From 891b9f7a997ce5e5892c1b0f166a921ff07abf68 Mon Sep 17 00:00:00 2001
From: AmbulantRex <21176662+AmbulantRex@users.noreply.github.com>
Date: Thu, 30 Mar 2023 08:59:21 -0600
Subject: [PATCH] Add DLL whitelist support for plugins
---
.../Library/PathExtensions.cs | 99 ++++++++++---
.../Plugins/PluginManager.cs | 83 ++++++++++-
MediaBrowser.Common/Plugins/PluginManifest.cs | 9 ++
MediaBrowser.Model/Updates/VersionInfo.cs | 8 ++
.../Library/PathExtensionsTests.cs | 43 ++++++
.../Plugins/PluginManagerTests.cs | 135 ++++++++++++++++++
.../Test Data/Updates/manifest-stable.json | 10 +-
.../Updates/InstallationManagerTests.cs | 14 ++
8 files changed, 375 insertions(+), 26 deletions(-)
diff --git a/Emby.Server.Implementations/Library/PathExtensions.cs b/Emby.Server.Implementations/Library/PathExtensions.cs
index 64e7d54466..7e0d0b78d5 100644
--- a/Emby.Server.Implementations/Library/PathExtensions.cs
+++ b/Emby.Server.Implementations/Library/PathExtensions.cs
@@ -1,6 +1,9 @@
using System;
using System.Diagnostics.CodeAnalysis;
+using System.IO;
+using System.Linq;
using MediaBrowser.Common.Providers;
+using Nikse.SubtitleEdit.Core.Common;
namespace Emby.Server.Implementations.Library
{
@@ -86,24 +89,8 @@ namespace Emby.Server.Implementations.Library
return false;
}
- char oldDirectorySeparatorChar;
- char newDirectorySeparatorChar;
- // True normalization is still not possible https://github.com/dotnet/runtime/issues/2162
- // The reasoning behind this is that a forward slash likely means it's a Linux path and
- // so the whole path should be normalized to use / and vice versa for Windows (although Windows doesn't care much).
- if (newSubPath.Contains('/', StringComparison.Ordinal))
- {
- oldDirectorySeparatorChar = '\\';
- newDirectorySeparatorChar = '/';
- }
- else
- {
- oldDirectorySeparatorChar = '/';
- newDirectorySeparatorChar = '\\';
- }
-
- path = path.Replace(oldDirectorySeparatorChar, newDirectorySeparatorChar);
- subPath = subPath.Replace(oldDirectorySeparatorChar, newDirectorySeparatorChar);
+ subPath = subPath.NormalizePath(out var newDirectorySeparatorChar)!;
+ path = path.NormalizePath(newDirectorySeparatorChar)!;
// We have to ensure that the sub path ends with a directory separator otherwise we'll get weird results
// when the sub path matches a similar but in-complete subpath
@@ -120,12 +107,86 @@ namespace Emby.Server.Implementations.Library
return false;
}
- var newSubPathTrimmed = newSubPath.AsSpan().TrimEnd(newDirectorySeparatorChar);
+ var newSubPathTrimmed = newSubPath.AsSpan().TrimEnd((char)newDirectorySeparatorChar!);
// Ensure that the path with the old subpath removed starts with a leading dir separator
int idx = oldSubPathEndsWithSeparator ? subPath.Length - 1 : subPath.Length;
newPath = string.Concat(newSubPathTrimmed, path.AsSpan(idx));
return true;
}
+
+ ///
+ /// Retrieves the full resolved path and normalizes path separators to the .
+ ///
+ /// The path to canonicalize.
+ /// The fully expanded, normalized path.
+ public static string Canonicalize(this string path)
+ {
+ return Path.GetFullPath(path).NormalizePath()!;
+ }
+
+ ///
+ /// Normalizes the path's directory separator character to the currently defined .
+ ///
+ /// The path to normalize.
+ /// The normalized path string or if the input path is null or empty.
+ public static string? NormalizePath(this string? path)
+ {
+ return path.NormalizePath(Path.DirectorySeparatorChar);
+ }
+
+ ///
+ /// Normalizes the path's directory separator character.
+ ///
+ /// The path to normalize.
+ /// The separator character the path now uses or .
+ /// The normalized path string or if the input path is null or empty.
