bibliothecary 12.1.7 → 12.1.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +23 -2
- data/lib/bibliothecary/parsers/pypi.rb +45 -27
- data/lib/bibliothecary/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 38a42d90ccaf9bb96b2be9c736b5559a3c3fa81286bbea8c404a33f3a4cb89be
|
|
4
|
+
data.tar.gz: 36b09c415f331863ba6ab1a82eff0a78cc759b01ae0bad339c9e6cc80c6789c1
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 769fe185aedefda6b8c95c6c66700a070a4b7448a0ee452c8b1cbaf1507e3443945f6bef6ff7ead4e17458c43f81afbc86b2e0f592bb779d6f603b379a09fed6
|
|
7
|
+
data.tar.gz: 05d1709b1cb6410ff3250ea2472cefa2eec4f7dff5eca9864d9eb5837f107ec6aaf3fc629f6ba476e49b382e9a05951fdb25abbe04099d1b95124219891bb149
|
data/CHANGELOG.md
CHANGED
|
@@ -13,6 +13,26 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
|
13
13
|
|
|
14
14
|
### Removed
|
|
15
15
|
|
|
16
|
+
## [12.1.9] - 2025-05-16
|
|
17
|
+
|
|
18
|
+
### Added
|
|
19
|
+
|
|
20
|
+
### Changed
|
|
21
|
+
|
|
22
|
+
- Fix 12.1.8 Poetry regression that ignored deps with no category or group.
|
|
23
|
+
|
|
24
|
+
### Removed
|
|
25
|
+
|
|
26
|
+
## [12.1.8] - 2025-05-16
|
|
27
|
+
|
|
28
|
+
### Added
|
|
29
|
+
|
|
30
|
+
- Support multiple requirements for a single package in poetry.lock.
|
|
31
|
+
|
|
32
|
+
### Changed
|
|
33
|
+
|
|
34
|
+
### Removed
|
|
35
|
+
|
|
16
36
|
## [12.1.7] - 2025-04-29
|
|
17
37
|
|
|
18
38
|
### Added
|
|
@@ -95,7 +115,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
|
95
115
|
|
|
96
116
|
### Added
|
|
97
117
|
|
|
98
|
-
- Populate Bibliothecary::Dependency#source field in all parsers. This makes the source field useful when consuming
|
|
118
|
+
- Populate Bibliothecary::Dependency#source field in all parsers. This makes the source field useful when consuming
|
|
99
119
|
from Bibliothecary, and removes a step from consumers having to populate this field themselves.
|
|
100
120
|
|
|
101
121
|
### Changed
|
|
@@ -138,9 +158,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
|
138
158
|
|
|
139
159
|
### Added
|
|
140
160
|
|
|
141
|
-
- Support parsing
|
|
161
|
+
- Support parsing \*.spdx.json files
|
|
142
162
|
|
|
143
163
|
### Changed
|
|
164
|
+
|
|
144
165
|
- `Bibliothecary::PURL_TYPE_MAPPING` has changed to `Bibliothecary::PurlUtil::PURL_TYPE_MAPPING`
|
|
145
166
|
- `Bibliothecary::MultiParsers::CycloneDX::ManifestEntries.full_name_for_purl` has changed to `Bibliothecary::PurlUtil.full_name`
|
|
146
167
|
|
|
@@ -122,12 +122,6 @@ module Bibliothecary
|
|
|
122
122
|
deps.uniq
|
|
123
123
|
end
|
|
124
124
|
|
|
125
|
-
# TODO: this was deprecated in 8.6.0. Remove this in any major version bump >= 9.*
|
|
126
|
-
def self.parse_poetry(file_contents, options: {})
|
|
127
|
-
puts "Warning: parse_poetry() is deprecated, use parse_pyproject() instead."
|
|
128
|
-
parse_pyproject(file_contents, options)
|
|
129
|
-
end
|
|
130
|
-
|
|
131
125
|
def self.parse_conda(file_contents, options: {})
|
|
132
126
|
contents = YAML.safe_load(file_contents)
|
|
133
127
|
return [] unless contents
|
|
@@ -142,16 +136,31 @@ module Bibliothecary
|
|
|
142
136
|
def self.map_dependencies(packages, type, source = nil)
|
|
143
137
|
return [] unless packages
|
|
144
138
|
|
|
145
|
-
packages.
