bibliothecary 6.8.7 → 6.9.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b57d105d77f298ae9422bf7b707a60f8d19665de761fa75945d1970d0b822772
4
- data.tar.gz: c50de4684a5a94f5b5cc384767bc010649b9c2343c66096a1b372802ffafc730
3
+ metadata.gz: 7c5d41a3a8c73b6836a0cfaface97b412a72de93d0656bd1b81fa55c3059cafc
4
+ data.tar.gz: f2b1b0004f91c259e11c339df4680e8f24688b792e44fd943d340309373006b8
5
5
  SHA512:
6
- metadata.gz: e60f8a2e31b858dd28c9ea21b21385d0eb461116af15933d3efa94613385c359158ef1da431de3b28005bcc9b25701a942b3a347c862c440fc0d1b398e3501ac
7
- data.tar.gz: 5a2d8a89194ef61b59c1dc3ec9735a53cf12eccc74b312433d7cef78897d47cde1799aa203e6f89d184da0fb5388d87117f95b87a0e6d8f2ebcec6ddc4aa715d
6
+ metadata.gz: 5065fcc1955f4143f6a6e3a5d25f4f84ac44b1d6cf9b9c1733b3a009ab396ec45a4748a6777d2d5e6be5640d971878fceaa474c72abe41e14e73a41b693f666d
7
+ data.tar.gz: 48720bf216d9893a970480bb2961b5c33aeae8fecaf17c261d6b4322e54b7c9e8f7fa86977e42ce83746655bb3b9f3098bc0674589a2455260ccd13087f182c2
@@ -1 +1 @@
1
- 2.5.1
1
+ 2.6.6
@@ -1,11 +1,10 @@
1
1
  language: ruby
2
2
  rvm:
3
- - 2.5.1
3
+ - 2.6.6
4
4
  cache: bundler
5
5
  before_install:
6
6
  - gem update --system
7
- - gem uninstall -v '>= 2' -i $(rvm gemdir)@global -ax bundler || true
8
- - gem install bundler -v '< 2'
7
+ - gem install bundler
9
8
  script:
10
9
  - bundle exec rake spec && bundle exec codeclimate-test-reporter
11
10
  notifications:
@@ -28,7 +28,6 @@ Gem::Specification.new do |spec|
28
28
  spec.add_dependency "strings-ansi"
29
29
  spec.add_dependency "strings"
30
30
 
31
- spec.add_development_dependency "bundler", "~> 1.11"
32
31
  spec.add_development_dependency "pry"
33
32
  spec.add_development_dependency "rake", "~> 12.0"
34
33
  spec.add_development_dependency "rspec", "~> 3.0"
@@ -7,12 +7,13 @@ module Bibliothecary
7
7
  include Bibliothecary::Analyser
8
8
 
9
9
  GPM_REGEXP = /^(.+)\s+(.+)$/
10
- GOMOD_REGEX = /^(.+)\s+(.+)$/
11
- GOMOD_IGNORABLE_REGEX = /^(module\s|require\s+\(|go\s|\))/m
10
+ GOMOD_REGEX = /^(require\s+)?(.+)\s+(.+)$/
11
+ GOMOD_IGNORABLE_REGEX = /^(\/\/|module\s|go\s|exclude\s|replace\s|require\s+\(|\))/m
12
12
  GOSUM_REGEX = /^(.+)\s+(.+)\s+(.+)$/
13
13
 
14
14
  def self.mapping
15
15
  {
16
+ # Go Modules (recommended)
16
17
  match_filename("go.mod") => {
17
18
  kind: 'manifest',
18
19
  parser: :parse_go_mod
@@ -21,6 +22,7 @@ module Bibliothecary
21
22
  kind: 'lockfile',
22
23
  parser: :parse_go_sum
23
24
  },
25
+ # Glide (unmaintained: https://github.com/Masterminds/glide#go-modules)
24
26
  match_filename("glide.yaml") => {
25
27
  kind: 'manifest',
26
28
  parser: :parse_glide_yaml
@@ -29,6 +31,7 @@ module Bibliothecary
29
31
  kind: 'lockfile',
30
32
  parser: :parse_glide_lockfile
31
33
  },
34
+ # Godep (unmaintained: https://github.com/tools/godep)
32
35
  match_filename("Godeps/Godeps.json") => {
33
36
  kind: 'manifest',
34
37
  parser: :parse_godep_json
@@ -37,6 +40,7 @@ module Bibliothecary
37
40
  kind: 'manifest',
38
41
  parser: :parse_gpm
39
42
  },
43
+ # Govendor (unmaintained: https://github.com/kardianos/govendor)
40
44
  match_filename("vendor/manifest") => {
41
45
  kind: 'manifest',
42
46
  parser: :parse_gb_manifest
@@ -45,6 +49,7 @@ module Bibliothecary
45
49
  kind: 'manifest',
46
50
  parser: :parse_govendor
47
51
  },
52
+ # Go dep (deprecated: https://github.com/golang/dep#dep)
48
53
  match_filename("Gopkg.toml") => {
49
54
  kind: 'manifest',
50
55
  parser: :parse_dep_toml
@@ -112,8 +117,8 @@ module Bibliothecary
112
117
  next if line.match(GOMOD_IGNORABLE_REGEX)
113
118
  if match = line.gsub(/(\/\/(.*))/, '').match(GOMOD_REGEX)
114
119
  deps << {
115
- name: match[1].strip,
116
- requirement: match[2].strip || '*',
120
+ name: match[2].strip,
121
+ requirement: match[3].strip || '*',
117
122
  type: 'runtime'
118
123
  }
119
124
  end
@@ -15,6 +15,21 @@ module Bibliothecary
15
15
  MAVEN_PROPERTY_REGEX = /\$\{(.+?)\}/
16
16
  MAX_DEPTH = 5
17
17
 
