bibliothecary 7.1.4 → 7.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +3 -3
- data/lib/bibliothecary/parsers/npm.rb +16 -14
- data/lib/bibliothecary/parsers/pypi.rb +12 -3
- data/lib/bibliothecary/related_files_info.rb +2 -2
- data/lib/bibliothecary/version.rb +1 -1
- metadata +6 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6bf41693f3224f06747aa8ea8799d369d68b262033689b900fe1a18c35803b85
|
|
4
|
+
data.tar.gz: 4cee903aaa6fff7e24e7ca4f8ddd162d2dd42af4ec04161fac21397622e6f5cd
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c178932cf88d945686cfa34ab2e9cf581c2b99878d51e2fc783e98804b63737f7f852a1017c81c4aec9c8ca7f425b54b3092722f95b767e37be07fce343a2740
|
|
7
|
+
data.tar.gz: b11a8ea3373f61fb2d1def0f203a400c864f30eec52faa77551d256cdc1a9c27e20e960b4151713982987faea0af8529e83f0d8606129613591487a358c26755
|
data/README.md
CHANGED
|
@@ -53,8 +53,6 @@ All available config options are in: https://github.com/librariesio/bibliothecar
|
|
|
53
53
|
|
|
54
54
|
## Supported package manager file formats
|
|
55
55
|
|
|
56
|
-
- Hackage
|
|
57
|
-
- \*.cabal
|
|
58
56
|
- npm
|
|
59
57
|
- package.json
|
|
60
58
|
- package-lock.json
|
|
@@ -81,6 +79,8 @@ All available config options are in: https://github.com/librariesio/bibliothecar
|
|
|
81
79
|
- requirements/*.pip
|
|
82
80
|
- Pipfile
|
|
83
81
|
- Pipfile.lock
|
|
82
|
+
- pyproject.toml
|
|
83
|
+
- poetry.lock
|
|
84
84
|
- Nuget
|
|
85
85
|
- packages.config
|
|
86
86
|
- Project.json
|
|
@@ -149,7 +149,7 @@ All available config options are in: https://github.com/librariesio/bibliothecar
|
|
|
149
149
|
- Haxelib
|
|
150
150
|
- haxelib.json
|
|
151
151
|
- Hackage
|
|
152
|
-
-
|
|
152
|
+
- \*.cabal
|
|
153
153
|
- cabal.config
|
|
154
154
|
|
|
155
155
|
## Development
|
|
@@ -5,6 +5,9 @@ module Bibliothecary
|
|
|
5
5
|
class NPM
|
|
6
6
|
include Bibliothecary::Analyser
|
|
7
7
|
|
|
8
|
+
# Max depth to recurse into the "dependencies" property of package-lock.json
|
|
9
|
+
PACKAGE_LOCK_JSON_MAX_DEPTH = 10
|
|
10
|
+
|
|
8
11
|
def self.mapping
|
|
9
12
|
{
|
|
10
13
|
match_filename("package.json") => {
|
|
@@ -43,26 +46,25 @@ module Bibliothecary
|
|
|
43
46
|
|
|
44
47
|
def self.parse_package_lock(file_contents)
|
|
45
48
|
manifest = JSON.parse(file_contents)
|
|
46
|
-
manifest.fetch('dependencies',[])
|
|
47
|
-
|
|
48
|
-
type = 'development'
|
|
49
|
-
else
|
|
50
|
-
type = 'runtime'
|
|
51
|
-
end
|
|
52
|
-
|
|
53
|
-
version = nil
|
|
54
|
-
|
|
55
|
-
if requirement.key?("from")
|
|
56
|
-
version = requirement["from"][/#(?:semver:)?v?(.*)/, 1]
|
|
57
|
-
end
|
|
49
|
+
parse_package_lock_deps_recursively(manifest.fetch('dependencies', []))
|
|
50
|
+
end
|
|
58
51
|
|
|
52
|
+
def self.parse_package_lock_deps_recursively(dependencies, depth=1)
|
|
53
|
+
dependencies.flat_map do |name, requirement|
|
|
54
|
+
type = requirement.fetch("dev", false) ? 'development' : 'runtime'
|
|
55
|
+
version = requirement.key?("from") ? requirement["from"][/#(?:semver:)?v?(.*)/, 1] : nil
|
|
59
56
|
version ||= requirement["version"].split("#").last
|
|
57
|
+
child_dependencies = if depth >= PACKAGE_LOCK_JSON_MAX_DEPTH
|
|
58
|
+
[]
|
|
59
|
+
else
|
|
60
|
+
parse_package_lock_deps_recursively(requirement.fetch('dependencies', []), depth + 1)
