Class: Gem::Guardian::LockfileParser

Inherits:
Object
  • Object
show all
Defined in:
lib/gem/guardian/lockfile_parser.rb

Overview

Parses Gemfile.lock and exposes dependencies and checksum data.

Defined Under Namespace

Classes: LockfileData

Constant Summary collapse

GEM_LINE =

Matches dependency lines in the specs section.

/^ {4}([A-Za-z0-9_.-]+) \(([^)]+)\)/
REMOTE_LINE =

Matches Bundler remote lines inside GEM sections.

/^  remote: (.+)$/
CHECKSUM_LINE =

Matches checksum lines in the CHECKSUMS section.

/^ {2}([A-Za-z0-9_.-]+) \(([^)]+)\) (.+)$/

Instance Method Summary collapse

Constructor Details

#initialize(path = "Gemfile.lock") ⇒ LockfileParser

Returns a new instance of LockfileParser.



39
40
41
 
# File 'lib/gem/guardian/lockfile_parser.rb', line 39

def initialize(path = "Gemfile.lock")
  @path = path
end

Instance Method Details

#checksumsObject

Returns the raw checksum map extracted from the lockfile.



68
69
70
 
# File 'lib/gem/guardian/lockfile_parser.rb', line 68

def checksums
  parse.checksums
end

#dependenciesObject

Returns the dependencies listed in the lockfile.



63
64
65
 
# File 'lib/gem/guardian/lockfile_parser.rb', line 63

def dependencies
  parse.dependencies
end

#parseObject

Parses the lockfile into dependencies and checksum metadata.

Raises:



44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
 
# File 'lib/gem/guardian/lockfile_parser.rb', line 44

def parse
  raise LockfileError, "Lockfile not found: #{@path}" unless File.file?(@path)

  dependencies = []
  checksums = {}
  section = nil
  source = nil

  File.readlines(@path, chomp: true).each do |line|
    section = section_for(line, section)
    source = source_for(line, section, source)
    parse_specs_line(line, dependencies, source) if section == :specs
    parse_checksums_line(line, checksums, dependencies) if section == :checksums
  end

  LockfileData.new(dependencies, checksums, checksums.any?)
end