bibliothecary 6.10.7 → 6.12.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 97884ae133cf8ff23366cfdfbd6a97382e200313693eaaca8ceae2e743897a72
-  data.tar.gz: 5cf10414b41b13552a692fa4802464eab0980489e9a1ce5a1e4f9601add8deb7
+  metadata.gz: ef4babc39a950bb7babd698d6b6de3022003aa6e6e112a0065d9b104adfcef13
+  data.tar.gz: 55fdb8f2a96a88d1d4810baccd74a5a0e0a753e91d68594325952610ade584c2
 SHA512:
-  metadata.gz: 58c47af966516baa1fb6c9586670cf8dc5d1a0831f2b6fa44b750d7e7f62471063b89083ce7306878fb2989cb8b073b3c9b105b68a90883f7f4f9ac86a111999
-  data.tar.gz: 2685dcd3c595d20c2d1fc5884dd1187079e2bdeddd6f354762b8ee3dfdb326fcb6574bcf4a15d3b7ea343f22847d188ee6093c4f7ccf6ae13c1b7d61794b6cce
+  metadata.gz: ad94c2c9e51aadbe003721deaf0d853269f04ff2730319256910283f15dd49517b9b4178747796d2c1c7bd4442c55d9ff411f95641a77d6fc6fed2e4c0f87bf8
+  data.tar.gz: 0220eeddcae84c0f2a6d7c0cb34bab3fdcd517a1da3c6e266913b6bc9729b285283dbe3cb771766b8efcee4f024320181ea42d7265b4e436ba3d261f8e42f203

data/.circleci/config.yml

@@ -0,0 +1,28 @@
+version: 2.1
+orbs:
+  ruby: circleci/ruby@0.1.2
+
+jobs:
+  test:
+    docker:
+      - image: circleci/ruby:2.6.6-stretch-node
+    executor: ruby/default
+    steps:
+    - checkout
+    - run:
+        name: Which bundler?
+        command: bundle -v
+    - ruby/bundle-install
+    - run:
+        name: Run specs
+        command: bundle exec rake spec
+    - run:
+        name: CodeClimate
+        command: bundle exec codeclimate-test-reporter
+
+workflows:
+  version: 2.1
+  test:
+    jobs:
+      - test
+

data/README.md

@@ -88,6 +88,7 @@ All available config options are in: https://github.com/librariesio/bibliothecar
   - *.nuspec
   - paket.lock
   - *.csproj
+  - project.assets.json
 - Bower
   - bower.json
 - CPAN

data/lib/bibliothecary.rb

@@ -21,8 +21,8 @@ module Bibliothecary
     runner.load_file_list(path)
   end
 
-  def self.init_package_manager(info)
-    runner.init_package_manager(info)
+  def self.applicable_package_managers(info)
+    runner.applicable_package_managers(info)
   end
 
   def self.load_file_info_list(path)
@@ -63,6 +63,8 @@ module Bibliothecary
 
   class << self
     attr_writer :configuration
+    alias analyze analyse
+    alias analyze_file analyse_file
   end
 
   def self.runner

data/lib/bibliothecary/analyser.rb

@@ -101,6 +101,7 @@ module Bibliothecary
       def analyse(folder_path, file_list)
         analyse_file_info(file_list.map { |full_path| FileInfo.new(folder_path, full_path) })
       end
+      alias analyze analyse
 
       def analyse_file_info(file_info_list)
         matching_info = file_info_list
@@ -111,10 +112,12 @@ module Bibliothecary
             .merge(related_paths: related_paths(info, matching_info))
         end
       end
+      alias analyze_file_info analyse_file_info
 
       def analyse_contents(filename, contents)
         analyse_contents_from_info(FileInfo.new(nil, filename, contents))
       end
+      alias analyze_contents analyse_contents
 
       def analyse_contents_from_info(info)
         # If your Parser needs to return multiple responses for one file, please override this method
@@ -126,6 +129,7 @@ module Bibliothecary
       rescue Bibliothecary::FileParsingError => e
         Bibliothecary::Analyser::create_error_analysis(platform_name, info.relative_path, kind, e.message)
       end
+      alias analyze_contents_from_info analyse_contents_from_info
 
