bundler-dependencies 0.5.1 → 0.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c16e60328617e09d591746dda98147960439c09872d72f19c190cfd9db7dc507
-  data.tar.gz: f47346858b2f17ce75367442716e57d954a858bd7bb5e41d7021b1086b4e6ea6
+  metadata.gz: f91f1a9abc52789ce91922327bb0841e54baad990a27d62227cf8a09b02b84f9
+  data.tar.gz: e6e2e5dd7229e2c24f06512086f646b96122706362489d358f6f6f971cd224d9
 SHA512:
-  metadata.gz: '09d8abbe0cf1bc3bec621640976db86f8ce8a9b7cb1e15cfa6ea8b28721249e66f5145de0c09438cd2a556ffe232fc038cb5d9dbe79748c97a79c9ac36efc990'
-  data.tar.gz: 01bb7b0342df912eb034bb583e5abac4c487ed60a98ea94b491ad22e8bb4c950f4a23d7768ec7b6b7139f578b6b028011423b2328cf2430f0fc8443864c075fa
+  metadata.gz: 5465ca3807463f565fedb2e33f776203d2fc71e94428656542c88e5f665f5c82270d31980ba7811740f5f12b70f9376e9ef421ad1411816044057451c974780c
+  data.tar.gz: 9197f27c934b71de5d360f8a0cd42972b20a98c0cab06a23a36a564be88abb48b10be3422d509111f599eeb804cd887b746894b22846b36eec2f3d06e9fe88c1

data/.rubocop.yml

@@ -27,4 +27,5 @@ Style/NumericPredicate:
 
 Style/MethodCallWithArgsParentheses:
   IgnoredMethods:
+    - and
     - method_option

data/CHANGES.md

@@ -1,9 +1,23 @@
 # CHANGELOG
 
-## 0.5.1 (2019-11-18)
-* Fix crash when called without a path argument
-* Fix gemspec not setting up executables properly
+## 0.6.0 (2019-11-18)
 
-## 0.5.0 (2019-11-18)
+### New features
+* Add `find` command to find all gems in the Gemfile which depend on a given gem.
+
+### Bug fixes
+* Fix crash when calling `bundle dependencies graph` with a gem that isn't in the bundle.
+
+### Changes
+* Handle invoking a command with help as the first argument (show the command's help).
+* Add global `--no-color` switch to disable colorizing output.
+
+## 0.5.1
+
+### Bug fixes
+* Fix crash when called without a path argument.
+* Fix gemspec not setting up executables properly.
+
+## 0.5.0
 
 Initial version

data/README.md

@@ -1,9 +1,14 @@
 # Bundler::Dependencies
 
 [![Build Status](https://travis-ci.org/dvandersluis/bundler-dependencies.svg?branch=master)](https://travis-ci.org/dvandersluis/bundler-dependencies)
+[![Gem Version](https://badge.fury.io/rb/bundler-dependencies.svg)](https://badge.fury.io/rb/bundler-dependencies)
 
 Bundler plugin to inspect dependencies of gems used by your project.
 
+A project's `Gemfile.lock` shows some basic information about what gems are directly depended on by other gems, but this extension takes it a step further and enumerates the entire dependency tree of each gem being depended on. For instance, `rails` has 12 direct dependencies, but altogether installs **40** gems.
+
+Each dependency is a potential point of failure, vulnerability, maintenance and *complexity* for a project, so the goal of `bundle dependencies` is to shed some light on what's being installed by what. This shouldn't stop you from installing gems that are useful to your project, but to be able to make an educated decision if a gem with 25 dependencies is a worthy tradeoff, for example.  
+
 ## Commands
 
