UNPKG

snyk-nuget-plugin

Version:

Snyk CLI NuGet plugin

github.com/snyk/snyk-nuget-plugin

snyk/snyk-nuget-plugin

94 lines 4.26 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.inspect = inspect; const nugetParser = require("./nuget-parser"); const path = require("path"); const paketParser = require("snyk-paket-parser"); const types_1 = require("./nuget-parser/types"); const errors_1 = require("./errors"); function determineManifestType(filename) { switch (true) { case /project.json$/.test(filename): { return types_1.ManifestType.PROJECT_JSON; } case /project.assets.json$/.test(filename): { return types_1.ManifestType.DOTNET_CORE; } case /packages.config$/.test(filename): { return types_1.ManifestType.PACKAGES_CONFIG; } case /paket.dependencies$/.test(filename): { return types_1.ManifestType.PAKET; } default: { throw new errors_1.InvalidTargetFile('Could not determine manifest type for ' + filename); } } } async function inspect(root, targetFile, options) { options = options || {}; let manifestType; try { manifestType = determineManifestType(path.basename(targetFile || root)); } catch (error) { return Promise.reject(error); } const createPackageTree = (depTree) => { const targetFramework = depTree.meta ? depTree.meta.targetFramework : undefined; delete depTree.meta; return { package: depTree, plugin: { name: 'snyk-nuget-plugin', targetFile, targetRuntime: targetFramework, }, }; }; if (manifestType === types_1.ManifestType.PAKET) { return paketParser .buildDepTreeFromFiles(root, targetFile, path.join(path.dirname(targetFile), 'paket.lock'), options['include-dev'] || options.dev, // TODO: remove include-dev when no longer used. options.strict) .then(createPackageTree); } if (options['dotnet-target-framework'] && !options['dotnet-runtime-resolution']) { return Promise.reject(new errors_1.CliCommandError('target framework flag is currently only supported when also scanning with runtime resolution using the `--dotnet-runtime-resolution` flag')); } if (options['dotnet-runtime-resolution']) { if (manifestType !== types_1.ManifestType.DOTNET_CORE) { return Promise.reject(new errors_1.FileNotProcessableError(`runtime resolution flag is currently only supported for: .NET versions 6 and higher, all versions of .NET Core and all versions of .NET Standard projects. Supplied project type was parsed as ${manifestType}.`)); } console.warn(` \x1b[33m⚠ WARNING\x1b[0m: Testing a .NET project with runtime resolution enabled. This should be considered experimental and not relied upon for production use. Please report issues with this beta feature by submitting a support case, and attach the output of running this command with the debug (-d) flag at \x1b[4mhttp://support.snyk.io\x1b[0m.`); const results = await nugetParser.buildDepGraphFromFiles(root, targetFile, manifestType, options['assets-project-name'], options['useFixForImprovedDotnetFalsePositives'] || false, options['useImprovedDotnetWithoutPublish'] || false, options['project-name-prefix'], options['dotnet-target-framework']); // Construct a MultiProjectResult to send to either the CLI or the SCM scanner. const multiProjectResult = { plugin: { name: 'snyk-nuget-plugin', targetFile, }, scannedProjects: [], }; for (const result of results) { multiProjectResult.scannedProjects.push({ targetFile: targetFile, depGraph: result.dependencyGraph, meta: { targetRuntime: result.targetFramework, }, }); } return multiProjectResult; } return nugetParser .buildDepTreeFromFiles(root, targetFile, options.packagesFolder, manifestType, options['assets-project-name'], options['project-name-prefix']) .then(createPackageTree); } //# sourceMappingURL=index.js.map