Socket
Socket
Sign inDemoInstall

snyk-nuget-plugin

Package Overview
Dependencies
Maintainers
1
Versions
123
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

snyk-nuget-plugin - npm Package Compare versions

Comparing version 1.3.2 to 1.3.3

lib/formats/dotnet-cli-parser.js

115

lib/index.js

@@ -8,10 +8,14 @@ var fs = require('fs');

var parseNuspec = require('./nuspec-parser');
var jsonManifestParest = require('./json-manifest-parser');
var jsonManifestParser = require('./json-manifest-parser');
var debug = require('debug')('snyk');
var projectJsonFormatParser = require('./formats/dotnet-cli-parser');
function determineManifestType (filename) {
switch (true) {
case /.json$/.test(filename): {
case /project.json$/.test(filename): {
return 'project.json';
}
case /project.assets.json$/.test(filename): {
return 'dotnet-cli';
}
case /packages.config$/.test(filename): {

@@ -29,2 +33,7 @@ return 'packages.config';

function injectProjectData(packageTree, projectData) {
packageTree.package.name = projectData.project.name;
packageTree.package.version = projectData.project.version;
}
module.exports = {

@@ -69,8 +78,14 @@ inspect: function (root, targetFile, options) {

var chain = new Promise(function parseFileContents(resolve, reject) {
var job = new Promise(function parseFileContents(resolve, reject) {
var installedPackages = [];
switch (manifestType) {
case 'dotnet-cli': {
debug('Trying to parse dot-net-cli manifest');
projectJsonFormatParser(fileContent, tree);
resolve([]); // skip installed dependencies parsing
break;
}
case 'project.json': {
debug('Trying to parse project.json format manifest');
var projectData = jsonManifestParest.parse(fileContent);
var projectData = jsonManifestParser.parse(fileContent);
var rawDependencies = projectData.dependencies;

@@ -89,4 +104,3 @@ debug(rawDependencies);

if (projectData.project) {
packageTree.package.name = projectData.project.name;
packageTree.package.version = projectData.project.version;
injectProjectData(packageTree, projectData);
}

@@ -146,39 +160,56 @@ resolve(installedPackages);

}).then(function scanInstalled(installedPackages) {
debug('Located ' + installedPackages.length + ' packages in manifest');
function injectPath(dep) {
dep.path = path.resolve(
packagesFolder,
dep.name + '.' + dep.version
);
}
installedPackages.forEach(function (entry) {
injectPath(entry);
flattendPackageList[entry.name] = entry;
debug('Entry: ' + entry.name + ' -> ' + entry.path);
});
try {
debug('Trying to read installed packaged folder: ' + packagesFolder);
fs.readdirSync(packagesFolder)
.filter(function (name) {
return name.slice(0, 7).toLowerCase() !== 'system.'
})
.map(function (folderName) {
return Dependecy.from.folderName(folderName);
})
.forEach(function (dep) {
injectPath(dep);
flattendPackageList[dep.name] = flattendPackageList[dep.name] || dep;
if (manifestType !== 'dotnet-cli') {
debug('Located ' + installedPackages.length + ' packages in manifest');
function injectPath(dep) {
dep.path = dep.localPath
? path.resolve(
packagesFolder,
dep.localPath
)
: path.resolve(
packagesFolder,
dep.name + '.' + dep.version
);
if (dep.localPath) {
delete dep.localPath;
}
}
installedPackages.forEach(function (entry) {
injectPath(entry);
flattendPackageList[entry.name] =
flattendPackageList[entry.name] || entry;
debug('Entry: ' + entry.name + ' -> ' + entry.path);
});
} catch (error) {
debug('Could not complete installed packages folder scanning');
debug(error);
// could not read installed packages folder,
// continue only with manifest list
try {
debug('Scanning local installed folders');
debug('Trying to read from installed packages folder: ' +
packagesFolder);
fs.readdirSync(packagesFolder)
.filter(function (name) {
return name.slice(0, 7).toLowerCase() !== 'system.'
})
.map(function (folderName) {
return Dependecy.from.folderName(folderName);
})
.forEach(function (dep) {
injectPath(dep);
flattendPackageList[dep.name] =
flattendPackageList[dep.name] || dep;
});
}
catch (err) {
debug('Could not complete packages folder scanning');
debug(err);
}
} else {
debug('Located ' +
Object.keys(tree.dependencies).length + 'packages in manifest');
var sorted = {}
Object.keys(flattendPackageList).sort().forEach(function (key) {
sorted[key] = flattendPackageList[key];
});
flattendPackageList = sorted;
}
var sorted = {}
Object.keys(flattendPackageList).sort().forEach(function (key) {
sorted[key] = flattendPackageList[key];
});
flattendPackageList = sorted;
}).then(function fetchNugetInformationFromPackages() {
})
.then(function fetchNugetInformationFromPackages() {
// initiate collecting information from .nuget files on installed packages

