bibliothecary 8.3.8 → 8.4.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.ruby-version +1 -1
- data/lib/bibliothecary/parsers/maven.rb +39 -9
- data/lib/bibliothecary/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 88bb227529774df01fff8b890d9a2ef3d4c211ff8cf7ddb012c0b0da83e867ad
|
|
4
|
+
data.tar.gz: 596d991826e48b1b42f00f795a8ab2e8da831b3dabf358c00c47fcd0e55a9daa
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c126388716f2676a601f6b59119f15471bc4c124cccebf15cde1149d25604d45abc9a338ada17785ac572a31871f495567e2a71b8ac7363f383b2f8ee05e2e76
|
|
7
|
+
data.tar.gz: 2bf471a522a8822646c28f481ad61dd805b682756ae8cf7017138cb0cd086157bec0aaa6885e349c60979d3d9ced4c6734e0e9e97c3c3fe52675246c2db2e344
|
data/.ruby-version
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
2.7.
|
|
1
|
+
2.7.6
|
|
@@ -9,9 +9,18 @@ module Bibliothecary
|
|
|
9
9
|
# e.g. "annotationProcessor - Annotation processors and their dependencies for source set 'main'."
|
|
10
10
|
GRADLE_TYPE_REGEX = /^(\w+)/
|
|
11
11
|
|
|
12
|
-
# "| \\--- com.google.guava:guava:23.5-jre (*)"
|
|
12
|
+
# e.g. "| \\--- com.google.guava:guava:23.5-jre (*)"
|
|
13
13
|
GRADLE_DEP_REGEX = /(\+---|\\---){1}/
|
|
14
14
|
|
|
15
|
+
# Project declaration lines so we know the current project name
|
|
16
|
+
# e.g. "Project ':submodules:test'" (this example is a project nested in submodules/test/ folder)
|
|
17
|
+
GRADLE_PROJECT_DECLARATION_REGEX = /Project '?:([^\s']+)'?/
|
|
18
|
+
|
|
19
|
+
# Dependencies that are on-disk projects, eg:
|
|
20
|
+
# e.g. "\--- project :api:my-internal-project"
|
|
21
|
+
# e.g. "+--- my-group:my-alias:1.2.3 -> project :client (*)"
|
|
22
|
+
GRADLE_PROJECT_REGEX = /project :(\S+)?/
|
|
23
|
+
|
|
15
24
|
# Builtin methods: https://docs.gradle.org/current/userguide/java_plugin.html#tab:configurations
|
|
16
25
|
# Deprecated methods: https://docs.gradle.org/current/userguide/upgrading_version_6.html#sec:configuration_removal
|
|
17
26
|
GRADLE_DEPENDENCY_METHODS = %w(api compile compileClasspath compileOnly compileOnlyApi implementation runtime runtimeClasspath runtimeOnly testCompile testCompileOnly testImplementation testRuntime testRuntimeOnly)
|
|
@@ -138,21 +147,42 @@ module Bibliothecary
|
|
|
138
147
|
end
|
|
139
148
|
|
|
140
149
|
def self.parse_gradle_resolved(file_contents, options: {})
|
|
141
|
-
|
|
150
|
+
current_type = nil
|
|
151
|
+
current_project = nil
|
|
152
|
+
|
|
142
153
|
file_contents.split("\n").map do |line|
|
|
143
|
-
|
|
144
|
-
|
|
154
|
+
current_type_match = GRADLE_TYPE_REGEX.match(line)
|
|
155
|
+
current_type = current_type_match.captures[0] if current_type_match
|
|
156
|
+
|
|
157
|
+
current_project_match = GRADLE_PROJECT_DECLARATION_REGEX.match(line)
|
|
158
|
+
current_project = current_project_match.captures[0] if current_project_match
|
|
145
159
|
|
|
146
160
|
gradle_dep_match = GRADLE_DEP_REGEX.match(line)
|
|
147
161
|
next unless gradle_dep_match
|
|
148
162
|
|
|
149
163
|
split = gradle_dep_match.captures[0]
|
|
150
164
|
|
|
165
|
+
# gradle can import on-disk projects and deps will be listed under them, e.g. `+--- project :pie2-testing`,
|
|
166
|
+
# so we treat these projects as internal deps themselves (["internal:foo","0.0.0"])
|
|
167
|
+
if (project_match = line.match(GRADLE_PROJECT_REGEX))
|
|
168
|
+
project_name = project_match[1] || current_project
|
|
169
|
+
line = line.sub(GRADLE_PROJECT_REGEX, "__PROJECT_GROUP__:__PROJECT_NAME__:__PROJECT_REQUIREMENT__") # project names can have colons, which breaks our split(":") below, so sub it out until after we've parsed the line.
