bibliothecary 11.0.1 → 12.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (57) hide show
  1. checksums.yaml +4 -4
  2. data/.circleci/config.yml +2 -1
  3. data/.rubocop.yml +10 -2
  4. data/.ruby-version +1 -1
  5. data/CHANGELOG.md +24 -0
  6. data/Gemfile +16 -1
  7. data/Rakefile +2 -0
  8. data/bibliothecary.gemspec +11 -14
  9. data/bin/bibliothecary +2 -1
  10. data/bin/console +1 -0
  11. data/lib/bibliothecary/analyser/analysis.rb +13 -8
  12. data/lib/bibliothecary/analyser/determinations.rb +2 -0
  13. data/lib/bibliothecary/analyser/matchers.rb +17 -17
  14. data/lib/bibliothecary/analyser.rb +11 -8
  15. data/lib/bibliothecary/cli.rb +3 -1
  16. data/lib/bibliothecary/configuration.rb +3 -11
  17. data/lib/bibliothecary/dependency.rb +17 -15
  18. data/lib/bibliothecary/exceptions.rb +6 -2
  19. data/lib/bibliothecary/file_info.rb +9 -11
  20. data/lib/bibliothecary/multi_parsers/bundler_like_manifest.rb +13 -10
  21. data/lib/bibliothecary/multi_parsers/cyclonedx.rb +10 -8
  22. data/lib/bibliothecary/multi_parsers/dependencies_csv.rb +11 -4
  23. data/lib/bibliothecary/multi_parsers/json_runtime.rb +5 -2
  24. data/lib/bibliothecary/multi_parsers/spdx.rb +24 -19
  25. data/lib/bibliothecary/parsers/bower.rb +5 -3
  26. data/lib/bibliothecary/parsers/cargo.rb +10 -4
  27. data/lib/bibliothecary/parsers/cocoapods.rb +15 -11
  28. data/lib/bibliothecary/parsers/conda.rb +56 -33
  29. data/lib/bibliothecary/parsers/cpan.rb +6 -4
  30. data/lib/bibliothecary/parsers/cran.rb +10 -6
  31. data/lib/bibliothecary/parsers/dub.rb +4 -2
  32. data/lib/bibliothecary/parsers/elm.rb +4 -1
  33. data/lib/bibliothecary/parsers/go.rb +51 -43
  34. data/lib/bibliothecary/parsers/haxelib.rb +2 -1
  35. data/lib/bibliothecary/parsers/julia.rb +5 -1
  36. data/lib/bibliothecary/parsers/maven.rb +93 -77
  37. data/lib/bibliothecary/parsers/meteor.rb +2 -0
  38. data/lib/bibliothecary/parsers/npm.rb +97 -34
  39. data/lib/bibliothecary/parsers/nuget.rb +37 -28
  40. data/lib/bibliothecary/parsers/packagist.rb +21 -11
  41. data/lib/bibliothecary/parsers/pub.rb +4 -2
  42. data/lib/bibliothecary/parsers/pypi.rb +48 -37
  43. data/lib/bibliothecary/parsers/rubygems.rb +16 -12
  44. data/lib/bibliothecary/parsers/shard.rb +10 -7
  45. data/lib/bibliothecary/purl_util.rb +2 -4
  46. data/lib/bibliothecary/related_files_info.rb +7 -8
  47. data/lib/bibliothecary/runner/multi_manifest_filter.rb +5 -4
  48. data/lib/bibliothecary/runner.rb +12 -10
  49. data/lib/bibliothecary/version.rb +3 -1
  50. data/lib/bibliothecary.rb +7 -4
  51. data/lib/sdl_parser.rb +11 -6
  52. metadata +18 -120
  53. data/lib/bibliothecary/parsers/carthage.rb +0 -52
  54. data/lib/bibliothecary/parsers/clojars.rb +0 -38
  55. data/lib/bibliothecary/parsers/hackage.rb +0 -53
  56. data/lib/bibliothecary/parsers/hex.rb +0 -54
  57. data/lib/bibliothecary/parsers/swift_pm.rb +0 -35
metadata CHANGED
@@ -1,59 +1,17 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bibliothecary
3
3
  version: !ruby/object:Gem::Version
4
- version: 11.0.1
4
+ version: 12.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andrew Nesbitt
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-12-20 00:00:00.000000000 Z
11
+ date: 2025-01-30 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
- name: tomlrb
15
- requirement: !ruby/object:Gem::Requirement
16
- requirements:
17
- - - "~>"
18
- - !ruby/object:Gem::Version
19
- version: '2.0'
20
- type: :runtime
21
- prerelease: false
22
- version_requirements: !ruby/object:Gem::Requirement
23
- requirements:
24
- - - "~>"
25
- - !ruby/object:Gem::Version
