private async Task PushSymbols(string packagePath, string source, string apiKey, bool noServiceEndpoint, bool skipDuplicate, SymbolPackageUpdateResourceV3 symbolPackageUpdateResource, TimeSpan requestTimeout, ILogger log, bool explicitSymbolsPush, CancellationToken token) { var isSymbolEndpointSnupkgCapable = symbolPackageUpdateResource != null; // Get the symbol package for this package var symbolPackagePath = GetSymbolsPath(packagePath, isSymbolEndpointSnupkgCapable); var symbolsToPush = LocalFolderUtility.ResolvePackageFromPath(symbolPackagePath, isSnupkg: isSymbolEndpointSnupkgCapable); bool symbolsPathResolved = symbolsToPush != null && symbolsToPush.Any(); //No files were resolved. if (!symbolsPathResolved) { if (explicitSymbolsPush) { throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, Strings.UnableToFindFile, packagePath)); } } else { var sourceUri = UriUtility.CreateSourceUri(source); // See if the api key exists if (string.IsNullOrEmpty(apiKey) && !sourceUri.IsFile) { log.LogWarning(string.Format(CultureInfo.CurrentCulture, Strings.Warning_SymbolServerNotConfigured, Path.GetFileName(symbolPackagePath), Strings.DefaultSymbolServer)); } await PushAll(source, apiKey, noServiceEndpoint, skipDuplicate, requestTimeout, log, packagesToPush : symbolsToPush, token); } }
public async Task RunToolVerifySuccess() { using (var testContext = new TestFolder()) { var dir = Path.Combine(testContext.Root, "tooloutput"); Directory.CreateDirectory(dir); var dotnetExe = GetDotnetPath(); var exeFile = new FileInfo(dotnetExe); var nupkgsFolder = Path.Combine(exeFile.Directory.Parent.FullName, "artifacts", "nupkgs"); var packages = LocalFolderUtility.GetPackagesV2(nupkgsFolder, "NupkgWrench", NullLogger.Instance).ToList(); if (packages.Count < 1) { throw new Exception("Run build.ps1 first to create the nupkgs."); } var nupkg = packages .OrderByDescending(e => e.Nuspec.GetVersion()) .First(); var version = nupkg.Nuspec.GetVersion().ToNormalizedString(); var result = await CmdRunner.RunAsync(dotnetExe, testContext.Root, $"tool install nupkgwrench --version {version} --add-source {nupkgsFolder} --tool-path {dir}"); result.Success.Should().BeTrue(result.AllOutput); var dllPath = Path.Combine(dir, ".store", "nupkgwrench", version, "nupkgwrench", version, "tools", "netcoreapp2.1", "any", "NupkgWrench.dll"); if (!File.Exists(dllPath)) { throw new Exception("Tool did not install to the expected location: " + dllPath); } // Run the tool result = await CmdRunner.RunAsync(dotnetExe, dir, $"{dllPath} list"); result.Errors.Should().BeNullOrEmpty(result.Errors); result.Success.Should().BeTrue(result.AllOutput); } }
public async Task <int> ExecuteCommandAsync(VerifyArgs verifyArgs) { if (verifyArgs.Verifications.Count == 0) { verifyArgs.Logger.LogError(string.Format(CultureInfo.CurrentCulture, Strings.VerifyCommand_VerificationTypeNotSupported)); return(FailureCode); } var errorCount = 0; if (ShouldExecuteVerification(verifyArgs, Verification.Signatures)) { var packagesToVerify = LocalFolderUtility.ResolvePackageFromPath(verifyArgs.PackagePath); LocalFolderUtility.EnsurePackageFileExists(verifyArgs.PackagePath, packagesToVerify); var allowListEntries = verifyArgs.CertificateFingerprint.Select(fingerprint => new CertificateHashAllowListEntry( VerificationTarget.Author | VerificationTarget.Repository, SignaturePlacement.PrimarySignature, fingerprint, _defaultFingerprintAlgorithm)).ToList(); var verifierSettings = SignedPackageVerifierSettings.GetVerifyCommandDefaultPolicy(clientAllowListEntries: allowListEntries); var verificationProviders = SignatureVerificationProviderFactory.GetSignatureVerificationProviders(); var verifier = new PackageSignatureVerifier(verificationProviders); foreach (var package in packagesToVerify) { try { errorCount += await VerifySignatureForPackageAsync(package, verifyArgs.Logger, verifier, verifierSettings); } catch (InvalidDataException e) { verifyArgs.Logger.LogError(string.Format(CultureInfo.CurrentCulture, Strings.VerifyCommand_PackageIsNotValid, package)); ExceptionUtilities.LogException(e, verifyArgs.Logger); } } } return(errorCount == 0 ? SuccessCode : FailureCode); }
/// <summary> /// Get the path to the package nupkg. /// </summary> public string GetInstalledPackageFilePath(PackageIdentity packageIdentity) { // Check the expected location before searching all directories var packageDirectory = PackagePathResolver.GetInstallPath(packageIdentity); var packageName = PackagePathResolver.GetPackageFileName(packageIdentity); var installPath = Path.GetFullPath(Path.Combine(packageDirectory, packageName)); // Keep the previous optimization of just going by the existance of the file if we find it. if (File.Exists(installPath)) { return(installPath); } // If the file was not found check for non-normalized paths and verify the id/version LocalPackageInfo package = null; if (PackagePathResolver.UseSideBySidePaths) { // Search for a folder with the id and version package = LocalFolderUtility.GetPackagesConfigFolderPackage( Root, packageIdentity, NullLogger.Instance); } else { // Search for just the id package = LocalFolderUtility.GetPackageV2( Root, packageIdentity, NullLogger.Instance); } if (package != null && packageIdentity.Equals(package.Identity)) { return(package.Path); } // Default to empty return(string.Empty); }
public IReadOnlyCollection <IOptionalSdkTemplatePackageInfo> GetDotnetSdkTemplatePackages(string sdkVersion) { if (_dotnetSdkTemplatesLocation == null) { return(Array.Empty <IOptionalSdkTemplatePackageInfo>()); } IEnumerable <LocalPackageInfo> packages = LocalFolderUtility .GetPackagesV2(_dotnetSdkTemplatesLocation.FullName, new NullLogger()); if (packages == null) { return(Array.Empty <IOptionalSdkTemplatePackageInfo>()); } else { return(packages .Select(l => new OptionalSdkTemplatePackageInfo(l)).ToArray()); } }
