bibliothecary 11.0.1 → 12.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (57) hide show
  1. checksums.yaml +4 -4
  2. data/.circleci/config.yml +2 -1
  3. data/.rubocop.yml +10 -2
  4. data/.ruby-version +1 -1
  5. data/CHANGELOG.md +24 -0
  6. data/Gemfile +16 -1
  7. data/Rakefile +2 -0
  8. data/bibliothecary.gemspec +11 -14
  9. data/bin/bibliothecary +2 -1
  10. data/bin/console +1 -0
  11. data/lib/bibliothecary/analyser/analysis.rb +13 -8
  12. data/lib/bibliothecary/analyser/determinations.rb +2 -0
  13. data/lib/bibliothecary/analyser/matchers.rb +17 -17
  14. data/lib/bibliothecary/analyser.rb +11 -8
  15. data/lib/bibliothecary/cli.rb +3 -1
  16. data/lib/bibliothecary/configuration.rb +3 -11
  17. data/lib/bibliothecary/dependency.rb +17 -15
  18. data/lib/bibliothecary/exceptions.rb +6 -2
  19. data/lib/bibliothecary/file_info.rb +9 -11
  20. data/lib/bibliothecary/multi_parsers/bundler_like_manifest.rb +13 -10
  21. data/lib/bibliothecary/multi_parsers/cyclonedx.rb +10 -8
  22. data/lib/bibliothecary/multi_parsers/dependencies_csv.rb +11 -4
  23. data/lib/bibliothecary/multi_parsers/json_runtime.rb +5 -2
  24. data/lib/bibliothecary/multi_parsers/spdx.rb +24 -19
  25. data/lib/bibliothecary/parsers/bower.rb +5 -3
  26. data/lib/bibliothecary/parsers/cargo.rb +10 -4
  27. data/lib/bibliothecary/parsers/cocoapods.rb +15 -11
  28. data/lib/bibliothecary/parsers/conda.rb +56 -33
  29. data/lib/bibliothecary/parsers/cpan.rb +6 -4
  30. data/lib/bibliothecary/parsers/cran.rb +10 -6
  31. data/lib/bibliothecary/parsers/dub.rb +4 -2
  32. data/lib/bibliothecary/parsers/elm.rb +4 -1
  33. data/lib/bibliothecary/parsers/go.rb +51 -43
  34. data/lib/bibliothecary/parsers/haxelib.rb +2 -1
  35. data/lib/bibliothecary/parsers/julia.rb +5 -1
  36. data/lib/bibliothecary/parsers/maven.rb +93 -77
  37. data/lib/bibliothecary/parsers/meteor.rb +2 -0
  38. data/lib/bibliothecary/parsers/npm.rb +97 -34
  39. data/lib/bibliothecary/parsers/nuget.rb +37 -28
  40. data/lib/bibliothecary/parsers/packagist.rb +21 -11
  41. data/lib/bibliothecary/parsers/pub.rb +4 -2
  42. data/lib/bibliothecary/parsers/pypi.rb +48 -37
  43. data/lib/bibliothecary/parsers/rubygems.rb +16 -12
  44. data/lib/bibliothecary/parsers/shard.rb +10 -7
  45. data/lib/bibliothecary/purl_util.rb +2 -4
  46. data/lib/bibliothecary/related_files_info.rb +7 -8
  47. data/lib/bibliothecary/runner/multi_manifest_filter.rb +5 -4
  48. data/lib/bibliothecary/runner.rb +12 -10
  49. data/lib/bibliothecary/version.rb +3 -1
  50. data/lib/bibliothecary.rb +7 -4
  51. data/lib/sdl_parser.rb +11 -6
  52. metadata +18 -120
  53. data/lib/bibliothecary/parsers/carthage.rb +0 -52
  54. data/lib/bibliothecary/parsers/clojars.rb +0 -38
  55. data/lib/bibliothecary/parsers/hackage.rb +0 -53
  56. data/lib/bibliothecary/parsers/hex.rb +0 -54
  57. data/lib/bibliothecary/parsers/swift_pm.rb +0 -35
metadata CHANGED
@@ -1,59 +1,17 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bibliothecary
3
3
  version: !ruby/object:Gem::Version
4
- version: 11.0.1
4
+ version: 12.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andrew Nesbitt
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-12-20 00:00:00.000000000 Z
11
+ date: 2025-01-30 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
- name: tomlrb
15
- requirement: !ruby/object:Gem::Requirement
16
- requirements:
17
- - - "~>"
18
- - !ruby/object:Gem::Version
19
- version: '2.0'
20
- type: :runtime
21
- prerelease: false
22
- version_requirements: !ruby/object:Gem::Requirement
23
- requirements:
24
- - - "~>"
25
- - !ruby/object:Gem::Version
