feat: add paket

Mattlk13 · Feb 17, 2019 · 6ebacda · 6ebacda
1 parent c09863e
commit 6ebacda
Show file tree

Hide file tree

Showing 11 changed files with 158 additions and 1 deletion.
diff --git a/.gitignore b/.gitignore
@@ -8,3 +8,4 @@ tmp
 .DS_Store
 package-lock.json
 !/test/fixtures/**/package-lock.json
+.idea
diff --git a/help/file.txt b/help/file.txt
@@ -21,6 +21,7 @@ looking for files in following order:
   vendor/vendor.json
   obj/project.assets.json
   packages.config
+  paket.dependencies
   composer.lock
 
 If more than one file exists it will use the first order-wise. If you wish to specify manually, you can

diff --git a/package.json b/package.json
@@ -74,7 +74,7 @@
     "snyk-module": "1.9.1",
     "snyk-mvn-plugin": "2.0.1",
     "snyk-nodejs-lockfile-parser": "1.11.0",
-    "snyk-nuget-plugin": "1.6.5",
+    "snyk-nuget-plugin": "1.7.1",
     "snyk-php-plugin": "1.5.2",
     "snyk-policy": "1.13.3",
     "snyk-python-plugin": "1.9.1",

diff --git a/src/cli/commands/protect/wizard.js b/src/cli/commands/protect/wizard.js
@@ -39,6 +39,7 @@ const unsupportedPackageManagers = {
   golangdep: 'Golang/Dep',
   govendor: 'Govendor',
   nuget: 'NuGet',
+  paket: 'Paket',
   composer: 'Composer',
 };
 

diff --git a/src/lib/detect.ts b/src/lib/detect.ts
@@ -22,6 +22,7 @@ const DETECTABLE_FILES = [
   'obj/project.assets.json',
   'project.assets.json',
   'packages.config',
+  'paket.dependencies',
   'composer.lock',
 ];
 
@@ -43,6 +44,7 @@ const DETECTABLE_PACKAGE_MANAGERS = {
   'project.assets.json': 'nuget',
   'packages.config': 'nuget',
   'project.json': 'nuget',
+  'paket.dependencies': 'paket',
   'composer.lock': 'composer',
 };
 

diff --git a/src/lib/plugins/index.js b/src/lib/plugins/index.js
@@ -35,6 +35,9 @@ function loadPlugin(packageManager, options) {
     case 'nuget': {
       return require('snyk-nuget-plugin');
     }
+    case 'paket': {
+      return require('snyk-nuget-plugin');
+    }
     case 'composer': {
       return require('snyk-php-plugin');
     }

diff --git a/src/lib/snyk-test/index.js b/src/lib/snyk-test/index.js
@@ -52,6 +52,7 @@ function run(root, options) {
     'golangdep',
     'govendor',
     'nuget',
+    'paket',
     'composer',
   ].indexOf(packageManager) === -1) {
     throw new Error('Unsupported package manager: ' + packageManager);

diff --git a/test/acceptance/cli.acceptance.test.ts b/test/acceptance/cli.acceptance.test.ts
@@ -687,6 +687,70 @@ test('`test nuget-app-4 auto-detects packages.config`', async (t) => {
     }], 'calls nuget plugin');
 });
 
+test('`test paket-app auto-detects paket.dependencies`', async (t) => {
+    chdirWorkspaces();
+    const plugin = {
+        async inspect() {
+            return {package: {}};
+        },
+    };
+    const spyPlugin = sinon.spy(plugin, 'inspect');
+
+    const loadPlugin = sinon.stub(plugins, 'loadPlugin');
+    t.teardown(loadPlugin.restore);
+    loadPlugin
+        .withArgs('paket')
+        .returns(plugin);
+
+    await cli.test('paket-app');
+
+    const req = server.popRequest();
+    t.equal(req.method, 'POST', 'makes POST request');
+    t.match(req.url, '/test-dep-graph', 'posts to correct url');
+    t.equal(req.body.depGraph.pkgManager.name, 'paket');
+    t.same(spyPlugin.getCall(0).args,
+        ['paket-app', 'paket.dependencies', {
+            args: null,
+            file: 'paket.dependencies',
+            org: null,
+            packageManager: 'paket',
+            path: 'paket-app',
+            showVulnPaths: true,
+        }], 'calls nuget plugin');
+});
+
+test('`test paket-obj-app auto-detects obj/project.assets.json if exists`', async (t) => {
+    chdirWorkspaces();
+    const plugin = {
+        async inspect() {
+            return {package: {}};
+        },
+    };
+    const spyPlugin = sinon.spy(plugin, 'inspect');
+
+    const loadPlugin = sinon.stub(plugins, 'loadPlugin');
+    t.teardown(loadPlugin.restore);
+    loadPlugin
+        .withArgs('nuget')
+        .returns(plugin);
+
+    await cli.test('paket-obj-app');
+
+    const req = server.popRequest();
+    t.equal(req.method, 'POST', 'makes POST request');
+    t.match(req.url, '/test-dep-graph', 'posts to correct url');
+    t.equal(req.body.depGraph.pkgManager.name, 'nuget');
+    t.same(spyPlugin.getCall(0).args,
+        ['paket-obj-app', 'obj/project.assets.json', {
+            args: null,
+            file: 'obj/project.assets.json',
+            org: null,
+            packageManager: 'nuget',
+            path: 'paket-obj-app',
+            showVulnPaths: true,
+        }], 'calls nuget plugin');
+});
+
 test('`test monorepo --file=sub-ruby-app/Gemfile`', async (t) => {
   chdirWorkspaces();
   await cli.test('monorepo', {file: 'sub-ruby-app/Gemfile'});
@@ -1034,6 +1098,39 @@ test('`test nuget-app --file=project.json`', async (t) => {
     }], 'calls nuget plugin');
 });
 
