afan
/
gitea
Прати 1
Волим 0
Креирај огранак 0
Код Дискусије 0 Захтеви за спајање 0 Издања 0 Вики Activity
gitea源码
3 Комити
2 Гране
Грана: master
Гране Ознаке
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
gitea/modules/packages/nuget/metadata.go

metadata.go 8.6KB
Пермалинк Историја Датотека

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277 
  1. // Copyright 2021 The Gitea Authors. All rights reserved.

  2. // SPDX-License-Identifier: MIT

  3. 

  4. package nuget

  5. 

  6. import (

  7. 	"archive/zip"

  8. 	"bytes"

  9. 	"encoding/xml"

  10. 	"fmt"

  11. 	"io"

  12. 	"path/filepath"

  13. 	"regexp"

  14. 	"strings"

  15. 

  16. 	"code.gitea.io/gitea/modules/util"

  17. 	"code.gitea.io/gitea/modules/validation"

  18. 

  19. 	"github.com/hashicorp/go-version"

  20. )

  21. 

  22. var (

  23. 	// ErrMissingNuspecFile indicates a missing Nuspec file

  24. 	ErrMissingNuspecFile = util.NewInvalidArgumentErrorf("Nuspec file is missing")

  25. 	// ErrNuspecFileTooLarge indicates a Nuspec file which is too large

  26. 	ErrNuspecFileTooLarge = util.NewInvalidArgumentErrorf("Nuspec file is too large")

  27. 	// ErrNuspecInvalidID indicates an invalid id in the Nuspec file

  28. 	ErrNuspecInvalidID = util.NewInvalidArgumentErrorf("Nuspec file contains an invalid id")

  29. 	// ErrNuspecInvalidVersion indicates an invalid version in the Nuspec file

  30. 	ErrNuspecInvalidVersion = util.NewInvalidArgumentErrorf("Nuspec file contains an invalid version")

  31. )

  32. 

  33. // PackageType specifies the package type the metadata describes

  34. type PackageType int

  35. 

  36. const (

  37. 	// DependencyPackage represents a package (*.nupkg)

  38. 	DependencyPackage PackageType = iota + 1

  39. 	// SymbolsPackage represents a symbol package (*.snupkg)

  40. 	SymbolsPackage

  41. 

  42. 	PropertySymbolID = "nuget.symbol.id"

  43. )

  44. 

  45. var idmatch = regexp.MustCompile(`\A\w+(?:[.-]\w+)*\z`)

  46. 

  47. const maxNuspecFileSize = 3 * 1024 * 1024

  48. 

  49. // Package represents a Nuget package

  50. type Package struct {

  51. 	PackageType   PackageType

  52. 	ID            string

  53. 	Version       string

  54. 	Metadata      *Metadata

  55. 	NuspecContent *bytes.Buffer

  56. }

  57. 

  58. // Metadata represents the metadata of a Nuget package

  59. type Metadata struct {

  60. 	Authors                  string `json:"authors,omitempty"`

  61. 	Copyright                string `json:"copyright,omitempty"`

  62. 	Description              string `json:"description,omitempty"`

  63. 	DevelopmentDependency    bool   `json:"development_dependency,omitempty"`

  64. 	IconURL                  string `json:"icon_url,omitempty"`

  65. 	Language                 string `json:"language,omitempty"`

  66. 	LicenseURL               string `json:"license_url,omitempty"`

  67. 	MinClientVersion         string `json:"min_client_version,omitempty"`

  68. 	Owners                   string `json:"owners,omitempty"`

  69. 	ProjectURL               string `json:"project_url,omitempty"`

  70. 	Readme                   string `json:"readme,omitempty"`

  71. 	ReleaseNotes             string `json:"release_notes,omitempty"`

  72. 	RepositoryURL            string `json:"repository_url,omitempty"`

  73. 	RequireLicenseAcceptance bool   `json:"require_license_acceptance"`

  74. 	Summary                  string `json:"summary,omitempty"`

  75. 	Tags                     string `json:"tags,omitempty"`

  76. 	Title                    string `json:"title,omitempty"`

  77. 

  78. 	Dependencies map[string][]Dependency `json:"dependencies,omitempty"`

  79. }

  80. 

  81. // Dependency represents a dependency of a Nuget package

  82. type Dependency struct {

  83. 	ID      string `json:"id"`

  84. 	Version string `json:"version"`

  85. }

  86. 

