snyk-nuget-plugin - npm Package Compare versions

Comparing version 1.26.0 to 1.27.0

dist/errors/index.js

 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.InvalidTargetFile = exports.InvalidManifestError = exports.FileNotProcessableError = exports.FileNotFoundError = exports.BigTreeError = void 0;
+exports.InvalidTargetFile = exports.InvalidManifestError = exports.FileNotProcessableError = exports.FileNotFoundError = exports.CliCommandError = exports.BigTreeError = void 0;
 var big_tree_error_1 = require("./big-tree-error");
 Object.defineProperty(exports, "BigTreeError", { enumerable: true, get: function () { return big_tree_error_1.BigTreeError; } });
+var cli_command_error_1 = require("./cli-command-error");
+Object.defineProperty(exports, "CliCommandError", { enumerable: true, get: function () { return cli_command_error_1.CliCommandError; } });
 var file_not_found_error_1 = require("./file-not-found-error");
@@ -7,0 +9,0 @@ Object.defineProperty(exports, "FileNotFoundError", { enumerable: true, get: function () { return file_not_found_error_1.FileNotFoundError; } });

dist/index.js

@@ -8,15 +8,16 @@ "use strict";
 const errors_1 = require("./errors");
+const types_1 = require("./nuget-parser/types");
 function determineManifestType(filename) {
     switch (true) {
         case /project.json$/.test(filename): {
-            return 'project.json';
+            return types_1.ManifestType.PROJECT_JSON;
         }
         case /project.assets.json$/.test(filename): {
-            return 'dotnet-core';
+            return types_1.ManifestType.DOTNET_CORE;
         }
         case /packages.config$/.test(filename): {
-            return 'packages.config';
+            return types_1.ManifestType.PACKAGES_CONFIG;
         }
         case /paket.dependencies$/.test(filename): {
-            return 'paket';
+            return types_1.ManifestType.PAKET;
         }
@@ -51,3 +52,3 @@ default: {
     };
-    if (manifestType === 'paket') {
+    if (manifestType === types_1.ManifestType.PAKET) {
         return paketParser
@@ -59,3 +60,3 @@ .buildDepTreeFromFiles(root, targetFile, path.join(path.dirname(targetFile), 'paket.lock'), options['include-dev'] || options.dev, // TODO: remove include-dev when no longer used.
     if (options['dotnet-runtime-resolution']) {
-        if (manifestType !== 'dotnet-core') {
+        if (manifestType !== types_1.ManifestType.DOTNET_CORE) {
             return Promise.reject(new Error('runtime resolution beta flag is currently only applicable for .net core projects'));
@@ -62,0 +63,0 @@ }

