bibliothecary 8.7.6 → 8.7.7

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/lib/bibliothecary/multi_parsers/cyclonedx.rb +10 -0
  3. data/lib/bibliothecary/parsers/pypi.rb +1 -0
  4. data/lib/bibliothecary/version.rb +1 -1
  5. data/lib/bibliothecary.rb +6 -1
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 57b89f5321f44b47f940c8fe8be9e50e2007ad4176fd002744f1f44a2bd9cbe7
4
- data.tar.gz: 742a28fbf8a17708e64736bf49039347af391db3b1ad4c62355df83f45459d5f
3
+ metadata.gz: 9c0af4f20a3dda13587bef4ed23446be465960fb69970f0f6b928b01dedb5599
4
+ data.tar.gz: ac0b2b21d35c70ff4c58c9470691a1dcd9f9080ece1a0e4d7606b39292d4022b
5
5
  SHA512:
6
- metadata.gz: 7a86455347539c89417c398c19e99ff8cd4ea84d52057c4e67f991f6ac518083db567a733b83cc4044dbb326d4a7322dde9514b3a486ed1c7825bc6cf2fdad7c
7
- data.tar.gz: a3c33ebc60114b4c9627d8dfd205d0579e32efd706c01fc84f00606d378db05c103f50655eb68c8b2f6383d0b50c9fcf7370a65d16d18c0dd1a9dd74241bbf45
6
+ metadata.gz: b2cbe6f624584fded45298b635105e68c41cf7e857472f94ac47582bdd57273339373c21c18982c87bd1556c559f2f58fb1949c25f21cffb04ae082efc16d46e
7
+ data.tar.gz: 8d35a25784b49e90f639ba0678be9d802e77f66b9e81376d042ce5d7e79af68f5101922bc35b2fff8233c56b9a90759b64dbc492a8bf4104643099bc8fc66eab
data/lib/bibliothecary/multi_parsers/cyclonedx.rb CHANGED
@@ -81,11 +81,21 @@ module Bibliothecary
81
81
  parser: :parse_cyclonedx_json,
82
82
  ungroupable: true,
83
83
  },
84
+ match_extension("cdx.json") => {
85
+ kind: "lockfile",
86
+ parser: :parse_cyclonedx_json,
87
+ ungroupable: true,
88
+ },
84
89
  match_filename("cyclonedx.xml") => {
85
90
  kind: "lockfile",
86
91
  parser: :parse_cyclonedx_xml,
87
92
  ungroupable: true,
88
93
  },
94
+ match_extension(".cdx.xml") => {
95
+ kind: "lockfile",
96
+ parser: :parse_cyclonedx_xml,
97
+ ungroupable: true,
98
+ },
89
99
  }
90
100
  end
91
101
 
data/lib/bibliothecary/parsers/pypi.rb CHANGED
@@ -12,6 +12,7 @@ module Bibliothecary
12
12
 
13
13
  REQUIREMENTS_REGEXP = /^#{REQUIRE_REGEXP}/
14
14
  MANIFEST_REGEXP = /.*require[^\/]*(\/)?[^\/]*\.(txt|pip|in)$/
15
+ # TODO: can this be a more specific regexp so it doesn't match something like ".yarn/cache/create-require-npm-1.0.0.zip"?
15
16
  PIP_COMPILE_REGEXP = /.*require.*$/
16
17
 
17
18
  # Adapted from https://peps.python.org/pep-0508/#names
data/lib/bibliothecary/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Bibliothecary
2
- VERSION = "8.7.6"
2
+ VERSION = "8.7.7"
3
3
  end
data/lib/bibliothecary.rb CHANGED
@@ -17,7 +17,8 @@ Dir[File.expand_path("../bibliothecary/parsers/*.rb", __FILE__)].each do |file|
17
17
  end
18
18
 
19
19
  module Bibliothecary
20
- VERSION_OPERATORS = /[~^<>*"]/
20
+ VERSION_OPERATORS = /[~^<>*"]/.freeze
21
+ INVALID_UTF8_ERROR_REGEXP = /invalid byte sequence/.freeze
21
22
 
22
23
  def self.analyse(path, ignore_unparseable_files: true)
23
24
  runner.analyse(path, ignore_unparseable_files: ignore_unparseable_files)
@@ -81,6 +82,10 @@ module Bibliothecary
81
82
  .dup # ensure we don't have a frozen string
82
83
  .force_encoding("UTF-8") # treat all strings as utf8
83
84
  .sub(/^\xEF\xBB\xBF/, "") # remove any Byte Order Marks so JSON, etc don't fail while parsing them.
85
+ rescue ArgumentError => e
86
+ # Bibliothecary doesn't need to analyze non-UTF8 files like binary files, so just return blank.
87
+ return "" if e.message.match?(INVALID_UTF8_ERROR_REGEXP)
88
+ raise e
84
89
  end
85
90
 
86
91
  class << self
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bibliothecary
3
3
  version: !ruby/object:Gem::Version
4
- version: 8.7.6
4
+ version: 8.7.7
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andrew Nesbitt
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-01-11 00:00:00.000000000 Z
11
+ date: 2024-03-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: tomlrb