 ### Count
@@ -14,6 +19,20 @@ Check how many dependencies each gem in the Gemfile has (use the `--minimum N` s
 bundle dependencies [count] [--minimum N] 
 ```
 
+### Find
+
+Find all the gems in the Gemfile that depend on a given gem (either directly or indirectly), as well as all the dependency paths for that gem:
+
+```sh
+bundle dependencies find GEM
+```
+
+Get just the number of dependent gems:
+
+```sh
+bundle dependencies find GEM --quiet
+```
+
 ### Graph
 
 See a graph of all dependencies:
@@ -32,6 +51,11 @@ bundle dependencies graph GEMNAME
 * `--without foo bar baz`/`-W foo bar baz`: Exclude the listed gems from the scan. Any uses either directly in your Gemfile or as dependencies will be excluded, and not be counted.
 * `--without-rails`/`-R`: Quick option to exclude all 1st party Rails gems from the scan.
 
+### Getting Help
+
+* `bundle dependencies help` to get an overview of all commands.
+* `bundle dependencies help COMMAND` to get help for a specific command.
+
 ## Development
 
 After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.

data/bundler-dependencies.gemspec

@@ -15,7 +15,7 @@ Gem::Specification.new do |spec|
   # Prevent pushing this gem to RubyGems.org. To allow pushes either set the 'allowed_push_host'
   # to allow pushing to a single host or delete this section to allow pushing to any host.
   if spec.respond_to?(:metadata)
-    spec.metadata['allowed_push_host'] = "https://rubygems.org"
+    spec.metadata['allowed_push_host'] = 'https://rubygems.org'
 
     spec.metadata['homepage_uri'] = spec.homepage
     spec.metadata['source_code_uri'] = spec.homepage
@@ -31,7 +31,7 @@ Gem::Specification.new do |spec|
     `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
   end
 
-  glob = lambda { |patterns| spec.files & Dir[*patterns] }
+  glob = -> (patterns) { spec.files & Dir[*patterns] }
   spec.executables = glob['bin/bundle*'].map { |path| File.basename(path) }
   spec.default_executable = spec.executables.first if Gem::VERSION < '1.7.'
 
@@ -43,6 +43,4 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency 'pry', '~> 0.12.2'
   spec.add_development_dependency 'rake', '~> 10.0'
   spec.add_development_dependency 'rspec', '~> 3.0'
-  spec.add_development_dependency 'rubocop', '~> 0.76.0'
-  spec.add_development_dependency 'rubocop-rspec', '~> 1.36.0'
 end

data/lib/bundler/dependencies.rb

@@ -9,10 +9,13 @@ require 'bundler/dependencies/spec'
 require 'bundler/dependencies/visitor'
 
 require 'bundler/dependencies/cli/command'
+require 'bundler/dependencies/cli/with_gem'
 require 'bundler/dependencies/cli/count'
+require 'bundler/dependencies/cli/find'
 require 'bundler/dependencies/cli/graph'
 
 require 'bundler/dependencies/visitors/shell_tree'
+require 'bundler/dependencies/visitors/paths'
 
 module Bundler
   module Dependencies

data/lib/bundler/dependencies/cli.rb

@@ -11,29 +11,44 @@ module Bundler
         method_option :path, type: :string, desc: 'Path to Gemfile.lock to scan'
         method_option :without, type: :array, desc: 'Gems to ignore', aliases: ['-W']
         method_option :without_rails, type: :boolean, default: false, desc: 'Ignore all Rails gems', aliases: ['-R']
+        method_option :color, type: :boolean, default: true, desc: 'Colorize output'
       end
 
       default_task :count
       map '--version' => :version
 
-      desc 'count', 'Checks for gems that install too many dependencies'
+      desc 'version', 'Prints the bundler-dependencies version'
+      def version
+        puts "#{File.basename($PROGRAM_NAME)} #{VERSION}"
+      end
+
+      desc 'count', 'Count the number of dependencies each gem in the bundle relies on, recursively'
       shared_options
       method_option :minimum, type: :numeric, desc: 'Report only gems with a minimum N dependencies', aliases: ['-m'], default: 0
 
-      def count
+      def count(*args)
+        return help(:count) if args.first == 'help'
+
         Count.new(options).output
       end
 
-      desc 'graph [GEM]', 'Outputs a dependency graph'
+      desc 'graph [GEM]', 'Output a graph of dependencies, for all gems in the bundle or a specific gem'
       shared_options
 
       def graph(gem = nil)
+        return help(:graph) if gem == 'help'
+
         Graph.new(gem, options).output
       end
 
-      desc 'version', 'Prints the bundler-dependencies version'
-      def version
-        puts "#{File.basename($PROGRAM_NAME)} #{VERSION}"
+      desc 'find [GEM]', 'Output gems in the bundle that depend on GEM'
+      shared_options
+      method_option :quiet, type: :boolean, default: false, desc: 'Show only the number of gems and no other output', aliases: ['-q']
+
+      def find(gem = nil)
+        return help(:find) if gem.nil? || gem == 'help'
+
+        Find.new(gem, options).output
       end
     end
   end

data/lib/bundler/dependencies/cli/command.rb

@@ -9,6 +9,7 @@ module Bundler
 
         def initialize(options)
           @options = options
+          self.shell = Thor::Shell::Basic.new unless options.color?
         end
 
         no_commands do
@@ -34,14 +35,21 @@ module Bundler
         def path
           return options.path if valid_gemfile?(options.path)
 
-          SharedHelpers.chdir(File.dirname(options.path)) if options.path
+          dir = path_dir(options.path)
+          SharedHelpers.chdir(dir) if dir
           SharedHelpers.default_lockfile
         end
 
+        def path_dir(path)
+          return nil unless path
+
+          Dir.exist?(options.path) ? options.path : File.dirname(options.path)
+        end
+
         def valid_gemfile?(path)
           return false unless path && File.exist?(path)
 
-          %w(Gemfile.lock gems.locked).include?(File.basename(path))
+          File.basename(path).end_with?('.lock', '.locked')
         end
 
         def without
@@ -50,12 +58,17 @@ module Bundler
           end
         end
 
+        def gems
+          @gems ||= graph.without(*without)
+        end
+
         def warn(message)
           say(message, %i(bold yellow))
         end
 
         def error(message)
-          say(message, %i(bold red))
+          message = shell.send(:prepare_message, message, :red, :bold)
+          super(message)
         end
       end
     end

data/lib/bundler/dependencies/cli/count.rb

@@ -11,7 +11,7 @@ module Bundler
         end
 
         def counts
-          @counts ||= graph.without(*without).counts(min: options.minimum)
+          @counts ||= gems.counts(min: options.minimum)
         end
 
         def warnings

data/lib/bundler/dependencies/cli/find.rb

@@ -0,0 +1,44 @@
+module Bundler
+  module Dependencies
+    class CLI < ::Thor
+      class Find < Command
+        include WithGem
+
+      private
+
+        def to_s
+          if dependents.empty?
+            error("No gems in the bundle depend on #{gem}.")
+            exit(1)
+          end
+
+          banner
+          paths unless options.quiet
+        end
+
+        def dependents
+          Bundler::Dependencies::Visitors::Paths.new.walk(gems, gem).each_with_object({}) do |path, acc|
+            acc[path.first] ||= []
+            acc[path.first] << path.join(' → ')
+          end
+        end
+
+        def paths
+          dependents.each do |gem, paths|
+            puts
+            say(gem, %i(bold))
+            paths.each { |p| say "  * #{p}" }
+          end
+        end
+
+        def banner
+          if options.quiet?
+            puts dependents.count
+          else
+            say("#{dependents.count} gems depend on #{gem}:", :bold)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/bundler/dependencies/cli/graph.rb

@@ -2,21 +2,21 @@ module Bundler
   module Dependencies
     class CLI < ::Thor
       class Graph < Command
-        def initialize(gem, options)
-          @gem = gem
-          super(options)
-        end
+        include CLI::WithGem
 
       private
 
-        attr_reader :gem
-
         def to_s
-          Visitors::ShellTree.new.walk(graph.without(*without), shell)
+          if gems.empty?
