- Passing
- Failing
- Pending
- Unknown / Exempted
Downloads:
3,359
Downloads of v 2019.01.04:
113
Last Update:
05 Jan 2019
Package Maintainer(s):
Software Author(s):
- Bill Curran
Tags:
bcurran3 cnc choco unofficial nuspec checker
(unofficial) Chocolatey .nuspec Checker (Script)
This is not the latest version of (unofficial) Chocolatey .nuspec Checker (Script) available.
Downloads:
3,359
Downloads of v 2019.01.04:
113
Maintainer(s):
Software Author(s):
- Bill Curran
(unofficial) Chocolatey .nuspec Checker (Script) 2019.01.04
This is not the latest version of (unofficial) Chocolatey .nuspec Checker (Script) available.
All Checks are Passing
2 Passing Test
To install (unofficial) Chocolatey .nuspec Checker (Script), run the following command from the command line or from PowerShell:
>
To upgrade (unofficial) Chocolatey .nuspec Checker (Script), run the following command from the command line or from PowerShell:
>
To uninstall (unofficial) Chocolatey .nuspec Checker (Script), run the following command from the command line or from PowerShell:
>
NOTE: This applies to both open source and commercial editions of Chocolatey.
1. Ensure you are set for organizational deployment
Please see the organizational deployment guide
2. Get the package into your environment
Option 1: Cached Package (Unreliable, Requires Internet - Same As Community)
Option 2: Internalized Package (Reliable, Scalable)
-
Open Source or Commercial:
- Proxy Repository - Create a proxy nuget repository on Nexus, Artifactory Pro, or a proxy Chocolatey repository on ProGet. Point your upstream to https://community.chocolatey.org/api/v2. Packages cache on first access automatically. Make sure your choco clients are using your proxy repository as a source and NOT the default community repository. See source command for more information.
- You can also just download the package and push it to a repository Download
-
Open Source
- Download the Package Download
- Follow manual internalization instructions
-
Package Internalizer (C4B)
- Run
choco download choco-nuspec-checker --internalize --version=2019.01.04 --source=https://community.chocolatey.org/api/v2(additional options) - Run
choco push --source="'http://internal/odata/repo'"for package and dependencies - Automate package internalization
- Run
3. Enter your internal repository url
(this should look similar to https://community.chocolatey.org/api/v2)
4. Choose your deployment method:
choco upgrade choco-nuspec-checker -y --source="'STEP 3 URL'" [other options]
See options you can pass to upgrade.
See best practices for scripting.
Add this to a PowerShell script or use a Batch script with tools and in places where you are calling directly to Chocolatey. If you are integrating, keep in mind enhanced exit codes.
If you do use a PowerShell script, use the following to ensure bad exit codes are shown as failures:
choco upgrade choco-nuspec-checker -y --source="'STEP 3 URL'"
$exitCode = $LASTEXITCODE
Write-Verbose "Exit code was $exitCode"
$validExitCodes = @(0, 1605, 1614, 1641, 3010)
if ($validExitCodes -contains $exitCode) {
Exit 0
}
Exit $exitCode
- name: Ensure choco-nuspec-checker installed
win_chocolatey:
name: choco-nuspec-checker
state: present
version: 2019.01.04
source: STEP 3 URL
See docs at https://docs.ansible.com/ansible/latest/modules/win_chocolatey_module.html.
chocolatey_package 'choco-nuspec-checker' do
action :install
version '2019.01.04'
source 'STEP 3 URL'
end
See docs at https://docs.chef.io/resource_chocolatey_package.html.
Chocolatey::Ensure-Package
(
Name: choco-nuspec-checker,
Version: 2019.01.04,
Source: STEP 3 URL
);
Requires Otter Chocolatey Extension. See docs at https://inedo.com/den/otter/chocolatey.
cChocoPackageInstaller choco-nuspec-checker
{
Name = 'choco-nuspec-checker'
Ensure = 'Present'
Version = '2019.01.04'
Source = 'STEP 3 URL'
}
Requires cChoco DSC Resource. See docs at https://github.com/chocolatey/cChoco.
package { 'choco-nuspec-checker':
provider => 'chocolatey',
ensure => '2019.01.04',
source => 'STEP 3 URL',
}
Requires Puppet Chocolatey Provider module. See docs at https://forge.puppet.com/puppetlabs/chocolatey.
salt '*' chocolatey.install choco-nuspec-checker version="2019.01.04" source="STEP 3 URL"
See docs at https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.chocolatey.html.
