feat: adding -p:RestoreLockedMode=true argument (#206)

* feat: adding -p:RestoreLockedMode=true argument --------- Co-authored-by: Kaspar Lyngsie <kaspar.moss@snyk.io>
snyk · Jun 5, 2024 · b262389 · b262389
1 parent 4272587
commit b262389
Show file tree

Hide file tree

Showing 2 changed files with 70 additions and 0 deletions.
diff --git a/lib/nuget-parser/cli/dotnet.ts b/lib/nuget-parser/cli/dotnet.ts
@@ -113,6 +113,10 @@ export async function publish(
  args.push(targetFramework);
  }
 
+ // See https://devblogs.microsoft.com/nuget/enable-repeatable-package-restores-using-a-lock-file/
+ // Forces the usage of the lockfile for PackageReference packages to ensure that the locked versions are published
+ args.push('-p:RestoreLockedMode=true');
+
  // Define a temporary output dir to use for detecting .dlls to use for runtime version assembly detection.
  const tempDir = fs.mkdtempSync(
  path.join(os.tmpdir(), `snyk-nuget-plugin-publish-csharp-`),

diff --git a/test/cli/dotnet.spec.ts b/test/cli/dotnet.spec.ts
@@ -98,6 +98,72 @@ class TestFixture {
  expect(contents).toContain('dotnet_6_and_7.deps.json');
  });
 
+ it('publishes correctly when a .NET project includes a lockfile', async () => {
+ const fixtures: types.DotNetFile[] = [
+ {
+ name: 'program.cs',
+ contents: `
+using System;
+class TestFixture {
+ static public void Main(String[] args)
+ {
+ var client = new System.Net.Http.HttpClient();
+ Console.WriteLine("Hello, World!");
+ }
+}
+`,
+ },
+ {
+ name: 'testproject.csproj',
+ contents: `
+ <Project Sdk="Microsoft.NET.Sdk">
+
+ <PropertyGroup>
+ <OutputType>Exe</OutputType>
+ <TargetFramework>net7.0</TargetFramework>
+ <RestorePackagesWithLockFile>true</RestorePackagesWithLockFile>
+ <RuntimeIdentifiers>linux-x64;win-x64</RuntimeIdentifiers>
+ </PropertyGroup>
+ 
+ <ItemGroup>
+ <PackageReference Include="Newtonsoft.Json" Version="12.*" />
+ </ItemGroup>
+ 
+ </Project>
+ `,
+ },
+ {
+ name: 'packages.lock.json',
+ contents: `
+ {
+ "version": 1,
+ "dependencies": {
+ "net7.0": {
+ "Newtonsoft.Json": {
+ "type": "Direct",
+ "requested": "[12.*, )",
+ "resolved": "12.0.3",
+ "contentHash": "6mgjfnRB4jKMlzHSl+VD+oUc1IebOZabkbyWj2RiTgWwYPPuaK1H97G1sHqGwPlS5npiF5Q0OrxN1wni2n5QWg=="
+ }
+ },
+ "net7.0/linux-x64": {},
+ "net7.0/win-x64": {}
+ }
+ }
+`,
+ },
+ ];
+ projectDirs['publishWithLockfile'] = codeGenerator.generate(
+ 'fixtures',
+ fixtures,
+ );
+
+ const publishDir = await dotnet.publish(projectDirs['publishWithLockfile']);
+
+ const contents = fs.readdirSync(publishDir);
+ expect(contents).toContain('testproject.deps.json');
+ });
+
  it.each([
  {
  shortName: 'net6.0',