  87. // https://learn.microsoft.com/en-us/nuget/reference/nuspec

  88. // https://github.com/NuGet/NuGet.Client/blob/dev/src/NuGet.Core/NuGet.Packaging/compiler/resources/nuspec.xsd

  89. type nuspecPackage struct {

  90. 	Metadata struct {

  91. 		// required fields

  92. 		Authors     string `xml:"authors"`

  93. 		Description string `xml:"description"`

  94. 		ID          string `xml:"id"`

  95. 		Version     string `xml:"version"`

  96. 

  97. 		// optional fields

  98. 		Copyright                string `xml:"copyright"`

  99. 		DevelopmentDependency    bool   `xml:"developmentDependency"`

  100. 		IconURL                  string `xml:"iconUrl"`

  101. 		Language                 string `xml:"language"`

  102. 		LicenseURL               string `xml:"licenseUrl"`

  103. 		MinClientVersion         string `xml:"minClientVersion,attr"`

  104. 		Owners                   string `xml:"owners"`

  105. 		ProjectURL               string `xml:"projectUrl"`

  106. 		Readme                   string `xml:"readme"`

  107. 		ReleaseNotes             string `xml:"releaseNotes"`

  108. 		RequireLicenseAcceptance bool   `xml:"requireLicenseAcceptance"`

  109. 		Summary                  string `xml:"summary"`

  110. 		Tags                     string `xml:"tags"`

  111. 		Title                    string `xml:"title"`

  112. 

  113. 		Dependencies struct {

  114. 			Dependency []struct {

  115. 				ID      string `xml:"id,attr"`

  116. 				Version string `xml:"version,attr"`

  117. 				Exclude string `xml:"exclude,attr"`

  118. 			} `xml:"dependency"`

  119. 			Group []struct {

  120. 				TargetFramework string `xml:"targetFramework,attr"`

  121. 				Dependency      []struct {

  122. 					ID      string `xml:"id,attr"`

  123. 					Version string `xml:"version,attr"`

  124. 					Exclude string `xml:"exclude,attr"`

  125. 				} `xml:"dependency"`

  126. 			} `xml:"group"`

  127. 		} `xml:"dependencies"`

  128. 		PackageTypes struct {

  129. 			PackageType []struct {

  130. 				Name string `xml:"name,attr"`

  131. 			} `xml:"packageType"`

  132. 		} `xml:"packageTypes"`

  133. 		Repository struct {

  134. 			URL string `xml:"url,attr"`

  135. 		} `xml:"repository"`

  136. 	} `xml:"metadata"`

  137. }

  138. 

  139. // ParsePackageMetaData parses the metadata of a Nuget package file

  140. func ParsePackageMetaData(r io.ReaderAt, size int64) (*Package, error) {

  141. 	archive, err := zip.NewReader(r, size)

  142. 	if err != nil {

  143. 		return nil, err

  144. 	}

  145. 

  146. 	for _, file := range archive.File {

  147. 		if filepath.Dir(file.Name) != "." {

  148. 			continue

  149. 		}

  150. 		if strings.HasSuffix(strings.ToLower(file.Name), ".nuspec") {

  151. 			if file.UncompressedSize64 > maxNuspecFileSize {

  152. 				return nil, ErrNuspecFileTooLarge

  153. 			}

  154. 			f, err := archive.Open(file.Name)

  155. 			if err != nil {

  156. 				return nil, err

  157. 			}

  158. 			defer f.Close()

  159. 

  160. 			return ParseNuspecMetaData(archive, f)

  161. 		}

  162. 	}

  163. 	return nil, ErrMissingNuspecFile

  164. }

  165. 

  166. // ParseNuspecMetaData parses a Nuspec file to retrieve the metadata of a Nuget package

  167. func ParseNuspecMetaData(archive *zip.Reader, r io.Reader) (*Package, error) {

  168. 	var nuspecBuf bytes.Buffer

  169. 	var p nuspecPackage

  170. 	if err := xml.NewDecoder(io.TeeReader(r, &nuspecBuf)).Decode(&p); err != nil {

  171. 		return nil, err

  172. 	}

  173. 

  174. 	if !idmatch.MatchString(p.Metadata.ID) {

  175. 		return nil, ErrNuspecInvalidID

  176. 	}

  177. 

  178. 	v, err := version.NewSemver(p.Metadata.Version)

  179. 	if err != nil {

  180. 		return nil, ErrNuspecInvalidVersion

  181. 	}

  182. 

