From e561bc4bc635d46a716102b4004c74779872b0c8 Mon Sep 17 00:00:00 2001 From: OSS Index Date: Tue, 27 Nov 2018 01:39:53 -0400 Subject: [PATCH 1/6] Update README.md --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 9cef9d96..38248c07 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,7 @@ + +**Note**: The 3.x release uses the new 3.x OSS Index database, which has some rate limiting. If you notice you are hitting the limit please raise an issue. Authenticated users get a higher limit, and we am implementing authentication into DevAudit soon. Most non-authenticated users probably won't notice the limit for many use cases. It usually kicks in only in much larger projects or higher project volumes. + + # DevAudit: Development Auditing Get the latest release from the [releases](https://github.com/OSSIndex/DevAudit/releases) page. From c2c74c1290cacddbb460ba8af9a288d2e02a475c Mon Sep 17 00:00:00 2001 From: Niels Vrolijk Date: Thu, 14 Mar 2019 12:39:47 +0100 Subject: [PATCH 2/6] Remove -c options, issue #105 Fix #105 --- README.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 38248c07..55bbe2e7 100644 --- a/README.md +++ b/README.md @@ -194,13 +194,13 @@ Package sources tagged [Experimental] are only available in the master branch of - `aspnet` Do an application audit on a ASP.NET application. The relevant options are: - `-r --root-directory` Specify the root directory of the application. This is just the top-level application directory that contains files like Global.asax and Web.config. - `-b --application-binary` Specify the application binary. The is the .NET assembly that contains the application's .NET bytecode. This file is usually a .DLL and located in the bin sub-folder of the ASP.NET application root directory. - - `-c --configuration-file` or `-o AppConfig=configuration-file` Specifies the ASP.NET application configuration file. This file is usually named Web.config and located in the application root directory. You can override the default @Web.config value with this option. + - `--configuration-file` or `-o AppConfig=configuration-file` Specifies the ASP.NET application configuration file. This file is usually named Web.config and located in the application root directory. You can override the default @Web.config value with this option. - `-o AppDevMode=enabled` Specifies that application development mode should be enabled for the audit. This mode can be used when auditing an application that is under development. Certain configuration rules that are tagged as disabled for AppDevMode (e.g running the application in ASP.NET debug mode) will not be enabled during the audit. - `netfx` Do an application audit on a .NET application. The relevant options are: - `-r --root-directory` Specify the root directory of the application. This is just the top-level application directory that contains files like App.config. - `-b --application-binary` Specify the application binary. The is the .NET assembly that contains the application's .NET bytecode. This file is usually a .DLL and located in the bin sub-folder of the ASP.NET application root directory. - - `-c --configuration-file` or `-o AppConfig=configuration-file` Specifies the .NET application configuration file. This file is usually named App.config and located in the application root directory. You can override the default @App.config value with this option. + - `--configuration-file` or `-o AppConfig=configuration-file` Specifies the .NET application configuration file. This file is usually named App.config and located in the application root directory. You can override the default @App.config value with this option. - `-o GendarmeRules=RuleLibrary` Specifies that the [Gendarme](http://www.mono-project.com/docs/tools+libraries/tools/gendarme/) static analyzer should enabled for the audit with rules from the specified rules library used. For example: `devaudit netfx -r /home/allisterb/vbot-debian/vbot.core -b @bin/Debug/vbot.core.dll --skip-packages-audit -o GendarmeRules=Gendarme.Rules.Naming` will run the Gendarme static analyzer on the vbot.core.dll assembly using rules from Gendarme.Rules.Naming