+            error("#{gem} is not present in your bundle.")
+            exit(1)
+          end
+
+          Visitors::ShellTree.new.walk(gems, shell)
         end
 
         def graph
-          gem ? Bundler::Dependencies::Graph.new(specs: [Spec.find(gem)]) : super
+          gem ? Bundler::Dependencies::Graph.new(specs: [super.find(gem)]) : super
         end
       end
     end

data/lib/bundler/dependencies/cli/with_gem.rb

@@ -0,0 +1,16 @@
+module Bundler
+  module Dependencies
+    class CLI < ::Thor
+      module WithGem
+        def initialize(gem, options)
+          @gem = gem
+          super(options)
+        end
+
+      private
+
+        attr_reader :gem
+      end
+    end
+  end
+end

data/lib/bundler/dependencies/graph.rb

@@ -9,7 +9,7 @@ module Bundler
         if lockfile
           load_lockfile
         else
-          @specs = specs
+          @specs = specs.compact
         end
       end
 
@@ -26,6 +26,10 @@ module Bundler
         gems.each(&block)
       end
 
+      def find(gem)
+        include_dependency?(gem) ? Spec.find(gem) : nil
+      end
+
       def counts(min: 0)
         @counts ||= map do |gem|
           count = gem.dependency_count
@@ -49,7 +53,7 @@ module Bundler
 
       def include_dependency?(gem)
         gem = Spec.new(gem) unless gem.is_a?(Spec)
-        include?(gem) || any? { |spec| spec.dependencies.include_dependency?(gem) }
+        include?(gem) || any? { |spec| spec.include_dependency?(gem) }
       end
 
       def without(*gems)

data/lib/bundler/dependencies/spec.rb

@@ -23,6 +23,10 @@ module Bundler
         SPECS[name] = self
       end
 
+      def include_dependency?(gem)
+        dependencies.include_dependency?(gem)
+      end
+
       def flatten
         dependencies.inject([]) do |arr, dependency|
           arr << dependency

data/lib/bundler/dependencies/version.rb

@@ -1,5 +1,5 @@
 module Bundler
   module Dependencies
-    VERSION = '0.5.1'.freeze
+    VERSION = '0.6.0'.freeze
   end
 end

data/lib/bundler/dependencies/visitors/paths.rb

@@ -0,0 +1,19 @@
+module Bundler
+  module Dependencies
+    module Visitors
+      class Paths
+        def walk(graph, name, acc = [], key = [])
+          graph.each do |gem|
+            next unless gem.include_dependency?(name)
+
+            new_key = key.dup.push(gem.name)
+            walk(gem.dependencies, name, acc, new_key)
+            acc << (new_key << name) if gem.dependencies.include?(name)
+          end
+
+          acc
+        end
+      end
+    end
+  end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: bundler-dependencies
 version: !ruby/object:Gem::Version
-  version: 0.5.1
+  version: 0.6.0
 platform: ruby
 authors:
 - Daniel Vandersluis
@@ -80,34 +80,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '3.0'
-- !ruby/object:Gem::Dependency
-  name: rubocop
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 0.76.0
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 0.76.0
-- !ruby/object:Gem::Dependency
-  name: rubocop-rspec
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 1.36.0
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 1.36.0
 description: 
 email:
 - daniel.vandersluis@gmail.com
@@ -136,12 +108,15 @@ files:
 - lib/bundler/dependencies/cli.rb
 - lib/bundler/dependencies/cli/command.rb
 - lib/bundler/dependencies/cli/count.rb
+- lib/bundler/dependencies/cli/find.rb
 - lib/bundler/dependencies/cli/graph.rb
+- lib/bundler/dependencies/cli/with_gem.rb
 - lib/bundler/dependencies/graph.rb
 - lib/bundler/dependencies/scanner.rb
 - lib/bundler/dependencies/spec.rb
 - lib/bundler/dependencies/version.rb
 - lib/bundler/dependencies/visitor.rb
+- lib/bundler/dependencies/visitors/paths.rb
 - lib/bundler/dependencies/visitors/shell_tree.rb
 homepage: https://github.com/dvandersluis/bundler-dependencies
 licenses:
@@ -166,7 +141,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.0.6
 signing_key: 
 specification_version: 4
 summary: Find gems in your Gemfile with too many dependencies