spandx 0.12.3 → 0.13.4

data/lib/spandx/core/license_plugin.rb

@@ -3,12 +3,13 @@
 module Spandx
   module Core
     class LicensePlugin < Spandx::Core::Plugin
-      def initialize(catalogue: Spdx::Catalogue.from_git)
+      def initialize(catalogue: Spdx::Catalogue.default)
         @guess = Guess.new(catalogue)
       end
 
       def enhance(dependency)
-        return dependency unless known?(dependency.package_manager)
+        package_manager = package_manager_for(dependency)
+        return dependency unless known?(package_manager)
         return enhance_from_metadata(dependency) if available_in?(dependency.meta)
 
         licenses_for(dependency).each do |text|
@@ -25,8 +26,10 @@ module Spandx
       end
 
       def cache_for(dependency, git: Spandx.git)
-        db = git[dependency.package_manager.to_sym] || git[:cache]
-        Spandx::Core::Cache.new(dependency.package_manager, db: db)
+        package_manager = package_manager_for(dependency)
+        git = git[package_manager.to_sym] || git[:cache]
+        key = key_for(package_manager)
+        Spandx::Core::Cache.new(key, root: "#{git.root}/.index")
       end
 
       def known?(package_manager)
@@ -49,6 +52,14 @@ module Spandx
         end
         dependency
       end
+
+      def key_for(package_manager)
+        package_manager == :yarn ? :npm : package_manager
+      end
+
+      def package_manager_for(dependency)
+        dependency.package_manager
+      end
     end
   end
 end

data/lib/spandx/core/parser.rb

@@ -9,8 +9,8 @@ module Spandx
         end
       end
 
-      def matches?(_filename)
-        raise ::Spandx::Error, :matches?
+      def match?(_path)
+        raise ::Spandx::Error, :match?
       end
 
       def parse(_dependency)
@@ -20,8 +20,15 @@ module Spandx
       class << self
         include Registerable
 
+        def parse(path)
+          self.for(path).parse(path)
+        end
+
         def for(path)
-          find { |x| x.matches?(File.basename(path)) } || UNKNOWN
+          path = Pathname.new(path)
+          return UNKNOWN if !path.exist? || path.zero?
+
+          find { |x| x.match?(path) } || UNKNOWN
         end
       end
     end

data/lib/spandx/core/path_traversal.rb

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+module Spandx
+  module Core
+    class PathTraversal
+      attr_reader :root
+
+      def initialize(root, recursive: true)
+        @root = Pathname.new(root)
+        @recursive = recursive
+      end
+
+      def each(&block)
+        each_file_in(root, &block)
+      end
+
+      private
+
+      def recursive?
+        @recursive
+      end
+
+      def each_file_in(path, &block)
+        files = path.directory? ? path.children : [path]
+        files.each do |file|
+          if file.directory?
+            each_file_in(file, &block) if recursive?
+          else
+            block.call(file)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/spandx/core/relation.rb

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+module Spandx
+  module Core
+    class Relation
+      attr_reader :io, :index
+
+      def initialize(io, index)
+        @io = io
+        @index = index
+      end
+
+      def each
+        size.times do |n|
+          yield row(n)
+        end
+      end
+
+      def size
+        index.size
+      end
+
+      def row(number)
+        offset = number.zero? ? 0 : index.position_for(number)
+        return unless offset
+
+        io.seek(offset)
+        parse_row(io.gets)
+      end
+
+      private
+
+      def parse_row(line)
+        CsvParser.parse(line)
+      end
+    end
+  end
+end

data/lib/spandx/core/report.rb

@@ -3,7 +3,7 @@
 module Spandx
   module Core
     class Report
-      include Enumerable
+      attr_reader :dependencies
 
       FORMATS = {
         csv: :to_csv,
@@ -20,27 +20,21 @@ module Spandx
         @dependencies << dependency
       end
 
-      def each
-        @dependencies.each do |dependency|
-          yield dependency
-        end
-      end
-
       def to(format, formats: FORMATS)
         public_send(formats.fetch(format&.to_sym, :to_json))
       end
 
       def to_table
-        Table.new do |table|
-          map do |dependency|
-            table << dependency
+        Terminal::Table.new(headings: ['Name', 'Version', 'Licenses', 'Location']) do |t|
+          dependencies.each do |d|
+            t.add_row d.to_a
           end
         end
       end
 
       def to_h
         { version: '1.0', dependencies: [] }.tap do |report|
-          each do |dependency|
+          dependencies.each do |dependency|
             report[:dependencies].push(dependency.to_h)
           end
         end
@@ -51,7 +45,7 @@ module Spandx
       end
 
       def to_csv
-        map do |dependency|
+        dependencies.map do |dependency|
           CSV.generate_line(dependency.to_a)
         end
       end

data/lib/spandx/core/spinner.rb

@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+
+module Spandx
+  module Core
+    class Spinner
+      NULL = Class.new do
+        def self.spin(*args); end
+
+        def self.stop(*args); end
+      end
+
+      attr_reader :columns, :spinner
+
+      def initialize(columns: TTY::Screen.columns, output: $stderr)
+        @columns = columns
+        @spinner = Nanospinner.new(output)
+        @queue = Queue.new
+        @thread = Thread.new { work }
+      end
+
+      def spin(message)
+        @queue.enq(justify(message))
+        yield if block_given?
+      end
+
+      def stop
+        @queue.clear
+        @queue.enq(:stop)
+        @thread.join
+      end
+
+      private
+
+      def justify(message)
+        message.to_s.ljust(columns - 3)
+      end
+
+      def work
+        last_message = justify('')
+        loop do
+          message = @queue.empty? ? last_message : @queue.deq
+          break if message == :stop
+
+          spinner.spin(message)
+          last_message = message
+          sleep 0.1
+        end
+      end
+    end
+  end
+end

data/lib/spandx/dotnet/index.rb

@@ -4,98 +4,40 @@ module Spandx
   module Dotnet
     class Index
       DEFAULT_DIR = File.expand_path(File.join(Dir.home, '.local', 'share', 'spandx'))
-      attr_reader :directory, :name
+      attr_reader :cache, :directory, :name, :gateway
 
-      def initialize(directory: DEFAULT_DIR)
+      def initialize(directory: DEFAULT_DIR, gateway: Spandx::Dotnet::NugetGateway.new)
         @directory = directory ? File.expand_path(directory) : DEFAULT_DIR
         @name = 'nuget'
+        @gateway = gateway
+        @cache = Spandx::Core::Cache.new(@name, root: directory)
       end
 
-      def licenses_for(name:, version:)
-        search_key = [name, version].join
-        CSV.open(data_file_for(name), 'r') do |io|
-          found = io.readlines.bsearch { |x| search_key <=> [x[0], x[1]].join }
-          found ? found[2].split('-|-') : []
-        end
-      end
-
-      def update!(catalogue:, output: StringIO.new)
-        catalogue.version
-        insert_latest(Spandx::Dotnet::NugetGateway.new) do |page|
-          output.puts "Checkpoint #{page}"
-          checkpoint!(page)
-        end
-        sort_index!
+      def update!(*)
+        queue = Queue.new
+        [fetch(queue), save(queue)].each(&:join)
+        cache.rebuild_index
       end
 
       private
 
-      def files(pattern)
-        Dir.glob(File.join(directory, pattern)).sort.each do |file|
-          fullpath = File.join(directory, file)
-          next if File.directory?(fullpath)
-          next unless File.exist?(fullpath)
-
-          yield fullpath
+      def fetch(queue)
+        Thread.new do
+          gateway.each do |item|
+            queue.enq(item)
+          end
+          queue.enq(:stop)
         end
       end
 
-      def sort_index!
-        files('**/nuget') do |path|
-          next if File.extname(path) == '.checkpoints'
-
-          IO.write(path, IO.readlines(path).sort.join)
-        end
-      end
-
-      def digest_for(components)
-        Digest::SHA1.hexdigest(Array(components).join('/'))
-      end
-
-      def data_dir_for(name)
-        digest = digest_for(name)
-        File.join(directory, digest[0...2].downcase)
-      end
-
-      def data_file_for(name)
-        File.join(data_dir_for(name), 'nuget')
-      end
-
-      def checkpoints_filepath
-        @checkpoints_filepath ||= File.join(directory, 'nuget.checkpoints')
-      end
-
-      def checkpoints
-        @checkpoints ||= File.exist?(checkpoints_filepath) ? JSON.parse(IO.read(checkpoints_filepath)) : {}
-      end
-
-      def checkpoint!(page)
-        checkpoints[page.to_s] = Time.now.utc
-        IO.write(checkpoints_filepath, JSON.pretty_generate(checkpoints))
-      end
-
-      def insert(name, version, license)
-        path = data_file_for(name)
-        FileUtils.mkdir_p(File.dirname(path))
-        IO.write(
-          path,
-          CSV.generate_line([name, version, license], force_quotes: true),
-          mode: 'a'
-        )
-      end
-
-      def completed_pages
-        checkpoints.keys.map(&:to_i)
-      end
-
-      def insert_latest(gateway)
-        current_page = completed_pages.max || 0
-        gateway.each(start_page: current_page) do |spec, page|
-          break if checkpoints[page.to_s]
+      def save(queue)
+        Thread.new do
+          loop do
+            item = queue.deq
+            break if item == :stop
 
-          yield current_page if current_page && page != current_page
-          current_page = page
-          insert(spec['id'], spec['version'], spec['licenseExpression'])
+            cache.insert(item['id'], item['version'], [item['licenseExpression']])
+          end
         end
       end
     end

data/lib/spandx/dotnet/parsers/csproj.rb

@@ -4,22 +4,22 @@ module Spandx
   module Dotnet
     module Parsers
       class Csproj < ::Spandx::Core::Parser
-        def matches?(filename)
-          ['.csproj', '.props'].include?(File.extname(filename))
+        def match?(path)
+          ['.csproj', '.props'].include?(path.extname)
         end
 
-        def parse(lockfile)
+        def parse(path)
           ProjectFile
-            .new(lockfile)
+            .new(path)
             .package_references
-            .map { |x| map_from(x) }
+            .map { |x| map_from(path, x) }
         end
 
         private
 
-        def map_from(package_reference)
+        def map_from(path, package_reference)
           ::Spandx::Core::Dependency.new(
-            package_manager: :nuget,
+            path: path,
             name: package_reference.name,
             version: package_reference.version,
             meta: package_reference

data/lib/spandx/dotnet/parsers/packages_config.rb

@@ -4,22 +4,22 @@ module Spandx
   module Dotnet
     module Parsers
       class PackagesConfig < ::Spandx::Core::Parser
-        def matches?(filename)
-          filename.match?(/packages\.config/)
+        def match?(path)
+          path.basename.fnmatch?('packages.config')
         end
 
-        def parse(lockfile)
-          Nokogiri::XML(IO.read(lockfile))
+        def parse(path)
+          Nokogiri::XML(path.read)
             .search('//package')
-            .map { |node| map_from(node) }
+            .map { |node| map_from(path, node) }
         end
 
         private
 
-        def map_from(node)
+        def map_from(path, node)
           name = attribute_for('id', node)
           version = attribute_for('version', node)
-          ::Spandx::Core::Dependency.new(package_manager: :nuget, name: name, version: version)
+          ::Spandx::Core::Dependency.new(name: name, version: version, path: path)
         end
 
         def attribute_for(key, node)

data/lib/spandx/dotnet/parsers/sln.rb

@@ -4,29 +4,26 @@ module Spandx
   module Dotnet
     module Parsers
       class Sln < ::Spandx::Core::Parser
-        def matches?(filename)
-          filename.match?(/.*\.sln/)
+        def match?(path)
+          path.extname == '.sln'
         end
 
-        def parse(file_path)
-          project_paths_from(file_path).map do |path|
-            ::Spandx::Core::Parser
-              .for(path)
-              .parse(path)
+        def parse(path)
+          project_paths_from(path).map do |project_path|
+            ::Spandx::Core::Parser.parse(project_path)
           end.flatten
         end
 
         private
 
-        def project_paths_from(file_path)
-          IO.readlines(file_path).map do |line|
+        def project_paths_from(path)
+          path.each_line.map do |line|
             next unless project_line?(line)
 
-            path = project_path_from(line)
-            next unless path
+            project_path = project_path_from(line)
+            next unless project_path
 
-            path = File.join(File.dirname(file_path), path)
-            Pathname.new(path).cleanpath.to_path
+            path.dirname.join(project_path).cleanpath.to_path
           end.compact
         end