hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 17:25:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

C#: Check that private package registry feeds are reachable

Browse Source
This commit is contained in:
Michael B. Gale
2025-03-24 17:27:22 +00:00
parent 92eab47def
commit 4448369323
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/NugetPackageRestorer.cs
View File

@@ -708,8 +708,13 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
private bool CheckFeeds(out HashSet<string> explicitFeeds)
{
(explicitFeeds, var allFeeds) = GetAllFeeds();
HashSet<string> feedsToCheck = explicitFeeds;
var allFeedsReachable = this.CheckFeeds(explicitFeeds);
// If private package registries are configured for C#, then check those
// in addition to the ones that are configured in `nuget.config` files.
this.dependabotProxy?.RegistryURLs.ForEach(url => feedsToCheck.Add(url));
var allFeedsReachable = this.CheckFeeds(feedsToCheck);
var inheritedFeeds = allFeeds.Except(explicitFeeds).ToHashSet();
if (inheritedFeeds.Count > 0)