Socket
Socket
Sign inDemoInstall

snyk-nuget-plugin

Package Overview
Dependencies
Maintainers
1
Versions
123
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

snyk-nuget-plugin - npm Package Compare versions

Comparing version 1.3.8 to 1.3.9

17

lib/dependency.js

@@ -47,21 +47,4 @@ var debug = require('debug')('snyk');

},
csprojEntry: function (referenceItem) {
debug('Extracting by hintPath ' + referenceItem.HintPath[0]);
var sep = (
/\//.exec(referenceItem.HintPath[0]) ||
/\\/.exec(referenceItem.HintPath[0]))[0];
var depLocalPath = referenceItem.HintPath[0]
.split(sep).slice(2,3).join(sep);
var packageInfo = Dependency.extractFromDotVersionNotation(depLocalPath);
var name = packageInfo.name;
var version = packageInfo.version;
var result = new Dependency(
name,
version,
'unknown'
);
return result;
},
};
module.exports = Dependency;

2

lib/find-folder.js

@@ -14,4 +14,4 @@ var path = require('path');

}
};
}
module.exports = findFolder;

88

lib/index.js

@@ -23,5 +23,2 @@ var fs = require('fs');

}
case /.csproj$/.test(filename): {
return '.csproj';
}
default: {

@@ -121,30 +118,2 @@ throw new Error('Could not determine manifest type for ' + filename);

}
})
break;
}
case '.csproj': {
debug('Trying to parse .csproj manifest');
parseXML(fileContent, function scanCsprojContent(err, result) {
if (err) {
reject(err);
} else {
(result.Project.ItemGroup || []).forEach(function (itemGroup) {
(itemGroup.Reference || []).forEach(function (referenceItem) {
if (referenceItem.HintPath) {
try {
var installedDependency =
Dependecy.from.csprojEntry(referenceItem);
if (installedDependency.name.indexOf('System.') !== 0) {
installedPackages.push(installedDependency);
}
}
catch (err) {
debug('Could not parse package name. Skipping');
// gracefully continue
}
}
});
});
}
resolve(installedPackages);
});

@@ -157,18 +126,4 @@ break;

debug('Located ' + installedPackages.length + ' packages in manifest');
function injectPath(dep) {
dep.path = dep.localPath
? path.resolve(
packagesFolder,
dep.localPath
)
: path.resolve(
packagesFolder,
dep.name + '.' + dep.version
);
if (dep.localPath) {
delete dep.localPath;
}
}
installedPackages.forEach(function (entry) {
injectPath(entry);
injectPath(entry, packagesFolder);
flattendPackageList[entry.name] =

@@ -184,3 +139,3 @@ flattendPackageList[entry.name] || entry;

.filter(function (name) {
return name.slice(0, 7).toLowerCase() !== 'system.'
return name.slice(0, 7).toLowerCase() !== 'system.';
})

@@ -191,5 +146,14 @@ .map(function (folderName) {

.forEach(function (dep) {
injectPath(dep);
flattendPackageList[dep.name] =
flattendPackageList[dep.name] || dep;
injectPath(dep, packagesFolder);
// only add a package from packages folder if version is different
if (flattendPackageList[dep.name] &&
flattendPackageList[dep.name].version !== dep.version) {
// prefer found from packages folder (dep) over existing
debug('For package ' + dep.name + ' the version ' +
flattendPackageList[dep.name].version +
' was extracted from manifest file.' +
'\nWe are overwriting it with version ' + dep.version +
' from the packages folder');
flattendPackageList[dep.name] = dep;
}
});

@@ -204,3 +168,3 @@ }

Object.keys(tree.dependencies).length + 'packages in manifest');
var sorted = {}
var sorted = {};
Object.keys(flattendPackageList).sort().forEach(function (key) {

@@ -254,3 +218,3 @@ sorted[key] = flattendPackageList[key];

}
transitiveDependency.from = node.from.concat()
transitiveDependency.from = node.from.concat();
var transitiveChildren =

@@ -270,4 +234,4 @@ (nuspecResolutions[transitiveDependency.name] &&

tree.dependencies[packageName] =
flattendPackageList[packageName].cloneShallow()
})
flattendPackageList[packageName].cloneShallow();
});
if (_nugtKeyCount > 0) {

@@ -278,3 +242,3 @@ // local folders scanned, build list from .nuspec

var node = flattendPackageList[resolution.name].cloneShallow();
node.from = tree.from.concat()
node.from = tree.from.concat();
buildTree(node, resolution.children, flattendPackageList);

