bibliothecary 6.8.9 → 6.9.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.ruby-version +1 -1
- data/README.md +1 -0
- data/lib/bibliothecary/parsers/go.rb +11 -1
- data/lib/bibliothecary/parsers/maven.rb +4 -3
- data/lib/bibliothecary/parsers/npm.rb +1 -0
- data/lib/bibliothecary/parsers/pypi.rb +34 -0
- data/lib/bibliothecary/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: eddf54931d180a739e69e33150ff5b105994976ff9436eae7765a88d7a5d7169
|
|
4
|
+
data.tar.gz: 8f53292f1e7c7be586f9810dc723fb39dd145b8f436b6d82c6eb984cf7a726da
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: bc54928770a24ef0214a11ca1cb9400875cf752ce28c907651cdc1ac879736e2e1c3860f71a5ebfda275d860dff4c495fcafb2f44cfd6c2b3f8f252b404dc7bc
|
|
7
|
+
data.tar.gz: 9886c713649ec7503b7106c91fb1b5242d898ccb1fbd65462494c4d80b56186f08b536fa321fba6658e4c7ba183d624cc974e20c29b7e4bd6ffd3e8c3756661d
|
data/.ruby-version
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
2.
|
|
1
|
+
2.7.1
|
data/README.md
CHANGED
|
@@ -57,7 +57,11 @@ module Bibliothecary
|
|
|
57
57
|
match_filename("Gopkg.lock") => {
|
|
58
58
|
kind: 'lockfile',
|
|
59
59
|
parser: :parse_dep_lockfile
|
|
60
|
-
}
|
|
60
|
+
},
|
|
61
|
+
match_filename("go-resolved-dependencies.json") => {
|
|
62
|
+
kind: 'lockfile',
|
|
63
|
+
parser: :parse_go_resolved
|
|
64
|
+
},
|
|
61
65
|
}
|
|
62
66
|
end
|
|
63
67
|
|
|
@@ -140,6 +144,12 @@ module Bibliothecary
|
|
|
140
144
|
deps.uniq
|
|
141
145
|
end
|
|
142
146
|
|
|
147
|
+
def self.parse_go_resolved(file_contents)
|
|
148
|
+
JSON.parse(file_contents)
|
|
149
|
+
.select { |dep| dep["Main"] != "true" }
|
|
150
|
+
.map { |dep| { name: dep["Path"], requirement: dep["Version"], type: 'runtime' } }
|
|
151
|
+
end
|
|
152
|
+
|
|
143
153
|
def self.map_dependencies(manifest, attr_name, dep_attr_name, version_attr_name, type)
|
|
144
154
|
manifest.fetch(attr_name,[]).map do |dependency|
|
|
145
155
|
{
|
|
@@ -124,8 +124,9 @@ module Bibliothecary
|
|
|
124
124
|
split = gradle_dep_match.captures[0]
|
|
125
125
|
|
|
126
126
|
# org.springframework.boot:spring-boot-starter-web:2.1.0.M3 (*)
|
|
127
|
-
# Lines can end with (
|
|
128
|
-
|
|
127
|
+
# Lines can end with (c), (n), or (*)
|
|
128
|
+
# to indicate that something was a dependency constraint (c), not resolved (n), or resolved previously (*).
|
|
129
|
+
dep = line.split(split)[1].sub(/(\((c|n|\*)\))$/, "").strip.split(":")
|
|
129
130
|
version = dep[-1]
|
|
130
131
|
version = version.split("->")[-1].strip if line.include?("->")
|
|
131
132
|
{
|
|
@@ -228,7 +229,7 @@ module Bibliothecary
|
|
|
228
229
|
# the xml root is <project> so lookup the non property name in the xml
|
|
229
230
|
# this converts ${project/group.id} -> ${group/id}
|
|
230
231
|
non_prop_name = property_name.gsub(".", "/").gsub("project/", "")
|
|
231
|
-
return
|
|
232
|
+
return "${#{property_name}}" if !xml.respond_to?("properties") && parent_properties.empty? && xml.locate(non_prop_name).empty?
|
|
232
233
|
|
|
233
234
|
prop_field = xml.properties.locate(property_name).first
|
|
234
235
|
parent_prop = parent_properties[property_name]
|
|
@@ -31,6 +31,14 @@ module Bibliothecary
|
|
|
31
31
|
match_filename("Pipfile.lock") => {
|
|
32
32
|
kind: 'lockfile',
|
|
33
33
|
parser: :parse_pipfile_lock
|
|
34
|
+
},
|
|
35
|
+
match_filename("pyproject.toml") => {
|
|
36
|
+
kind: 'manifest',
|
|
37
|
+
parser: :parse_poetry
|
|
38
|
+
},
|
|
39
|
+
match_filename("poetry.lock") => {
|
|
40
|
+
kind: 'lockfile',
|
|
41
|
+
parser: :parse_poetry_lock
|
|
34
42
|
}
|
|
35
43
|
}
|
|
36
44
|
end
|
|
@@ -40,6 +48,11 @@ module Bibliothecary
|
|
|
40
48
|
map_dependencies(manifest['packages'], 'runtime') + map_dependencies(manifest['dev-packages'], 'develop')
|
|
41
49
|
end
|
|
42
50
|
|
|
51
|
+
def self.parse_poetry(file_contents)
|
|
52
|
+
manifest = TomlRB.parse(file_contents)['tool']['poetry']
|
|
53
|
+
map_dependencies(manifest['dependencies'], 'runtime') + map_dependencies(manifest['dev-dependencies'], 'develop')
|
|
54
|
+
end
|
|
55
|
+
|
|
43
56
|
def self.map_dependencies(packages, type)
|
|
44
57
|
return [] unless packages
|
|
45
58
|
packages.map do |name, info|
|
|
@@ -82,6 +95,27 @@ module Bibliothecary
|
|
|
82
95
|
deps
|
|
83
96
|
end
|
|
84
97
|
|
|
98
|
+
def self.parse_poetry_lock(file_contents)
|
|
99
|
+
manifest = TomlRB.parse(file_contents)
|
|
100
|
+
deps = []
|
|
101
|
+
manifest["package"].each do |package|
|
|
102
|
+
# next if group == "_meta"
|
|
103
|
+
group = case package['category']
|
|
104
|
+
when 'main'
|
|
105
|
+
'runtime'
|
|
106
|
+
when 'dev'
|
|
107
|
+
'develop'
|
|
108
|
+
end
|
|
109
|
+
|
|
110
|
+
deps << {
|
|
111
|
+
name: package['name'],
|
|
112
|
+
requirement: map_requirements(package),
|
|
113
|
+
type: group
|
|
114
|
+
}
|
|
115
|
+
end
|
|
116
|
+
deps
|
|
117
|
+
end
|
|
118
|
+
|
|
85
119
|
def self.parse_setup_py(manifest)
|
|
86
120
|
match = manifest.match(INSTALL_REGEXP)
|
|
87
121
|
return [] unless match
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: bibliothecary
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 6.
|
|
4
|
+
version: 6.9.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Andrew Nesbitt
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-
|
|
11
|
+
date: 2020-11-24 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: toml-rb
|
|
@@ -288,7 +288,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
288
288
|
- !ruby/object:Gem::Version
|
|
289
289
|
version: '0'
|
|
290
290
|
requirements: []
|
|
291
|
-
rubygems_version: 3.
|
|
291
|
+
rubygems_version: 3.1.2
|
|
292
292
|
signing_key:
|
|
293
293
|
specification_version: 4
|
|
294
294
|
summary: Find and parse manifests
|