bundler-audit-fix 0.1.3 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +8 -0
  3. data/Gemfile.lock +2 -2
  4. data/README.md +1 -1
  5. data/lib/bundler/audit/fix/cli.rb +11 -0
  6. data/lib/bundler/audit/fix/version.rb +1 -1
  7. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 1180a019a219164828d821470b41d99a924e6944b1d04be67b856097da8cb973
4
- data.tar.gz: a0c4a4390e46c7472d436f4c832e826a19579ac925455b01d7c2e5f3ab359627
3
+ metadata.gz: fd338d9928eb85397fd93743e601e1386a6c477fc9aa9f2e06a24d616e00c9aa
4
+ data.tar.gz: 2d0227e18db56a54f2f6585d4d645d39070d07aa1414a25243528fd25098b41a
5
5
  SHA512:
6
- metadata.gz: 88ec1384360e83ff0b4856a7060a48b6b2e1dc259cac8a622a73697daa3ee1e79bfb3e5833ea34a16199553f1fed5a8768e24d4f279029e8fda41f2992da049e
7
- data.tar.gz: 49a1a24e6d5f758229b15ddf494e871e7c5e515fd44563159aa4dfb7507c2f668d901f909db71137ed45da1a83d85436e0f224797d4c608351278c37c9e62a9c
6
+ metadata.gz: 2917e2316d14f6e3dd113daa6df572d222074f8235d80f6b8955abe563ca57fdbfcd042fa38e77154ed846a37d7f34c5271110a085c41cc2fa84b3d0bb98aab9
7
+ data.tar.gz: e43b9185406f46c130beaf8d0abadbd537de7d35163f945518784f8071e38ffb68ed304ef23c216e44e40341b0a333e57e817a5f8749b320d328c0b6c2cf2233
data/CHANGELOG.md CHANGED
@@ -1,3 +1,11 @@
1
+ # 0.2.0 - 2022-01-29
2
+
3
+ - Exit with non-zero status code when `bundle-audit-fix` has no effect for dependency reasons.
4
+
5
+ # 0.1.3 - 2021-12-23
6
+
7
+ - The `bundle-audit-fix` command is now executable without `bundle exec` prefix.
8
+
1
9
  # 0.1.2 - 2021-12-23
2
10
 
3
11
  - Fix CLI is not working
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- bundler-audit-fix (0.1.3)
4
+ bundler-audit-fix (0.2.0)
5
5
  bundler (>= 1.2.0, < 3)
6
6
  bundler-audit (~> 0.9.0)
7
7
  thor (~> 1.0)
@@ -51,7 +51,7 @@ GEM
51
51
  rubocop-ast (1.15.0)
52
52
  parser (>= 3.0.1.1)
53
53
  ruby-progressbar (1.11.0)
54
- thor (1.1.0)
54
+ thor (1.2.1)
55
55
  unicode-display_width (2.1.0)
56
56
 
57
57
  PLATFORMS
data/README.md CHANGED
@@ -26,7 +26,7 @@ $ bundle-audit-fix update [dir]
26
26
 
27
27
  ### .bundler-audit.yml
28
28
 
29
- In addition to the original configuration, it supports `replacement` block. If a gem that is related to a fixed version and not directly listed in the Gemfile (i.g. Rails family, etc.) needs to be updated, bundle-audit-fix will replace according to the specified like below.
29
+ In addition to the original configuration, it supports `replacement` block. If a gem that is related to a fixed version and not directly listed in the Gemfile (e.g. Rails family, etc.) needs to be updated, bundle-audit-fix will replace according to the specified like below.
30
30
 
31
31
  ```yml
32
32
  replacement:
data/lib/bundler/audit/fix/cli.rb CHANGED
@@ -23,6 +23,7 @@ require 'bundler/cli'
23
23
  require 'bundler/cli/update'
24
24
  require 'bundler/audit/cli'
25
25
  require 'bundler/audit/database'
26
+ require 'fileutils'
26
27
 
27
28
  module Bundler
28
29
  module Audit
@@ -75,7 +76,17 @@ module Bundler
75
76
  patcher = Patcher.new(dir, report, options[:gemfile_lock], options[:config])
76
77
  gems_to_update = patcher.patch
77
78
 
79
+ current_lockfile = StringIO.new(File.read(options[:gemfile_lock]))
78
80
  Bundler::CLI::Update.new({ gemfile: gemfile_path }, gems_to_update).run
81
+ updated_lockfile = StringIO.new(File.read(options[:gemfile_lock]))
82
+
83
+ if FileUtils.compare_stream(current_lockfile, updated_lockfile)
84
+ say 'All of the targets are staying in the same version for dependency reasons. Please resolve them manually.',
85
+ :yellow
86
+ exit 1
87
+ end
88
+
89
+ exit 0
79
90
  rescue Bundler::GemfileNotFound, Bundler::GemfileLockNotFound => e
80
91
  say e.message, :red
81
92
  exit 1
data/lib/bundler/audit/fix/version.rb CHANGED
@@ -20,7 +20,7 @@
20
20
  module Bundler
21
21
  module Audit
22
22
  module Fix
23
- VERSION = '0.1.3'
23
+ VERSION = '0.2.0'
24
24
  end
25
25
  end
26
26
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bundler-audit-fix
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.3
4
+ version: 0.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Nobuo Takizawa
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-12-23 00:00:00.000000000 Z
11
+ date: 2022-01-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -106,7 +106,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
106
106
  - !ruby/object:Gem::Version
107
107
  version: '0'
108
108
  requirements: []
109
- rubygems_version: 3.2.15
109
+ rubygems_version: 3.2.22
110
110
  signing_key:
111
111
  specification_version: 4
112
112
  summary: Automatic apply security update inspected by bundler-audit.