bibliothecary 8.6.5 → 8.7.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 58c0282aec64e81ed313f123670287697f3718e64276e1260030833d70baf892
4
- data.tar.gz: be3e9107d5fb2a0968acca81878d4c0bab062bf5b9d994121af2d682a4e8d278
3
+ metadata.gz: 39af4653f19e0376f945656791b9dc2eb6e60f5d519a9a0e947e4623827376d2
4
+ data.tar.gz: c2a6b01a1d14abffde071d07a95a28e851e85c61a89fe3ebb5239c82f2cef3fd
5
5
  SHA512:
6
- metadata.gz: 211d953af085e4495325cdd450816f6747ce42b1d8e9c55852e2a50786190466a885cd70b8c454ec1c5d6872ce55f6d8a8ecddd03be7ca2faa02450216f84242
7
- data.tar.gz: 74ba743b92e5858c8cc6d7341bf2dda8ff9ce7fdabdff58f44e544554fbc538ae9909726cfcb588d222fa9e1b490d0db9e4ff45896f6f13c375fd1e4ea978f95
6
+ metadata.gz: 5e923a36a18760a6f3acdc05f7330de7704c42f235fd1bbee880dc7d7ea3bf1604ea8ecd060f6984db7a32ac6b552d10cd19d8b6257153fc7c19f55430234661
7
+ data.tar.gz: a65aed02e5de4338a4c48ce44f77b2119fee0a26be51c7bac1bd18cdf8a51ceebed0305e16b965483cf4d2452ba63f3557de93acd29b474428245d62bceac707
@@ -1,6 +1,10 @@
1
1
  require 'ox'
2
2
  require 'strings-ansi'
3
3
 
4
+ # Known shortcomings and unimplemented Maven features:
5
+ # pom.xml
6
+ # <exclusions> cannot be taken into account (because it requires knowledge of transitive deps)
7
+ # <properties> are the only thing inherited from parent poms currenly
4
8
  module Bibliothecary
5
9
  module Parsers
6
10
  class Maven
@@ -270,18 +274,40 @@ module Bibliothecary
270
274
  manifest = Ox.parse file_contents
271
275
  xml = manifest.respond_to?('project') ? manifest.project : manifest
272
276
  [].tap do |deps|
273
- ['dependencies/dependency', 'dependencyManagement/dependencies/dependency'].each do |deps_xpath|
274
- xml.locate(deps_xpath).each do |dep|
275
- dep_hash = {
276
- name: "#{extract_pom_dep_info(xml, dep, 'groupId', parent_properties)}:#{extract_pom_dep_info(xml, dep, 'artifactId', parent_properties)}",
277
- requirement: extract_pom_dep_info(xml, dep, 'version', parent_properties),
278
- type: extract_pom_dep_info(xml, dep, 'scope', parent_properties) || 'runtime',
279
- }
280
- # optional field is, itself, optional, and will be either "true" or "false"
281
- optional = extract_pom_dep_info(xml, dep, 'optional', parent_properties)
282
- dep_hash[:optional] = optional == "true" unless optional.nil?
283
- deps.push(dep_hash)
277
+ # <dependencyManagement> is a namespace to specify artifact configuration (e.g. version), but it doesn't
278
+ # actually add dependencies to your project. Grab these and keep them for reference while parsing <dependencies>
279
+ # Ref: https://maven.apache.org/pom.html#Dependency_Management
280
+ # Ref: https://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html#transitive-dependencies
281
+ dependencyManagement = xml.locate("dependencyManagement/dependencies/dependency").map do |dep|
282
+ {
283
+ groupId: extract_pom_dep_info(xml, dep, "groupId", parent_properties),
284
+ artifactId: extract_pom_dep_info(xml, dep, "artifactId", parent_properties),
285
+ version: extract_pom_dep_info(xml, dep, "version", parent_properties),
286
+ scope: extract_pom_dep_info(xml, dep, "scope", parent_properties),
287
+ }
288
+ end
289
+ # <dependencies> is the namespace that will add dependencies to your project.
290
+ xml.locate("dependencies/dependency").each do |dep|
291
+ groupId = extract_pom_dep_info(xml, dep, 'groupId', parent_properties)
292
+ artifactId = extract_pom_dep_info(xml, dep, 'artifactId', parent_properties)
293
+ version = extract_pom_dep_info(xml, dep, 'version', parent_properties)
294
+ scope = extract_pom_dep_info(xml, dep, 'scope', parent_properties)
295
+
296
+ # Use any dep configurations from <dependencyManagement> as fallbacks
297
+ if (depConfig = dependencyManagement.find { |d| d[:groupId] == groupId && d[:artifactId] == artifactId })
298
+ version ||= depConfig[:version]
299
+ scope ||= depConfig[:scope]
284
300
  end
301
+
302
+ dep_hash = {
303
+ name: "#{groupId}:#{artifactId}",
304
+ requirement: version,
305
+ type: scope || 'runtime',
306
+ }
307
+ # optional field is, itself, optional, and will be either "true" or "false"
308
+ optional = extract_pom_dep_info(xml, dep, 'optional', parent_properties)
309
+ dep_hash[:optional] = optional == "true" unless optional.nil?
310
+ deps.push(dep_hash)
285
311
  end
286
312
  end
287
313
  end
@@ -1,3 +1,3 @@
1
1
  module Bibliothecary
2
- VERSION = "8.6.5"
2
+ VERSION = "8.7.0"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bibliothecary
3
3
  version: !ruby/object:Gem::Version
4
- version: 8.6.5
4
+ version: 8.7.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andrew Nesbitt
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-08-10 00:00:00.000000000 Z
11
+ date: 2023-09-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: tomlrb
@@ -248,7 +248,7 @@ dependencies:
248
248
  - - ">="
249
249
  - !ruby/object:Gem::Version
250
250
  version: '0'
251
- description:
251
+ description:
252
252
  email:
253
253
  - andrewnez@gmail.com
254
254
  executables:
@@ -326,7 +326,7 @@ homepage: https://github.com/librariesio/bibliothecary
326
326
  licenses:
327
327
  - AGPL-3.0
328
328
  metadata: {}
329
- post_install_message:
329
+ post_install_message:
330
330
  rdoc_options: []
331
331
  require_paths:
332
332
  - lib
@@ -341,8 +341,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
341
341
  - !ruby/object:Gem::Version
342
342
  version: '0'
343
343
  requirements: []
344
- rubygems_version: 3.1.6
345
- signing_key:
344
+ rubygems_version: 3.3.22
345
+ signing_key:
346
346
  specification_version: 4
347
347
  summary: Find and parse manifests
348
348
  test_files: []