bundler-advise 1.0.1 → 1.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: eeda25d3d3de4dfbbc3068bbc557e30e3e4ee53a
-  data.tar.gz: 7530da925c37770508dc2287302d7c9c972e8068
+  metadata.gz: 38cee1f39e9fa2eb6f276c900c68f5db15322f10
+  data.tar.gz: 21550b726a1c7983a28bf63f356416b07e1fde90
 SHA512:
-  metadata.gz: 6eeefba5041fcea4c9081f7050b34d94fb2110092f25d8cacacf31b65878930fe56d3925aea2275e118ac7c029c07b9a444aa4d0b65db45ee19215dc8c19a93f
-  data.tar.gz: af14055e3ed6337af33731cd431fe20425a445b066d827d6da643d0a5460639f3242e9cf5f7ec7a1414d94ff7ea6f10fc8f3c516ef9d6ef487d375b12e485dbf
+  metadata.gz: 2461d7d8e80437d77e1ff0f20eb5aec62e8d544d758dc322e6052bd32ce357b168f8cd0b46cc854556da7237a4ee228f0b5570446dcd226454951f0eac295e0d
+  data.tar.gz: 389bf42f21a3fdc56d590a113da98e2430f621be825767dd657913da591313fcd2b9e749a471f0b359c8a7f13fb4ef11f04931a3cd70b8c11d270f0bc1e6e0e1

data/bundler-advise.gemspec

@@ -14,7 +14,7 @@ Gem::Specification.new do |spec|
   spec.homepage      = 'https://github.com/chrismo/bundler-advise'
   spec.license       = 'MIT'
 
-  spec.files         = `git ls-files -z`.split("\x0")
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
   spec.bindir        = 'exe'
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ['lib']
@@ -22,6 +22,7 @@ Gem::Specification.new do |spec|
   spec.add_dependency 'git'
   spec.add_dependency 'bundler', '~> 1.10'
 
+  spec.add_development_dependency 'bundler-fixture', '~> 1.0'
   spec.add_development_dependency 'pry'
   spec.add_development_dependency 'rake', '~> 10.0'
   spec.add_development_dependency 'rspec'

data/lib/bundler/advise/version.rb

@@ -1,5 +1,5 @@
 module Bundler
   module Advise
-    VERSION = '1.0.1'
+    VERSION = '1.0.2'
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bundler-advise
 version: !ruby/object:Gem::Version
-  version: 1.0.1
+  version: 1.0.2
 platform: ruby
 authors:
 - chrismo
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2016-03-06 00:00:00.000000000 Z
+date: 2016-03-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: git
@@ -38,6 +38,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.10'
+- !ruby/object:Gem::Dependency
+  name: bundler-fixture
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
 - !ruby/object:Gem::Dependency
   name: pry
   requirement: !ruby/object:Gem::Requirement
@@ -103,12 +117,6 @@ files:
 - lib/bundler/advise/advisory.rb
 - lib/bundler/advise/gem_adviser.rb
 - lib/bundler/advise/version.rb
-- spec/bundler/advisories_spec.rb
-- spec/bundler/advisory_spec.rb
-- spec/bundler/gem_adviser_spec.rb
-- spec/fixture/advisories_fixture.rb
-- spec/fixture/bundler_fixture.rb
-- spec/spec_helper.rb
 homepage: https://github.com/chrismo/bundler-advise
 licenses:
 - MIT

data/spec/bundler/advisories_spec.rb

@@ -1,60 +0,0 @@
-require_relative '../spec_helper'
-
-describe Advisories do
-  context 'defaults' do
-    it 'should default to home dir' do
-      Advisories.new.dir.should == File.expand_path('~/.ruby-advisory-db')
-    end
-
-    it 'should default to rubysec ruby-advisory-db' do
-      Advisories.new.repo.should == 'git@github.com:rubysec/ruby-advisory-db.git'
-    end
-  end
-
-  context 'git clone/updates' do
-    before do
-      @a = Advisories.new(
-        dir: File.join(Dir.tmpdir, '.ruby-advisory-db'),
-        repo: 'git@github.com:chrismo/bundler-advise.git'
-      )
-    end
-
-    after do
-      FileUtils.rmtree @a.dir
-    end
-
-    it 'should clone if no copy exists' do
-      File.exist?(@a.dir).should_not be true
-      @a.update
-      File.exist?(@a.dir).should be true
-      File.exist?(File.join(@a.dir, '.git')).should be true
-    end
-
-    it 'should pull if working dir exists' do
-      File.exist?(@a.dir).should_not be true
-      @a.update
-      File.exist?(File.join(@a.dir, '.git')).should be true
-      @a.update
-    end
-
-    it 'should error handle messed up dir' do
-      FileUtils.makedirs @a.dir
-      lambda { @a.update }.should raise_error(/problem with working dir.*#{Regexp.escape(@a.dir)}/)
-    end
-
-    it 'should clean update a messed up dir' do
-      FileUtils.makedirs @a.dir
-      @a.clean_update!
-      File.exist?(File.join(@a.dir, '.git')).should be true
-    end
-  end
-
-  it 'should retrieve advisories for a gem' do
-    @a = Advisories.new(dir: fixture_dir)
-    ads = @a.gem_advisories_for('bar')
-    ads.length.should == 1
-    ad = ads.first
-    ad.gem.should == 'bar'
-    ad.patched_versions.should == [Gem::Requirement.create('>= 1.0.2')]
-  end
-end

