RubyGems - bibliothecary - Versions diffs - 11.0.0 → 11.0.1 - Mend

bibliothecary 11.0.0 → 11.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +7 -0
data/lib/bibliothecary/parsers/maven.rb +62 -36
data/lib/bibliothecary/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ed25de135032f95b602569a3ad5c1476f36be42599c0cd1b29032ecf7de8a47b
-  data.tar.gz: 6401e84f7ce40b499b4da8274f775813fe1dcfa41843e7cbcc761293ff287c0d
+  metadata.gz: 78844f8813583a84df76e0ad0c72f9b8136b47d82aec8194e3e6766049ba721b
+  data.tar.gz: bb84e383f0bbded7361d7efbf4550f100d08281a294def960c95ddb1dca4f97c
 SHA512:
-  metadata.gz: 8f0cedd4ebe9e4248ac0151b4073fa2671466cb4c4e04b2b1dc7e9a8daecbfca34126fa870cab97d3e95e231dcc8f1e01295a7c3b9b907bf64db1443dfa2ff7e
-  data.tar.gz: c44115bb427765889d363e59685dfe3bd7fff63b27bca352f453b74da2ddf269d75a526453eb0bdfcfdb219d073cea5172fbfdc4731f38a1d86d8748a7c030b9
+  metadata.gz: f537a3fd368046789baf28c758b8f60d8832b7601f2ae78211a78d4d583ee7ddc4d4729f1ca3387e92958756586a6c1608099a4849db70c9e0a2a3b7405ff564
+  data.tar.gz: 8b9d7e93affe8df9d4e898bf4c128f912f16dd2e1c61ba7dfde0163690df91c173ed0a75c48717a702ddb45dfff2053527b5730c3d76738e7bf51b2344d09cff

data/CHANGELOG.md CHANGED Viewed

@@ -13,6 +13,13 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Removed
+## [11.0.1] - 2024-12-20
+### Changed
+- Alow retrieving maven versions from parent poms
 ## [11.0.0] - 2024-11-22
 ### Changed

