private static string GetTargetFolder(string path, string configurationName, string platformName) { var targetPath = MsBuild.GetTargetPath(path, configurationName, platformName); var targetFolder = Path.GetDirectoryName(targetPath); return(targetFolder); }
private void btnRunCheckedItems_Click(object sender, EventArgs e) { rtbPatchLog.Clear(); rtbErrors.Clear(); var selectedEnvironment = (Environment)cboTargetEnvironment.SelectedItem; var selectedTargets = lvPatchList.CheckedItems.Cast <ListViewItem>().Select(lvi => lvi.Text).ToArray(); Task.Run(() => { var msbuild = new MsBuild(); foreach (var target in selectedTargets) { try { var returnValue = msbuild.Run(ProcessTextReceived, target, selectedEnvironment); if (!returnValue) { throw new Exception(string.Format("MSBuild Target Failed")); } } catch (Exception ex) { var message = string.Format("Error when running {0}: {1}{2}", target, ex, System.Environment.NewLine); AppendErrorBox(this, new ProcessTextReceivedEventArgs { Text = message, IsError = true }); MessageBox.Show(message, "Error Occurred", MessageBoxButtons.OK, MessageBoxIcon.Error); break; } } }); }
private static void CheckAllowedPackages() { foreach (var pkg in _pkgs.Where(p => !_settings.ErrorSettings.AllowedPackages.Any(b => b.Id == p.Id && VersionRange.Parse(p.Version).Satisfies(new NuGetVersion(b.Version))))) { var msBuildMessage = MsBuild.Log(_nuGetFile, MsBuild.Category.Error, pkg.LineNumber, pkg.LinePosition, $"{pkg.Id} is not listed as an allowed package and may not be used in this project"); Console.WriteLine(msBuildMessage); Log.Logger.Debug(msBuildMessage); } }
private async Task BuildSolution() { var msBuild = new MsBuild(Context) { Exe = "msbuild", Filename = "Jenkins.NET.sln", Configuration = "Release", Platform = "Any CPU", }; await msBuild.BuildAsync(); }
private void RecreateSteps() { var msBuild = new MsBuild(); var targets = msBuild.GetTargets("FullDeploymentTargets"); var addItems = targets.Select(ai => new ListViewItem(new[] { ai.Item1, ai.Item2 }) { Checked = true }).ToArray(); lvPatchList.Items.Clear(); lvPatchList.Items.AddRange(addItems); }
/// <inheritdoc /> public Compiler(IAppConfigurator appConfigurator = null, ILogger logger = null) : base(appConfigurator, logger) { _appConfigurator = appConfigurator; Init(); Nuget = new NuGet(AppConfigurator); #pragma warning disable CS0618 MsBuild = new MsBuild(AppConfigurator); #pragma warning restore CS0618 MSBuild = new MSBuild(AppConfigurator); TestHelper = new TestHelper(AppConfigurator); //_logger = logger ?? AppConfigurator.Of<LogConfiguration>().GetLogger(); }
private async Task BuildSolution(CancellationToken token) { var msbuild_exe = Context.AgentVariables["global"]["msbuild_exe"]; var msBuild = new MsBuild(Context) { //Exe = ".\\bin\\msbuild.cmd", Exe = $"\"{msbuild_exe}\"", Filename = "Jenkins.NET.sln", Configuration = "Release", Platform = "Any CPU", Parallel = true, }; await msBuild.BuildAsync(); }
private static void CheckBlockedPackages() { foreach (var pkg in _pkgs) { var blockedPackage = _settings.ErrorSettings.BlockedPackages.FirstOrDefault(b => b.Package.Id == pkg.Id && VersionRange.Parse(pkg.Version).Satisfies(new NuGetVersion(b.Package.Version))); if (blockedPackage == null) { continue; } var msBuildMessage = MsBuild.Log(_nuGetFile, MsBuild.Category.Error, pkg.LineNumber, pkg.LinePosition, $"{pkg.Id}: {(string.IsNullOrEmpty(blockedPackage.CustomErrorMessage) ? blockedPackage.CustomErrorMessage : "has been blocked and may not be used in this project")}"); Log.Logger.Debug(msBuildMessage); } }