18
+ # e.g. "[info] test:"
19
+ SBT_TYPE_REGEX = /^\[info\]\s+([-\w]+):$/
20
+
21
+ # e.g. "[info] org.typelevel:spire-util_2.12"
22
+ SBT_DEP_REGEX = /^\[info\]\s+(.+)$/
23
+
24
+ # e.g. "[info] - 1.7.5"
25
+ SBT_VERSION_REGEX = /^\[info\]\s+-\s+(.+)$/
26
+
27
+ # e.g. "[info] homepage: http://www.slf4j.org"
28
+ SBT_FIELD_REGEX = /^\[info\]\s+([^:]+):\s+(.+)$/
29
+
30
+ # e.g. "[info] "
31
+ SBT_IGNORE_REGEX = /^\[info\]\s*$/
32
+
18
33
  def self.mapping
19
34
  {
20
35
  match_filename("ivy.xml", case_insensitive: true) => {
@@ -41,6 +56,10 @@ module Bibliothecary
41
56
  match_filename("maven-resolved-dependencies.txt", case_insensitive: true) => {
42
57
  kind: 'lockfile',
43
58
  parser: :parse_maven_resolved
59
+ },
60
+ match_filename("sbt-update-full.txt", case_insensitive: true) => {
61
+ kind: 'lockfile',
62
+ parser: :parse_sbt_update_full
44
63
  }
45
64
  }
46
65
  end
@@ -209,7 +228,7 @@ module Bibliothecary
209
228
  # the xml root is <project> so lookup the non property name in the xml
210
229
  # this converts ${project/group.id} -> ${group/id}
211
230
  non_prop_name = property_name.gsub(".", "/").gsub("project/", "")
212
- return value if !xml.respond_to?("properties") && parent_properties.empty? && !xml.locate(non_prop_name)
231
+ return "${#{property_name}}" if !xml.respond_to?("properties") && parent_properties.empty? && xml.locate(non_prop_name).empty?
213
232
 
214
233
  prop_field = xml.properties.locate(property_name).first
215
234
  parent_prop = parent_properties[property_name]
@@ -227,6 +246,103 @@ module Bibliothecary
227
246
  xml.locate("parent/#{non_prop_name}").first.nodes.first
228
247
  end
229
248
  end
249
+
250
+ def self.parse_sbt_update_full(file_contents)
251
+ all_deps = []
252
+ type = nil
253
+ lines = file_contents.split("\n")
254
+ while lines.any?
255
+ line = lines.shift
256
+
257
+ type_match = SBT_TYPE_REGEX.match(line)
258
+ next unless type_match
259
+ type = type_match.captures[0]
260
+
261
+ deps = parse_sbt_deps(type, lines)
262
+ all_deps.concat(deps)
263
+ end
264
+
265
+ # strip out evicted dependencies
266
+ all_deps.select! do |dep|
267
+ dep[:fields]["evicted"] != "true"
268
+ end
269
+
270
+ # in the future, we could use "callers" in the fields to
271
+ # decide which deps are direct root deps and which are
272
+ # pulled in by another dep. The direct deps have the sbt
273
+ # project name as a caller.
274
+
275
+ # clean out any duplicates (I'm pretty sure sbt will have done this for
276
+ # us so this is paranoia, basically)
277
+ squished = all_deps.compact.uniq {|item| [item[:name], item[:requirement], item[:type]]}
278
+
279
+ # get rid of the fields
280
+ squished.each do |dep|
281
+ dep.delete(:fields)
282
+ end
283
+
284
+ return squished
285
+ end
286
+
287
+ def self.parse_sbt_deps(type, lines)
288
+ deps = []
289
+ while lines.any? and not SBT_TYPE_REGEX.match(lines[0])
290
+ line = lines.shift
291
+
292
+ next if SBT_IGNORE_REGEX.match(line)
293
+
294
+ dep_match = SBT_DEP_REGEX.match(line)
295
+ if dep_match
296
+ versions = parse_sbt_versions(type, dep_match.captures[0], lines)
297
+ deps.concat(versions)
298
+ else
299
+ lines.unshift(line)
300
+ break
301
+ end
302
+ end
303
+
304
+ deps
305
+ end
306
+
307
+ def self.parse_sbt_versions(type, name, lines)
308
+ versions = []
309
+ while lines.any? and not SBT_TYPE_REGEX.match(lines[0])
310
+ line = lines.shift
311
+
312
+ version_match = SBT_VERSION_REGEX.match(line)
313
+ if version_match
314
+ versions.push(parse_sbt_version(type, name, version_match.captures[0], lines))
315
+ else
316
+ lines.unshift(line)
317
+ break
318
+ end
319
+ end
320
+
321
+ versions
322
+ end
323
+
324
+ def self.parse_sbt_version(type, name, version, lines)
325
+ fields = {}
326
+ while lines.any? and not SBT_TYPE_REGEX.match(lines[0])
327
+ line = lines.shift
328
+
329
+ field_match = SBT_FIELD_REGEX.match(line)
330
+ if field_match
331
+ fields[field_match.captures[0]] = field_match.captures[1]
332
+ else
333
+ lines.unshift(line)
334
+ break
335
+ end
336
+ end
337
+
338
+ {
339
+ name: name,
340
+ requirement: version,
341
+ type: type,
342
+ # we post-process using some of these fields and then delete them again
343
+ fields: fields
344
+ }
345
+ end
230
346
  end
231
347
  end
232
348
  end
@@ -70,6 +70,7 @@ module Bibliothecary
70
70
  {
71
71
  name: dep[:name],
72
72
  requirement: dep[:version],
73
+ lockfile_requirement: dep[:requirement],
73
74
  type: dep[:type]
74
75
  }
75
76
  end
@@ -31,6 +31,14 @@ module Bibliothecary
31
31
  match_filename("Pipfile.lock") => {
32
32
  kind: 'lockfile',
33
33
  parser: :parse_pipfile_lock
34
+ },
35
+ match_filename("pyproject.toml") => {
36
+ kind: 'manifest',
37
+ parser: :parse_poetry
38
+ },
39
+ match_filename("poetry.lock") => {
40
+ kind: 'lockfile',
41
+ parser: :parse_poetry_lock
34
42
  }
35
43
  }
36
44
  end
@@ -40,6 +48,11 @@ module Bibliothecary
40
48
  map_dependencies(manifest['packages'], 'runtime') + map_dependencies(manifest['dev-packages'], 'develop')
41
49
  end
42
50
 