26
- version: '2.0'
27
- - !ruby/object:Gem::Dependency
28
- name: librariesio-gem-parser
29
- requirement: !ruby/object:Gem::Requirement
30
- requirements:
31
- - - ">="
32
- - !ruby/object:Gem::Version
33
- version: '0'
34
- type: :runtime
35
- prerelease: false
36
- version_requirements: !ruby/object:Gem::Requirement
37
- requirements:
38
- - - ">="
39
- - !ruby/object:Gem::Version
40
- version: '0'
41
- - !ruby/object:Gem::Dependency
42
- name: ox
43
- requirement: !ruby/object:Gem::Requirement
44
- requirements:
45
- - - ">="
46
- - !ruby/object:Gem::Version
47
- version: 2.8.1
48
- type: :runtime
49
- prerelease: false
50
- version_requirements: !ruby/object:Gem::Requirement
51
- requirements:
52
- - - ">="
53
- - !ruby/object:Gem::Version
54
- version: 2.8.1
55
- - !ruby/object:Gem::Dependency
56
- name: typhoeus
14
+ name: commander
57
15
  requirement: !ruby/object:Gem::Requirement
58
16
  requirements:
59
17
  - - ">="
@@ -81,7 +39,7 @@ dependencies:
81
39
  - !ruby/object:Gem::Version
82
40
  version: '0'
83
41
  - !ruby/object:Gem::Dependency
84
- name: sdl4r
42
+ name: librariesio-gem-parser
85
43
  requirement: !ruby/object:Gem::Requirement
86
44
  requirements:
87
45
  - - ">="
@@ -95,19 +53,19 @@ dependencies:
95
53
  - !ruby/object:Gem::Version
96
54
  version: '0'
97
55
  - !ruby/object:Gem::Dependency
98
- name: commander
56
+ name: ox
99
57
  requirement: !ruby/object:Gem::Requirement
100
58
  requirements:
101
59
  - - ">="
102
60
  - !ruby/object:Gem::Version
103
- version: '0'
61
+ version: 2.8.1
104
62
  type: :runtime
105
63
  prerelease: false
106
64
  version_requirements: !ruby/object:Gem::Requirement
107
65
  requirements:
108
66
  - - ">="
109
67
  - !ruby/object:Gem::Version
110
- version: '0'
68
+ version: 2.8.1
111
69
  - !ruby/object:Gem::Dependency
112
70
  name: packageurl-ruby
113
71
  requirement: !ruby/object:Gem::Requirement
@@ -123,13 +81,13 @@ dependencies:
123
81
  - !ruby/object:Gem::Version
124
82
  version: '0'
125
83
  - !ruby/object:Gem::Dependency
126
- name: pry
84
+ name: sdl4r
127
85
  requirement: !ruby/object:Gem::Requirement
128
86
  requirements:
129
87
  - - ">="
130
88
  - !ruby/object:Gem::Version
131
89
  version: '0'
132
- type: :development
90
+ type: :runtime
133
91
  prerelease: false
134
92
  version_requirements: !ruby/object:Gem::Requirement
135
93
  requirements:
@@ -137,83 +95,27 @@ dependencies:
137
95
  - !ruby/object:Gem::Version
138
96
  version: '0'
139
97
  - !ruby/object:Gem::Dependency
140
- name: rake
141
- requirement: !ruby/object:Gem::Requirement
142
- requirements:
143
- - - "~>"
144
- - !ruby/object:Gem::Version
145
- version: '12.0'
146
- type: :development
147
- prerelease: false
148
- version_requirements: !ruby/object:Gem::Requirement
149
- requirements:
150
- - - "~>"
151
- - !ruby/object:Gem::Version
152
- version: '12.0'
153
- - !ruby/object:Gem::Dependency
154
- name: rspec
98
+ name: tomlrb
155
99
  requirement: !ruby/object:Gem::Requirement
156
100
  requirements:
157
101
  - - "~>"
158
102
  - !ruby/object:Gem::Version
159
- version: '3.0'
160
- type: :development
103
+ version: '2.0'
104
+ type: :runtime
161
105
  prerelease: false
162
106
  version_requirements: !ruby/object:Gem::Requirement
163
107
  requirements:
164
108
  - - "~>"
165
109
  - !ruby/object:Gem::Version
166
- version: '3.0'
167
- - !ruby/object:Gem::Dependency
168
- name: webmock
169
- requirement: !ruby/object:Gem::Requirement
170
- requirements:
171
- - - ">="
172
- - !ruby/object:Gem::Version
173
- version: '0'
174
- type: :development
175
- prerelease: false
176
