bibliothecary 8.3.9 → 8.4.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/bibliothecary/parsers/maven.rb +33 -8
- data/lib/bibliothecary/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c21d1063a79efb1b133d650ba0d24754c26a9487341cc9e711f5387d22912602
|
|
4
|
+
data.tar.gz: f75fd37ef4c6262b3c23e908b6a044187ac048c96398eb8e7312b020e259ca6d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d513694486a3af6bd68c654c022bf30e2ce601cf2f0150b41f824368ba5f826a47ec688c6a8e32adce516ac35bbe7baa234992d0d1cb24d4b630ba221ceaf92b
|
|
7
|
+
data.tar.gz: 63ae337f307b054c7b5c846c9847780a5a2f4a9d97502fd589ff35280acfd77f026a2abcb193dc2bb48ffb309c216561841d49b53cc985659ffbb72bc930dda1
|
|
@@ -9,9 +9,18 @@ module Bibliothecary
|
|
|
9
9
|
# e.g. "annotationProcessor - Annotation processors and their dependencies for source set 'main'."
|
|
10
10
|
GRADLE_TYPE_REGEX = /^(\w+)/
|
|
11
11
|
|
|
12
|
-
# "| \\--- com.google.guava:guava:23.5-jre (*)"
|
|
12
|
+
# e.g. "| \\--- com.google.guava:guava:23.5-jre (*)"
|
|
13
13
|
GRADLE_DEP_REGEX = /(\+---|\\---){1}/
|
|
14
14
|
|
|
15
|
+
# Project declaration lines so we know the current project name
|
|
16
|
+
# e.g. "Project ':submodules:test'" (this example is a project nested in submodules/test/ folder)
|
|
17
|
+
GRADLE_PROJECT_DECLARATION_REGEX = /Project '?:([^\s']+)'?/
|
|
18
|
+
|
|
19
|
+
# Dependencies that are on-disk projects, eg:
|
|
20
|
+
# e.g. "\--- project :api:my-internal-project"
|
|
21
|
+
# e.g. "+--- my-group:my-alias:1.2.3 -> project :client (*)"
|
|
22
|
+
GRADLE_PROJECT_REGEX = /project :(\S+)?/
|
|
23
|
+
|
|
15
24
|
# Builtin methods: https://docs.gradle.org/current/userguide/java_plugin.html#tab:configurations
|
|
16
25
|
# Deprecated methods: https://docs.gradle.org/current/userguide/upgrading_version_6.html#sec:configuration_removal
|
|
17
26
|
GRADLE_DEPENDENCY_METHODS = %w(api compile compileClasspath compileOnly compileOnlyApi implementation runtime runtimeClasspath runtimeOnly testCompile testCompileOnly testImplementation testRuntime testRuntimeOnly)
|
|
@@ -138,21 +147,37 @@ module Bibliothecary
|
|
|
138
147
|
end
|
|
139
148
|
|
|
140
149
|
def self.parse_gradle_resolved(file_contents, options: {})
|
|
141
|
-
|
|
150
|
+
current_type = nil
|
|
151
|
+
current_project = nil
|
|
152
|
+
|
|
142
153
|
file_contents.split("\n").map do |line|
|
|
143
|
-
|
|
144
|
-
|
|
154
|
+
current_type_match = GRADLE_TYPE_REGEX.match(line)
|
|
155
|
+
current_type = current_type_match.captures[0] if current_type_match
|
|
156
|
+
|
|
157
|
+
current_project_match = GRADLE_PROJECT_DECLARATION_REGEX.match(line)
|
|
158
|
+
current_project = current_project_match.captures[0] if current_project_match
|
|
145
159
|
|
|
146
160
|
gradle_dep_match = GRADLE_DEP_REGEX.match(line)
|
|
147
161
|
next unless gradle_dep_match
|
|
148
162
|
|
|
149
163
|
split = gradle_dep_match.captures[0]
|
|
150
164
|
|
|
165
|
+
# gradle can import on-disk projects and deps will be listed under them, e.g. `+--- project :test:integration`,
|
|
166
|
+
# so we treat these projects as "internal" deps with requirement of "1.0.0"
|
|
167
|
+
if (project_match = line.match(GRADLE_PROJECT_REGEX))
|
|
168
|
+
# project names can have colons (e.g. for gradle projects in subfolders), which breaks maven artifact naming assumptions, so just replace them with hyphens.
|
|
169
|
+
project_name = (project_match[1] || current_project).gsub(/:/, "-")
|
|
170
|
+
line = line.sub(GRADLE_PROJECT_REGEX, "internal:#{project_name}:1.0.0")
|
|
171
|
+
else
|
|
172
|
+
project_name = ""
|
|
173
|
+
end
|
|
174
|
+
|
|
151
175
|
dep = line
|
|
152
176
|
.split(split)[1].sub(/(\((c|n|\*)\))$/, "") # line ending legend: (c) means a dependency constraint, (n) means not resolved, or (*) means resolved previously, e.g. org.springframework.boot:spring-boot-starter-web:2.1.0.M3 (*)
|
|
153
177
|
.sub(/ FAILED$/, "") # dependency could not be resolved (but still may have a version)
|
|
154
178
|
.sub(" -> ", ":") # handle version arrow syntax
|
|
155
|
-
.strip
|
|
179
|
+
.strip
|
|
180
|
+
.split(":")
|
|
156
181
|
|
|
157
182
|
# A testImplementation line can look like this so just skip those
|
|
158
183
|
# \--- org.springframework.security:spring-security-test (n)
|
|
@@ -165,7 +190,7 @@ module Bibliothecary
|
|
|
165
190
|
original_requirement: dep[2],
|
|
166
191
|
name: dep[-3..-2].join(":"),
|
|
167
192
|
requirement: dep[-1],
|
|
168
|
-
type:
|
|
193
|
+
type: current_type
|
|
169
194
|
}
|
|
170
195
|
elsif dep.count == 5
|
|
171
196
|
# get name from renamed package resolution "org:name -> renamed_org:name:version"
|
|
@@ -174,14 +199,14 @@ module Bibliothecary
|
|
|
174
199
|
original_requirement: "*",
|
|
175
200
|
name: dep[-3..-2].join(":"),
|
|
176
201
|
requirement: dep[-1],
|
|
177
|
-
type:
|
|
202
|
+
type: current_type
|
|
178
203
|
}
|
|
179
204
|
else
|
|
180
205
|
# get name from version conflict resolution ("org:name:version -> version") and no-resolution ("org:name:version")
|
|
181
206
|
{
|
|
182
207
|
name: dep[0..1].join(":"),
|
|
183
208
|
requirement: dep[-1],
|
|
184
|
-
type:
|
|
209
|
+
type: current_type
|
|
185
210
|
}
|
|
186
211
|
end
|
|
187
212
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: bibliothecary
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 8.
|
|
4
|
+
version: 8.4.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Andrew Nesbitt
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-08-
|
|
11
|
+
date: 2022-08-20 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: tomlrb
|