DiracSpace/script.ps1

## script.ps1
<#
    Uses the dotnet tool for determining NuGet package
    vulnerabilities inside a project solution by checking all
    available csproj files.
#>
function Find-Vulnerabilities {
    param (
        [Parameter(Mandatory = $false)]
        [string] $FilePath,
        [Parameter(Mandatory = $false)]
        [int] $ThrottleLimit
    )

    if (!$FilePath) {
        $FilePath = (Get-Location).Path
    }

    if (!$ThrottleLimit) {
        $ThrottleLimit = 2
    }

    $csproj = @(
        Get-ChildItem -Path $FilePath -Filter *.csproj -Recurse -File -Name
    )

    if ($csproj.Length -eq 0) {
        Show-Status "No project files found in $projectPath." -isWarning $true
    }

    Show-Status -Message "Available project files found $($csproj.Length)"

    $csproj | ForEach-Object -Parallel {
        <#
            Show-Status isn't available in separate
            script block.
        #>

        $result = $(dotnet list $_ package --vulnerable --include-transitive --format json | ConvertFrom-Json)

        foreach ($project in $result.projects) {
            foreach ($framework in $project.frameworks) {
                foreach ($package in $framework.transitivePackages) {
                    Write-Output "Found vulnerable package in $(Split-Path -Path $project.path -Leaf)!"
                    Write-Output "Package: $($package.id)"
                    Write-Output "Version to Install: $($package.resolvedVersion)"

                    foreach ($vuln in $package.vulnerabilities) {
                        Write-Output "Opening advisory url in browser $($vuln.advisoryurl   )"
                        Start-Process $vuln.advisoryurl
                    }
                }
            }
        }
    } -ThrottleLimit $ThrottleLimit -AsJob | Receive-Job -AutoRemoveJob -Wait
}

Set-Alias -Name checkvuln -Value Find-Vulnerabilities
	<#
	Uses the dotnet tool for determining NuGet package
	vulnerabilities inside a project solution by checking all
	available csproj files.
	#>
	function Find-Vulnerabilities {
	param (
	[Parameter(Mandatory = $false)]
	[string] $FilePath,
	[Parameter(Mandatory = $false)]
	[int] $ThrottleLimit
	)

	if (!$FilePath) {
	$FilePath = (Get-Location).Path
	}

	if (!$ThrottleLimit) {
	$ThrottleLimit = 2
	}

	$csproj = @(
	Get-ChildItem -Path $FilePath -Filter *.csproj -Recurse -File -Name
	)

	if ($csproj.Length -eq 0) {
	Show-Status "No project files found in $projectPath." -isWarning $true
	}

	Show-Status -Message "Available project files found $($csproj.Length)"

	$csproj \| ForEach-Object -Parallel {
	<#
	Show-Status isn't available in separate
	script block.
	#>

	$result = $(dotnet list $_ package --vulnerable --include-transitive --format json \| ConvertFrom-Json)

	foreach ($project in $result.projects) {
	foreach ($framework in $project.frameworks) {
	foreach ($package in $framework.transitivePackages) {
	Write-Output "Found vulnerable package in $(Split-Path -Path $project.path -Leaf)!"
	Write-Output "Package: $($package.id)"
	Write-Output "Version to Install: $($package.resolvedVersion)"

	foreach ($vuln in $package.vulnerabilities) {
	Write-Output "Opening advisory url in browser $($vuln.advisoryurl )"
	Start-Process $vuln.advisoryurl
	}
	}
	}
	}
	} -ThrottleLimit $ThrottleLimit -AsJob \| Receive-Job -AutoRemoveJob -Wait
	}

	Set-Alias -Name checkvuln -Value Find-Vulnerabilities