library. The complete list of rules libraries is (taken from the Gendarme wiki): @@ -251,12 +251,12 @@ All applications also support the following common options for auditing the appl - `pgsql` Do an application server audit on a PostgreSQL server. This is an example command line for an application server audit: -`./devaudit httpd -i httpd-2.2 -r /usr/local/apache2/ -c @conf/httpd.conf -b @bin/httpd` +`./devaudit httpd -i httpd-2.2 -r /usr/local/apache2/ --configuration-file @conf/httpd.conf -b @bin/httpd` which audits an Apache Httpd server running on a Docker container named httpd-2.2. The following are audit options common to all application servers: - `-r --root-directory` Specifies the root directory of the server. This is just the top-level of your server filesystem and defaults to `/` unless you want a different server root. -- `-c --configuration-file` Specifies the server configuration file. e.g in the above audit the Apache configuration file is located at `/usr/local/apache2/conf/httpd.conf`. If you don't specify the configuration file DevAudit will attempt to auto-detect the configuration file for the server selected. +- `--configuration-file` Specifies the server configuration file. e.g in the above audit the Apache configuration file is located at `/usr/local/apache2/conf/httpd.conf`. If you don't specify the configuration file DevAudit will attempt to auto-detect the configuration file for the server selected. - `-b --application-binary` Specifies the server binary. e.g in the above audit the Apache binary is located at `/usr/local/apache2/bin/httpd`. If you don't specify the binary path DevAudit will attempt to auto-detect the server binary for the server selected. Application servers also support the following common options for auditing the server modules or plugins: @@ -314,8 +314,8 @@ The GitHub audit environment allows audits to be performed directly on a GitHub `PATH` Specifies the branch of the project to connect to -You can use the `-r`, `-c`, and `-f` options as usual to specify the path to file-system files and directories required for the audit. e.g the following commad: -`devaudit aspnet -g "Owner=Dnnsoftware,Name=Dnn.Platforn,Branch=Release/9.0.2" -r /Website -c@web.config` +You can use the `-r`, `--configuration-file`, and `-f` options as usual to specify the path to file-system files and directories required for the audit. e.g the following commad: +`devaudit aspnet -g "Owner=Dnnsoftware,Name=Dnn.Platforn,Branch=Release/9.0.2" -r /Website --configuration-file @web.config` will do an ASP.NET audit on this repository https://github.com/dnnsoftware/Dnn.Platform/ using the `/Website` source folder as the root directory and the `web.config` file as the ASP.NET configuration file. Note that filenames are case-sensitive in most environments. ![Screenshot of a GitHub project audit](https://cdn-images-1.medium.com/max/800/1*Uj0WBK9RlS8YvN0qW-IFZQ.png) @@ -344,7 +344,7 @@ You must mount any directories on the Docker host machine that DevAudit needs to will allow the DevAudit Docker container to audit the local directory /home/allisterb/vbot-debian/vbot.core. You _must_ mount your local root in this way to audit _other_ Docker containers from the DevAudit container e.g. -`docker run -i -t -v /:/hostroot:ro ossindex/devaudit mysql -i myapp1 -r / -c /etc/my.cnf --skip-packages-audit` +`docker run -i -t -v /:/hostroot:ro ossindex/devaudit mysql -i myapp1 -r / --configuration-file /etc/my.cnf --skip-packages-audit` will run a MySQL audit on a Docker container named `myapp1` from the `ossindex/devaudit` container. From 9c2dc39c5518a0eeb031852270a293da6f803a67 Mon Sep 17 00:00:00 2001 From: Niels Vrolijk Date: Thu, 14 Mar 2019 12:53:03 +0100 Subject: [PATCH 3/6] Updated config-file option It seems the existing --configuration-file was changed to --config-file as well, updated those as well. Checked with /DevAudit.CommandLine/Options.cs in v3.2.0.0 label --- README.