+ public static string? NormalizePath(this string? path, out char separator)
+ {
+ if (string.IsNullOrEmpty(path))
+ {
+ separator = default;
+ return path;
+ }
+
+ var newSeparator = '\\';
+
+ // True normalization is still not possible https://github.com/dotnet/runtime/issues/2162
+ // The reasoning behind this is that a forward slash likely means it's a Linux path and
+ // so the whole path should be normalized to use / and vice versa for Windows (although Windows doesn't care much).
+ if (path.Contains('/', StringComparison.Ordinal))
+ {
+ newSeparator = '/';
+ }
+
+ separator = newSeparator;
+
+ return path?.NormalizePath(newSeparator);
+ }
+
+ ///
+ /// Normalizes the path's directory separator character to the specified character.
+ ///
+ /// The path to normalize.
+ /// The replacement directory separator character. Must be a valid directory separator.
+ /// The normalized path.
+ /// Thrown if the new separator character is not a directory separator.
+ public static string? NormalizePath(this string? path, char newSeparator)
+ {
+ const char Bs = '\\';
+ const char Fs = '/';
+
+ if (!(newSeparator == Bs || newSeparator == Fs))
+ {
+ throw new ArgumentException("The character must be a directory separator.");
+ }
+
+ if (string.IsNullOrEmpty(path))
+ {
+ return path;
+ }
+
+ return newSeparator == Bs ? path?.Replace(Fs, newSeparator) : path?.Replace(Bs, newSeparator);
+ }
}
}
diff --git a/Emby.Server.Implementations/Plugins/PluginManager.cs b/Emby.Server.Implementations/Plugins/PluginManager.cs
index 7c23254a12..a5c55c8a09 100644
--- a/Emby.Server.Implementations/Plugins/PluginManager.cs
+++ b/Emby.Server.Implementations/Plugins/PluginManager.cs
@@ -1,5 +1,6 @@
using System;
using System.Collections.Generic;
+using System.Data;
using System.Globalization;
using System.IO;
using System.Linq;
@@ -9,6 +10,8 @@ using System.Runtime.Loader;
using System.Text;
using System.Text.Json;
using System.Threading.Tasks;
+using Emby.Server.Implementations.Library;
+using Jellyfin.Extensions;
using Jellyfin.Extensions.Json;
using Jellyfin.Extensions.Json.Converters;
using MediaBrowser.Common;
@@ -19,8 +22,11 @@ using MediaBrowser.Model.Configuration;
using MediaBrowser.Model.IO;
using MediaBrowser.Model.Plugins;
using MediaBrowser.Model.Updates;
+using Microsoft.AspNetCore.Mvc.ApplicationParts;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Logging;
+using Nikse.SubtitleEdit.Core.Common;
+using SQLitePCL.pretty;
namespace Emby.Server.Implementations.Plugins
{
@@ -44,7 +50,7 @@ namespace Emby.Server.Implementations.Plugins
///
/// Initializes a new instance of the class.
///
- /// The .
+ /// The .
/// The .
/// The .
/// The plugin path.
@@ -424,7 +430,8 @@ namespace Emby.Server.Implementations.Plugins
Version = versionInfo.Version,
Status = status == PluginStatus.Disabled ? PluginStatus.Disabled : PluginStatus.Active, // Keep disabled state.
AutoUpdate = true,
- ImagePath = imagePath
+ ImagePath = imagePath,
+ Assemblies = versionInfo.Assemblies
};
return SaveManifest(manifest, path);
@@ -688,7 +695,15 @@ namespace Emby.Server.Implementations.Plugins
var entry = versions[x];
if (!string.Equals(lastName, entry.Name, StringComparison.OrdinalIgnoreCase))
{
- entry.DllFiles = Directory.GetFiles(entry.Path, "*.dll", SearchOption.AllDirectories);
+ if (!TryGetPluginDlls(entry, out var allowedDlls))
+ {
+ _logger.LogError("One or more assembly paths was invalid. Marking plugin {Plugin} as \"Malfunctioned\".", entry.Name);
+ ChangePluginState(entry, PluginStatus.Malfunctioned);
+ continue;
+ }
+
+ entry.DllFiles = allowedDlls;
+
if (entry.IsEnabledAndSupported)
{
lastName = entry.Name;
@@ -734,6 +749,68 @@ namespace Emby.Server.Implementations.Plugins
return versions.Where(p => p.DllFiles.Count != 0);
}
+ ///
+ /// Attempts to retrieve valid DLLs from the plugin path. This method will consider the assembly whitelist
+ /// from the manifest.
