bibliothecary 8.7.4 → 8.7.5

data/lib/bibliothecary/parsers/pypi.rb

@@ -15,73 +15,73 @@ module Bibliothecary
       PIP_COMPILE_REGEXP = /.*require.*$/
 
       # Adapted from https://peps.python.org/pep-0508/#names
-      PEP_508_NAME_REGEX = /^([A-Z0-9][A-Z0-9._-]*[A-Z0-9]|[A-Z0-9])/i
+      PEP_508_NAME_REGEXP = /^([A-Z0-9][A-Z0-9._-]*[A-Z0-9]|[A-Z0-9])/i
 
       def self.mapping
         {
-          match_filenames('requirements-dev.txt', 'requirements/dev.txt',
-                          'requirements-docs.txt', 'requirements/docs.txt',
-                          'requirements-test.txt', 'requirements/test.txt',
-                          'requirements-tools.txt', 'requirements/tools.txt') => {
-            kind: 'manifest',
-            parser: :parse_requirements_txt
+          match_filenames("requirements-dev.txt", "requirements/dev.txt",
+                          "requirements-docs.txt", "requirements/docs.txt",
+                          "requirements-test.txt", "requirements/test.txt",
+                          "requirements-tools.txt", "requirements/tools.txt") => {
+            kind: "manifest",
+            parser: :parse_requirements_txt,
           },
           lambda { |p| PIP_COMPILE_REGEXP.match(p) } => {
             content_matcher: :pip_compile?,
-            kind: 'lockfile',
-            parser: :parse_requirements_txt
+            kind: "lockfile",
+            parser: :parse_requirements_txt,
           },
           lambda { |p| MANIFEST_REGEXP.match(p) } => {
-            kind: 'manifest',
+            kind: "manifest",
             parser: :parse_requirements_txt,
-            can_have_lockfile: false
+            can_have_lockfile: false,
           },
-          match_filename('requirements.frozen') => { # pattern exists to store frozen deps in requirements.frozen
+          match_filename("requirements.frozen") => { # pattern exists to store frozen deps in requirements.frozen
             parser: :parse_requirements_txt,
-            kind: 'lockfile'
+            kind: "lockfile",
           },
-          match_filename('pip-resolved-dependencies.txt') => { # Inferred from pip
-            kind: 'lockfile',
-            parser: :parse_requirements_txt
+          match_filename("pip-resolved-dependencies.txt") => { # Inferred from pip
+            kind: "lockfile",
+            parser: :parse_requirements_txt,
           },
           match_filename("setup.py") => {
-            kind: 'manifest',
+            kind: "manifest",
             parser: :parse_setup_py,
-            can_have_lockfile: false
+            can_have_lockfile: false,
           },
           match_filename("Pipfile") => {
-            kind: 'manifest',
-            parser: :parse_pipfile
+            kind: "manifest",
+            parser: :parse_pipfile,
           },
           match_filename("Pipfile.lock") => {
-            kind: 'lockfile',
-            parser: :parse_pipfile_lock
+            kind: "lockfile",
+            parser: :parse_pipfile_lock,
           },
           match_filename("pyproject.toml") => {
-            kind: 'manifest',
-            parser: :parse_pyproject
+            kind: "manifest",
+            parser: :parse_pyproject,
           },
           match_filename("poetry.lock") => {
-            kind: 'lockfile',
-            parser: :parse_poetry_lock
+            kind: "lockfile",
+            parser: :parse_poetry_lock,
           },
           # Pip dependencies can be embedded in conda environment files
           match_filename("environment.yml") => {
             parser: :parse_conda,
-            kind: "manifest"
+            kind: "manifest",
           },
           match_filename("environment.yaml") => {
             parser: :parse_conda,
-            kind: "manifest"
+            kind: "manifest",
           },
           match_filename("environment.yml.lock") => {
             parser: :parse_conda,
-            kind: "lockfile"
+            kind: "lockfile",
           },
           match_filename("environment.yaml.lock") => {
             parser: :parse_conda,
-            kind: "lockfile"
-          }
+            kind: "lockfile",
+          },
         }
       end
 
@@ -89,21 +89,21 @@ module Bibliothecary
       add_multi_parser(Bibliothecary::MultiParsers::DependenciesCSV)
       add_multi_parser(Bibliothecary::MultiParsers::Spdx)
 
-      def self.parse_pipfile(file_contents, options: {})
+      def self.parse_pipfile(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
         manifest = Tomlrb.parse(file_contents)
-        map_dependencies(manifest['packages'], 'runtime') + map_dependencies(manifest['dev-packages'], 'develop')
+        map_dependencies(manifest["packages"], "runtime") + map_dependencies(manifest["dev-packages"], "develop")
       end
 
-      def self.parse_pyproject(file_contents, options: {})
+      def self.parse_pyproject(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
         deps = []
 
         file_contents = Tomlrb.parse(file_contents)
 
         # Parse poetry [tool.poetry] deps
-        poetry_manifest = file_contents.fetch('tool', {}).fetch('poetry', {})
-        deps += map_dependencies(poetry_manifest['dependencies'], 'runtime')
+        poetry_manifest = file_contents.fetch("tool", {}).fetch("poetry", {})
+        deps += map_dependencies(poetry_manifest["dependencies"], "runtime")
         # Poetry 1.0.0-1.2.0 way of defining dev deps
-        deps += map_dependencies(poetry_manifest['dev-dependencies'], 'develop')
+        deps += map_dependencies(poetry_manifest["dev-dependencies"], "develop")
         # Poetry's 1.2.0+ of defining dev deps
         poetry_manifest
           .fetch("group", {})
@@ -113,9 +113,9 @@ module Bibliothecary
           end
 
         # Parse PEP621 [project] deps
-        pep621_manifest = file_contents.fetch('project', {})
-        pep621_deps = pep621_manifest.fetch('dependencies', []).map { |d| parse_pep_508_dep_spec(d) }
-        deps += map_dependencies(pep621_deps, 'runtime')
+        pep621_manifest = file_contents.fetch("project", {})
+        pep621_deps = pep621_manifest.fetch("dependencies", []).map { |d| parse_pep_508_dep_spec(d) }
+        deps += map_dependencies(pep621_deps, "runtime")
 
         # We're combining both poetry+PEP621 deps instead of making them mutually exclusive, until we
         # find a reason not to ingest them both.
@@ -128,7 +128,7 @@ module Bibliothecary
         parse_pyproject(file_contents, options)
       end
 
-      def self.parse_conda(file_contents, options: {})
+      def self.parse_conda(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
         contents = YAML.safe_load(file_contents)
         return [] unless contents
 
@@ -145,64 +145,64 @@ module Bibliothecary
           {
             name: name,
             requirement: map_requirements(info),
-            type: type
+            type: type,
           }
         end
       end
 
       def self.map_requirements(info)
         if info.is_a?(Hash)
-          if info['version']
-            info['version']
-          elsif info['git']
-            info['git'] + '#' + info['ref']
+          if info["version"]
+            info["version"]
+          elsif info["git"]
+            info["git"] + "#" + info["ref"]
           else
-            '*'
+            "*"
           end
         else
-          info || '*'
+          info || "*"
         end
       end
 
-      def self.parse_pipfile_lock(file_contents, options: {})
+      def self.parse_pipfile_lock(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
         manifest = JSON.parse(file_contents)
         deps = []
         manifest.each do |group, dependencies|
           next if group == "_meta"
-          group = 'runtime' if group == 'default'
+          group = "runtime" if group == "default"
           dependencies.each do |name, info|
             deps << {
               name: name,
               requirement: map_requirements(info),
-              type: group
+              type: group,
             }
           end
         end
         deps
       end
 
-      def self.parse_poetry_lock(file_contents, options: {})
+      def self.parse_poetry_lock(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
         manifest = Tomlrb.parse(file_contents)
         deps = []
         manifest["package"].each do |package|
           # next if group == "_meta"
-          group = case package['category']
-                  when 'dev'
-                    'develop'
+          group = case package["category"]
+                  when "dev"
+                    "develop"
                   else
-                    'runtime'
+                    "runtime"
                   end
 
           deps << {
-            name: package['name'],
+            name: package["name"],
             requirement: map_requirements(package),
-            type: group
+            type: group,
           }
         end
         deps
       end
 