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 55bbe2e7..29dc5e68 100644 --- a/README.md +++ b/README.md @@ -194,13 +194,13 @@ Package sources tagged [Experimental] are only available in the master branch of - `aspnet` Do an application audit on a ASP.NET application. The relevant options are: - `-r --root-directory` Specify the root directory of the application. This is just the top-level application directory that contains files like Global.asax and Web.config. - `-b --application-binary` Specify the application binary. The is the .NET assembly that contains the application's .NET bytecode. This file is usually a .DLL and located in the bin sub-folder of the ASP.NET application root directory. - - `--configuration-file` or `-o AppConfig=configuration-file` Specifies the ASP.NET application configuration file. This file is usually named Web.config and located in the application root directory. You can override the default @Web.config value with this option. + - `--config-file` or `-o AppConfig=configuration-file` Specifies the ASP.NET application configuration file. This file is usually named Web.config and located in the application root directory. You can override the default @Web.config value with this option. - `-o AppDevMode=enabled` Specifies that application development mode should be enabled for the audit. This mode can be used when auditing an application that is under development. Certain configuration rules that are tagged as disabled for AppDevMode (e.g running the application in ASP.NET debug mode) will not be enabled during the audit. - `netfx` Do an application audit on a .NET application. The relevant options are: - `-r --root-directory` Specify the root directory of the application. This is just the top-level application directory that contains files like App.config. - `-b --application-binary` Specify the application binary. The is the .NET assembly that contains the application's .NET bytecode. This file is usually a .DLL and located in the bin sub-folder of the ASP.NET application root directory. - - `--configuration-file` or `-o AppConfig=configuration-file` Specifies the .NET application configuration file. This file is usually named App.config and located in the application root directory. You can override the default @App.config value with this option. + - `--config-file` or `-o AppConfig=configuration-file` Specifies the .NET application configuration file. This file is usually named App.config and located in the application root directory. You can override the default @App.config value with this option. - `-o GendarmeRules=RuleLibrary` Specifies that the [Gendarme](http://www.mono-project.com/docs/tools+libraries/tools/gendarme/) static analyzer should enabled for the audit with rules from the specified rules library used. For example: `devaudit netfx -r /home/allisterb/vbot-debian/vbot.core -b @bin/Debug/vbot.core.dll --skip-packages-audit -o GendarmeRules=Gendarme.Rules.Naming` will run the Gendarme static analyzer on the vbot.core.dll assembly using rules from Gendarme.Rules.Naming library. The complete list of rules libraries is (taken from the Gendarme wiki): @@ -251,12 +251,12 @@ All applications also support the following common options for auditing the appl - `pgsql` Do an application server audit on a PostgreSQL server. This is an example command line for an application server audit: -`./devaudit httpd -i httpd-2.2 -r /usr/local/apache2/ --configuration-file @conf/httpd.conf -b @bin/httpd` +`./devaudit httpd -i httpd-2.2 -r /usr/local/apache2/ --config-file @conf/httpd.conf -b @bin/httpd` which audits an Apache Httpd server running on a Docker container named httpd-2.2. The following are audit options common to all application servers: - `-r --root-directory` Specifies the root directory of the server. This is just the top-level of your server filesystem and defaults to `/` unless you want a different server root. -- `--configuration-file` Specifies the server configuration file. e.g in the above audit the Apache configuration file is located at `/usr/local/apache2/conf/httpd.conf`. If you don't specify the configuration file DevAudit will attempt to auto-detect the configuration file for the server selected. +- `--config-file` Specifies the server configuration file. e.g in the above audit the Apache