+test('`test paket-app --file=paket.dependencies`', async (t) => {
+    chdirWorkspaces();
+    const plugin = {
+        async inspect() {
+            return {package: {}};
+        },
+    };
+    const spyPlugin = sinon.spy(plugin, 'inspect');
+
+    const loadPlugin = sinon.stub(plugins, 'loadPlugin');
+    t.teardown(loadPlugin.restore);
+    loadPlugin
+        .withArgs('paket')
+        .returns(plugin);
+
+    await cli.test('paket-app', {
+        file: 'paket.dependencies',
+    });
+    const req = server.popRequest();
+    t.equal(req.method, 'POST', 'makes POST request');
+    t.match(req.url, '/test-dep-graph', 'posts to correct url');
+    t.equal(req.body.depGraph.pkgManager.name, 'paket');
+    t.same(spyPlugin.getCall(0).args,
+        ['paket-app', 'paket.dependencies', {
+            args: null,
+            file: 'paket.dependencies',
+            org: null,
+            packageManager: 'paket',
+            path: 'paket-app',
+            showVulnPaths: true,
+        }], 'calls nuget plugin');
+});
+
 test('`test golang-app --file=Gopkg.lock`', async (t) => {
   chdirWorkspaces();
   const plugin = {

diff --git a/test/acceptance/workspaces/paket-app/paket.dependencies b/test/acceptance/workspaces/paket-app/paket.dependencies
@@ -0,0 +1,15 @@
+redirects: on
+source https://nuget.org/api/v2
+
+nuget FSharp.Core
+nuget FSharp.Formatting
+nuget FAKE
+nuget SourceLink.Fake
+
+nuget Argu
+nuget Exira.ErrorHandling
+nuget Microsoft.Owin.Host.HttpListener
+nuget Microsoft.Owin.Hosting
+nuget Microsoft.Owin.StaticFiles
+
+github fsharp/FAKE modules/Octokit/Octokit.fsx
diff --git a/test/acceptance/workspaces/paket-obj-app/obj/project.assets.json b/test/acceptance/workspaces/paket-obj-app/obj/project.assets.json
@@ -0,0 +1,21 @@
+{
+    "version": 3,
+    "targets": {
+        "Microsoft.NETCore.App/2.0.0": {
+            "Knockout.Validation/1.0.1": {
+                "dependencies": {
+                    "knockoutjs": "2.3.0",
+                    "jQuery": "1.10.2"
+                }
+            }
+        }
+    },
+    "libraries": {
+        "knockoutjs/2.3.0": {},
+        "Knockout.Validation/1.0.1": {},
+        "jQuery/1.10.2": {}
+    },
+    "project": {
+        "version": "2.2.2"
+    }
+}
diff --git a/test/acceptance/workspaces/paket-obj-app/paket.dependencies b/test/acceptance/workspaces/paket-obj-app/paket.dependencies
@@ -0,0 +1,15 @@
+redirects: on
+source https://nuget.org/api/v2
+
+nuget FSharp.Core
+nuget FSharp.Formatting
+nuget FAKE
+nuget SourceLink.Fake
+
+nuget Argu
+nuget Exira.ErrorHandling
+nuget Microsoft.Owin.Host.HttpListener
+nuget Microsoft.Owin.Hosting
+nuget Microsoft.Owin.StaticFiles
+
+github fsharp/FAKE modules/Octokit/Octokit.fsx