- version_requirements: !ruby/object:Gem::Requirement
177
- requirements:
178
- - - ">="
179
- - !ruby/object:Gem::Version
180
- version: '0'
181
- - !ruby/object:Gem::Dependency
182
- name: vcr
183
- requirement: !ruby/object:Gem::Requirement
184
- requirements:
185
- - - ">="
186
- - !ruby/object:Gem::Version
187
- version: '0'
188
- type: :development
189
- prerelease: false
190
- version_requirements: !ruby/object:Gem::Requirement
191
- requirements:
192
- - - ">="
193
- - !ruby/object:Gem::Version
194
- version: '0'
195
- - !ruby/object:Gem::Dependency
196
- name: rubocop
197
- requirement: !ruby/object:Gem::Requirement
198
- requirements:
199
- - - ">="
200
- - !ruby/object:Gem::Version
201
- version: '0'
202
- type: :development
203
- prerelease: false
204
- version_requirements: !ruby/object:Gem::Requirement
205
- requirements:
206
- - - ">="
207
- - !ruby/object:Gem::Version
208
- version: '0'
110
+ version: '2.0'
209
111
  - !ruby/object:Gem::Dependency
210
- name: rubocop-rails
112
+ name: typhoeus
211
113
  requirement: !ruby/object:Gem::Requirement
212
114
  requirements:
213
115
  - - ">="
214
116
  - !ruby/object:Gem::Version
215
117
  version: '0'
216
- type: :development
118
+ type: :runtime
217
119
  prerelease: false
218
120
  version_requirements: !ruby/object:Gem::Requirement
219
121
  requirements:
@@ -265,8 +167,6 @@ files:
265
167
  - lib/bibliothecary/multi_parsers/spdx.rb
266
168
  - lib/bibliothecary/parsers/bower.rb
267
169
  - lib/bibliothecary/parsers/cargo.rb
268
- - lib/bibliothecary/parsers/carthage.rb
269
- - lib/bibliothecary/parsers/clojars.rb
270
170
  - lib/bibliothecary/parsers/cocoapods.rb
271
171
  - lib/bibliothecary/parsers/conda.rb
272
172
  - lib/bibliothecary/parsers/cpan.rb
@@ -274,9 +174,7 @@ files:
274
174
  - lib/bibliothecary/parsers/dub.rb
275
175
  - lib/bibliothecary/parsers/elm.rb
276
176
  - lib/bibliothecary/parsers/go.rb
277
- - lib/bibliothecary/parsers/hackage.rb
278
177
  - lib/bibliothecary/parsers/haxelib.rb
279
- - lib/bibliothecary/parsers/hex.rb
280
178
  - lib/bibliothecary/parsers/julia.rb
281
179
  - lib/bibliothecary/parsers/maven.rb
282
180
  - lib/bibliothecary/parsers/meteor.rb
@@ -287,7 +185,6 @@ files:
287
185
  - lib/bibliothecary/parsers/pypi.rb
288
186
  - lib/bibliothecary/parsers/rubygems.rb
289
187
  - lib/bibliothecary/parsers/shard.rb
290
- - lib/bibliothecary/parsers/swift_pm.rb
291
188
  - lib/bibliothecary/purl_util.rb
292
189
  - lib/bibliothecary/related_files_info.rb
293
190
  - lib/bibliothecary/runner.rb
@@ -297,7 +194,8 @@ files:
297
194
  homepage: https://github.com/librariesio/bibliothecary
298
195
  licenses:
299
196
  - AGPL-3.0
300
- metadata: {}
197
+ metadata:
198
+ rubygems_mfa_required: 'true'
301
199
  post_install_message:
302
200
  rdoc_options: []
303
201
  require_paths:
@@ -306,7 +204,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
306
204
  requirements:
307
205
  - - ">="
308
206
  - !ruby/object:Gem::Version
309
- version: '0'
207
+ version: 3.2.0
310
208
  required_rubygems_version: !ruby/object:Gem::Requirement
311
209
  requirements:
312
210
  - - ">="
data/lib/bibliothecary/parsers/carthage.rb DELETED
@@ -1,52 +0,0 @@
1
- module Bibliothecary
2
- module Parsers
3
- class Carthage
4
- include Bibliothecary::Analyser
5
-
6
- def self.mapping
7
- {
8
- match_filename("Cartfile") => {
9
- kind: "manifest",
10
- parser: :parse_cartfile,
11
- },
12
- match_filename("Cartfile.private") => {
13
- kind: "manifest",
14
- parser: :parse_cartfile_private,
15
- },
16
- match_filename("Cartfile.resolved") => {
17
- kind: "lockfile",