data/lib/bibliothecary/parsers/maven.rb CHANGED Viewed

@@ -294,48 +294,74 @@ module Bibliothecary
         parse_pom_manifest(file_contents, {}, options: options)
       end
-      # parent_properties is used by Libraries:
-      # https://github.com/librariesio/libraries.io/blob/e970925aade2596a03268b6e1be785eba8502c62/app/models/package_manager/maven.rb#L129
       def self.parse_pom_manifest(file_contents, parent_properties = {}, options: {}) # rubocop:disable Lint/UnusedMethodArgument
-        manifest = Ox.parse file_contents
-        xml = manifest.respond_to?("project") ? manifest.project : manifest
-        [].tap do |deps|
-          # <dependencyManagement> is a namespace to specify artifact configuration (e.g. version), but it doesn't
-          # actually add dependencies to your project. Grab these and keep them for reference while parsing <dependencies>
-          # Ref: https://maven.apache.org/pom.html#Dependency_Management
-          # Ref: https://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html#transitive-dependencies
-          dependencyManagement = xml.locate("dependencyManagement/dependencies/dependency").map do |dep|
-            {
-              groupId: extract_pom_dep_info(xml, dep, "groupId", parent_properties),
-              artifactId: extract_pom_dep_info(xml, dep, "artifactId", parent_properties),
-              version: extract_pom_dep_info(xml, dep, "version", parent_properties),
-              scope: extract_pom_dep_info(xml, dep, "scope", parent_properties),
-            }
-          end
-          # <dependencies> is the namespace that will add dependencies to your project.
-          xml.locate("dependencies/dependency").each do |dep|
-            groupId = extract_pom_dep_info(xml, dep, "groupId", parent_properties)
-            artifactId = extract_pom_dep_info(xml, dep, "artifactId", parent_properties)
-            version = extract_pom_dep_info(xml, dep, "version", parent_properties)
-            scope = extract_pom_dep_info(xml, dep, "scope", parent_properties)
-            # Use any dep configurations from <dependencyManagement> as fallbacks
-            if (depConfig = dependencyManagement.find { |d| d[:groupId] == groupId && d[:artifactId] == artifactId })
-              version ||= depConfig[:version]
-              scope ||= depConfig[:scope]
+        parse_pom_manifests([file_contents], parent_properties)
+      end
+      # @param files [Array<String>] Ordered array of strings containing the
+      # pom.xml bodies. The first element should be the child file.
+      # @param merged_properties [Hash]
+      def self.parse_pom_manifests(files, merged_properties)
+        documents = files.map do |file|
+          doc = Ox.parse(file)
+          doc.respond_to?("project") ? doc.project : doc
+        end
+        mergedDependencyManagements = {}
+        documents.each do |document|
+           document.locate("dependencyManagement/dependencies/dependency").each do |dep|
+              groupId = extract_pom_dep_info(document, dep, "groupId", merged_properties)
+              artifactId = extract_pom_dep_info(document, dep, "artifactId", merged_properties)
+              key = "#{groupId}:#{artifactId}"
+              mergedDependencyManagements[key] ||=
+                {
+                  groupId: groupId,
+                  artifactId: artifactId,
+                  version: extract_pom_dep_info(document, dep, "version", merged_properties),
+                  scope: extract_pom_dep_info(document, dep, "scope", merged_properties),
+                }
+           end
+        end
+        dep_hashes = {}
+        documents.each do |document|
+          document.locate("dependencies/dependency").each do |dep|
+            groupId = extract_pom_dep_info(document, dep, "groupId", merged_properties)
+            artifactId = extract_pom_dep_info(document, dep, "artifactId", merged_properties)
+            key = "#{groupId}:#{artifactId}"
+            unless dep_hashes.key?(key)
+              dep_hashes[key] = {
+                name: key,
+                requirement: nil,
+                type: nil,
+                optional: nil,
+              }
             end
+            dep_hash = dep_hashes[key]
+            dep_hash[:requirement] ||= extract_pom_dep_info(document, dep, "version", merged_properties)
+            dep_hash[:type] ||= extract_pom_dep_info(document, dep, "scope", merged_properties)
-            dep_hash = {
-              name: "#{groupId}:#{artifactId}",
-              requirement: version,
-              type: scope || "runtime",
-            }
             # optional field is, itself, optional, and will be either "true" or "false"
-            optional = extract_pom_dep_info(xml, dep, "optional", parent_properties)
-            dep_hash[:optional] = optional == "true" unless optional.nil?
-            deps.push(Dependency.new(**dep_hash))
+            optional = extract_pom_dep_info(document, dep, "optional", merged_properties)
+            if dep_hash[:optional].nil? && !optional.nil?
+              dep_hash[:optional] = optional == "true"
+            end
+          end
+        end
+        # Anything that wasn't covered by a dependency version, get from the
+        # dependencyManagements
+        dep_hashes.each do |key, dep_hash|
+          if (dependencyManagement = mergedDependencyManagements[key])
+            dep_hash[:requirement] ||= dependencyManagement[:version]
+            dep_hash[:type] ||= dependencyManagement[:scope]
           end
+          dep_hash[:type] ||= "runtime"
         end
+        dep_hashes.map{|key, dep_hash| Dependency.new(**dep_hash)}
       end
       def self.parse_gradle(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument

data/lib/bibliothecary/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Bibliothecary
-  VERSION = "11.0.0"
+  VERSION = "11.0.1"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bibliothecary
 version: !ruby/object:Gem::Version
-  version: 11.0.0
+  version: 11.0.1
 platform: ruby
 authors:
 - Andrew Nesbitt
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-11-25 00:00:00.000000000 Z
+date: 2024-12-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: tomlrb