dist/nuget-parser/index.js

 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getMinimumTargetFrameworkFromPackagesConfig = exports.buildDepTreeFromFiles = exports.buildDepGraphFromFiles = void 0;
+exports.buildDepTreeFromFiles = exports.buildDepGraphFromFiles = void 0;
 const fs = require("fs");
 const path = require("path");
-const csproj_parser_1 = require("./csproj-parser");
+const csProjParser = require("./parsers/csproj-parser");
 const debugModule = require("debug");
-const dotnetCoreParser = require("./dotnet-core-parser");
-const dotnetCoreV2Parser = require("./dotnet-core-v2-parser");
-const dotnetFrameworkParser = require("./dotnet-framework-parser");
-const projectJsonParser = require("./project-json-parser");
-const packagesConfigParser = require("./packages-config-parser");
+const dotnetCoreParser = require("./parsers/dotnet-core-parser");
+const dotnetCoreV2Parser = require("./parsers/dotnet-core-v2-parser");
+const dotnetFrameworkParser = require("./parsers/dotnet-framework-parser");
+const projectJsonParser = require("./parsers/project-json-parser");
+const packagesConfigParser = require("./parsers/packages-config-parser");
 const errors_1 = require("../errors");
-const depsParser = require("dotnet-deps-parser");
-const framework_1 = require("./framework");
+const types_1 = require("./types");
 const debug = debugModule('snyk');
@@ -64,7 +63,8 @@ const PARSERS = {
     const projectRootFolder = path.resolve(fileContentPath, '../../');
-    const targetFramework = await (0, csproj_parser_1.getTargetFrameworksFromProjFile)(projectRootFolder);
+    const targetFramework = await csProjParser.getTargetFrameworksFromProjFile(projectRootFolder);
     const parser = PARSERS['dotnet-core-v2'];
     const manifest = await parser.fileContentParser.parse(fileContent);
     let resolvedProjectName = getRootName(root, projectRootFolder, projectNamePrefix);
-    if (manifestType === 'dotnet-core' && useProjectNameFromAssetsFile) {
+    if (manifestType === types_1.ManifestType.DOTNET_CORE &&
+        useProjectNameFromAssetsFile) {
         const projectName = (_b = (_a = manifest === null || manifest === void 0 ? void 0 : manifest.project) === null || _a === void 0 ? void 0 : _a.restore) === null || _b === void 0 ? void 0 : _b.projectName;
@@ -103,4 +103,4 @@ if (projectName) {
     try {
-        if (manifestType === 'dotnet-core') {
-            targetFramework = await (0, csproj_parser_1.getTargetFrameworksFromProjFile)(projectRootFolder);
+        if (manifestType === types_1.ManifestType.DOTNET_CORE) {
+            targetFramework = await csProjParser.getTargetFrameworksFromProjFile(projectRootFolder);
         }
@@ -110,8 +110,9 @@ else {
             const fileContentParentDirectory = path.resolve(fileContentPath, '../');
-            targetFramework = await (0, csproj_parser_1.getTargetFrameworksFromProjFile)(fileContentParentDirectory);
+            targetFramework = await csProjParser.getTargetFrameworksFromProjFile(fileContentParentDirectory);
             // finally, for the .NETFramework project, try to assume the framework using dotnet-deps-parser
             if (!targetFramework) {
                 // currently only process packages.config files
-                if (manifestType === 'packages.config') {
-                    targetFramework = await getMinimumTargetFrameworkFromPackagesConfig(fileContent);
+                if (manifestType === types_1.ManifestType.PACKAGES_CONFIG) {
+                    targetFramework =
+                        await packagesConfigParser.getMinimumTargetFramework(fileContent);
                 }
@@ -129,3 +130,4 @@ }
     const manifest = await parser.fileContentParser.parse(fileContent, tree);
-    if (manifestType === 'dotnet-core' && useProjectNameFromAssetsFile) {
+    if (manifestType === types_1.ManifestType.DOTNET_CORE &&
+        useProjectNameFromAssetsFile) {
         const projectName = (_b = (_a = manifest === null || manifest === void 0 ? void 0 : manifest.project) === null || _a === void 0 ? void 0 : _a.restore) === null || _b === void 0 ? void 0 : _b.projectName;
@@ -143,11 +145,2 @@ if (projectName) {
 exports.buildDepTreeFromFiles = buildDepTreeFromFiles;
-async function getMinimumTargetFrameworkFromPackagesConfig(fileContent) {
-    const extractedFrameworks = await depsParser.extractTargetFrameworksFromProjectConfig(fileContent);
-    if (extractedFrameworks && extractedFrameworks.length > 0) {
-        const minimumFramework = extractedFrameworks.reduce((prev, curr) => prev < curr ? prev : curr);
-        return (0, framework_1.toReadableFramework)(minimumFramework);
-    }
-    return undefined;
-}
-exports.getMinimumTargetFrameworkFromPackagesConfig = getMinimumTargetFrameworkFromPackagesConfig;
 //# sourceMappingURL=index.js.map

dist/nuget-parser/types.js

 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.ManifestType = void 0;
+var ManifestType;
+(function (ManifestType) {
+    ManifestType["PROJECT_JSON"] = "project.json";
+    ManifestType["DOTNET_CORE"] = "dotnet-core";
+    ManifestType["PACKAGES_CONFIG"] = "packages.config";
+    ManifestType["PAKET"] = "paket";
+})(ManifestType = exports.ManifestType || (exports.ManifestType = {}));
 //# sourceMappingURL=types.js.map

package.json

@@ -6,4 +6,4 @@ {
   "scripts": {
-    "test": "npm run lint && npm run test:unit",
-    "test:unit": "jest --coverage --silent=false --detectOpenHandles",
+    "test": "npm run test:unit",
+    "test:unit": "jest --coverage",
     "lint": "prettier --check \"./lib/**/*.ts\" && eslint -c .eslintrc.js \"./lib/**/*\"",
@@ -58,3 +58,3 @@ "lint:fix": "prettier --write \"./lib/**/*.ts\" && eslint -c .eslintrc.js --fix \"./lib/**/*\"",
   },
-  "version": "1.26.0"
+  "version": "1.27.0"
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

96208

increased by9.35%

Number of package files

43

increased by4.88%

Lines of code

1263

increased by9.45%

Worsened metrics

Number of medium supply chain risk alerts

2

increased byInfinity%

No dependency changes