private PackageInfo BuildPackageInfo(FeedType type, string rootPath, string id, NuGet.Versioning.NuGetVersion version, List <ProjectInfo> projects) { LocalPackageInfo localPackageInfo; switch (type) { case FeedType.FileSystemV2: localPackageInfo = LocalFolderUtility.GetPackageV2(rootPath, id, version, _logger); if (localPackageInfo == null) { return(null); } return(new PackageInfo { ProjectList = projects, LocalPackageInfo = localPackageInfo }); case FeedType.FileSystemV3: localPackageInfo = LocalFolderUtility.GetPackageV3(rootPath, id, version, _logger); if (localPackageInfo == null) { return(null); } return (new PackageInfo { ProjectList = projects, LocalPackageInfo = localPackageInfo }); default: { Debug.WriteLine($"Unknown Type:{type}"); return(null); } } }
public async Task DownloadPackages() { var mgr = Init(); void ClearCache(string pkgName, NuGetVersion pkgVersion) { var pkg = new PackageIdentity(pkgName, pkgVersion); var localPkg = LocalFolderUtility.GetPackageV3(SettingsUtility.GetGlobalPackagesFolder(mgr.NugetSettings), pkg, mgr.Logger); if (localPkg != null) { Directory.Delete(Path.GetDirectoryName(localPkg.Path), true); } } // Remove "Microsoft.Quantum.Chemistry" and "Microsoft.Quantum.Research" from local cache, // Do this on an old version, to make sure we don't try to delete a loaded assembly: var version = NuGetVersion.Parse("0.3.1811.2802-preview "); ClearCache("Microsoft.Quantum.Chemistry", version); ClearCache("Microsoft.Quantum.Research", version); var researchPkg = new PackageIdentity("Microsoft.Quantum.Research", version); var chemPkg = new PackageIdentity("Microsoft.Quantum.Chemistry", version); using (var context = new SourceCacheContext()) { var dependencies = await mgr.GetPackageDependencies(researchPkg, context); Assert.IsFalse(mgr.IsInstalled(researchPkg)); Assert.IsFalse(mgr.IsInstalled(chemPkg)); await mgr.DownloadPackages(context, dependencies); Assert.IsTrue(mgr.IsInstalled(researchPkg)); Assert.IsTrue(mgr.IsInstalled(chemPkg)); } }
private LocalPackageInfo GetPackage(string packageId, NuGetVersion version, string path) { if (!_packageCache.TryGetValue(path, out var package)) { var nupkgMetadataPath = PathResolver.GetNupkgMetadataPath(packageId, version); var hashPath = PathResolver.GetHashPath(packageId, version); var zipPath = PathResolver.GetPackageFilePath(packageId, version); // The nupkg metadata file is written last. If this file does not exist then the package is // incomplete and should not be used. if (_packageFileCache.Sha512Exists(nupkgMetadataPath)) { package = CreateLocalPackageInfo(packageId, version, path, nupkgMetadataPath, zipPath); } // if hash file exists and it's not a fallback folder then we generate nupkg metadata file else if (!_isFallbackFolder && _packageFileCache.Sha512Exists(hashPath)) { LocalFolderUtility.GenerateNupkgMetadataFile(zipPath, path, hashPath, nupkgMetadataPath); package = CreateLocalPackageInfo(packageId, version, path, nupkgMetadataPath, zipPath); } if (package != null) { // Cache the package, if it is valid it will not change // for the life of this restore. // Locking is done at a higher level around the id _packageCache.TryAdd(path, package); if (!_isFallbackFolder && _updateLastAccessTime) { _packageFileCache.UpdateLastAccessTime(nupkgMetadataPath); } } } return(package); }
/// <summary> /// Asynchronously gets installed packages. /// </summary> /// <remarks>This is used only for the install command, not in PM.</remarks> /// <param name="token">A cancellation token.</param> /// <returns>A task that represents the asynchronous operation. /// The task result (<see cref="Task{TResult}.Result" />) returns an /// <see cref="IEnumerable{PackageReference}" />.</returns> public Task <IEnumerable <PackageReference> > GetFolderPackagesAsync(CancellationToken token) { var packages = Enumerable.Empty <LocalPackageInfo>(); if (Directory.Exists(Root)) { if (_packagePathResolver.UseSideBySidePaths) { // Id.Version packages = LocalFolderUtility.GetPackagesConfigFolderPackages(Root, NullLogger.Instance); } else { // Id packages = LocalFolderUtility.GetPackagesV2(Root, NullLogger.Instance); } } return(Task.FromResult <IEnumerable <PackageReference> >( LocalFolderUtility.GetDistinctPackages(packages) .Select(e => new PackageReference(e.Identity, _framework)) .ToList())); }
public async Task <int> ExecuteCommandAsync(SignArgs signArgs) { // resolve path into multiple packages if needed. var packagesToSign = LocalFolderUtility.ResolvePackageFromPath(signArgs.PackagePath); LocalFolderUtility.EnsurePackageFileExists(signArgs.PackagePath, packagesToSign); var cert = await GetCertificateAsync(signArgs); signArgs.Logger.LogInformation(Environment.NewLine); signArgs.Logger.LogInformation(Strings.SignCommandDisplayCertificate); signArgs.Logger.LogInformation(CertificateUtility.X509Certificate2ToString(cert, HashAlgorithmName.SHA256)); if (!string.IsNullOrEmpty(signArgs.Timestamper)) { signArgs.Logger.LogInformation(Strings.SignCommandDisplayTimestamper); signArgs.Logger.LogInformation(signArgs.Timestamper); } if (!string.IsNullOrEmpty(signArgs.OutputDirectory)) { signArgs.Logger.LogInformation(Strings.SignCommandOutputPath); signArgs.Logger.LogInformation(signArgs.OutputDirectory); } using (var signRequest = GenerateSignPackageRequest(signArgs, cert)) { return(await ExecuteCommandAsync( packagesToSign, signRequest, signArgs.Timestamper, signArgs.Logger, signArgs.OutputDirectory, signArgs.Overwrite, signArgs.Token)); } }