18
- parser: :parse_cartfile_resolved,
19
- },
20
- }
21
- end
22
-
23
- add_multi_parser(Bibliothecary::MultiParsers::DependenciesCSV)
24
-
25
- def self.parse_cartfile(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
26
- map_dependencies(file_contents, "cartfile")
27
- end
28
-
29
- def self.parse_cartfile_private(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
30
- map_dependencies(file_contents, "cartfile.private")
31
- end
32
-
33
- def self.parse_cartfile_resolved(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
34
- map_dependencies(file_contents, "cartfile.resolved")
35
- end
36
-
37
- def self.map_dependencies(manifest, path)
38
- response = Typhoeus.post("#{Bibliothecary.configuration.carthage_parser_host}/#{path}", params: { body: manifest })
39
- raise Bibliothecary::RemoteParsingError.new("Http Error #{response.response_code} when contacting: #{Bibliothecary.configuration.carthage_parser_host}/#{path}", response.response_code) unless response.success?
40
- json = JSON.parse(response.body)
41
-
42
- json.map do |dependency|
43
- Dependency.new(
44
- name: dependency["name"],
45
- requirement: dependency["version"],
46
- type: dependency["type"],
47
- )
48
- end
49
- end
50
- end
51
- end
52
- end
data/lib/bibliothecary/parsers/clojars.rb DELETED
@@ -1,38 +0,0 @@
1
- require "json"
2
- require "typhoeus"
3
-
4
- module Bibliothecary
5
- module Parsers
6
- class Clojars
7
- include Bibliothecary::Analyser
8
-
9
- def self.mapping
10
- {
11
- match_filename("project.clj") => {
12
- kind: "manifest",
13
- parser: :parse_manifest,
14
- },
15
- }
16
- end
17
-
18
- add_multi_parser(Bibliothecary::MultiParsers::DependenciesCSV)
19
-
20
- def self.parse_manifest(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
21
- response = Typhoeus.post("#{Bibliothecary.configuration.clojars_parser_host}/project.clj", body: file_contents)
22
- raise Bibliothecary::RemoteParsingError.new("Http Error #{response.response_code} when contacting: #{Bibliothecary.configuration.clojars_parser_host}/project.clj", response.response_code) unless response.success?
23
- json = JSON.parse response.body
24
- index = json.index("dependencies")
25
-
26
- return [] unless index;
27
- dependencies = json[index + 1]
28
- dependencies.map do |dependency|
29
- Dependency.new(
30
- name: dependency[0],
31
- requirement: dependency[1],
32
- type: "runtime",
33
- )
34
- end
35
- end
36
- end
37
- end
38
- end
data/lib/bibliothecary/parsers/hackage.rb DELETED
@@ -1,53 +0,0 @@
1
- require "json"
2
- require "deb_control"
3
-
4
- module Bibliothecary
5
- module Parsers
6
- class Hackage
7
- include Bibliothecary::Analyser
8
-
9
- def self.mapping
10
- {
11
- match_extension(".cabal") => {
12
- kind: "manifest",
13
- parser: :parse_cabal,
14
- },
15
- match_extension("cabal.config") => {
16
- kind: "lockfile",
17
- parser: :parse_cabal_config,
18
- },
19
- }
20
- end
21
-
22
- add_multi_parser(Bibliothecary::MultiParsers::CycloneDX)
23
- add_multi_parser(Bibliothecary::MultiParsers::DependenciesCSV)
24
- add_multi_parser(Bibliothecary::MultiParsers::Spdx)
25
-
26
- def self.parse_cabal(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
27
- headers = {
28
- "Content-Type" => "text/plain;charset=utf-8",
29
- }
30
-
31
- response = Typhoeus.post("#{Bibliothecary.configuration.cabal_parser_host}/parse", headers: headers, body: file_contents)
32
-
33
- raise Bibliothecary::RemoteParsingError.new("Http Error #{response.response_code} when contacting: #{Bibliothecary.configuration.cabal_parser_host}/parse", response.response_code) unless response.success?
