Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

nuget: parse .csproj and packages.config files #3607

Open
wants to merge 2 commits into
base: develop
Choose a base branch
from
Open

nuget: parse .csproj and packages.config files #3607

wants to merge 2 commits into from

Conversation

schischi
Copy link
Contributor

Add support for 2 manifest files:

  • packages.config: XML file holding the list of package dependencies;
  • *.csproj: describe a project with dependencies (NuGet package references);

The manifest files do not contain a lot of info, but enough to build a package-url.

fixes #2392

@schischi
nuget: parse .csproj and packages.config files
a8e22ba 
Add support for 2 manifest files:
  - packages.config: XML file holding the list of package dependencies;
  - *.csproj: describe a project with dependencies (NuGet package references);

The manifest files do not contain a lot of info, but enough to build a package-url.

fixes nexB#2392

Signed-off-by: Adrien Schildknecht <adrs@fb.com>
@schischi
nuget: handle multiple item groups in .csproj files
8b0f985 
Complex csproj files have multiple ItemGroups, make sure we check all of them.

Signed-off-by: Adrien Schildknecht <adrs@fb.com>
@pombredanne
Copy link
Member

@schischi Thanks you ++
This is needed and long overdue alright!
There also is another tool -- if .NET and C# are your poison of choice -- at https://github.com/nexB/nuget-inspector which is written in C# and is designed to also resolve .NET dependencies. It handles many if not all current and legacy manifests formats including all the *.*proj variants, packages.config and various more recent JSON files that dotnet, msbuild and Visual Studio dabble with. See https://github.com/nexB/nuget-inspector/blob/main/src/nuget-inspector/ProjectScanner.cs for some entry point.

It is much more involved and bigger than a plain parser as it uses the native NuGet and .NET libraries for better or worse.

The inspector also has an extensive test suite which may come handy for the staic analysis here.

@AyanSinhaMahapatra AyanSinhaMahapatra mentioned this pull request Dec 20, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add support for extra visual studio and Nuget "manifests"
2 participants
@schischi @pombredanne