/// <summary> /// Push nupkgs, and if successful, push any corresponding symbols. /// </summary> /// <exception cref="ArgumentException">Thrown when any resolved file path does not exist.</exception> private async Task PushPackagePath(string packagePath, string source, string symbolSource, // empty to not push symbols string apiKey, Func <string, string> getSymbolApiKey, bool noServiceEndpoint, bool skipDuplicate, SymbolPackageUpdateResourceV3 symbolPackageUpdateResource, TimeSpan requestTimeout, ILogger log, CancellationToken token) { IEnumerable <string> nupkgsToPush = LocalFolderUtility.ResolvePackageFromPath(packagePath, isSnupkg: false); bool alreadyWarnedSymbolServerNotConfigured = false; if (!(nupkgsToPush != null && nupkgsToPush.Any())) { throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, Strings.UnableToFindFile, packagePath)); } Uri packageSourceUri = UriUtility.CreateSourceUri(source); if (string.IsNullOrEmpty(apiKey) && !packageSourceUri.IsFile) { log.LogWarning(string.Format(CultureInfo.CurrentCulture, Strings.NoApiKeyFound, GetSourceDisplayName(source))); } foreach (string nupkgToPush in nupkgsToPush) { bool packageWasPushed = await PushPackageCore(source, apiKey, nupkgToPush, noServiceEndpoint, skipDuplicate, requestTimeout, log, token); // Push corresponding symbols, if successful. if (packageWasPushed && !string.IsNullOrEmpty(symbolSource)) { bool isSymbolEndpointSnupkgCapable = symbolPackageUpdateResource != null; string symbolPackagePath = GetSymbolsPath(nupkgToPush, isSnupkg: isSymbolEndpointSnupkgCapable); // There may not be a snupkg with the same filename. Ignore it since this isn't an explicit snupkg push. if (!File.Exists(symbolPackagePath)) { continue; } if (!alreadyWarnedSymbolServerNotConfigured) { Uri symbolSourceUri = UriUtility.CreateSourceUri(symbolSource); // See if the api key exists if (string.IsNullOrEmpty(apiKey) && !symbolSourceUri.IsFile) { log.LogWarning(string.Format(CultureInfo.CurrentCulture, Strings.Warning_SymbolServerNotConfigured, Path.GetFileName(symbolPackagePath), Strings.DefaultSymbolServer)); alreadyWarnedSymbolServerNotConfigured = true; } } string symbolApiKey = getSymbolApiKey(symbolSource); await PushPackageCore(symbolSource, symbolApiKey, symbolPackagePath, noServiceEndpoint, skipDuplicate, requestTimeout, log, token); } } }
private void EnumerateFilesV3Style(bool onlyLatest) { try { Stopwatch timer = new Stopwatch(); timer.Start(); var packageDirectories = Directory.EnumerateDirectories(_inputPath).ToArray(); long count = 0; long errorCount = 0; var logger = new CommandOutputLogger(NuGet.Common.LogLevel.Information); ParallelOptions ops = new ParallelOptions { MaxDegreeOfParallelism = _maxThreadCount }; Parallel.ForEach(packageDirectories, ops, packageDirectory => { count++; if (count % 10000 == 0) { DisplayStats(count, errorCount, packageDirectories.Length, timer); } try { var id = Path.GetFileName(packageDirectory); var idPackages = LocalFolderUtility.GetPackagesV3(_inputPath, id, logger); if (onlyLatest) { var package = idPackages .OrderByDescending(e => e.Identity.Version) .Max(); ProcessArchiveForNuGetAPIsUsedInScripts(package); } else { foreach (var package in idPackages) { ProcessArchiveForNuGetAPIsUsedInScripts(package); } } } catch (Exception ex) { errorCount++; logger.LogInformation("Exception while parsing " + packageDirectory); logger.LogInformation(ex.Message); var curroptFilePath = Path.Combine(@"f:\CurroptPackages", Path.GetFileName(packageDirectory)); File.Move(packageDirectory, curroptFilePath); } }); logger.LogInformation("Done with all the " + count + " packages"); } catch (AggregateException ae) { // This is where you can choose which exceptions to handle. foreach (var ex in ae.InnerExceptions) { Console.WriteLine(ex.Message); } } }
private List <LocalPackageInfo> GetPackages(string id) { var packages = new List <LocalPackageInfo>(); var packageIdRoot = PathResolver.GetVersionListPath(id); if (!Directory.Exists(packageIdRoot)) { return(packages); } foreach (var fullVersionDir in Directory.EnumerateDirectories(packageIdRoot)) { LocalPackageInfo package; if (!_packageCache.TryGetValue(fullVersionDir, out package)) { var versionPart = fullVersionDir.Substring(packageIdRoot.Length).TrimStart(Path.DirectorySeparatorChar); // Get the version part and parse it NuGetVersion version; if (!NuGetVersion.TryParse(versionPart, out version)) { continue; } var nupkgMetadataPath = PathResolver.GetNupkgMetadataPath(id, version); var hashPath = PathResolver.GetHashPath(id, version); var zipPath = PathResolver.GetPackageFilePath(id, version); var installPath = PathResolver.GetInstallPath(id, version); // The nupkg metadata file is written last. If this file does not exist then the package is // incomplete and should not be used. if (_packageFileCache.Sha512Exists(nupkgMetadataPath)) { package = CreateLocalPackageInfo(id, version, fullVersionDir, nupkgMetadataPath, zipPath); // Cache the package, if it is valid it will not change // for the life of this restore. // Locking is done at a higher level around the id _packageCache.TryAdd(fullVersionDir, package); } // if hash file exists and it's not a fallback folder then we generate nupkg metadata file else if (!_isFallbackFolder && _packageFileCache.Sha512Exists(hashPath)) { LocalFolderUtility.GenerateNupkgMetadataFile(zipPath, installPath, hashPath, nupkgMetadataPath); package = CreateLocalPackageInfo(id, version, fullVersionDir, nupkgMetadataPath, zipPath); // Cache the package, if it is valid it will not change // for the life of this restore. // Locking is done at a higher level around the id _packageCache.TryAdd(fullVersionDir, package); } } // Add the package if it is valid if (package != null) { packages.Add(package); } } return(packages); }
