ||
@@ -58,2 +57,17 @@ ? depTree.meta.targetFramework | ||
| } | ||
| if (options['dotnet-runtime-resolution']) { | ||
| if (manifestType !== 'dotnet-core') { | ||
| return Promise.reject(new Error('runtime resolution beta flag is currently only applicable for .net core projects')); | ||
| } | ||
| const result = await nugetParser.buildDepGraphFromFiles(root, targetFile, manifestType, options['assets-project-name'], options['project-name-prefix']); | ||
| return { | ||
| dependencyGraph: result.dependencyGraph, | ||
| package: 'n/a', | ||
| plugin: { | ||
| name: 'snyk-nuget-plugin', | ||
| targetFile, | ||
| targetRuntime: result.targetFramework, | ||
| }, | ||
| }; | ||
| } | ||
| return nugetParser | ||
@@ -60,0 +74,0 @@ .buildDepTreeFromFiles(root, targetFile, options.packagesFolder, manifestType, options['assets-project-name'], options['project-name-prefix']) |
| "use strict"; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
| exports.getMinimumTargetFrameworkFromPackagesConfig = exports.buildDepTreeFromFiles = void 0; | ||
| exports.getMinimumTargetFrameworkFromPackagesConfig = exports.buildDepTreeFromFiles = exports.buildDepGraphFromFiles = void 0; | ||
| const fs = require("fs"); | ||
@@ -8,4 +8,4 @@ const path = require("path"); | ||
| const debugModule = require("debug"); | ||
| const debug = debugModule('snyk'); | ||
| const dotnetCoreParser = require("./dotnet-core-parser"); | ||
| const dotnetCoreV2Parser = require("./dotnet-core-v2-parser"); | ||
| const dotnetFrameworkParser = require("./dotnet-framework-parser"); | ||
@@ -17,2 +17,3 @@ const projectJsonParser = require("./project-json-parser"); | ||
| const framework_1 = require("./framework"); | ||
| const debug = debugModule('snyk'); | ||
| const PARSERS = { | ||
@@ -23,2 +24,6 @@ 'dotnet-core': { | ||
| }, | ||
| 'dotnet-core-v2': { | ||
| depParser: dotnetCoreV2Parser, | ||
| fileContentParser: JSON, | ||
| }, | ||
| 'packages.config': { | ||
@@ -46,11 +51,6 @@ depParser: dotnetFrameworkParser, | ||
| } | ||
| async function buildDepTreeFromFiles(root, targetFile, packagesFolderPath, manifestType, useProjectNameFromAssetsFile, projectNamePrefix) { | ||
| var _a, _b; | ||
| const safeRoot = root || '.'; | ||
| const safeTargetFile = targetFile || '.'; | ||
| const fileContentPath = path.resolve(safeRoot, safeTargetFile); | ||
| let fileContent; | ||
| function getFileContents(fileContentPath) { | ||
| try { | ||
| debug(`Parsing content of ${fileContentPath}`); | ||
| fileContent = fs.readFileSync(fileContentPath, 'utf-8'); | ||
| return fs.readFileSync(fileContentPath, 'utf-8'); | ||
| } | ||
@@ -60,3 +60,38 @@ catch (error) { | ||
| } | ||
| } | ||
| async function buildDepGraphFromFiles(root, targetFile, manifestType, useProjectNameFromAssetsFile, projectNamePrefix) { | ||
| var _a, _b; | ||
| const safeRoot = root || '.'; | ||
| const safeTargetFile = targetFile || '.'; | ||
| const fileContentPath = path.resolve(safeRoot, safeTargetFile); | ||
| const fileContent = getFileContents(fileContentPath); | ||
| const projectRootFolder = path.resolve(fileContentPath, '../../'); | ||
| const targetFramework = await (0, csproj_parser_1.getTargetFrameworksFromProjFile)(projectRootFolder); | ||
| const parser = PARSERS['dotnet-core-v2']; | ||
| const manifest = await parser.fileContentParser.parse(fileContent); | ||
| let resolvedProjectName = getRootName(root, projectRootFolder, projectNamePrefix); | ||
| if (manifestType === 'dotnet-core' && useProjectNameFromAssetsFile) { | ||
| const projectName = (_b = (_a = manifest === null || manifest === void 0 ? void 0 : manifest.project) === null || _a === void 0 ? void 0 : _a.restore) === null || _b === void 0 ? void 0 : _b.projectName; | ||
| if (projectName) { | ||
| resolvedProjectName = projectName; | ||
| } | ||
| else { | ||
| debug("project.assets.json file doesn't contain a value for 'projectName'. Using default value: " + | ||
| resolvedProjectName); | ||
| } | ||
| } | ||
| const depGraph = parser.depParser.parse(resolvedProjectName, manifest); | ||
| return { | ||
| dependencyGraph: depGraph, | ||
| targetFramework: targetFramework === null || targetFramework === void 0 ? void 0 : targetFramework.original, | ||
| }; | ||
| } | ||
| exports.buildDepGraphFromFiles = buildDepGraphFromFiles; | ||
| async function buildDepTreeFromFiles(root, targetFile, packagesFolderPath, manifestType, useProjectNameFromAssetsFile, projectNamePrefix) { | ||
| var _a, _b; | ||
| const safeRoot = root || '.'; | ||
| const safeTargetFile = targetFile || '.'; | ||
| const fileContentPath = path.resolve(safeRoot, safeTargetFile); | ||
| const fileContent = getFileContents(fileContentPath); | ||
| const projectRootFolder = path.resolve(fileContentPath, '../../'); | ||
| const packagesFolder = getPackagesFolder(packagesFolderPath, projectRootFolder); | ||
@@ -63,0 +98,0 @@ const tree = { |
@@ -37,2 +37,3 @@ { | ||
| "dependencies": { | ||
| "@snyk/dep-graph": "^2.7.0", | ||
| "debug": "^4.3.4", | ||
@@ -57,3 +58,3 @@ "dotnet-deps-parser": "5.3.0", | ||
| }, | ||
| "version": "1.25.5" | ||
| "version": "1.26.0" | ||
| } |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by14.42%
87978
- Number of package files
- increased by5.13%
41
- Lines of code
- increased by12.26%
1154
Worsened metrics
- Dependency count
- increased by14.29%
8
Dependency changes
+ Added@snyk/dep-graph@^2.7.0
+ Added@snyk/dep-graph@2.9.0(transitive)
+ Addedevent-loop-spinner@2.3.2(transitive)
+ Addedlodash.clone@4.5.0(transitive)
+ Addedlodash.constant@3.0.0(transitive)
+ Addedlodash.filter@4.6.0(transitive)
+ Addedlodash.foreach@4.5.0(transitive)
+ Addedlodash.isempty@4.4.0(transitive)
+ Addedlodash.isequal@4.5.0(transitive)
+ Addedlodash.isfunction@3.0.9(transitive)
+ Addedlodash.isundefined@3.0.1(transitive)
+ Addedlodash.map@4.6.0(transitive)
+ Addedlodash.reduce@4.6.0(transitive)
+ Addedlodash.size@4.2.0(transitive)
+ Addedlodash.transform@4.6.0(transitive)
+ Addedlodash.union@4.6.0(transitive)
+ Addedlodash.values@4.3.0(transitive)
+ Addedobject-hash@3.0.0(transitive)
+ Addedpackageurl-js@1.2.0(transitive)
+ Addedsemver@7.6.3(transitive)