bibliothecary 15.1.2 → 15.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.rubocop.yml +2 -2
- data/CHANGELOG.md +11 -0
- data/Gemfile +1 -1
- data/lib/bibliothecary/parsers/go.rb +0 -21
- data/lib/bibliothecary/parsers/maven.rb +15 -4
- data/lib/bibliothecary/parsers/npm.rb +4 -1
- data/lib/bibliothecary/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 0467bf0dd389f6a58cd69510bd2fe2865f3d3d762732e5aac80f0348f2b785a7
|
|
4
|
+
data.tar.gz: 0b2015f0e1d5e0c80c82c554f14b5d03fbe96c8be58a27f630eefe6e33083eda
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 47a1f33ff32ecb3bb8dcf4636e6b1bf4393d95b85a5a7b13c44b8438f14014e200043d45295b3c51f535acb34aa28293563584c8ce049b7af3b43955ac2f26a1
|
|
7
|
+
data.tar.gz: 45471c05872e2ec7b29013c4eab33fb268801ccb64c6e5c3238c7f86b0e5c3daea3969f3fdacbc2109f1dab55aeadb06a78084aaef6d82ed7c85135107ebe101
|
data/.rubocop.yml
CHANGED
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
2
|
# Without this, CI might pickup nested dep's rubocop files in vendor/
|
|
4
3
|
inherit_mode:
|
|
5
4
|
merge:
|
|
@@ -12,7 +11,6 @@ AllCops:
|
|
|
12
11
|
- spec/fixtures/**/*
|
|
13
12
|
- vendor/bundle/**/* # This is actually needed for CI, not for biblio itself
|
|
14
13
|
|
|
15
|
-
|
|
16
14
|
Metrics/BlockLength:
|
|
17
15
|
Max: 100
|
|
18
16
|
Exclude:
|
|
@@ -67,3 +65,5 @@ Style/IfUnlessModifier:
|
|
|
67
65
|
Enabled: false
|
|
68
66
|
Layout/BlockAlignment:
|
|
69
67
|
EnforcedStyleAlignWith: start_of_block
|
|
68
|
+
Style/EmptyClassDefinition:
|
|
69
|
+
Enabled: false
|
data/CHANGELOG.md
CHANGED
|
@@ -13,6 +13,17 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
|
13
13
|
|
|
14
14
|
### Removed
|
|
15
15
|
|
|
16
|
+
## [15.1.3]
|
|
17
|
+
|
|
18
|
+
### Added
|
|
19
|
+
|
|
20
|
+
- Start collecting "project_name" from gradle-dependencies-q.txt lockfiles.
|
|
21
|
+
- Start collecting "project_name" from package.json manifests.
|
|
22
|
+
|
|
23
|
+
### Removed
|
|
24
|
+
|
|
25
|
+
- Remove "go.sum" as a lockfile for Golang because it is not a lockfile.
|
|
26
|
+
|
|
16
27
|
## [15.1.2]
|
|
17
28
|
|
|
18
29
|
### Changed
|
data/Gemfile
CHANGED
|
@@ -25,10 +25,6 @@ module Bibliothecary
|
|
|
25
25
|
kind: "manifest",
|
|
26
26
|
parser: :parse_go_mod,
|
|
27
27
|
},
|
|
28
|
-
match_filename("go.sum") => {
|
|
29
|
-
kind: "lockfile",
|
|
30
|
-
parser: :parse_go_sum,
|
|
31
|
-
},
|
|
32
28
|
# Glide (unmaintained: https://github.com/Masterminds/glide#go-modules)
|
|
33
29
|
match_filename("glide.yaml") => {
|
|
34
30
|
kind: "manifest",
|
|
@@ -182,23 +178,6 @@ module Bibliothecary
|
|
|
182
178
|
categorized_deps
|
|
183
179
|
end
|
|
184
180
|
|
|
185
|
-
def self.parse_go_sum(file_contents, options: {})
|
|
186
|
-
deps = []
|
|
187
|
-
file_contents.lines.map(&:strip).each do |line|
|
|
188
|
-
next unless (match = line.match(GOSUM_REGEXP))
|
|
189
|
-
|
|
190
|
-
deps << Dependency.new(
|
|
191
|
-
name: match[1].strip,
|
|
192
|
-
requirement: match[2].strip.split("/").first,
|
|
193
|
-
type: "runtime",
|
|
194
|
-
source: options.fetch(:filename, nil),
|
|
195
|
-
platform: platform_name
|
|
196
|
-
)
|
|
197
|
-
end
|
|
198
|
-
dependencies = deps.uniq
|
|
199
|
-
ParserResult.new(dependencies: dependencies)
|
|
200
|
-
end
|
|
201
|
-
|
|
202
181
|
def self.parse_go_resolved(file_contents, options: {})
|
|
203
182
|
dependencies = JSON.parse(file_contents)
|
|
204
183
|
.reject { |dep| dep["Main"] == "true" }
|
|
@@ -21,10 +21,12 @@ module Bibliothecary
|
|
|
21
21
|
# e.g. "| \\--- com.google.guava:guava:23.5-jre (*)"
|
