Fix NuGet packages.lock.json parsing for Project and CentralTransitive types#5107
Open
marcoberger wants to merge 1 commit into
Open
Conversation
Support NuGet packages.lock.json files with Project and CentralTransitive dependency entries. * Skip Project entries because they are project references, not NuGet package dependencies. * Treat CentralTransitive entries as transitive package dependencies. This prevents parsing from aborting for lockfiles generated by projects using project references and Central Package Management. Signed-off-by: Marco Berger <marco@biberei.de>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This fixes parsing of NuGet
packages.lock.jsonfiles that contain dependencyentries with the
ProjectorCentralTransitivetype.NuGet lockfiles can contain these dependency types in addition to
DirectandTransitive. Before this change, the parser raised an exception for any typeother than
DirectorTransitive, which caused parsing to abort and preventedpackages from being reported.
The updated behavior is:
Directentries are reported as direct dependencies.Transitiveentries are reported as transitive dependencies.CentralTransitiveentries are reported as transitive dependencies.Projectentries are skipped because they are project references, not NuGetpackage dependencies.
Tests
Added a unit test covering a NuGet
packages.lock.jsonfile withDirect,Transitive,CentralTransitive, andProjectentries.Fixes #5106
Tasks
Run tests locally to check for errors.