bibliothecary 6.12.0 → 7.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/bibliothecary.gemspec +1 -1
- data/lib/bibliothecary.rb +3 -0
- data/lib/bibliothecary/analyser.rb +4 -0
- data/lib/bibliothecary/parsers/cargo.rb +2 -4
- data/lib/bibliothecary/parsers/go.rb +2 -2
- data/lib/bibliothecary/parsers/maven.rb +4 -0
- data/lib/bibliothecary/parsers/npm.rb +10 -1
- data/lib/bibliothecary/parsers/pypi.rb +3 -3
- data/lib/bibliothecary/runner.rb +2 -0
- data/lib/bibliothecary/version.rb +1 -1
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b444856f899510d260c076ddbfd10543e3592db2ede8ca618d99b9aeb9e033fe
|
|
4
|
+
data.tar.gz: f7da7041fa22140cafe5a9e84b4ab607688066fbf2d8f382ea85b6c01ab76e33
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e5d8cf6f14f6623c0d3d8d0e5cfd02e1f0a07cb5fafc87a66b206022238817e4e9bab204ac546d4c6200e181579eedead8e9bd4dfbcd48613d85e48af0017a15
|
|
7
|
+
data.tar.gz: 1ca3f3e2d5a1207cece4de5b62c386e9b98b1892e6e08024057fcbcc520f7f88444d62e5fa3bd66cafd086636f5a40f5a6a3fda3ceb4a5fda2d83b7e951039bb
|
data/bibliothecary.gemspec
CHANGED
|
@@ -18,7 +18,7 @@ Gem::Specification.new do |spec|
|
|
|
18
18
|
spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
|
19
19
|
spec.require_paths = ["lib"]
|
|
20
20
|
|
|
21
|
-
spec.add_dependency "
|
|
21
|
+
spec.add_dependency "tomlrb", "~> 2.0"
|
|
22
22
|
spec.add_dependency "librariesio-gem-parser"
|
|
23
23
|
spec.add_dependency "ox", ">= 2.8.1"
|
|
24
24
|
spec.add_dependency "typhoeus"
|
data/lib/bibliothecary.rb
CHANGED
|
@@ -6,6 +6,7 @@ require "bibliothecary/exceptions"
|
|
|
6
6
|
require "bibliothecary/file_info"
|
|
7
7
|
require "bibliothecary/related_files_info"
|
|
8
8
|
require "find"
|
|
9
|
+
require "tomlrb"
|
|
9
10
|
|
|
10
11
|
Dir[File.expand_path('../bibliothecary/parsers/*.rb', __FILE__)].each do |file|
|
|
11
12
|
require file
|
|
@@ -63,6 +64,8 @@ module Bibliothecary
|
|
|
63
64
|
|
|
64
65
|
class << self
|
|
65
66
|
attr_writer :configuration
|
|
67
|
+
alias analyze analyse
|
|
68
|
+
alias analyze_file analyse_file
|
|
66
69
|
end
|
|
67
70
|
|
|
68
71
|
def self.runner
|
|
@@ -101,6 +101,7 @@ module Bibliothecary
|
|
|
101
101
|
def analyse(folder_path, file_list)
|
|
102
102
|
analyse_file_info(file_list.map { |full_path| FileInfo.new(folder_path, full_path) })
|
|
103
103
|
end
|
|
104
|
+
alias analyze analyse
|
|
104
105
|
|
|
105
106
|
def analyse_file_info(file_info_list)
|
|
106
107
|
matching_info = file_info_list
|
|
@@ -111,10 +112,12 @@ module Bibliothecary
|
|
|
111
112
|
.merge(related_paths: related_paths(info, matching_info))
|
|
112
113
|
end
|
|
113
114
|
end
|
|
115
|
+
alias analyze_file_info analyse_file_info
|
|
114
116
|
|
|
115
117
|
def analyse_contents(filename, contents)
|
|
116
118
|
analyse_contents_from_info(FileInfo.new(nil, filename, contents))
|
|
117
119
|
end
|
|
120
|
+
alias analyze_contents analyse_contents
|
|
118
121
|
|
|
119
122
|
def analyse_contents_from_info(info)
|
|
120
123
|
# If your Parser needs to return multiple responses for one file, please override this method
|
|
@@ -126,6 +129,7 @@ module Bibliothecary
|
|
|
126
129
|
rescue Bibliothecary::FileParsingError => e
|
|
127
130
|
Bibliothecary::Analyser::create_error_analysis(platform_name, info.relative_path, kind, e.message)
|
|
128
131
|
end
|
|
132
|
+
alias analyze_contents_from_info analyse_contents_from_info
|
|
129
133
|
|
|
130
134
|
# calling this with contents=nil can produce less-informed
|
|
131
135
|
# results, but kept for back compat
|
|
@@ -1,5 +1,3 @@
|
|
|
1
|
-
require 'toml-rb'
|
|
2
|
-
|
|
3
1
|
module Bibliothecary
|
|
4
2
|
module Parsers
|
|
5
3
|
class Cargo
|
|
@@ -19,7 +17,7 @@ module Bibliothecary
|
|
|
19
17
|
end
|
|
20
18
|
|
|
21
19
|
def self.parse_manifest(file_contents)
|
|
22
|
-
manifest =
|
|
20
|
+
manifest = Tomlrb.parse(file_contents)
|
|
23
21
|
manifest.fetch('dependencies', []).map do |name, requirement|
|
|
24
22
|
if requirement.respond_to?(:fetch)
|
|
25
23
|
requirement = requirement['version'] or next
|
|
@@ -34,7 +32,7 @@ module Bibliothecary
|
|
|
34
32
|
end
|
|
35
33
|
|
|
36
34
|
def self.parse_lockfile(file_contents)
|
|
37
|
-
manifest =
|
|
35
|
+
manifest = Tomlrb.parse(file_contents)
|
|
38
36
|
manifest.fetch('package',[]).map do |dependency|
|
|
39
37
|
next if not dependency['source'] or not dependency['source'].start_with?('registry+')
|
|
40
38
|
{
|
|
@@ -106,12 +106,12 @@ module Bibliothecary
|
|
|
106
106
|
end
|
|
107
107
|
|
|
108
108
|
def self.parse_dep_toml(file_contents)
|
|
109
|
-
manifest =
|
|
109
|
+
manifest = Tomlrb.parse file_contents
|
|
110
110
|
map_dependencies(manifest, 'constraint', 'name', 'version', 'runtime')
|
|
111
111
|
end
|
|
112
112
|
|
|
113
113
|
def self.parse_dep_lockfile(file_contents)
|
|
114
|
-
manifest =
|
|
114
|
+
manifest = Tomlrb.parse file_contents
|
|
115
115
|
map_dependencies(manifest, 'projects', 'name', 'revision', 'runtime')
|
|
116
116
|
end
|
|
117
117
|
|
|
@@ -152,9 +152,12 @@ module Bibliothecary
|
|
|
152
152
|
.compact
|
|
153
153
|
.uniq
|
|
154
154
|
end
|
|
155
|
+
|
|
155
156
|
def self.parse_maven_tree(file_contents)
|
|
156
157
|
file_contents = file_contents.gsub(/\r\n?/, "\n")
|
|
157
158
|
captures = file_contents.scan(/^\[INFO\](?:(?:\+-)|\||(?:\\-)|\s)+((?:[\w\.-]+:)+[\w\.\-${}]+)/).flatten.uniq
|
|
159
|
+
captures.shift if captures.size > 1 # first dep line will be the package itself (unless we're only analyzing a single line)
|
|
160
|
+
|
|
158
161
|
captures.map do |item|
|
|
159
162
|
parts = item.split(":")
|
|
160
163
|
case parts.count
|
|
@@ -238,6 +241,7 @@ module Bibliothecary
|
|
|
238
241
|
return nil if field.nil?