5. If applicable - Chocolatey configuration/installation
See infrastructure management matrix for Chocolatey configuration elements and examples.
This package was approved by moderator gep13 on 07 Jan 2019.
Description
choco://choco-nuspec-checker
To use choco:// protocol URLs, install (unofficial) choco:// Protocol support
choco-nuspec-checker (CNC) is a PowerShell script designed for Chocolatey package maintainers (creators) to check Chocolatey .nuspec files for common errors and ommisions.
FEATURES:
- CNC checks for all tags and reports if any are missing
- CNC checks for dead URLs and reports them
- CNC checks for common oversights and reports about them (CDNs, icon image types, etc)
- CNC checks for common verifier warnings
If you find choco-nuspec-checker useful please consider donating: https://www.paypal.me/bcurran3donations or become a patron at https://www.patreon.com/bcurran3
Files
tools\ChocolateyInstall.ps1
tools\ChocolateyUninstall.ps1
$packageName = 'choco-nuspec-checker'
$script = 'CNC.ps1'
$CNCHeader = 'CNCHeader.txt'
$CNCFooter = 'CNCFooter.txt'
Remove-Item "$ENV:ChocolateyInstall\bin\$script" -Force | Out-Null
Remove-Item "$ENV:ChocolateyInstall\bin\$CNCHeader" -Force | Out-Null
Remove-Item "$ENV:ChocolateyInstall\bin\$CNCFooter" -Force | Out-Null
tools\CNC.ps1
# CNC.ps1 Copyleft 2018-2019 by Bill Curran AKA BCURRAN3
# LICENSE: GNU GPL v3 - https://www.gnu.org/licenses/gpl.html
# Open a GitHub issue at https://github.com/bcurran3/ChocolateyPackages/issues if you have suggestions for improvement.
Write-Host
Write-Host "CNC.ps1 v2019.01.04 - (unofficial) Chocolatey .nuspec Checker ""CNC - Put it through the Bill.""" -ForegroundColor white
Write-Host "Copyleft 2018-2019 Bill Curran ([email protected]) - free for personal and commercial use" -ForegroundColor white
[email protected]("png","svg")
[email protected]("*.exe","*.msi","*.zip","*.rar","*.7z","*.gz","*.tar","*.sfx","*.iso","*.img","*.msu","*.msp") # miss any?
$CDNlist = "https://www.staticaly.com, https://raw.githack.com, https://gitcdn.link, or https://www.jsdelivr.com"
$CNCHeader = "$ENV:ChocolateyInstall\bin\CNCHeader.txt"
$CNCFooter = "$ENV:ChocolateyInstall\bin\CNCFooter.txt"
# Get and parse .nuspec in current directory
#FUTURE ENCHANCEMENT accept a filespec and use that as well
$LocalnuspecFile = Get-Item *.nuspec
if (!($LocalnuspecFile)) {
Write-Warning "No .nuspec file found."
return
}
# Validate that URL elements are actually URLs and verify the URLs are good
function Validate-URL([string]$element,[string]$url){
if (($url -match "http://") -or ($url -match "https://")){
$HTTP_Request = [System.Net.WebRequest]::Create("$url")
$HTTP_Response = $HTTP_Request.GetResponse()
$HTTP_Status = [int]$HTTP_Response.StatusCode
$HTTP_Response.Close()
if ($HTTP_Status -eq 200) {
# do nothing, it's good!
} else {
Write-Warning " ** $element - $url looks like a bad or non-responding URL, please check."
}
} else {
Write-Warning " ** $element - ""$url"" is not a valid URL"
}
}
function Check-LicenseFile{
$LicenseFile=(Get-ChildItem -Include LICENSE.txt -Recurse)
if ($LicenseFile){
Write-Host " ** Binary files - LICENSE.txt file found." -ForeGround Green
} else {
Write-Warning " ** Binary files - LICENSE.txt file NOT found."
}
}
function Check-VerificationFile{
$VerificationFile=(Get-ChildItem -Include LICENSE.txt -Recurse)
if ($VerificationFile){
Write-Host " ** Binary files - VERIFICATION.txt file found." -ForeGround Green
} else {
Write-Warning " ** Binary files - VERIFICATION.txt file NOT found."