private static IEnumerable <LocalPackageInfo> GetAllPackagesInFolder(string rootPath) { return(LocalFolderUtility.GetPackagesV3(root: rootPath, log: NullLogger.Instance)); }
public async Task <int> ExecuteCommandAsync(VerifyArgs verifyArgs) { if (verifyArgs.Verifications.Count == 0) { verifyArgs.Logger.LogError(string.Format(CultureInfo.CurrentCulture, Strings.VerifyCommand_VerificationTypeNotSupported)); return(FailureCode); } var errorCount = 0; if (ShouldExecuteVerification(verifyArgs, Verification.Signatures)) { if (!IsSignatureVerifyCommandSupported()) { verifyArgs.Logger.LogError(string.Format(CultureInfo.CurrentCulture, Strings.VerifyCommand_NotSupported)); return(FailureCode); } var packagesToVerify = verifyArgs.PackagePaths.SelectMany(packagePath => { var packages = LocalFolderUtility.ResolvePackageFromPath(packagePath); LocalFolderUtility.EnsurePackageFileExists(packagePath, packages); return(packages); }); ClientPolicyContext clientPolicyContext = ClientPolicyContext.GetClientPolicy(verifyArgs.Settings, verifyArgs.Logger); // List of values passed through --certificate-fingerprint option read var allowListEntries = verifyArgs.CertificateFingerprint.Select(fingerprint => new CertificateHashAllowListEntry( VerificationTarget.Author | VerificationTarget.Repository, SignaturePlacement.PrimarySignature, fingerprint, _defaultFingerprintAlgorithm)).ToList(); var verifierSettings = SignedPackageVerifierSettings.GetVerifyCommandDefaultPolicy(); var verificationProviders = new List <ISignatureVerificationProvider>() { new IntegrityVerificationProvider() }; // trustedSigners section >> Owners are considered here. verificationProviders.Add( new AllowListVerificationProvider( clientPolicyContext.AllowList, requireNonEmptyAllowList: clientPolicyContext.Policy == SignatureValidationMode.Require, emptyListErrorMessage: Strings.Error_NoClientAllowList, noMatchErrorMessage: Strings.Error_NoMatchingClientCertificate)); IEnumerable <KeyValuePair <string, HashAlgorithmName> > trustedSignerAllowUntrustedRootList = clientPolicyContext.AllowList? .Where(c => c.AllowUntrustedRoot) .Select(c => new KeyValuePair <string, HashAlgorithmName>(c.Fingerprint, c.FingerprintAlgorithm)); // trustedSigners section >> allowUntrustedRoot set true are considered here. verificationProviders.Add(new SignatureTrustAndValidityVerificationProvider(trustedSignerAllowUntrustedRootList)); // List of values passed through --certificate-fingerprint option are considered here. verificationProviders.Add( new AllowListVerificationProvider( allowListEntries, requireNonEmptyAllowList: false, noMatchErrorMessage: Strings.Error_NoMatchingCertificate)); var verifier = new PackageSignatureVerifier(verificationProviders); foreach (var package in packagesToVerify) { try { errorCount += await VerifySignatureForPackageAsync(package, verifyArgs.Logger, verifier, verifierSettings); } catch (InvalidDataException e) { verifyArgs.Logger.LogError(string.Format(CultureInfo.CurrentCulture, Strings.VerifyCommand_PackageIsNotValid, package)); ExceptionUtilities.LogException(e, verifyArgs.Logger); } } } return(errorCount == 0 ? SuccessCode : FailureCode); }
private void AddPackagesFromDropFolder() { _logger.Info("Start adding packages from drop folder."); using (LockAndSuppressFileSystemWatcher()) { try { var localPackages = LocalFolderUtility.GetPackagesV2(_fileSystem.Root, _logAdapter); var serverPackages = new HashSet <ServerPackage>(PackageEqualityComparer.IdAndVersion); foreach (var package in localPackages) { try { //TODO ignoring symbols packages // // Is it a symbols package? // if (IgnoreSymbolsPackages && package.IsSymbolsPackage()) // { // var message = string.Format("Package {0} is a symbols package (it contains .pdb files and a /src folder). The server is configured to ignore symbols packages.", package); // _logger.Error(message); // continue; // } // Allow overwriting package? If not, skip this one. if (!AllowOverrideExistingPackageOnPush && _expandedPackageRepository.Exists(package.Identity.Id, package.Identity.Version)) { var message = string.Format("Package {0} already exists. The server is configured to not allow overwriting packages that already exist.", package); _logger.Error(message); continue; } // Copy to correct filesystem location var added = _expandedPackageRepository.AddPackage(package); _fileSystem.DeleteFile(package.Path); // Mark for addition to metadata store serverPackages.Add(CreateServerPackage(added, EnableDelisting)); } catch (UnauthorizedAccessException ex) { // The file may be in use (still being copied) - ignore the error _logger.ErrorFormat("Error adding package file {0} from drop folder: {1}", package.Path, ex.Message); } catch (IOException ex) { // The file may be in use (still being copied) - ignore the error _logger.ErrorFormat("Error adding package file {0} from drop folder: {1}", package.Path, ex.Message); } } // Add packages to metadata store in bulk _serverPackageStore.StoreRange(serverPackages); _serverPackageStore.PersistIfDirty(); _logger.Info("Finished adding packages from drop folder."); } finally { //OptimizedZipPackage.PurgeCache(); } } }
