corgibytes / freshli-agent-dotnet Goto Github PK
View Code? Open in Web Editor NEWFreshli CLI language agent for .NET
License: GNU Affero General Public License v3.0
Freshli CLI language agent for .NET
License: GNU Affero General Public License v3.0
We should be able to detect and process any of the project file formats that the CycloneDX dotnet tool is able to work with.
Model this after they way the linting is set up for the Freshli-CLI project.
Per the Nuget documentation for versions, a version expression in the form of 1.0
is actually specifying that any version >= 1.0
is valid. That means that we need to update our version pinning logic to treat all version expressions in the form of 1.0
to be [1.0, latest]
which would pin the upper bound of the resolution to be the latest version that was published before (or on) the asOf
date/time.
Version ranges in the form of [1.0, 2.0]
permit the use of pre-release versions. However, that's not typically what people want when considering what the latest version is.
The semantics that we'll implement for version pinning is to only consider a pre-release package to be the latest version if the lower bound of the range is referencing a pre-release version.
Some examples:
Sample.Package
Release HistoryFor the examples below, we'll assume that there's a package named Sample.Package
with the following release history:
1.0.0
1.0.1
1.2.0-alpha
1.2.0-beta
1.2.0
1.3.0-alpha
Assume that a package reference looks like:
<PackageReference Include="Sample.Package" Version="1.0.0" />
In this case, the pinned version range would be set to use the latest version as 1.2.0
. So the pinned expression would be:
<PackageReference Include="Sample.Package" Version="[1.0.0, 1.2.0]" />
Assume that a package reference looks like:
<PackageReference Include="Sample.Package" Version="1.2.0-alpha" />
In this case, the pinned version range would be set to use the latest version as 1.3.0-alpha
. The pinned expression would read:
<PackageReference Include="Sample.Package" Version="[1.2.0-alpha, 1.3.0-alpha]" />
Building on macOS should be enabled in CI, and any issues that are discovered should be fixed.
The .NET agent needs to be packaged into a Dockerfile
.
Use Dependabot to update dependencies in
.config/dotnet-tools.json
*.csproj
Gemfile.lock
It is not uncommon for a package version to be removed from the NuGet repository. We should have a way to detect and mitigate that scenario.
When the versions are not available, then BOM generation is likely to fail.
One possible solution that is worth investigating:
We a language agent (used by the analyze command) for dotnet projects. Similar to the Java one, it should be called freshli-agent-dotnet
freshli-agent-dotnet
validating-package-urls
retrieve-release-history
validating-repositories
detect-manifests
process-manifest
start-server
See also corgibytes/freshli-cli#4
Repositories and provide a Directory.Packages.props
file to specify the version numbers that should be used for dependencies that appear in multiple project files. When such a file is in place, the Version
attribute is omitted from the <PackageReference/>
element in a .csproj
file.
In addition to using the central file to lookup version numbers and ranges that are in use, those entries must be where version ranges are pinned. Attempting to pin the version by adding a Version
attribute causes an error when the CycloneDX dotnet tool attempts to generate the BOM file.
Building on Windows in CI currently fails, and it has been disabled. It should be added back, and any issues preventing it from running should be fixed.
There are a lot of linter violations that need to be cleaned up, and linting needs to be added to the CI process.
Search for solution and project files when detecting manifest files. If a project file is returned as part of the results, then it means that it is not listed in one of the solution files.
This approach is possible because the CycloneDX dotnet tool supports processing solution files.
The agent should provide a shell script (for all platforms) for installing itself. This would be massively useful for including it in the freshli-cli
docker image.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.