|
|
170
|
+
else
|
|
171
|
+
project_name = ""
|
|
172
|
+
end
|
|
173
|
+
|
|
151
174
|
dep = line
|
|
152
175
|
.split(split)[1].sub(/(\((c|n|\*)\))$/, "") # line ending legend: (c) means a dependency constraint, (n) means not resolved, or (*) means resolved previously, e.g. org.springframework.boot:spring-boot-starter-web:2.1.0.M3 (*)
|
|
153
176
|
.sub(/ FAILED$/, "") # dependency could not be resolved (but still may have a version)
|
|
154
177
|
.sub(" -> ", ":") # handle version arrow syntax
|
|
155
|
-
.strip
|
|
178
|
+
.strip
|
|
179
|
+
.split(":")
|
|
180
|
+
.map do |part|
|
|
181
|
+
part
|
|
182
|
+
.sub(/__PROJECT_GROUP__/, "internal") # give all projects a group namespace of "internal"
|
|
183
|
+
.sub(/__PROJECT_NAME__/, project_name)
|
|
184
|
+
.sub(/__PROJECT_REQUIREMENT__/, "1.0.0") # give all projects a requirement of "1.0.0".
|
|
185
|
+
end # replace placeholders after we've parsed the line
|
|
156
186
|
|
|
157
187
|
# A testImplementation line can look like this so just skip those
|
|
158
188
|
# \--- org.springframework.security:spring-security-test (n)
|
|
@@ -165,7 +195,7 @@ module Bibliothecary
|
|
|
165
195
|
original_requirement: dep[2],
|
|
166
196
|
name: dep[-3..-2].join(":"),
|
|
167
197
|
requirement: dep[-1],
|
|
168
|
-
type:
|
|
198
|
+
type: current_type
|
|
169
199
|
}
|
|
170
200
|
elsif dep.count == 5
|
|
171
201
|
# get name from renamed package resolution "org:name -> renamed_org:name:version"
|
|
@@ -174,21 +204,21 @@ module Bibliothecary
|
|
|
174
204
|
original_requirement: "*",
|
|
175
205
|
name: dep[-3..-2].join(":"),
|
|
176
206
|
requirement: dep[-1],
|
|
177
|
-
type:
|
|
207
|
+
type: current_type
|
|
178
208
|
}
|
|
179
209
|
else
|
|
180
210
|
# get name from version conflict resolution ("org:name:version -> version") and no-resolution ("org:name:version")
|
|
181
211
|
{
|
|
182
212
|
name: dep[0..1].join(":"),
|
|
183
213
|
requirement: dep[-1],
|
|
184
|
-
type:
|
|
214
|
+
type: current_type
|
|
185
215
|
}
|
|
186
216
|
end
|
|
187
217
|
end
|
|
188
218
|
.compact
|
|
189
219
|
# Prefer duplicate deps with the aliased ones first, so we don't lose the aliases in the next uniq step.
|
|
190
220
|
.sort_by { |dep| dep.key?(:original_name) || dep.key?(:original_requirement) ? 0 : 1 }
|
|
191
|
-
.uniq { |item|
|
|
221
|
+
.uniq { |item| item.values_at(:name, :requirement, :type, :original_name, :original_requirement) }
|
|
192
222
|
end
|
|
193
223
|
|
|
194
224
|
def self.parse_maven_resolved(file_contents, options: {})
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: bibliothecary
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 8.
|
|
4
|
+
version: 8.4.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Andrew Nesbitt
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-08-
|
|
11
|
+
date: 2022-08-19 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: tomlrb
|
|
@@ -339,7 +339,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
339
339
|
- !ruby/object:Gem::Version
|
|
340
340
|
version: '0'
|
|
341
341
|
requirements: []
|
|
342
|
-
rubygems_version: 3.1.
|
|
342
|
+
rubygems_version: 3.1.6
|
|
343
343
|
signing_key:
|
|
344
344
|
specification_version: 4
|
|
345
345
|
summary: Find and parse manifests
|