34
- JSON
35
- .parse(response.body, symbolize_names: true)
36
- .map { |dep_kvs| Dependency.new(**dep_kvs) }
37
- end
38
-
39
- def self.parse_cabal_config(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
40
- manifest = DebControl::ControlFileBase.parse(file_contents)
41
- deps = manifest.first["constraints"].delete("\n").split(",").map(&:strip)
42
- deps.map do |dependency|
43
- dep = dependency.delete("==").split(" ")
44
- Dependency.new(
45
- name: dep[0],
46
- requirement: dep[1],
47
- type: "runtime",
48
- )
49
- end
50
- end
51
- end
52
- end
53
- end
data/lib/bibliothecary/parsers/hex.rb DELETED
@@ -1,54 +0,0 @@
1
- require "json"
2
-
3
- module Bibliothecary
4
- module Parsers
5
- class Hex
6
- include Bibliothecary::Analyser
7
-
8
- def self.mapping
9
- {
10
- match_filename("mix.exs") => {
11
- kind: "manifest",
12
- parser: :parse_mix,
13
- },
14
- match_filename("mix.lock") => {
15
- kind: "lockfile",
16
- parser: :parse_mix_lock,
17
- },
18
- }
19
- end
20
-
21
- add_multi_parser(Bibliothecary::MultiParsers::CycloneDX)
22
- add_multi_parser(Bibliothecary::MultiParsers::DependenciesCSV)
23
- add_multi_parser(Bibliothecary::MultiParsers::Spdx)
24
-
25
- def self.parse_mix(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
26
- response = Typhoeus.post("#{Bibliothecary.configuration.mix_parser_host}/", body: file_contents)
27
- raise Bibliothecary::RemoteParsingError.new("Http Error #{response.response_code} when contacting: #{Bibliothecary.configuration.mix_parser_host}/", response.response_code) unless response.success?
28
- json = JSON.parse response.body
29
-
30
- json.map do |name, version|
31
- Dependency.new(
32
- name: name,
33
- requirement: version,
34
- type: "runtime",
35
- )
36
- end
37
- end
38
-
39
- def self.parse_mix_lock(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
40
- response = Typhoeus.post("#{Bibliothecary.configuration.mix_parser_host}/lock", body: file_contents)
41
- raise Bibliothecary::RemoteParsingError.new("Http Error #{response.response_code} when contacting: #{Bibliothecary.configuration.mix_parser_host}/", response.response_code) unless response.success?
42
- json = JSON.parse response.body
43
-
44
- json.map do |name, info|
45
- Dependency.new(
46
- name: name,
47
- requirement: info["version"],
48
- type: "runtime",
49
- )
50
- end
51
- end
52
- end
53
- end
54
- end
data/lib/bibliothecary/parsers/swift_pm.rb DELETED
@@ -1,35 +0,0 @@
1
- module Bibliothecary
2
- module Parsers
3
- class SwiftPM
4
- include Bibliothecary::Analyser
5
-
6
- def self.mapping
7
- {
8
- match_filename("Package.swift", case_insensitive: true) => {
9
- kind: "manifest",
10
- parser: :parse_package_swift,
11
- },
12
- }
13
- end
14
-
15
- add_multi_parser(Bibliothecary::MultiParsers::CycloneDX)
16
- add_multi_parser(Bibliothecary::MultiParsers::DependenciesCSV)
17
- add_multi_parser(Bibliothecary::MultiParsers::Spdx)
18
-
19
- def self.parse_package_swift(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
20
- response = Typhoeus.post("#{Bibliothecary.configuration.swift_parser_host}/to-json", body: file_contents)
21
- raise Bibliothecary::RemoteParsingError.new("Http Error #{response.response_code} when contacting: #{Bibliothecary.configuration.swift_parser_host}/to-json", response.response_code) unless response.success?
22
- json = JSON.parse(response.body)
23
- json["dependencies"].map do |dependency|
24
- name = dependency["url"].gsub(/^https?:\/\//, "").gsub(/\.git$/,"")
25
- version = "#{dependency['version']['lowerBound']} - #{dependency['version']['upperBound']}"
26
- Dependency.new(
27
- name: name,
28
- requirement: version,
29
- type: "runtime",
30
- )
31
- end
32
- end
33
- end
34
- end
35
- end