bibliothecary 10.2.2 → 10.2.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8b6fe7d18802ded7298cac3401086635c59397905fceb05aecb3bc777a3e9457
-  data.tar.gz: 532ff9bb7bcb77a56648165ade6dc1110f43cc06cd1c79945c3ff8ecdde02e6d
+  metadata.gz: 305a667de2b400a8b78c0dcc8159442ec94a0d0c05cca71b3eb2ed25be9ddec3
+  data.tar.gz: 42645beb4d9cfa6aab4837045541d7747370f14f791f96c8aca31594aa9b614e
 SHA512:
-  metadata.gz: 61ec2054d0905c6f3cb448603bbecc44679e3b07425b8c18c0d5985cc1135788c36525f7567577f7f9c767b5744cf2db1e58c8cd445f35f0894354aacdad2049
-  data.tar.gz: 19e8740cefc0cb5098579f933813bdd5912ba5ff716097c69fac603572b9484b04cd4d60710f4048002ed85b5b40a586be10b114ca3a652eb34bbf3fc1354e39
+  metadata.gz: 8ef33d46181f9d9b33c53ef28b197b3b28d1dae1c1b9f8842019a716b547696c3a69ffa8c4c26ccc64e9cbb078d2559ffd57ae3688f5fee9554265aa5d0f6c4e
+  data.tar.gz: dec4e3346c4b2a6ff8b64a61e90d5d8956977b6b3b19b3b49d1caab9921d7c2f1b6f71d7023a36f12fed2498a8fa705f4efc4699337aef665ddb9385d7389413

data/.tidelift

@@ -0,0 +1 @@
+TIDELIFT_EXCLUDED_MANIFESTS=spec/fixtures

data/CHANGELOG.md

@@ -13,12 +13,22 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Removed
 
+## [10.2.4] - 2024-11-06
+
+### Changed
+
+- Fixed parsing of pom files where parent properties within the file are required for dependencies
+
 ## [10.2.2] - 2024-09-25
 
 ### Added
 
 - Support parsing *.spdx.json files
 
+### Changed
+- `Bibliothecary::PURL_TYPE_MAPPING` has changed to `Bibliothecary::PurlUtil::PURL_TYPE_MAPPING`
+- `Bibliothecary::MultiParsers::CycloneDX::ManifestEntries.full_name_for_purl` has changed to `Bibliothecary::PurlUtil.full_name`
+
 ## [10.2.0] - 2024-08-27
 
 ### Changed

data/lib/bibliothecary/multi_parsers/spdx.rb

@@ -76,7 +76,7 @@ module Bibliothecary
             spdx_version = match[1]
           elsif (match = stripped_line.match(PURL_REGEXP))
             purl = PackageURL.parse(match[1])
-            platform ||= purl.type
+            platform ||= PurlUtil::PURL_TYPE_MAPPING[purl.type]
             purl_name ||= PurlUtil.full_name(purl)
             purl_version ||= purl.version
           end
@@ -113,7 +113,7 @@ module Bibliothecary
 
           first_purl_string = package.dig("externalRefs")&.find { |ref| ref["referenceType"] == "purl" }&.dig("referenceLocator")
           purl = first_purl_string && PackageURL.parse(first_purl_string)
-          platform = purl&.type
+          platform = PurlUtil::PURL_TYPE_MAPPING[purl&.type]
           purl_name = PurlUtil.full_name(purl)
           purl_version = purl&.version
 

data/lib/bibliothecary/parsers/maven.rb

@@ -425,7 +425,6 @@ module Bibliothecary
         # the xml root is <project> so lookup the non property name in the xml
         # this converts ${project/group.id} -> ${group/id}
         non_prop_name = property_name.gsub(".", "/").gsub("project/", "")
-        return "${#{property_name}}" if !xml.respond_to?("properties") && parent_properties.empty? && xml.locate(non_prop_name).empty?
 
         prop_field = xml.properties.locate(property_name).first if xml.respond_to?("properties")
         parent_prop = parent_properties[property_name] ||                 # e.g. "${foo}"

data/lib/bibliothecary/version.rb

@@ -1,3 +1,3 @@
 module Bibliothecary
-  VERSION = "10.2.2"
+  VERSION = "10.2.4"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bibliothecary
 version: !ruby/object:Gem::Version
-  version: 10.2.2
+  version: 10.2.4
 platform: ruby
 authors:
 - Andrew Nesbitt
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-09-25 00:00:00.000000000 Z
+date: 2024-11-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: tomlrb
@@ -237,7 +237,7 @@ files:
 - ".rspec"
 - ".rubocop.yml"
 - ".ruby-version"
-- ".tidelift.yml"
+- ".tidelift"
 - CHANGELOG.md
 - CODE_OF_CONDUCT.md
 - Gemfile

data/.tidelift.yml

@@ -1,2 +0,0 @@
-ci:
-  extra_ignore_directories: [ spec/fixtures ]