New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
snyk-nuget-plugin
Advanced tools
snyk-nuget-plugin - npm Package Compare versions
Comparing version 2.7.14 to 2.7.15
| import * as depGraphLib from '@snyk/dep-graph'; | ||
| import { AssemblyVersions, ProjectAssets, PublishedProjectDeps } from '../types'; | ||
| export declare const FILTERED_DEPENDENCY_PREFIX: string[]; | ||
| export declare function extractLocalProjects(libs: Record<string, any>): string[]; | ||
| export declare function parse(projectName: string, projectAssets: ProjectAssets, publishedProjectDeps: PublishedProjectDeps, runtimeAssembly: AssemblyVersions): depGraphLib.DepGraph; |
| "use strict"; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
| exports.FILTERED_DEPENDENCY_PREFIX = void 0; | ||
| exports.extractLocalProjects = extractLocalProjects; | ||
| exports.parse = parse; | ||
@@ -76,2 +75,5 @@ const debugModule = require("debug"); | ||
| } | ||
| function getDllName(depName) { | ||
| return `${depName}.dll`; | ||
| } | ||
| function buildGraph(projectName, projectAssets, publishedProjectDeps, runtimeAssembly) { | ||
@@ -118,8 +120,8 @@ const depGraphBuilder = new dep_graph_1.DepGraphBuilder({ name: 'nuget' }, { | ||
| const localPackagesNames = extractLocalProjects(publishedProjectDeps.libraries); | ||
| // Overwriting the runtime versions with the versions declared in the manifest files. | ||
| const targets = publishedProjectDeps.targets[runtimeTarget]; | ||
| // Overwriting the runtime versions with the values used in local projects. | ||
| for (const pgkName of localPackagesNames) { | ||
| if (targets[pgkName]?.dependencies) { | ||
| for (const [key, value] of Object.entries(targets[pgkName].dependencies)) { | ||
| const dllName = `${key}.dll`; | ||
| const dllName = getDllName(key); | ||
| if (runtimeAssembly[dllName]) { | ||
@@ -131,2 +133,13 @@ runtimeAssembly[dllName] = value; | ||
| } | ||
| // Overwriting the runtime versions with the values used in fetched packages. | ||
| for (const [key, value] of Object.entries(targets)) { | ||
| if (value && Object.keys(value).length === 0) { | ||
| const [depName, depVersion] = key.split('/'); | ||
| const dllName = getDllName(depName); | ||
| // NuGet’s dependency resolution mechanism will choose the higher available version. | ||
| if (runtimeAssembly[dllName] && depVersion > runtimeAssembly[dllName]) { | ||
| runtimeAssembly[dllName] = depVersion; | ||
| } | ||
| } | ||
| } | ||
| } | ||
@@ -133,0 +146,0 @@ recursivelyPopulateNodes(depGraphBuilder, targetDependencies, rootNode, runtimeAssembly); |
@@ -62,3 +62,3 @@ { | ||
| }, | ||
| "version": "2.7.14" | ||
| "version": "2.7.15" | ||
| } |
Sorry, the diff of this file is not supported yet
No alert changes
Improved metrics
- Total package byte prevSize
- increased by0.75%
142384
- Lines of code
- increased by0.62%
1940
No dependency changes