+ ///
+ ///
+ /// Loading DLLs from externally supplied paths introduces a path traversal risk. This method
+ /// uses a safelisting tactic of considering DLLs from the plugin directory and only using
+ /// the plugin's canonicalized assembly whitelist for comparison. See
+ /// for more details.
+ ///
+ /// The plugin.
+ /// The whitelisted DLLs. If the method returns , this will be empty.
+ ///
+ /// if all assemblies listed in the manifest were available in the plugin directory.
+ /// if any assemblies were invalid or missing from the plugin directory.
+ ///
+ /// If the is null.
+ private bool TryGetPluginDlls(LocalPlugin plugin, out IReadOnlyList whitelistedDlls)
+ {
+ _ = plugin ?? throw new ArgumentNullException(nameof(plugin));
+
+ IReadOnlyList pluginDlls = Directory.GetFiles(plugin.Path, "*.dll", SearchOption.AllDirectories);
+
+ whitelistedDlls = Array.Empty();
+ if (pluginDlls.Count > 0 && plugin.Manifest.Assemblies.Count > 0)
+ {
+ _logger.LogInformation("Registering whitelisted assemblies for plugin \"{Plugin}\"...", plugin.Name);
+
+ var canonicalizedPaths = new List();
+ foreach (var path in plugin.Manifest.Assemblies)
+ {
+ var canonicalized = Path.Combine(plugin.Path, path).Canonicalize();
+
+ // Ensure we stay in the plugin directory.
+ if (!canonicalized.StartsWith(plugin.Path.NormalizePath()!, StringComparison.Ordinal))
+ {
+ _logger.LogError("Assembly path {Path} is not inside the plugin directory.", path);
+ return false;
+ }
+
+ canonicalizedPaths.Add(canonicalized);
+ }
+
+ var intersected = pluginDlls.Intersect(canonicalizedPaths).ToList();
+
+ if (intersected.Count != canonicalizedPaths.Count)
+ {
+ _logger.LogError("Plugin {Plugin} contained assembly paths that were not found in the directory.", plugin.Name);
+ return false;
+ }
+
+ whitelistedDlls = intersected;
+ }
+ else
+ {
+ // No whitelist, default to loading all DLLs in plugin directory.
+ whitelistedDlls = pluginDlls;
+ }
+
+ return true;
+ }
+
///
/// Changes the status of the other versions of the plugin to "Superceded".
///
diff --git a/MediaBrowser.Common/Plugins/PluginManifest.cs b/MediaBrowser.Common/Plugins/PluginManifest.cs
index 2910dbe144..2bad3454d1 100644
--- a/MediaBrowser.Common/Plugins/PluginManifest.cs
+++ b/MediaBrowser.Common/Plugins/PluginManifest.cs
@@ -1,4 +1,5 @@
using System;
+using System.Collections.Generic;
using System.Text.Json.Serialization;
using MediaBrowser.Model.Plugins;
@@ -23,6 +24,7 @@ namespace MediaBrowser.Common.Plugins
Overview = string.Empty;
TargetAbi = string.Empty;
Version = string.Empty;
+ Assemblies = new List();
}
///
@@ -104,5 +106,12 @@ namespace MediaBrowser.Common.Plugins
///
[JsonPropertyName("imagePath")]
public string? ImagePath { get; set; }
+
+ ///
+ /// Gets or sets the collection of assemblies that should be loaded.
+ /// Paths are considered relative to the plugin folder.
+ ///
+ [JsonPropertyName("assemblies")]
+ public IList Assemblies { get; set; }
}
}
diff --git a/MediaBrowser.Model/Updates/VersionInfo.cs b/MediaBrowser.Model/Updates/VersionInfo.cs
index 320199f984..1e24bde84e 100644
--- a/MediaBrowser.Model/Updates/VersionInfo.cs
+++ b/MediaBrowser.Model/Updates/VersionInfo.cs
@@ -1,3 +1,5 @@
+using System;
+using System.Collections.Generic;
using System.Text.Json.Serialization;
using SysVersion = System.Version;
@@ -73,5 +75,11 @@ namespace MediaBrowser.Model.Updates
///
[JsonPropertyName("repositoryUrl")]
public string RepositoryUrl { get; set; } = string.Empty;
+
+ ///
+ /// Gets or sets the assemblies whitelist for this version.