data/spec/bundler/advisory_spec.rb

@@ -1,61 +0,0 @@
-require_relative '../spec_helper'
-
-describe Advisory do
-  context 'persistence' do
-    it 'should parse the yummy yml' do
-      ad = Advisory.from_yml(File.join(fixture_dir, 'gems', 'bar', 'bar-1_0_1.yml'))
-      ad.id.should == 'bar-1_0_1'
-      ad.gem.should == 'bar'
-      ad.url.should == 'http://bar-gem-is-awesome.com'
-      ad.title.should == 'bar 1.0.1 might explode your spleen'
-      ad.date.should == DateTime.parse('2015-11-18')
-      ad.description.should == 'This version could, like, explode your spleen if taken internally'
-      ad.unaffected_versions.should == [Gem::Requirement.create('1.0.0')]
-      ad.patched_versions.should == [Gem::Requirement.create('>= 1.0.2')]
-    end
-
-    it 'should output back to yaml as hash' do
-      yml_fn = File.join(fixture_dir, 'gems', 'bar', 'bar-1_0_1.yml')
-      actual_yml = File.read(yml_fn)
-      ad = Advisory.from_yml(yml_fn)
-      ad.to_yaml.should == actual_yml
-    end
-  end
-
-  it 'should determine if patched' do
-    ad = Advisory.new(patched_versions: '>= 1.4.3')
-    ad.is_not_patched?('1.4.2').should be true
-    ad.is_not_patched?('1.4.3').should be false
-    ad.is_not_patched?('1.4.4').should be false
-
-    ad.is_affected?('1.4.2').should be true
-    ad.is_affected?('1.4.3').should be false
-    ad.is_affected?('1.4.4').should be false
-  end
-
-  it 'should determine if unaffected' do
-    ad = Advisory.new(unaffected_versions: '>= 1.4.3')
-    ad.is_not_unaffected?('1.4.2').should be true
-    ad.is_not_unaffected?('1.4.3').should be false
-    ad.is_not_unaffected?('1.4.4').should be false
-
-    ad.is_affected?('1.4.2').should be true
-    ad.is_affected?('1.4.3').should be false
-    ad.is_affected?('1.4.4').should be false
-  end
-
-  it 'should have sane defaults if patched and unaffected not specified' do
-    ad = Advisory.new
-    ad.is_not_unaffected?('1.4.2').should be true
-    ad.is_not_patched?('1.4.2').should be true
-    ad.is_affected?('1.4.2').should be true
-  end
-
-  it 'should work well if both specified' do
-    ad = Advisory.new(unaffected_versions: '< 1.3.0', patched_versions: '>= 1.4.3')
-    ad.is_affected?('1.2.0').should be false
-    ad.is_affected?('1.3.9').should be true
-    ad.is_affected?('1.4.2').should be true
-    ad.is_affected?('1.4.3').should be false
-  end
-end