|
22
22
|
GRADLE_DEP_REGEXP = /(\+---|\\---){1}/
|
|
23
23
|
|
|
24
|
+
GRADLE_PROJECT_REGEXP = /\s*Project '?:?([^\s']+)'?/
|
|
25
|
+
|
|
24
26
|
# Dependencies that are on-disk projects, eg:
|
|
25
27
|
# e.g. "\--- project :api:my-internal-project"
|
|
26
28
|
# e.g. "+--- my-group:my-alias:1.2.3 -> project :client (*)"
|
|
27
|
-
|
|
29
|
+
GRADLE_DEPENDENCY_PROJECT_REGEXP = /project :(\S+)?/
|
|
28
30
|
|
|
29
31
|
# line ending legend: (c) means a dependency constraint, (n) means not resolved, or (*) means resolved previously, e.g. org.springframework.boot:spring-boot-starter-web:2.1.0.M3 (*)
|
|
30
32
|
# e.g. the "(n)" in "+--- my-group:my-name:1.2.3 (n)"
|
|
@@ -191,8 +193,14 @@ module Bibliothecary
|
|
|
191
193
|
|
|
192
194
|
def self.parse_gradle_resolved(file_contents, options: {})
|
|
193
195
|
current_type = nil
|
|
196
|
+
project_name = nil
|
|
194
197
|
|
|
195
198
|
dependencies = file_contents.split("\n").map do |line|
|
|
199
|
+
if project_name.nil? && (project_name_match = GRADLE_PROJECT_REGEXP.match(line))
|
|
200
|
+
project_name = project_name_match.captures[0]
|
|
201
|
+
next
|
|
202
|
+
end
|
|
203
|
+
|
|
196
204
|
current_type_match = GRADLE_TYPE_REGEXP.match(line)
|
|
197
205
|
current_type = current_type_match.captures[0] if current_type_match
|
|
198
206
|
|
|
@@ -203,13 +211,13 @@ module Bibliothecary
|
|
|
203
211
|
|
|
204
212
|
# gradle can import on-disk projects and deps will be listed under them, e.g. `+--- project :test:integration`,
|
|
205
213
|
# so we treat these projects as "internal" deps with requirement of "1.0.0"
|
|
206
|
-
if (project_match = line.match(
|
|
214
|
+
if (project_match = line.match(GRADLE_DEPENDENCY_PROJECT_REGEXP))
|
|
207
215
|
# an empty project name is self-referential (i.e. a cycle), and we don't need to track the manifest's project itself, e.g. "+--- project :"
|
|
208
216
|
next if project_match[1].nil?
|
|
209
217
|
|
|
210
218
|
# project names can have colons (e.g. for gradle projects in subfolders), which breaks maven artifact naming assumptions, so just replace them with hyphens.
|
|
211
219
|
project_name = project_match[1].gsub(":", "-")
|
|
212
|
-
line = line.sub(
|
|
220
|
+
line = line.sub(GRADLE_DEPENDENCY_PROJECT_REGEXP, "internal:#{project_name}:1.0.0")
|
|
213
221
|
end
|
|
214
222
|
|
|
215
223
|
dep = line
|
|
@@ -259,7 +267,10 @@ module Bibliothecary
|
|
|
259
267
|
end
|
|
260
268
|
.compact
|
|
261
269
|
.uniq { |item| [item.name, item.requirement, item.type, item.original_name, item.original_requirement] }
|
|
262
|
-
ParserResult.new(
|
|
270
|
+
ParserResult.new(
|
|
271
|
+
project_name: project_name,
|
|
272
|
+
dependencies: dependencies
|
|
273
|
+
)
|
|
263
274
|
end
|
|
264
275
|
|
|
265
276
|
def self.parse_maven_resolved(file_contents, options: {})
|
|
@@ -167,7 +167,10 @@ module Bibliothecary
|
|
|
167
167
|
)
|
|
168
168
|
end
|
|
169
169
|
|
|
170
|
-
ParserResult.new(
|
|
170
|
+
ParserResult.new(
|
|
171
|
+
dependencies: dependencies,
|
|
172
|
+
project_name: manifest["name"]
|
|
173
|
+
)
|
|
171
174
|
end
|
|
172
175
|
|
|
173
176
|
def self.parse_yarn_lock(file_contents, options: {})
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: bibliothecary
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 15.1.
|
|
4
|
+
version: 15.1.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Andrew Nesbitt
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2026-
|
|
11
|
+
date: 2026-02-10 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: commander
|