       # calling this with contents=nil can produce less-informed
       # results, but kept for back compat

data/lib/bibliothecary/parsers/conda.rb

@@ -26,14 +26,13 @@ module Bibliothecary
         }
       end
 
-      def self.parse_conda(info)
-        dependencies = call_conda_parser_web(info, "manifest")[:manifest]
+      def self.parse_conda(info, kind = "manifest")
+        dependencies = call_conda_parser_web(info, kind)[kind.to_sym]
         dependencies.map { |dep| dep.merge(type: "runtime") }
       end
 
       def self.parse_conda_lockfile(info)
-        dependencies = call_conda_parser_web(info, "lockfile")[:lockfile]
-        dependencies.map { |dep| dep.merge(type: "runtime") }
+        parse_conda(info, "lockfile")
       end
 
       private_class_method def self.call_conda_parser_web(file_contents, kind)

data/lib/bibliothecary/parsers/maven.rb

@@ -238,6 +238,7 @@ module Bibliothecary
         return nil if field.nil?
 
         value = field.nodes.first
+        value = value.value if value.is_a?(Ox::CData)
         match = value&.match(MAVEN_PROPERTY_REGEX)
         if match
           return extract_property(xml, match[1], value, parent_properties)

data/lib/bibliothecary/parsers/npm.rb

@@ -49,9 +49,18 @@ module Bibliothecary
           else
             type = 'runtime'
           end
+
+          version = nil
+
+          if requirement.key?("from")
+            version = requirement["from"][/#(?:semver:)?v?(.*)/, 1]
+          end
+
+          version ||= requirement["version"].split("#").last
+
           {
             name: name,
-            requirement: requirement["version"],
+            requirement: version,
             type: type
           }
         end

data/lib/bibliothecary/parsers/nuget.rb

@@ -35,7 +35,11 @@ module Bibliothecary
           match_filename("paket.lock") => {
             kind: 'lockfile',
             parser: :parse_paket_lock
-          }
+          },
+          match_filename("project.assets.json") => {
+            kind: 'lockfile',
+            parser: :parse_project_assets_json
+          },
         }
       end
 
@@ -137,6 +141,34 @@ module Bibliothecary
         # we only have to enforce uniqueness by name because paket ensures that there is only the single version globally in the project
         packages.uniq {|package| package[:name] }
       end
+
+      def self.parse_project_assets_json(file_contents)
+        manifest = JSON.parse file_contents
+
+        frameworks = {}
+        manifest.fetch("targets",[]).each do |framework, deps|
+          frameworks[framework] = deps
+                                    .select { |name, details| details["type"] == "package" }
+                                    .map do |name, details|
+            name_split = name.split("/")
+            {
+              name: name_split[0],
+              requirement: name_split[1],
+              type: "runtime"
+            }
+          end
+        end
+
+        if frameworks.size > 0
+          # we should really return multiple manifests, but bibliothecary doesn't
+          # do that yet so at least pick deterministically.
+
+          # Note, frameworks can be empty, so remove empty ones and then return the last sorted item if any
+          frameworks = frameworks.delete_if { |k, v| v.empty? }
+          return frameworks[frameworks.keys.sort.last] unless frameworks.empty?
+        end
+        []
+      end
     end
   end
 end

data/lib/bibliothecary/parsers/pypi.rb

@@ -39,7 +39,24 @@ module Bibliothecary
           match_filename("poetry.lock") => {
             kind: 'lockfile',
             parser: :parse_poetry_lock
-          }
+          },
+          # Pip dependencies can be embedded in conda environment files
+          match_filename("environment.yml") => {
+            parser: :parse_conda,
+            kind: "manifest",
+          },
+          match_filename("environment.yaml") => {
+            parser: :parse_conda,
+            kind: "manifest",
+          },
+          match_filename("environment.yml.lock") => {
+            parser: :parse_conda,
+            kind: "lockfile",
+          },
+          match_filename("environment.yaml.lock") => {
+            parser: :parse_conda,
+            kind: "lockfile",
+          },
         }
       end
 