public IEnumerable <Lib.PackageInfo> GetNugetPackages(IVsPackageInstallerServices installerServices, Solution envSolution, bool includePackageDependencies) { var allprojects = new List <Project>(); if (envSolution != null) { foreach (Project project in envSolution.Projects) { Debug.WriteLine("PojectName: " + project.Name); if (EnvDTE.Constants.vsProjectKindSolutionItems == project.Kind) { foreach (ProjectItem item in project.ProjectItems) { Debug.WriteLine("PojectItemName: " + item.Name); if (item.Object != null) { var childProject = item.Object as Project; Debug.WriteLine("PojectItemName: " + item.Name + " ProjectItemGuid: " + childProject.Kind); if (ProjectSettings.DotnetCoreProjectGuid == childProject.Kind) { allprojects.Add(childProject); } } } } else { Debug.WriteLine("PojectName: " + project.Name + " PojectNameGuid: " + project.Kind); allprojects.Add(project); } } } if (!allprojects.Any()) { Debug.WriteLine("No projects found."); return(null); } var packageList = new List <PackageInfo>(); var installedPackages = installerServices?.GetInstalledPackages().ToList(); if (installedPackages != null && installedPackages.Any()) { foreach (var installedPackage in installedPackages) { var projects = new List <ProjectInfo>(); projects.AddRange( from Project envProject in allprojects where !string.IsNullOrEmpty(envProject.FullName) && installerServices.IsPackageInstalled(envProject, installedPackage.Id) select new ProjectInfo { Name = envProject.Name, FrameworkName = envProject.Properties.Item("TargetFrameworkMoniker")?.Value.ToString() } ); var version = NuGet.Versioning.NuGetVersion.Parse(installedPackage.VersionString); if (string.IsNullOrEmpty(installedPackage.InstallPath)) { Debug.WriteLine("Package: " + installedPackage.Id + " has no install path."); } else { var type = LocalFolderUtility.GetLocalFeedType(installedPackage.InstallPath, _logger); var package = BuildPackageInfo(type, installedPackage.InstallPath, installedPackage.Id, version, projects); if (package != null) { packageList.Add(package); if (includePackageDependencies) { var dependenciesPackageList = new List <PackageInfo>(); var frameworks = projects.Select(p => p.FrameworkName).ToList(); foreach (var dependencyGroup in package.LocalPackageInfo.Nuspec.GetDependencyGroups()) { if (frameworks.Contains(dependencyGroup.TargetFramework.DotNetFrameworkName)) { foreach (var packageDependency in dependencyGroup.Packages) { var depVersion = NuGet.Versioning.NuGetVersion.Parse(packageDependency.VersionRange.OriginalString); var basePath = Path.GetFullPath(Path.Combine(installedPackage.InstallPath, @"..\..\")); var newPath = Path.Combine(basePath, packageDependency.Id, depVersion.ToString()); var dependencyPackage = BuildPackageInfo(type, newPath, packageDependency.Id, depVersion, projects); if (dependencyPackage != null) { dependenciesPackageList.Add(dependencyPackage); } else { Debug.WriteLine($"Could not locate dependency package {packageDependency.Id} version {depVersion}..."); _logger.Log(LogLevel.Warning, $"Could not locate dependency package {packageDependency.Id} version {depVersion}..."); } } } } if (dependenciesPackageList.Any()) { packageList.AddRange(dependenciesPackageList); } } } else { Debug.WriteLine($"Could not locate package {installedPackage.Id} version {version}..."); _logger.Log(LogLevel.Warning, $"Could not locate package {installedPackage.Id} version {version}..."); } } } } return(packageList); }
public void FeedPackagePruning_GivenThatAV3FeedPrunesAPackageDuringRestoreVerifyRestoreRecovers() { // Arrange using (var server = new MockServer()) using (var pathContext = new SimpleTestPathContext()) { // Set up solution, project, and packages var testLogger = new TestLogger(); var solution = new SimpleTestSolutionContext(pathContext.SolutionRoot); var serverRepoPath = Path.Combine(pathContext.WorkingDirectory, "serverPackages"); var packageX100 = new SimpleTestPackageContext("x", "1.0.0"); var packageX200 = new SimpleTestPackageContext("x", "2.0.0"); SimpleTestPackageUtility.CreatePackages( serverRepoPath, packageX100, packageX200); var projectA = SimpleTestProjectContext.CreateNETCore( "a", pathContext.SolutionRoot, NuGetFramework.Parse("net45")); projectA.AddPackageToAllFrameworks(packageX200); solution.Projects.Add(projectA); var projectB = SimpleTestProjectContext.CreateNETCore( "b", pathContext.SolutionRoot, NuGetFramework.Parse("net45")); projectB.AddPackageToAllFrameworks(packageX100); solution.Projects.Add(projectB); solution.Create(pathContext.SolutionRoot); // Server setup var indexJson = Util.CreateIndexJson(); Util.AddFlatContainerResource(indexJson, server); Util.AddRegistrationResource(indexJson, server); server.Get.Add("/", request => { return(ServerHandlerV3(request, server, indexJson, serverRepoPath)); }); server.Start(); var feedUrl = server.Uri + "index.json"; // Restore x 2.0.0 and populate the http cache var r = Util.Restore(pathContext, projectA.ProjectPath, 0, "-Source", feedUrl); // Delete x 1.0.0 File.Delete(LocalFolderUtility.GetPackageV2(serverRepoPath, packageX100.Identity, testLogger).Path); // Act // Restore x 1.0.0 r = Util.Restore(pathContext, projectB.ProjectPath, 0, "-Source", feedUrl); var xLib = projectB.AssetsFile.Libraries.SingleOrDefault(e => e.Name == "x"); // Assert Assert.Equal("2.0.0", xLib.Version.ToNormalizedString()); } }
