bibliothecary 8.7.7 → 8.8.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/bibliothecary/parsers/npm.rb +12 -2
  3. data/lib/bibliothecary/version.rb +1 -1
  4. metadata +7 -7
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9c0af4f20a3dda13587bef4ed23446be465960fb69970f0f6b928b01dedb5599
4
- data.tar.gz: ac0b2b21d35c70ff4c58c9470691a1dcd9f9080ece1a0e4d7606b39292d4022b
3
+ metadata.gz: d1780d8940244ee5e96aab6ad08266b28f1bfac65eabb9ae2fc811712ddbbb3a
4
+ data.tar.gz: ac03558d5e3f9f127664c8420f31273b3eacfefccc4c193c1aa6830f2b54f749
5
5
  SHA512:
6
- metadata.gz: b2cbe6f624584fded45298b635105e68c41cf7e857472f94ac47582bdd57273339373c21c18982c87bd1556c559f2f58fb1949c25f21cffb04ae082efc16d46e
7
- data.tar.gz: 8d35a25784b49e90f639ba0678be9d802e77f66b9e81376d042ce5d7e79af68f5101922bc35b2fff8233c56b9a90759b64dbc492a8bf4104643099bc8fc66eab
6
+ metadata.gz: 0ba1a48525ff6a464715b4d8210d5edf6269a31a785d2038f9228e5b591e83c128ff9adb33bc12d427da134afafb5e1b3808092f272105a7896e1db8895e67f6
7
+ data.tar.gz: 3737f2812866ea2d79f94d5c1dfecfcfb822ec2496d8eb013319d72d3218e8e4deb988232b046886ee616688f9cebd6c5c131186f8db2289bd3b372eb3dd8a67
data/lib/bibliothecary/parsers/npm.rb CHANGED
@@ -63,12 +63,18 @@ module Bibliothecary
63
63
  # "packages" is a flat object where each key is the installed location of the dep, e.g. node_modules/foo/node_modules/bar.
64
64
  manifest
65
65
  .fetch("packages")
66
- .reject { |name, _dep| name == "" } # this is the lockfile's package itself
66
+ # there are a couple of scenarios where a package's name won't start with node_modules
67
+ # 1. name == "", this is the lockfile's package itself
68
+ # 2. when a package is a local path dependency, it will appear in package-lock.json twice.
69
+ # * One occurrence has the node_modules/ prefix in the name (which we keep)
70
+ # * The other occurrence's name is the path to the local dependency (which has less information, and is duplicative, so we discard)
71
+ .select { |name, _dep| name.start_with?("node_modules") }
67
72
  .map do |name, dep|
68
73
  {
69
74
  name: name.split("node_modules/").last,
70
- requirement: dep["version"],
75
+ requirement: dep["version"] || "*",
71
76
  type: dep.fetch("dev", false) || dep.fetch("devOptional", false) ? "development" : "runtime",
77
+ local: dep.fetch("link", false),
72
78
  }
73
79
  end
74
80
  end
@@ -101,6 +107,9 @@ module Bibliothecary
101
107
  map_dependencies(manifest, "devDependencies", "development")
102
108
  )
103
109
  .reject { |dep| dep[:name].start_with?("//") } # Omit comment keys. They are valid in package.json: https://groups.google.com/g/nodejs/c/NmL7jdeuw0M/m/yTqI05DRQrIJ
110
+ .each do |dep|
111
+ dep[:local] = dep[:requirement].start_with?("file:")
112
+ end
104
113
  end
105
114
 
106
115
  def self.parse_yarn_lock(file_contents, options: {}) # rubocop:disable Lint/UnusedMethodArgument
@@ -115,6 +124,7 @@ module Bibliothecary
115
124
  requirement: dep[:version],
116
125
  lockfile_requirement: dep[:requirement],
117
126
  type: dep[:type],
127
+ local: dep[:requirement]&.start_with?("file:"),
118
128
  }
119
129
  end
120
130
  end
data/lib/bibliothecary/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Bibliothecary
2
- VERSION = "8.7.7"
2
+ VERSION = "8.8.0"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bibliothecary
3
3
  version: !ruby/object:Gem::Version
4
- version: 8.7.7
4
+ version: 8.8.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andrew Nesbitt
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-03-12 00:00:00.000000000 Z
11
+ date: 2024-05-09 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: tomlrb
@@ -248,7 +248,7 @@ dependencies:
248
248
  - - ">="
249
249
  - !ruby/object:Gem::Version
250
250
  version: '0'
251
- description:
251
+ description:
252
252
  email:
253
253
  - andrewnez@gmail.com
254
254
  executables:
@@ -326,7 +326,7 @@ homepage: https://github.com/librariesio/bibliothecary
326
326
  licenses:
327
327
  - AGPL-3.0
328
328
  metadata: {}
329
- post_install_message:
329
+ post_install_message:
330
330
  rdoc_options: []
331
331
  require_paths:
332
332
  - lib
@@ -341,8 +341,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
341
341
  - !ruby/object:Gem::Version
342
342
  version: '0'
343
343
  requirements: []
344
- rubygems_version: 3.3.22
345
- signing_key:
344
+ rubygems_version: 3.1.6
345
+ signing_key:
346
346
  specification_version: 4
347
347
  summary: Find and parse manifests
348
348
  test_files: []