private void OnAuditCompleted(object sender, AuditCompletedEventArgs e)
{
VSPackage.AssertOnMainThread();
if (e.Exception != null)
{
WriteLine(Resources.AuditingPackageError, e.Exception.Message);
ExceptionHelper.WriteToActivityLog(e.Exception);
}
else if (e.Results.Count() == 0)
{
WriteLine(Resources.NoPackagesToAudit);
}
else
{
var vulnerableCount = e.Results.Count(x => x.Status == AuditStatus.HasVulnerabilities);
if (vulnerableCount > 0)
{
WriteLine(Resources.VulnerabilitiesFound, vulnerableCount);
}
else
{
WriteLine(Resources.NoVulnarebilitiesFound);
}
//update audit results dictionary
foreach (var auditResult in e.Results)
{
_auditResults[auditResult.PackageId] = auditResult;
}
//refresh tasks
RefreshTasks();
if (vulnerableCount > 0)
{
_taskProvider.BringToFront();
}
}
}
private bool RunAudit(IEnumerable<PackageId> packageIds, EventHandler<AuditCompletedEventArgs> completedHandler)
{
if (!packageIds.Any())
{
if (completedHandler != null)
{
var eventArgs = new AuditCompletedEventArgs(Enumerable.Empty<AuditResult>(), null);
completedHandler(null, eventArgs);
}
return true;
}
if (IsAuditRunning)
{
return false;
}
_auditRunning = true;
// Now we will queue a delegate that will be run on a worker thread.
ThreadPool.QueueUserWorkItem(
delegate
{
// !! WORKER THREAD CONTEXT !!
Exception exception = null;
IEnumerable<AuditResult> results = null;
try
{
results = Lib.NugetAuditor.AuditPackages(packageIds, VSPackage.Instance.Option_CacheSync);
}
catch (Exception ex)
{
// Just record the exception, we will handle it later.
exception = ex;
}
// Here we are still in the worker thread context. The completion event must be executed in
// the same thread context as caller of RunAsync(). To change the thread context we use the
// stored synchronization context.
VSPackage.Instance.UICtx.Send((x) =>
{
// !! MAIN THREAD CONTEXT !!
// Back to main thread. From here we can safely update our internal state and invoke the
// completion event.
// Reset process and running flag.
_auditRunning = false;
// notify event subscribers (if any).
if (completedHandler != null)
{
var eventArgs = new AuditCompletedEventArgs(results, exception);
completedHandler(null, eventArgs);
}
}, null);
});
return true;
}
private void OnAuditCompleted(object sender, AuditCompletedEventArgs e)
{
ThreadHelper.ThrowIfNotOnUIThread();
if (e.Exception != null)
{
WriteLine(Resources.AuditingPackageError, e.Exception.Message);
WriteLine("");
WriteLine(Resources.AuditingPackageError, e.Exception.StackTrace);
ExceptionHelper.WriteToActivityLog(e.Exception);
}
else if (e.Results.Count() == 0)
{
WriteLine(Resources.NoPackagesToAudit);
}
else
{
WriteLine("Packages audited:");
foreach (var result in e.Results)
{
WriteLine(" * " + result.PackageId.Id + "@" + result.PackageId.VersionString);
}
var vulnerableCount = e.Results.Count(x => x.Status == AuditStatus.HasVulnerabilities);
if (vulnerableCount > 0)
{
WriteLine(Resources.VulnerabilitiesFound, vulnerableCount);
foreach (AuditResult r in e.Results.Where(x => x.Status == AuditStatus.HasVulnerabilities))
{
if (r.MatchedVulnerabilities == 1)
{
WriteLine("Package: {0} is vulnerable. 1 vulnerability found.", r.PackageId);
}
else
{
WriteLine("Package: {0} is vulnerable. {1} vulnerabilities found.", r.PackageId, r.MatchedVulnerabilities);
}
foreach (var v in r.Vulnerabilities)
{
WriteLine(" {0} {1} {2} CWE: {3} CvssS: {4} CvssV: {5}", v.Id, v.Title, v.Description, v.Cwe, v.CvssScore, v.CvssVector);
}
}
}
else
{
foreach (AuditResult r in e.Results)
{
WriteLine("No vulnerabilities found for package {0}.", r.PackageId);
}
}
//update audit results dictionary
foreach (var auditResult in e.Results)
{
_auditResults[auditResult.PackageId] = auditResult;
}
//refresh tasks
RefreshTasks();
if (vulnerableCount > 0)
{
_taskProvider.BringToFront();
}
}
}
private void OnAuditCompleted(object sender, AuditCompletedEventArgs e)
{
VSPackage.AssertOnMainThread();
if (e.Exception != null)
{
WriteLine(Resources.AuditingPackageError, e.Exception.Message);
ExceptionHelper.WriteToActivityLog(e.Exception);
}
else if (e.Results.Count() == 0)
{
WriteLine(Resources.NoPackagesToAudit);
}
else
{
var vulnerableCount = e.Results.Count(x => x.Status == AuditStatus.HasVulnerabilities);
if (vulnerableCount > 0)
{
WriteLine(Resources.VulnerabilitiesFound, vulnerableCount);
}
else
{
WriteLine(Resources.NoVulnarebilitiesFound);
}
//update audit results dictionary
foreach (var auditResult in e.Results)
{
_auditResults[auditResult.PackageId] = auditResult;
}
//refresh tasks
RefreshTasks();
if (vulnerableCount > 0)
{
_taskProvider.BringToFront();
}
}
}
