bundle_update_interactive 0.7.0 → 0.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 58fa0e12f3322d018b1fcaa788dd3b8a2c3354042fe1e6ab21313d0bc0d7518b
-  data.tar.gz: a43866c8bad9bc0256b369cbf7e29db56c2b06293f2ae3a4a3e560ff75506e16
+  metadata.gz: 0cbe5e5a4fef836edfd7c1bc87939066c2f7460f4f1b883510ea065840747a54
+  data.tar.gz: 26bc0b61f7d3d2830c3fd687bd8e723486446cdbe6acf91455e6d02dfbb93df6
 SHA512:
-  metadata.gz: 5325810c277c4a3f58d3308b9899c9097a2c723996e79030ccda96f79408c83734b2bcf9ae5920a1ee74f32837ebae91f4e946aa9ff08225db73bf6d06d69e91
-  data.tar.gz: d241d58cb408a0b6294a8b56e010b8ffa841bdbb5ccf28c794fb2db4ebcc562f7ec486742ec36720ed9522c9cf2ce1d27d8a68619fefbee59d28810b3044e7fb
+  metadata.gz: d351f14505560566df5b09fd27ca1a537bca621208bb1859bb6ba1a430333a5889a2d8f1dfd6ce5b72ede3cecb3429c148a1e48a3a795c3290effe0e37c207d0
+  data.tar.gz: c649e223608a24c65715f7c430abc64841b41a8d765612a57c64cc5c7c56f4cc1327389916521c5f19af0742e177b4f3e5d31267aacbda3048efa5b9b9b0cc78

data/README.md

@@ -12,6 +12,7 @@
 ---
 
 - [Quick start](#quick-start)
+- [Options](#options)
 - [Features](#features)
 - [Prior art](#prior-art)
 - [Support](#support)
@@ -39,6 +40,11 @@ Or the shorthand:
 bundle ui
 ```
 
+## Options
+
+- `--latest` [modifies the Gemfile if necessary to allow the latest gem versions](#allow-latest-versions)
+- `-D` / `--exclusively=GROUP` [limits updatable gems by Gemfile groups](#limit-impact-by-gemfile-groups)
+
 ## Features
 
 ### Semver highlighting
@@ -69,6 +75,30 @@ When a newer version of a gem is available, but updating is not allowed due to a
 
 <img src="images/held-back.png" alt="Screenshot of rails and selenium-webdriver gems held back due to Gemfile requirements" width="717" />
 
+To allow updates for gems that would normally be held back, use the `--latest` option (explained in the next section).
+
+### Allow latest versions
+
+Normally `update-interactive` only makes changes to your Gemfile.lock. It honors the version restrictions ("pins") in your Gemfile and will not update your Gemfile.lock to have versions that are not allowed. However with the `--latest` flag, update-interactive can update the version pins in your Gemfile as well. Consider the following Gemfile:
+
+```ruby
+gem "rails", "~> 7.1.0"
+```
+
+Normally running `bundle update-interactive` will report that Rails is held back and therefore cannot be updated to the latest version. However, if you pass the `--latest` option like this:
+
+```
+bundle update-interactive --latest
+```
+
+Now Rails will be allowed to update. If you select to update Rails to the latest version (e.g. 7.2.0), `update-interactive` will modify the version requirement in your Gemfile to look like this:
+
+```ruby
+gem "rails", "~> 7.2.0"
+```
+
+In other words, it works similarly to `yarn upgrade-interactive --latest`.
+
 ### Changelogs
 
 `bundle update-interactive` will do its best to find an appropriate changelog for each gem.

data/lib/bundle_update_interactive/bundler_commands.rb

@@ -10,6 +10,13 @@ module BundleUpdateInteractive
         system "#{bundle_bin.shellescape} update --conservative #{gems.flatten.map(&:shellescape).join(' ')}"
       end
 
+      def lock
+        success = system "#{bundle_bin.shellescape} lock"
+        raise "bundle lock command failed" unless success
+
+        true
+      end
+
       def read_updated_lockfile(*gems)
         command = ["#{bundle_bin.shellescape} lock --print"]
         command << "--conservative" if gems.any?

data/lib/bundle_update_interactive/cli/multi_select.rb

@@ -7,6 +7,8 @@ require "tty/screen"
 
 class BundleUpdateInteractive::CLI
   class MultiSelect
+    extend BundleUpdateInteractive::StringHelper
+
     class List < TTY::Prompt::MultiList
       def initialize(prompt, **options)
         @opener = options.delete(:opener)
@@ -47,7 +49,7 @@ class BundleUpdateInteractive::CLI
 
     def self.prompt_for_gems_to_update(outdated_gems, prompt: nil)
       table = Table.updatable(outdated_gems)
-      title = "#{outdated_gems.length} gems can be updated."
+      title = "#{pluralize(outdated_gems.length, 'gem')} can be updated."
       opener = lambda do |gem|
         url = outdated_gems[gem].changelog_uri
         Launchy.open(url) unless url.nil?

data/lib/bundle_update_interactive/cli/options.rb

@@ -48,6 +48,9 @@ module BundleUpdateInteractive
             Show updates for development and test gems only, leaving production gems untouched.
             #{pastel.green('bundle update-interactive')} #{pastel.yellow('-D')}
 
+            Allow the latest gem versions, ignoring Gemfile pins. May modify the Gemfile.
+            #{pastel.green('bundle update-interactive')} #{pastel.yellow('--latest')}
+
         HELP
       end
 
@@ -61,6 +64,9 @@ module BundleUpdateInteractive
         OptionParser.new do |parser|
           parser.summary_indent = "  "
           parser.summary_width = 24
+          parser.on("--latest", "Modify the Gemfile to allow the latest gem versions") do
+            options.latest = true
+          end
           parser.on(
             "--exclusively=GROUP",
             "Update gems exclusively belonging to the specified Gemfile GROUP(s)"
@@ -84,9 +90,15 @@ module BundleUpdateInteractive
     end
 
     attr_accessor :exclusively
+    attr_writer :latest
 
     def initialize
       @exclusively = []
+      @latest = false
+    end
+
+    def latest?
+      @latest
     end
   end
 end

data/lib/bundle_update_interactive/cli.rb

@@ -4,14 +4,9 @@ require "bundler"
 
 module BundleUpdateInteractive
   class CLI
-    autoload :MultiSelect, "bundle_update_interactive/cli/multi_select"
-    autoload :Options, "bundle_update_interactive/cli/options"
-    autoload :Row, "bundle_update_interactive/cli/row"
-    autoload :Table, "bundle_update_interactive/cli/table"
-
     def run(argv: ARGV) # rubocop:disable Metrics/AbcSize
       options = Options.parse(argv)
-      report = generate_report(options)
+      report, updater = generate_report(options)
 
       puts_legend_and_withheld_gems(report) unless report.empty?
       puts("No gems to update.").then { return } if report.updatable_gems.empty?
@@ -22,13 +17,18 @@ module BundleUpdateInteractive
       puts "Updating the following gems."
       puts Table.updatable(selected_gems).render
       puts
-      report.bundle_update!(*selected_gems.keys)
+      updater.apply_updates(*selected_gems.keys)
+      puts_gemfile_modified_notice if updater.modified_gemfile?
     rescue Exception => e # rubocop:disable Lint/RescueException
       handle_exception(e)
     end
 
     private
 
+    def puts_gemfile_modified_notice
+      puts BundleUpdateInteractive.pastel.yellow("Your Gemfile was changed to accommodate the latest gem versions.")
+    end
+
     def puts_legend_and_withheld_gems(report)
       puts
       puts legend
@@ -54,14 +54,17 @@ module BundleUpdateInteractive
 
     def generate_report(options)
       whisper "Resolving latest gem versions..."
-      report = Reporter.new(groups: options.exclusively).generate_report
-      return report if report.empty?
-
-      whisper "Checking for security vulnerabilities..."
-      report.scan_for_vulnerabilities!
+      updater_class = options.latest? ? Latest::Updater : Updater
+      updater = updater_class.new(groups: options.exclusively)
+
+      report = updater.generate_report
+      unless report.empty?
+        whisper "Checking for security vulnerabilities..."
+        report.scan_for_vulnerabilities!
+        progress "Finding changelogs", report.all_gems.values, &:changelog_uri
+      end
 
-      progress "Finding changelogs", report.all_gems.values, &:changelog_uri
-      report
+      [report, updater]
     end
 
     def whisper(message)

data/lib/bundle_update_interactive/latest/gem_requirement.rb

@@ -0,0 +1,62 @@
+# frozen_string_literal: true
+
+module BundleUpdateInteractive
+  module Latest
+    class GemRequirement
+      def self.parse(version)
+        return version if version.is_a?(GemRequirement)
+
+        _, operator, number = version.strip.match(/^([^\d\s]*)\s*(.+)/).to_a
+        operator = nil if operator.empty?
+
+        new(parts: number.split("."), operator: operator, parsed_from: version)
+      end
+
+      attr_reader :parts, :operator
+
+      def initialize(parts:, operator: nil, parsed_from: nil)
+        @parts = parts
+        @operator = operator
+        @parsed_from = parsed_from
+      end
+
+      def exact?
+        operator.nil?
+      end
+
+      def relax
+        return self if %w[!= > >=].include?(operator)
+        return self.class.parse(">= 0") if %w[< <=].include?(operator)
+
+        self.class.new(parts: parts, operator: ">=")
+      end
+
+      def shift(new_version) # rubocop:disable Metrics/AbcSize
+        return self.class.parse(new_version) if exact?
+        return self if Gem::Requirement.new(to_s).satisfied_by?(Gem::Version.new(new_version))
+        return self.class.new(parts: self.class.parse(new_version).parts, operator: "<=") if %w[< <=].include?(operator)
+
+        new_slice = self.class.parse(new_version).slice(parts.length)
+        self.class.new(parts: new_slice.parts, operator: "~>")
+      end
+
+      def slice(amount)
+        self.class.new(parts: parts[0, amount], operator: operator)
+      end
+
+      def to_s
+        parsed_from || [operator, parts.join(".")].compact.join(" ")
+      end
+
+      def ==(other)
+        return false unless other.is_a?(GemRequirement)
+
+        to_s == other.to_s
+      end
+
+      private
+
+      attr_reader :parsed_from
+    end
+  end
+end

data/lib/bundle_update_interactive/latest/gemfile_editor.rb

@@ -0,0 +1,68 @@
+# frozen_string_literal: true
+
+module BundleUpdateInteractive
+  module Latest
+    class GemfileEditor
+      def initialize(gemfile_path: "Gemfile", lockfile_path: "Gemfile.lock")
+        @gemfile_path = gemfile_path
+        @lockfile_path = lockfile_path
+      end
+
+      def with_relaxed_gemfile
+        original, modified = modify_gemfile { |_, requirement| requirement.relax }
+        yield
+      ensure
+        File.write(gemfile_path, original) if original && original != modified
+      end
+
+      def shift_gemfile
+        lockfile = Lockfile.parse(File.read(lockfile_path))
+        original, modified = modify_gemfile do |name, requirement|
+          lockfile_entry = lockfile[name]
+          requirement.shift(lockfile_entry.version.to_s) if lockfile_entry
+        end
+        original != modified
+      end
+
+      private
+
+      attr_reader :gemfile_path, :lockfile_path
+
+      def modify_gemfile(&block)
+        original_contents = File.read(gemfile_path)
+        new_contents = original_contents.dup
+
+        find_rewritable_gem_names(original_contents).each do |name|
+          rewrite_contents(name, new_contents, &block)
+        end
+
+        File.write(gemfile_path, new_contents) unless new_contents == original_contents
+        [original_contents, new_contents]
+      end
+
+      def find_rewritable_gem_names(contents)
+        Gemfile.parse(gemfile_path).dependencies.filter_map do |dep|
+          gem_name = dep.name
+          gem_name if gem_declaration_with_requirement_re(gem_name).match?(contents)
+        end
+      end
+
+      def rewrite_contents(gem_name, contents)
+        found = contents.sub!(gem_declaration_with_requirement_re(gem_name)) do |match|
+          version = Regexp.last_match[1]
+          match[Regexp.last_match.regexp, 1] = yield(gem_name, GemRequirement.parse(version)).to_s
+          match
+        end
+        raise "Can't rewrite version for #{gem_name}" unless found
+      end
+
+      def gem_declaration_re(gem_name)
+        /^\s*gem\s+["']#{Regexp.escape(gem_name)}["']/
+      end
+
+      def gem_declaration_with_requirement_re(gem_name)
+        /#{gem_declaration_re(gem_name)},\s*["']([^'"]+)["']/
+      end
+    end
+  end
+end

data/lib/bundle_update_interactive/latest/updater.rb

@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+
+# Extends the default Updater class to allow updating to the latest gem versions.
+# Does this by using GemfileEditor to relax the Gemfile requirements before
+# `find_updatable_gems` and `apply_updates` are called.
+module BundleUpdateInteractive
+  module Latest
+    class Updater < BundleUpdateInteractive::Updater
+      def initialize(editor: GemfileEditor.new, **kwargs)
+        super(**kwargs)
+        @modified_gemfile = false
+        @editor = editor
+      end
+
+      def apply_updates(*, **)
+        result = editor.with_relaxed_gemfile { super }
+        @modified_gemfile = editor.shift_gemfile
+        BundlerCommands.lock
+        result
+      end
+
+      def modified_gemfile?
+        @modified_gemfile
+      end
+
+      private
+
+      attr_reader :editor
+
+      def find_updatable_gems
+        editor.with_relaxed_gemfile { super }
+      end
+
+      # Overrides the default Updater implementation.
+      # When updating the latest gems, by definition nothing is withheld, so we can skip this.
+      def find_withheld_gems(**)
+        {}
+      end
+    end
+  end
+end

data/lib/bundle_update_interactive/report.rb

@@ -23,11 +23,6 @@ module BundleUpdateInteractive
       @all_gems ||= withheld_gems.merge(updatable_gems)
     end
 
-    def expand_gems_with_exact_dependencies(*gem_names)
-      gem_names.flatten!
-      gem_names.flat_map { |name| [name, *current_lockfile[name].exact_dependencies] }.uniq
-    end
-
     def scan_for_vulnerabilities!
       return false if all_gems.empty?
 
@@ -36,16 +31,12 @@ module BundleUpdateInteractive
       vulnerable_gem_names = Set.new(audit_report.vulnerable_gems.map(&:name))
 
       all_gems.each do |name, gem|
-        gem.vulnerable = (vulnerable_gem_names & [name, *current_lockfile[name].exact_dependencies]).any?
+        exact_deps = current_lockfile && current_lockfile[name].exact_dependencies
+        gem.vulnerable = (vulnerable_gem_names & [name, *Array(exact_deps)]).any?
       end
       true
     end
 
-    def bundle_update!(*gem_names)
-      expanded_names = expand_gems_with_exact_dependencies(*gem_names)
-      BundlerCommands.update_gems_conservatively(*expanded_names)
-    end
-
     private
 
     attr_reader :current_lockfile

data/lib/bundle_update_interactive/string_helper.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+# lib/bundle_update_interactive/string_helper.rb
+module BundleUpdateInteractive
+  module StringHelper
+    def pluralize(count, singular, plural=nil)
+      plural ||= "#{singular}s"
+      "#{count} #{count == 1 ? singular : plural}"
+    end
+    module_function :pluralize
+  end
+end

data/lib/bundle_update_interactive/{reporter.rb → updater.rb}

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 module BundleUpdateInteractive
-  class Reporter
+  class Updater
     def initialize(groups: [])
       @gemfile = Gemfile.parse
       @current_lockfile = Lockfile.parse
@@ -15,6 +15,16 @@ module BundleUpdateInteractive
       Report.new(current_lockfile: current_lockfile, updatable_gems: updatable_gems, withheld_gems: withheld_gems)
     end
 
+    def apply_updates(*gem_names)
+      expanded_names = expand_gems_with_exact_dependencies(*gem_names)
+      BundlerCommands.update_gems_conservatively(*expanded_names)
+    end
+
+    # Overridden by Latest::Updater subclass
+    def modified_gemfile?
+      false
+    end
+
     private
 
     attr_reader :gemfile, :current_lockfile, :candidate_gems
@@ -33,6 +43,20 @@ module BundleUpdateInteractive
       end
     end
 
+    def find_withheld_gems(exclude: [])
+      possibly_withheld = gemfile.dependencies.filter_map do |dep|
+        dep.name if dep.should_include? && !dep.requirement.none? # rubocop:disable Style/InverseMethods
+      end
+      possibly_withheld -= exclude
+      possibly_withheld &= candidate_gems unless candidate_gems.nil?
+
+      return {} if possibly_withheld.empty?
+
+      BundlerCommands.parse_outdated(*possibly_withheld).to_h do |name, newest|
+        [name, build_outdated_gem(name, newest, nil)]
+      end
+    end
+
     def build_outdated_gem(name, updated_version, updated_git_version)
       current_lockfile_entry = current_lockfile[name]
 
@@ -49,18 +73,9 @@ module BundleUpdateInteractive
       )
     end
 
-    def find_withheld_gems(exclude: [])
-      possibly_withheld = gemfile.dependencies.filter_map do |dep|
-        dep.name if dep.should_include? && !dep.requirement.none? # rubocop:disable Style/InverseMethods
-      end
-      possibly_withheld -= exclude
-      possibly_withheld &= candidate_gems unless candidate_gems.nil?
-
-      return {} if possibly_withheld.empty?
-
-      BundlerCommands.parse_outdated(*possibly_withheld).to_h do |name, newest|
-        [name, build_outdated_gem(name, newest, nil)]
-      end
+    def expand_gems_with_exact_dependencies(*gem_names)
+      gem_names.flatten!
+      gem_names.flat_map { |name| [name, *current_lockfile[name].exact_dependencies] }.uniq
     end
   end
 end

data/lib/bundle_update_interactive/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module BundleUpdateInteractive
-  VERSION = "0.7.0"
+  VERSION = "0.8.0"
 end

data/lib/bundle_update_interactive.rb

@@ -2,21 +2,13 @@
 
 require "pastel"
 
-module BundleUpdateInteractive
-  autoload :BundlerCommands, "bundle_update_interactive/bundler_commands"
-  autoload :ChangelogLocator, "bundle_update_interactive/changelog_locator"
-  autoload :CLI, "bundle_update_interactive/cli"
-  autoload :Error, "bundle_update_interactive/error"
-  autoload :Gemfile, "bundle_update_interactive/gemfile"
-  autoload :HTTP, "bundle_update_interactive/http"
-  autoload :Lockfile, "bundle_update_interactive/lockfile"
-  autoload :LockfileEntry, "bundle_update_interactive/lockfile_entry"
-  autoload :OutdatedGem, "bundle_update_interactive/outdated_gem"
-  autoload :Report, "bundle_update_interactive/report"
-  autoload :Reporter, "bundle_update_interactive/reporter"
-  autoload :SemverChange, "bundle_update_interactive/semver_change"
-  autoload :VERSION, "bundle_update_interactive/version"
+require "zeitwerk"
+loader = Zeitwerk::Loader.for_gem
+loader.inflector.inflect "cli" => "CLI"
+loader.inflector.inflect "http" => "HTTP"
+loader.setup
 
+module BundleUpdateInteractive
   class << self
     attr_accessor :pastel
   end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bundle_update_interactive
 version: !ruby/object:Gem::Version
-  version: 0.7.0
+  version: 0.8.0
 platform: ruby
 authors:
 - Matt Brictson
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2024-08-14 00:00:00.000000000 Z
+date: 2024-08-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -94,6 +94,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 0.8.2
+- !ruby/object:Gem::Dependency
+  name: zeitwerk
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.6'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.6'
 description:
 email:
 - opensource@mattbrictson.com
@@ -118,12 +132,16 @@ files:
 - lib/bundle_update_interactive/error.rb
 - lib/bundle_update_interactive/gemfile.rb
 - lib/bundle_update_interactive/http.rb
+- lib/bundle_update_interactive/latest/gem_requirement.rb
+- lib/bundle_update_interactive/latest/gemfile_editor.rb
+- lib/bundle_update_interactive/latest/updater.rb
 - lib/bundle_update_interactive/lockfile.rb
 - lib/bundle_update_interactive/lockfile_entry.rb
 - lib/bundle_update_interactive/outdated_gem.rb
 - lib/bundle_update_interactive/report.rb
-- lib/bundle_update_interactive/reporter.rb
 - lib/bundle_update_interactive/semver_change.rb
+- lib/bundle_update_interactive/string_helper.rb
+- lib/bundle_update_interactive/updater.rb
 - lib/bundle_update_interactive/version.rb
 homepage: https://github.com/mattbrictson/bundle_update_interactive
 licenses:
@@ -149,7 +167,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.5.16
+rubygems_version: 3.5.11
 signing_key:
 specification_version: 4
 summary: Adds an update-interactive command to Bundler