bibliothecary 6.8.4 → 6.8.9

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9f6d0c75dace8b988d53e7b6620e7c1c8aad139ddf4aebbc1497c1428b4bda09
4
- data.tar.gz: ea3e235adc6e425269eb29fda38694555be29b54bcb5cdc7ec8b455ac06b554c
3
+ metadata.gz: c655fc14eb58f419b202c25b3b28d22f041c840ceda3d527aaf21b122d5663fe
4
+ data.tar.gz: 43b452b2ec6411d409aff5a479fd3d89d2bdf7eeb253b253b5a76849b8990b1a
5
5
  SHA512:
6
- metadata.gz: 191203c29364c6fb45bf9228fa49a1ae3e8f176ec1e7331c07e3bf731688ac896220d49a4271773703ec48a240cdb0fdfc555fd887ed14cd459d2788a285339c
7
- data.tar.gz: 185c27f488fd30d3026447193396637b90a46c286c7cbf02b207ce0dd1ff30d576c73b5a39262f61ad3fe7bf7975f9df0ef20cfb61701ac532cc969733ef26f2
6
+ metadata.gz: 921763c07b4ae50a14a905e5eed87a558631495500150ac732763a9456b081007b6e05dac4eabfec13f06ed3d3a6b38cdc30436e828204f389a627ab64fbc38b
7
+ data.tar.gz: daf4e977c0c46daec88c6e9cfc0dd41b0e4ce842266716bb40aa3da10effcd5d5ee291ca034f1509f8e0233bd4a6e08ed6ab00896f7cfe4dd66ca5bbe2a859d3
@@ -1 +1 @@
1
- 2.5.1
1
+ 2.6.6
@@ -1,11 +1,10 @@
1
1
  language: ruby
2
2
  rvm:
3
- - 2.5.1
3
+ - 2.6.6
4
4
  cache: bundler
5
5
  before_install:
6
6
  - gem update --system
7
- - gem uninstall -v '>= 2' -i $(rvm gemdir)@global -ax bundler || true
8
- - gem install bundler -v '< 2'
7
+ - gem install bundler
9
8
  script:
10
9
  - bundle exec rake spec && bundle exec codeclimate-test-reporter
11
10
  notifications:
@@ -28,7 +28,6 @@ Gem::Specification.new do |spec|
28
28
  spec.add_dependency "strings-ansi"
29
29
  spec.add_dependency "strings"
30
30
 
31
- spec.add_development_dependency "bundler", "~> 1.11"
32
31
  spec.add_development_dependency "pry"
33
32
  spec.add_development_dependency "rake", "~> 12.0"
34
33
  spec.add_development_dependency "rspec", "~> 3.0"
@@ -27,12 +27,12 @@ module Bibliothecary
27
27
  end
28
28
 
29
29
  def self.parse_conda(info)
30
- dependencies = call_conda_parser_web(info, :manifest)[:manifest]
30
+ dependencies = call_conda_parser_web(info, "manifest")[:manifest]
31
31
  dependencies.map { |dep| dep.merge(type: "runtime") }
32
32
  end
33
33
 
34
34
  def self.parse_conda_lockfile(info)
35
- dependencies = call_conda_parser_web(info, :lockfile)[:lockfile]
35
+ dependencies = call_conda_parser_web(info, "lockfile")[:lockfile]
36
36
  dependencies.map { |dep| dep.merge(type: "runtime") }
37
37
  end
38
38
 
@@ -7,12 +7,13 @@ module Bibliothecary
7
7
  include Bibliothecary::Analyser
8
8
 
9
9
  GPM_REGEXP = /^(.+)\s+(.+)$/
10
- GOMOD_REGEX = /^(.+)\s+(.+)$/
11
- GOMOD_IGNORABLE_REGEX = /^(module\s|require\s+\(|go\s|\))/m
10
+ GOMOD_REGEX = /^(require\s+)?(.+)\s+(.+)$/
11
+ GOMOD_IGNORABLE_REGEX = /^(\/\/|module\s|go\s|exclude\s|replace\s|require\s+\(|\))/m
12
12
  GOSUM_REGEX = /^(.+)\s+(.+)\s+(.+)$/
13
13
 