-      def self.parse_setup_py(file_contents, options: {})
+      def self.parse_setup_py(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
         match = file_contents.match(INSTALL_REGEXP)
         return [] unless match
         deps = []
@@ -212,8 +212,8 @@ module Bibliothecary
           next unless match
           deps << {
             name: match[1],
-            requirement: match[-1] || '*',
-            type: 'runtime'
+            requirement: match[-1] || "*",
+            type: "runtime",
           }
         end
         deps
@@ -229,22 +229,22 @@ module Bibliothecary
       # https://pip.pypa.io/en/stable/cli/pip_install/#requirement-specifiers
       # and https://pip.pypa.io/en/stable/topics/vcs-support/#git.
       # Invalid lines in requirements.txt are skipped.
-      def self.parse_requirements_txt(file_contents, options: {})
+      def self.parse_requirements_txt(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
         deps = []
         type = case options[:filename]
                when /dev/ || /docs/ || /tools/
-                 'development'
+                 "development"
                when /test/
-                 'test'
+                 "test"
                else
-                 'runtime'
+                 "runtime"
                end
 
         file_contents.split("\n").each do |line|
-          if line['://']
+          if line["://"]
             begin
               result = parse_requirements_txt_url(line)
-            rescue URI::Error, NoEggSpecified => e
+            rescue URI::Error, NoEggSpecified
               next
             end
 
@@ -252,13 +252,13 @@ module Bibliothecary
               type: type
             )
           else
-            match = line.delete(' ').match(REQUIREMENTS_REGEXP)
+            match = line.delete(" ").match(REQUIREMENTS_REGEXP)
             next unless match
 
             deps << {
               name: match[1],
-              requirement: match[-1] || '*',
-              type: type
+              requirement: match[-1] || "*",
+              type: type,
             }
           end
         end
@@ -289,7 +289,7 @@ module Bibliothecary
       # Simply parses out the name of a PEP 508 Dependency specification: https://peps.python.org/pep-0508/
       # Leaves the rest as-is with any leading semicolons or spaces stripped
       def self.parse_pep_508_dep_spec(dep)
-        name, requirement = dep.split(PEP_508_NAME_REGEX, 2).last(2).map(&:strip)
+        name, requirement = dep.split(PEP_508_NAME_REGEXP, 2).last(2).map(&:strip)
         requirement = requirement.sub(/^[\s;]*/, "")
         requirement = "*" if requirement == ""
         return name, requirement

data/lib/bibliothecary/parsers/rubygems.rb

@@ -1,4 +1,4 @@
-require 'gemnasium/parser'
+require "gemnasium/parser"
 
 module Bibliothecary
   module Parsers
@@ -13,20 +13,20 @@ module Bibliothecary
       def self.mapping
         {
           match_filenames("Gemfile", "gems.rb") => {
-            kind: 'manifest',
+            kind: "manifest",
             parser: :parse_gemfile,
-            related_to: [ 'manifest', 'lockfile' ]
+            related_to: [ "manifest", "lockfile" ],
           },
           match_extension(".gemspec") => {
-            kind: 'manifest',
+            kind: "manifest",
             parser: :parse_gemspec,
-            related_to: [ 'manifest', 'lockfile' ]
+            related_to: [ "manifest", "lockfile" ],
           },
           match_filenames("Gemfile.lock", "gems.locked") => {
-            kind: 'lockfile',
+            kind: "lockfile",
             parser: :parse_gemfile_lock,
-            related_to: [ 'manifest', 'lockfile' ]
-          }
+            related_to: [ "manifest", "lockfile" ],
+          },
         }
       end
 
@@ -34,7 +34,7 @@ module Bibliothecary
       add_multi_parser(Bibliothecary::MultiParsers::DependenciesCSV)
       add_multi_parser(Bibliothecary::MultiParsers::Spdx)
 
-      def self.parse_gemfile_lock(file_contents, options: {})
+      def self.parse_gemfile_lock(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
         file_contents.lines(chomp: true).map do |line|
           match = line.match(NAME_VERSION_4)
           bundler_match = line.match(BUNDLED_WITH)
@@ -42,11 +42,11 @@ module Bibliothecary
 
           if match
             name = match[1]
-            version = match[2].gsub(/\(|\)/,'')
+            version = match[2].gsub(/\(|\)/,"")
             {
               name: name,
               requirement: version,
-              type: 'runtime'
+              type: "runtime",
             }
           else
             parse_bundler(file_contents)
@@ -54,12 +54,12 @@ module Bibliothecary
         end.compact
       end
 
-      def self.parse_gemfile(file_contents, options: {})
+      def self.parse_gemfile(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
         manifest = Gemnasium::Parser.send(:gemfile, file_contents)
         parse_ruby_manifest(manifest)
       end
 
-      def self.parse_gemspec(file_contents, options: {})
+      def self.parse_gemspec(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
         manifest = Gemnasium::Parser.send(:gemspec, file_contents)
         parse_ruby_manifest(manifest)
       end
@@ -71,9 +71,9 @@ module Bibliothecary
         return nil unless version
 
         {
-          name: 'bundler',
+          name: "bundler",
           requirement: version,
-          type: 'runtime'
+          type: "runtime",
         }
       end
     end

data/lib/bibliothecary/parsers/shard.rb

@@ -1,4 +1,4 @@
-require 'yaml'
+require "yaml"
 
 module Bibliothecary
   module Parsers
@@ -8,35 +8,35 @@ module Bibliothecary
       def self.mapping
         {
           match_filename("shard.yml", case_insensitive: true) => {
-            kind: 'manifest',
-            parser: :parse_yaml_manifest
+            kind: "manifest",
+            parser: :parse_yaml_manifest,
           },
           match_filename("shard.lock", case_insensitive: true) => {
-            kind: 'lockfile',
-            parser: :parse_yaml_lockfile
-          }
+            kind: "lockfile",
+            parser: :parse_yaml_lockfile,
+          },
         }
       end
 
       add_multi_parser(Bibliothecary::MultiParsers::DependenciesCSV)
 
-      def self.parse_yaml_lockfile(file_contents, options: {})
+      def self.parse_yaml_lockfile(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
         manifest = YAML.load file_contents
-        map_dependencies(manifest, 'shards', 'runtime')
+        map_dependencies(manifest, "shards", "runtime")
       end
 
-      def self.parse_yaml_manifest(file_contents, options: {})
+      def self.parse_yaml_manifest(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
         manifest = YAML.load file_contents
-        map_dependencies(manifest, 'dependencies', 'runtime') +
-        map_dependencies(manifest, 'development_dependencies', 'runtime')
+        map_dependencies(manifest, "dependencies", "runtime") +
+        map_dependencies(manifest, "development_dependencies", "runtime")
       end
 
       def self.map_dependencies(hash, key, type)
         hash.fetch(key,[]).map do |name, requirement|
           {
             name: name,
-            requirement: requirement['version'] || '*',
-            type: type
+            requirement: requirement["version"] || "*",
+            type: type,
           }
         end
       end

data/lib/bibliothecary/parsers/swift_pm.rb

@@ -6,9 +6,9 @@ module Bibliothecary
       def self.mapping
         {
           match_filename("Package.swift", case_insensitive: true) => {
-            kind: 'manifest',
-            parser: :parse_package_swift
-          }
+            kind: "manifest",
+            parser: :parse_package_swift,
+          },
         }
       end
 
@@ -16,17 +16,17 @@ module Bibliothecary
       add_multi_parser(Bibliothecary::MultiParsers::DependenciesCSV)
       add_multi_parser(Bibliothecary::MultiParsers::Spdx)
 
