Merge pull request #4 from ncino/feature/NV-9899

Feature/NV-9899 - Security Assessment - Vulnerable third-party dependencies (.NET)

Author: coltonthompsonlba

.gitignore

@@ -1,3 +1,4 @@
+src/.idea/
 src/.vs/
 temp/
 src2/
@@ -13,3 +14,4 @@ bin
 obj
 
 src/Ormico.DbPatchManager.CLI/deb/
+src/Ormico.DbPatchManager.CLI/Properties/launchSettings.json

src/Ormico.DbPatchManager.CLI/Ormico.DbPatchManager.CLI.csproj

@@ -1,16 +1,19 @@
-<Project Sdk="Microsoft.NET.Sdk">
+<Project Sdk="Microsoft.NET.Sdk">
 
   <PropertyGroup>
     <OutputType>Exe</OutputType>
-    <TargetFramework>net6.0</TargetFramework>
-    <GeneratePackageOnBuild>false</GeneratePackageOnBuild>
+    <TargetFramework>net8.0</TargetFramework>
+    <!--<GeneratePackageOnBuild>false</GeneratePackageOnBuild>-->
     <PackageRequireLicenseAcceptance>true</PackageRequireLicenseAcceptance>
     <PackageLicenseFile>LICENSE</PackageLicenseFile>
-    <RepositoryUrl>https://github.com/ormico/dbpatchmanager</RepositoryUrl>
+	<PackAsTool>true</PackAsTool>
+    <RepositoryUrl>https://github.com/ncino/dbpatchmanager</RepositoryUrl>
     <Copyright>Copyright (c) 2020 Zack Moore</Copyright>
     <Authors>Zack Moore</Authors>
     <Company>Ormico</Company>
     <Product>Ormico DB Patch Manager CLI</Product>
+	<PackageAsTool>true</PackageAsTool>
+	<ToolCommandName>dbpatch</ToolCommandName>
     <AssemblyName>dbpatch</AssemblyName>
     <PackageId>Ormico.DbPatchManager.CLI</PackageId>
     <PackageProjectUrl>https://dbpatch.dev/</PackageProjectUrl>
@@ -44,7 +47,7 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="CommandLineParser" Version="2.8.0" />
+    <PackageReference Include="CommandLineParser" Version="2.9.1" />
   </ItemGroup>
 
   <ItemGroup>

src/Ormico.DbPatchManager.CLI/Program.cs

@@ -1,5 +1,6 @@
 using System;
 using CommandLine;
+using Newtonsoft.Json;
 using Ormico.DbPatchManager.Logic;
 using Ormico.DbPatchManager.CLI.CommandLineOptions;
 
@@ -12,14 +13,24 @@ static int Main(string[] args)
             int rc = 0;
             try
             {
-                rc = CommandLine.Parser.Default.ParseArguments(args, typeof(InitCmdLineOptions), typeof(AddPatchCmdLineOptions), typeof(BuildCmdLineOptions))
+                rc = CommandLine.Parser.Default.ParseArguments(args, typeof(InitCmdLineOptions),
+                        typeof(AddPatchCmdLineOptions), typeof(BuildCmdLineOptions))
                     .MapResult(
                         (InitCmdLineOptions o) => InitBuildSettings(o),
                         (AddPatchCmdLineOptions o) => AddPatch(o),
                         (BuildCmdLineOptions o) => Build(o),
                         err => 1
                     );
             }
+            catch (JsonException jsonException)
+            {
+                Console.WriteLine("{0}", jsonException.Message);
+                Console.WriteLine("{0}", jsonException.StackTrace);
+                if (jsonException.InnerException != null)
+                {
+                    Console.WriteLine("{0}", jsonException.InnerException.Message);
+                }
+            }
             catch (Exception ex)
             {
                 Console.WriteLine($"{ex.Message}");
@@ -54,19 +65,29 @@ static int InitBuildSettings(InitCmdLineOptions options)
         static int AddPatch(AddPatchCmdLineOptions options)
         {
             int rc = 0;
+            var startTime = DateTimeOffset.Now;
+            Console.WriteLine("{0:O} - Database Add Patch Started", startTime);
             PatchManager manager = new PatchManager(_patchFileName, _patchLocalFileName);
             //todo: pass all settings
             manager.AddPatch(options.Name, new PatchOptions()
             {
             });
+            var endTime = DateTimeOffset.Now;
+            Console.WriteLine("{0:O} - Database Add Patch Completed", endTime);
+            Console.WriteLine("{0:g} - Add Patch Time", endTime.Subtract(startTime));
             return rc;
         }
 