+ ///
+ [JsonPropertyName("assemblies")]
+ public IList Assemblies { get; set; } = Array.Empty();
}
}
diff --git a/tests/Jellyfin.Server.Implementations.Tests/Library/PathExtensionsTests.cs b/tests/Jellyfin.Server.Implementations.Tests/Library/PathExtensionsTests.cs
index be2dfe0a86..c33a957e69 100644
--- a/tests/Jellyfin.Server.Implementations.Tests/Library/PathExtensionsTests.cs
+++ b/tests/Jellyfin.Server.Implementations.Tests/Library/PathExtensionsTests.cs
@@ -1,4 +1,5 @@
using System;
+using System.IO;
using Emby.Server.Implementations.Library;
using Xunit;
@@ -73,5 +74,47 @@ namespace Jellyfin.Server.Implementations.Tests.Library
Assert.False(PathExtensions.TryReplaceSubPath(path, subPath, newSubPath, out var result));
Assert.Null(result);
}
+
+ [Theory]
+ [InlineData(null, '/', null)]
+ [InlineData(null, '\\', null)]
+ [InlineData("/home/jeff/myfile.mkv", '\\', "\\home\\jeff\\myfile.mkv")]
+ [InlineData("C:\\Users\\Jeff\\myfile.mkv", '/', "C:/Users/Jeff/myfile.mkv")]
+ [InlineData("\\home/jeff\\myfile.mkv", '\\', "\\home\\jeff\\myfile.mkv")]
+ [InlineData("\\home/jeff\\myfile.mkv", '/', "/home/jeff/myfile.mkv")]
+ [InlineData("", '/', "")]
+ public void NormalizePath_SpecifyingSeparator_Normalizes(string path, char separator, string expectedPath)
+ {
+ Assert.Equal(expectedPath, path.NormalizePath(separator));
+ }
+
+ [Theory]
+ [InlineData("/home/jeff/myfile.mkv")]
+ [InlineData("C:\\Users\\Jeff\\myfile.mkv")]
+ [InlineData("\\home/jeff\\myfile.mkv")]
+ public void NormalizePath_NoArgs_UsesDirectorySeparatorChar(string path)
+ {
+ var separator = Path.DirectorySeparatorChar;
+
+ Assert.Equal(path.Replace('\\', separator).Replace('/', separator), path.NormalizePath());
+ }
+
+ [Theory]
+ [InlineData("/home/jeff/myfile.mkv", '/')]
+ [InlineData("C:\\Users\\Jeff\\myfile.mkv", '\\')]
+ [InlineData("\\home/jeff\\myfile.mkv", '/')]
+ public void NormalizePath_OutVar_Correct(string path, char expectedSeparator)
+ {
+ var result = path.NormalizePath(out var separator);
+
+ Assert.Equal(expectedSeparator, separator);
+ Assert.Equal(path.Replace('\\', separator).Replace('/', separator), result);
+ }
+
+ [Fact]
+ public void NormalizePath_SpecifyInvalidSeparator_ThrowsException()
+ {
+ Assert.Throws(() => string.Empty.NormalizePath('a'));
+ }
}
}
diff --git a/tests/Jellyfin.Server.Implementations.Tests/Plugins/PluginManagerTests.cs b/tests/Jellyfin.Server.Implementations.Tests/Plugins/PluginManagerTests.cs
index bc6a447410..d9fdc96f55 100644
--- a/tests/Jellyfin.Server.Implementations.Tests/Plugins/PluginManagerTests.cs
+++ b/tests/Jellyfin.Server.Implementations.Tests/Plugins/PluginManagerTests.cs
@@ -1,7 +1,12 @@
using System;
using System.IO;
+using System.Text.Json;
+using Emby.Server.Implementations.Library;
using Emby.Server.Implementations.Plugins;
+using Jellyfin.Extensions.Json;
+using Jellyfin.Extensions.Json.Converters;
using MediaBrowser.Common.Plugins;
+using MediaBrowser.Model.Plugins;
using Microsoft.Extensions.Logging.Abstractions;
using Xunit;
@@ -40,6 +45,136 @@ namespace Jellyfin.Server.Implementations.Tests.Plugins
Assert.Equal(manifest.Status, res.Manifest.Status);
Assert.Equal(manifest.AutoUpdate, res.Manifest.AutoUpdate);
Assert.Equal(manifest.ImagePath, res.Manifest.ImagePath);
+ Assert.Equal(manifest.Assemblies, res.Manifest.Assemblies);
+ }
+
+ ///
+ /// Tests safe traversal within the plugin directory.