26
- version: '2.0'
27
- - !ruby/object:Gem::Dependency
28
- name: librariesio-gem-parser
29
- requirement: !ruby/object:Gem::Requirement
30
- requirements:
31
- - - ">="
32
- - !ruby/object:Gem::Version
33
- version: '0'
34
- type: :runtime
35
- prerelease: false
36
- version_requirements: !ruby/object:Gem::Requirement
37
- requirements:
38
- - - ">="
39
- - !ruby/object:Gem::Version
40
- version: '0'
41
- - !ruby/object:Gem::Dependency
42
- name: ox
43
- requirement: !ruby/object:Gem::Requirement
44
- requirements:
45
- - - ">="
46
- - !ruby/object:Gem::Version
47
- version: 2.8.1
48
- type: :runtime
49
- prerelease: false
50
- version_requirements: !ruby/object:Gem::Requirement
51
- requirements:
52
- - - ">="
53
- - !ruby/object:Gem::Version
54
- version: 2.8.1
55
- - !ruby/object:Gem::Dependency
56
- name: typhoeus
14
+ name: commander
57
15
  requirement: !ruby/object:Gem::Requirement
58
16
  requirements:
59
17
  - - ">="
@@ -81,7 +39,7 @@ dependencies:
81
39
  - !ruby/object:Gem::Version
82
40
  version: '0'
83
41
  - !ruby/object:Gem::Dependency
84
- name: sdl4r
42
+ name: librariesio-gem-parser
85
43
  requirement: !ruby/object:Gem::Requirement
86
44
  requirements:
87
45
  - - ">="
@@ -95,19 +53,19 @@ dependencies:
95
53
  - !ruby/object:Gem::Version
96
54
  version: '0'
97
55
  - !ruby/object:Gem::Dependency
98
- name: commander
56
+ name: ox
99
57
  requirement: !ruby/object:Gem::Requirement
100
58
  requirements:
101
59
  - - ">="
102
60
  - !ruby/object:Gem::Version
103
- version: '0'
61
+ version: 2.8.1
104
62
  type: :runtime
105
63
  prerelease: false
106
64
  version_requirements: !ruby/object:Gem::Requirement
107
65
  requirements:
108
66
  - - ">="
109
67
  - !ruby/object:Gem::Version
110
- version: '0'
68
+ version: 2.8.1
111
69
  - !ruby/object:Gem::Dependency
112
70
  name: packageurl-ruby
113
71
  requirement: !ruby/object:Gem::Requirement
@@ -123,13 +81,13 @@ dependencies:
123
81
  - !ruby/object:Gem::Version
124
82
  version: '0'
125
83
  - !ruby/object:Gem::Dependency
126
- name: pry
84
+ name: sdl4r
127
85
  requirement: !ruby/object:Gem::Requirement
128
86
  requirements:
129
87
  - - ">="
130
88
  - !ruby/object:Gem::Version
131
89
  version: '0'
132
- type: :development
90
+ type: :runtime
133
91
  prerelease: false
134
92
  version_requirements: !ruby/object:Gem::Requirement
135
93
  requirements:
@@ -137,83 +95,27 @@ dependencies:
137
95
  - !ruby/object:Gem::Version
138
96
  version: '0'
139
97
  - !ruby/object:Gem::Dependency
140
- name: rake
141
- requirement: !ruby/object:Gem::Requirement
142
- requirements:
143
- - - "~>"
144
- - !ruby/object:Gem::Version
145
- version: '12.0'
146
- type: :development
147
- prerelease: false
148
- version_requirements: !ruby/object:Gem::Requirement
149
- requirements:
150
- - - "~>"
151
- - !ruby/object:Gem::Version
152
- version: '12.0'
153
- - !ruby/object:Gem::Dependency
154
- name: rspec
98
+ name: tomlrb
155
99
  requirement: !ruby/object:Gem::Requirement
156
100
  requirements:
157
101
  - - "~>"
158
102
  - !ruby/object:Gem::Version
159
- version: '3.0'
160
- type: :development
103
+ version: '2.0'
104
+ type: :runtime
161
105
  prerelease: false
162
106
  version_requirements: !ruby/object:Gem::Requirement
163
107
  requirements:
164
108
  - - "~>"
165
109
  - !ruby/object:Gem::Version
166
- version: '3.0'
167
- - !ruby/object:Gem::Dependency
168
- name: webmock
169
- requirement: !ruby/object:Gem::Requirement
170
- requirements:
171
- - - ">="
172
- - !ruby/object:Gem::Version
173
- version: '0'
174
- type: :development
175
- prerelease: false
176
