bibliothecary 6.7.2 → 6.7.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/bibliothecary.gemspec +2 -0
  3. data/lib/bibliothecary/parsers/maven.rb +70 -19
  4. data/lib/bibliothecary/version.rb +1 -1
  5. metadata +30 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 132a90ea8ed661b70e6709542f66d899eb5e35900905fd353b63f4e70b535ef8
4
- data.tar.gz: 3803d75c592a1f338ea4ce0d054b1347d3a61d35db14098427a5f94031b29bfd
3
+ metadata.gz: b589f62fb357fbc3134d456ea82c07b7ff20b11217d2c8010c8db5ff3a009337
4
+ data.tar.gz: 0a0727d453938b3ce8878aabe623b2ca7dbc928cb207bcdd94eb97173ade521f
5
5
  SHA512:
6
- metadata.gz: 26d770f760a52e56f7b51a04dadae781c87e73cac8e3f31d1f7cfd5d93c1a5597f079e609393146d7549b93a84bfb82a93801eacb92eb4cdf43f65e766e612ca
7
- data.tar.gz: 1c8136abb0ad7b67a57b0e5e41f2e9a48e110e5c71b27baa6005c922f9fac30a69be173ec88aa20d3e494c96360986052210be0e07df0c652d15cc6f43affc34
6
+ metadata.gz: 3d12065e6cd92680e7ed7a0c60770e67704aa949f2d5591126eb20fb6d4c42cbfa763caf60c0a71877d41d6f75231da96d910d8b219c78af81e67bcf5e240918
7
+ data.tar.gz: b4c378068bf8ee58bc8a77e44a984a4eff68c0660e0c0ebaca8bee5c29b7ae69534bfead06a0993362a1f3de1b8cf96b7ff925787cdf44abc923fe9a0ffa2c1a
data/bibliothecary.gemspec CHANGED
@@ -25,6 +25,8 @@ Gem::Specification.new do |spec|
25
25
  spec.add_dependency "deb_control"
26
26
  spec.add_dependency "sdl4r"
27
27
  spec.add_dependency "commander"
28
+ spec.add_dependency "strings-ansi"
29
+ spec.add_dependency "strings"
28
30
 
29
31
  spec.add_development_dependency "bundler", "~> 1.11"
30
32
  spec.add_development_dependency "pry"
data/lib/bibliothecary/parsers/maven.rb CHANGED
@@ -1,4 +1,5 @@
1
1
  require 'ox'
2
+ require 'strings-ansi'
2
3
 
3
4
  module Bibliothecary
4
5
  module Parsers
@@ -11,6 +12,9 @@ module Bibliothecary
11
12
  # "| \\--- com.google.guava:guava:23.5-jre (*)"
12
13
  GRADLE_DEP_REGEX = /(\+---|\\---){1}/
13
14
 
15
+ MAVEN_PROPERTY_REGEX = /\$\{(.+?)\}/
16
+ MAX_DEPTH = 5
17
+
14
18
  def self.mapping
15
19
  {
16
20
  match_filename("ivy.xml", case_insensitive: true) => {
@@ -33,6 +37,10 @@ module Bibliothecary
33
37
  match_filename("gradle-dependencies-q.txt", case_insensitive: true) => {
34
38
  kind: 'lockfile',
35
39
  parser: :parse_gradle_resolved
40
+ },
41
+ match_filename("maven-resolved-dependencies.txt", case_insensitive: true) => {
42
+ kind: 'lockfile',
43
+ parser: :parse_maven_resolved
36
44
  }
37
45
  }
38
46
  end
@@ -53,7 +61,7 @@ module Bibliothecary
53
61
  doc = Ox.parse file_contents
54
62
  root = doc&.locate("ivy-report")&.first
55
63
  return !root.nil?
56
- rescue Exception => e # rubocop:disable Lint/RescueException
64
+ rescue Exception # rubocop:disable Lint/RescueException
57
65
  # We rescue exception here since native libs can throw a non-StandardError
58
66
  # We don't want to throw errors during the matching phase, only during
59
67
  # parsing after we match.
@@ -109,6 +117,25 @@ module Bibliothecary
109
117
  end.compact.uniq {|item| [item[:name], item[:requirement], item[:type]]}
110
118
  end
111
119
 