public Project( string solutionDirPath, string targetProjectFile) { // process solution dir path if (string.IsNullOrEmpty(solutionDirPath)) { throw new ArgumentException("solutionDirPath cannot be a null or empty string"); } if (!Directory.Exists(solutionDirPath)) { throw new ArgumentException(string.Format("solutionDirPath does not exist, \"{0}\"", solutionDirPath)); } SolutionDirPath = solutionDirPath; // process target project file if (string.IsNullOrEmpty(targetProjectFile)) { throw new ArgumentException("targetProjectFile cannot be a null or empty string"); } if (!File.Exists(targetProjectFile)) { throw new ArgumentException(string.Format("targetProjectFile does not exist, \"{0}\"", targetProjectFile)); } TargetProjectFile = targetProjectFile; // set project directory path TargetProjectDirectoryPath = Path.GetDirectoryName(TargetProjectFile); if (string.IsNullOrEmpty(TargetProjectDirectoryPath)) { throw new InvalidOperationException(string.Format("Could not get directory path from TargetProjectFile, \"{0}\"", TargetProjectFile)); } // instantiate components AssemblyInfo = new AssemblyInfo(SolutionDirPath, TargetProjectFile); MsBuild = new MsBuild(TargetProjectFile); NuGet = new NuGet(TargetProjectFile); }
/// <inheritdoc /> public async Task <DependencyGraph> BuildAsync() { var options = _contextAccessor.Context.Options; async Task <DependencyGraphFile> GenerateAsync() { var graphFile = string.IsNullOrEmpty(options.OutputGraph) ? DependencyGraphFile.Create() : DependencyGraphFile.Create(options.OutputGraph, autoDelete: false); var arguments = new[] { options.ProjectPath, MsBuild.Property("Configuration", options.Configuration), MsBuild.Target("Restore", "GenerateRestoreGraphFile"), MsBuild.Property("RestoreGraphOutputPath", graphFile.FilePath), }; await _commandRunner.RunAsync("dotnet", "msbuild", arguments.Extend(options.Parameters)); return(graphFile); } async Task <DependencyGraph> ParseAsync(string graphPath) { await using var fileStream = File.OpenRead(graphPath); var model = await JsonSerializer.DeserializeAsync <DependencyGraph>(fileStream, new JsonSerializerOptions { IgnoreNullValues = true, PropertyNameCaseInsensitive = true, WriteIndented = true }); _logger.LogDebug($"Graph:{Environment.NewLine} {model}"); return(model); } using var file = await GenerateAsync(); return(await ParseAsync(file.FilePath)); }
public override void Compile() { Nuget.Restore(); MsBuild.Build(); }
public VisualStudio() { MsBuild = new MsBuild(); }