configuration file is located at `/usr/local/apache2/conf/httpd.conf`. If you don't specify the configuration file DevAudit will attempt to auto-detect the configuration file for the server selected. - `-b --application-binary` Specifies the server binary. e.g in the above audit the Apache binary is located at `/usr/local/apache2/bin/httpd`. If you don't specify the binary path DevAudit will attempt to auto-detect the server binary for the server selected. Application servers also support the following common options for auditing the server modules or plugins: @@ -314,8 +314,8 @@ The GitHub audit environment allows audits to be performed directly on a GitHub `PATH` Specifies the branch of the project to connect to -You can use the `-r`, `--configuration-file`, and `-f` options as usual to specify the path to file-system files and directories required for the audit. e.g the following commad: -`devaudit aspnet -g "Owner=Dnnsoftware,Name=Dnn.Platforn,Branch=Release/9.0.2" -r /Website --configuration-file @web.config` +You can use the `-r`, `--config-file`, and `-f` options as usual to specify the path to file-system files and directories required for the audit. e.g the following commad: +`devaudit aspnet -g "Owner=Dnnsoftware,Name=Dnn.Platforn,Branch=Release/9.0.2" -r /Website --config-file @web.config` will do an ASP.NET audit on this repository https://github.com/dnnsoftware/Dnn.Platform/ using the `/Website` source folder as the root directory and the `web.config` file as the ASP.NET configuration file. Note that filenames are case-sensitive in most environments. ![Screenshot of a GitHub project audit](https://cdn-images-1.medium.com/max/800/1*Uj0WBK9RlS8YvN0qW-IFZQ.png) @@ -344,7 +344,7 @@ You must mount any directories on the Docker host machine that DevAudit needs to will allow the DevAudit Docker container to audit the local directory /home/allisterb/vbot-debian/vbot.core. You _must_ mount your local root in this way to audit _other_ Docker containers from the DevAudit container e.g. -`docker run -i -t -v /:/hostroot:ro ossindex/devaudit mysql -i myapp1 -r / --configuration-file /etc/my.cnf --skip-packages-audit` +`docker run -i -t -v /:/hostroot:ro ossindex/devaudit mysql -i myapp1 -r / --config-file /etc/my.cnf --skip-packages-audit` will run a MySQL audit on a Docker container named `myapp1` from the `ossindex/devaudit` container. From c1f434421d18cd00ab0c5e35f24b359f86ed7442 Mon Sep 17 00:00:00 2001 From: DamianBis Date: Thu, 25 Apr 2019 23:22:56 +1000 Subject: [PATCH 4/6] Update to do JSON reports --- .../Targets/PackageSource.cs | 39 +++++++++++++++++++ .../DevAudit.CommandLine.csproj | 3 ++ DevAudit.CommandLine/Options.cs | 3 ++ DevAudit.CommandLine/Program.cs | 10 +++++ DevAudit.CommandLine/app.config | 2 +- DevAudit.CommandLine/packages.config | 1 + 6 files changed, 57 insertions(+), 1 deletion(-) diff --git a/DevAudit.AuditLibrary/Targets/PackageSource.cs b/DevAudit.AuditLibrary/Targets/PackageSource.cs index adc1b67c..031892b5 100644 --- a/DevAudit.AuditLibrary/Targets/PackageSource.cs +++ b/DevAudit.AuditLibrary/Targets/PackageSource.cs @@ -11,9 +11,48 @@ using Sprache; using Alpheus.IO; +using Newtonsoft.Json; namespace DevAudit.AuditLibrary { + public class PackageSourceSerializer : JsonConverter + { + public override void WriteJson(JsonWriter writer, object value, JsonSerializer serializer) + { + PackageSource val = (PackageSource)value; + + writer.WriteStartObject(); + writer.WritePropertyName("Packages Audited"); + serializer.Serialize(writer, val.Vulnerabilities.Values.Count()); + writer.WritePropertyName("Vulnerabilities Found"); + int total_vulnerabilities = val.Vulnerabilities.Sum(v => v.Value != null ? v.Value.Count(pv => pv.PackageVersionIsInRange) : 0); + serializer.Serialize(writer, total_vulnerabilities); + writer.WritePropertyName("Packages"); + writer.WriteStartArray(); + foreach(var vul in val.Vulnerabilities) + { + writer.WriteStartObject(); + writer.WritePropertyName("Package"); + serializer.Serialize(writer, vul.Key); + writer.WritePropertyName("Vulnerabilities"); + serializer.Serialize(writer, vul.Value); + writer.WriteEndObject(); + } + writer.WriteEndObject(); + } + + public