120
+ def self.parse_maven_resolved(file_contents)
121
+ Strings::ANSI.sanitize(file_contents)
122
+ .split("\n")
123
+ .map(&method(:parse_resolved_dep_line))
124
+ .compact
125
+ .uniq
126
+ end
127
+
128
+ def self.parse_resolved_dep_line(line)
129
+ dep_parts = line.strip.split(":")
130
+ return unless dep_parts.length == 5
131
+ # org.springframework.boot:spring-boot-starter-web:jar:2.0.3.RELEASE:compile -- module spring.boot.starter.web [auto]
132
+ {
133
+ name: dep_parts[0, 2].join(":"),
134
+ requirement: dep_parts[3],
135
+ type: dep_parts[4].split("--").first.strip
136
+ }
137
+ end
138
+
112
139
  def self.parse_pom_manifest(file_contents, parent_properties = {})
113
140
  manifest = Ox.parse file_contents
114
141
  xml = manifest.respond_to?('project') ? manifest.project : manifest
@@ -148,30 +175,54 @@ module Bibliothecary
148
175
  def self.extract_pom_dep_info(xml, dependency, name, parent_properties = {})
149
176
  field = dependency.locate(name).first
150
177
  return nil if field.nil?
178
+
151
179
  value = field.nodes.first
152
- match = value.match(/^\$\{(.+)\}/)
180
+ match = value.match(MAVEN_PROPERTY_REGEX)
153
181
  if match
154
- # the xml root is <project> so lookup the non property name in the xml
155
- # this converts ${project/group.id} -> ${group/id}
156
- non_prop_name = match[1].gsub('.', '/').gsub('project/', '')
157
- return value if !xml.respond_to?('properties') && parent_properties.empty? && !xml.locate(non_prop_name)
158
- prop_field = xml.properties.locate(match[1]).first
159
- parent_prop = parent_properties[match[1]]
160
- if prop_field
161
- return prop_field.nodes.first
162
- elsif parent_prop
163
- return parent_prop
164
- elsif xml.locate(non_prop_name).first
165
- # see if the value to look up is a field under the project
166
- # examples are ${project.groupId} or ${project.version}
167
- return xml.locate(non_prop_name).first.nodes.first
168
- else
169
- return value
170
- end
182
+ return extract_property(xml, match[1], value, parent_properties)
171
183
  else
172
184
  return value
173
185
  end
174
186
  end
187
+
188
+ def self.replace_value_with_prop(original_value, property_value, property_name)
189
+ original_value.gsub("${#{property_name}}", property_value)
190
+ end
191
+
192
+ def self.extract_property(xml, property_name, value, parent_properties = {}, depth = 0)
193
+ prop_value = property_value(xml, property_name, parent_properties)
194
+ return value unless prop_value
195
+ # don't resolve more than 5 levels deep to avoid potential circular references
196
+
197
+ resolved_value = replace_value_with_prop(value, prop_value, property_name)
198
+ # check to see if we just resolved to another property name
199
+ match = resolved_value.match(MAVEN_PROPERTY_REGEX)
200
+ if match && depth < MAX_DEPTH
201
+ depth += 1
202
+ return extract_property(xml, match[1], resolved_value, parent_properties, depth)
203
+ else
204
+ return resolved_value
205
+ end
206
+ end
207
+
208
+ def self.property_value(xml, property_name, parent_properties)
209
+ # the xml root is <project> so lookup the non property name in the xml
210
+ # this converts ${project/group.id} -> ${group/id}
211
+ non_prop_name = property_name.gsub(".", "/").gsub("project/", "")
212
+ return value if !xml.respond_to?("properties") && parent_properties.empty? && !xml.locate(non_prop_name)
213
+
214
+ prop_field = xml.properties.locate(property_name).first
215
+ parent_prop = parent_properties[property_name]
216
+ if prop_field
217
+ prop_field.nodes.first
218
+ elsif parent_prop
219
+ parent_prop
220
+ elsif xml.locate(non_prop_name).first
221
+ # see if the value to look up is a field under the project
222
+ # examples are ${project.groupId} or ${project.version}
223
+ xml.locate(non_prop_name).first.nodes.first
224
+ end
225
+ end
175
226
  end
176
227
  end
177
228
  end
data/lib/bibliothecary/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Bibliothecary
2
- VERSION = "6.7.2"
2
+ VERSION = "6.7.3"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bibliothecary
3
3
  version: !ruby/object:Gem::Version
4
- version: 6.7.2
4
+ version: 6.7.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andrew Nesbitt
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-06-12 00:00:00.000000000 Z
11
+ date: 2019-07-02 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: toml-rb
@@ -108,6 +108,34 @@ dependencies:
108
108
  - - ">="
109
109
  - !ruby/object:Gem::Version
110
110
  version: '0'
111
+ - !ruby/object:Gem::Dependency
112
+ name: strings-ansi
113
+ requirement: !ruby/object:Gem::Requirement
114
+ requirements:
115
+ - - ">="
116
+ - !ruby/object:Gem::Version
117
+ version: '0'
118
+ type: :runtime
119
+ prerelease: false
120
+ version_requirements: !ruby/object:Gem::Requirement
121
+ requirements:
122
+ - - ">="
123
+ - !ruby/object:Gem::Version
124
+ version: '0'
125
+ - !ruby/object:Gem::Dependency
126
+ name: strings
127
+ requirement: !ruby/object:Gem::Requirement
128
+ requirements:
129
+ - - ">="
130
+ - !ruby/object:Gem::Version
131
+ version: '0'
132
+ type: :runtime
133
+ prerelease: false
134
+ version_requirements: !ruby/object:Gem::Requirement
135
+ requirements:
136
+ - - ">="
137
+ - !ruby/object:Gem::Version
138
+ version: '0'
111
139
  - !ruby/object:Gem::Dependency
112
140
  name: bundler
113
141
  requirement: !ruby/object:Gem::Requirement