data/spec/bundler/gem_adviser_spec.rb

@@ -1,64 +0,0 @@
-require_relative '../spec_helper'
-
-describe GemAdviser do
-  before do
-    @bf = BundlerFixture.new
-    @bf.create_lockfile(gem_specs: [
-      @bf.create_spec('foo', '1.2.3', {'quux' => '~> 1.4'}),
-      @bf.create_spec('bar', '5.6'),
-      @bf.create_spec('quux', '1.4.3')
-    ])
-
-    @af = AdvisoriesFixture.new
-  end
-
-  def dump
-    puts File.read(File.join(@bf.dir, 'Gemfile.lock'))
-  end
-
-  after do
-    FileUtils.rmtree @af.clean_up
-    FileUtils.rmtree @bf.clean_up
-  end
-
-  it 'should find one matching advisories' do
-    @af.save_advisory(Advisory.new(gem: 'quux', patched_versions: '>= 1.4.5'))
-    ga = GemAdviser.new(dir: @bf.dir, advisories: Advisories.new(dir: @af.dir))
-    ga.scan_lockfile.map(&:gem).should == ['quux']
-  end
-
-  it 'should not find one non-matching advisories' do
-    @af.save_advisory(Advisory.new(gem: 'quux', patched_versions: '>= 1.4.2'))
-    ga = GemAdviser.new(dir: @bf.dir, advisories: Advisories.new(dir: @af.dir))
-    ga.scan_lockfile.map(&:gem).should be_empty
-  end
-
-  it 'should find one matching from many advisories' do
-    @af.save_advisory(Advisory.new(gem: 'quux', patched_versions: '>= 1.4.5'))
-    @af.save_advisory(Advisory.new(gem: 'quux', patched_versions: '>= 1.4.2'))
-    ga = GemAdviser.new(dir: @bf.dir, advisories: Advisories.new(dir: @af.dir))
-    ga.scan_lockfile.map(&:gem).should == ['quux']
-  end
-
-  it 'should find many matching from many advisories' do
-    @af.save_advisory(Advisory.new(gem: 'quux', date: '2014-01-12', patched_versions: '>= 1.4.5'))
-    @af.save_advisory(Advisory.new(gem: 'quux', date: '2014-01-13', patched_versions: '>= 1.4.4'))
-    ga = GemAdviser.new(dir: @bf.dir, advisories: Advisories.new(dir: @af.dir))
-    ga.scan_lockfile.map(&:date).should == ['2014-01-12', '2014-01-13']
-  end
-
-  it 'should find many gems matching from many advisories' do
-    @af.save_advisory(Advisory.new(gem: 'quux', patched_versions: '>= 1.4.5'))
-    @af.save_advisory(Advisory.new(gem: 'bar', patched_versions: '>= 6.0'))
-    ga = GemAdviser.new(dir: @bf.dir, advisories: Advisories.new(dir: @af.dir))
-    ga.scan_lockfile.map(&:gem).should == ['bar', 'quux']
-  end
-
-  it 'should skip matching but unaffected' do
-    @af.save_advisory(Advisory.new(gem: 'quux',
-                                   unaffected_versions: '~> 1.4.0',
-                                   patched_versions: '>= 1.6.0'))
-    ga = GemAdviser.new(dir: @bf.dir, advisories: Advisories.new(dir: @af.dir))
-    ga.scan_lockfile.map(&:gem).should be_empty
-  end
-end

data/spec/fixture/advisories_fixture.rb

@@ -1,20 +0,0 @@
-class AdvisoriesFixture
-  attr_reader :dir
-
-  def initialize
-    @dir = File.join(Dir.tmpdir, 'advisory_db')
-    FileUtils.makedirs @dir
-  end
-
-  def clean_up
-    FileUtils.rmtree @dir
-  end
-
-  def save_advisory(ad)
-    gem_path = File.join(@dir, 'gems', ad.gem)
-    FileUtils.makedirs gem_path
-    last_fn = Dir[File.join(gem_path, '*yml')].last || '000.yml'
-    next_fn = "#{File.basename(last_fn, '.yml').next}.yml"
-    File.open(File.join(gem_path, next_fn), 'wb') { |f| f.print ad.to_yaml }
-  end
-end

data/spec/fixture/bundler_fixture.rb

@@ -1,44 +0,0 @@
-class BundlerFixture
-  attr_reader :dir
-
-  def initialize
-    @dir = File.join(Dir.tmpdir, 'fake_project_root')
-    FileUtils.makedirs @dir
-  end
-
-  def clean_up
-    FileUtils.rmtree @dir
-  end
-
-  def create_lockfile(gem_specs:)
-    dir = @dir
-    index = Bundler::Index.new
-    deps = []
-    gem_specs.each do |g|
-      index << g
-      deps << Bundler::DepProxy.new(Bundler::Dependency.new(g.name, g.version), g.platform)
-    end
-    spec_set = Bundler::Resolver.resolve(deps, index)
-
-    sources = Bundler::SourceList.new
-    sources.add_rubygems_remote('https://rubygems.org')
-    spec_set.each { |s| s.source = sources.rubygems_sources.first }
-
-    gemfile_fn = File.join(dir, 'Gemfile.lock')
-    defn = Bundler::Definition.new(gemfile_fn, deps.map(&:dep), sources, true)
-    defn.instance_variable_set('@index', index)
-    defn.instance_variable_set('@resolve', spec_set)
-    defn.lock(gemfile_fn)
-  end
-
-  def create_spec(name, version, dependencies={})
-    Gem::Specification.new do |s|
-      s.name = name
-      s.version = Gem::Version.new(version)
-      s.platform = 'ruby'
-      dependencies.each do |name, requirement|
-        s.add_dependency name, requirement
-      end
-    end
-  end
-end

data/spec/spec_helper.rb

@@ -1,15 +0,0 @@
-$LOAD_PATH.unshift File.expand_path('../../lib', __FILE__)
-require 'bundler/advise'
-
-include Bundler::Advise
-
-RSpec.configure do |c|
-  c.expect_with(:rspec) { |co| co.syntax = :should }
-end
-
-require_relative 'fixture/advisories_fixture'
-require_relative 'fixture/bundler_fixture'
-
-def fixture_dir
-  File.expand_path('../fixture', __FILE__)
-end