|
|
61
|
+
end
|
|
60
62
|
|
|
61
|
-
{
|
|
63
|
+
[{
|
|
62
64
|
name: name,
|
|
63
65
|
requirement: version,
|
|
64
66
|
type: type
|
|
65
|
-
}
|
|
67
|
+
}] + child_dependencies
|
|
66
68
|
end
|
|
67
69
|
end
|
|
68
70
|
|
|
@@ -4,7 +4,12 @@ module Bibliothecary
|
|
|
4
4
|
include Bibliothecary::Analyser
|
|
5
5
|
|
|
6
6
|
INSTALL_REGEXP = /install_requires\s*=\s*\[([\s\S]*?)\]/
|
|
7
|
-
|
|
7
|
+
|
|
8
|
+
# Capture Group 1 is package.
|
|
9
|
+
# Optional Group 2 is [extras].
|
|
10
|
+
# Capture Group 3 is Version
|
|
11
|
+
REQUIRE_REGEXP = /([a-zA-Z0-9]+[a-zA-Z0-9\-_\.]+)(?:\[.*?\])*([><=\w\.,]+)?/
|
|
12
|
+
|
|
8
13
|
REQUIREMENTS_REGEXP = /^#{REQUIRE_REGEXP}/
|
|
9
14
|
MANIFEST_REGEXP = /.*require[^\/]*(\/)?[^\/]*\.(txt|pip|in)$/
|
|
10
15
|
PIP_COMPILE_REGEXP = /.*require.*$/
|
|
@@ -21,6 +26,10 @@ module Bibliothecary
|
|
|
21
26
|
parser: :parse_requirements_txt,
|
|
22
27
|
can_have_lockfile: false
|
|
23
28
|
},
|
|
29
|
+
match_filename('requirements.frozen') => { # pattern exists to store frozen deps in requirements.frozen
|
|
30
|
+
parser: :parse_requirements_txt,
|
|
31
|
+
kind: 'lockfile',
|
|
32
|
+
},
|
|
24
33
|
match_filename('pip-resolved-dependencies.txt') => { # Inferred from pip
|
|
25
34
|
kind: 'lockfile',
|
|
26
35
|
parser: :parse_requirements_txt,
|
|
@@ -160,7 +169,7 @@ module Bibliothecary
|
|
|
160
169
|
next unless match
|
|
161
170
|
deps << {
|
|
162
171
|
name: match[1],
|
|
163
|
-
requirement: match[
|
|
172
|
+
requirement: match[-1] || '*',
|
|
164
173
|
type: 'runtime'
|
|
165
174
|
}
|
|
166
175
|
end
|
|
@@ -174,7 +183,7 @@ module Bibliothecary
|
|
|
174
183
|
next unless match
|
|
175
184
|
deps << {
|
|
176
185
|
name: match[1],
|
|
177
|
-
requirement: match[
|
|
186
|
+
requirement: match[-1] || '*',
|
|
178
187
|
type: 'runtime'
|
|
179
188
|
}
|
|
180
189
|
end
|
|
@@ -22,8 +22,8 @@ module Bibliothecary
|
|
|
22
22
|
@platform = package_manager.platform_name
|
|
23
23
|
@path = Pathname.new(File.dirname(file_infos.first.relative_path)).cleanpath.to_path
|
|
24
24
|
# `package_manager.determine_kind_from_info(info)` can be an Array, so use include? which also works for string
|
|
25
|
-
@manifests = file_infos.select { |info| package_manager.determine_kind_from_info(info).include? "manifest" }.map
|
|
26
|
-
@lockfiles = file_infos.select { |info| package_manager.determine_kind_from_info(info).include? "lockfile" }.map
|
|
25
|
+
@manifests = file_infos.select { |info| package_manager.determine_kind_from_info(info).include? "manifest" }.map(&:relative_path)
|
|
26
|
+
@lockfiles = file_infos.select { |info| package_manager.determine_kind_from_info(info).include? "lockfile" }.map(&:relative_path)
|
|
27
27
|
end
|
|
28
28
|
end
|
|
29
29
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: bibliothecary
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 7.
|
|
4
|
+
version: 7.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Andrew Nesbitt
|
|
8
|
-
autorequire:
|
|
8
|
+
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-
|
|
11
|
+
date: 2021-10-25 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: tomlrb
|
|
@@ -206,7 +206,7 @@ dependencies:
|
|
|
206
206
|
- - ">="
|
|
207
207
|
- !ruby/object:Gem::Version
|
|
208
208
|
version: '0'
|
|
209
|
-
description:
|
|
209
|
+
description:
|
|
210
210
|
email:
|
|
211
211
|
- andrewnez@gmail.com
|
|
212
212
|
executables:
|
|
@@ -274,7 +274,7 @@ homepage: https://github.com/librariesio/bibliothecary
|
|
|
274
274
|
licenses:
|
|
275
275
|
- AGPL-3.0
|
|
276
276
|
metadata: {}
|
|
277
|
-
post_install_message:
|
|
277
|
+
post_install_message:
|
|
278
278
|
rdoc_options: []
|
|
279
279
|
require_paths:
|
|
280
280
|
- lib
|
|
@@ -290,7 +290,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
290
290
|
version: '0'
|
|
291
291
|
requirements: []
|
|
292
292
|
rubygems_version: 3.1.2
|
|
293
|
-
signing_key:
|
|
293
|
+
signing_key:
|
|
294
294
|
specification_version: 4
|
|
295
295
|
summary: Find and parse manifests
|
|
296
296
|
test_files: []
|