51
+ def self.parse_poetry(file_contents)
52
+ manifest = TomlRB.parse(file_contents)['tool']['poetry']
53
+ map_dependencies(manifest['dependencies'], 'runtime') + map_dependencies(manifest['dev-dependencies'], 'develop')
54
+ end
55
+
43
56
  def self.map_dependencies(packages, type)
44
57
  return [] unless packages
45
58
  packages.map do |name, info|
@@ -82,6 +95,27 @@ module Bibliothecary
82
95
  deps
83
96
  end
84
97
 
98
+ def self.parse_poetry_lock(file_contents)
99
+ manifest = TomlRB.parse(file_contents)
100
+ deps = []
101
+ manifest["package"].each do |package|
102
+ # next if group == "_meta"
103
+ group = case package['category']
104
+ when 'main'
105
+ 'runtime'
106
+ when 'dev'
107
+ 'develop'
108
+ end
109
+
110
+ deps << {
111
+ name: package['name'],
112
+ requirement: map_requirements(package),
113
+ type: group
114
+ }
115
+ end
116
+ deps
117
+ end
118
+
85
119
  def self.parse_setup_py(manifest)
86
120
  match = manifest.match(INSTALL_REGEXP)
87
121
  return [] unless match
@@ -1,3 +1,3 @@
1
1
  module Bibliothecary
2
- VERSION = "6.8.7"
2
+ VERSION = "6.9.1"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bibliothecary
3
3
  version: !ruby/object:Gem::Version
4
- version: 6.8.7
4
+ version: 6.9.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andrew Nesbitt
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-05-13 00:00:00.000000000 Z
11
+ date: 2020-10-20 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: toml-rb
@@ -136,20 +136,6 @@ dependencies:
136
136
  - - ">="
137
137
  - !ruby/object:Gem::Version
138
138
  version: '0'
139
- - !ruby/object:Gem::Dependency
140
- name: bundler
141
- requirement: !ruby/object:Gem::Requirement
142
- requirements:
143
- - - "~>"
144
- - !ruby/object:Gem::Version
145
- version: '1.11'
146
- type: :development
147
- prerelease: false
148
- version_requirements: !ruby/object:Gem::Requirement
149
- requirements:
150
- - - "~>"
151
- - !ruby/object:Gem::Version
152
- version: '1.11'
153
139
  - !ruby/object:Gem::Dependency
154
140
  name: pry
155
141
  requirement: !ruby/object:Gem::Requirement
@@ -302,7 +288,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
302
288
  - !ruby/object:Gem::Version
303
289
  version: '0'
304
290
  requirements: []
305
- rubygems_version: 3.0.4
291
+ rubygems_version: 3.0.3
306
292
  signing_key:
307
293
  specification_version: 4
308
294
  summary: Find and parse manifests