- version_requirements: !ruby/object:Gem::Requirement
177
- requirements:
178
- - - ">="
179
- - !ruby/object:Gem::Version
180
- version: '0'
181
- - !ruby/object:Gem::Dependency
182
- name: vcr
183
- requirement: !ruby/object:Gem::Requirement
184
- requirements:
185
- - - ">="
186
- - !ruby/object:Gem::Version
187
- version: '0'
188
- type: :development
189
- prerelease: false
190
- version_requirements: !ruby/object:Gem::Requirement
191
- requirements:
192
- - - ">="
193
- - !ruby/object:Gem::Version
194
- version: '0'
195
- - !ruby/object:Gem::Dependency
196
- name: rubocop
197
- requirement: !ruby/object:Gem::Requirement
198
- requirements:
199
- - - ">="
200
- - !ruby/object:Gem::Version
201
- version: '0'
202
- type: :development
203
- prerelease: false
204
- version_requirements: !ruby/object:Gem::Requirement
205
- requirements:
206
- - - ">="
207
- - !ruby/object:Gem::Version
208
- version: '0'
110
+ version: '2.0'
209
111
  - !ruby/object:Gem::Dependency
210
- name: rubocop-rails
112
+ name: typhoeus
211
113
  requirement: !ruby/object:Gem::Requirement
212
114
  requirements:
213
115
  - - ">="
214
116
  - !ruby/object:Gem::Version
215
117
  version: '0'
216
- type: :development
118
+ type: :runtime
217
119
  prerelease: false
218
120
  version_requirements: !ruby/object:Gem::Requirement
219
121
  requirements:
@@ -265,8 +167,6 @@ files:
265
167
  - lib/bibliothecary/multi_parsers/spdx.rb
266
168
  - lib/bibliothecary/parsers/bower.rb
267
169
  - lib/bibliothecary/parsers/cargo.rb
268
- - lib/bibliothecary/parsers/carthage.rb
269
- - lib/bibliothecary/parsers/clojars.rb
270
170
  - lib/bibliothecary/parsers/cocoapods.rb
271
171
  - lib/bibliothecary/parsers/conda.rb
272
172
  - lib/bibliothecary/parsers/cpan.rb
@@ -274,9 +174,7 @@ files:
274
174
  - lib/bibliothecary/parsers/dub.rb
275
175
  - lib/bibliothecary/parsers/elm.rb
276
176
  - lib/bibliothecary/parsers/go.rb
277
- - lib/bibliothecary/parsers/hackage.rb
278
177
  - lib/bibliothecary/parsers/haxelib.rb
279
- - lib/bibliothecary/parsers/hex.rb
280
178
  - lib/bibliothecary/parsers/julia.rb
281
179
  - lib/bibliothecary/parsers/maven.rb
282
180
  - lib/bibliothecary/parsers/meteor.rb
@@ -287,7 +185,6 @@ files:
287
185
  - lib/bibliothecary/parsers/pypi.rb
288
186
  - lib/bibliothecary/parsers/rubygems.rb
289
187
  - lib/bibliothecary/parsers/shard.rb
290
- - lib/bibliothecary/parsers/swift_pm.rb
291
188
  - lib/bibliothecary/purl_util.rb
292
189
  - lib/bibliothecary/related_files_info.rb
293
190
  - lib/bibliothecary/runner.rb
@@ -297,7 +194,8 @@ files:
297
194
  homepage: https://github.com/librariesio/bibliothecary
298
195
  licenses:
299
196
  - AGPL-3.0
300
- metadata: {}
197
+ metadata:
198
+ rubygems_mfa_required: 'true'
301
199
  post_install_message:
302
200
  rdoc_options: []
303
201
  require_paths:
@@ -306,7 +204,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
306
204
  requirements:
307
205
  - - ">="
308
206
  - !ruby/object:Gem::Version
309
- version: '0'
207
+ version: 3.2.0
310
208
  required_rubygems_version: !ruby/object:Gem::Requirement
311
209
  requirements:
312
210
  - - ">="
data/lib/bibliothecary/parsers/carthage.rb DELETED
@@ -1,52 +0,0 @@
1
- module Bibliothecary
2
- module Parsers
3
- class Carthage
4
- include Bibliothecary::Analyser
5
-
6
- def self.mapping
7
- {
8
- match_filename("Cartfile") => {
9
- kind: "manifest",
10
- parser: :parse_cartfile,
11
- },
12
- match_filename("Cartfile.private") => {
13
- kind: "manifest",
14
- parser: :parse_cartfile_private,
15
- },
16
- match_filename("Cartfile.resolved") => {
17
- kind: "lockfile",