public async Task <bool> VerifyAsync(string file, StringBuilder buffer) { if (file == null) { throw new ArgumentNullException(nameof(file)); } if (buffer == null) { throw new ArgumentNullException(nameof(buffer)); } var trustProviders = new ISignatureVerificationProvider[] { new IntegrityVerificationProvider(), new SignatureTrustAndValidityVerificationProvider() }; var verifier = new PackageSignatureVerifier(trustProviders); var allPackagesVerified = true; try { var result = 0; var packagesToVerify = LocalFolderUtility.ResolvePackageFromPath(file); foreach (var packageFile in packagesToVerify) { using var package = new PackageArchiveReader(packageFile); var verificationResult = await verifier.VerifySignaturesAsync(package, SignedPackageVerifierSettings.GetVerifyCommandDefaultPolicy(), CancellationToken.None); if (verificationResult.IsValid) { allPackagesVerified = true; } else { var logMessages = verificationResult.Results.SelectMany(p => p.Issues).Select(p => p.AsRestoreLogMessage()).ToList(); foreach (var msg in logMessages) { buffer.AppendLine(msg.Message); } if (logMessages.Any(m => m.Level >= NuGet.Common.LogLevel.Warning)) { var errors = logMessages.Where(m => m.Level == NuGet.Common.LogLevel.Error).Count(); var warnings = logMessages.Where(m => m.Level == NuGet.Common.LogLevel.Warning).Count(); buffer.AppendLine($"Finished with {errors} errors and {warnings} warnings."); result = errors; } allPackagesVerified = false; } } } catch (Exception e) { logger.LogError(e, e.Message); return(false); } return(allPackagesVerified); }
public async Task <ActionResult <RegistrationIndex> > GetRegistrations(string lowerId) { // Find all local packages var localRepDir = Directory.GetCurrentDirectory() + "/packages/"; var packages = LocalFolderUtility.GetPackagesV3(localRepDir, lowerId, new CustomLogger()).ToList(); if (packages.Count < 1) { var officialNuget = Repository.Factory.GetCoreV3("https://api.nuget.org/v3/index.json", FeedType.HttpV3); var metadataResource = officialNuget.GetResource <PackageMetadataResource>(); var packageMetadatas = await metadataResource.GetMetadataAsync(lowerId, true, true, caching, new CustomLogger(), CancellationToken.None); packages = packageMetadatas.Select(_ => new LocalPackageInfo( _.Identity, "PATH", new Lazy <NuspecReader>(() => new NuspecReader()) )); foreach (var packageData in packageMetadata) { System.Console.WriteLine($"PACKAGE {packageData.Identity}"); } return(NotFound()); } NuGetVersion lowerVersion = null; NuGetVersion upperVersion = null; var currentFullUrl = HttpContext.Request.GetDisplayUrl(); var currentPackageBaseUrl = currentFullUrl.Replace("/index.json", "/"); var contentUrl = currentFullUrl.Substring(0, currentFullUrl.IndexOf("/v3/registrations")) + "/v3/flatcontainer/"; var pageItems = packages.Select(package => { lowerVersion = lowerVersion == null || lowerVersion > package.Identity.Version ? package.Identity.Version : lowerVersion; upperVersion = upperVersion == null || upperVersion < package.Identity.Version ? package.Identity.Version : upperVersion; var packageContentUrl = $"{contentUrl}{package.Identity.Id.ToLowerInvariant()}/{package.Identity.Version.ToNormalizedString()}/{package.Identity.ToString().ToLowerInvariant()}.nupkg"; return(new RegistrationIndexPageItem( $"{currentPackageBaseUrl}{package.Identity.Version.ToNormalizedString()}.json", new PackageMetadata( "", package.Nuspec.GetId(), package.Nuspec.GetVersion(), package.Nuspec.GetAuthors(), package.Nuspec.GetDescription(), 0, false, package.Nuspec.GetIconUrl(), package.Nuspec.GetLanguage(), package.Nuspec.GetLicenseUrl(), true, package.Nuspec.GetMinClientVersion()?.ToNormalizedString() ?? "", packageContentUrl, package.Nuspec.GetProjectUrl(), package.Nuspec.GetRepositoryMetadata().Url, package.Nuspec.GetRepositoryMetadata().Type, package.LastWriteTimeUtc, package.Nuspec.GetRequireLicenseAcceptance(), package.Nuspec.GetSummary(), package.Nuspec.GetTags().Split(' '), package.Nuspec.GetTitle(), package.Nuspec.GetDependencyGroups().Select(group => new DependencyGroupItem( $"", group.TargetFramework.DotNetFrameworkName, group.Packages.Select(dependency => new DependencyItem( $"", dependency.Id, dependency.VersionRange.ToString() )).ToList() )).ToList() ), packageContentUrl )); }).ToList(); return(new RegistrationIndex(1, 0, new List <RegistrationIndexPage> { new RegistrationIndexPage( $"{HttpContext.Request.GetDisplayUrl()}#page", pageItems.Count, pageItems, lowerVersion, upperVersion ) })); }
public async Task <int> ExecuteCommandAsync(VerifyArgs verifyArgs) { if (verifyArgs.Verifications.Count == 0) { verifyArgs.Logger.LogError(string.Format(CultureInfo.CurrentCulture, Strings.VerifyCommand_VerificationTypeNotSupported)); return(FailureCode); } var errorCount = 0; if (ShouldExecuteVerification(verifyArgs, Verification.Signatures)) { if (!IsSignatureVerifyCommandSupported()) { verifyArgs.Logger.LogError(string.Format(CultureInfo.CurrentCulture, Strings.VerifyCommand_NotSupported)); return(FailureCode); } var packagesToVerify = verifyArgs.PackagePaths.SelectMany(packagePath => { var packages = LocalFolderUtility.ResolvePackageFromPath(packagePath); LocalFolderUtility.EnsurePackageFileExists(packagePath, packages); return(packages); }); var allowListEntries = verifyArgs.CertificateFingerprint.Select(fingerprint => new CertificateHashAllowListEntry( VerificationTarget.Author | VerificationTarget.Repository, SignaturePlacement.PrimarySignature, fingerprint, _defaultFingerprintAlgorithm)).ToList(); var verifierSettings = SignedPackageVerifierSettings.GetVerifyCommandDefaultPolicy(); var verificationProviders = new List <ISignatureVerificationProvider>() { new IntegrityVerificationProvider(), new SignatureTrustAndValidityVerificationProvider() }; verificationProviders.Add( new AllowListVerificationProvider( allowListEntries, requireNonEmptyAllowList: false, noMatchErrorMessage: Strings.Error_NoMatchingCertificate)); var verifier = new PackageSignatureVerifier(verificationProviders); foreach (var package in packagesToVerify) { try { errorCount += await VerifySignatureForPackageAsync(package, verifyArgs.Logger, verifier, verifierSettings); } catch (InvalidDataException e) { verifyArgs.Logger.LogError(string.Format(CultureInfo.CurrentCulture, Strings.VerifyCommand_PackageIsNotValid, package)); ExceptionUtilities.LogException(e, verifyArgs.Logger); } } } return(errorCount == 0 ? SuccessCode : FailureCode); }