+ ///
+ /// The safe path to evaluate.
+ [Theory]
+ [InlineData("./some.dll")]
+ [InlineData("some.dll")]
+ [InlineData("sub/path/some.dll")]
+ public void Constructor_DiscoversSafePluginAssembly_Status_Active(string dllFile)
+ {
+ var manifest = new PluginManifest
+ {
+ Id = Guid.NewGuid(),
+ Name = "Safe Assembly",
+ Assemblies = new string[] { dllFile }
+ };
+
+ var filename = Path.GetFileName(dllFile)!;
+ var (tempPath, pluginPath) = GetTestPaths("safe");
+
+ Directory.CreateDirectory(Path.Combine(pluginPath, dllFile.Replace(filename, string.Empty, StringComparison.OrdinalIgnoreCase)));
+ File.Create(Path.Combine(pluginPath, dllFile));
+
+ var options = GetTestSerializerOptions();
+ var data = JsonSerializer.Serialize(manifest, options);
+ var metafilePath = Path.Combine(tempPath, "safe", "meta.json");
+
+ File.WriteAllText(metafilePath, data);
+
+ var pluginManager = new PluginManager(new NullLogger(), null!, null!, tempPath, new Version(1, 0));
+
+ var res = JsonSerializer.Deserialize(File.ReadAllText(metafilePath), options);
+
+ var expectedFullPath = Path.Combine(pluginPath, dllFile).Canonicalize();
+
+ Assert.NotNull(res);
+ Assert.NotEmpty(pluginManager.Plugins);
+ Assert.Equal(PluginStatus.Active, res!.Status);
+ Assert.Equal(expectedFullPath, pluginManager.Plugins[0].DllFiles[0]);
+ Assert.StartsWith(Path.Combine(tempPath, "safe"), expectedFullPath, StringComparison.InvariantCulture);
+ }
+
+ ///
+ /// Tests unsafe attempts to traverse to higher directories.
+ ///
+ ///
+ /// Attempts to load directories outside of the plugin should be
+ /// constrained. Path traversal, shell expansion, and double encoding
+ /// can be used to load unintended files.
+ /// See for more.
+ ///
+ /// The unsafe path to evaluate.
+ [Theory]
+ [InlineData("/some.dll")] // Root path.
+ [InlineData("../some.dll")] // Simple traversal.
+ [InlineData("C:\\some.dll")] // Windows root path.
+ [InlineData("test.txt")] // Not a DLL
+ [InlineData(".././.././../some.dll")] // Traversal with current and parent
+ [InlineData("..\\.\\..\\.\\..\\some.dll")] // Windows traversal with current and parent
+ [InlineData("\\\\network\\resource.dll")] // UNC Path
+ [InlineData("https://jellyfin.org/some.dll")] // URL
+ [InlineData("....//....//some.dll")] // Path replacement risk if a single "../" replacement occurs.
+ [InlineData("~/some.dll")] // Tilde poses a shell expansion risk, but is a valid path character.
+ public void Constructor_DiscoversUnsafePluginAssembly_Status_Malfunctioned(string unsafePath)
+ {
+ var manifest = new PluginManifest
+ {
+ Id = Guid.NewGuid(),
+ Name = "Unsafe Assembly",
+ Assemblies = new string[] { unsafePath }
+ };
+
+ var (tempPath, pluginPath) = GetTestPaths("unsafe");
+
+ Directory.CreateDirectory(pluginPath);
+
+ var files = new string[]
+ {
+ "../other.dll",
+ "some.dll"
+ };
+
+ foreach (var file in files)
+ {
+ File.Create(Path.Combine(pluginPath, file));
+ }
+
+ var options = GetTestSerializerOptions();
+ var data = JsonSerializer.Serialize(manifest, options);
+ var metafilePath = Path.Combine(tempPath, "unsafe", "meta.json");
+
+ File.WriteAllText(metafilePath, data);
+
+ var pluginManager = new PluginManager(new NullLogger(), null!, null!, tempPath, new Version(1, 0));
+
+ var res = JsonSerializer.Deserialize(File.ReadAllText(metafilePath), options);
+
+ Assert.NotNull(res);
+ Assert.Empty(pluginManager.Plugins);
+ Assert.Equal(PluginStatus.Malfunctioned, res!.Status);
+ }
+
+ private JsonSerializerOptions GetTestSerializerOptions()
+ {
+ var options = new JsonSerializerOptions(JsonDefaults.Options)
+ {
+ WriteIndented = true
+ };
+
+ for (var i = 0; i < options.Converters.Count; i++)
+ {
+ // Remove the Guid converter for parity with plugin manager.
