diff --git a/eng/install-scancode.sh b/eng/install-scancode.sh index 9b705f624..cec368af9 100755 --- a/eng/install-scancode.sh +++ b/eng/install-scancode.sh @@ -2,12 +2,15 @@ set -euo pipefail -# https://scancode-toolkit.readthedocs.io/en/latest/getting-started/install.html#installation-as-a-library-via-pip +# Install instructions: https://scancode-toolkit.readthedocs.io/en/latest/getting-started/install.html#installation-as-a-library-via-pip + +# See latest release at https://github.com/nexB/scancode-toolkit/releases +SCANCODE_VERSION="32.0.8" pyEnvPath="/tmp/scancode-env" python3 -m venv $pyEnvPath source $pyEnvPath/bin/activate -pip install scancode-toolkit +pip install scancode-toolkit==$SCANCODE_VERSION deactivate # Setup a script which executes scancode in the virtual environment diff --git a/src/SourceBuild/content/eng/tools/tasks/Microsoft.DotNet.SourceBuild.Tasks.LeakDetection/CheckForPoison.cs b/src/SourceBuild/content/eng/tools/tasks/Microsoft.DotNet.SourceBuild.Tasks.LeakDetection/CheckForPoison.cs index cf16890ce..dab29fae4 100644 --- a/src/SourceBuild/content/eng/tools/tasks/Microsoft.DotNet.SourceBuild.Tasks.LeakDetection/CheckForPoison.cs +++ b/src/SourceBuild/content/eng/tools/tasks/Microsoft.DotNet.SourceBuild.Tasks.LeakDetection/CheckForPoison.cs @@ -152,8 +152,6 @@ namespace Microsoft.DotNet.SourceBuild.Tasks.LeakDetection private const string SbrpAttributeType = "System.Reflection.AssemblyMetadataAttribute"; - private const string SbrpAttributeValuePattern = "source\\s?source\\-build\\-reference\\-packages"; - private record CandidateFileEntry(string ExtractedPath, string DisplayPath); public override bool Execute() @@ -370,11 +368,17 @@ namespace Microsoft.DotNet.SourceBuild.Tasks.LeakDetection if (attributeType == SbrpAttributeType) { - BlobReader blobReader = reader.GetBlobReader(attr.Value); - string attributeValue = Encoding.UTF8.GetString(blobReader.ReadBytes(blobReader.Length)); - attributeValue = Regex.Replace(attributeValue, @"\p{C}+", string.Empty); - return Regex.IsMatch(attributeValue, SbrpAttributeValuePattern); + var decodedValue = attr.DecodeValue(DummyAttributeTypeProvider.Instance); + try + { + return decodedValue.FixedArguments[0].Value.ToString() == "source" && decodedValue.FixedArguments[1].Value.ToString() == "source-build-reference-packages"; + } + catch + { + throw new InvalidOperationException($"{SbrpAttributeType} is not formatted properly with a key, value pair."); + } } + return false; } diff --git a/src/SourceBuild/content/eng/tools/tasks/Microsoft.DotNet.SourceBuild.Tasks.LeakDetection/DummyAttributeTypeProvider.cs b/src/SourceBuild/content/eng/tools/tasks/Microsoft.DotNet.SourceBuild.Tasks.LeakDetection/DummyAttributeTypeProvider.cs new file mode 100644 index 000000000..6f352c88b --- /dev/null +++ b/src/SourceBuild/content/eng/tools/tasks/Microsoft.DotNet.SourceBuild.Tasks.LeakDetection/DummyAttributeTypeProvider.cs @@ -0,0 +1,34 @@ +// Licensed to the .NET Foundation under one or more agreements. +// The .NET Foundation licenses this file to you under the MIT license. +// See the LICENSE file in the project root for more information. + +using System; +using System.Reflection; +using System.Reflection.Metadata; +using System.Reflection.Metadata.Ecma335; + +namespace Microsoft.DotNet.SourceBuild.Tasks.LeakDetection +{ + + // An empty ICustomAttributeTypeProvider implementation is necessary to read metadata attribute values. + internal class DummyAttributeTypeProvider : ICustomAttributeTypeProvider + { + public static readonly DummyAttributeTypeProvider Instance = new(); + + public Type GetPrimitiveType(PrimitiveTypeCode typeCode) => default(Type); + + public Type GetSystemType() => default(Type); + + public Type GetSZArrayType(Type elementType) => default(Type); + + public Type GetTypeFromDefinition(MetadataReader reader, TypeDefinitionHandle handle, byte rawTypeKind) => default(Type); + + public Type GetTypeFromReference(MetadataReader reader, TypeReferenceHandle handle, byte rawTypeKind) => default(Type); + + public Type GetTypeFromSerializedName(string name) => default(Type); + + public PrimitiveTypeCode GetUnderlyingEnumType(Type type) => default(PrimitiveTypeCode); + + public bool IsSystemType(Type type) => default(bool); + } +} diff --git a/src/SourceBuild/content/test/Microsoft.DotNet.SourceBuild.SmokeTests/assets/baselines/PoisonUsage.txt b/src/SourceBuild/content/test/Microsoft.DotNet.SourceBuild.SmokeTests/assets/baselines/PoisonUsage.txt index fee5ec5e8..f1ab9ecc1 100644 --- a/src/SourceBuild/content/test/Microsoft.DotNet.SourceBuild.SmokeTests/assets/baselines/PoisonUsage.txt +++ b/src/SourceBuild/content/test/Microsoft.DotNet.SourceBuild.SmokeTests/assets/baselines/PoisonUsage.txt @@ -1,14 +1 @@ - - - SourceBuildReferenceAssembly - - - SourceBuildReferenceAssembly - - - SourceBuildReferenceAssembly - - - SourceBuildReferenceAssembly - - \ No newline at end of file + \ No newline at end of file diff --git a/src/SourceBuild/content/test/Microsoft.DotNet.SourceBuild.SmokeTests/assets/online.NuGet.Config b/src/SourceBuild/content/test/Microsoft.DotNet.SourceBuild.SmokeTests/assets/online.NuGet.Config index df3141020..24f2726d4 100644 --- a/src/SourceBuild/content/test/Microsoft.DotNet.SourceBuild.SmokeTests/assets/online.NuGet.Config +++ b/src/SourceBuild/content/test/Microsoft.DotNet.SourceBuild.SmokeTests/assets/online.NuGet.Config @@ -5,5 +5,6 @@ +