bibliothecary 12.1.7 → 12.1.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +13 -2
- data/lib/bibliothecary/parsers/pypi.rb +42 -21
- data/lib/bibliothecary/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 77ce2638e657925c2ce0457675ddafea27858758ec53f68f996667eb21ac290c
|
|
4
|
+
data.tar.gz: 7027d2ce73799ee52fdb6665fbaa115d2d630676cf777a740d62fae5ffa90534
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9f12ee44667a46ec862d620870f1372755efe70af26243320b785e854c37e6ed7047d0988eadbe9758a9194c32d5f85772f5b2f9d69ee2a9e19e13a9873f937a
|
|
7
|
+
data.tar.gz: 660b68966106543fbc7c8326a77ca5cc89947321dacf8f35a19aa1ee6818e4d077a1f1f0e86f1f8a7d6e52da6d377a7f8c90ac43d1b809158fe65c94dbaeb5c5
|
data/CHANGELOG.md
CHANGED
|
@@ -13,6 +13,16 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
|
13
13
|
|
|
14
14
|
### Removed
|
|
15
15
|
|
|
16
|
+
## [12.1.8] - 2025-05-16
|
|
17
|
+
|
|
18
|
+
### Added
|
|
19
|
+
|
|
20
|
+
- Support multiple requirements for a single package in poetry.lock.
|
|
21
|
+
|
|
22
|
+
### Changed
|
|
23
|
+
|
|
24
|
+
### Removed
|
|
25
|
+
|
|
16
26
|
## [12.1.7] - 2025-04-29
|
|
17
27
|
|
|
18
28
|
### Added
|
|
@@ -95,7 +105,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
|
95
105
|
|
|
96
106
|
### Added
|
|
97
107
|
|
|
98
|
-
- Populate Bibliothecary::Dependency#source field in all parsers. This makes the source field useful when consuming
|
|
108
|
+
- Populate Bibliothecary::Dependency#source field in all parsers. This makes the source field useful when consuming
|
|
99
109
|
from Bibliothecary, and removes a step from consumers having to populate this field themselves.
|
|
100
110
|
|
|
101
111
|
### Changed
|
|
@@ -138,9 +148,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
|
138
148
|
|
|
139
149
|
### Added
|
|
140
150
|
|
|
141
|
-
- Support parsing
|
|
151
|
+
- Support parsing \*.spdx.json files
|
|
142
152
|
|
|
143
153
|
### Changed
|
|
154
|
+
|
|
144
155
|
- `Bibliothecary::PURL_TYPE_MAPPING` has changed to `Bibliothecary::PurlUtil::PURL_TYPE_MAPPING`
|
|
145
156
|
- `Bibliothecary::MultiParsers::CycloneDX::ManifestEntries.full_name_for_purl` has changed to `Bibliothecary::PurlUtil.full_name`
|
|
146
157
|
|
|
@@ -142,16 +142,31 @@ module Bibliothecary
|
|
|
142
142
|
def self.map_dependencies(packages, type, source = nil)
|
|
143
143
|
return [] unless packages
|
|
144
144
|
|
|
145
|
-
packages.
|
|
145
|
+
packages.flat_map do |name, package_info|
|
|
146
146
|
local = true if package_info.is_a?(Hash) && (package_info.key?("path") || package_info.key?("file"))
|
|
147
147
|
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
requirement
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
148
|
+
if package_info.is_a?(Array)
|
|
149
|
+
# Poetry supports multiple requirements with differing specifiers for the same
|
|
150
|
+
# package. Break these out into a separate dep per requirement.
|
|
151
|
+
# https://python-poetry.org/docs/dependency-specification/#multiple-constraints-dependencies
|
|
152
|
+
package_info.map do |info|
|
|
153
|
+
Dependency.new(
|
|
154
|
+
name: name,
|
|
155
|
+
requirement: map_requirements(info),
|
|
156
|
+
type: type,
|
|
157
|
+
source: source,
|
|
158
|
+
local: local
|
|
159
|
+
)
|
|
160
|
+
end
|
|
161
|
+
else
|
|
162
|
+
Dependency.new(
|
|
163
|
+
name: name,
|
|
164
|
+
requirement: map_requirements(package_info),
|
|
165
|
+
type: type,
|
|
166
|
+
source: source,
|
|
167
|
+
local: local
|
|
168
|
+
)
|
|
169
|
+
end
|
|
155
170
|
end
|
|
156
171
|
end
|
|
157
172
|
|
|
@@ -160,7 +175,7 @@ module Bibliothecary
|
|
|
160
175
|
if info["version"]
|
|
161
176
|
info["version"]
|
|
162
177
|
elsif info["git"]
|
|
163
|
-
"#{info['git']}##{info['ref']}"
|
|
178
|
+
"#{info['git']}##{info['ref'] || info['tag']}"
|
|
164
179
|
else
|
|
165
180
|
"*"
|
|
166
181
|
end
|
|
@@ -186,19 +201,25 @@ module Bibliothecary
|
|
|
186
201
|
deps = []
|
|
187
202
|
manifest["package"].each do |package|
|
|
188
203
|
# next if group == "_meta"
|
|
189
|
-
group = case package["category"]
|
|
190
|
-
when "dev"
|
|
191
|
-
"develop"
|
|
192
|
-
else
|
|
193
|
-
"runtime"
|
|
194
|
-
end
|
|
195
204
|
|
|
196
|
-
|
|
197
|
-
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
|
|
201
|
-
|
|
205
|
+
# Poetry <1.2.0 used singular "category" for kind
|
|
206
|
+
# Poetry >=1.2.0 uses plural "groups" field for kind(s)
|
|
207
|
+
package.values_at("category", "groups").flatten.compact
|
|
208
|
+
.map do |g|
|
|
209
|
+
if g == "dev"
|
|
210
|
+
"develop"
|
|
211
|
+
else
|
|
212
|
+
(g == "main" ? "runtime" : g)
|
|
213
|
+
end
|
|
214
|
+
end
|
|
215
|
+
.each do |group|
|
|
216
|
+
deps << Dependency.new(
|
|
217
|
+
name: package["name"],
|
|
218
|
+
requirement: map_requirements(package),
|
|
219
|
+
type: group,
|
|
220
|
+
source: options.fetch(:filename, nil)
|
|
221
|
+
)
|
|
222
|
+
end
|
|
202
223
|
end
|
|
203
224
|
deps
|
|
204
225
|
end
|
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: bibliothecary
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 12.1.
|
|
4
|
+
version: 12.1.8
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Andrew Nesbitt
|
|
8
8
|
bindir: bin
|
|
9
9
|
cert_chain: []
|
|
10
|
-
date: 2025-
|
|
10
|
+
date: 2025-05-16 00:00:00.000000000 Z
|
|
11
11
|
dependencies:
|
|
12
12
|
- !ruby/object:Gem::Dependency
|
|
13
13
|
name: commander
|