-      def self.parse_package_swift(file_contents, options: {})
+      def self.parse_package_swift(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
         response = Typhoeus.post("#{Bibliothecary.configuration.swift_parser_host}/to-json", body: file_contents)
         raise Bibliothecary::RemoteParsingError.new("Http Error #{response.response_code} when contacting: #{Bibliothecary.configuration.swift_parser_host}/to-json", response.response_code) unless response.success?
         json = JSON.parse(response.body)
         json["dependencies"].map do |dependency|
-          name = dependency['url'].gsub(/^https?:\/\//, '').gsub(/\.git$/,'')
+          name = dependency["url"].gsub(/^https?:\/\//, "").gsub(/\.git$/,"")
           version = "#{dependency['version']['lowerBound']} - #{dependency['version']['upperBound']}"
           {
             name: name,
             requirement: version,
-            type: 'runtime'
+            type: "runtime",
           }
         end
       end

data/lib/bibliothecary/purl_util.rb

@@ -16,6 +16,6 @@ module Bibliothecary
     "hex" => :hex,
     "nuget" => :nuget,
     "pypi" => :pypi,
-    "swift" => :swift_pm
+    "swift" => :swift_pm,
   }.freeze
 end

data/lib/bibliothecary/runner.rb

@@ -6,7 +6,7 @@ module Bibliothecary
     def initialize(configuration)
       @configuration = configuration
       @options = {
-        cache: {}
+        cache: {},
       }
     end
 
@@ -24,8 +24,8 @@ module Bibliothecary
       analyses = analyses.flatten.compact
 
       info_list.select { |info| info.package_manager.nil? }.each do |info|
-        analyses.push(Bibliothecary::Analyser::create_error_analysis('unknown', info.relative_path, 'unknown',
-                                                                     'No parser for this file type'))
+        analyses.push(Bibliothecary::Analyser::create_error_analysis("unknown", info.relative_path, "unknown",
+                                                                     "No parser for this file type"))
       end
 
       analyses
@@ -178,4 +178,4 @@ module Bibliothecary
   end
 end
 
-require_relative './runner/multi_manifest_filter.rb'
+require_relative "./runner/multi_manifest_filter.rb"

data/lib/bibliothecary/version.rb

@@ -1,3 +1,3 @@
 module Bibliothecary
-  VERSION = "8.7.4"
+  VERSION = "8.7.5"
 end

data/lib/bibliothecary.rb

@@ -9,10 +9,10 @@ require "bibliothecary/purl_util"
 require "find"
 require "tomlrb"
 
-Dir[File.expand_path('../bibliothecary/multi_parsers/*.rb', __FILE__)].each do |file|
+Dir[File.expand_path("../bibliothecary/multi_parsers/*.rb", __FILE__)].each do |file|
   require file
 end
-Dir[File.expand_path('../bibliothecary/parsers/*.rb', __FILE__)].each do |file|
+Dir[File.expand_path("../bibliothecary/parsers/*.rb", __FILE__)].each do |file|
   require file
 end
 
@@ -80,7 +80,7 @@ module Bibliothecary
     string
       .dup # ensure we don't have a frozen string
       .force_encoding("UTF-8") # treat all strings as utf8
-      .sub(/^\xEF\xBB\xBF/, '') # remove any Byte Order Marks so JSON, etc don't fail while parsing them.
+      .sub(/^\xEF\xBB\xBF/, "") # remove any Byte Order Marks so JSON, etc don't fail while parsing them.
   end
 
   class << self

data/lib/sdl_parser.rb

@@ -1,18 +1,18 @@
-require 'sdl4r'
+require "sdl4r"
 
 class SdlParser
   attr_reader :contents, :type
   def initialize(type, contents)
     @contents = contents
-    @type = type || 'runtime'
+    @type = type || "runtime"
   end
 
   def dependencies
-    parse.children('dependency').inject([]) do |deps, dep|
+    parse.children("dependency").inject([]) do |deps, dep|
       deps.push({
         name: dep.value,
-        requirement: dep.attribute('version') || ">= 0",
-        type: type
+        requirement: dep.attribute("version") || ">= 0",
+        type: type,
       })
     end.uniq
   end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bibliothecary
 version: !ruby/object:Gem::Version
-  version: 8.7.4
+  version: 8.7.5
 platform: ruby
 authors:
 - Andrew Nesbitt
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-12-11 00:00:00.000000000 Z
+date: 2024-01-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: tomlrb