}
}
function Check-Binaries{
$IncludedBinaries=(Get-ChildItem -Include $BinaryExtensions -Recurse)
if ($IncludedBinaries){
Write-Warning " ** Binary files found in package. This will trigger a message from the verifier:"
Write-Host ' ** Binary files (.exe, .msi, .zip) have been included. The reviewer will ensure the maintainers have distribution rights. ' -ForeGround Cyan
Check-LicenseFile
Check-VerificationFile
}
}
# FUTURE ENHANCEMENT to check for a standardized header
function Check-Header{
if ($NuspecDescription -match "'*'*'*"){ #This match doesn't work yet
Write-Host " ** <description> - standardized header found" -ForeGround Green
$HeaderFound=$True
}
}
# FUTURE ENHANCEMENT to check for a standardized header
function Check-Footer{
if ($NuspecDescription -match "'*'*'*"){ #This match doesn't work yet
Write-Host " ** <description> - standardized footer found" -ForeGround Green
$FooterFound=$True
}
}
# FUTURE ENHANCEMENT to add a standardized header to the description
function Add-Header{
$NuspecDescription=(Get-Content $CNCHeader)+$NuspecDescription
$UpdateNuspec=$True
}
# FUTURE ENHANCEMENT to add a standardized footer to the description
function Add-Footer{
$NuspecDescription=$NuspecDescription+(Get-Content $CNCFooter)
$UpdateNuspec=$True
}
# FUTURE ENHANCEMENT to add a replace RawGit URLs with Staticaly(?) URLs
function Replace-RawGit{
$UpdateNuspec=$True
}
# FUTURE ENHANCEMENT to open all URLs to view
function Open-URLs{
if ($NuspecBugTrackerURL){&start $NuspecBugTrackerURL}
if ($NuspecDocsURL){&start $NuspecDocsURL}
if ($NuspecIconURL){&start $NuspecIconURL}
if ($NuspecLicenseURL){&start $NuspecLicenseURL}
if ($NuspecMailingListURL){&start $NuspecMailingListURL}
if ($NuspecPackageSourceURL){&start $NuspecPackageSourceURL}
if ($NuspecProjectSourceURL){&start $NuspecProjectSourceURL}
if ($NuspecProjectURL){&start $NuspecProjectURL}
}
# FUTURE ENHANCEMENT load nuspec file and save changes
Function Update-nuspec{
if ($UpdateNuspec){
Write-Host "Writing changes to $LocalnuspecFile." -foreground magenta
[xml]$Updatednuspec = Get-Content $LocalnuspecFile
# Need to determine changes then write out file
$Updatednuspec.Save("$LocalnuspecFile")
}
}
# Import package.nuspec file to get values
# FUTURE ENHANCEMENT change to function
$nuspecXML = $LocalnuspecFile
[xml]$nuspecFile = Get-Content $nuspecXML
$NuspecAuthors = $nuspecFile.package.metadata.authors
$NuspecBugTrackerURL = $nuspecFile.package.metadata.bugtrackerurl
$NuspecConflicts = $nuspecFile.package.metadata.conflicts # Built for the future
$NuspecCopyright = $nuspecFile.package.metadata.copyright
$NuspecDependencies = $nuspecFile.package.metadata.dependencies # Not fully implemented yet
$NuspecDescription = $nuspecFile.package.metadata.description
$NuspecDocsURL = $nuspecFile.package.metadata.docsurl
$NuspecFiles = $nuspecFile.package.files.file # Not fully implemented yet
$NuspecIconURL = $nuspecFile.package.metadata.iconurl
$NuspecID = $nuspecFile.package.metadata.id
$NuspecLicenseURL = $nuspecFile.package.metadata.licenseurl
$NuspecMailingListURL = $nuspecFile.package.metadata.mailinglisturl
$NuspecOwners = $nuspecFile.package.metadata.owners
$NuspecPackageSourceURL = $nuspecFile.package.metadata.packagesourceurl
$NuspecProjectSourceURL = $nuspecFile.package.metadata.projectsourceurl
$NuspecProjectURL = $nuspecFile.package.metadata.projecturl
$NuspecProvides = $nuspecFile.package.metadata.provides # Built for the future
$NuspecReleaseNotes = $nuspecFile.package.metadata.releasenotes
$NuspecReplaces = $nuspecFile.package.metadata.replaces # Built for the future
$NuspecRequireLicenseAcceptance = $nuspecFile.package.metadata.requirelicenseacceptance
$NuspecSummary = $nuspecFile.package.metadata.summary
$NuspecTags = $nuspecFile.package.metadata.tags
$NuspecTitle = $nuspecFile.package.metadata.title
$NuspecVersion = $nuspecFile.package.metadata.version
Write-Host
Write-Host "CNC summary of "$LocalnuspecFile.Name":" -ForegroundColor Magenta
#Write-Host $NuspecSummary -foreground green
# <authors> checks
if (!($NuspecAuthors)) {Write-Warning " ** <authors> element is empty, this element is a requirement."}
# <bugTrackerUrl> checks
if (!($NuspecBugTrackerURL)) {
Write-Warning " ** <bugTrackerUrl> - element is empty"
} else {
Validate-URL "<bugTrackerUrl>" $NuspecBugTrackerURL
}
# <conflicts> checks
#if (!($NuspecConflicts)) {Write-Warning " ** <conflicts> element is empty"} # Built for the future
# <copyright> checks
if (!($NuspecCopyright)) {Write-Warning " ** <copyright> - element is empty"}
# <dependencies> checks
if (!($NuspecDependencies)) {Write-Warning " ** <dependencies> - element is empty"}
# <description> checks
if (!($NuspecDescription)) {
Write-Warning " ** <description> - element is empty, this element is a requirement."
