bibliothecary 8.3.7 → 8.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.ruby-version +1 -1
- data/lib/bibliothecary/parsers/maven.rb +32 -2
- data/lib/bibliothecary/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 65f4910198d30819544a51adff24b14ce2214631dc0adf958d264dd89800f1ab
|
|
4
|
+
data.tar.gz: 362bea1f8f48122e28253491c281e2a25bdf6d14c831e988435da4bc02b3da52
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 51e6c14e963753db57341b241356a323dcc55e31b9593444aca6d2cc5882af26fe52d06b36b1382f11367f301bd817f82a35ab7ff8dd5d7d1e065ec52775e06f
|
|
7
|
+
data.tar.gz: bdfcc8fbb046095031c39619955eef933bfe4a59e7d59558e621e7bd6ab391fda2559b10a85640abf181505dfce0bd21ec7103325595a2dfa0cbeb2da828e437
|
data/.ruby-version
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
2.7.
|
|
1
|
+
2.7.6
|
|
@@ -12,6 +12,11 @@ module Bibliothecary
|
|
|
12
12
|
# "| \\--- com.google.guava:guava:23.5-jre (*)"
|
|
13
13
|
GRADLE_DEP_REGEX = /(\+---|\\---){1}/
|
|
14
14
|
|
|
15
|
+
# Dependencies that are on-disk projects, eg:
|
|
16
|
+
# \--- project :api:my-internal-project
|
|
17
|
+
# +--- my-group:my-alias:1.2.3 -> project :client (*)
|
|
18
|
+
GRADLE_PROJECT_REGEX = /project :(\S+)/
|
|
19
|
+
|
|
15
20
|
# Builtin methods: https://docs.gradle.org/current/userguide/java_plugin.html#tab:configurations
|
|
16
21
|
# Deprecated methods: https://docs.gradle.org/current/userguide/upgrading_version_6.html#sec:configuration_removal
|
|
17
22
|
GRADLE_DEPENDENCY_METHODS = %w(api compile compileClasspath compileOnly compileOnlyApi implementation runtime runtimeClasspath runtimeOnly testCompile testCompileOnly testImplementation testRuntime testRuntimeOnly)
|
|
@@ -148,11 +153,27 @@ module Bibliothecary
|
|
|
148
153
|
|
|
149
154
|
split = gradle_dep_match.captures[0]
|
|
150
155
|
|
|
156
|
+
# gradle can import on-disk projects and deps will be listed under them, e.g. `+--- project :pie2-testing`,
|
|
157
|
+
# so we treat these projects as internal deps themselves (["internal:foo","0.0.0"])
|
|
158
|
+
if (project_match = line.match(GRADLE_PROJECT_REGEX))
|
|
159
|
+
project_name = project_match[1]
|
|
160
|
+
line = line.sub(GRADLE_PROJECT_REGEX, "__PROJECT_GROUP__:__PROJECT_NAME__:__PROJECT_REQUIREMENT__") # project names can have colons, which breaks our split(":") below, so sub it out until after we've parsed the line.
|
|
161
|
+
else
|
|
162
|
+
project_name = ""
|
|
163
|
+
end
|
|
164
|
+
|
|
151
165
|
dep = line
|
|
152
166
|
.split(split)[1].sub(/(\((c|n|\*)\))$/, "") # line ending legend: (c) means a dependency constraint, (n) means not resolved, or (*) means resolved previously, e.g. org.springframework.boot:spring-boot-starter-web:2.1.0.M3 (*)
|
|
153
167
|
.sub(/ FAILED$/, "") # dependency could not be resolved (but still may have a version)
|
|
154
168
|
.sub(" -> ", ":") # handle version arrow syntax
|
|
155
|
-
.strip
|
|
169
|
+
.strip
|
|
170
|
+
.split(":")
|
|
171
|
+
.map do |part|
|
|
172
|
+
part
|
|
173
|
+
.sub(/__PROJECT_GROUP__/, "internal")# give all projects a group namespace of "internal"
|
|
174
|
+
.sub(/__PROJECT_NAME__/, project_name)
|
|
175
|
+
.sub(/__PROJECT_REQUIREMENT__/, "1.0.0") # give all projects a requirement of "1.0.0".
|
|
176
|
+
end # replace placeholders after we've parsed the line
|
|
156
177
|
|
|
157
178
|
# A testImplementation line can look like this so just skip those
|
|
158
179
|
# \--- org.springframework.security:spring-security-test (n)
|
|
@@ -167,6 +188,15 @@ module Bibliothecary
|
|
|
167
188
|
requirement: dep[-1],
|
|
168
189
|
type: type
|
|
169
190
|
}
|
|
191
|
+
elsif dep.count == 5
|
|
192
|
+
# get name from renamed package resolution "org:name -> renamed_org:name:version"
|
|
193
|
+
{
|
|
194
|
+
original_name: dep[0,2].join(":"),
|
|
195
|
+
original_requirement: "*",
|
|
196
|
+
name: dep[-3..-2].join(":"),
|
|
197
|
+
requirement: dep[-1],
|
|
198
|
+
type: type
|
|
199
|
+
}
|
|
170
200
|
else
|
|
171
201
|
# get name from version conflict resolution ("org:name:version -> version") and no-resolution ("org:name:version")
|
|
172
202
|
{
|
|
@@ -179,7 +209,7 @@ module Bibliothecary
|
|
|
179
209
|
.compact
|
|
180
210
|
# Prefer duplicate deps with the aliased ones first, so we don't lose the aliases in the next uniq step.
|
|
181
211
|
.sort_by { |dep| dep.key?(:original_name) || dep.key?(:original_requirement) ? 0 : 1 }
|
|
182
|
-
.uniq { |item|
|
|
212
|
+
.uniq { |item| item.values_at(:name, :requirement, :type, :original_name, :original_requirement) }
|
|
183
213
|
end
|
|
184
214
|
|
|
185
215
|
def self.parse_maven_resolved(file_contents, options: {})
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: bibliothecary
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 8.
|
|
4
|
+
version: 8.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Andrew Nesbitt
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-08-18 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: tomlrb
|
|
@@ -339,7 +339,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
339
339
|
- !ruby/object:Gem::Version
|
|
340
340
|
version: '0'
|
|
341
341
|
requirements: []
|
|
342
|
-
rubygems_version: 3.1.
|
|
342
|
+
rubygems_version: 3.1.6
|
|
343
343
|
signing_key:
|
|
344
344
|
specification_version: 4
|
|
345
345
|
summary: Find and parse manifests
|