bundle_update_interactive 0.11.2 → 0.13.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +0 -1
- data/lib/bundle_update_interactive/http.rb +19 -0
- data/lib/bundle_update_interactive/report.rb +12 -3
- data/lib/bundle_update_interactive/version.rb +1 -1
- metadata +12 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 241531e26f28203d5252a21dde1a4411b287da28c4874d92f630911c1d3ab06b
|
|
4
|
+
data.tar.gz: 3a909152167231b98e5c713e7a60e97aa3162d236871d59868400e7eb6f7f13a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 0abf24328ee286b56bfc2fccf796c289ff7567474ecaa50bb3ab92cc1a2618b0d38ad2f4b83135fe9ac3a0d7185ecb8b43a0db454af517c0ea9833b1b1fdd62e
|
|
7
|
+
data.tar.gz: af955d5858dd124377105f3c324a181a8c1a208faa902e6aef53c672c3bda199f1843c354f3ba206a17376f227f3ae3d6608285517e1967f791797f36616cfbe
|
data/README.md
CHANGED
|
@@ -3,7 +3,6 @@
|
|
|
3
3
|
[](https://rubygems.org/gems/bundle_update_interactive)
|
|
4
4
|
[](https://www.ruby-toolbox.com/projects/bundle_update_interactive)
|
|
5
5
|
[](https://github.com/mattbrictson/bundle_update_interactive/actions/workflows/ci.yml)
|
|
6
|
-
[](https://codeclimate.com/github/mattbrictson/bundle_update_interactive)
|
|
7
6
|
|
|
8
7
|
**This gem adds an `update-interactive` command to [Bundler](https://bundler.io).** Run it to see what gems can be updated, then pick and choose which ones to update. If you've used `yarn upgrade-interactive`, the interface should be very familiar.
|
|
9
8
|
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
+
require "openssl"
|
|
3
4
|
require "net/http"
|
|
4
5
|
require "uri"
|
|
5
6
|
|
|
@@ -11,6 +12,22 @@ module BundleUpdateInteractive
|
|
|
11
12
|
end
|
|
12
13
|
end
|
|
13
14
|
|
|
15
|
+
class Error
|
|
16
|
+
attr_reader :exception
|
|
17
|
+
|
|
18
|
+
def initialize(exception)
|
|
19
|
+
@exception = exception
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
def code
|
|
23
|
+
nil
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
def success?
|
|
27
|
+
false
|
|
28
|
+
end
|
|
29
|
+
end
|
|
30
|
+
|
|
14
31
|
class << self
|
|
15
32
|
def get(url)
|
|
16
33
|
http(:get, url)
|
|
@@ -28,6 +45,8 @@ module BundleUpdateInteractive
|
|
|
28
45
|
http.public_send(method, uri.request_uri)
|
|
29
46
|
end
|
|
30
47
|
response.extend(Success)
|
|
48
|
+
rescue OpenSSL::OpenSSLError => e
|
|
49
|
+
Error.new(e)
|
|
31
50
|
end
|
|
32
51
|
end
|
|
33
52
|
end
|
|
@@ -1,8 +1,6 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
3
|
require "bundler"
|
|
4
|
-
require "bundler/audit"
|
|
5
|
-
require "bundler/audit/scanner"
|
|
6
4
|
require "set"
|
|
7
5
|
|
|
8
6
|
module BundleUpdateInteractive
|
|
@@ -23,8 +21,9 @@ module BundleUpdateInteractive
|
|
|
23
21
|
@all_gems ||= withheld_gems.merge(updatable_gems)
|
|
24
22
|
end
|
|
25
23
|
|
|
26
|
-
def scan_for_vulnerabilities!
|
|
24
|
+
def scan_for_vulnerabilities! # rubocop:disable Metrics/AbcSize
|
|
27
25
|
return false if all_gems.empty?
|
|
26
|
+
return false unless try_load_bundler_audit
|
|
28
27
|
|
|
29
28
|
Bundler::Audit::Database.update!(quiet: true)
|
|
30
29
|
audit_report = Bundler::Audit::Scanner.new.report
|
|
@@ -40,5 +39,15 @@ module BundleUpdateInteractive
|
|
|
40
39
|
private
|
|
41
40
|
|
|
42
41
|
attr_reader :current_lockfile
|
|
42
|
+
|
|
43
|
+
# TODO: Remove this workaround once Bundler 4 compatible version of bundler-audit is released
|
|
44
|
+
def try_load_bundler_audit
|
|
45
|
+
require "bundler/audit"
|
|
46
|
+
require "bundler/audit/scanner"
|
|
47
|
+
true
|
|
48
|
+
rescue LoadError
|
|
49
|
+
puts "Failed to load bundler-audit. Skipping vulnerabilities scan."
|
|
50
|
+
false
|
|
51
|
+
end
|
|
43
52
|
end
|
|
44
53
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: bundle_update_interactive
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.13.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Matt Brictson
|
|
@@ -13,16 +13,22 @@ dependencies:
|
|
|
13
13
|
name: bundler
|
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|
|
15
15
|
requirements:
|
|
16
|
-
- - "
|
|
16
|
+
- - ">="
|
|
17
|
+
- !ruby/object:Gem::Version
|
|
18
|
+
version: '2'
|
|
19
|
+
- - "<"
|
|
17
20
|
- !ruby/object:Gem::Version
|
|
18
|
-
version: '
|
|
21
|
+
version: '5'
|
|
19
22
|
type: :runtime
|
|
20
23
|
prerelease: false
|
|
21
24
|
version_requirements: !ruby/object:Gem::Requirement
|
|
22
25
|
requirements:
|
|
23
|
-
- - "
|
|
26
|
+
- - ">="
|
|
27
|
+
- !ruby/object:Gem::Version
|
|
28
|
+
version: '2'
|
|
29
|
+
- - "<"
|
|
24
30
|
- !ruby/object:Gem::Version
|
|
25
|
-
version: '
|
|
31
|
+
version: '5'
|
|
26
32
|
- !ruby/object:Gem::Dependency
|
|
27
33
|
name: bundler-audit
|
|
28
34
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -180,7 +186,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
180
186
|
- !ruby/object:Gem::Version
|
|
181
187
|
version: '0'
|
|
182
188
|
requirements: []
|
|
183
|
-
rubygems_version: 3.
|
|
189
|
+
rubygems_version: 3.7.2
|
|
184
190
|
specification_version: 4
|
|
185
191
|
summary: Adds an update-interactive command to Bundler
|
|
186
192
|
test_files: []
|