Skip to content

dependency type and dependency resolver. Fixes #906 #923

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
dgarijo merged 8 commits into from
Mar 19, 2026
Merged

dependency type and dependency resolver. Fixes #906 #923

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
8107ffb
Merge pull request #26 from KnowledgeCaptureAndDiscovery/dev
juanjemdIos Mar 17, 2026
aba1ab9
dependency type and dependency resolver
juanjemdIos Mar 17, 2026
5549fa0
add depedency type and dependency resolver in all the parsers. Docume…
juanjemdIos Mar 19, 2026
d158dab
Merge pull request #27 from KnowledgeCaptureAndDiscovery/dev
juanjemdIos Mar 19, 2026
f5bd38c
Apply suggestion from @dgarijo
dgarijo Mar 19, 2026
cd6c3ae
Apply suggestion from @dgarijo
dgarijo Mar 19, 2026
adde244
Apply suggestion from @dgarijo
dgarijo Mar 19, 2026
340103f
Apply suggestion from @dgarijo
dgarijo Mar 19, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 4 additions & 2 deletions docs/bower.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,9 +13,11 @@ These fields are defined in the [Bower specification](https://github.com/bower/s
| requirements - value | requirements[i].result.value | "dependencies": {"paq":"version"} -> paq: version *(1)* |
| requirements - name | requirements[i].result.name | "dependencies": {"paq":"version"} -> paq |
| requirements - version | requirements[i].result.version | "dependencies": {"paq":"version"} -> version |
| requirements - dependency type | requirements[i].result.dependency_type | dependencies -> runtime , devDependencies -> dev |
| requirements - dependency resolver | requirements[i].result.dependency_resolver | bower always |
| version | version[i].result.value | version |

<!-- | requirements - dependency type | requirements[i].result.dependency_type | dependencies -> runtime , devDependencies -> dev | -->

---

*(1)*
Expand All @@ -35,4 +37,4 @@ These fields are defined in the [Bower specification](https://github.com/bower/s
- Result value: "jquery: ^3.1.1"
- Result name": "jquery"
- Result version": "^3.1.1"
<!-- - Result dependency_type": "runtime" because it is "dependencies"s -->
- Result dependency_type": "runtime" because it is "dependencies"
3 changes: 2 additions & 1 deletion docs/composer.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,8 +19,9 @@ These fields are defined in the [Composer.json specification](https://getcompose
| package_id | package_id[i].result.value | name |
| requirements - value | requirements[i].result.value | require.name require.version or require-dev.name reire-dev.version |
| requirements - name | requirements[i].result.name | require.name or require-dev.name |
| requirements - dependency type | requirements[i].result.dependency_type | require = runtime or require-dev = dev |
| requirements - dependency resolver | requirements[i].result.dependency_resolver | composer always |
| requirements - version | requirements[i].result.version | require.version or require-dev.version |
| version - value | version[i].result.value | version |
| version - tag | version[i].result.tag | version |

<!-- | requirements - dependency type | requirements[i].result.dependency_type | require = runtime or require-dev = dev | -->
15 changes: 9 additions & 6 deletions docs/condaenvironment.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,14 +13,15 @@ Only dependency information is mapped, since it is the only part of the Conda en
| requirements - value | requirements[i].result.value | dependencies |
| requirements - name | requirements[i].result.name | dependencies extract name |
| requirements - version | requirements[i].result.version | dependencies extract version |
<!-- | requirements - dependency type | requirements[i].result.dependency_type | conda if dependencies or pip if dependencies/pip *(1)* | -->
| requirements - dependency type | requirements[i].result.dependency_type | runtime always |
| requirements - dependency resolver | requirements[i].result.dependency_resolver | conda if dependencies or pip if dependencies/pip *(1)* |


---

<!--

*(1)*
- Example of a dependency conda and a dependency pip:
- Example of a dependency resolver conda and a dependency resolver pip:
```
name: ldm
dependencies:
Expand All @@ -35,13 +36,15 @@ dependencies:
"name": "python",
"version": "3.8.5",
"type": "Software_application",
"dependency_type": "conda"
"dependency_type": "runtime",
"dependency_resolver": "conda"
},
"result": {
"value": "albumentations==0.4.3",
"name": "albumentations",
"version": "0.4.3",
"type": "Software_application",
"dependency_type": "pip"
"dependency_type": "runtime",
"dependency_resolver": "pip"
},
-->

11 changes: 6 additions & 5 deletions docs/gemspec.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,9 @@ These fields are defined in the [Ruby Gems specification](https://guides.rubygem
| requirements - value | requirements[i].result.value | requirements/add_dependency/add_development_dependency name:version *(6)* |
| requirements - name | requirements[i].result.name | requirements/add_dependency/add_development_dependency name *(6)* |
| requirements - version | requirements[i].result.version | requirements/add_dependency/add_development_dependency version *(6)* |
<!-- | requirements - dependency type | requirements[i].result.development_type | add_dependency -> runtime *(6)* |
| requirements - dependency type | requirements[i].result.development_type | add_development_dependency -> dev *(6)* | -->
| requirements - dependency type | requirements[i].result.dependency_type | add_dependency -> runtime *(6)* |
| requirements - dependency type | requirements[i].result.dependency_type | add_development_dependency -> dev *(6)* |
| requirements - dependency resolver | requirements[i].result.dependency_resolver | bundler |

---

Expand Down Expand Up @@ -75,13 +76,13 @@ spec.requirements = [
gem.add_dependency "railties", ">= 3.0"
gem.add_development_dependency "bundler", ">= 1.0"
```
<!--

Result: add_depency -> type runtime; add_development_dependencyd -> type dev
```
[{'result': {'value': 'railties: >= 3.0', 'name': 'railties', 'version': '>= 3.0', 'type': 'Software_application', 'dependency_type': 'runtime'}, 'confidence': 1, 'technique': 'code_parser', 'source': 'https://example.org/bootstrap-datepicker-rails.gemspec'}, {'result': {'value': 'bundler: >= 1.0', 'name': 'bundler', 'version': '>= 1.0', 'type': 'Software_application', 'dependency_type': 'dev'}, 'confidence': 1, 'technique': 'code_parser', 'source': 'https://example.org/bootstrap-datepicker-rails.gemspec'}]
[{'result': {'value': 'railties: >= 3.0', 'name': 'railties', 'version': '>= 3.0', 'type': 'Software_application', 'dependency_type': 'runtime', 'dependency_resolver': 'bundler'}, 'confidence': 1, 'technique': 'code_parser', 'source': 'https://example.org/bootstrap-datepicker-rails.gemspec'}, {'result': {'value': 'bundler: >= 1.0', 'name': 'bundler', 'version': '>= 1.0', 'type': 'Software_application', 'dependency_type': 'dev','dependency_resolver': 'bundler'}, 'confidence': 1, 'technique': 'code_parser', 'source': 'https://example.org/bootstrap-datepicker-rails.gemspec'}]
```

-->




6 changes: 3 additions & 3 deletions docs/output.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -284,14 +284,14 @@ A RELEASE has the following properties:
| **zipball_url** | Url | URL to the zip file where to download a software release |


<!-- A REQUIREMENTS has the following properties:
A REQUIREMENT has the following properties:

| Property | Expected value | Definition |
|---|---|---|
| **name** | String | Name of the requeriment |
| **version** | String | named version of a requeriment |
| **dependency_type** | String | type: dev, runtime... | -->

| **dependency_type** | String | type: dev, runtime... Indicates whether the dependency is required at runtime or only for development/testing |
| **dependency_resolver** | String | Identifies the ecosystem or package manager that resolves the dependency (e.g., npm, bower, pip, python, poetry, pdm, cargo, julia, maven, publicode).|

A RUNTIME_PLATFORM has the following properties:

Expand Down
11 changes: 7 additions & 4 deletions docs/publiccode.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,9 @@ These fields are defined in the [PublicCode specification](https://yml.publiccod
| name | name[i].result.value | name or description.[lang].localisedName *(5)* |
| requirements - value | requirements[i].result.value | dependsOn.open / dependsOn.proprietary / dependsOn.hardware name + version *(6)* |
| requirements - name | requirements[i].result.name | dependsOn.open / dependsOn.proprietary / dependsOn.hardware name *(6)* |
| requiriments - version | requirements[i].result.version | dependsOn.open / dependsOn.proprietary / dependsOn.hardware more than one label of version *(6)* |
| requirements - version | requirements[i].result.version | dependsOn.open / dependsOn.proprietary / dependsOn.hardware more than one label of version *(6)* |
| requirements - dependency type | requirements[i].result.dependency_type | runtime |
| requirements - dependency resolver | requirements[i].result.dependency_resolver | publiccode always |
| runtime_platform | runtime_platform[i].result.value | platforms |
| version | version[i].result.value | softwareVersion |

Expand Down Expand Up @@ -129,15 +131,16 @@ dependsOn:

},
```
<!-- ```
```
"result": {
"value": "PostgreSQL>=14.0",
"name": "PostgreSQL",
"version": ">=14.0",
"type": "Software_application",
"dependency_type": "runtime"
"dependency_type": "runtime",
"dependency_resolver": "pucliccode"
},
``` -->
```



12 changes: 6 additions & 6 deletions src/somef/parser/bower_parser.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -138,9 +138,9 @@ def parse_bower_json_file(file_path, metadata_result: Result, source):
"value": req,
"name": name,
"version": version,
"type": constants.SOFTWARE_APPLICATION
# ,
# "dependency_type": "runtime"
"type": constants.SOFTWARE_APPLICATION,
"dependency_type": "runtime",
"dependency_resolver": "bower"
},
1,
constants.TECHNIQUE_CODE_CONFIG_PARSER,
Expand All @@ -157,9 +157,9 @@ def parse_bower_json_file(file_path, metadata_result: Result, source):
"value": req,
"name": name,
"version": version,
"type": constants.SOFTWARE_APPLICATION
# ,
# "dependency_type": "dev"
"type": constants.SOFTWARE_APPLICATION,
"dependency_type": "runtime",
"dependency_resolver": "bower"
},
1,
constants.TECHNIQUE_CODE_CONFIG_PARSER,
Expand Down
6 changes: 3 additions & 3 deletions src/somef/parser/cabal_parser.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -207,9 +207,9 @@ def parse_cabal_file(file_path, metadata_result: Result, source):
"value": req,
"name": name,
"version": version_constraint,
"type": constants.SOFTWARE_APPLICATION
# ,
# "dependency_type": "runtime"
"type": constants.SOFTWARE_APPLICATION,
"dependency_type": "runtime",
"dependency_resolver": "cabal"
},
1,
constants.TECHNIQUE_CODE_CONFIG_PARSER,
Expand Down
6 changes: 3 additions & 3 deletions src/somef/parser/composer_parser.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -169,9 +169,9 @@ def parse_composer_json(file_path, metadata_result: Result, source):
"value": req,
"name": name,
"version": version,
"type": constants.SOFTWARE_APPLICATION
# ,
# "dependency_type": dep_type
"type": constants.SOFTWARE_APPLICATION,
"dependency_type": dep_type,
"dependency_resolver": "composer"
},
1,
constants.TECHNIQUE_CODE_CONFIG_PARSER,
Expand Down
12 changes: 6 additions & 6 deletions src/somef/parser/conda_environment_parser.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,9 +49,9 @@ def parse_conda_environment_file(file_path, metadata_result: Result, source):
dep_dict = {
constants.PROP_VALUE: dep,
constants.PROP_NAME: re.split(r"[=<>!]", dep)[0],
constants.PROP_TYPE: constants.SOFTWARE_APPLICATION
# ,
# constants.PROP_DEPENDENCY_TYPE: "conda"
constants.PROP_TYPE: constants.SOFTWARE_APPLICATION,
constants.PROP_DEPENDENCY_TYPE: "runtime",
constants.PROP_DEPENDENCY_RESOLVER: "conda"
}

match = re.search(r"[=<>!]+(.+)", dep)
Expand All @@ -71,9 +71,9 @@ def parse_conda_environment_file(file_path, metadata_result: Result, source):
dep_dict = {
constants.PROP_VALUE: dep,
constants.PROP_NAME: re.split(r"[=<>!~]", dep)[0],
constants.PROP_TYPE: constants.SOFTWARE_APPLICATION
# ,
# constants.PROP_DEPENDENCY_TYPE: "pip"
constants.PROP_TYPE: constants.SOFTWARE_APPLICATION,
constants.PROP_DEPENDENCY_TYPE: "runtime",
constants.PROP_DEPENDENCY_RESOLVER: "pip"
}

match = re.search(r"[=<>!~]+(.+)", dep)
Expand Down
12 changes: 6 additions & 6 deletions src/somef/parser/gemspec_parser.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -188,9 +188,9 @@ def parse_gemspec_file(file_path, metadata_result: Result, source):
"value": req,
"name": name,
"version": version,
"type": constants.SOFTWARE_APPLICATION
# ,
# "dependency_type": "runtime"
"type": constants.SOFTWARE_APPLICATION,
"dependency_type": "runtime",
"dependency_resolver": "bundler"
},
1,
constants.TECHNIQUE_CODE_CONFIG_PARSER,
Expand All @@ -209,9 +209,9 @@ def parse_gemspec_file(file_path, metadata_result: Result, source):
"value": req,
"name": name,
"version": version,
"type": constants.SOFTWARE_APPLICATION
# ,
# "dependency_type": "dev"
"type": constants.SOFTWARE_APPLICATION,
"dependency_type": "dev",
"dependency_resolver": "bundler"
},
1,
constants.TECHNIQUE_CODE_CONFIG_PARSER,
Expand Down
49 changes: 26 additions & 23 deletions src/somef/parser/package_json_parser.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -155,35 +155,38 @@ def parse_package_json_file(file_path, metadata_result: Result, source):
metadata_result.add_result(
constants.CAT_RUNTIME_PLATFORM,
runtime,
# {
# "value": runtime["version"],
# "version": runtime["version"],
# "name": runtime["name"],
# "type": constants.STRING
# },
1,
constants.TECHNIQUE_CODE_CONFIG_PARSER,
source
)

deps = {}
deps.update(data.get("dependencies", {}))
deps.update(data.get("devDependencies", {}))
# deps = {}
# deps.update(data.get("dependencies", {}))
# deps.update(data.get("devDependencies", {}))

for name, version in deps.items():
req = f"{name}@{version}"
metadata_result.add_result(
constants.CAT_REQUIREMENTS,
{
"value": req,
"name": name,
"version": version,
"type": constants.SOFTWARE_APPLICATION
},
1,
constants.TECHNIQUE_CODE_CONFIG_PARSER,
source
)
# for name, version in deps.items():
sections = {
"dependencies": "runtime",
"devDependencies": "dev"
}

for section, dep_type in sections.items():
for name, version in data.get(section, {}).items():
req = f"{name}@{version}"
metadata_result.add_result(
constants.CAT_REQUIREMENTS,
{
"value": req,
"name": name,
"version": version,
"type": constants.SOFTWARE_APPLICATION,
"dependency_type": dep_type,
"dependency_resolver": "npm"
},
1,
constants.TECHNIQUE_CODE_CONFIG_PARSER,
source
)

metadata_result.add_result(
constants.CAT_HAS_PACKAGE_FILE,
Expand Down
19 changes: 16 additions & 3 deletions src/somef/parser/pom_xml_parser.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -157,13 +157,26 @@ def parse_pom_file(file_path, metadata_result: Result, source):

if project_data["dependencies"]:
for dependency in project_data["dependencies"]:
name_d = dependency.get("artifactId", "")
version_d = dependency.get("version", "")
scope = dependency.get("scope", None)

if scope == "test":
dep_type = "dev"
elif scope == "import":
continue
else:
dep_type = "runtime"

metadata_result.add_result(
constants.CAT_REQUIREMENTS,
{
"value": f'{dependency.get("groupId", "")}.{dependency.get("artifactId", "")}'.strip("."),
"name": dependency.get("artifactId", ""),
"version": dependency.get("version", ""),
"type": constants.SOFTWARE_APPLICATION
"name": name_d,
"version": version_d,
"type": constants.SOFTWARE_APPLICATION,
"dependency_type": dep_type,
"dependency_resolver": "maven"
},
1,
constants.TECHNIQUE_CODE_CONFIG_PARSER,
Expand Down
6 changes: 3 additions & 3 deletions src/somef/parser/publiccode_parser.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -231,9 +231,9 @@ def parse_publiccode_file(file_path, metadata_result: Result, source):
"value": f"{name}{version_str}" if version_str else name,
"name": name,
"version": version,
"type": constants.SOFTWARE_APPLICATION
# ,
# "dependency_type": "runtime"
"type": constants.SOFTWARE_APPLICATION,
"dependency_type": "runtime",
"dependency_resolver": "publiccode"
},
1,
constants.TECHNIQUE_CODE_CONFIG_PARSER,
Expand Down
Loading
Loading