bibliothecary 6.7.2 → 6.7.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/bibliothecary.gemspec +2 -0
  3. data/lib/bibliothecary/parsers/maven.rb +70 -19
  4. data/lib/bibliothecary/version.rb +1 -1
  5. metadata +30 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 132a90ea8ed661b70e6709542f66d899eb5e35900905fd353b63f4e70b535ef8
4
- data.tar.gz: 3803d75c592a1f338ea4ce0d054b1347d3a61d35db14098427a5f94031b29bfd
3
+ metadata.gz: b589f62fb357fbc3134d456ea82c07b7ff20b11217d2c8010c8db5ff3a009337
4
+ data.tar.gz: 0a0727d453938b3ce8878aabe623b2ca7dbc928cb207bcdd94eb97173ade521f
5
5
  SHA512:
6
- metadata.gz: 26d770f760a52e56f7b51a04dadae781c87e73cac8e3f31d1f7cfd5d93c1a5597f079e609393146d7549b93a84bfb82a93801eacb92eb4cdf43f65e766e612ca
7
- data.tar.gz: 1c8136abb0ad7b67a57b0e5e41f2e9a48e110e5c71b27baa6005c922f9fac30a69be173ec88aa20d3e494c96360986052210be0e07df0c652d15cc6f43affc34
6
+ metadata.gz: 3d12065e6cd92680e7ed7a0c60770e67704aa949f2d5591126eb20fb6d4c42cbfa763caf60c0a71877d41d6f75231da96d910d8b219c78af81e67bcf5e240918
7
+ data.tar.gz: b4c378068bf8ee58bc8a77e44a984a4eff68c0660e0c0ebaca8bee5c29b7ae69534bfead06a0993362a1f3de1b8cf96b7ff925787cdf44abc923fe9a0ffa2c1a
data/bibliothecary.gemspec CHANGED
@@ -25,6 +25,8 @@ Gem::Specification.new do |spec|
25
25
  spec.add_dependency "deb_control"
26
26
  spec.add_dependency "sdl4r"
27
27
  spec.add_dependency "commander"
28
+ spec.add_dependency "strings-ansi"
29
+ spec.add_dependency "strings"
28
30
 
29
31
  spec.add_development_dependency "bundler", "~> 1.11"
30
32
  spec.add_development_dependency "pry"
data/lib/bibliothecary/parsers/maven.rb CHANGED
@@ -1,4 +1,5 @@
1
1
  require 'ox'
2
+ require 'strings-ansi'
2
3
 
3
4
  module Bibliothecary
4
5
  module Parsers
@@ -11,6 +12,9 @@ module Bibliothecary
11
12
  # "| \\--- com.google.guava:guava:23.5-jre (*)"
12
13
  GRADLE_DEP_REGEX = /(\+---|\\---){1}/
13
14
 
15
+ MAVEN_PROPERTY_REGEX = /\$\{(.+?)\}/
16
+ MAX_DEPTH = 5
17
+
14
18
  def self.mapping
15
19
  {
16
20
  match_filename("ivy.xml", case_insensitive: true) => {
@@ -33,6 +37,10 @@ module Bibliothecary
33
37
  match_filename("gradle-dependencies-q.txt", case_insensitive: true) => {
34
38
  kind: 'lockfile',
35
39
  parser: :parse_gradle_resolved
40
+ },
41
+ match_filename("maven-resolved-dependencies.txt", case_insensitive: true) => {
42
+ kind: 'lockfile',
43
+ parser: :parse_maven_resolved
36
44
  }
37
45
  }
38
46
  end
@@ -53,7 +61,7 @@ module Bibliothecary
53
61
  doc = Ox.parse file_contents
54
62
  root = doc&.locate("ivy-report")&.first
55
63
  return !root.nil?
56
- rescue Exception => e # rubocop:disable Lint/RescueException
64
+ rescue Exception # rubocop:disable Lint/RescueException
57
65
  # We rescue exception here since native libs can throw a non-StandardError
58
66
  # We don't want to throw errors during the matching phase, only during
59
67
  # parsing after we match.
@@ -109,6 +117,25 @@ module Bibliothecary
109
117
  end.compact.uniq {|item| [item[:name], item[:requirement], item[:type]]}
110
118
  end
111
119
 
120
+ def self.parse_maven_resolved(file_contents)
121
+ Strings::ANSI.sanitize(file_contents)
122
+ .split("\n")
123
+ .map(&method(:parse_resolved_dep_line))
124
+ .compact
125
+ .uniq
126
+ end
127
+
128
+ def self.parse_resolved_dep_line(line)
129
+ dep_parts = line.strip.split(":")
130
+ return unless dep_parts.length == 5
131
+ # org.springframework.boot:spring-boot-starter-web:jar:2.0.3.RELEASE:compile -- module spring.boot.starter.web [auto]
132
+ {
133
+ name: dep_parts[0, 2].join(":"),
134
+ requirement: dep_parts[3],
135
+ type: dep_parts[4].split("--").first.strip
136
+ }
137
+ end
138
+
112
139
  def self.parse_pom_manifest(file_contents, parent_properties = {})
113
140
  manifest = Ox.parse file_contents
114
141
  xml = manifest.respond_to?('project') ? manifest.project : manifest
@@ -148,30 +175,54 @@ module Bibliothecary
148
175
  def self.extract_pom_dep_info(xml, dependency, name, parent_properties = {})
149
176
  field = dependency.locate(name).first
150
177
  return nil if field.nil?
178
+
151
179
  value = field.nodes.first
152
- match = value.match(/^\$\{(.+)\}/)
180
+ match = value.match(MAVEN_PROPERTY_REGEX)
153
181
  if match
154
- # the xml root is <project> so lookup the non property name in the xml
155
- # this converts ${project/group.id} -> ${group/id}
156
- non_prop_name = match[1].gsub('.', '/').gsub('project/', '')
157
- return value if !xml.respond_to?('properties') && parent_properties.empty? && !xml.locate(non_prop_name)
158
- prop_field = xml.properties.locate(match[1]).first
159
- parent_prop = parent_properties[match[1]]
160
- if prop_field
161
- return prop_field.nodes.first
162
- elsif parent_prop
163
- return parent_prop
164
- elsif xml.locate(non_prop_name).first
165
- # see if the value to look up is a field under the project
166
- # examples are ${project.groupId} or ${project.version}
167
- return xml.locate(non_prop_name).first.nodes.first
168
- else
169
- return value
170
- end
182
+ return extract_property(xml, match[1], value, parent_properties)
171
183
  else
172
184
  return value
173
185
  end
174
186
  end
187
+
188
+ def self.replace_value_with_prop(original_value, property_value, property_name)
189
+ original_value.gsub("${#{property_name}}", property_value)
190
+ end
191
+
192
+ def self.extract_property(xml, property_name, value, parent_properties = {}, depth = 0)
193
+ prop_value = property_value(xml, property_name, parent_properties)
194
+ return value unless prop_value
195
+ # don't resolve more than 5 levels deep to avoid potential circular references
196
+
197
+ resolved_value = replace_value_with_prop(value, prop_value, property_name)
198
+ # check to see if we just resolved to another property name
199
+ match = resolved_value.match(MAVEN_PROPERTY_REGEX)
200
+ if match && depth < MAX_DEPTH
201
+ depth += 1
202
+ return extract_property(xml, match[1], resolved_value, parent_properties, depth)
203
+ else
204
+ return resolved_value
205
+ end
206
+ end
207
+
208
+ def self.property_value(xml, property_name, parent_properties)
209
+ # the xml root is <project> so lookup the non property name in the xml
210
+ # this converts ${project/group.id} -> ${group/id}
211
+ non_prop_name = property_name.gsub(".", "/").gsub("project/", "")
212
+ return value if !xml.respond_to?("properties") && parent_properties.empty? && !xml.locate(non_prop_name)
213
+
214
+ prop_field = xml.properties.locate(property_name).first
215
+ parent_prop = parent_properties[property_name]
216
+ if prop_field
217
+ prop_field.nodes.first
218
+ elsif parent_prop
219
+ parent_prop
220
+ elsif xml.locate(non_prop_name).first
221
+ # see if the value to look up is a field under the project
222
+ # examples are ${project.groupId} or ${project.version}
223
+ xml.locate(non_prop_name).first.nodes.first
224
+ end
225
+ end
175
226
  end
176
227
  end
177
228
  end
data/lib/bibliothecary/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Bibliothecary
2
- VERSION = "6.7.2"
2
+ VERSION = "6.7.3"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bibliothecary
3
3
  version: !ruby/object:Gem::Version
4
- version: 6.7.2
4
+ version: 6.7.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andrew Nesbitt
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-06-12 00:00:00.000000000 Z
11
+ date: 2019-07-02 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: toml-rb
@@ -108,6 +108,34 @@ dependencies:
108
108
  - - ">="
109
109
  - !ruby/object:Gem::Version
110
110
  version: '0'
111
+ - !ruby/object:Gem::Dependency
112
+ name: strings-ansi
113
+ requirement: !ruby/object:Gem::Requirement
114
+ requirements:
115
+ - - ">="
116
+ - !ruby/object:Gem::Version
117
+ version: '0'
118
+ type: :runtime
119
+ prerelease: false
120
+ version_requirements: !ruby/object:Gem::Requirement
121
+ requirements:
122
+ - - ">="
123
+ - !ruby/object:Gem::Version
124
+ version: '0'
125
+ - !ruby/object:Gem::Dependency
126
+ name: strings
127
+ requirement: !ruby/object:Gem::Requirement
128
+ requirements:
129
+ - - ">="
130
+ - !ruby/object:Gem::Version
131
+ version: '0'
132
+ type: :runtime
133
+ prerelease: false
134
+ version_requirements: !ruby/object:Gem::Requirement
135
+ requirements:
136
+ - - ">="
137
+ - !ruby/object:Gem::Version
138
+ version: '0'
111
139
  - !ruby/object:Gem::Dependency
112
140
  name: bundler
113
141
  requirement: !ruby/object:Gem::Requirement