|
|
239
242
|
|
|
240
243
|
value = field.nodes.first
|
|
244
|
+
value = value.value if value.is_a?(Ox::CData)
|
|
241
245
|
match = value&.match(MAVEN_PROPERTY_REGEX)
|
|
242
246
|
if match
|
|
243
247
|
return extract_property(xml, match[1], value, parent_properties)
|
|
@@ -49,9 +49,18 @@ module Bibliothecary
|
|
|
49
49
|
else
|
|
50
50
|
type = 'runtime'
|
|
51
51
|
end
|
|
52
|
+
|
|
53
|
+
version = nil
|
|
54
|
+
|
|
55
|
+
if requirement.key?("from")
|
|
56
|
+
version = requirement["from"][/#(?:semver:)?v?(.*)/, 1]
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
version ||= requirement["version"].split("#").last
|
|
60
|
+
|
|
52
61
|
{
|
|
53
62
|
name: name,
|
|
54
|
-
requirement:
|
|
63
|
+
requirement: version,
|
|
55
64
|
type: type
|
|
56
65
|
}
|
|
57
66
|
end
|
|
@@ -61,12 +61,12 @@ module Bibliothecary
|
|
|
61
61
|
end
|
|
62
62
|
|
|
63
63
|
def self.parse_pipfile(file_contents)
|
|
64
|
-
manifest =
|
|
64
|
+
manifest = Tomlrb.parse(file_contents)
|
|
65
65
|
map_dependencies(manifest['packages'], 'runtime') + map_dependencies(manifest['dev-packages'], 'develop')
|
|
66
66
|
end
|
|
67
67
|
|
|
68
68
|
def self.parse_poetry(file_contents)
|
|
69
|
-
manifest =
|
|
69
|
+
manifest = Tomlrb.parse(file_contents)['tool']['poetry']
|
|
70
70
|
map_dependencies(manifest['dependencies'], 'runtime') + map_dependencies(manifest['dev-dependencies'], 'develop')
|
|
71
71
|
end
|
|
72
72
|
|
|
@@ -124,7 +124,7 @@ module Bibliothecary
|
|
|
124
124
|
end
|
|
125
125
|
|
|
126
126
|
def self.parse_poetry_lock(file_contents)
|
|
127
|
-
manifest =
|
|
127
|
+
manifest = Tomlrb.parse(file_contents)
|
|
128
128
|
deps = []
|
|
129
129
|
manifest["package"].each do |package|
|
|
130
130
|
# next if group == "_meta"
|
data/lib/bibliothecary/runner.rb
CHANGED
|
@@ -26,6 +26,7 @@ module Bibliothecary
|
|
|
26
26
|
|
|
27
27
|
analyses
|
|
28
28
|
end
|
|
29
|
+
alias analyze analyse
|
|
29
30
|
|
|
30
31
|
# deprecated; use load_file_info_list.
|
|
31
32
|
def load_file_list(path)
|
|
@@ -94,6 +95,7 @@ module Bibliothecary
|
|
|
94
95
|
pm.analyse_contents(file_path, contents)
|
|
95
96
|
end.flatten.uniq.compact
|
|
96
97
|
end
|
|
98
|
+
alias analyze_file analyse_file
|
|
97
99
|
|
|
98
100
|
# this skips manifests sometimes because it doesn't look at file
|
|
99
101
|
# contents and can't establish from only regexes that the thing
|
metadata
CHANGED
|
@@ -1,29 +1,29 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: bibliothecary
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 7.0.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Andrew Nesbitt
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-
|
|
11
|
+
date: 2021-06-21 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
|
-
name:
|
|
14
|
+
name: tomlrb
|
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
|
16
16
|
requirements:
|
|
17
17
|
- - "~>"
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: '
|
|
19
|
+
version: '2.0'
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - "~>"
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: '
|
|
26
|
+
version: '2.0'
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: librariesio-gem-parser
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|