14
14
  def self.mapping
15
15
  {
16
+ # Go Modules (recommended)
16
17
  match_filename("go.mod") => {
17
18
  kind: 'manifest',
18
19
  parser: :parse_go_mod
@@ -21,6 +22,7 @@ module Bibliothecary
21
22
  kind: 'lockfile',
22
23
  parser: :parse_go_sum
23
24
  },
25
+ # Glide (unmaintained: https://github.com/Masterminds/glide#go-modules)
24
26
  match_filename("glide.yaml") => {
25
27
  kind: 'manifest',
26
28
  parser: :parse_glide_yaml
@@ -29,6 +31,7 @@ module Bibliothecary
29
31
  kind: 'lockfile',
30
32
  parser: :parse_glide_lockfile
31
33
  },
34
+ # Godep (unmaintained: https://github.com/tools/godep)
32
35
  match_filename("Godeps/Godeps.json") => {
33
36
  kind: 'manifest',
34
37
  parser: :parse_godep_json
@@ -37,6 +40,7 @@ module Bibliothecary
37
40
  kind: 'manifest',
38
41
  parser: :parse_gpm
39
42
  },
43
+ # Govendor (unmaintained: https://github.com/kardianos/govendor)
40
44
  match_filename("vendor/manifest") => {
41
45
  kind: 'manifest',
42
46
  parser: :parse_gb_manifest
@@ -45,6 +49,7 @@ module Bibliothecary
45
49
  kind: 'manifest',
46
50
  parser: :parse_govendor
47
51
  },
52
+ # Go dep (deprecated: https://github.com/golang/dep#dep)
48
53
  match_filename("Gopkg.toml") => {
49
54
  kind: 'manifest',
50
55
  parser: :parse_dep_toml
@@ -112,8 +117,8 @@ module Bibliothecary
112
117
  next if line.match(GOMOD_IGNORABLE_REGEX)
113
118
  if match = line.gsub(/(\/\/(.*))/, '').match(GOMOD_REGEX)
114
119
  deps << {
115
- name: match[1].strip,
116
- requirement: match[2].strip || '*',
120
+ name: match[2].strip,
121
+ requirement: match[3].strip || '*',
117
122
  type: 'runtime'
118
123
  }
119
124
  end
@@ -15,6 +15,21 @@ module Bibliothecary
15
15
  MAVEN_PROPERTY_REGEX = /\$\{(.+?)\}/
16
16
  MAX_DEPTH = 5
17
17
 
18
+ # e.g. "[info] test:"
19
+ SBT_TYPE_REGEX = /^\[info\]\s+([-\w]+):$/
20
+
21
+ # e.g. "[info] org.typelevel:spire-util_2.12"
22
+ SBT_DEP_REGEX = /^\[info\]\s+(.+)$/
23
+
24
+ # e.g. "[info] - 1.7.5"
25
+ SBT_VERSION_REGEX = /^\[info\]\s+-\s+(.+)$/
26
+
27
+ # e.g. "[info] homepage: http://www.slf4j.org"
28
+ SBT_FIELD_REGEX = /^\[info\]\s+([^:]+):\s+(.+)$/
29
+
30
+ # e.g. "[info] "
31
+ SBT_IGNORE_REGEX = /^\[info\]\s*$/
32
+
18
33
  def self.mapping
19
34
  {
20
35
  match_filename("ivy.xml", case_insensitive: true) => {
@@ -41,6 +56,10 @@ module Bibliothecary
41
56
  match_filename("maven-resolved-dependencies.txt", case_insensitive: true) => {
42
57
  kind: 'lockfile',
43
58
  parser: :parse_maven_resolved
59
+ },
60
+ match_filename("sbt-update-full.txt", case_insensitive: true) => {
61
+ kind: 'lockfile',
62
+ parser: :parse_sbt_update_full
44
63
  }
45
64
  }
46
65
  end
@@ -227,6 +246,103 @@ module Bibliothecary
227
246
  xml.locate("parent/#{non_prop_name}").first.nodes.first
228
247
  end
229
248
  end
249
+
250
+ def self.parse_sbt_update_full(file_contents)
251
+ all_deps = []
252
+ type = nil
253
+ lines = file_contents.split("\n")
254
+ while lines.any?
255
+ line = lines.shift
256
+
257
+ type_match = SBT_TYPE_REGEX.match(line)
258
+ next unless type_match
259
+ type = type_match.captures[0]
260
+
261
+ deps = parse_sbt_deps(type, lines)
262
+ all_deps.concat(deps)
263
+ end
264
+
265
+ # strip out evicted dependencies
266
+ all_deps.select! do |dep|
267
+ dep[:fields]["evicted"] != "true"
268
+ end
269
+
270
+ # in the future, we could use "callers" in the fields to
271
+ # decide which deps are direct root deps and which are
272
+ # pulled in by another dep. The direct deps have the sbt
273
+ # project name as a caller.
274
+
275
+ # clean out any duplicates (I'm pretty sure sbt will have done this for
276
+ # us so this is paranoia, basically)
277
+ squished = all_deps.compact.uniq {|item| [item[:name], item[:requirement], item[:type]]}
278
+
279
+ # get rid of the fields
280
+ squished.each do |dep|
281
+ dep.delete(:fields)
282
+ end
283
+
284
+ return squished
285
+ end
286
+
287
+ def self.parse_sbt_deps(type, lines)
288
+ deps = []
289
+ while lines.any? and not SBT_TYPE_REGEX.match(lines[0])
290
+ line = lines.shift
291
+
292
+ next if SBT_IGNORE_REGEX.match(line)
293
+
294
+ dep_match = SBT_DEP_REGEX.match(line)
295
+ if dep_match
296
+ versions = parse_sbt_versions(type, dep_match.captures[0], lines)
297
+ deps.concat(versions)
298
+ else
299
+ lines.unshift(line)
300
+ break
301
+ end
302
+ end
303
+
304
+ deps
305
+ end
306
+
307
+ def self.parse_sbt_versions(type, name, lines)
308
+ versions = []
309
+ while lines.any? and not SBT_TYPE_REGEX.match(lines[0])
310
+ line = lines.shift
311
+
312
+ version_match = SBT_VERSION_REGEX.match(line)
313
+ if version_match
314
+ versions.push(parse_sbt_version(type, name, version_match.captures[0], lines))
315
+ else
316
+ lines.unshift(line)
317
+ break
318
+ end
319
+ end
320
+
321
+ versions
322
+ end
323
+
324
+ def self.parse_sbt_version(type, name, version, lines)
325
+ fields = {}
326
+ while lines.any? and not SBT_TYPE_REGEX.match(lines[0])
327
+ line = lines.shift
328
+
329
+ field_match = SBT_FIELD_REGEX.match(line)
330
+ if field_match
331
+ fields[field_match.captures[0]] = field_match.captures[1]
332
+ else
333
+ lines.unshift(line)
334
+ break
335
+ end
336
+ end
337
+
338
+ {
339
+ name: name,
340
+ requirement: version,
341
+ type: type,
342
+ # we post-process using some of these fields and then delete them again
343
+ fields: fields
344
+ }
345
+ end
230
346
  end
231
347
  end
232
348
  end
@@ -16,6 +16,10 @@ module Bibliothecary
16
16
  kind: 'lockfile',
17
17
  parser: :parse_project_lock_json
18
18
  },
19
+ match_filename("packages.lock.json") => {
20
+ kind: 'lockfile',
21
+ parser: :parse_packages_lock_json
22
+ },
19
23
  match_filename("packages.config") => {
20
24
  kind: 'manifest',
21
25
  parser: :parse_packages_config
@@ -47,6 +51,31 @@ module Bibliothecary
47
51
  end
48
52
  end
49
53
 