@@ -53,6 +70,17 @@ module Bibliothecary
         map_dependencies(manifest['dependencies'], 'runtime') + map_dependencies(manifest['dev-dependencies'], 'develop')
       end
 
+      def self.parse_conda(file_contents)
+        contents = YAML.safe_load(file_contents)
+        return [] unless contents
+
+        dependencies = contents["dependencies"]
+        pip = dependencies.find { |dep| dep.is_a?(Hash) && dep["pip"]}
+        return [] unless pip
+
+        Pypi.parse_requirements_txt(pip["pip"].join("\n"))
+      end
+
       def self.map_dependencies(packages, type)
         return [] unless packages
         packages.map do |name, info|

data/lib/bibliothecary/runner.rb

@@ -26,20 +26,16 @@ module Bibliothecary
 
       analyses
     end
+    alias analyze analyse
 
     # deprecated; use load_file_info_list.
     def load_file_list(path)
       load_file_info_list(path).map { |info| info.full_path }
     end
 
-    def init_package_manager(info)
-      # set the package manager on each info
-      matches = package_managers.select { |pm| pm.match_info?(info) }
-
-      info.package_manager = matches[0] if matches.length == 1
-
-      # this is a bug at the moment if it's raised (we don't handle it sensibly)
-      raise "Multiple package managers fighting over #{info.relative_path}: #{matches.map(&:to_s)}" if matches.length > 1
+    def applicable_package_managers(info)
+      managers = package_managers.select { |pm| pm.match_info?(info) }
+      managers.length > 0 ? managers : [nil]
     end
 
     def package_managers
@@ -48,29 +44,41 @@ module Bibliothecary
 
     def load_file_info_list_from_paths(paths)
       file_list = []
+
       paths.each do |path|
         info = FileInfo.new(nil, path)
 
         next if ignored_files.include?(info.relative_path)
 
-        init_package_manager(info)
-        file_list.push(info)
+        applicable_package_managers(info).each do |package_manager|
+          file = info.dup
+          file.package_manager = package_manager
+
+          file_list.push(file)
+        end
       end
+
       file_list
     end
 
     def load_file_info_list(path)
       file_list = []
+
       Find.find(path) do |subpath|
         info = FileInfo.new(path, subpath)
+
         Find.prune if FileTest.directory?(subpath) && ignored_dirs.include?(info.relative_path)
         next unless FileTest.file?(subpath)
         next if ignored_files.include?(info.relative_path)
 
-        init_package_manager(info)
+        applicable_package_managers(info).each do |package_manager|
+          file = info.dup
+          file.package_manager = package_manager
 
-        file_list.push(info)
+          file_list.push(file)
+        end
       end
+
       file_list
     end
 
@@ -87,6 +95,7 @@ module Bibliothecary
         pm.analyse_contents(file_path, contents)
       end.flatten.uniq.compact
     end
+    alias analyze_file analyse_file
 
     # this skips manifests sometimes because it doesn't look at file
     # contents and can't establish from only regexes that the thing

data/lib/bibliothecary/version.rb

@@ -1,3 +1,3 @@
 module Bibliothecary
-  VERSION = "6.10.7"
+  VERSION = "6.12.3"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bibliothecary
 version: !ruby/object:Gem::Version
-  version: 6.10.7
+  version: 6.12.3
 platform: ruby
 authors:
 - Andrew Nesbitt
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-04-16 00:00:00.000000000 Z
+date: 2021-06-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: toml-rb
@@ -216,6 +216,7 @@ executables:
 extensions: []
 extra_rdoc_files: []
 files:
+- ".circleci/config.yml"
 - ".codeclimate.yml"
 - ".github/CONTRIBUTING.md"
 - ".gitignore"