fix: fixed reading wrong deps.json file

snyk / snyk-nuget-plugin

Basic Snyk CLI plugin for .NET support.

Other

5 stars 14 forks source link

fix: fixed reading wrong deps.json file #216

Closed 37IulianPopovici closed 1 month ago

37IulianPopovici commented 1 month ago

In some cases of nested projects, if a subproject references a local one higher in path, dotnet publish will generate .deps.json files for both projects. The actual logic finds and uses the first .deps.json file found, even though it is not for the scanned project. This PR fixes that bug.

Attached bellow an example of a .bin folder for the SecondaryProj, generated by dotnet publish were the bug can be visualised

snyksec commented 1 month ago

:tada: This issue has been resolved in version 2.7.4 :tada:

The release is available on:

npm package (@latest dist-tag)
GitHub release

Your semantic-release bot :package::rocket: