c66-gemnasium-parser 0.1.10

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: bff190f9fe0cc29b2412cf312c747cfe7648df8a9b1ca3d42b0704fe593a816f
+  data.tar.gz: 6c4636227634775f256cbf1468d0762c0304d54d4e00354274bb55c5da05ed81
+SHA512:
+  metadata.gz: 66a7fee11bbb24d29c36fe06b3115d843b13b2f31b3f82c3b730873a613ef1e5e546eead78a5590abf1d0c5a5f90544f0d3877458f9daf92ffc07ecdb88c9cbe
+  data.tar.gz: 0a6cc3b8581ad2b23ee5b37d5b07eb738b0bfda26479c01b8fecdf29beee79e52568e227c5e6117d6d6767bd21373403277efe5670e321284b45662f191784b9

data/.gitignore

@@ -0,0 +1,18 @@
+*.gem
+*.rbc
+.bundle
+.config
+.rvmrc
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/.travis.yml

@@ -0,0 +1,4 @@
+rvm:
+  - 1.9.2
+  - 1.9.3
+  - 2.0.0

data/CHANGELOG.md

@@ -0,0 +1,19 @@
+## 0.1.9 / 2012-11-19
+
+Bugfixes:
+
+* remove CR chars from content before parsing since it breaks patterns matching
+
+## 0.1.8 / 2012-11-18
+
+Bugfixes:
+
+* support :github option and exclude gems that use it
+* add CHANGELOG
+  
+## 0.1.7 2012-10-17
+
+Bugfixes:
+
+* fix pattern to allow gem's name with a period
+

data/Gemfile

@@ -0,0 +1,7 @@
+source "https://rubygems.org"
+
+gemspec
+
+gem "coveralls", "~> 0.6", require: false
+gem "rake", ">= 0.8.7"
+gem "rspec", "~> 2.4"

data/LICENSE

@@ -0,0 +1,22 @@
+Copyright (c) 2011 Steve Richert
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,53 @@
+# Gemnasium::Parser
+
+[![Gem Version](https://img.shields.io/gem/v/formatador.svg)]()
+[![Build Status](https://img.shields.io/travis/gemnasium/gemnasium-parser/master.svg)](https://travis-ci.org/gemnasium/gemnasium-parser)
+[![Dependency Status](https://img.shields.io/gemnasium/gemnasium/gemnasium-parser.svg)](https://gemnasium.com/gemnasium/gemnasium-parser)
+
+The [Gemnasium](https://gemnasium.com/) parser determines gem dependencies from gemfiles and gemspecs, without evaluating the Ruby.
+
+## Why?
+
+[Bundler](http://gembundler.com/) is wonderful. It takes your gemfile and your gemspec (both just Ruby) and evaluates them, determining your gem dependencies. This works great locally and even on your production server… but only because you can be trusted!
+
+An untrustworthy character could put some pretty nasty stuff in a gemfile. If Gemnasium were to blindly evaluate that Ruby on its servers, havoc would ensue.
+
+### Solution #1
+
+If evaluating Ruby is so dangerous, just sandbox it! [Travis CI](http://travis-ci.org/) runs its builds inside isolated environments built with [Vagrant](http://vagrantup.com/). That way, if anything goes awry, it’s in a controlled environment.
+
+This is entirely possible with Gemnasium, but it’s impractical. Gemfiles often `require` other files in the repository. So to evaluate a gemfile, Gemnasium needs to clone the entire repo. That’s an expensive operation when only a couple files determine the dependencies.
+
+### Solution #2
+
+Parse Ruby like Ruby parses Ruby.
+
+Ruby 1.9 includes a library called Ripper. Ripper is a Ruby parsing library that can break down a gemfile or gemspec into bite-sized chunks, without evaluating the source. Then it can be searched for just the methods that matter.
+
+The problem is that it’s hard to make heads or tails from Ripper’s output, at least for me. I could see the Gemnasium parser one day moving to this strategy. But not today.
+
+### Third try’s the charm
+
+If we can’t evaluate the Ruby and Ripper’s output is unmanageable, how else can we find patterns in a gemfile or gemspec and get usable output?
+
+Regular expressions!
+
+The Gemnasium parser, for both gemfiles and gemspecs, is based on a number of Ruby regular expressions. These patterns match `gem` method calls in gemfiles and `add_dependency` calls in gemspecs.
+
+For a more comprehensive list of its abilities, see the [specs](https://github.com/laserlemon/gemnasium-parser/tree/master/spec).
+
+## Contributing <a name="contributing"></a>
+
+1. Fork it
+2. Create your branch (`git checkout -b my-bugfix`)
+3. Commit your changes (`git commit -am "Fix my bug"`)
+4. Push your branch (`git push origin my-bugfix`)
+5. Send a pull request
+
+## Problems?
+
+If you have a gemfile or gemspec that the Gemnasium parser screws up…
+
+1. Boil it down to its simplest problematic form
+2. Write a failing spec
+3. See [Contributing](#contributing)

data/Rakefile

@@ -0,0 +1,9 @@
+#!/usr/bin/env rake
+
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+task :test => :spec
+task :default => :spec

data/gemnasium-parser.gemspec

@@ -0,0 +1,18 @@
+# encoding: utf-8
+
+Gem::Specification.new do |gem|
+  gem.name    = "c66-gemnasium-parser"
+  gem.version = "0.1.10"
+
+  gem.authors     = "Steve Richert"
+  gem.email       = "steve.richert@gmail.com"
+  gem.description = "Safely parse Gemfiles and gemspecs"
+  gem.summary     = gem.description
+  gem.homepage    = "https://github.com/cloud66-oss/gemnasium-parser"
+
+  gem.add_development_dependency "bundler", "~> 1.0"
+
+  gem.files         = `git ls-files`.split($\)
+  gem.test_files    = gem.files.grep(/^spec\//)
+  gem.require_paths = ["lib"]
+end

data/lib/gemnasium/parser.rb

@@ -0,0 +1,21 @@
+require "gemnasium/parser/configuration"
+require "gemnasium/parser/gemfile"
+require "gemnasium/parser/gemspec"
+
+module Gemnasium
+  module Parser
+    extend Configuration
+
+    def self.gemfile(content)
+      # Remove CR chars "\r" from content since it breaks Patterns matching
+      # TODO: Find something cleaner than this workaround
+      Gemnasium::Parser::Gemfile.new(content.gsub("\r",''))
+    end
+
+    def self.gemspec(content)
+      # Remove CR chars "\r" from content since it breaks Patterns matching
+      # TODO: Find something cleaner than this workaround
+      Gemnasium::Parser::Gemspec.new(content.gsub("\r",''))
+    end
+  end
+end

data/lib/gemnasium/parser/configuration.rb

@@ -0,0 +1,11 @@
+module Gemnasium
+  module Parser
+    module Configuration
+      attr_writer :runtime_groups
+
+      def runtime_groups
+        @runtime_groups ||= [:default, :production]
+      end
+    end
+  end
+end

data/lib/gemnasium/parser/gemfile.rb

@@ -0,0 +1,122 @@
+require "bundler"
+require "gemnasium/parser/patterns"
+
+module Gemnasium
+  module Parser
+    class Gemfile
+      attr_reader :content
+
+      def initialize(content)
+        @content = content
+      end
+
+      def dependencies
+        @dependencies ||= [].tap do |deps|
+          gem_matches.each do |match|
+            dep = dependency(match)
+            deps << dep if dep
+          end
+        end
+	  end
+
+	  def ruby
+		if @ruby = content.match(Patterns::RUBY_CALL)
+			return @ruby[:version]
+		else
+			return nil
+		end
+	  end
+
+      def gemspec
+        @gemspec = if gemspec_match
+          opts = Patterns.options(gemspec_match["opts"])
+          path = opts["path"]
+          name = opts["name"] || "*"
+          File.join(*[path, "#{name}.gemspec"].compact)
+        end
+      end
+
+      def gemspec?
+        !!gemspec
+      end
+
+      private
+        def gem_matches
+          @gem_matches ||= matches(Patterns::GEM_CALL)
+        end
+
+        def matches(pattern)
+          [].tap{|m| content.scan(pattern){ m << Regexp.last_match } }
+        end
+
+        def dependency(match)
+          opts = Patterns.options(match["opts"])
+          return nil if exclude?(match, opts)
+          clean!(match, opts)
+          name, reqs = match["name"], [match["req1"], match["req2"]].compact
+          Bundler::Dependency.new(name, reqs, opts).tap do |dep|
+            line = content.slice(0, match.begin(0)).count("\n") + 1
+            dep.instance_variable_set(:@line, line)
+          end
+        end
+
+        def groups(match)
+          group = group_matches.detect{|m| in_block?(match, m) }
+          group && Patterns.values(group[:grps])
+        end
+
+        def in_block?(inner, outer)
+          outer.begin(:blk) <= inner.begin(0) && outer.end(:blk) >= inner.end(0)
+        end
+
+        def group_matches
+          @group_matches ||= matches(Patterns::GROUP_CALL)
+        end
+
+        def exclude?(match, opts)
+          git?(match, opts) || github?(match, opts) || path?(match, opts)
+        end
+
+        def git?(match, opts)
+          opts["git"] || in_git_block?(match)
+        end
+
+        def github?(match, opts)
+          opts["github"]
+        end
+
+        def in_git_block?(match)
+          git_matches.any?{|m| in_block?(match, m) }
+        end
+
+        def git_matches
+          @git_matches ||= matches(Patterns::GIT_CALL)
+        end
+
+        def path?(match, opts)
+          opts["path"] || in_path_block?(match)
+        end
+
+        def in_path_block?(match)
+          path_matches.any?{|m| in_block?(match, m) }
+        end
+
+        def path_matches
+          @path_matches ||= matches(Patterns::PATH_CALL)
+        end
+
+        def clean!(match, opts)
+          opts["group"] ||= opts.delete("groups")
+          opts["group"] ||= groups(match)
+          groups = Array(opts["group"]).flatten.compact
+          runtime = groups.empty? || !(groups & Parser.runtime_groups).empty?
+          opts["type"] ||= runtime ? :runtime : :development
+        end
+
+        def gemspec_match
+          return @gemspec_match if defined?(@gemspec_match)
+          @gemspec_match = content.match(Patterns::GEMSPEC_CALL)
+        end
+    end
+  end
+end

data/lib/gemnasium/parser/gemspec.rb

@@ -0,0 +1,38 @@
+module Gemnasium
+  module Parser
+    class Gemspec
+      attr_reader :content
+
+      def initialize(content)
+        @content = content
+      end
+
+      def dependencies
+        @dependencies ||= [].tap do |deps|
+          runtime_matches.each do |match|
+            dep = dependency(match)
+            deps << dep
+          end
+        end
+      end
+
+      private
+        def runtime_matches
+          @runtime_matches ||= matches(Patterns::ADD_DEPENDENCY_CALL)
+        end
+
+        def matches(pattern)
+          [].tap{|m| content.scan(pattern){ m << Regexp.last_match } }
+        end
+
+        def dependency(match)
+          name, reqs = match["name"], [match["req1"], match["req2"]].compact
+          type = match["type"] =~ /development/ ? :development : :runtime
+          Bundler::Dependency.new(name, reqs, "type" => type).tap do |dep|
+            line = content.slice(0, match.begin(0)).count("\n") + 1
+            dep.instance_variable_set(:@line, line)
+          end
+        end
+    end
+  end
+end

data/lib/gemnasium/parser/patterns.rb

@@ -0,0 +1,66 @@
+module Gemnasium
+  module Parser
+    module Patterns
+      GEM_NAME = /[a-zA-Z0-9\-_\.]+/
+	  QUOTED_GEM_NAME = /(?:(?<gq>["'])(?<name>#{GEM_NAME})\k<gq>|%q<(?<name>#{GEM_NAME})>)/
+
+      MATCHER = /(?:=|!=|>|<|>=|<=|~>)/
+      VERSION = /[0-9]+(?:\.[a-zA-Z0-9]+)*/
+      REQUIREMENT = /[ \t]*(?:#{MATCHER}[ \t]*)?#{VERSION}[ \t]*/
+      REQUIREMENT_LIST = /(?<qr1>["'])(?<req1>#{REQUIREMENT})\k<qr1>(?:[ \t]*,[ \t]*(?<qr2>["'])(?<req2>#{REQUIREMENT})\k<qr2>)?/
+      REQUIREMENTS = /(?:#{REQUIREMENT_LIST}|\[[ \t]*#{REQUIREMENT_LIST}[ \t]*\])/
+
+      KEY = /(?::\w+|:?"\w+"|:?'\w+')/
+      SYMBOL = /(?::\w+|:"[^"#]+"|:'[^']+')/
+      STRING = /(?:"[^"#]*"|'[^']*')/
+      BOOLEAN = /(?:true|false)/
+      NIL = /nil/
+      ELEMENT = /(?:#{SYMBOL}|#{STRING})/
+      ARRAY = /\[(?:#{ELEMENT}(?:[ \t]*,[ \t]*#{ELEMENT})*)?\]/
+      VALUE = /(?:#{BOOLEAN}|#{NIL}|#{ELEMENT}|#{ARRAY}|)/
+      PAIR = /(?:(#{KEY})[ \t]*=>[ \t]*(#{VALUE})|(\w+):[ \t]+(#{VALUE}))/
+      OPTIONS = /#{PAIR}(?:[ \t]*,[ \t]*#{PAIR})*/
+      COMMENT = /(#[^\n]*)?/
+
+	  GEM_CALL = /^[ \t]*gem\(?[ \t]*#{QUOTED_GEM_NAME}(?:[ \t]*,[ \t]*#{REQUIREMENT_LIST})?(?:[ \t]*,[ \t]*(?<opts>#{OPTIONS}))?[ \t]*\)?[ \t]*#{COMMENT}$/
+	  RUBY_CALL = /^[ \t]*ruby\(?[ \t]*(?:(?<gq>["'])(?<version>#{VERSION})\k<gq>)?[ \t]*#{COMMENT}$/
+
+      SYMBOLS = /#{SYMBOL}([ \t]*,[ \t]*#{SYMBOL})*/
+      GROUP_CALL = /^(?<i1>[ \t]*)group\(?[ \t]*(?<grps>#{SYMBOLS})[ \t]*\)?[ \t]+do[ \t]*?\n(?<blk>.*?)\n^\k<i1>end[ \t]*$/m
+
+      GIT_CALL = /^(?<i1>[ \t]*)git[ \(][^\n]*?do[ \t]*?\n(?<blk>.*?)\n^\k<i1>end[ \t]*$/m
+
+      PATH_CALL = /^(?<i1>[ \t]*)path[ \(][^\n]*?do[ \t]*?\n(?<blk>.*?)\n^\k<i1>end[ \t]*$/m
+
+      GEMSPEC_CALL = /^[ \t]*gemspec(?:\(?[ \t]*(?<opts>#{OPTIONS}))?[ \t]*\)?[ \t]*$/
+
+      ADD_DEPENDENCY_CALL = /^[ \t]*\w+\.add(?<type>_runtime|_development)?_dependency\(?[ \t]*#{QUOTED_GEM_NAME}(?:[ \t]*,[ \t]*#{REQUIREMENTS})?[ \t]*\)?[ \t]*#{COMMENT}$/
+
+      def self.options(string)
+        {}.tap do |hash|
+          return hash unless string
+          pairs = Hash[*string.match(OPTIONS).captures.compact]
+          pairs.each{|k,v| hash[key(k)] = value(v) }
+        end
+      end
+
+      def self.key(string)
+        string.tr(%(:"'), "")
+      end
+
+      def self.value(string)
+        case string
+        when ARRAY then values(string.tr("[]", ""))
+        when SYMBOL then string.tr(%(:"'), "").to_sym
+        when STRING then string.tr(%("'), "")
+        when BOOLEAN then string == "true"
+        when NIL then nil
+        end
+      end
+
+      def self.values(string)
+        string.strip.split(/[ \t]*,[ \t]*/).map{|v| value(v) }
+      end
+    end
+  end
+end

data/spec/gemnasium/parser/gemfile_spec.rb

@@ -0,0 +1,294 @@
+require "spec_helper"
+
+describe Gemnasium::Parser::Gemfile do
+  def content(string)
+    @content ||= begin
+      indent = string.scan(/^[ \t]*(?=\S)/)
+      n = indent ? indent.size : 0
+      string.gsub(/^[ \t]{#{n}}/, "")
+    end
+  end
+
+  def gemfile
+    @gemfile ||= Gemnasium::Parser::Gemfile.new(@content)
+  end
+
+  def dependencies
+    @dependencies ||= gemfile.dependencies
+  end
+
+  def dependency
+    dependencies.size.should == 1
+    dependencies.first
+  end
+
+  def reset
+    @content = @gemfile = @dependencies = nil
+  end
+
+  it "parses double quotes" do
+    content(%(gem "rake", ">= 0.8.7"))
+    dependency.name.should == "rake"
+    dependency.requirement.as_list.should == [">= 0.8.7"]
+  end
+
+  it "parses single quotes" do
+    content(%(gem 'rake', '>= 0.8.7'))
+    dependency.name.should == "rake"
+    dependency.requirement.as_list.should == [">= 0.8.7"]
+  end
+
+  it "ignores mixed quotes" do
+    content(%(gem "rake', ">= 0.8.7"))
+    dependencies.size.should == 0
+  end
+
+  it "parses gems with a period in the name" do
+    content(%(gem "pygment.rb", ">= 0.8.7"))
+    dependency.name.should == "pygment.rb"
+    dependency.requirement.as_list.should == [">= 0.8.7"]
+  end
+
+  it "parses non-requirement gems" do
+    content(%(gem "rake"))
+    dependency.name.should == "rake"
+    dependency.requirement.as_list.should == [">= 0"]
+  end
+
+  it "parses multi-requirement gems" do
+    content(%(gem "rake", ">= 0.8.7", "<= 0.9.2"))
+    dependency.name.should == "rake"
+    dependency.requirement.as_list.should == ["<= 0.9.2", ">= 0.8.7"]
+  end
+
+  it "parses gems with options" do
+    content(%(gem "rake", ">= 0.8.7", :require => false))
+    dependency.name.should == "rake"
+    dependency.requirement.as_list.should == [">= 0.8.7"]
+  end
+
+  it "listens for gemspecs" do
+    content(%(gemspec))
+    gemfile.should be_gemspec
+    gemfile.gemspec.should == "*.gemspec"
+    reset
+    content(%(gem "rake"))
+    gemfile.should_not be_gemspec
+    gemfile.gemspec.should be_nil
+  end
+
+  it "parses gemspecs with a name option" do
+    content(%(gemspec :name => "c66-gemnasium-parser"))
+    gemfile.gemspec.should == "gemnasium-parser.gemspec"
+  end
+
+  it "parses gemspecs with a path option" do
+    content(%(gemspec :path => "lib/gemnasium"))
+    gemfile.gemspec.should == "lib/gemnasium/*.gemspec"
+  end
+
+  it "parses gemspecs with name and path options" do
+    content(%(gemspec :name => "parser", :path => "lib/gemnasium"))
+    gemfile.gemspec.should == "lib/gemnasium/parser.gemspec"
+  end
+
+  it "parses gemspecs with parentheses" do
+    content(%(gemspec(:name => "gemnasium-parser")))
+    gemfile.should be_gemspec
+  end
+
+  it "parses gems of a type" do
+    content(%(gem "rake"))
+    dependency.type.should == :runtime
+    reset
+    content(%(gem "rake", :type => :development))
+    dependency.type.should == :development
+  end
+
+  it "parses gems of a group" do
+    content(%(gem "rake"))
+    dependency.groups.should == [:default]
+    reset
+    content(%(gem "rake", :group => :development))
+    dependency.groups.should == [:development]
+  end
+
+  it "parses gems of multiple groups" do
+    content(%(gem "rake", :group => [:development, :test]))
+    dependency.groups.should == [:development, :test]
+  end
+
+  it "recognizes :groups" do
+    content(%(gem "rake", :groups => [:development, :test]))
+    dependency.groups.should == [:development, :test]
+  end
+
+  it "parses gems in a group" do
+    content(<<-EOF)
+      gem "rake"
+      group :production do
+        gem "pg"
+      end
+      group :development do
+        gem "sqlite3"
+      end
+    EOF
+    dependencies[0].groups.should == [:default]
+    dependencies[1].groups.should == [:production]
+    dependencies[2].groups.should == [:development]
+  end
+
+  it "parses gems in a group with parentheses" do
+    content(<<-EOF)
+      group(:production) do
+        gem "pg"
+      end
+    EOF
+    dependency.groups.should == [:production]
+  end
+
+  it "parses gems in multiple groups" do
+    content(<<-EOF)
+      group :development, :test do
+        gem "sqlite3"
+      end
+    EOF
+    dependency.groups.should == [:development, :test]
+  end
+
+  it "parses multiple gems in a group" do
+    content(<<-EOF)
+      group :development do
+        gem "rake"
+        gem "sqlite3"
+      end
+    EOF
+    dependencies[0].groups.should == [:development]
+    dependencies[1].groups.should == [:development]
+  end
+
+  it "parses multiple gems in multiple groups" do
+    content(<<-EOF)
+      group :development, :test do
+        gem "rake"
+        gem "sqlite3"
+      end
+    EOF
+    dependencies[0].groups.should == [:development, :test]
+    dependencies[1].groups.should == [:development, :test]
+  end
+
+  it "ignores h4x" do
+    path = File.expand_path("../h4x.txt", __FILE__)
+    content(%(gem "h4x", :require => "\#{`touch #{path}`}"))
+    dependencies.size.should == 0
+    begin
+      File.should_not exist(path)
+    ensure
+      FileUtils.rm_f(path)
+    end
+  end
+
+  it "ignores gems with a git option" do
+    content(%(gem "rails", :git => "https://github.com/rails/rails.git"))
+    dependencies.size.should == 0
+  end
+
+  it "ignores gems with a github option" do
+    content(%(gem "rails", :github => "rails/rails"))
+    dependencies.size.should == 0
+  end
+
+  it "ignores gems with a path option" do
+    content(%(gem "rails", :path => "vendor/rails"))
+    dependencies.size.should == 0
+  end
+
+  it "ignores gems in a git block" do
+    content(<<-EOF)
+      git "https://github.com/rails/rails.git" do
+        gem "rails"
+      end
+    EOF
+    dependencies.size.should == 0
+  end
+
+  it "ignores gems in a git block with parentheses" do
+    content(<<-EOF)
+      git("https://github.com/rails/rails.git") do
+        gem "rails"
+      end
+    EOF
+    dependencies.size.should == 0
+  end
+
+  it "ignores gems in a path block" do
+    content(<<-EOF)
+      path "vendor/rails" do
+        gem "rails"
+      end
+    EOF
+    dependencies.size.should == 0
+  end
+
+  it "ignores gems in a path block with parentheses" do
+    content(<<-EOF)
+      path("vendor/rails") do
+        gem "rails"
+      end
+    EOF
+    dependencies.size.should == 0
+  end
+
+  it "records dependency line numbers" do
+    content(<<-EOF)
+      gem "rake"
+
+      gem "rails"
+    EOF
+    dependencies[0].instance_variable_get(:@line).should == 1
+    dependencies[1].instance_variable_get(:@line).should == 3
+  end
+
+  it "maps groups to types" do
+    content(<<-EOF)
+      gem "rake"
+      gem "pg", :group => :production
+      gem "mysql2", :group => :staging
+      gem "sqlite3", :group => :development
+    EOF
+    dependencies[0].type.should == :runtime
+    dependencies[1].type.should == :runtime
+    dependencies[2].type.should == :development
+    dependencies[3].type.should == :development
+    reset
+    Gemnasium::Parser.runtime_groups << :staging
+    content(<<-EOF)
+      gem "rake"
+      gem "pg", :group => :production
+      gem "mysql2", :group => :staging
+      gem "sqlite3", :group => :development
+    EOF
+    dependencies[0].type.should == :runtime
+    dependencies[1].type.should == :runtime
+    dependencies[2].type.should == :runtime
+    dependencies[3].type.should == :development
+  end
+
+  it "parses parentheses" do
+    content(%(gem("rake", ">= 0.8.7")))
+    dependency.name.should == "rake"
+    dependency.requirement.as_list.should == [">= 0.8.7"]
+  end
+
+  it "parses gems followed by inline comments" do
+    content(%(gem "rake", ">= 0.8.7" # Comment))
+    dependency.name.should == "rake"
+    dependency.requirement.as_list.should == [">= 0.8.7"]
+  end
+
+  it "parses oddly quoted gems" do
+    content(%(gem %q<rake>))
+    dependency.name.should == "rake"
+  end
+end

data/spec/gemnasium/parser/gemspec_spec.rb

@@ -0,0 +1,159 @@
+require "spec_helper"
+
+describe Gemnasium::Parser::Gemspec do
+  def content(string)
+    @content ||= begin
+      indent = string.scan(/^[ \t]*(?=\S)/)
+      n = indent ? indent.size : 0
+      string.gsub(/^[ \t]{#{n}}/, "")
+    end
+  end
+
+  def gemspec
+    @gemspec ||= Gemnasium::Parser::Gemspec.new(@content)
+  end
+
+  def dependencies
+    @dependencies ||= gemspec.dependencies
+  end
+
+  def dependency
+    dependencies.size.should == 1
+    dependencies.first
+  end
+
+  def reset
+    @content = @gemspec = @dependencies = nil
+  end
+
+  it "parses double quotes" do
+    content(<<-EOF)
+      Gem::Specification.new do |gem|
+        gem.add_dependency "rake", ">= 0.8.7"
+      end
+    EOF
+    dependency.name.should == "rake"
+    dependency.requirement.as_list.should == [">= 0.8.7"]
+  end
+
+  it "parses single quotes" do
+    content(<<-EOF)
+      Gem::Specification.new do |gem|
+        gem.add_dependency 'rake', '>= 0.8.7'
+      end
+    EOF
+    dependency.name.should == "rake"
+    dependency.requirement.as_list.should == [">= 0.8.7"]
+  end
+
+  it "ignores mixed quotes" do
+    content(<<-EOF)
+      Gem::Specification.new do |gem|
+        gem.add_dependency "rake', ">= 0.8.7"
+      end
+    EOF
+    dependencies.size.should == 0
+  end
+
+  it "parses gems with a period in the name" do
+    content(<<-EOF)
+      Gem::Specification.new do |gem|
+        gem.add_dependency "pygment.rb", ">= 0.8.7"
+      end
+    EOF
+    dependency.name.should == "pygment.rb"
+    dependency.requirement.as_list.should == [">= 0.8.7"]
+  end
+
+  it "parses non-requirement gems" do
+    content(<<-EOF)
+      Gem::Specification.new do |gem|
+        gem.add_dependency "rake"
+      end
+    EOF
+    dependency.name.should == "rake"
+    dependency.requirement.as_list.should == [">= 0"]
+  end
+
+  it "parses multi-requirement gems" do
+    content(<<-EOF)
+      Gem::Specification.new do |gem|
+        gem.add_dependency "rake", ">= 0.8.7", "<= 0.9.2"
+      end
+    EOF
+    dependency.name.should == "rake"
+    dependency.requirement.as_list.should == ["<= 0.9.2", ">= 0.8.7"]
+  end
+
+  it "parses single-element array requirement gems" do
+    content(<<-EOF)
+      Gem::Specification.new do |gem|
+        gem.add_dependency "rake", [">= 0.8.7"]
+      end
+    EOF
+    dependency.name.should == "rake"
+    dependency.requirement.as_list.should == [">= 0.8.7"]
+  end
+
+  it "parses multi-element array requirement gems" do
+    content(<<-EOF)
+      Gem::Specification.new do |gem|
+        gem.add_dependency "rake", [">= 0.8.7", "<= 0.9.2"]
+      end
+    EOF
+    dependency.name.should == "rake"
+    dependency.requirement.as_list.should == ["<= 0.9.2", ">= 0.8.7"]
+  end
+
+  it "parses runtime gems" do
+    content(<<-EOF)
+      Gem::Specification.new do |gem|
+        gem.add_dependency "rake"
+        gem.add_runtime_dependency "rails"
+      end
+    EOF
+    dependencies[0].type.should == :runtime
+    dependencies[1].type.should == :runtime
+  end
+
+  it "parses dependency gems" do
+    content(<<-EOF)
+      Gem::Specification.new do |gem|
+        gem.add_development_dependency "rake"
+      end
+    EOF
+    dependency.type.should == :development
+  end
+
+  it "records dependency line numbers" do
+    content(<<-EOF)
+      Gem::Specification.new do |gem|
+        gem.add_dependency "rake"
+
+        gem.add_dependency "rails"
+      end
+    EOF
+    dependencies[0].instance_variable_get(:@line).should == 2
+    dependencies[1].instance_variable_get(:@line).should == 4
+  end
+
+  it "parses parentheses" do
+    content(<<-EOF)
+      Gem::Specification.new do |gem|
+        gem.add_dependency("rake", ">= 0.8.7")
+      end
+    EOF
+    dependency.name.should == "rake"
+    dependency.requirement.as_list.should == [">= 0.8.7"]
+  end
+
+  it "parses gems followed by inline comments" do
+    content(<<-EOF)
+      Gem::Specification.new do |gem|
+        gem.add_dependency "rake", ">= 0.8.7" # Comment
+      end
+    EOF
+    dependency.name.should == "rake"
+    dependency.requirement.as_list.should == [">= 0.8.7"]
+  end
+end

data/spec/gemnasium/parser_spec.rb

@@ -0,0 +1,34 @@
+require "spec_helper"
+
+describe Gemnasium::Parser do
+  describe ".gemfile" do
+    it "requires a single string argument" do
+      expect{ Gemnasium::Parser.gemfile }.to raise_error(ArgumentError)
+      expect{ Gemnasium::Parser.gemfile("") }.to_not raise_error
+    end
+
+    it "returns a Gemfile" do
+      Gemnasium::Parser.gemfile("").should be_a(Gemnasium::Parser::Gemfile)
+    end
+
+    it "removes CR chars from content" do
+      Gemnasium::Parser.gemfile("\r").content.match("\r").should be_nil
+    end
+
+  end
+
+  describe ".gemspec" do
+    it "requires a single string argument" do
+      expect{ Gemnasium::Parser.gemspec }.to raise_error(ArgumentError)
+      expect{ Gemnasium::Parser.gemspec("") }.to_not raise_error
+    end
+
+    it "returns a Gemspec" do
+      Gemnasium::Parser.gemspec("").should be_a(Gemnasium::Parser::Gemspec)
+    end
+
+    it "removes CR chars from content" do
+      Gemnasium::Parser.gemspec("\r").content.match("\r").should be_nil
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,4 @@
+require "coveralls"
+Coveralls.wear!
+
+require "gemnasium/parser"

metadata

@@ -0,0 +1,77 @@
+--- !ruby/object:Gem::Specification
+name: c66-gemnasium-parser
+version: !ruby/object:Gem::Version
+  version: 0.1.10
+platform: ruby
+authors:
+- Steve Richert
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2020-05-19 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+description: Safely parse Gemfiles and gemspecs
+email: steve.richert@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".travis.yml"
+- CHANGELOG.md
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- gemnasium-parser.gemspec
+- lib/gemnasium/parser.rb
+- lib/gemnasium/parser/configuration.rb
+- lib/gemnasium/parser/gemfile.rb
+- lib/gemnasium/parser/gemspec.rb
+- lib/gemnasium/parser/patterns.rb
+- spec/gemnasium/parser/gemfile_spec.rb
+- spec/gemnasium/parser/gemspec_spec.rb
+- spec/gemnasium/parser_spec.rb
+- spec/spec_helper.rb
+homepage: https://github.com/cloud66-oss/gemnasium-parser
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.7.7
+signing_key: 
+specification_version: 4
+summary: Safely parse Gemfiles and gemspecs
+test_files:
+- spec/gemnasium/parser/gemfile_spec.rb
+- spec/gemnasium/parser/gemspec_spec.rb
+- spec/gemnasium/parser_spec.rb
+- spec/spec_helper.rb