} else {
if ($NuspecDescription -match "cdn.rawgit.com"){
Write-Warning " ** <description> - RawGit CDN will be going offline October 2019. Please change to a CDN such as:"
Write-Host " ** $CDNlist" -ForeGround Cyan
}
}
#Check-Header
# <docsUrl> checks
if (!($NuspecDocsURL)) {
Write-Warning " ** <docsUrl> - element is empty"
} else {
Validate-URL "<docsUrl>" $NuspecDocsURL
}
# <files> checks
if (!($NuspecFiles)) {Write-Warning " ** <files> - element is empty"}
# <iconUrl> checks
if (!($NuspecIconURL)) {
Write-Warning " ** <iconUrl> - element is empty"
} else {
Validate-URL "<iconUrl>" $NuspecIconURL
if ($NuspecIconURL -match "raw.githubusercontent"){
Write-Warning " ** <iconUrl> - Your package icon links directly to GitHub. Please use a CDN such as:"
Write-Host " ** $CDNlist" -ForeGround Cyan
}
if ($NuspecIconURL -match "cdn.rawgit.com"){
Write-Warning " ** <iconUrl> - RawGit CDN will be going offline October 2019. Please change to a CDN such as:"
Write-Host " ** $CDNlist" -ForeGround Cyan
}
}
$IconExt=($NuspecIconURL | Select-String -Pattern $AcceptableIconExts)
if (!($IconExt)){
Write-Warning " ** <iconUrl> - .PNG and .SVG are the preferred package icon file types."
}
# <id> checks
if (!($NuspecID)) {Write-Warning " ** <id> - element is empty, this element is a requirement."}
# <licenseUrl> checks
if (!($NuspecLicenseURL)) {
Write-Warning " ** <licenseUrl> - element is empty"
} else {
Validate-URL "<licenseUrl>" $NuspecLicenseURL
}
# <mailingListUrl> checks
if (!($NuspecMailingListURL)) {
Write-Warning " ** <mailingListUrl> - element is empty"
} else {
Validate-URL "<mailingListUrl>" $NuspecMailingListURL
}
# <owners> checks
if (!($NuspecOwners)) {
Write-Warning " ** <owners> element is empty, this element is a requirement."
} else {
if ($NuspecAuthors -eq $NuspecOwners){
Write-Warning " ** <owners> and <authors> elements are the same. This will trigger a message from the verifier:"
Write-Host ' ** The package maintainer field (owners) matches the software author field (authors) in the nuspec. The reviewer will ensure that the package maintainer is also the software author.' -ForeGround Cyan
}
}
# <packageSourceUrl> checks
if (!($NuspecPackageSourceURL)) {
Write-Warning " ** <packageSourceUrl> - element is empty"
} else {
Validate-URL "<packageSourceUrl>" $NuspecPackageSourceURL
}
# <projectSourceUrl> checks
if (!($NuspecProjectSourceURL)) {
Write-Warning " ** <projectSourceUrl> - element is empty"
} else {
Validate-URL "<projectSourceUrl>" $NuspecProjectSourceURL
}
if ($NuspecProjectURL -eq $NuspecProjectSourceURL){
Write-Warning " ** <projectUrl> and <projectSourceUrl> elements are the same. This will trigger a message from the verifier:"
Write-Host ' ** ProjectUrl and ProjectSourceUrl are typically different, but not always. Please ensure that projectSourceUrl is pointing to software source code or remove the field from the nuspec.' -ForeGround Cyan
}
# <projectUrl> checks
if (!($NuspecProjectURL)) {
Write-Warning " ** <projectUrl> - element is empty, this element is a requirement."
} else {
Validate-URL "<projectUrl>" $NuspecProjectURL
}
# <provides> checks
#if (!($NuspecProvides)) {Write-Warning " ** <provides> element is empty"} # Built for the future
# <releaseNotes> checks
if (!($NuspecReleaseNotes)) {Write-Warning " ** <releaseNotes> element is empty"}
# <replaces> checks
#if (!($NuspecReplaces)) {Write-Warning " ** <replaces> element is empty"} # Built for the future
# <requireLicenseAcceptance> checks
if (!($NuspecRequireLicenseAcceptance)) {Write-Warning " ** <requireLicenseAcceptance> - element is empty"}
# <summary> checks
if (!($NuspecSummary)) {Write-Warning " ** <summary> - element is empty"}
# <tags> checks
if (!($NuspecTags)) {
Write-Warning " ** <tags> - element is empty"
} else {
if ($NuspecTags -match "chocolatey"){
Write-Warning " ** There is a tag named chocolatey. This will trigger a message from the verifier:"
Write-Host ' ** Tags (tags) should not contain 'chocolatey' as a tag. Please remove that in the nuspec.' -ForeGround Cyan
}
}
# <title> checks
if (!($NuspecTitle)) {Write-Warning " ** <title> - element is empty, this element is a requirement."}
# <version> checks
if (!($NuspecVersion)) {Write-Warning " ** <version> - element is empty, this element is a requirement."}
# Binaries checks
Check-Binaries
# FUTURE ENHANCEMENT ask to replace RawGit URLs
# Replace-RawGit
# FUTURE ENHANCEMENT ask to add header and/or footer
# Add-Header
# Add-Footer
# FUTURE ENHANCEMENT ask to view all URLs
# Open-URLs
# FUTURE ENHANCEMENT update changes to nuspec
# Update-nuspec
Write-Host
Write-Host "Found CNC.ps1 useful?" -ForegroundColor white
Write-Host "Buy me a beer at https://www.paypal.me/bcurran3donations" -ForegroundColor white
Write-Host "Become a patron at https://www.patreon.com/bcurran3" -ForegroundColor white
return
# TDL
# show dependencies and version - • Package contains dependencies with no specified version. You should at least specify a minimum version of a dependency.
# check http links to see if https links are available and report if so
# What else?
tools\CNCFooter.txt
tools\CNCHeader.txt
Virus Scan Results
Log in or click on link to see number of positives.
In cases where actual malware is found, the packages are subject to removal. Software sometimes has false positives. Moderators do not necessarily validate the safety of the underlying software, only that a package retrieves software from the official distribution point and/or validate embedded software against official distribution point (where distribution rights allow redistribution).
Chocolatey Pro provides runtime protection from possible malware.
Version History
Copyright
Copyleft Bill Curran
Release Notes
CHANGELOG:
- 2019.01.04 - implemented included binary files checking and messages, laid out the groundwork for the future enhancements
- 2019.01.03 - fixed some URL checking handling that could cause PS errors, updated list of CDN recommendations, added checking for RawGit URLs in description, cosmetic updates
- 2018.12.22-2018-12.28 - intial release
ROADMAP:
- take a filespec to check .nuspec files outside of the local path
- automatically convert RawGit CDN URLs to Staticaly or a possibly a selectable preference
- (out of original scope) option to insert configurable headers and footers into description (some groundwork laid)
- option to open and view all URLs (some groundwork laid)
- capture and test URLs found in description
- add more verifier warnings and errors
Dependencies
This package has no dependencies.
Discussion for the (unofficial) Chocolatey .nuspec Checker (Script) Package
Ground Rules:
- This discussion is only about (unofficial) Chocolatey .nuspec Checker (Script) and the (unofficial) Chocolatey .nuspec Checker (Script) package. If you have feedback for Chocolatey, please contact the Google Group.
- This discussion will carry over multiple versions. If you have a comment about a particular version, please note that in your comments.
- The maintainers of this Chocolatey Package will be notified about new comments that are posted to this Disqus thread, however, it is NOT a guarantee that you will get a response. If you do not hear back from the maintainers after posting a message below, please follow up by using the link on the left side of this page or follow this link to contact maintainers. If you still hear nothing back, please follow the package triage process.
- Tell us what you love about the package or (unofficial) Chocolatey .nuspec Checker (Script), or tell us what needs improvement.
- Share your experiences with the package, or extra configuration or gotchas that you've found.
- If you use a url, the comment will be flagged for moderation until you've been whitelisted. Disqus moderated comments are approved on a weekly schedule if not sooner. It could take between 1-5 days for your comment to show up.