  183. 	if !validation.IsValidURL(p.Metadata.ProjectURL) {

  184. 		p.Metadata.ProjectURL = ""

  185. 	}

  186. 

  187. 	packageType := DependencyPackage

  188. 	for _, pt := range p.Metadata.PackageTypes.PackageType {

  189. 		if pt.Name == "SymbolsPackage" {

  190. 			packageType = SymbolsPackage

  191. 			break

  192. 		}

  193. 	}

  194. 

  195. 	m := &Metadata{

  196. 		Authors:                  p.Metadata.Authors,

  197. 		Copyright:                p.Metadata.Copyright,

  198. 		Description:              p.Metadata.Description,

  199. 		DevelopmentDependency:    p.Metadata.DevelopmentDependency,

  200. 		IconURL:                  p.Metadata.IconURL,

  201. 		Language:                 p.Metadata.Language,

  202. 		LicenseURL:               p.Metadata.LicenseURL,

  203. 		MinClientVersion:         p.Metadata.MinClientVersion,

  204. 		Owners:                   p.Metadata.Owners,

  205. 		ProjectURL:               p.Metadata.ProjectURL,

  206. 		ReleaseNotes:             p.Metadata.ReleaseNotes,

  207. 		RepositoryURL:            p.Metadata.Repository.URL,

  208. 		RequireLicenseAcceptance: p.Metadata.RequireLicenseAcceptance,

  209. 		Summary:                  p.Metadata.Summary,

  210. 		Tags:                     p.Metadata.Tags,

  211. 		Title:                    p.Metadata.Title,

  212. 

  213. 		Dependencies: make(map[string][]Dependency),

  214. 	}

  215. 

  216. 	if p.Metadata.Readme != "" {

  217. 		f, err := archive.Open(p.Metadata.Readme)

  218. 		if err == nil {

  219. 			buf, _ := io.ReadAll(f)

  220. 			m.Readme = string(buf)

  221. 			_ = f.Close()

  222. 		}

  223. 	}

  224. 

  225. 	if len(p.Metadata.Dependencies.Dependency) > 0 {

  226. 		deps := make([]Dependency, 0, len(p.Metadata.Dependencies.Dependency))

  227. 		for _, dep := range p.Metadata.Dependencies.Dependency {

  228. 			if dep.ID == "" || dep.Version == "" {

  229. 				continue

  230. 			}

  231. 			deps = append(deps, Dependency{

  232. 				ID:      dep.ID,

  233. 				Version: dep.Version,

  234. 			})

  235. 		}

  236. 		m.Dependencies[""] = deps

  237. 	}

  238. 	for _, group := range p.Metadata.Dependencies.Group {

  239. 		deps := make([]Dependency, 0, len(group.Dependency))

  240. 		for _, dep := range group.Dependency {

  241. 			if dep.ID == "" || dep.Version == "" {

  242. 				continue

  243. 			}

  244. 			deps = append(deps, Dependency{

  245. 				ID:      dep.ID,

  246. 				Version: dep.Version,

  247. 			})

  248. 		}

  249. 		if len(deps) > 0 {

  250. 			m.Dependencies[group.TargetFramework] = deps

  251. 		}

  252. 	}

  253. 	return &Package{

  254. 		PackageType:   packageType,

  255. 		ID:            p.Metadata.ID,

  256. 		Version:       toNormalizedVersion(v),

  257. 		Metadata:      m,

  258. 		NuspecContent: &nuspecBuf,

  259. 	}, nil

  260. }

  261. 

  262. // https://learn.microsoft.com/en-us/nuget/concepts/package-versioning#normalized-version-numbers

  263. // https://github.com/NuGet/NuGet.Client/blob/dccbd304b11103e08b97abf4cf4bcc1499d9235a/src/NuGet.Core/NuGet.Versioning/VersionFormatter.cs#L121

  264. func toNormalizedVersion(v *version.Version) string {

  265. 	var buf bytes.Buffer

  266. 	segments := v.Segments64()

  267. 	_, _ = fmt.Fprintf(&buf, "%d.%d.%d", segments[0], segments[1], segments[2])

  268. 	if len(segments) > 3 && segments[3] > 0 {

  269. 		_, _ = fmt.Fprintf(&buf, ".%d", segments[3])

  270. 	}

  271. 	pre := v.Prerelease()

  272. 	if pre != "" {

  273. 		_, _ = fmt.Fprint(&buf, "-", pre)

  274. 	}

  275. 	return buf.String()

  276. }