private Action <HttpListenerResponse> ServerHandlerV3(HttpListenerRequest request) { try { var path = GetRequestUrlAbsolutePath(request); var parts = request.Url.AbsolutePath.Split(new[] { '/' }, StringSplitOptions.RemoveEmptyEntries); if (path.StartsWith("/flat/") && path.EndsWith("/index.json")) { return(new Action <HttpListenerResponse>(response => { response.ContentType = "application/javascript"; var versionsJson = JObject.Parse(@"{ ""versions"": [] }"); var array = versionsJson["versions"] as JArray; var id = parts[parts.Length - 2]; foreach (var pkg in LocalFolderUtility.GetPackagesV2(_packageDirectory, id, NullLogger.Instance)) { array.Add(pkg.Identity.Version.ToNormalizedString()); } SetResponseContent(response, versionsJson.ToString()); })); } else if (path.StartsWith("/flat/") && path.EndsWith(".nupkg")) { var file = new FileInfo(Path.Combine(_packageDirectory, parts.Last())); if (file.Exists) { return(new Action <HttpListenerResponse>(response => { response.ContentType = "application/zip"; using (var stream = file.OpenRead()) { var content = ReadAllBytes(stream); SetResponseContent(response, content); } })); } else { return(new Action <HttpListenerResponse>(response => { response.StatusCode = 404; })); } } else if (path == "/nuget") { return(new Action <HttpListenerResponse>(response => { response.StatusCode = 200; })); } else if (path.StartsWith("/reg/") && path.EndsWith("/index.json")) { var id = parts[parts.Length - 2]; var packages = LocalFolderUtility.GetPackagesV2(_packageDirectory, id, NullLogger.Instance); if (packages.Any()) { return(new Action <HttpListenerResponse>(response => { response.ContentType = "text/javascript"; var packageToListedMapping = packages.Select(e => new KeyValuePair <PackageIdentity, bool>(e.Identity, !UnlistedPackages.Contains(e.Identity))).ToArray(); MockResponse mockResponse = _builder.BuildRegistrationIndexResponse(ServiceIndexUri, packageToListedMapping); SetResponseContent(response, mockResponse.Content); })); } else { return(new Action <HttpListenerResponse>(response => { response.StatusCode = 404; })); } } else { throw new Exception("This test needs to be updated to support: " + path); } } catch (Exception) { // Debug here throw; } }
private Action <HttpListenerResponse> ServerHandlerV3( HttpListenerRequest request, MockServer server, JObject indexJson, string repositoryPath) { try { var path = server.GetRequestUrlAbsolutePath(request); var parts = request.Url.AbsolutePath.Split(new[] { '/' }, StringSplitOptions.RemoveEmptyEntries); if (path == "/index.json") { return(new Action <HttpListenerResponse>(response => { response.StatusCode = 200; response.ContentType = "text/javascript"; MockServer.SetResponseContent(response, indexJson.ToString()); })); } else if (path.StartsWith("/flat/") && path.EndsWith("/index.json")) { return(new Action <HttpListenerResponse>(response => { response.ContentType = "text/javascript"; var versionsJson = JObject.Parse(@"{ ""versions"": [] }"); var array = versionsJson["versions"] as JArray; var id = parts[parts.Length - 2]; foreach (var pkg in LocalFolderUtility.GetPackagesV2(repositoryPath, id, new TestLogger())) { array.Add(pkg.Identity.Version.ToNormalizedString()); } MockServer.SetResponseContent(response, versionsJson.ToString()); })); } else if (path.StartsWith("/flat/") && path.EndsWith(".nupkg")) { var file = new FileInfo(Path.Combine(repositoryPath, parts.Last())); if (file.Exists) { return(new Action <HttpListenerResponse>(response => { response.ContentType = "application/zip"; using (var stream = file.OpenRead()) { var content = stream.ReadAllBytes(); MockServer.SetResponseContent(response, content); } })); } else { return(new Action <HttpListenerResponse>(response => { response.StatusCode = 404; })); } } else if (path == "/nuget") { return(new Action <HttpListenerResponse>(response => { response.StatusCode = 200; })); } throw new Exception("This test needs to be updated to support: " + path); } catch (Exception) { // Debug here throw; } }
public List <Project> AnalyzeProject(string projectPath, bool includeTransitiveDependencies, int transitiveDepth) { var dependencyGraph = _dependencyGraphService.GenerateDependencyGraph(projectPath); if (dependencyGraph == null) { return(null); } var projects = new List <Project>(); foreach (var packageSpec in dependencyGraph.Projects.Where(p => p.RestoreMetadata.ProjectStyle == ProjectStyle.PackageReference)) { // Restore the packages _dotNetRestoreService.Restore(packageSpec.FilePath); // Load the lock file string lockFilePath = _fileSystem.Path.Combine(packageSpec.RestoreMetadata.OutputPath, "project.assets.json"); var lockFile = LockFileUtilities.GetLockFile(lockFilePath, NullLogger.Instance); // Create a project var project = new Project(packageSpec.Name, packageSpec.FilePath, packageSpec.RestoreMetadata.Sources.Select(s => s.SourceUri).ToList(), packageSpec.Version); projects.Add(project); // Get the target frameworks with their dependencies foreach (var targetFrameworkInformation in packageSpec.TargetFrameworks) { var targetFramework = new TargetFramework(targetFrameworkInformation.FrameworkName); project.TargetFrameworks.Add(targetFramework); var target = lockFile.Targets.FirstOrDefault(t => t.TargetFramework.Equals(targetFrameworkInformation.FrameworkName)); if (target != null) { foreach (var projectDependency in targetFrameworkInformation.Dependencies) { var projectLibrary = target.Libraries.FirstOrDefault(library => string.Equals(library.Name, projectDependency.Name, StringComparison.OrdinalIgnoreCase)); bool isDevelopmentDependency = false; if (projectLibrary != null) { // Determine whether this is a development dependency var packageIdentity = new PackageIdentity(projectLibrary.Name, projectLibrary.Version); var packageInfo = LocalFolderUtility.GetPackageV3(packageSpec.RestoreMetadata.PackagesPath, packageIdentity, NullLogger.Instance); if (packageInfo != null) { isDevelopmentDependency = packageInfo.GetReader().GetDevelopmentDependency(); } } var dependency = new Dependency(projectDependency.Name, projectDependency.LibraryRange.VersionRange, projectLibrary?.Version, projectDependency.AutoReferenced, false, isDevelopmentDependency); targetFramework.Dependencies.Add(dependency); // Process transitive dependencies for the library if (includeTransitiveDependencies) { AddDependencies(targetFramework, projectLibrary, target, 1, transitiveDepth); } } } } } return(projects); }
public async Task <int> ExecuteCommandAsync(TrustedSignersArgs trustedSignersArgs) { var logger = trustedSignersArgs.Logger ?? NullLogger.Instance; var actionsProvider = new TrustedSignerActionsProvider(_trustedSignersProvider, logger); switch (trustedSignersArgs.Action) { case TrustedSignersAction.List: ValidateListArguments(trustedSignersArgs); await ListAllTrustedSignersAsync(logger); break; case TrustedSignersAction.Add: ValidateNameExists(trustedSignersArgs.Name); var isPackagePathProvided = !string.IsNullOrEmpty(trustedSignersArgs.PackagePath); var isServiceIndexProvided = !string.IsNullOrEmpty(trustedSignersArgs.ServiceIndex); var isFingerprintProvided = !string.IsNullOrEmpty(trustedSignersArgs.CertificateFingerprint); var isAlgorithmProvided = !string.IsNullOrEmpty(trustedSignersArgs.FingerprintAlgorithm); if (isPackagePathProvided) { #if IS_DESKTOP if (isServiceIndexProvided || isFingerprintProvided || isAlgorithmProvided) { throw new CommandLineArgumentCombinationException(string.Format(CultureInfo.CurrentCulture, Strings.Error_CouldNotAdd, Strings.Error_InvalidCombinationOfArguments)); } if (!(trustedSignersArgs.Repository ^ trustedSignersArgs.Author)) { throw new CommandLineArgumentCombinationException(string.Format(CultureInfo.CurrentCulture, Strings.Error_NoSignatureTrustedForPackage, trustedSignersArgs.PackagePath)); } var trustTarget = VerificationTarget.None; if (trustedSignersArgs.Author) { if (!trustedSignersArgs.Repository && trustedSignersArgs.Owners != null && trustedSignersArgs.Owners.Any()) { throw new CommandLineArgumentCombinationException(Strings.Error_CannotTrustOwnersForAuthor); } trustTarget |= VerificationTarget.Author; } if (trustedSignersArgs.Repository) { trustTarget |= VerificationTarget.Repository; } if (trustTarget == VerificationTarget.None) { trustTarget = VerificationTarget.Unknown; } var packagesToTrust = LocalFolderUtility.ResolvePackageFromPath(trustedSignersArgs.PackagePath); LocalFolderUtility.EnsurePackageFileExists(trustedSignersArgs.PackagePath, packagesToTrust); foreach (var package in packagesToTrust) { using (var packageReader = new PackageArchiveReader(package)) { await actionsProvider.AddTrustedSignerAsync( trustedSignersArgs.Name, packageReader, trustTarget, trustedSignersArgs.AllowUntrustedRoot, trustedSignersArgs.Owners, CancellationToken.None); } } break; #else throw new NotSupportedException(); #endif } if (isServiceIndexProvided) { if (isFingerprintProvided || isAlgorithmProvided || trustedSignersArgs.Author || trustedSignersArgs.Repository) { throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, Strings.Error_CouldNotAdd, Strings.Error_InvalidCombinationOfArguments)); } var serviceIndex = ValidateAndParseV3ServiceIndexUrl(trustedSignersArgs.ServiceIndex); await actionsProvider.AddTrustedRepositoryAsync( trustedSignersArgs.Name, serviceIndex, trustedSignersArgs.Owners, CancellationToken.None); break; } if (isFingerprintProvided) { if (trustedSignersArgs.Owners != null && trustedSignersArgs.Owners.Any()) { throw new ArgumentException(Strings.Error_CannotTrustOwnersForAuthor); } var hashAlgorithm = ValidateAndParseFingerprintAlgorithm(trustedSignersArgs.FingerprintAlgorithm); actionsProvider.AddOrUpdateTrustedSigner( trustedSignersArgs.Name, trustedSignersArgs.CertificateFingerprint, hashAlgorithm, trustedSignersArgs.AllowUntrustedRoot); break; } if (isAlgorithmProvided || trustedSignersArgs.Author || trustedSignersArgs.Repository) { throw new CommandLineArgumentCombinationException(string.Format(CultureInfo.CurrentCulture, Strings.Error_CouldNotAdd, Strings.Error_InvalidCombinationOfArguments)); } if (_packageSourceProvider == null) { throw new ArgumentException(Strings.Error_NoSourcesInformation); } var packageSource = _packageSourceProvider.GetPackageSourceByName(trustedSignersArgs.Name); if (packageSource == null || string.IsNullOrEmpty(packageSource.Source)) { throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, Strings.Error_UnavailableSource, trustedSignersArgs.Name)); } var sourceServiceIndex = ValidateAndParseV3ServiceIndexUrl(packageSource.Source); await actionsProvider.AddTrustedRepositoryAsync( trustedSignersArgs.Name, sourceServiceIndex, trustedSignersArgs.Owners, CancellationToken.None); break; case TrustedSignersAction.Remove: ValidateRemoveArguments(trustedSignersArgs); await RemoveTrustedSignerAsync(trustedSignersArgs.Name, logger); break; case TrustedSignersAction.Sync: ValidateSyncArguments(trustedSignersArgs); await actionsProvider.SyncTrustedRepositoryAsync(trustedSignersArgs.Name, CancellationToken.None); break; } return(SuccessCode); }