         static int Build(BuildCmdLineOptions options)
         {
             int rc = 0;
+            var startTime = DateTimeOffset.Now;
+            Console.WriteLine("{0:O} - Database Build Started", startTime);
             PatchManager manager = new PatchManager(_patchFileName, _patchLocalFileName);
             manager.Build();
+            var endTime = DateTimeOffset.Now;
+            Console.WriteLine("{0:O} - Database Build Completed", endTime);
+            Console.WriteLine("{0:g} - Build Time", endTime.Subtract(startTime));
             return rc;
         }
     }

src/Ormico.DbPatchManager.Common/Ormico.DbPatchManager.Common.csproj

@@ -1,7 +1,6 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
   <PropertyGroup>
-    <TargetFramework>netstandard2.0</TargetFramework>
     <RepositoryUrl>https://github.com/ormico/dbpatchmanager</RepositoryUrl>
     <PackageLicenseFile>LICENSE</PackageLicenseFile>
     <Authors>Zack Moore</Authors>
@@ -14,6 +13,7 @@
     <Copyright>Copyright (c) 2020 Zack Moore</Copyright>
     <PackageProjectUrl>https://dbpatch.dev/</PackageProjectUrl>
     <Version>2.1.2</Version>
+    <TargetFrameworks>net8.0;netstandard2.1</TargetFrameworks>
   </PropertyGroup>
 
   <ItemGroup>
@@ -27,4 +27,8 @@
     </None>
   </ItemGroup>
 
+  <ItemGroup>
+    <PackageReference Include="Newtonsoft.Json" Version="13.0.2" />
+  </ItemGroup>
+
 </Project>

src/Ormico.DbPatchManager.Common/PatchFileModel.cs

@@ -0,0 +1,70 @@
+using System.Collections.Generic;
+using System.Globalization;
+using System.Linq;
+using Newtonsoft.Json;
+using Newtonsoft.Json.Converters;
+
+namespace Ormico.DbPatchManager.Common
+{
+    public partial class PatchFile
+    {
+        [JsonProperty("DatabaseType")] public string DatabaseType { get; set; }
+
+        [JsonProperty("ConnectionString")] public string ConnectionString { get; set; }
+
+        [JsonProperty("CodeFolder")] public string CodeFolder { get; set; }
+
+        [JsonProperty("CodeFiles")] public List<string> CodeFiles { get; set; }
+
+        [JsonProperty("PatchFolder")] public string PatchFolder { get; set; }
+
+        [JsonProperty("Options")] public Dictionary<string, string> Options { get; set; }
+
+        [JsonProperty("patches")] public List<PatchFromFile> Patches { get; set; }
+
+        public PatchFile()
+        {
+            Patches = new List<PatchFromFile>();
+            Options = new Dictionary<string, string>();
+            CodeFiles = new List<string>();
+        }
+    }
+
+    public partial class PatchFromFile
+    {
+        [JsonProperty("id")] public string Id { get; set; }
+
+        [JsonProperty("dependsOn")] public List<string> DependsOn { get; set; }
+
+        public PatchFromFile()
+        {
+            DependsOn = new List<string>();
+        }
+    }
+
+    public partial class PatchFile
+    {
+        public static PatchFile FromJson(string json) =>
+            JsonConvert.DeserializeObject<PatchFile>(json, PatchFileConverter.Settings);
+    }
+
+    public static class PatchFileSerializer
+    {
+        public static string ToJson(this PatchFile self) =>
+            JsonConvert.SerializeObject(self, PatchFileConverter.Settings);
+    }
+
+    internal static class PatchFileConverter
+    {
+        public static readonly JsonSerializerSettings Settings = new JsonSerializerSettings
+        {
+            MetadataPropertyHandling = MetadataPropertyHandling.Ignore,
+            DateParseHandling = DateParseHandling.None,
+            Converters =
+            {
+                new IsoDateTimeConverter { DateTimeStyles = DateTimeStyles.AssumeUniversal }
+            },
+            Formatting = Formatting.Indented
+        };
+    }
+}