+ if (options.Converters[i] is JsonGuidConverter converter)
+ {
+ options.Converters.Remove(converter);
+ }
+ }
+
+ return options;
+ }
+
+ private (string TempPath, string PluginPath) GetTestPaths(string pluginFolderName)
+ {
+ var tempPath = Path.Combine(_testPathRoot, "plugins-" + Path.GetRandomFileName());
+ var pluginPath = Path.Combine(tempPath, pluginFolderName);
+
+ return (tempPath, pluginPath);
}
}
}
diff --git a/tests/Jellyfin.Server.Implementations.Tests/Test Data/Updates/manifest-stable.json b/tests/Jellyfin.Server.Implementations.Tests/Test Data/Updates/manifest-stable.json
index fa8fbd8d2c..d69a52d6d0 100644
--- a/tests/Jellyfin.Server.Implementations.Tests/Test Data/Updates/manifest-stable.json
+++ b/tests/Jellyfin.Server.Implementations.Tests/Test Data/Updates/manifest-stable.json
@@ -13,7 +13,8 @@
"targetAbi": "10.6.0.0",
"sourceUrl": "https://repo.jellyfin.org/releases/plugin/anime/anime_10.0.0.0.zip",
"checksum": "93e969adeba1050423fc8817ed3c36f8",
- "timestamp": "2020-08-17T01:41:13Z"
+ "timestamp": "2020-08-17T01:41:13Z",
+ "assemblies": [ "Jellyfin.Plugin.Anime.dll" ]
},
{
"version": "9.0.0.0",
@@ -21,9 +22,10 @@
"targetAbi": "10.6.0.0",
"sourceUrl": "https://repo.jellyfin.org/releases/plugin/anime/anime_9.0.0.0.zip",
"checksum": "9b1cebff835813e15f414f44b40c41c8",
- "timestamp": "2020-07-20T01:30:16Z"
+ "timestamp": "2020-07-20T01:30:16Z",
+ "assemblies": [ "Jellyfin.Plugin.Anime.dll" ]
}
- ]
+ ]
},
{
"guid": "70b7b43b-471b-4159-b4be-56750c795499",
@@ -681,4 +683,4 @@
}
]
}
-]
\ No newline at end of file
+]
diff --git a/tests/Jellyfin.Server.Implementations.Tests/Updates/InstallationManagerTests.cs b/tests/Jellyfin.Server.Implementations.Tests/Updates/InstallationManagerTests.cs
index 7abd2e685f..70d03f8c4a 100644
--- a/tests/Jellyfin.Server.Implementations.Tests/Updates/InstallationManagerTests.cs
+++ b/tests/Jellyfin.Server.Implementations.Tests/Updates/InstallationManagerTests.cs
@@ -106,5 +106,19 @@ namespace Jellyfin.Server.Implementations.Tests.Updates
var ex = await Record.ExceptionAsync(() => _installationManager.InstallPackage(packageInfo, CancellationToken.None)).ConfigureAwait(false);
Assert.Null(ex);
}
+
+ [Fact]
+ public async Task InstallPackage_WithAssemblies_Success()
+ {
+ PackageInfo[] packages = await _installationManager.GetPackages(
+ "Jellyfin Stable",
+ "https://repo.jellyfin.org/releases/plugin/manifest-stable.json",
+ false);
+
+ packages = _installationManager.FilterPackages(packages, "Anime").ToArray();
+ Assert.Single(packages);
+ Assert.NotEmpty(packages[0].Versions[0].Assemblies);
+ Assert.Equal("Jellyfin.Plugin.Anime.dll", packages[0].Versions[0].Assemblies[0]);
+ }
}
}