/// <summary> /// args[0] is expected to be the path to the project file. /// </summary> /// <param name="args"></param> private static int Main(string[] args) { #if DOTNETTOOL if (args.Length == 0) { Console.WriteLine($"NuGetDefense v{Version}"); Console.WriteLine("-------------"); Console.WriteLine($"{Environment.NewLine}Usage:"); Console.WriteLine($"{Environment.NewLine} nugetdefense projectFile.proj TargetFrameworkMoniker"); Console.WriteLine($"{Environment.NewLine} nugetdefense SolutionFile.sln Release"); Console.WriteLine($"{Environment.NewLine} nugetdefense SolutionFile.sln Debug|Any CPU"); return(0); } #endif _settings = Settings.LoadSettings(Path.GetDirectoryName(args[0])); _projectFileName = Path.GetFileName(args[0]); ConfigureLogging(); try { Log.Logger.Verbose("Logging Configured"); Log.Logger.Verbose("Started NuGetDefense with arguments: {args}", args); var targetFramework = args.Length == 2 ? args[1] : ""; if (args[0].EndsWith(".sln", StringComparison.OrdinalIgnoreCase)) { var projects = DotNetSolution.Load(args[0]).Projects.Where(p => !p.Type.IsSolutionFolder).Select(p => p.Path).ToArray(); var specificFramework = !string.IsNullOrWhiteSpace(targetFramework); if (specificFramework) { Log.Logger.Information("Target Framework: {framework}", targetFramework); } _projects = LoadMultipleProjects(args[0], projects, specificFramework, targetFramework, true); } else if (_settings.CheckReferencedProjects) { var projects = new List <string> { args[0] }; GetProjectsReferenced(in args[0], in projects); var specificFramework = !string.IsNullOrWhiteSpace(targetFramework); if (specificFramework) { Log.Logger.Information("Target Framework: {framework}", targetFramework); } _projects = LoadMultipleProjects(args[0], projects.ToArray(), specificFramework, targetFramework, false); } else { var nugetFile = new NuGetFile(args[0]); _nuGetFile = nugetFile.Path; Log.Logger.Verbose("NuGetFile Path: {nugetFilePath}", _nuGetFile); Log.Logger.Information("Target Framework: {framework}", string.IsNullOrWhiteSpace(targetFramework) ? "Undefined" : targetFramework); Log.Logger.Verbose("Loading Packages"); Log.Logger.Verbose("Transitive Dependencies Included: {CheckTransitiveDependencies}", _settings.CheckTransitiveDependencies); if (_settings.CheckTransitiveDependencies && nugetFile.PackagesConfig) { var projects = DotNetProject.Load(args[0]).ProjectReferences.Select(p => p.FilePath).ToArray(); var specificFramework = !string.IsNullOrWhiteSpace(targetFramework); if (specificFramework) { Log.Logger.Information("Target Framework: {framework}", targetFramework); } _projects = LoadMultipleProjects(args[0], projects, specificFramework, targetFramework); } else { _projects = new Dictionary <string, NuGetPackage[]>(); _projects.Add(nugetFile.Path, nugetFile.LoadPackages(targetFramework, _settings.CheckTransitiveDependencies).Values.ToArray()); } } GetNonSensitivePackages(out var nonSensitivePackages); if (_settings.ErrorSettings.IgnoredPackages.Length > 0) { foreach (var(project, packages) in _projects.ToArray()) { IgnorePackages(in packages, _settings.ErrorSettings.IgnoredPackages, out var projPackages); _projects[project] = projPackages; } } Log.Logger.Information("Loaded {packageCount} packages", _projects.Sum(p => p.Value.Length)); if (_settings.ErrorSettings.BlockedPackages.Length > 0) { CheckBlockedPackages(); } if (_settings.ErrorSettings.AllowedPackages.Length > 0) { CheckAllowedPackages(); } Dictionary <string, Dictionary <string, Vulnerability> > vulnDict = null; if (_settings.OssIndex.Enabled) { Log.Logger.Verbose("Checking with OSSIndex for Vulnerabilities"); vulnDict = new Scanner(_nuGetFile, _settings.OssIndex.BreakIfCannotRun, UserAgentString, _settings.OssIndex.Username, _settings.OssIndex.ApiToken) .GetVulnerabilitiesForPackages(nonSensitivePackages.SelectMany(p => p.Value).ToArray()); } if (_settings.NVD.Enabled) { Log.Logger.Verbose("Checking the embedded NVD source for Vulnerabilities"); foreach (var(proj, pkgs) in _projects) { vulnDict = new NVD.Scanner(_nuGetFile, TimeSpan.FromSeconds(_settings.NVD.TimeoutInSeconds), _settings.NVD.BreakIfCannotRun, _settings.NVD.SelfUpdate) .GetVulnerabilitiesForPackages(pkgs, vulnDict); } } Log.Logger.Information("ignoring {ignoredCVECount} Vulnerabilities", _settings.ErrorSettings.IgnoredCvEs.Length); if (_settings.ErrorSettings.IgnoredCvEs.Length > 0) { VulnerabilityData.IgnoreCVEs(vulnDict, _settings.ErrorSettings.IgnoredCvEs); } ReportVulnerabilities(vulnDict); return(_settings.WarnOnly ? 0 : NumberOfVulnerabilities); } catch (Exception e) { var msBuildMessage = MsBuild.Log(_nuGetFile, MsBuild.Category.Error, $"Encountered a fatal exception while checking for Dependencies in {_nuGetFile}. Exception: {e}"); Console.WriteLine(msBuildMessage); Log.Logger.Fatal(msBuildMessage); return(-1); } }
/// <inheritdoc /> public override void Compile() { WriteLog($"开始编译"); Nuget.Restore(); MsBuild.Build(); }
/// <summary> /// Adds files to a project and optionally builds the updated project /// </summary> /// <param name="ProjectFile">The path to the VS project</param> /// <param name="files">The files to add</param> /// <param name="build">Spcifies whether the updated project should be built</param> public void AddProjectFiles(FilePath ProjectFile, IReadOnlyList <FilePath> files, bool build = false) => MsBuild.AddProjectFiles(ProjectFile, files, build);
public void BuildVulnerabilityReport( Dictionary <string, Dictionary <string, Vulnerability> > vulnerabilityDictionary, IEnumerable <NuGetPackage> pkgs, string nuGetFile, bool warnOnly, double cvss3Threshold) { var logBuilder = new StringBuilder(); foreach (var pkg in pkgs.Where(p => p.LineNumber != null && vulnerabilityDictionary.ContainsKey(p.Id.ToLower()))) { var vulnerabilities = vulnerabilityDictionary[pkg.Id.ToLower()]; logBuilder.AppendLine("*************************************"); warnOnly = warnOnly || !vulnerabilities.Any(v => v.Value.CvssScore >= cvss3Threshold); var dependantVulnerabilities = pkg.Dependencies.Where(dep => vulnerabilityDictionary.ContainsKey(dep)); var vulnTotalMSbuildMessage = MsBuild.Log(nuGetFile, warnOnly ? MsBuild.Category.Warning : MsBuild.Category.Error, pkg.LineNumber, pkg.LinePosition, $"{vulnerabilities.Count} vulnerabilities found for {pkg.Id} @ {pkg.Version}"); if (_separateMsBuildMessages) { MsBuildMessages.Add(vulnTotalMSbuildMessage); } else { logBuilder.AppendLine(vulnTotalMSbuildMessage); } if (dependantVulnerabilities.Any()) { var dependantVulnTotalMsBuildMessage = MsBuild.Log(nuGetFile, warnOnly ? MsBuild.Category.Warning : MsBuild.Category.Error, pkg.LineNumber, pkg.LinePosition, $"{dependantVulnerabilities.Count()} vulnerabilities found for dependencies of {pkg.Id} @ {pkg.Version}"); if (_separateMsBuildMessages) { MsBuildMessages.Add(dependantVulnTotalMsBuildMessage); } else { logBuilder.AppendLine(dependantVulnTotalMsBuildMessage); } } foreach (var cve in vulnerabilities.Keys) { warnOnly = warnOnly || vulnerabilities[cve].CvssScore <= cvss3Threshold; var vulnMsBuildMessage = MsBuild.Log(nuGetFile, warnOnly ? MsBuild.Category.Warning : MsBuild.Category.Error, cve, pkg.LineNumber, pkg.LinePosition, $"{vulnerabilities[cve].Description}"); if (_separateMsBuildMessages) { MsBuildMessages.Add(vulnMsBuildMessage); } else { logBuilder.AppendLine(vulnMsBuildMessage); } logBuilder.AppendLine($"Description: {vulnerabilities[cve].Description}"); logBuilder.AppendLine($"CVE: {cve}"); logBuilder.AppendLine($"CWE: {vulnerabilities[cve].Cwe}"); logBuilder.AppendLine($"CVSS Score: {vulnerabilities[cve].CvssScore}"); logBuilder.AppendLine($"CVSS Vector: {vulnerabilities[cve].Vector}"); if (vulnerabilities[cve].References != null && vulnerabilities[cve].References.Any()) { logBuilder.AppendLine("References:"); foreach (var reference in vulnerabilities[cve].References) { logBuilder.AppendLine(reference); } } logBuilder.AppendLine("---------------------------"); } foreach (var dependancy in dependantVulnerabilities) { vulnerabilities = vulnerabilityDictionary[dependancy]; foreach (var cve in vulnerabilities.Keys) { warnOnly = warnOnly || vulnerabilities[cve].CvssScore <= cvss3Threshold; var vulnMsBuildMessage = MsBuild.Log(nuGetFile, warnOnly ? MsBuild.Category.Warning : MsBuild.Category.Error, cve, pkg.LineNumber, pkg.LinePosition, $"{dependancy}: {vulnerabilities[cve].Description}"); if (_separateMsBuildMessages) { MsBuildMessages.Add(vulnMsBuildMessage); } else { logBuilder.AppendLine(vulnMsBuildMessage); } logBuilder.AppendLine($"Description: {vulnerabilities[cve].Description}"); logBuilder.AppendLine($"CVE: {cve}"); logBuilder.AppendLine($"CWE: {vulnerabilities[cve].Cwe}"); logBuilder.AppendLine($"CVSS Score: {vulnerabilities[cve].CvssScore}"); logBuilder.AppendLine($"CVSS Vector: {vulnerabilities[cve].Vector}"); // if (vulnerabilities[cve].Version?.Length > 0) // logBuilder.AppendLine($"Affected Version: {vulnerabilities[cve].Version}"); logBuilder.AppendLine("---------------------------"); } } } VulnerabilityReport = logBuilder.ToString(); }
public void Build(string config = "Debug", string outputDir = null, string target = null) { MsBuild.Build(Path, config, outputDir, target); }
public void BuildVulnerabilityTextReport(Dictionary <string, Dictionary <string, Vulnerability> > vulnerabilityDictionary, IEnumerable <NuGetPackage> pkgs, string nuGetFile, bool warnOnly, double cvss3Threshold, out int numberOfVulns) { numberOfVulns = 0; if (_separateMsBuildMessages) { MsBuildMessages = new List <string>(); } var logBuilder = new StringBuilder(VulnerabilityTextReport); var nuGetPackages = pkgs as NuGetPackage[] ?? pkgs.ToArray(); logBuilder.AppendLine($"{vulnerabilityDictionary.Sum(ve => ve.Value.Count)} vulnerabilities found in {nuGetPackages.Count()} packages for {nuGetFile}."); foreach (var pkg in nuGetPackages.Where(p => vulnerabilityDictionary.ContainsKey(p.PackageUrl.ToLower()))) { var vulnerabilities = vulnerabilityDictionary[pkg.PackageUrl.ToLower()]; logBuilder.AppendLine("*************************************"); warnOnly = warnOnly || !vulnerabilities.Any(v => v.Value.CvssScore >= cvss3Threshold); if (!warnOnly) { numberOfVulns++; } // TODO: Dependencies will need to be listed by package url when this is used. var dependantVulnerabilities = pkg.Dependencies.Where(dep => vulnerabilityDictionary.ContainsKey(dep)); var vulnTotalMSbuildMessage = MsBuild.Log(nuGetFile, warnOnly ? MsBuild.Category.Warning : MsBuild.Category.Error, pkg.LineNumber, pkg.LinePosition, $"{vulnerabilities.Count} vulnerabilities found for {pkg.Id} @ {pkg.Version}"); if (vulnerabilities.Any()) { if (_separateMsBuildMessages) { MsBuildMessages.Add(vulnTotalMSbuildMessage); } else { logBuilder.AppendLine(vulnTotalMSbuildMessage); } } var dependancies = dependantVulnerabilities as string[] ?? dependantVulnerabilities.ToArray(); if (dependancies.Any()) { var dependantVulnTotalMsBuildMessage = MsBuild.Log(nuGetFile, warnOnly ? MsBuild.Category.Warning : MsBuild.Category.Error, pkg.LineNumber, pkg.LinePosition, $"{dependancies.Count()} vulnerabilities found for dependencies of {pkg.Id} @ {pkg.Version}"); if (_separateMsBuildMessages) { MsBuildMessages.Add(dependantVulnTotalMsBuildMessage); } else { logBuilder.AppendLine(dependantVulnTotalMsBuildMessage); } } foreach (var cve in vulnerabilities.Keys) { warnOnly = warnOnly || vulnerabilities[cve].CvssScore <= cvss3Threshold && vulnerabilities[cve].CvssScore > -1; if (!warnOnly) { numberOfVulns++; } var vulnMsBuildMessage = MsBuild.Log(nuGetFile, warnOnly ? MsBuild.Category.Warning : MsBuild.Category.Error, cve, pkg.LineNumber, pkg.LinePosition, $"{vulnerabilities[cve].Description}"); if (_separateMsBuildMessages) { MsBuildMessages.Add(vulnMsBuildMessage); } else { logBuilder.AppendLine(vulnMsBuildMessage); } logBuilder.AppendLine($"Description: {vulnerabilities[cve].Description}"); logBuilder.AppendLine($"CVE: {cve}"); logBuilder.AppendLine($"CWE: {vulnerabilities[cve].Cwe}"); logBuilder.AppendLine($"CVSS Score: {vulnerabilities[cve].CvssScore}"); logBuilder.AppendLine($"CVSS Vector: {vulnerabilities[cve].Vector}"); if (vulnerabilities[cve].References != null && vulnerabilities[cve].References.Any()) { logBuilder.AppendLine("References:"); foreach (var reference in vulnerabilities[cve].References) { logBuilder.AppendLine(reference); } } logBuilder.AppendLine("---------------------------"); } foreach (var dependancy in dependancies) { vulnerabilities = vulnerabilityDictionary[dependancy]; foreach (var cve in vulnerabilities.Keys) { warnOnly = warnOnly || vulnerabilities[cve].CvssScore <= cvss3Threshold; if (!warnOnly) { numberOfVulns++; } var vulnMsBuildMessage = MsBuild.Log(nuGetFile, warnOnly ? MsBuild.Category.Warning : MsBuild.Category.Error, cve, pkg.LineNumber, pkg.LinePosition, $"{dependancy}: {vulnerabilities[cve].Description}"); if (_separateMsBuildMessages) { MsBuildMessages.Add(vulnMsBuildMessage); } else { logBuilder.AppendLine(vulnMsBuildMessage); } logBuilder.AppendLine($"Description: {vulnerabilities[cve].Description}"); logBuilder.AppendLine($"CVE: {cve}"); logBuilder.AppendLine($"CWE: {vulnerabilities[cve].Cwe}"); logBuilder.AppendLine($"CVSS Score: {vulnerabilities[cve].CvssScore}"); logBuilder.AppendLine($"CVSS Vector: {vulnerabilities[cve].Vector}"); // if (vulnerabilities[cve].Version?.Length > 0) // logBuilder.AppendLine($"Affected Version: {vulnerabilities[cve].Version}"); logBuilder.AppendLine("---------------------------"); } } } VulnerabilityTextReport = logBuilder.ToString(); }