spandx 0.13.1 → 0.14.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (47) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +39 -2
  3. data/exe/spandx +0 -1
  4. data/ext/spandx/spandx.c +6 -4
  5. data/lib/spandx.rb +1 -1
  6. data/lib/spandx/cli.rb +2 -1
  7. data/lib/spandx/cli/commands/scan.rb +15 -32
  8. data/lib/spandx/cli/main.rb +3 -3
  9. data/lib/spandx/cli/printer.rb +27 -0
  10. data/lib/spandx/cli/printers/csv.rb +17 -0
  11. data/lib/spandx/cli/printers/json.rb +17 -0
  12. data/lib/spandx/cli/printers/table.rb +41 -0
  13. data/lib/spandx/core/dependency.rb +48 -13
  14. data/lib/spandx/core/git.rb +6 -8
  15. data/lib/spandx/core/guess.rb +12 -1
  16. data/lib/spandx/core/http.rb +7 -7
  17. data/lib/spandx/core/index_file.rb +2 -0
  18. data/lib/spandx/core/license_plugin.rb +15 -4
  19. data/lib/spandx/core/parser.rb +10 -3
  20. data/lib/spandx/core/path_traversal.rb +4 -13
  21. data/lib/spandx/core/plugin.rb +6 -0
  22. data/lib/spandx/core/thread_pool.rb +11 -11
  23. data/lib/spandx/dotnet/nuget_gateway.rb +1 -1
  24. data/lib/spandx/dotnet/parsers/csproj.rb +7 -7
  25. data/lib/spandx/dotnet/parsers/packages_config.rb +7 -7
  26. data/lib/spandx/dotnet/parsers/sln.rb +10 -13
  27. data/lib/spandx/dotnet/project_file.rb +3 -3
  28. data/lib/spandx/java/parsers/maven.rb +7 -7
  29. data/lib/spandx/js/parsers/npm.rb +8 -8
  30. data/lib/spandx/js/parsers/yarn.rb +7 -7
  31. data/lib/spandx/js/yarn_pkg.rb +1 -1
  32. data/lib/spandx/os/parsers/apk.rb +51 -0
  33. data/lib/spandx/php/packagist_gateway.rb +1 -1
  34. data/lib/spandx/php/parsers/composer.rb +7 -7
  35. data/lib/spandx/python/parsers/pipfile_lock.rb +4 -4
  36. data/lib/spandx/python/pypi.rb +19 -9
  37. data/lib/spandx/python/source.rb +13 -1
  38. data/lib/spandx/ruby/gateway.rb +1 -1
  39. data/lib/spandx/ruby/parsers/gemfile_lock.rb +10 -9
  40. data/lib/spandx/spdx/catalogue.rb +1 -1
  41. data/lib/spandx/version.rb +1 -1
  42. data/spandx.gemspec +5 -3
  43. metadata +43 -14
  44. data/lib/spandx/core/concurrent.rb +0 -40
  45. data/lib/spandx/core/line_io.rb +0 -23
  46. data/lib/spandx/core/report.rb +0 -60
  47. data/lib/spandx/core/table.rb +0 -29
@@ -1,40 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- module Spandx
4
- module Core
5
- class Concurrent
6
- include Enumerable
7
-
8
- def self.map(items, pool:, &block)
9
- queue = Queue.new
10
-
11
- items.each do |item|
12
- pool.schedule([item, block]) do |marshalled_item, callable|
13
- queue.enq(callable.call(marshalled_item))
14
- end
15
- end
16
-
17
- new(queue, items.size)
18
- end
19
-
20
- attr_reader :queue, :size
21
-
22
- def initialize(queue, size)
23
- @queue = queue
24
- @size = size
25
- end
26
-
27
- def each
28
- size.times { yield queue.deq }
29
- end
30
-
31
- def to_enum
32
- Enumerator.new do |yielder|
33
- each do |item|
34
- yielder.yield item
35
- end
36
- end
37
- end
38
- end
39
- end
40
- end
@@ -1,23 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- module Spandx
4
- module Core
5
- class LineIo
6
- def initialize(absolute_path)
7
- file_descriptor = IO.sysopen(absolute_path)
8
- @io = IO.new(file_descriptor)
9
- @buffer = ''
10
- end
11
-
12
- def each(&block)
13
- @buffer << @io.sysread(512) until @buffer.include?($INPUT_RECORD_SEPARATOR)
14
-
15
- line, @buffer = @buffer.split($INPUT_RECORD_SEPARATOR, 2)
16
- block.call(line)
17
- each(&block)
18
- rescue EOFError
19
- @io.close
20
- end
21
- end
22
- end
23
- end
@@ -1,60 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- module Spandx
4
- module Core
5
- class Report
6
- include Enumerable
7
-
8
- FORMATS = {
9
- csv: :to_csv,
10
- hash: :to_h,
11
- json: :to_json,
12
- table: :to_table,
13
- }.freeze
14
-
15
- def initialize
16
- @dependencies = SortedSet.new
17
- end
18
-
19
- def add(dependency)
20
- @dependencies << dependency
21
- end
22
-
23
- def each
24
- @dependencies.each do |dependency|
25
- yield dependency
26
- end
27
- end
28
-
29
- def to(format, formats: FORMATS)
30
- public_send(formats.fetch(format&.to_sym, :to_json))
31
- end
32
-
33
- def to_table
34
- Table.new do |table|
35
- map do |dependency|
36
- table << dependency
37
- end
38
- end
39
- end
40
-
41
- def to_h
42
- { version: '1.0', dependencies: [] }.tap do |report|
43
- each do |dependency|
44
- report[:dependencies].push(dependency.to_h)
45
- end
46
- end
47
- end
48
-
49
- def to_json(*_args)
50
- JSON.pretty_generate(to_h)
51
- end
52
-
53
- def to_csv
54
- map do |dependency|
55
- CSV.generate_line(dependency.to_a)
56
- end
57
- end
58
- end
59
- end
60
- end
@@ -1,29 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- module Spandx
4
- module Core
5
- class Table
6
- def initialize
7
- @rows = []
8
- @max_justification = 0
9
- yield self
10
- end
11
-
12
- def <<(item)
13
- row = item.to_a
14
- new_max = row[0].size
15
- @max_justification = new_max + 1 if new_max > @max_justification
16
- @rows << row
17
- end
18
-
19
- def to_s
20
- @rows.map do |row|
21
- row.each.with_index.map do |cell, index|
22
- justification = index.zero? ? @max_justification : 15
23
- Array(cell).join(', ').ljust(justification, ' ')
24
- end.join
25
- end
26
- end
27
- end
28
- end
29
- end