bibliothecary 8.0.0 → 8.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/bibliothecary/multi_parsers/cyclonedx.rb +33 -15
- data/lib/bibliothecary/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7ed029f460ea32073ccc2d06f6fb297926686064554b1447a7014ff8588382f1
|
|
4
|
+
data.tar.gz: 70482eb3f0cfe7afb13124904b1e713596d92e92d90cd6267153ff4319e9d356
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b8a243cb926cf8e49835f11db86199f8fe8d45dc53b1f80a17c9b3c941bb5935e4c8b8c1a897b40704d8c6c3ddc271fd5d3139aa9373a8328eea3a538c383fac
|
|
7
|
+
data.tar.gz: d6dd8f873e0ce3cabf3f526e4e50393c36c1e3c6aacb7b1581bc7720bc022670ecd0cc96114df8d3dcc561341e3ee920d401a578eaf7fe5b066f64a33306d730
|
|
@@ -39,8 +39,13 @@ module Bibliothecary
|
|
|
39
39
|
|
|
40
40
|
attr_reader :manifests
|
|
41
41
|
|
|
42
|
-
def initialize
|
|
42
|
+
def initialize(parse_queue:)
|
|
43
43
|
@manifests = {}
|
|
44
|
+
|
|
45
|
+
# Instead of recursing, we'll work through a queue of components
|
|
46
|
+
# to process, letting the different parser add components to the
|
|
47
|
+
# queue however they need to pull them from the source document.
|
|
48
|
+
@parse_queue = parse_queue
|
|
44
49
|
end
|
|
45
50
|
|
|
46
51
|
def <<(purl)
|
|
@@ -55,6 +60,23 @@ module Bibliothecary
|
|
|
55
60
|
}
|
|
56
61
|
end
|
|
57
62
|
|
|
63
|
+
# Iterates over each manifest entry in the parse_queue, and accepts a block which will
|
|
64
|
+
# be called on each component. The block has two jobs: 1) add more sub-components
|
|
65
|
+
# to parse (if they exist), and 2) return the components purl.
|
|
66
|
+
def parse!(&block)
|
|
67
|
+
while @parse_queue.length > 0
|
|
68
|
+
component = @parse_queue.shift
|
|
69
|
+
|
|
70
|
+
purl_text = block.call(component, @parse_queue)
|
|
71
|
+
|
|
72
|
+
next unless purl_text
|
|
73
|
+
|
|
74
|
+
purl = PackageURL.parse(purl_text)
|
|
75
|
+
|
|
76
|
+
self << purl
|
|
77
|
+
end
|
|
78
|
+
end
|
|
79
|
+
|
|
58
80
|
def [](key)
|
|
59
81
|
@manifests[key]&.to_a
|
|
60
82
|
end
|
|
@@ -94,14 +116,12 @@ module Bibliothecary
|
|
|
94
116
|
|
|
95
117
|
raise NoComponents unless manifest["components"]
|
|
96
118
|
|
|
97
|
-
entries = ManifestEntries.new
|
|
98
|
-
|
|
99
|
-
manifest["components"].each_with_object(entries) do |component, obj|
|
|
100
|
-
next unless component["purl"]
|
|
119
|
+
entries = ManifestEntries.new(parse_queue: manifest["components"])
|
|
101
120
|
|
|
102
|
-
|
|
121
|
+
entries.parse! do |component, parse_queue|
|
|
122
|
+
parse_queue.concat(component["components"]) if component["components"]
|
|
103
123
|
|
|
104
|
-
|
|
124
|
+
component["purl"]
|
|
105
125
|
end
|
|
106
126
|
|
|
107
127
|
entries[platform_name.to_sym]
|
|
@@ -119,16 +139,14 @@ module Bibliothecary
|
|
|
119
139
|
|
|
120
140
|
raise NoComponents unless root.locate('components').first
|
|
121
141
|
|
|
122
|
-
entries = ManifestEntries.new
|
|
123
|
-
|
|
124
|
-
root.locate('components/*').each_with_object(entries) do |component, obj|
|
|
125
|
-
purl_node = component.locate("purl").first
|
|
126
|
-
|
|
127
|
-
next unless purl_node
|
|
142
|
+
entries = ManifestEntries.new(parse_queue: root.locate('components/*'))
|
|
128
143
|
|
|
129
|
-
|
|
144
|
+
entries.parse! do |component, parse_queue|
|
|
145
|
+
# #locate returns an empty array if nothing is found, so we can
|
|
146
|
+
# always safely concatenate it to the parse queue.
|
|
147
|
+
parse_queue.concat(component.locate('components/*'))
|
|
130
148
|
|
|
131
|
-
|
|
149
|
+
component.locate("purl").first&.text
|
|
132
150
|
end
|
|
133
151
|
|
|
134
152
|
entries[platform_name.to_sym]
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: bibliothecary
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 8.
|
|
4
|
+
version: 8.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Andrew Nesbitt
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-04-
|
|
11
|
+
date: 2022-04-28 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: tomlrb
|