@@ -253,4 +284,4 @@ debug('Trying to analyze .nuspec files');

return chain;
return job;
},
};

5

lib/nuspec-parser.js

@@ -9,7 +9,8 @@ var zip = require('zip');

function parseNuspec(library) {
function parseNuspec(library, sep) {
var P = new Promise(function (resolve, reject) {
var pathSep = sep || '.'
var nuspecPath = path.resolve(
library.path,
library.name + '.' + library.version + '.nupkg');
library.name + pathSep + library.version + '.nupkg');
var rawZipped;

@@ -16,0 +17,0 @@

2

package.json

@@ -1,1 +0,1 @@

{"name":"snyk-nuget-plugin","description":"![logo](https://res.cloudinary.com/snyk/image/upload/v1468845259/logo/snyk-dog.svg) ## Snyk: NuGet Plugin ***","main":"lib/index.js","scripts":{"lint":"jscs `find ./lib -name '*.js'` -v && jscs `find ./test -name '*.js'` -v","test":"npm run unit-test","test-windows":"tap -R spec test/*.test.js --timeout=120","unit-test":"tap `ls ./test/*.test.js` -R=spec","dev":"nodemon -x 'npm run unit-test'","semantic-release":"semantic-release pre && npm publish && semantic-release post"},"repository":{"type":"git","url":"https://github.com/snyk/snyk-nuget-plugin.git"},"keywords":["snyk","nuget"],"author":"snyk.io","license":"Apache-2.0","bugs":{"url":"https://github.com/snyk/snyk-nuget-plugin/issues"},"homepage":"https://github.com/snyk/snyk-nuget-plugin#readme","dependencies":{"debug":"^3.1.0","es6-promise":"^4.1.1","xml2js":"^0.4.17","zip":"^1.2.0"},"devDependencies":{"jscs":"^3.0.7","nodemon":"^1.12.1","semantic-release":"^8.2.0","tap":"^10.7.0","tap-only":"0.0.5"},"version":"1.3.2"}
{"name":"snyk-nuget-plugin","description":"![logo](https://res.cloudinary.com/snyk/image/upload/v1468845259/logo/snyk-dog.svg) ## Snyk: NuGet Plugin ***","main":"lib/index.js","scripts":{"lint":"jscs `find ./lib -name '*.js'` -v && jscs `find ./test -name '*.js'` -v","test":"npm run unit-test","test-windows":"tap -R spec test/*.test.js --timeout=120","unit-test":"tap `ls ./test/*.test.js` -R=spec","dev":"nodemon -x 'npm run unit-test'","semantic-release":"semantic-release pre && npm publish && semantic-release post"},"repository":{"type":"git","url":"https://github.com/snyk/snyk-nuget-plugin.git"},"keywords":["snyk","nuget"],"author":"snyk.io","license":"Apache-2.0","bugs":{"url":"https://github.com/snyk/snyk-nuget-plugin/issues"},"homepage":"https://github.com/snyk/snyk-nuget-plugin#readme","dependencies":{"debug":"^3.1.0","es6-promise":"^4.1.1","xml2js":"^0.4.17","zip":"^1.2.0"},"devDependencies":{"jscs":"^3.0.7","nodemon":"^1.12.1","semantic-release":"^8.2.0","tap":"^10.7.0","tap-only":"0.0.5"},"version":"1.3.3"}
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc