private bool AuditSolutionPackagesInternal() { VSPackage.AssertOnMainThread(); IEnumerable <IVsPackageMetadata> packages = null; try { packages = ServiceLocator.GetInstance <IVsPackageInstallerServices>().GetInstalledPackages(); } catch (InvalidOperationException ioe) { if (ioe.Source == "NuGet.PackageManagement.VisualStudio") { WriteLine("Could not retrieve package metadata on solution load. Exception : {0}.", ioe.Message); WriteLine("This may happen when initially loading .NET Core projetcs. See https://github.com/OSSIndex/audit.net/issues/22"); WriteLine("Try audiiting the project or solution again once the solution has completed loading."); return(true); } else { throw; } } WriteLine(Resources.AuditingPackagesInSolution, packages.Count(), _dte.Solution.GetName()); return(AuditPackagesInternal(packages)); }
private bool AuditSolutionPackagesInternal() { VSPackage.AssertOnMainThread(); var packages = ServiceLocator.GetInstance <IVsPackageInstallerServices>().GetInstalledPackages(); WriteLine(Resources.AuditingPackagesInSolution, packages.Count(), _dte.Solution.GetName()); return(AuditPackagesInternal(packages)); }
/// <summary> /// Initializes a new instance of the <see cref="VSPackage"/> class. /// </summary> public VSPackage() { // Inside this method you can place any initialization code that does not require // any Visual Studio service because at this point the package object is created but // not sited yet inside Visual Studio environment. The place to do all the other // initialization is the Initialize method. _instance = this; ServiceLocator.InitializePackageServiceProvider(this); }
private bool AuditProjectPackagesInternal(Project project) { VSPackage.AssertOnMainThread(); if (project == null) { throw new ArgumentNullException("project"); } var packages = ServiceLocator.GetInstance <IVsPackageInstallerServices>().GetInstalledPackages(project); WriteLine(Resources.AuditingPackagesInProject, packages.Count(), project.Name); return(AuditPackagesInternal(packages)); }
internal static bool IsProjectSupported(this Project project) { VSPackage.AssertOnMainThread(); if (project.Kind != null && _supportedProjectTypes.Contains(project.Kind)) { return(true); } // Check if packages.config exists //return File.Exists(project.GetPackageReferenceFilePath()); // IVsPackageInstallerServices.IsPackageInstalled throws InvalidOperationException if project does not support NuGet packages. // TODO: Find a better way to detect support for NuGet packages. try { // FIXME: This should not happen if (project == null) { return(false); } IVsPackageInstallerServices locator = ServiceLocator.GetInstance <IVsPackageInstallerServices>(); // FIXME: This should not happen if (locator == null) { return(false); } locator.IsPackageInstalled(project, "__dummy__"); return(true); } catch (InvalidOperationException) { return(false); } catch (Exception e) { ExceptionHelper.WriteToActivityLog(e); // FIXME: A variety of project types which do not work with the IsPackageInstalled method will throw exceptions of various sorts. // FIXME: Surely there is a better way to check for Nuget support? return(false); } }
private void OnAuditCompleted(object sender, AuditCompletedEventArgs e) { VSPackage.AssertOnMainThread(); if (e.Exception != null) { WriteLine(Resources.AuditingPackageError, e.Exception.Message); ExceptionHelper.WriteToActivityLog(e.Exception); } else if (e.Results.Count() == 0) { WriteLine(Resources.NoPackagesToAudit); } else { var vulnerableCount = e.Results.Count(x => x.Status == AuditStatus.HasVulnerabilities); if (vulnerableCount > 0) { WriteLine(Resources.VulnerabilitiesFound, vulnerableCount); } else { WriteLine(Resources.NoVulnarebilitiesFound); } //update audit results dictionary foreach (var auditResult in e.Results) { _auditResults[auditResult.PackageId] = auditResult; } //refresh tasks RefreshTasks(); if (vulnerableCount > 0) { _taskProvider.BringToFront(); } } }
private void RefreshTasks() { VSPackage.AssertOnMainThread(); var supportedProjects = _dte.Solution.GetSupportedProjects().ToList(); _taskProvider.SuspendRefresh(); _taskProvider.Tasks.Clear(); foreach (var task in GetVulnerabilityTasks(supportedProjects)) { _taskProvider.Tasks.Add(task); } _taskProvider.Refresh(); _taskProvider.ResumeRefresh(); foreach (var project in supportedProjects) { CreateMarkers(project.GetPackageReferenceFilePath()); } }
protected override void Dispose(bool disposing) { try { if (disposing) { if (this._auditManager != null) { this._auditManager.Dispose(); this._auditManager = null; } GC.SuppressFinalize(this); } _vsMonitorSelection = null; _uiCtx = null; _instance = null; } finally { base.Dispose(disposing); } }
private IVsOutputWindowPane GetOutputPane() { VSPackage.AssertOnMainThread(); return(VSPackage.Instance.GetOutputPane(VSConstants.SID_SVsGeneralOutputWindowPane, "Audit.Net")); }
protected override void Dispose(bool disposing) { try { if (disposing) { if (this._auditManager!=null) { this._auditManager.Dispose(); this._auditManager = null; } GC.SuppressFinalize(this); } _vsMonitorSelection = null; _uiCtx = null; _instance = null; } finally { base.Dispose(disposing); } }
private void OnAuditCompleted(object sender, AuditCompletedEventArgs e) { VSPackage.AssertOnMainThread(); if (e.Exception != null) { WriteLine(Resources.AuditingPackageError, e.Exception.Message); WriteLine(""); WriteLine(Resources.AuditingPackageError, e.Exception.StackTrace); ExceptionHelper.WriteToActivityLog(e.Exception); } else if (e.Results.Count() == 0) { WriteLine(Resources.NoPackagesToAudit); } else { WriteLine("Packages audited:"); foreach (var result in e.Results) { WriteLine(" * " + result.PackageId.Id + "@" + result.PackageId.VersionString); } var vulnerableCount = e.Results.Count(x => x.Status == AuditStatus.HasVulnerabilities); if (vulnerableCount > 0) { WriteLine(Resources.VulnerabilitiesFound, vulnerableCount); foreach (AuditResult r in e.Results.Where(x => x.Status == AuditStatus.HasVulnerabilities)) { if (r.MatchedVulnerabilities == 1) { WriteLine("Package: {0} is vulnerable. 1 vulnerability found.", r.PackageId); } else { WriteLine("Package: {0} is vulnerable. {1} vulnerabilities found.", r.PackageId, r.MatchedVulnerabilities); } foreach (var v in r.Vulnerabilities) { WriteLine(" {0} {1} {2} CWE: {3} CvssS: {4} CvssV: {5}", v.Id, v.Title, v.Description, v.Cwe, v.CvssScore, v.CvssVector); } } } else { foreach (AuditResult r in e.Results) { WriteLine("No vulnerabilities found for package {0}.", r.PackageId); } } //update audit results dictionary foreach (var auditResult in e.Results) { _auditResults[auditResult.PackageId] = auditResult; } //refresh tasks RefreshTasks(); if (vulnerableCount > 0) { _taskProvider.BringToFront(); } } }