- Passing
- Failing
- Pending
- Unknown / Exempted
Downloads:
3,354
Downloads of v 2018.12.22:
120
Last Update:
28 Dec 2018
Package Maintainer(s):
Software Author(s):
- Bill Curran
Tags:
bcurran3 cnc choco unofficial nuspec checker
(unofficial) Chocolatey .nuspec Checker (Script)
This is not the latest version of (unofficial) Chocolatey .nuspec Checker (Script) available.
Downloads:
3,354
Downloads of v 2018.12.22:
120
Maintainer(s):
Software Author(s):
- Bill Curran
(unofficial) Chocolatey .nuspec Checker (Script) 2018.12.22
This is not the latest version of (unofficial) Chocolatey .nuspec Checker (Script) available.
All Checks are Passing
2 Passing Test
To install (unofficial) Chocolatey .nuspec Checker (Script), run the following command from the command line or from PowerShell:
>
To upgrade (unofficial) Chocolatey .nuspec Checker (Script), run the following command from the command line or from PowerShell:
>
To uninstall (unofficial) Chocolatey .nuspec Checker (Script), run the following command from the command line or from PowerShell:
>
NOTE: This applies to both open source and commercial editions of Chocolatey.
1. Ensure you are set for organizational deployment
Please see the organizational deployment guide
2. Get the package into your environment
Option 1: Cached Package (Unreliable, Requires Internet - Same As Community)
Option 2: Internalized Package (Reliable, Scalable)
-
Open Source or Commercial:
- Proxy Repository - Create a proxy nuget repository on Nexus, Artifactory Pro, or a proxy Chocolatey repository on ProGet. Point your upstream to https://community.chocolatey.org/api/v2. Packages cache on first access automatically. Make sure your choco clients are using your proxy repository as a source and NOT the default community repository. See source command for more information.
- You can also just download the package and push it to a repository Download
-
Open Source
- Download the Package Download
- Follow manual internalization instructions
-
Package Internalizer (C4B)
- Run
choco download choco-nuspec-checker --internalize --version=2018.12.22 --source=https://community.chocolatey.org/api/v2(additional options) - Run
choco push --source="'http://internal/odata/repo'"for package and dependencies - Automate package internalization
- Run
3. Enter your internal repository url
(this should look similar to https://community.chocolatey.org/api/v2)
4. Choose your deployment method:
choco upgrade choco-nuspec-checker -y --source="'STEP 3 URL'" [other options]
See options you can pass to upgrade.
See best practices for scripting.
Add this to a PowerShell script or use a Batch script with tools and in places where you are calling directly to Chocolatey. If you are integrating, keep in mind enhanced exit codes.
If you do use a PowerShell script, use the following to ensure bad exit codes are shown as failures:
choco upgrade choco-nuspec-checker -y --source="'STEP 3 URL'"
$exitCode = $LASTEXITCODE
Write-Verbose "Exit code was $exitCode"
$validExitCodes = @(0, 1605, 1614, 1641, 3010)
if ($validExitCodes -contains $exitCode) {
Exit 0
}
Exit $exitCode
- name: Ensure choco-nuspec-checker installed
win_chocolatey:
name: choco-nuspec-checker
state: present
version: 2018.12.22
source: STEP 3 URL
See docs at https://docs.ansible.com/ansible/latest/modules/win_chocolatey_module.html.
chocolatey_package 'choco-nuspec-checker' do
action :install
version '2018.12.22'
source 'STEP 3 URL'
end
See docs at https://docs.chef.io/resource_chocolatey_package.html.
Chocolatey::Ensure-Package
(
Name: choco-nuspec-checker,
Version: 2018.12.22,
Source: STEP 3 URL
);
Requires Otter Chocolatey Extension. See docs at https://inedo.com/den/otter/chocolatey.
cChocoPackageInstaller choco-nuspec-checker
{
Name = 'choco-nuspec-checker'
Ensure = 'Present'
Version = '2018.12.22'
Source = 'STEP 3 URL'
}
Requires cChoco DSC Resource. See docs at https://github.com/chocolatey/cChoco.
package { 'choco-nuspec-checker':
provider => 'chocolatey',
ensure => '2018.12.22',
source => 'STEP 3 URL',
}
Requires Puppet Chocolatey Provider module. See docs at https://forge.puppet.com/puppetlabs/chocolatey.
salt '*' chocolatey.install choco-nuspec-checker version="2018.12.22" source="STEP 3 URL"
See docs at https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.chocolatey.html.
5. If applicable - Chocolatey configuration/installation
See infrastructure management matrix for Chocolatey configuration elements and examples.
This package was approved by moderator gep13 on 03 Jan 2019.
Description
choco-nuspec-checker (CNC) is a PowerShell script designed for Chocolatey package maintainers (creators) to check Chocolatey .nuspec files for common errors and ommisions.
FEATURES:
- CNC checks for all tags and reports if any are missing
- CNC checks for common oversights and reports about them
- CNC checks for common verifier warnings
If you find choco-nuspec-checker useful please consider donating: https://www.paypal.me/bcurran3donations or become a patron at https://www.patreon.com/bcurran3
Files
tools\ChocolateyInstall.ps1
tools\ChocolateyUninstall.ps1
$packageName = 'choco-nuspec-checker'
$script = 'CNC.ps1'
Remove-Item "$env:ChocolateyInstall\bin\$script" -Force | Out-Null
tools\CNC.ps1
# CNC.ps1 Copyleft 2018 by Bill Curran AKA BCURRAN3
$CNCver = "2018.12.28" # Version of this script
Write-Host
Write-Host "CNC.ps1 v$CNCver - (unofficial) Chocolatey .nuspec Checker ""CNC - Put it through the Bill.""" -ForegroundColor white
Write-Host "Copyleft 2018 Bill Curran ([email protected]) - free for personal and commercial use" -ForegroundColor white
# Get and parse .nuspec in current directory
#ENCHANCEMENT: Should accept a filespec and use that as well
$LocalnuspecFile = Get-Item *.nuspec
if (!($LocalnuspecFile)) {
Write-Warning "No .nuspec file found."
return
}
# Validate that URL elements are actually URLs and verify the URLs are good
function Validate-URL([string]$element,[string]$url){
if (($url -match "http://") -or ($url -match "https://")){
$HTTP_Request = [System.Net.WebRequest]::Create("$url")
$HTTP_Response = $HTTP_Request.GetResponse()
$HTTP_Status = [int]$HTTP_Response.StatusCode
$HTTP_Response.Close()
if ($HTTP_Status -eq 200) {
# do nothing, it's good!
} else {
Write-Warning " ** $element - $url looks like a bad or non-responding URL, please check."
}
} else {
Write-Warning " ** $element - ""$url"" is not a valid URL"
}
}
# Import package.nuspec file to get values
$nuspecXML = $LocalnuspecFile
[xml]$nuspecFile = Get-Content $nuspecXML
$NuspecAuthors = $nuspecFile.package.metadata.authors
$NuspecBugTrackerURL = $nuspecFile.package.metadata.bugtrackerurl
$NuspecConflicts = $nuspecFile.package.metadata.conflicts # Built for the future
$NuspecCopyright = $nuspecFile.package.metadata.copyright
$NuspecDependencies = $nuspecFile.package.metadata.dependencies # Not fully implemented yet
$NuspecDescription = $nuspecFile.package.metadata.description
$NuspecDocsURL = $nuspecFile.package.metadata.docsurl
$NuspecFiles = $nuspecFile.package.files.file # Not fully implemented yet
$NuspecIconURL = $nuspecFile.package.metadata.iconurl
$NuspecID = $nuspecFile.package.metadata.id
$NuspecLicenseURL = $nuspecFile.package.metadata.licenseurl
$NuspecMailingListURL = $nuspecFile.package.metadata.mailinglisturl
$NuspecOwners = $nuspecFile.package.metadata.owners
$NuspecPackageSourceURL = $nuspecFile.package.metadata.packagesourceurl
$NuspecProjectSourceURL = $nuspecFile.package.metadata.projectsourceurl
$NuspecProjectURL = $nuspecFile.package.metadata.projecturl
$NuspecProvides = $nuspecFile.package.metadata.provides # Built for the future
$NuspecReleaseNotes = $nuspecFile.package.metadata.releasenotes
$NuspecReplaces = $nuspecFile.package.metadata.replaces # Built for the future
$NuspecRequireLicenseAcceptance = $nuspecFile.package.metadata.requirelicenseacceptance
$NuspecSummary = $nuspecFile.package.metadata.summary
$NuspecTags = $nuspecFile.package.metadata.tags
$NuspecTitle = $nuspecFile.package.metadata.title
$NuspecVersion = $nuspecFile.package.metadata.version
# Report empty elements and misc possible oversights
Write-Host
Write-Host "CNC summary of "$LocalnuspecFile.Name":" -ForegroundColor Magenta
if (!($NuspecAuthors)) {Write-Warning " ** <authors> element is empty, this element is a requirement."}
if (!($NuspecBugTrackerURL)) {
Write-Warning " ** <bugTrackerUrl> - element is empty"
} else {
Validate-URL "<bugTrackerUrl>" $NuspecBugTrackerURL
}
#if (!($NuspecConflicts)) {Write-Warning " ** <conflicts> element is empty"} # Built for the future
if (!($NuspecCopyright)) {Write-Warning " ** <copyright> - element is empty"}
if (!($NuspecDependencies)) {Write-Warning " ** <dependencies> - element is empty"}
if (!($NuspecDescription)) {Write-Warning " ** <description> - element is empty, this element is a requirement."}
if (!($NuspecDocsURL)) {
Write-Warning " ** <docsUrl> - element is empty"
} else {
Validate-URL "<docsUrl>" $NuspecDocsURL
}
if (!($NuspecFiles)) {Write-Warning " ** <files> - element is empty"}
if (!($NuspecIconURL)) {
Write-Warning " ** <iconUrl> - element is empty"
} else {
Validate-URL "<iconUrl>" $NuspecIconURL
}
if ($NuspecIconURL -match "raw.githubusercontent"){
Write-Warning " ** <iconUrl> - Your package icon links directly to GitHub. Please use a CDN such as:"
Write-Host " https://www.staticaly.com, https://raw.githack.com, or https://gitcdn.link." -ForeGround Cyan
}
if ($NuspecIconURL -match "cdn.rawgit.com"){
Write-Warning " ** <iconUrl> - Your package icon uses RawGit CDN. It will be going offline in October 2019. Please change to a CDN such as:"
Write-Host " https://www.staticaly.com, https://raw.githack.com, or https://gitcdn.link." -ForeGround Cyan
}
[email protected]("png","svg")
$IconExt=($NuspecIconURL | Select-String -Pattern $AcceptableIconExts)
if (!($IconExt)){
Write-Warning " ** <iconURL> - .PNG and .SVG are the preferred package icon file types."
}
if (!($NuspecID)) {Write-Warning " ** <id> - element is empty, this element is a requirement."}
if (!($NuspecLicenseURL)) {
Write-Warning " ** <licenseUrl> - element is empty"
} else {
Validate-URL "<licenseUrl>" $NuspecLicenseURL
}
if (!($NuspecMailingListURL)) {
Write-Warning " ** <mailingListUrl> - element is empty"
} else {
Validate-URL "<mailingListUrl>" $NuspecMailingListURL
}
if (!($NuspecOwners)) {Write-Warning " ** <owners> element is empty, this element is a requirement."}
if (!($NuspecPackageSourceURL)) {
Write-Warning " ** <packageSourceUrl> - element is empty"
} else {
Validate-URL "<packageSourceUrl>" $NuspecPackageSourceURL
}
if (!($NuspecProjectSourceURL)) {
Write-Warning " ** <projectSourceUrl> - element is empty"
} else {
Validate-URL "<projectSourceUrl>" $NuspecProjectSourceURL
}
if (!($NuspecProjectURL)) {
Write-Warning " ** <projectUrl> - element is empty, this element is a requirement."