18
- parser: :parse_cartfile_resolved,
19
- },
20
- }
21
- end
22
-
23
- add_multi_parser(Bibliothecary::MultiParsers::DependenciesCSV)
24
-
25
- def self.parse_cartfile(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
26
- map_dependencies(file_contents, "cartfile")
27
- end
28
-
29
- def self.parse_cartfile_private(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
30
- map_dependencies(file_contents, "cartfile.private")
31
- end
32
-
33
- def self.parse_cartfile_resolved(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
34
- map_dependencies(file_contents, "cartfile.resolved")
35
- end
36
-
37
- def self.map_dependencies(manifest, path)
38
- response = Typhoeus.post("#{Bibliothecary.configuration.carthage_parser_host}/#{path}", params: { body: manifest })
39
- raise Bibliothecary::RemoteParsingError.new("Http Error #{response.response_code} when contacting: #{Bibliothecary.configuration.carthage_parser_host}/#{path}", response.response_code) unless response.success?
40
- json = JSON.parse(response.body)
41
-
42
- json.map do |dependency|
43
- Dependency.new(
44
- name: dependency["name"],
45
- requirement: dependency["version"],
46
- type: dependency["type"],
47
- )
48
- end
49
- end
50
- end
51
- end
52
- end
data/lib/bibliothecary/parsers/clojars.rb DELETED
@@ -1,38 +0,0 @@
1
- require "json"
2
- require "typhoeus"
3
-
4
- module Bibliothecary
5
- module Parsers
6
- class Clojars
7
- include Bibliothecary::Analyser
8
-
9
- def self.mapping
10
- {
11
- match_filename("project.clj") => {
12
- kind: "manifest",
13
- parser: :parse_manifest,
14
- },
15
- }
16
- end
17
-
18
- add_multi_parser(Bibliothecary::MultiParsers::DependenciesCSV)
19
-
20
- def self.parse_manifest(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
21
- response = Typhoeus.post("#{Bibliothecary.configuration.clojars_parser_host}/project.clj", body: file_contents)
22
- raise Bibliothecary::RemoteParsingError.new("Http Error #{response.response_code} when contacting: #{Bibliothecary.configuration.clojars_parser_host}/project.clj", response.response_code) unless response.success?
23
- json = JSON.parse response.body
24
- index = json.index("dependencies")
25
-
26
- return [] unless index;
27
- dependencies = json[index + 1]
28
- dependencies.map do |dependency|
29
- Dependency.new(
30
- name: dependency[0],
31
- requirement: dependency[1],
32
- type: "runtime",
33
- )
34
- end
35
- end
36
- end
37
- end
38
- end
data/lib/bibliothecary/parsers/hackage.rb DELETED
@@ -1,53 +0,0 @@
1
- require "json"
2
- require "deb_control"
3
-
4
- module Bibliothecary
5
- module Parsers
6
- class Hackage
7
- include Bibliothecary::Analyser
8
-
9
- def self.mapping
10
- {
11
- match_extension(".cabal") => {
12
- kind: "manifest",
13
- parser: :parse_cabal,
14
- },
15
- match_extension("cabal.config") => {
16
- kind: "lockfile",
17
- parser: :parse_cabal_config,
18
- },
19
- }
20
- end
21
-
22
- add_multi_parser(Bibliothecary::MultiParsers::CycloneDX)
23
- add_multi_parser(Bibliothecary::MultiParsers::DependenciesCSV)
24
- add_multi_parser(Bibliothecary::MultiParsers::Spdx)
25
-
26
- def self.parse_cabal(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
27
- headers = {
28
- "Content-Type" => "text/plain;charset=utf-8",
29
- }
30
-
31
- response = Typhoeus.post("#{Bibliothecary.configuration.cabal_parser_host}/parse", headers: headers, body: file_contents)
32
-
33
- raise Bibliothecary::RemoteParsingError.new("Http Error #{response.response_code} when contacting: #{Bibliothecary.configuration.cabal_parser_host}/parse", response.response_code) unless response.success?