@@ -287,6 +251,16 @@ tree.dependencies[node.name] = node;

throw(err);
})
});
return job;
},
};
};
function injectPath(dep, packagesFolder) {
dep.path =
dep.localPath ?
path.resolve(packagesFolder, dep.localPath)
: path.resolve(packagesFolder, dep.name + '.' + dep.version);
if (dep.localPath) {
delete dep.localPath;
}
}

6

lib/json-manifest-parser.js

@@ -21,3 +21,3 @@ function scanForDependencies(obj, deps) {

deps[depName] = version;
})
});
} else {

@@ -36,4 +36,4 @@ scanForDependencies(obj[key], deps);

if (typeof rawContent.project === 'object') {
var pData = rawContent.project
var name = (pData.restore && pData.restore.projectName)
var pData = rawContent.project;
var name = (pData.restore && pData.restore.projectName);
result.project = {

@@ -40,0 +40,0 @@ version: pData.version || '0.0.0',

10

lib/nuspec-parser.js

@@ -11,3 +11,3 @@ var zip = require('zip');

var P = new Promise(function (resolve, reject) {
var pathSep = sep || '.'
var pathSep = sep || '.';
var nuspecPath = path.resolve(

@@ -39,6 +39,6 @@ library.path,

(group.dependency || []).forEach(function (dep) {
var transitiveDependency = new Dependency(dep.$.id, dep.$.version) // jscs:ignore
transitiveDependency.versionSpec = dep.$.versionSpec
var transitiveDependency = new Dependency(dep.$.id, dep.$.version); // jscs:ignore
transitiveDependency.versionSpec = dep.$.versionSpec;
ownDependencies.push(transitiveDependency);
})
});
});

@@ -51,3 +51,3 @@ (rawDependency.dependency || []).forEach(function (dep) {

});
})
});
});

@@ -54,0 +54,0 @@ resolve({

2

package.json

@@ -1,1 +0,1 @@

{"name":"snyk-nuget-plugin","description":"![logo](https://res.cloudinary.com/snyk/image/upload/v1468845259/logo/snyk-dog.svg) ## Snyk: NuGet Plugin ***","main":"lib/index.js","scripts":{"lint":"jscs `find ./lib -name '*.js'` -v && jscs `find ./test -name '*.js'` -v","test":"npm run unit-test","test-windows":"tap -R spec test/*.test.js --timeout=120","unit-test":"tap `ls ./test/*.test.js` -R=spec","dev":"nodemon -x 'npm run unit-test'","semantic-release":"semantic-release pre && npm publish && semantic-release post"},"repository":{"type":"git","url":"https://github.com/snyk/snyk-nuget-plugin.git"},"keywords":["snyk","nuget"],"author":"snyk.io","license":"Apache-2.0","bugs":{"url":"https://github.com/snyk/snyk-nuget-plugin/issues"},"homepage":"https://github.com/snyk/snyk-nuget-plugin#readme","dependencies":{"debug":"^3.1.0","es6-promise":"^4.1.1","xml2js":"^0.4.17","zip":"^1.2.0"},"devDependencies":{"jscs":"^3.0.7","nodemon":"^1.12.1","semantic-release":"^8.2.0","tap":"^10.7.0","tap-only":"0.0.5"},"version":"1.3.8"}
{"name":"snyk-nuget-plugin","description":"![logo](https://res.cloudinary.com/snyk/image/upload/v1468845259/logo/snyk-dog.svg) ## Snyk: NuGet Plugin ***","main":"lib/index.js","scripts":{"lint":"jscs `find ./lib -name '*.js'` -v && jscs `find ./test -name '*.js'` -v","test":"npm run unit-test","test-windows":"tap -R spec test/*.test.js --timeout=120","unit-test":"tap `ls ./test/*.test.js` -R=spec","dev":"nodemon -x 'npm run unit-test'","semantic-release":"semantic-release pre && npm publish && semantic-release post"},"repository":{"type":"git","url":"https://github.com/snyk/snyk-nuget-plugin.git"},"keywords":["snyk","nuget"],"author":"snyk.io","license":"Apache-2.0","bugs":{"url":"https://github.com/snyk/snyk-nuget-plugin/issues"},"homepage":"https://github.com/snyk/snyk-nuget-plugin#readme","dependencies":{"debug":"^3.1.0","es6-promise":"^4.1.1","xml2js":"^0.4.17","zip":"^1.2.0"},"devDependencies":{"jscs":"^3.0.7","nodemon":"^1.12.1","semantic-release":"^8.2.0","tap":"^10.7.0","tap-only":"0.0.5"},"version":"1.3.9"}
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc