bundle_update_interactive 0.12.0 → 0.13.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/bundle_update_interactive/report.rb +12 -3
- data/lib/bundle_update_interactive/version.rb +1 -1
- metadata +12 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 241531e26f28203d5252a21dde1a4411b287da28c4874d92f630911c1d3ab06b
|
|
4
|
+
data.tar.gz: 3a909152167231b98e5c713e7a60e97aa3162d236871d59868400e7eb6f7f13a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 0abf24328ee286b56bfc2fccf796c289ff7567474ecaa50bb3ab92cc1a2618b0d38ad2f4b83135fe9ac3a0d7185ecb8b43a0db454af517c0ea9833b1b1fdd62e
|
|
7
|
+
data.tar.gz: af955d5858dd124377105f3c324a181a8c1a208faa902e6aef53c672c3bda199f1843c354f3ba206a17376f227f3ae3d6608285517e1967f791797f36616cfbe
|
|
@@ -1,8 +1,6 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
3
|
require "bundler"
|
|
4
|
-
require "bundler/audit"
|
|
5
|
-
require "bundler/audit/scanner"
|
|
6
4
|
require "set"
|
|
7
5
|
|
|
8
6
|
module BundleUpdateInteractive
|
|
@@ -23,8 +21,9 @@ module BundleUpdateInteractive
|
|
|
23
21
|
@all_gems ||= withheld_gems.merge(updatable_gems)
|
|
24
22
|
end
|
|
25
23
|
|
|
26
|
-
def scan_for_vulnerabilities!
|
|
24
|
+
def scan_for_vulnerabilities! # rubocop:disable Metrics/AbcSize
|
|
27
25
|
return false if all_gems.empty?
|
|
26
|
+
return false unless try_load_bundler_audit
|
|
28
27
|
|
|
29
28
|
Bundler::Audit::Database.update!(quiet: true)
|
|
30
29
|
audit_report = Bundler::Audit::Scanner.new.report
|
|
@@ -40,5 +39,15 @@ module BundleUpdateInteractive
|
|
|
40
39
|
private
|
|
41
40
|
|
|
42
41
|
attr_reader :current_lockfile
|
|
42
|
+
|
|
43
|
+
# TODO: Remove this workaround once Bundler 4 compatible version of bundler-audit is released
|
|
44
|
+
def try_load_bundler_audit
|
|
45
|
+
require "bundler/audit"
|
|
46
|
+
require "bundler/audit/scanner"
|
|
47
|
+
true
|
|
48
|
+
rescue LoadError
|
|
49
|
+
puts "Failed to load bundler-audit. Skipping vulnerabilities scan."
|
|
50
|
+
false
|
|
51
|
+
end
|
|
43
52
|
end
|
|
44
53
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: bundle_update_interactive
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.13.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Matt Brictson
|
|
@@ -13,16 +13,22 @@ dependencies:
|
|
|
13
13
|
name: bundler
|
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|
|
15
15
|
requirements:
|
|
16
|
-
- - "
|
|
16
|
+
- - ">="
|
|
17
|
+
- !ruby/object:Gem::Version
|
|
18
|
+
version: '2'
|
|
19
|
+
- - "<"
|
|
17
20
|
- !ruby/object:Gem::Version
|
|
18
|
-
version: '
|
|
21
|
+
version: '5'
|
|
19
22
|
type: :runtime
|
|
20
23
|
prerelease: false
|
|
21
24
|
version_requirements: !ruby/object:Gem::Requirement
|
|
22
25
|
requirements:
|
|
23
|
-
- - "
|
|
26
|
+
- - ">="
|
|
27
|
+
- !ruby/object:Gem::Version
|
|
28
|
+
version: '2'
|
|
29
|
+
- - "<"
|
|
24
30
|
- !ruby/object:Gem::Version
|
|
25
|
-
version: '
|
|
31
|
+
version: '5'
|
|
26
32
|
- !ruby/object:Gem::Dependency
|
|
27
33
|
name: bundler-audit
|
|
28
34
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -180,7 +186,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
180
186
|
- !ruby/object:Gem::Version
|
|
181
187
|
version: '0'
|
|
182
188
|
requirements: []
|
|
183
|
-
rubygems_version: 3.
|
|
189
|
+
rubygems_version: 3.7.2
|
|
184
190
|
specification_version: 4
|
|
185
191
|
summary: Adds an update-interactive command to Bundler
|
|
186
192
|
test_files: []
|