|
|
139
|
+
packages.flat_map do |name, package_info|
|
|
146
140
|
local = true if package_info.is_a?(Hash) && (package_info.key?("path") || package_info.key?("file"))
|
|
147
141
|
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
requirement
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
142
|
+
if package_info.is_a?(Array)
|
|
143
|
+
# Poetry supports multiple requirements with differing specifiers for the same
|
|
144
|
+
# package. Break these out into a separate dep per requirement.
|
|
145
|
+
# https://python-poetry.org/docs/dependency-specification/#multiple-constraints-dependencies
|
|
146
|
+
package_info.map do |info|
|
|
147
|
+
Dependency.new(
|
|
148
|
+
name: name,
|
|
149
|
+
requirement: map_requirements(info),
|
|
150
|
+
type: type,
|
|
151
|
+
source: source,
|
|
152
|
+
local: local
|
|
153
|
+
)
|
|
154
|
+
end
|
|
155
|
+
else
|
|
156
|
+
Dependency.new(
|
|
157
|
+
name: name,
|
|
158
|
+
requirement: map_requirements(package_info),
|
|
159
|
+
type: type,
|
|
160
|
+
source: source,
|
|
161
|
+
local: local
|
|
162
|
+
)
|
|
163
|
+
end
|
|
155
164
|
end
|
|
156
165
|
end
|
|
157
166
|
|
|
@@ -160,7 +169,7 @@ module Bibliothecary
|
|
|
160
169
|
if info["version"]
|
|
161
170
|
info["version"]
|
|
162
171
|
elsif info["git"]
|
|
163
|
-
"#{info['git']}##{info['ref']}"
|
|
172
|
+
"#{info['git']}##{info['ref'] || info['tag']}"
|
|
164
173
|
else
|
|
165
174
|
"*"
|
|
166
175
|
end
|
|
@@ -186,19 +195,28 @@ module Bibliothecary
|
|
|
186
195
|
deps = []
|
|
187
196
|
manifest["package"].each do |package|
|
|
188
197
|
# next if group == "_meta"
|
|
189
|
-
group = case package["category"]
|
|
190
|
-
when "dev"
|
|
191
|
-
"develop"
|
|
192
|
-
else
|
|
193
|
-
"runtime"
|
|
194
|
-
end
|
|
195
198
|
|
|
196
|
-
|
|
197
|
-
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
|
|
201
|
-
|
|
199
|
+
# Poetry <1.2.0 used singular "category" for kind
|
|
200
|
+
# Poetry >=1.2.0 uses plural "groups" field for kind(s)
|
|
201
|
+
groups = package.values_at("category", "groups").flatten.compact
|
|
202
|
+
.map do |g|
|
|
203
|
+
if g == "dev"
|
|
204
|
+
"develop"
|
|
205
|
+
else
|
|
206
|
+
(g == "main" ? "runtime" : g)
|
|
207
|
+
end
|
|
208
|
+
end
|
|
209
|
+
|
|
210
|
+
groups = ["runtime"] if groups.empty?
|
|
211
|
+
|
|
212
|
+
groups.each do |group|
|
|
213
|
+
deps << Dependency.new(
|
|
214
|
+
name: package["name"],
|
|
215
|
+
requirement: map_requirements(package),
|
|
216
|
+
type: group,
|
|
217
|
+
source: options.fetch(:filename, nil)
|
|
218
|
+
)
|
|
219
|
+
end
|
|
202
220
|
end
|
|
203
221
|
deps
|
|
204
222
|
end
|
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: bibliothecary
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 12.1.
|
|
4
|
+
version: 12.1.9
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Andrew Nesbitt
|
|
8
8
|
bindir: bin
|
|
9
9
|
cert_chain: []
|
|
10
|
-
date: 2025-
|
|
10
|
+
date: 2025-05-17 00:00:00.000000000 Z
|
|
11
11
|
dependencies:
|
|
12
12
|
- !ruby/object:Gem::Dependency
|
|
13
13
|
name: commander
|