54
+ def self.parse_packages_lock_json(file_contents)
55
+ manifest = JSON.parse file_contents
56
+
57
+ frameworks = {}
58
+ manifest.fetch('dependencies',[]).each do |framework, deps|
59
+ frameworks[framework] = deps.map do |name, details|
60
+ {
61
+ name: name,
62
+ # 'resolved' has been set in all examples so far
63
+ # so fallback to requested is pure paranoia
64
+ requirement: details.fetch('resolved', details.fetch('requested', '*')),
65
+ type: 'runtime'
66
+ }
67
+ end
68
+ end
69
+
70
+ if frameworks.size > 0
71
+ # we should really return multiple manifests, but bibliothecary doesn't
72
+ # do that yet so at least pick deterministically.
73
+ frameworks[frameworks.keys.sort.last]
74
+ else
75
+ []
76
+ end
77
+ end
78
+
50
79
  def self.parse_packages_config(file_contents)
51
80
  manifest = Ox.parse file_contents
52
81
  manifest.packages.locate('package').map do |dependency|
@@ -15,6 +15,10 @@ module Bibliothecary
15
15
  parser: :parse_requirements_txt,
16
16
  can_have_lockfile: false
17
17
  },
18
+ match_filename('pip-resolved-dependencies.txt') => { # Inferred from pip
19
+ kind: 'lockfile',
20
+ parser: :parse_requirements_txt,
21
+ },
18
22
  match_filename("setup.py") => {
19
23
  kind: 'manifest',
20
24
  parser: :parse_setup_py,
@@ -1,3 +1,3 @@
1
1
  module Bibliothecary
2
- VERSION = "6.8.4"
2
+ VERSION = "6.8.9"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bibliothecary
3
3
  version: !ruby/object:Gem::Version
4
- version: 6.8.4
4
+ version: 6.8.9
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andrew Nesbitt
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-10-01 00:00:00.000000000 Z
11
+ date: 2020-06-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: toml-rb
@@ -136,20 +136,6 @@ dependencies:
136
136
  - - ">="
137
137
  - !ruby/object:Gem::Version
138
138
  version: '0'
139
- - !ruby/object:Gem::Dependency
140
- name: bundler
141
- requirement: !ruby/object:Gem::Requirement
142
- requirements:
143
- - - "~>"
144
- - !ruby/object:Gem::Version
145
- version: '1.11'
146
- type: :development
147
- prerelease: false
148
- version_requirements: !ruby/object:Gem::Requirement
149
- requirements:
150
- - - "~>"
151
- - !ruby/object:Gem::Version
152
- version: '1.11'
153
139
  - !ruby/object:Gem::Dependency
154
140
  name: pry
155
141
  requirement: !ruby/object:Gem::Requirement
@@ -302,7 +288,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
302
288
  - !ruby/object:Gem::Version
303
289
  version: '0'
304
290
  requirements: []
305
- rubygems_version: 3.0.4
291
+ rubygems_version: 3.0.3
306
292
  signing_key:
307
293
  specification_version: 4
308
294
  summary: Find and parse manifests