override object ReadJson(JsonReader reader, Type objectType, object existingValue, JsonSerializer serializer) + { + throw new NotImplementedException(); + } + + public override bool CanConvert(Type objectType) + { + return typeof(PackageSource).IsAssignableFrom(objectType); + } + } + + [JsonConverter(typeof(PackageSourceSerializer))] public abstract class PackageSource : AuditTarget { #region Constructors diff --git a/DevAudit.CommandLine/DevAudit.CommandLine.csproj b/DevAudit.CommandLine/DevAudit.CommandLine.csproj index c0b616bc..7b825964 100644 --- a/DevAudit.CommandLine/DevAudit.CommandLine.csproj +++ b/DevAudit.CommandLine/DevAudit.CommandLine.csproj @@ -132,6 +132,9 @@ ..\packages\Gendarme.Rules.2.11.0.20121120\lib\net40\Gendarme.Rules.Ui.dll True + + ..\packages\Newtonsoft.Json.12.0.2\lib\net45\Newtonsoft.Json.dll + diff --git a/DevAudit.CommandLine/Options.cs b/DevAudit.CommandLine/Options.cs index a7c22e37..1a5d8361 100644 --- a/DevAudit.CommandLine/Options.cs +++ b/DevAudit.CommandLine/Options.cs @@ -206,6 +206,9 @@ class Options [Option("https-proxy", Required = false, HelpText = "Use the specified Url as the proxy for HTTPS calls made to the OSS Index API.")] public string HttpsProxy { get; set; } + [Option("output-file", Required = false, HelpText = "Path to the output file.")] + public string OutputFile { get; set; } + [Option("ignore-https-cert-errors", Required = false, HelpText = "Ignore certain certificate errors for HTTPS requests. This is useful for testing but is extremely insecure and should never be used in production.")] public bool IgnoreHttpsCertErrors { get; set; } diff --git a/DevAudit.CommandLine/Program.cs b/DevAudit.CommandLine/Program.cs index 8f42deeb..d051a9a5 100644 --- a/DevAudit.CommandLine/Program.cs +++ b/DevAudit.CommandLine/Program.cs @@ -16,6 +16,7 @@ using CC = Colorful; //Avoid type name conflict with System Console class using DevAudit.AuditLibrary; +using Newtonsoft.Json; namespace DevAudit.CommandLine { @@ -1080,6 +1081,15 @@ static int PrintPackageSourceAuditResults(AuditTarget.AuditResult ar, out AuditT { return 0; } + + + if (!string.IsNullOrEmpty(ProgramOptions.OutputFile)) + { + Console.WriteLine("In Here"); + File.WriteAllText(ProgramOptions.OutputFile, JsonConvert.SerializeObject(Source)); + } + + int total_vulnerabilities = Source.Vulnerabilities.Sum(v => v.Value != null ? v.Value.Count(pv => pv.PackageVersionIsInRange) : 0); PrintMessageLine(ConsoleColor.White, "\nPackage Source Audit Results\n============================"); PrintMessageLine(ConsoleColor.White, "{0} total vulnerabilit{3} found in {1} package source audit. Total time for audit: {2} ms.\n", total_vulnerabilities, Source.PackageManagerLabel, Stopwatch.ElapsedMilliseconds, total_vulnerabilities == 0 || total_vulnerabilities > 1 ? "ies" : "y"); diff --git a/DevAudit.CommandLine/app.config b/DevAudit.CommandLine/app.config index 489fb03c..fea5cbab 100644 --- a/DevAudit.CommandLine/app.config +++ b/DevAudit.CommandLine/app.config @@ -20,7 +20,7 @@ - + diff --git a/DevAudit.CommandLine/packages.config b/DevAudit.CommandLine/packages.config index f0997c4d..c8ea26af 100644 --- a/DevAudit.CommandLine/packages.config +++ b/DevAudit.CommandLine/packages.config @@ -3,4 +3,5 @@ + \ No newline at end of file From 08ae17b567db2b2c1aa7a9778ec82eab98ac706d Mon Sep 17 00:00:00 2001 From: DamianBis Date: Thu, 25 Apr 2019 23:26:06 +1000 Subject: [PATCH 5/6] Move Package Source Serializer to its own file --- .../Serializers/PackageSourceSerializer.cs | 45 +++++++++++++++++++ .../Targets/PackageSource.cs | 36 --------------- 2 files changed, 45 insertions(+), 36 deletions(-) create mode 100644 DevAudit.AuditLibrary/Serializers/PackageSourceSerializer.cs diff --git a/DevAudit.AuditLibrary/Serializers/PackageSourceSerializer.cs b/DevAudit.AuditLibrary/Serializers/PackageSourceSerializer.cs new file mode 100644 index 00000000..379b29d4 --- /dev/null +++ b/DevAudit.AuditLibrary/Serializers/PackageSourceSerializer.cs @@ -0,0 +1,45 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; +using System.Threading.Tasks; + +namespace