34
- JSON
35
- .parse(response.body, symbolize_names: true)
36
- .map { |dep_kvs| Dependency.new(**dep_kvs) }
37
- end
38
-
39
- def self.parse_cabal_config(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
40
- manifest = DebControl::ControlFileBase.parse(file_contents)
41
- deps = manifest.first["constraints"].delete("\n").split(",").map(&:strip)
42
- deps.map do |dependency|
43
- dep = dependency.delete("==").split(" ")
44
- Dependency.new(
45
- name: dep[0],
46
- requirement: dep[1],
47
- type: "runtime",
48
- )
49
- end
50
- end
51
- end
52
- end
53
- end
data/lib/bibliothecary/parsers/hex.rb DELETED
@@ -1,54 +0,0 @@
1
- require "json"
2
-
3
- module Bibliothecary
4
- module Parsers
5
- class Hex
6
- include Bibliothecary::Analyser
7
-
8
- def self.mapping
9
- {
10
- match_filename("mix.exs") => {
11
- kind: "manifest",
12
- parser: :parse_mix,
13
- },
14
- match_filename("mix.lock") => {
15
- kind: "lockfile",
16
- parser: :parse_mix_lock,
17
- },
18
- }
19
- end
20
-
21
- add_multi_parser(Bibliothecary::MultiParsers::CycloneDX)
22
- add_multi_parser(Bibliothecary::MultiParsers::DependenciesCSV)
23
- add_multi_parser(Bibliothecary::MultiParsers::Spdx)
24
-
25
- def self.parse_mix(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
26
- response = Typhoeus.post("#{Bibliothecary.configuration.mix_parser_host}/", body: file_contents)
27
- raise Bibliothecary::RemoteParsingError.new("Http Error #{response.response_code} when contacting: #{Bibliothecary.configuration.mix_parser_host}/", response.response_code) unless response.success?
28
- json = JSON.parse response.body
29
-
30
- json.map do |name, version|
31
- Dependency.new(
32
- name: name,
33
- requirement: version,
34
- type: "runtime",
35
- )
36
- end
37
- end
38
-
39
- def self.parse_mix_lock(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
40
- response = Typhoeus.post("#{Bibliothecary.configuration.mix_parser_host}/lock", body: file_contents)
41
- raise Bibliothecary::RemoteParsingError.new("Http Error #{response.response_code} when contacting: #{Bibliothecary.configuration.mix_parser_host}/", response.response_code) unless response.success?
42
- json = JSON.parse response.body
43
-
44
- json.map do |name, info|
45
- Dependency.new(
46
- name: name,
47
- requirement: info["version"],
48
- type: "runtime",
49
- )
50
- end
51
- end
52
- end
53
- end
54
- end
data/lib/bibliothecary/parsers/swift_pm.rb DELETED
@@ -1,35 +0,0 @@
1
- module Bibliothecary
2
- module Parsers
3
- class SwiftPM
4
- include Bibliothecary::Analyser
5
-
6
- def self.mapping
7
- {
8
- match_filename("Package.swift", case_insensitive: true) => {
9
- kind: "manifest",
10
- parser: :parse_package_swift,
11
- },
12
- }
13
- end
14
-
15
- add_multi_parser(Bibliothecary::MultiParsers::CycloneDX)
16
- add_multi_parser(Bibliothecary::MultiParsers::DependenciesCSV)
17
- add_multi_parser(Bibliothecary::MultiParsers::Spdx)
18
-
19
- def self.parse_package_swift(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
20
- response = Typhoeus.post("#{Bibliothecary.configuration.swift_parser_host}/to-json", body: file_contents)
21
- raise Bibliothecary::RemoteParsingError.new("Http Error #{response.response_code} when contacting: #{Bibliothecary.configuration.swift_parser_host}/to-json", response.response_code) unless response.success?
22
- json = JSON.parse(response.body)
23
- json["dependencies"].map do |dependency|
24
- name = dependency["url"].gsub(/^https?:\/\//, "").gsub(/\.git$/,"")
25
- version = "#{dependency['version']['lowerBound']} - #{dependency['version']['upperBound']}"
26
- Dependency.new(
27
- name: name,
28
- requirement: version,
29
- type: "runtime",
30
- )
31
- end
32
- end
33
- end
34
- end
35
- end