342 次浏览

获取项目中全部 NuGet 包以及对应的 License

我们在日常 .NET Core 项目开发的过程中,经常需要获得整个解决方案中所有项目所引用的 NuGet 包的列表、对应的 License,甚至有时候出于法律的考量,我们需要检查 NuGet 包中所有递归引用的内部包的 License。

如果我们手动进行检查,工作量是巨大的,因此我编写了一个 PowerShell 脚本,来自动化完成这个工作。

基本原理

首先,基于 dotnet 命令自带的 list package 方法,及 –include-transitive 参数,来获取全部包引用的列表。
随后,通过 WebClient 下载对应的 License 文件。

使用方法

将 .ps1 文件放置到项目解决方案文件 (.sln) 所在位置并运行即可。

*

In the process of daily .NET Core project development, we often need to obtain a list of NuGet packages referenced by all projects in the solution, corresponding licenses, and sometimes for legal considerations, we need to check all licenses of recursion internal packages in each directly referenced NuGet packages.

If we check it manually, the workload is huge, so I wrote a PowerShell script to automate this task.

Fundamental

It’s based on the list package method that comes with the dotnet command, and the –include-transitive parameter, to obtain a list of all package references. And then, download the corresponding license file through WebClient.

Instructions

Place the .ps1 file in the location of the project solution file (.sln) and run it.

*

# Place the file to .sln folder, and run

dotnet list package --include-transitive > NuGetPackageList.txt

mkdir ".\licenses" > nul 2> nul
echo "Package ID,Package Version,Package Spec URL,License URL" > LicenseList.csv

Select-String "(>)\s+(\S+)\s+(\S+)\s+(\S+)*" NuGetPackageList.txt  |  Select @{Name="Id"; Expression = {$_.Matches.Groups[2]}}, @{Name="Version"; Expression = {$_.Matches.Groups[3]}}  |  Sort-Object -Property @{Expression="Id"; Descending=$false}, @{Expression="Version"; Descending=$false} -unique | % {

    $packageId = $_.Id;
    $packageIdLowerCase = $packageId.ToString().ToLower();
    $packageVersion = $_.Version;
    $packageSpecUrl = "https://api.nuget.org/v3-flatcontainer/$packageIdLowerCase/$packageVersion/$packageIdLowerCase.nuspec"

    Write-Host
    Write-Host("o> $packageId")
    Write-Host("  $packageVersion`n  $packageSpecUrl") -ForegroundColor Green 

    Try {  
        # Refer to https://docs.microsoft.com/en-us/nuget/api/package-base-address-resource#download-package-manifest-nuspec
        [xml]$packageSpec = (New-Object System.Net.WebClient).DownloadString($packageSpecUrl);
        $packageLicenseUrl = $packageSpec.package.metadata.licenseUrl;

        Write-Host("  $packageLicenseUrl") -ForegroundColor Green 
        echo "$packageId,$packageVersion,$packageSpecUrl,$packageLicenseUrl" >> LicenseList.csv
        
        Try {
            $filePath = (Join-Path (pwd) 'licenses\') + "$packageId.$packageVersion.txt";
            (New-Object System.Net.WebClient).DownloadFile($packageLicenseUrl, $filePath);
        }
        Catch [system.exception] {
            # Write-Host ($error[0].Exception);
            Write-Host ("!!> Could not download license file for $packageId $packageVersion") -ForegroundColor DarkMagenta
        }
    }
    Catch [system.exception] {
        # Write-Host ($error[0].Exception);
        Write-Host ("!!> Could not read license for $packageId $packageVersion") -ForegroundColor Red
        echo "$packageId,$packageVersion,$packageSpecUrl,(none)" >> LicenseList.csv
    }

}

About nista

THERE IS NO FATE BUT WHAT WE MAKE.

发表回复

您的电子邮箱地址不会被公开。 必填项已用 * 标注