DevAudit.AuditLibrary.Serializers +{ + public class PackageSourceSerializer : JsonConverter + { + public override void WriteJson(JsonWriter writer, object value, JsonSerializer serializer) + { + PackageSource val = (PackageSource)value; + + writer.WriteStartObject(); + writer.WritePropertyName("Packages Audited"); + serializer.Serialize(writer, val.Vulnerabilities.Values.Count()); + writer.WritePropertyName("Vulnerabilities Found"); + int total_vulnerabilities = val.Vulnerabilities.Sum(v => v.Value != null ? v.Value.Count(pv => pv.PackageVersionIsInRange) : 0); + serializer.Serialize(writer, total_vulnerabilities); + writer.WritePropertyName("Packages"); + writer.WriteStartArray(); + foreach (var vul in val.Vulnerabilities) + { + writer.WriteStartObject(); + writer.WritePropertyName("Package"); + serializer.Serialize(writer, vul.Key); + writer.WritePropertyName("Vulnerabilities"); + serializer.Serialize(writer, vul.Value); + writer.WriteEndObject(); + } + writer.WriteEndObject(); + } + + public override object ReadJson(JsonReader reader, Type objectType, object existingValue, JsonSerializer serializer) + { + throw new NotImplementedException(); + } + + public override bool CanConvert(Type objectType) + { + return typeof(PackageSource).IsAssignableFrom(objectType); + } + } +} diff --git a/DevAudit.AuditLibrary/Targets/PackageSource.cs b/DevAudit.AuditLibrary/Targets/PackageSource.cs index 031892b5..1535e101 100644 --- a/DevAudit.AuditLibrary/Targets/PackageSource.cs +++ b/DevAudit.AuditLibrary/Targets/PackageSource.cs @@ -15,42 +15,6 @@ namespace DevAudit.AuditLibrary { - public class PackageSourceSerializer : JsonConverter - { - public override void WriteJson(JsonWriter writer, object value, JsonSerializer serializer) - { - PackageSource val = (PackageSource)value; - - writer.WriteStartObject(); - writer.WritePropertyName("Packages Audited"); - serializer.Serialize(writer, val.Vulnerabilities.Values.Count()); - writer.WritePropertyName("Vulnerabilities Found"); - int total_vulnerabilities = val.Vulnerabilities.Sum(v => v.Value != null ? v.Value.Count(pv => pv.PackageVersionIsInRange) : 0); - serializer.Serialize(writer, total_vulnerabilities); - writer.WritePropertyName("Packages"); - writer.WriteStartArray(); - foreach(var vul in val.Vulnerabilities) - { - writer.WriteStartObject(); - writer.WritePropertyName("Package"); - serializer.Serialize(writer, vul.Key); - writer.WritePropertyName("Vulnerabilities"); - serializer.Serialize(writer, vul.Value); - writer.WriteEndObject(); - } - writer.WriteEndObject(); - } - - public override object ReadJson(JsonReader reader, Type objectType, object existingValue, JsonSerializer serializer) - { - throw new NotImplementedException(); - } - - public override bool CanConvert(Type objectType) - { - return typeof(PackageSource).IsAssignableFrom(objectType); - } - } [JsonConverter(typeof(PackageSourceSerializer))] public abstract class PackageSource : AuditTarget From 4598afb75c37a813d21dc3540b00d3b3e975bae8 Mon Sep 17 00:00:00 2001 From: DamianBis Date: Thu, 25 Apr 2019 23:28:58 +1000 Subject: [PATCH 6/6] update namespace --- DevAudit.AuditLibrary/DevAudit.AuditLibrary.csproj | 1 + DevAudit.AuditLibrary/Serializers/PackageSourceSerializer.cs | 5 +++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/DevAudit.AuditLibrary/DevAudit.AuditLibrary.csproj b/DevAudit.AuditLibrary/DevAudit.AuditLibrary.csproj index 1e73366f..a1e71da1 100644 --- a/DevAudit.AuditLibrary/DevAudit.AuditLibrary.csproj +++ b/DevAudit.AuditLibrary/DevAudit.AuditLibrary.csproj @@ -282,6 +282,7 @@ + diff --git a/DevAudit.AuditLibrary/Serializers/PackageSourceSerializer.cs b/DevAudit.AuditLibrary/Serializers/PackageSourceSerializer.cs index 379b29d4..06bdfffb 100644 --- a/DevAudit.AuditLibrary/Serializers/PackageSourceSerializer.cs +++ b/DevAudit.AuditLibrary/Serializers/PackageSourceSerializer.cs @@ -1,10 +1,11 @@ -using System; +using Newtonsoft.Json; +using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.Threading.Tasks; -namespace DevAudit.AuditLibrary.Serializers +namespace DevAudit.AuditLibrary { public class PackageSourceSerializer : JsonConverter {