} else {
Validate-URL "<projectUrl>" $NuspecProjectURL
}
#if (!($NuspecProvides)) {Write-Warning " ** <provides> element is empty"} # Built for the future
if (!($NuspecReleaseNotes)) {Write-Warning " ** <releaseNotes> element is empty"}
#if (!($NuspecReplaces)) {Write-Warning " ** <replaces> element is empty"} # Built for the future
if (!($NuspecRequireLicenseAcceptance)) {Write-Warning " ** <requireLicenseAcceptance> - element is empty"}
if (!($NuspecSummary)) {Write-Warning " ** <summary> - element is empty"}
if (!($NuspecTags)) {Write-Warning " ** <tags> - element is empty"}
if (!($NuspecTitle)) {Write-Warning " ** <title> - element is empty, this element is a requirement."}
if (!($NuspecVersion)) {Write-Warning " ** <version> - element is empty, this element is a requirement."}
if ($NuspecAuthors -eq $NuspecOwners){
Write-Warning " ** <owners> and <authors> elements are the same. This will trigger a message from the verifier:"
Write-Host 'The package maintainer field (owners) matches the software author field (authors) in the nuspec. The reviewer will ensure that the package maintainer is also the software author.' -ForeGround Cyan
}
if ($NuspecProjectURL -eq $NuspecProjectSourceURL){
Write-Warning " ** <projectUrl> and <projectSourceUrl> elements are the same. This will trigger a message from the verifier:"
Write-Host 'ProjectUrl and ProjectSourceUrl are typically different, but not always. Please ensure that projectSourceUrl is pointing to software source code or remove the field from the nuspec.' -ForeGround Cyan
}
if ($NuspecTags -match "chocolatey"){
Write-Warning " ** There is a tag named chocolatey. This will trigger a message from the verifier:"
Write-Host 'Tags (tags) should not contain 'chocolatey' as a tag. Please remove that in the nuspec.' -ForeGround Cyan
}
Write-Host
Write-Host "Found CNC.ps1 useful?" -ForegroundColor white
Write-Host "Buy me a beer at https://www.paypal.me/bcurran3donations" -ForegroundColor white
Write-Host "Become a patron at https://www.patreon.com/bcurran3" -ForegroundColor white
return
# TDL
# show dependencies and version - • Package contains dependencies with no specified version. You should at least specify a minimum version of a dependency.
# Check for common binary types and mention: binary files (.exe, .msi, .zip) have been included. The reviewer will ensure the maintainers have distribution rights.
# What else?
Virus Scan Results
Log in or click on link to see number of positives.
In cases where actual malware is found, the packages are subject to removal. Software sometimes has false positives. Moderators do not necessarily validate the safety of the underlying software, only that a package retrieves software from the official distribution point and/or validate embedded software against official distribution point (where distribution rights allow redistribution).
Chocolatey Pro provides runtime protection from possible malware.
Version History
Copyright
Copyleft Bill Curran
Dependencies
This package has no dependencies.
Discussion for the (unofficial) Chocolatey .nuspec Checker (Script) Package
Ground Rules:
- This discussion is only about (unofficial) Chocolatey .nuspec Checker (Script) and the (unofficial) Chocolatey .nuspec Checker (Script) package. If you have feedback for Chocolatey, please contact the Google Group.
- This discussion will carry over multiple versions. If you have a comment about a particular version, please note that in your comments.
- The maintainers of this Chocolatey Package will be notified about new comments that are posted to this Disqus thread, however, it is NOT a guarantee that you will get a response. If you do not hear back from the maintainers after posting a message below, please follow up by using the link on the left side of this page or follow this link to contact maintainers. If you still hear nothing back, please follow the package triage process.
- Tell us what you love about the package or (unofficial) Chocolatey .nuspec Checker (Script), or tell us what needs improvement.
- Share your experiences with the package, or extra configuration or gotchas that you've found.
- If you use a url, the comment will be flagged for moderation until you've been whitelisted. Disqus moderated comments are approved on a weekly schedule if not sooner. It could take between 1-5 days for your comment to show up.